last executing test programs: 36.940229758s ago: executing program 4 (id=1405): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b70300000009000085000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = socket$inet(0x2, 0x2, 0x1) bind$inet(r4, &(0x7f0000002680)={0x2, 0x0, @local}, 0x10) sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="08001efbb07d586e", 0x4788}], 0x1}, 0x0) 16.436893981s ago: executing program 3 (id=1463): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast2}}}, 0x108) getsockopt$inet_buf(r0, 0x0, 0x30, 0x0, &(0x7f0000000180)) 15.978324037s ago: executing program 3 (id=1465): rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$kcm(0xa, 0x0, 0x87) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780)={0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6400000019000101000080f2ffffffff1c0109004d000f807ab700000000000000aae2b1b9084471217fd4a0e1f76282a673690d7287a6a48bd9f905e2980f070008003cf04bd4c9d792cc06200a2a71e774b60ab9f7793a346265607c6bac2c0b000000"], 0x64}}, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=ANY=[@ANYBLOB="400000001900010000000000000000001d010900294f238a5eb700000000000000aab9085c71217fd4a0e1f76282a673690d7287a6a48bd9f9e19b059cc32c169f97b5258ed1a2d29e1fc9e1a680000000f600000000000000000000000000000000054b0ccbe40209a00fa6740217dbf694f2711040dd846b20711399e1ef6eb7561effe590c682104e0a04b3034de802011a86102ad52d8cf217954045a1e84481ea9fa891803b76202dfb"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000024c0)) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002440)={&(0x7f0000002640)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="00002cbd7000fcdbdf25060000000c00990003000000030000001400178004000600040001000400020095fc04001c00e70066d58b639774132fd918634ce3cb97ae54063c4efe908c150a00e80008021100000000000a00e80008021100000000000000e700c8a49680d4e3eb11d519b96bc6552fed04bf2a81a831c7f40500530000000000050053000100"], 0x8c}, 0x1, 0x0, 0x0, 0x2840}, 0xe6ec6e03e24e004e) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000100)={{r4}, 0x0, 0x1a, @unused=[0x84, 0x5, 0x81, 0x7], @devid}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) syz_open_dev$vcsn(&(0x7f00000025c0), 0x0, 0x1034c0) io_submit(r6, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r5, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r2, 0x3, r0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x5, &(0x7f0000000280)=[{0x7, 0x3, 0xff}, {0x7, 0x2, 0x5, 0x3}, {0x1, 0x3, 0x4, 0xffffffff}, {0x1, 0x29, 0x3, 0x3c}, {0x201e, 0x6, 0x0, 0x1007}]}) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000) openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x80402) write$binfmt_elf64(r7, &(0x7f0000019680)=ANY=[@ANYBLOB="7f454c46000000000000000000000000020006000500000000000000000000004000000000000000000000000000f50000000038000000000000000000000000000000000023020000000000000000000000000000000000000000000000000000000000000000000000000000a8b6e136545d98c9ed204d101fe2c436acfc6d40a9a82cfdda4be4f4e882bc7ce04f834c06a98cb43d87b6ae920c1064a299b9a9a2ec99c2de5c4c1ab61977134752fd349b4e6a57a00ac90ceb1e245aa32c2caf8f37fedc36bed03c1cac11f3bcebf13fbe0463b071110000"], 0x78) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) 14.348976743s ago: executing program 3 (id=1471): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000440)={[{@nombcache}, {@abort}, {@commit={'commit', 0x3d, 0x800}}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000140)='./bus\x00') openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) mknodat$null(r0, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x103) setxattr$system_posix_acl(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000100000000000000040000000000000008000000", @ANYRES32=0xee01, @ANYBLOB="100003000006000020"], 0x2c, 0x0) 13.68201028s ago: executing program 2 (id=1473): syz_usb_connect$uac1(0x0, 0x0, 0x0, 0x0) 13.420506606s ago: executing program 3 (id=1474): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast2}}}, 0x108) getsockopt$inet_buf(r0, 0x0, 0x30, 0x0, &(0x7f0000000180)) 12.801123505s ago: executing program 3 (id=1476): timer_create(0x3, 0x0, &(0x7f0000000040)) timer_gettime(0x0, &(0x7f0000000400)) 12.665179469s ago: executing program 2 (id=1477): syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "8500000200082800"}) write$evdev(0xffffffffffffffff, 0x0, 0x0) 12.381194534s ago: executing program 3 (id=1479): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b70300000009000085000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) r4 = socket$inet(0x2, 0x2, 0x1) bind$inet(r4, &(0x7f0000002680)={0x2, 0x0, @local}, 0x10) sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000040)="08001efbb07d586e", 0x4788}], 0x1}, 0x0) 12.07934565s ago: executing program 2 (id=1480): rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$kcm(0xa, 0x0, 0x87) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780)={0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6400000019000101000080f2ffffffff1c0109004d000f807ab700000000000000aae2b1b9084471217fd4a0e1f76282a673690d7287a6a48bd9f905e2980f070008003cf04bd4c9d792cc06200a2a71e774b60ab9f7793a346265607c6bac2c0b000000"], 0x64}}, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=ANY=[@ANYBLOB="400000001900010000000000000000001d010900294f238a5eb700000000000000aab9085c71217fd4a0e1f76282a673690d7287a6a48bd9f9e19b059cc32c169f97b5258ed1a2d29e1fc9e1a680000000f600000000000000000000000000000000054b0ccbe40209a00fa6740217dbf694f2711040dd846b20711399e1ef6eb7561effe590c682104e0a04b3034de802011a86102ad52d8cf217954045a1e84481ea9fa891803b76202dfb"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000024c0)) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002440)={&(0x7f0000002640)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="00002cbd7000fcdbdf25060000000c00990003000000030000001400178004000600040001000400020095fc04001c00e70066d58b639774132fd918634ce3cb97ae54063c4efe908c150a00e80008021100000000000a00e80008021100000000000000e700c8a49680d4e3eb11d519b96bc6552fed04bf2a81a831c7f40500530000000000050053000100"], 0x8c}, 0x1, 0x0, 0x0, 0x2840}, 0xe6ec6e03e24e004e) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000100)={{r4}, 0x0, 0x1a, @unused=[0x84, 0x5, 0x81, 0x7], @devid}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) syz_open_dev$vcsn(&(0x7f00000025c0), 0x0, 0x1034c0) io_submit(r6, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r5, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r2, 0x3, r0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x5, &(0x7f0000000280)=[{0x7, 0x3, 0xff}, {0x7, 0x2, 0x5, 0x3}, {0x1, 0x3, 0x4, 0xffffffff}, {0x1, 0x29, 0x3, 0x3c}, {0x201e, 0x6, 0x0, 0x1007}]}) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000) openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x80402) write$binfmt_elf64(r7, &(0x7f0000019680)=ANY=[@ANYBLOB="7f454c46000000000000000000000000020006000500000000000000000000004000000000000000000000000000f50000000038000000000000000000000000000000000023020000000000000000000000000000000000000000000000000000000000000000000000000000a8b6e136545d98c9ed204d101fe2c436acfc6d40a9a82cfdda4be4f4e882bc7ce04f834c06a98cb43d87b6ae920c1064a299b9a9a2ec99c2de5c4c1ab61977134752fd349b4e6a57a00ac90ceb1e245aa32c2caf8f37fedc36bed03c1cac11f3bcebf13fbe0463b071110000"], 0x78) prlimit64(0x0, 0xe, &(0x7f0000000140), 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) 10.489826766s ago: executing program 2 (id=1484): r0 = syz_io_uring_setup(0x1e56, &(0x7f0000000240)={0x0, 0x4de2, 0x400, 0x0, 0x3de}, &(0x7f0000000300), &(0x7f0000000340)) io_uring_setup(0x497c, &(0x7f0000000380)={0x0, 0x1, 0x0, 0x2, 0x75, 0x0, r0}) r1 = syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0xf471, 0x10, 0x3}, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) pwritev2(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000bc0)={0x3, 0x0, [{0x0, 0x39, &(0x7f00000002c0)=""/57}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x50}}, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1}) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f00000001c0)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='bridge0\x00') syz_emit_ethernet(0xfc0, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd609888bb0f"], 0x0) 9.053879485s ago: executing program 2 (id=1488): syz_emit_vhci(0x0, 0x5) r0 = socket$inet6(0xa, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600707, 0x14) mknod(0x0, 0x8001420, 0x0) syz_io_uring_setup(0x0, 0x0, &(0x7f0000000180), 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) read$FUSE(0xffffffffffffffff, &(0x7f0000004dc0)={0x2020}, 0x2020) socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x0, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000280)) sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000002c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000100)={0x20}, 0xfdef) 6.772803868s ago: executing program 2 (id=1494): bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000580)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000)) r3 = fanotify_init(0x200, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0) fanotify_mark(r3, 0x101, 0x4000086e, r4, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r5, &(0x7f0000000200)='./bus\x00', 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) renameat2(r5, &(0x7f0000000080)='./bus\x00', r6, &(0x7f0000001240)='./file0\x00', 0x0) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) r10 = dup(r9) ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000580001c0"]) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x5452, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) bind$inet(0xffffffffffffffff, 0x0, 0x0) 6.098455266s ago: executing program 0 (id=1496): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @multicast2}}}, 0x108) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000000340)=""/225, 0x0) 5.516669264s ago: executing program 0 (id=1497): r0 = syz_io_uring_setup(0x1e56, &(0x7f0000000240)={0x0, 0x4de2, 0x400, 0x0, 0x3de}, &(0x7f0000000300), &(0x7f0000000340)) io_uring_setup(0x497c, &(0x7f0000000380)={0x0, 0x1, 0x0, 0x2, 0x75, 0x0, r0}) r1 = syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0xf471, 0x10, 0x3}, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) pwritev2(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000bc0)={0x3, 0x0, [{0x0, 0x39, &(0x7f00000002c0)=""/57}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x50}}, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='bridge0\x00') syz_emit_ethernet(0xfc0, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd609888bb0f"], 0x0) 5.016999509s ago: executing program 0 (id=1499): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) 4.901268545s ago: executing program 1 (id=1500): r0 = dup(0xffffffffffffffff) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "8500000200082800"}) write$evdev(r0, 0x0, 0x0) 4.376974769s ago: executing program 1 (id=1501): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000004580)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0) 3.780811734s ago: executing program 1 (id=1502): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00'}) r0 = socket$isdn_base(0x22, 0x3, 0x0) ioctl(r0, 0x8b32, &(0x7f0000000040)) 3.352214608s ago: executing program 4 (id=1433): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 3.191300141s ago: executing program 1 (id=1503): capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)) r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) 2.828891032s ago: executing program 4 (id=1504): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000140)={0x10}) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) 2.13623092s ago: executing program 1 (id=1505): rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) socket$kcm(0xa, 0x0, 0x87) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000003c0)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, &(0x7f0000000180)={r1}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000002780)={0x0}) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="6400000019000101000080f2ffffffff1c0109004d000f807ab700000000000000aae2b1b9084471217fd4a0e1f76282a673690d7287a6a48bd9f905e2980f070008003cf04bd4c9d792cc06200a2a71e774b60ab9f7793a346265607c6bac2c0b000000"], 0x64}}, 0x0) r4 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001100)=ANY=[@ANYBLOB="400000001900010000000000000000001d010900294f238a5eb700000000000000aab9085c71217fd4a0e1f76282a673690d7287a6a48bd9f9e19b059cc32c169f97b5258ed1a2d29e1fc9e1a680000000f600000000000000000000000000000000054b0ccbe40209a00fa6740217dbf694f2711040dd846b20711399e1ef6eb7561effe590c682104e0a04b3034de802011a86102ad52d8cf217954045a1e84481ea9fa891803b76202dfb"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000024c0)) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000002340)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002440)={&(0x7f0000002640)=ANY=[@ANYBLOB="8c000000", @ANYRES16=0x0, @ANYBLOB="00002cbd7000fcdbdf25060000000c00990003000000030000001400178004000600040001000400020095fc04001c00e70066d58b639774132fd918634ce3cb97ae54063c4efe908c150a00e80008021100000000000a00e80008021100000000000000e700c8a49680d4e3eb11d519b96bc6552fed04bf2a81a831c7f40500530000000000050053000100"], 0x8c}, 0x1, 0x0, 0x0, 0x2840}, 0xe6ec6e03e24e004e) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000100)={{r4}, 0x0, 0x1a, @unused=[0x84, 0x5, 0x81, 0x7], @devid}) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000380), 0x4000000044882, 0x0) io_setup(0x1, &(0x7f00000004c0)=0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c) syz_open_dev$vcsn(&(0x7f00000025c0), 0x0, 0x1034c0) io_submit(r6, 0xca, &(0x7f00000000c0)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r5, &(0x7f0000000000)="98", 0x3e8000072a, 0x1000000, 0x0, 0x10}]) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000080)={r2, 0x3, r0}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x5, &(0x7f0000000280)=[{0x7, 0x3, 0xff}, {0x7, 0x2, 0x5, 0x3}, {0x1, 0x3, 0x4, 0xffffffff}, {0x1, 0x29, 0x3, 0x3c}, {0x201e, 0x6, 0x0, 0x1007}]}) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000) openat$mice(0xffffffffffffff9c, &(0x7f00000000c0), 0x0) r7 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x80402) write$binfmt_elf64(r7, &(0x7f0000019680)=ANY=[@ANYBLOB="7f454c46000000000000000000000000020006000500000000000000000000004000000000000000000000000000f50000000038000000000000000000000000000000000023020000000000000000000000000000000000000000000000000000000000000000000000000000a8b6e136545d98c9ed204d101fe2c436acfc6d40a9a82cfdda4be4f4e882bc7ce04f834c06a98cb43d87b6ae920c1064a299b9a9a2ec99c2de5c4c1ab61977134752fd349b4e6a57a00ac90ceb1e245aa32c2caf8f37fedc36bed03c1cac11f3bcebf13fbe0463b07111000000"], 0x78) prlimit64(0x0, 0x0, &(0x7f0000000140), 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) 1.949152741s ago: executing program 4 (id=1507): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000440)={[{@nombcache}, {@abort}, {@commit={'commit', 0x3d, 0x800}}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy") mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) r0 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) chdir(&(0x7f0000000140)='./bus\x00') openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) mknodat$null(r0, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x103) setxattr$system_posix_acl(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000100000000000000040000000000000008000000", @ANYRES32=0xee01, @ANYBLOB="100003000006000020"], 0x2c, 0x0) 1.743019313s ago: executing program 0 (id=1508): r0 = syz_io_uring_setup(0x1e56, &(0x7f0000000240)={0x0, 0x4de2, 0x400, 0x0, 0x3de}, &(0x7f0000000300), &(0x7f0000000340)) io_uring_setup(0x497c, &(0x7f0000000380)={0x0, 0x1, 0x0, 0x2, 0x75, 0x0, r0}) r1 = syz_io_uring_setup(0x0, &(0x7f0000000400)={0x0, 0xf471, 0x10, 0x3}, 0x0, 0x0) r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0) pwritev2(r1, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000bc0)={0x3, 0x0, [{0x0, 0x39, &(0x7f00000002c0)=""/57}, {0x0, 0x0, 0x0}, {0x0, 0x0, 0x0}]}) sendmsg$key(0xffffffffffffffff, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x50}}, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000040)={@my=0x1}) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000000)='bridge0\x00') syz_emit_ethernet(0xfc0, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaa0086dd609888bb0f"], 0x0) 1.01572628s ago: executing program 4 (id=1509): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=@newlink={0x3c, 0x10, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5}]}}}]}, 0x3c}}, 0x0) 937.702042ms ago: executing program 0 (id=1510): r0 = dup(0xffffffffffffffff) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "8500000200082800"}) write$evdev(r0, 0x0, 0x0) 659.688462ms ago: executing program 1 (id=1511): mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000004580)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000280)='./file0\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(0x0, 0x0) renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0) 214.670143ms ago: executing program 0 (id=1512): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x74, 0x30, 0xb, 0x0, 0x0, {}, [{0x60, 0x1, [@m_ct={0x5c, 0x1, 0x0, 0x0, {{0x7}, {0x34, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @remote}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @private}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 0s ago: executing program 4 (id=1513): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c", 0xc}], 0x1}, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00'}) r0 = socket$isdn_base(0x22, 0x3, 0x0) ioctl(r0, 0x8b32, &(0x7f0000000040)) kernel console output (not intermixed with test programs): 9.540731][ T8] usblp0: removed [ 459.542087][ T8041] loop2: detected capacity change from 0 to 1024 [ 459.581536][ T7073] bridge_slave_0: left allmulticast mode [ 459.589442][ T7073] bridge_slave_0: left promiscuous mode [ 459.595438][ T8041] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 459.607129][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state [ 459.883532][ T5187] Bluetooth: hci4: command tx timeout [ 460.192113][ T7073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 460.242873][ T7073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 460.268027][ T7073] bond0 (unregistering): Released all slaves [ 460.304297][ T8] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 460.529570][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 460.561458][ T8] usb 2-1: config index 0 descriptor too short (expected 29220, got 36) [ 460.570333][ T8] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 460.579761][ T8] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 460.589241][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 460.604048][ T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 460.615790][ T8] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 460.629249][ T8] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 460.638682][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 460.681620][ T8] usb 2-1: config 0 descriptor?? [ 460.762463][ T8050] netlink: 72 bytes leftover after parsing attributes in process `syz.2.918'. [ 460.794813][ T8051] netlink: 44 bytes leftover after parsing attributes in process `syz.2.918'. [ 460.824637][ T8011] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 460.980168][ T8] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 15 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 461.028463][ T8011] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 461.403565][ T5187] Bluetooth: hci6: command tx timeout [ 461.579994][ T8011] team0: Port device team_slave_0 added [ 461.652757][ T7073] hsr_slave_0: left promiscuous mode [ 461.676667][ T7073] hsr_slave_1: left promiscuous mode [ 461.690656][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.698645][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 461.740612][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 461.740663][ T5235] usb 2-1: USB disconnect, device number 15 [ 461.754391][ T5235] usblp0: removed [ 461.758408][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 461.845198][ T7073] veth1_macvtap: left promiscuous mode [ 461.851074][ T7073] veth0_macvtap: left promiscuous mode [ 461.857180][ T7073] veth1_vlan: left promiscuous mode [ 461.862687][ T7073] veth0_vlan: left promiscuous mode [ 461.963464][ T5187] Bluetooth: hci4: command tx timeout [ 462.818126][ T8059] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 463.190436][ T7073] team0 (unregistering): Port device team_slave_1 removed [ 463.220194][ T7073] team0 (unregistering): Port device team_slave_0 removed [ 463.391369][ T8011] team0: Port device team_slave_1 added [ 463.477841][ T8011] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 463.485376][ T8011] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.511845][ T8011] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 463.524816][ T5187] Bluetooth: hci6: command tx timeout [ 463.866085][ T8011] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 463.875790][ T8011] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.903418][ T8011] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 464.048235][ T5187] Bluetooth: hci4: command tx timeout [ 464.102264][ T8029] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.110227][ T8029] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.118330][ T8029] bridge_slave_0: entered allmulticast mode [ 464.127535][ T8029] bridge_slave_0: entered promiscuous mode [ 464.298079][ T8029] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.309890][ T8029] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.319909][ T8029] bridge_slave_1: entered allmulticast mode [ 464.332489][ T8029] bridge_slave_1: entered promiscuous mode [ 464.532202][ T8011] hsr_slave_0: entered promiscuous mode [ 464.602693][ T8011] hsr_slave_1: entered promiscuous mode [ 464.641826][ T8011] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 464.650304][ T8011] Cannot create hsr debugfs directory [ 464.878875][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.880812][ T8029] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 464.885598][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.013803][ T8029] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 465.087157][ T7073] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.298703][ T7073] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.472067][ T7073] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.519936][ T8029] team0: Port device team_slave_0 added [ 465.563388][ T8029] team0: Port device team_slave_1 added [ 465.593771][ T5187] Bluetooth: hci6: command tx timeout [ 465.644682][ T7073] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.677230][ T8081] netlink: 72 bytes leftover after parsing attributes in process `syz.1.928'. [ 465.877208][ T8082] netlink: 44 bytes leftover after parsing attributes in process `syz.1.928'. [ 465.981342][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 465.988774][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.015234][ T8029] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 466.347968][ T8029] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 466.355308][ T8029] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.382090][ T8029] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 466.922570][ T7073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 467.019325][ T7073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 467.067300][ T7073] bond0 (unregistering): Released all slaves [ 467.630303][ T8087] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 467.886788][ T8029] hsr_slave_0: entered promiscuous mode [ 467.935292][ T8029] hsr_slave_1: entered promiscuous mode [ 467.955597][ T8029] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 467.964361][ T8029] Cannot create hsr debugfs directory [ 468.164196][ T5263] usb 3-1: new high-speed USB device number 21 using dummy_hcd [ 468.316711][ T7073] hsr_slave_0: left promiscuous mode [ 468.338979][ T7073] hsr_slave_1: left promiscuous mode [ 468.370757][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 468.380524][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 468.398672][ T5263] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 468.409392][ T5263] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 468.435265][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 468.443299][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 468.475134][ T5263] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 468.485750][ T5263] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 468.494485][ T5263] usb 3-1: SerialNumber: syz [ 468.522185][ T7073] veth1_macvtap: left promiscuous mode [ 468.528374][ T7073] veth0_macvtap: left promiscuous mode [ 468.534537][ T7073] veth1_vlan: left promiscuous mode [ 468.540248][ T7073] veth0_vlan: left promiscuous mode [ 469.255555][ T7073] team0 (unregistering): Port device team_slave_1 removed [ 469.361716][ T7073] team0 (unregistering): Port device team_slave_0 removed [ 469.863449][ T8011] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 469.985699][ T8011] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 470.068015][ T8011] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 470.144360][ T8011] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 470.688532][ T8112] loop1: detected capacity change from 0 to 512 [ 470.772747][ T8112] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 470.786278][ T8112] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 471.033613][ T10] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 471.249045][ T8029] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 471.294716][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 471.299912][ T8029] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 471.314371][ T10] usb 1-1: config 0 has an invalid interface number: 107 but max is 0 [ 471.322981][ T10] usb 1-1: config 0 has no interface number 0 [ 471.329766][ T10] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 471.342101][ T10] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 471.377171][ T8112] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.937: corrupted inode contents [ 471.378695][ T8029] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 471.422108][ T10] usb 1-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 471.432505][ T10] usb 1-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 471.440349][ T8029] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 471.440935][ T10] usb 1-1: Product: syz [ 471.457490][ T10] usb 1-1: Manufacturer: syz [ 471.462331][ T10] usb 1-1: SerialNumber: syz [ 471.482264][ T8112] EXT4-fs error (device loop1): ext4_dirty_inode:6014: inode #2: comm syz.1.937: mark_inode_dirty error [ 471.486708][ T10] usb 1-1: config 0 descriptor?? [ 471.513988][ T8112] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.937: corrupted inode contents [ 471.555327][ T8112] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.937: mark_inode_dirty error [ 471.562947][ T10] keyspan 1-1:0.107: Keyspan 4 port adapter converter detected [ 471.575514][ T10] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 81 [ 471.585778][ T10] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 1 [ 471.624180][ T10] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 471.636429][ T10] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 2 [ 471.667695][ T10] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 471.678431][ T10] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 4 [ 471.696177][ T10] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 471.707181][ T10] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 6 [ 471.742353][ T10] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 471.781686][ T10] usb 1-1: USB disconnect, device number 23 [ 471.802601][ T8011] 8021q: adding VLAN 0 to HW filter on device bond0 [ 471.876135][ T5180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.883756][ T10] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 471.936273][ T10] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 471.980030][ T10] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 472.022241][ T10] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 472.031062][ T8011] 8021q: adding VLAN 0 to HW filter on device team0 [ 472.035215][ T10] keyspan 1-1:0.107: device disconnected [ 472.178748][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 472.186600][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 472.262611][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 472.270431][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state [ 472.518492][ T8121] netlink: 72 bytes leftover after parsing attributes in process `syz.1.939'. [ 472.576094][ T8121] netlink: 44 bytes leftover after parsing attributes in process `syz.1.939'. [ 472.824655][ T8029] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.124950][ T8029] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.208522][ T5235] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.216393][ T5235] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.333145][ T5235] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.340867][ T5235] bridge0: port 2(bridge_slave_1) entered forwarding state [ 474.051693][ T8011] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.548595][ T8131] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 474.619254][ T5235] usb 3-1: USB disconnect, device number 21 [ 474.925278][ T8011] veth0_vlan: entered promiscuous mode [ 475.044009][ T8011] veth1_vlan: entered promiscuous mode [ 475.502129][ T8011] veth0_macvtap: entered promiscuous mode [ 475.559372][ T8011] veth1_macvtap: entered promiscuous mode [ 475.637575][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.650311][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.660807][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.671724][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.681893][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.692697][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.707917][ T8011] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 475.815953][ T8029] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 475.915516][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.927485][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.937785][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.948602][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.959863][ T8011] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.972078][ T8011] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.987263][ T8011] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.197643][ T8011] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.208877][ T8011] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.218189][ T8011] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.227419][ T8011] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.664885][ T5184] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 476.690378][ T5184] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 476.700564][ T5184] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 476.735002][ T5184] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 476.755257][ T5184] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 476.764687][ T5184] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 478.025273][ T10] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 478.228345][ T8155] chnl_net:caif_netlink_parms(): no params data found [ 478.243999][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 478.288678][ T10] usb 2-1: config 0 has an invalid interface number: 107 but max is 0 [ 478.297507][ T10] usb 2-1: config 0 has no interface number 0 [ 478.303981][ T10] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 478.319663][ T10] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 478.417647][ T10] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 478.428079][ T10] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 478.437098][ T10] usb 2-1: Product: syz [ 478.441485][ T10] usb 2-1: Manufacturer: syz [ 478.447780][ T10] usb 2-1: SerialNumber: syz [ 478.495864][ T10] usb 2-1: config 0 descriptor?? [ 478.527026][ T10] keyspan 2-1:0.107: Keyspan 4 port adapter converter detected [ 478.535273][ T10] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 81 [ 478.545503][ T10] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 1 [ 478.639237][ T10] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 478.641593][ T8029] veth0_vlan: entered promiscuous mode [ 478.649811][ T10] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 2 [ 478.698974][ T8175] netlink: 72 bytes leftover after parsing attributes in process `syz.0.950'. [ 478.723359][ T10] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 478.735507][ T10] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 4 [ 478.796716][ T10] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 478.807911][ T10] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 6 [ 478.829200][ T10] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 478.844324][ T5184] Bluetooth: hci1: command tx timeout [ 478.863564][ T7073] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 478.867250][ T10] usb 2-1: USB disconnect, device number 16 [ 478.890754][ T10] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 478.918856][ T10] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 478.974322][ T10] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 478.975190][ T8175] netlink: 44 bytes leftover after parsing attributes in process `syz.0.950'. [ 479.006323][ T8029] veth1_vlan: entered promiscuous mode [ 479.047222][ T10] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 479.059109][ T10] keyspan 2-1:0.107: device disconnected [ 479.151386][ T7073] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.346727][ T7073] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.502817][ T7073] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 479.850845][ T8155] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.860635][ T8155] bridge0: port 1(bridge_slave_0) entered disabled state [ 479.868588][ T8155] bridge_slave_0: entered allmulticast mode [ 479.877771][ T8155] bridge_slave_0: entered promiscuous mode [ 479.988314][ T8029] veth0_macvtap: entered promiscuous mode [ 480.015109][ T7073] bridge_slave_1: left allmulticast mode [ 480.021041][ T7073] bridge_slave_1: left promiscuous mode [ 480.027802][ T7073] bridge0: port 2(bridge_slave_1) entered disabled state [ 480.084697][ T7073] bridge_slave_0: left allmulticast mode [ 480.090694][ T7073] bridge_slave_0: left promiscuous mode [ 480.097626][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state [ 480.923413][ T5184] Bluetooth: hci1: command tx timeout [ 480.937463][ T7073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 480.991738][ T7073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 481.046533][ T7073] bond0 (unregistering): Released all slaves [ 481.150123][ T8029] veth1_macvtap: entered promiscuous mode [ 481.164291][ T8155] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.172014][ T8155] bridge0: port 2(bridge_slave_1) entered disabled state [ 481.186423][ T8155] bridge_slave_1: entered allmulticast mode [ 481.195553][ T8155] bridge_slave_1: entered promiscuous mode [ 481.587604][ T8155] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 481.616617][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.627481][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.637744][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.648520][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.658680][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.669551][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.679757][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 481.691592][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.707065][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 481.741348][ T8155] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 481.949220][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.961295][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.971512][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 481.982285][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 481.992664][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.004947][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.015530][ T8029] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.026394][ T8029] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.041336][ T8029] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 482.138374][ T8155] team0: Port device team_slave_0 added [ 482.239385][ T8155] team0: Port device team_slave_1 added [ 482.266067][ T7073] hsr_slave_0: left promiscuous mode [ 482.294340][ T7073] hsr_slave_1: left promiscuous mode [ 482.323519][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 482.331368][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 482.366127][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 482.374125][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 482.420359][ T7073] veth1_macvtap: left promiscuous mode [ 482.427525][ T7073] veth0_macvtap: left promiscuous mode [ 482.433653][ T7073] veth1_vlan: left promiscuous mode [ 482.439236][ T7073] veth0_vlan: left promiscuous mode [ 482.853819][ T8] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 483.022724][ T5184] Bluetooth: hci1: command tx timeout [ 483.041665][ T7073] team0 (unregistering): Port device team_slave_1 removed [ 483.078310][ T7073] team0 (unregistering): Port device team_slave_0 removed [ 483.173611][ T8] usb 1-1: Using ep0 maxpacket: 16 [ 483.210776][ T8] usb 1-1: config 0 has an invalid interface number: 107 but max is 0 [ 483.219537][ T8] usb 1-1: config 0 has no interface number 0 [ 483.228407][ T8] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 483.240739][ T8] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 483.288243][ T8] usb 1-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 483.298100][ T8] usb 1-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 483.306775][ T8] usb 1-1: Product: syz [ 483.311189][ T8] usb 1-1: Manufacturer: syz [ 483.316186][ T8] usb 1-1: SerialNumber: syz [ 483.338437][ T8] usb 1-1: config 0 descriptor?? [ 483.352565][ T8] keyspan 1-1:0.107: Keyspan 4 port adapter converter detected [ 483.360767][ T8] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 81 [ 483.371016][ T8] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 1 [ 483.409388][ T8] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 483.419930][ T8] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 2 [ 483.542559][ T8] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 483.553534][ T8] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 4 [ 483.590123][ T8] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 483.602605][ T8] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 6 [ 483.624269][ T8] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 483.643946][ T8] usb 1-1: USB disconnect, device number 24 [ 483.669122][ T8210] bond0: option ad_select: unable to set because the bond device is up [ 483.692798][ T8029] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.702010][ T8029] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.704643][ T8] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 483.711281][ T8029] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.729785][ T8029] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.781490][ T8] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 483.783872][ T8155] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.798474][ T8155] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.827732][ T8155] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.931975][ T8] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 483.937158][ T8155] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.950273][ T8155] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.976775][ T8155] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 484.016393][ T8] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 484.028222][ T8] keyspan 1-1:0.107: device disconnected [ 484.291837][ T8155] hsr_slave_0: entered promiscuous mode [ 484.334030][ T8155] hsr_slave_1: entered promiscuous mode [ 484.377723][ T8155] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 484.385827][ T8155] Cannot create hsr debugfs directory [ 484.403644][ T8218] netlink: 72 bytes leftover after parsing attributes in process `syz.1.960'. [ 484.436265][ T8219] netlink: 44 bytes leftover after parsing attributes in process `syz.1.960'. [ 484.784044][ T8222] overlayfs: failed to resolve './file0': -2 [ 484.869583][ T2559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.879048][ T2559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 484.938844][ T7019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.947518][ T7019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.084534][ T5184] Bluetooth: hci1: command tx timeout [ 485.825837][ T8233] loop3: detected capacity change from 0 to 128 [ 486.006713][ T8155] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 486.270429][ T8233] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 486.344121][ T8155] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 486.385277][ T8233] ext4 filesystem being mounted at /0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 486.445229][ T8155] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 486.535677][ T8155] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 486.957077][ T8011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 487.132239][ T8247] bond0: option ad_select: unable to set because the bond device is up [ 487.620203][ T8255] overlayfs: failed to resolve './file0': -2 [ 487.633450][ T8155] 8021q: adding VLAN 0 to HW filter on device bond0 [ 487.685649][ T8256] netlink: 72 bytes leftover after parsing attributes in process `syz.0.970'. [ 487.749779][ T8155] 8021q: adding VLAN 0 to HW filter on device team0 [ 487.759406][ T5237] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 487.789174][ T8256] netlink: 44 bytes leftover after parsing attributes in process `syz.0.970'. [ 487.817651][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 487.825459][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 487.931370][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 487.939179][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 487.985183][ T5237] usb 4-1: Using ep0 maxpacket: 16 [ 488.006323][ T5237] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 488.015008][ T5237] usb 4-1: config 0 has no interface number 0 [ 488.021379][ T5237] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 488.034225][ T5237] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 488.197262][ T5237] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 488.206861][ T5237] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 488.216207][ T5237] usb 4-1: Product: syz [ 488.220627][ T5237] usb 4-1: Manufacturer: syz [ 488.225651][ T5237] usb 4-1: SerialNumber: syz [ 488.290299][ T5237] usb 4-1: config 0 descriptor?? [ 488.332379][ T5237] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected [ 488.341101][ T5237] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81 [ 488.357440][ T5237] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1 [ 488.391120][ T5237] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 488.401245][ T5237] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2 [ 488.425390][ T5237] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 488.436104][ T5237] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4 [ 488.458568][ T5237] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 488.473211][ T5237] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6 [ 488.488675][ T5237] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 488.516716][ T5237] usb 4-1: USB disconnect, device number 9 [ 488.574994][ T5237] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 488.635111][ T5237] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 488.713438][ T5237] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 488.769200][ T5237] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 488.780419][ T5237] keyspan 4-1:0.107: device disconnected [ 489.521393][ T8273] loop1: detected capacity change from 0 to 512 [ 489.652155][ T8273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 489.666489][ T8273] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 489.702577][ T8273] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.973: corrupted inode contents [ 489.720030][ T8273] EXT4-fs error (device loop1): ext4_dirty_inode:6014: inode #2: comm syz.1.973: mark_inode_dirty error [ 489.742429][ T8273] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.973: corrupted inode contents [ 489.800187][ T8273] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.973: mark_inode_dirty error [ 489.948959][ T8155] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 490.003409][ T29] audit: type=1326 audit(1722177902.993:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8275 comm="syz.0.975" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 490.548936][ T8155] veth0_vlan: entered promiscuous mode [ 490.652079][ T8155] veth1_vlan: entered promiscuous mode [ 490.682925][ T7073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 490.691316][ T7073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 490.948001][ T3149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 490.956741][ T3149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.024515][ T5180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.164390][ T8155] veth0_macvtap: entered promiscuous mode [ 491.232203][ T8155] veth1_macvtap: entered promiscuous mode [ 491.380957][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.392138][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.402339][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.413342][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.425606][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.437031][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.447320][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 491.458111][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.473668][ T8155] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 491.533594][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.545823][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.556134][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.567005][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.577160][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.588104][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.598351][ T8155] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 491.609169][ T8155] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 491.627476][ T8155] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 491.676202][ T8155] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.686558][ T8155] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.695729][ T8155] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.704885][ T8155] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 491.740576][ T8293] bond0: option ad_select: unable to set because the bond device is up [ 492.885565][ T8315] netlink: 72 bytes leftover after parsing attributes in process `syz.4.983'. [ 492.918335][ T8315] netlink: 44 bytes leftover after parsing attributes in process `syz.4.983'. [ 493.040007][ T8318] loop3: detected capacity change from 0 to 512 [ 493.060270][ T29] audit: type=1326 audit(1722177906.143:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8308 comm="syz.0.984" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 493.158719][ T8318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 493.172706][ T8318] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 493.240760][ T8323] loop1: detected capacity change from 0 to 128 [ 493.290804][ T8318] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.986: corrupted inode contents [ 493.312135][ T8318] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.986: mark_inode_dirty error [ 493.338507][ T8318] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.986: corrupted inode contents [ 493.379847][ T8323] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 493.415016][ T8323] ext4 filesystem being mounted at /235/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 493.475326][ T8318] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.986: mark_inode_dirty error [ 493.837596][ T5180] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 493.944928][ T8011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 494.236081][ T8333] bond0: option ad_select: unable to set because the bond device is up [ 494.597019][ T8] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 494.834244][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 494.885073][ T8] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 494.896240][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 494.992916][ T8] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 495.007212][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.017999][ T8] usb 2-1: Product: syz [ 495.022412][ T8] usb 2-1: Manufacturer: syz [ 495.027355][ T8] usb 2-1: SerialNumber: syz [ 495.087061][ T8] usb 2-1: config 0 descriptor?? [ 495.363355][ T5235] usb 2-1: USB disconnect, device number 17 [ 496.021642][ T8359] loop3: detected capacity change from 0 to 128 [ 496.112433][ T29] audit: type=1326 audit(1722177909.173:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8354 comm="syz.4.997" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 496.169102][ T8359] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 496.239910][ T8359] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 496.393869][ T8011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 496.420814][ T8366] netlink: 72 bytes leftover after parsing attributes in process `syz.1.999'. [ 496.470360][ T8366] netlink: 44 bytes leftover after parsing attributes in process `syz.1.999'. [ 496.696927][ T8369] loop3: detected capacity change from 0 to 512 [ 496.920773][ T7073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 496.929350][ T7073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 496.940142][ T8369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 496.956999][ T8369] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 496.972225][ T3262] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 496.980390][ T3262] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 497.196167][ T8369] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1000: corrupted inode contents [ 497.270078][ T8369] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.1000: mark_inode_dirty error [ 497.326133][ T8369] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1000: corrupted inode contents [ 497.349797][ T8369] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.1000: mark_inode_dirty error [ 497.537688][ T8375] bond0: option ad_select: unable to set because the bond device is up [ 497.815785][ T8011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 498.861485][ T8393] loop2: detected capacity change from 0 to 128 [ 498.954620][ T8393] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 498.967775][ T5235] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 499.042337][ T8393] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 499.204777][ T5235] usb 4-1: Using ep0 maxpacket: 32 [ 499.231991][ T5235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 499.242215][ T5235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 499.316955][ T5235] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 499.328044][ T5235] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 499.336847][ T5235] usb 4-1: Product: syz [ 499.341260][ T5235] usb 4-1: Manufacturer: syz [ 499.346185][ T5235] usb 4-1: SerialNumber: syz [ 499.391860][ T5235] usb 4-1: config 0 descriptor?? [ 499.442177][ T8155] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 499.672518][ T5235] usb 4-1: USB disconnect, device number 10 [ 499.852812][ T8406] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1012'. [ 499.852910][ T8402] loop1: detected capacity change from 0 to 512 [ 499.882825][ T8406] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1012'. [ 499.939117][ T8402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 499.952447][ T8402] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 499.998279][ T8402] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.1013: corrupted inode contents [ 500.064127][ T8402] EXT4-fs error (device loop1): ext4_dirty_inode:6014: inode #2: comm syz.1.1013: mark_inode_dirty error [ 500.259231][ T8402] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.1013: corrupted inode contents [ 500.367418][ T8402] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.1013: mark_inode_dirty error [ 500.810381][ T8416] netlink: 'syz.3.1015': attribute type 21 has an invalid length. [ 500.818772][ T8416] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1015'. [ 501.016111][ T5180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.177819][ T8432] loop1: detected capacity change from 0 to 128 [ 502.241872][ T8432] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 502.273790][ T8432] ext4 filesystem being mounted at /243/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 502.546695][ T5180] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 503.210524][ T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 503.452429][ T8443] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1026'. [ 503.468060][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 503.511348][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 503.521544][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 503.548226][ T8443] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1026'. [ 503.570578][ T8] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 503.580321][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.591391][ T8] usb 4-1: Product: syz [ 503.598717][ T8] usb 4-1: Manufacturer: syz [ 503.609398][ T8] usb 4-1: SerialNumber: syz [ 503.650905][ T8] usb 4-1: config 0 descriptor?? [ 503.720281][ T8445] loop2: detected capacity change from 0 to 512 [ 503.776991][ T8447] netlink: 'syz.0.1028': attribute type 21 has an invalid length. [ 503.785699][ T8447] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1028'. [ 503.892664][ T8445] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 503.906525][ T8445] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 503.957732][ T8] usb 4-1: USB disconnect, device number 11 [ 504.022758][ T8445] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1027: corrupted inode contents [ 504.162040][ T8445] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #2: comm syz.2.1027: mark_inode_dirty error [ 504.255763][ T8445] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1027: corrupted inode contents [ 504.288788][ T8445] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.1027: mark_inode_dirty error [ 504.846846][ T8155] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 505.001770][ T8464] loop3: detected capacity change from 0 to 128 [ 505.212292][ T8464] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 505.282267][ T8464] ext4 filesystem being mounted at /19/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 505.327184][ T8471] loop4: detected capacity change from 0 to 16 [ 505.338771][ T8471] erofs: Unknown parameter 'ÿÿÿÿ)|' [ 505.702133][ T8011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 505.995013][ T8477] netlink: 'syz.2.1040': attribute type 21 has an invalid length. [ 506.003419][ T8477] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1040'. [ 506.211908][ T8481] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1042'. [ 506.221972][ T8481] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1042'. [ 506.679237][ T8487] loop1: detected capacity change from 0 to 512 [ 506.690489][ T8488] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1043'. [ 506.723352][ T8488] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1043'. [ 506.772348][ T8487] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 506.792147][ T8487] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 506.898325][ T8] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 506.976970][ T8487] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.1045: corrupted inode contents [ 507.012578][ T8487] EXT4-fs error (device loop1): ext4_dirty_inode:6014: inode #2: comm syz.1.1045: mark_inode_dirty error [ 507.036151][ T8487] EXT4-fs error (device loop1): ext4_do_update_inode:5154: inode #2: comm syz.1.1045: corrupted inode contents [ 507.058882][ T8487] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #2: comm syz.1.1045: mark_inode_dirty error [ 507.124403][ T8] usb 3-1: Using ep0 maxpacket: 32 [ 507.137151][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0 [ 507.147531][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 507.196503][ T8] usb 3-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 507.205942][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 507.214241][ T8] usb 3-1: Product: syz [ 507.218798][ T8] usb 3-1: Manufacturer: syz [ 507.223632][ T8] usb 3-1: SerialNumber: syz [ 507.245134][ T8] usb 3-1: config 0 descriptor?? [ 507.544203][ T8] usb 3-1: USB disconnect, device number 22 [ 507.586553][ T5180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 509.006369][ T8512] loop2: detected capacity change from 0 to 128 [ 509.070483][ T8512] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 509.123576][ T8512] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 509.605193][ T8155] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 510.110981][ T8519] netlink: 'syz.2.1054': attribute type 21 has an invalid length. [ 510.119348][ T8519] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1054'. [ 510.225703][ T8521] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1055'. [ 510.235216][ T8521] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1055'. [ 510.804580][ T8523] loop2: detected capacity change from 0 to 512 [ 510.955123][ T8523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 510.969621][ T8523] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 510.989332][ T8529] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1057'. [ 511.032405][ T8529] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1057'. [ 511.119938][ T8523] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1056: corrupted inode contents [ 511.167371][ T8523] EXT4-fs error (device loop2): ext4_dirty_inode:6014: inode #2: comm syz.2.1056: mark_inode_dirty error [ 511.296570][ T8523] EXT4-fs error (device loop2): ext4_do_update_inode:5154: inode #2: comm syz.2.1056: corrupted inode contents [ 511.378724][ T8523] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.1056: mark_inode_dirty error [ 512.178532][ T8155] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 512.544764][ T29] audit: type=1326 audit(1722177925.613:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8532 comm="syz.3.1058" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x0 [ 513.020655][ T8538] loop1: detected capacity change from 0 to 1024 [ 513.055187][ T8538] EXT4-fs: Ignoring removed orlov option [ 513.061275][ T8538] EXT4-fs: Ignoring removed nomblk_io_submit option [ 513.169385][ T8538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 513.523542][ T5180] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 514.012335][ T8549] loop3: detected capacity change from 0 to 128 [ 514.085327][ T8549] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 514.124876][ T8549] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 514.575993][ T8011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 514.894303][ T8554] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1067'. [ 514.903684][ T8554] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1067'. [ 514.986108][ T8558] netlink: 'syz.3.1066': attribute type 21 has an invalid length. [ 514.994888][ T8558] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1066'. [ 515.188448][ T8559] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1068'. [ 515.222911][ T8559] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1068'. [ 515.338058][ T8564] loop4: detected capacity change from 0 to 512 [ 515.505915][ T8564] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 515.519339][ T8564] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 515.673707][ T8564] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.1070: corrupted inode contents [ 515.742584][ T8564] EXT4-fs error (device loop4): ext4_dirty_inode:6014: inode #2: comm syz.4.1070: mark_inode_dirty error [ 515.897672][ T8564] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.1070: corrupted inode contents [ 515.973674][ T8564] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.1070: mark_inode_dirty error [ 516.577259][ T8029] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.653689][ T8581] loop3: detected capacity change from 0 to 128 [ 516.686849][ T8581] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 516.726846][ T8581] ext4 filesystem being mounted at /34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 517.240435][ T8011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 517.570608][ T8594] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1080'. [ 517.580130][ T8594] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1080'. [ 518.238006][ T8598] loop3: detected capacity change from 0 to 1024 [ 518.290196][ T8598] EXT4-fs: Ignoring removed orlov option [ 518.296948][ T8598] EXT4-fs: Ignoring removed nomblk_io_submit option [ 518.434454][ T8598] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 518.484906][ T8604] netlink: 'syz.2.1081': attribute type 21 has an invalid length. [ 518.493305][ T8604] netlink: 128 bytes leftover after parsing attributes in process `syz.2.1081'. [ 518.569827][ T29] audit: type=1800 audit(1722177931.643:36): pid=8598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1083" name="memory.events" dev="loop3" ino=18 res=0 errno=0 [ 518.697871][ T8011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 519.400748][ T8611] loop4: detected capacity change from 0 to 512 [ 519.461492][ T8611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 519.481359][ T8611] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 519.540139][ T8611] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.1087: corrupted inode contents [ 519.614734][ T8617] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1085'. [ 519.654369][ T8611] EXT4-fs error (device loop4): ext4_dirty_inode:6014: inode #2: comm syz.4.1087: mark_inode_dirty error [ 519.696403][ T8617] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1085'. [ 519.715678][ T8611] EXT4-fs error (device loop4): ext4_do_update_inode:5154: inode #2: comm syz.4.1087: corrupted inode contents [ 519.809640][ T8611] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz.4.1087: mark_inode_dirty error [ 520.586751][ T8029] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 520.616047][ T10] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 520.738413][ T8629] loop2: detected capacity change from 0 to 1024 [ 520.780010][ T8629] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 520.846569][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 520.856739][ T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 520.866914][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 520.877091][ T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 520.887343][ T10] usb 1-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 520.896912][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 520.980896][ T10] usb 1-1: config 0 descriptor?? [ 521.155552][ T8634] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1093'. [ 521.167189][ T8634] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1093'. [ 521.254007][ T10] hdpvr 1-1:0.0: unexpected answer of status request, len 0 [ 521.262080][ T10] hdpvr 1-1:0.0: device init failed [ 521.267807][ T10] hdpvr 1-1:0.0: probe with driver hdpvr failed with error -12 [ 521.449614][ T5241] usb 1-1: USB disconnect, device number 25 [ 522.216035][ T8642] netlink: 'syz.4.1096': attribute type 21 has an invalid length. [ 522.224528][ T8642] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1096'. [ 523.544159][ T8655] loop3: detected capacity change from 0 to 512 [ 523.669698][ T8655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 523.689283][ T8655] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 523.781584][ T8655] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1102: corrupted inode contents [ 523.833634][ T8655] EXT4-fs error (device loop3): ext4_dirty_inode:6014: inode #2: comm syz.3.1102: mark_inode_dirty error [ 523.905685][ T8662] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1103'. [ 523.929491][ T8655] EXT4-fs error (device loop3): ext4_do_update_inode:5154: inode #2: comm syz.3.1102: corrupted inode contents [ 523.938560][ T8662] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1103'. [ 524.023793][ T8655] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.1102: mark_inode_dirty error [ 524.774829][ T8011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.040485][ T8665] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1105'. [ 525.050868][ T8665] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1105'. [ 525.419098][ T8667] loop3: detected capacity change from 0 to 1024 [ 525.540450][ T8667] EXT4-fs (loop3): can't mount with commit=2048, fs mounted w/o journal [ 525.663381][ T8667] overlayfs: failed to resolve './file0': -2 [ 525.765111][ T5241] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 526.312759][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.319970][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.347640][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 526.357927][ T5241] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 526.369786][ T5241] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 526.380356][ T5241] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 526.390891][ T5241] usb 5-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 526.400381][ T5241] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 526.413838][ T5241] usb 5-1: config 0 descriptor?? [ 526.420930][ T8672] netlink: 'syz.3.1108': attribute type 21 has an invalid length. [ 526.429479][ T8672] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1108'. [ 526.695478][ T5241] hdpvr 5-1:0.0: unexpected answer of status request, len 0 [ 526.703243][ T5241] hdpvr 5-1:0.0: device init failed [ 526.708998][ T5241] hdpvr 5-1:0.0: probe with driver hdpvr failed with error -12 [ 526.902302][ T8] usb 5-1: USB disconnect, device number 17 [ 528.427691][ T5187] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 528.445203][ T5187] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 528.462131][ T5187] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 528.476427][ T5187] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 528.502859][ T5187] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 528.533396][ T5187] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 528.819050][ T8698] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1115'. [ 528.874632][ T8698] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1115'. [ 529.848710][ T8690] chnl_net:caif_netlink_parms(): no params data found [ 530.032526][ T8707] overlayfs: failed to resolve './file1': -2 [ 530.257881][ T8709] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'. [ 530.355847][ T8712] netlink: 'syz.4.1120': attribute type 21 has an invalid length. [ 530.364104][ T8712] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1120'. [ 530.541906][ T3186] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.607617][ T5184] Bluetooth: hci2: command tx timeout [ 530.818772][ T3186] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.980579][ T3186] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.159335][ T3186] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 531.343461][ T44] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 531.578192][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 531.588357][ T44] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0 [ 531.598573][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 531.608849][ T44] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0 [ 531.619217][ T44] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b [ 531.628743][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 531.653845][ T8690] bridge0: port 1(bridge_slave_0) entered blocking state [ 531.665650][ T8690] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.674015][ T8690] bridge_slave_0: entered allmulticast mode [ 531.683415][ T8690] bridge_slave_0: entered promiscuous mode [ 531.785304][ T44] usb 4-1: config 0 descriptor?? [ 531.792420][ T3186] bridge_slave_1: left allmulticast mode [ 531.799423][ T3186] bridge_slave_1: left promiscuous mode [ 531.806211][ T3186] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.854625][ T3186] bridge_slave_0: left allmulticast mode [ 531.860684][ T3186] bridge_slave_0: left promiscuous mode [ 531.872910][ T3186] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.185641][ T44] hdpvr 4-1:0.0: unexpected answer of status request, len 0 [ 532.195033][ T44] hdpvr 4-1:0.0: device init failed [ 532.200655][ T44] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -12 [ 532.256487][ T44] usb 4-1: USB disconnect, device number 12 [ 532.638956][ T3186] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 532.699024][ T5184] Bluetooth: hci2: command tx timeout [ 532.735219][ T3186] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 532.761206][ T3186] bond0 (unregistering): Released all slaves [ 532.804845][ T8690] bridge0: port 2(bridge_slave_1) entered blocking state [ 532.812565][ T8690] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.824794][ T8690] bridge_slave_1: entered allmulticast mode [ 532.838082][ T8690] bridge_slave_1: entered promiscuous mode [ 533.118137][ T8690] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 533.204693][ T8690] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 533.705780][ T8690] team0: Port device team_slave_0 added [ 533.796387][ T3186] hsr_slave_0: left promiscuous mode [ 533.859850][ T3186] hsr_slave_1: left promiscuous mode [ 533.876240][ T3186] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.884472][ T3186] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 533.931436][ T3186] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 533.939777][ T3186] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 534.004317][ T3186] veth1_macvtap: left promiscuous mode [ 534.010090][ T3186] veth0_macvtap: left promiscuous mode [ 534.019318][ T3186] veth1_vlan: left promiscuous mode [ 534.025172][ T3186] veth0_vlan: left promiscuous mode [ 534.763482][ T5184] Bluetooth: hci2: command tx timeout [ 535.098346][ T3186] team0 (unregistering): Port device team_slave_1 removed [ 535.428949][ T8690] team0: Port device team_slave_1 added [ 535.518864][ T8736] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1129'. [ 535.917025][ T8737] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1129'. [ 536.022807][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 536.030073][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.056879][ T8690] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 536.295778][ T8690] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 536.303547][ T8690] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 536.330740][ T8690] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 536.509039][ T8739] loop4: detected capacity change from 0 to 1024 [ 536.626424][ T8739] EXT4-fs (loop4): can't mount with commit=2048, fs mounted w/o journal [ 536.759598][ T8690] hsr_slave_0: entered promiscuous mode [ 536.809934][ T8690] hsr_slave_1: entered promiscuous mode [ 536.843560][ T5184] Bluetooth: hci2: command tx timeout [ 536.868232][ T8739] overlayfs: failed to resolve './file0': -2 [ 537.205406][ T8743] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1131'. [ 537.216687][ T8745] netlink: 'syz.3.1132': attribute type 21 has an invalid length. [ 537.224978][ T8745] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1132'. [ 538.190947][ T8755] loop3: detected capacity change from 0 to 2048 [ 538.281556][ T8760] syz.0.1139[8760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 538.282402][ T8760] syz.0.1139[8760] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 538.319947][ T8755] loop3: p1 < > p4 [ 538.399270][ T8755] loop3: p4 size 8388608 extends beyond EOD, truncated [ 538.491222][ T8690] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 538.554026][ T8690] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 538.636217][ T8690] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 538.709760][ T29] audit: type=1326 audit(1722177951.803:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8761 comm="syz.2.1140" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x0 [ 538.744732][ T8690] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 539.065216][ T8770] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1142'. [ 539.097016][ T8770] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1142'. [ 539.171776][ T8771] overlayfs: failed to resolve './file1': -2 [ 539.669660][ T8690] 8021q: adding VLAN 0 to HW filter on device bond0 [ 539.788616][ T8690] 8021q: adding VLAN 0 to HW filter on device team0 [ 539.897120][ T8774] loop2: detected capacity change from 0 to 512 [ 539.909183][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 539.917167][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 539.963199][ T8774] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent [ 540.015020][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 540.022900][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 540.823617][ T8] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 540.941502][ T29] audit: type=1326 audit(1722177954.013:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8782 comm="syz.0.1148" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 541.065569][ T8] usb 4-1: device descriptor read/64, error -71 [ 541.344722][ T8] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 541.545687][ T8] usb 4-1: device descriptor read/64, error -71 [ 541.580419][ T8690] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 541.702158][ T8] usb usb4-port1: attempt power cycle [ 541.994284][ T8690] veth0_vlan: entered promiscuous mode [ 542.143412][ T8] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 542.179558][ T8690] veth1_vlan: entered promiscuous mode [ 542.225220][ T8] usb 4-1: device descriptor read/8, error -71 [ 542.487235][ T8690] veth0_macvtap: entered promiscuous mode [ 542.534092][ T8] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 542.560764][ T8690] veth1_macvtap: entered promiscuous mode [ 542.624925][ T8] usb 4-1: device descriptor read/8, error -71 [ 542.661019][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 542.672276][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.682481][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 542.694262][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.704396][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 542.715252][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.731691][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 542.744412][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.760197][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 542.773840][ T8797] overlayfs: failed to resolve './file1': -2 [ 542.841777][ T8] usb usb4-port1: unable to enumerate USB device [ 542.907462][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 542.918481][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.934502][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 542.948376][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.958673][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 542.969551][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 542.980229][ T8690] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 542.992044][ T8690] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 543.010190][ T8690] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 543.167769][ T8690] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 543.177093][ T8690] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 543.186462][ T8690] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 543.195567][ T8690] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 543.598236][ T8807] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1155'. [ 543.689779][ T8807] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1155'. [ 543.885117][ T8] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 544.135414][ T8] usb 5-1: Using ep0 maxpacket: 16 [ 544.168611][ T8] usb 5-1: config 0 has an invalid descriptor of length 123, skipping remainder of the config [ 544.179397][ T8] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 544.189395][ T8] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 544.198771][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 544.225251][ T8] usb 5-1: config 0 descriptor?? [ 544.554324][ T8805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 544.566145][ T8805] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 544.839436][ T8] usb 5-1: string descriptor 0 read error: -71 [ 544.891938][ T8] usb 5-1: USB disconnect, device number 18 [ 545.991440][ T8835] overlayfs: failed to resolve './file1': -2 [ 546.473340][ T5263] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 546.555071][ T8842] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1166'. [ 546.716021][ T5263] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 546.724587][ T5263] usb 4-1: config 0 has no interface number 0 [ 546.730964][ T5263] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 546.778446][ T5263] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 546.788459][ T5263] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 546.797025][ T5263] usb 4-1: Manufacturer: syz [ 546.830632][ T5263] usb 4-1: config 0 descriptor?? [ 546.858258][ T5263] usbhid 4-1:0.18: couldn't find an input interrupt endpoint [ 548.635773][ T7073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 548.644644][ T7073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 548.834949][ T3186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 548.843328][ T3186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 548.885630][ T8858] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1169'. [ 549.404600][ T10] usb 4-1: USB disconnect, device number 17 [ 550.965393][ T8877] overlayfs: failed to resolve './file1': -2 [ 551.287439][ T8885] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1179'. [ 551.665191][ T10] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 551.901448][ T10] usb 4-1: config 0 has an invalid interface number: 18 but max is 0 [ 551.910113][ T10] usb 4-1: config 0 has no interface number 0 [ 551.916711][ T10] usb 4-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 551.991449][ T10] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 552.001018][ T10] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 552.009658][ T10] usb 4-1: Manufacturer: syz [ 552.028709][ T10] usb 4-1: config 0 descriptor?? [ 552.095826][ T10] usbhid 4-1:0.18: couldn't find an input interrupt endpoint [ 553.301590][ T5187] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 553.313938][ T5187] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 553.324089][ T5187] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 553.345387][ T5187] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 553.382716][ T5187] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 553.392523][ T5187] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 554.313444][ T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 554.436463][ T8913] chnl_net:caif_netlink_parms(): no params data found [ 554.538582][ T8921] overlayfs: failed to resolve './file1': -2 [ 554.543572][ T8] usb 2-1: Using ep0 maxpacket: 16 [ 554.582838][ T8] usb 2-1: config 0 has no interfaces? [ 554.643487][ T8] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 554.655107][ T8] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 554.663641][ T8] usb 2-1: Product: syz [ 554.668155][ T8] usb 2-1: Manufacturer: syz [ 554.673126][ T8] usb 2-1: SerialNumber: syz [ 554.707447][ T5263] usb 4-1: USB disconnect, device number 18 [ 554.755881][ T8] usb 2-1: config 0 descriptor?? [ 555.002210][ T5263] usb 2-1: USB disconnect, device number 18 [ 555.384955][ T8926] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1192'. [ 555.484439][ T5187] Bluetooth: hci0: command tx timeout [ 555.770119][ T7073] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 556.014150][ T8933] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 556.040724][ T7073] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 556.605914][ T7073] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 556.675066][ T8913] bridge0: port 1(bridge_slave_0) entered blocking state [ 556.683361][ T8913] bridge0: port 1(bridge_slave_0) entered disabled state [ 556.691209][ T8913] bridge_slave_0: entered allmulticast mode [ 556.700746][ T8913] bridge_slave_0: entered promiscuous mode [ 556.911661][ T7073] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 557.001219][ T8913] bridge0: port 2(bridge_slave_1) entered blocking state [ 557.015078][ T8913] bridge0: port 2(bridge_slave_1) entered disabled state [ 557.023193][ T8913] bridge_slave_1: entered allmulticast mode [ 557.032285][ T8913] bridge_slave_1: entered promiscuous mode [ 557.269200][ T8913] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 557.399773][ T8913] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 557.428950][ T7073] bridge_slave_1: left allmulticast mode [ 557.435375][ T7073] bridge_slave_1: left promiscuous mode [ 557.441978][ T7073] bridge0: port 2(bridge_slave_1) entered disabled state [ 557.457425][ T7073] bridge_slave_0: left allmulticast mode [ 557.471339][ T7073] bridge_slave_0: left promiscuous mode [ 557.478322][ T7073] bridge0: port 1(bridge_slave_0) entered disabled state [ 557.494132][ T5263] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 557.501382][ T8953] loop4: detected capacity change from 0 to 1024 [ 557.563735][ T5187] Bluetooth: hci0: command tx timeout [ 557.710939][ T8953] EXT4-fs (loop4): can't mount with commit=2048, fs mounted w/o journal [ 557.739594][ T5263] usb 1-1: config 0 has an invalid interface number: 18 but max is 0 [ 557.749326][ T5263] usb 1-1: config 0 has no interface number 0 [ 557.755840][ T5263] usb 1-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 557.801016][ T5263] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 557.812092][ T5263] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 557.821207][ T5263] usb 1-1: Manufacturer: syz [ 557.838892][ T5263] usb 1-1: config 0 descriptor?? [ 557.862373][ T5263] usbhid 1-1:0.18: couldn't find an input interrupt endpoint [ 557.935757][ T8953] overlayfs: failed to resolve './file0': -2 [ 558.030673][ T7073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 558.068703][ T7073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 558.107066][ T7073] bond0 (unregistering): Released all slaves [ 558.359037][ T8913] team0: Port device team_slave_0 added [ 558.383868][ T8913] team0: Port device team_slave_1 added [ 558.537492][ T10] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 558.637939][ T8913] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 558.646174][ T8913] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 558.673363][ T8913] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 558.708407][ T8964] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1204'. [ 558.726415][ T8913] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 558.733693][ T8913] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 558.760408][ T8913] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 558.780166][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 558.834332][ T10] usb 5-1: config 0 has no interfaces? [ 558.853214][ T10] usb 5-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 558.862593][ T10] usb 5-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 558.871184][ T10] usb 5-1: Product: syz [ 558.875784][ T10] usb 5-1: Manufacturer: syz [ 558.880614][ T10] usb 5-1: SerialNumber: syz [ 558.909755][ T10] usb 5-1: config 0 descriptor?? [ 559.058947][ T7073] hsr_slave_0: left promiscuous mode [ 559.076459][ T7073] hsr_slave_1: left promiscuous mode [ 559.088904][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 559.097020][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 559.129542][ T7073] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 559.137618][ T7073] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 559.166773][ T7073] veth1_macvtap: left promiscuous mode [ 559.172539][ T7073] veth0_macvtap: left promiscuous mode [ 559.178713][ T7073] veth1_vlan: left promiscuous mode [ 559.184504][ T7073] veth0_vlan: left promiscuous mode [ 559.192540][ T8] usb 5-1: USB disconnect, device number 19 [ 559.648007][ T5187] Bluetooth: hci0: command tx timeout [ 560.054152][ T7073] team0 (unregistering): Port device team_slave_1 removed [ 560.101819][ T7073] team0 (unregistering): Port device team_slave_0 removed [ 560.468177][ T1038] usb 1-1: USB disconnect, device number 26 [ 560.510097][ T29] audit: type=1800 audit(1722177973.543:39): pid=8976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1208" name="/" dev="fuse" ino=1 res=0 errno=0 [ 560.894931][ T8913] hsr_slave_0: entered promiscuous mode [ 560.917850][ T8913] hsr_slave_1: entered promiscuous mode [ 560.958749][ T8913] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 560.967227][ T8913] Cannot create hsr debugfs directory [ 562.088666][ T5187] Bluetooth: hci0: command tx timeout [ 562.407292][ T8991] loop3: detected capacity change from 0 to 1024 [ 562.478104][ T8991] EXT4-fs (loop3): can't mount with commit=2048, fs mounted w/o journal [ 562.868490][ T8913] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 562.914068][ T8913] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 562.995837][ T8913] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 563.065746][ T8913] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 563.829971][ T29] audit: type=1326 audit(1722177976.933:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9005 comm="syz.3.1218" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x0 [ 563.862045][ T1038] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 564.077332][ T1038] usb 2-1: Using ep0 maxpacket: 16 [ 564.096374][ T8913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 564.188881][ T8913] 8021q: adding VLAN 0 to HW filter on device team0 [ 564.193960][ T1038] usb 2-1: config 0 has no interfaces? [ 564.253889][ T5263] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.261511][ T5263] bridge0: port 1(bridge_slave_0) entered forwarding state [ 564.286554][ T1038] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 564.296472][ T1038] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 564.305179][ T1038] usb 2-1: Product: syz [ 564.309587][ T1038] usb 2-1: Manufacturer: syz [ 564.314521][ T1038] usb 2-1: SerialNumber: syz [ 564.352193][ T1038] usb 2-1: config 0 descriptor?? [ 564.365900][ T5263] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.373753][ T5263] bridge0: port 2(bridge_slave_1) entered forwarding state [ 564.651006][ T1038] usb 2-1: USB disconnect, device number 19 [ 565.210915][ T9021] loop4: detected capacity change from 0 to 1024 [ 565.360651][ T9021] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.732804][ T8913] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.005268][ T9030] loop3: detected capacity change from 0 to 1024 [ 566.040604][ T8029] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 566.144423][ T9030] EXT4-fs (loop3): can't mount with commit=2048, fs mounted w/o journal [ 566.241984][ T8913] veth0_vlan: entered promiscuous mode [ 566.348035][ T8913] veth1_vlan: entered promiscuous mode [ 566.698140][ T8913] veth0_macvtap: entered promiscuous mode [ 566.761076][ T8913] veth1_macvtap: entered promiscuous mode [ 566.933848][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.944679][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.954836][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.965726][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.975963][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 566.989057][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 566.999865][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 567.010789][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.026184][ T8913] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 567.028885][ T9040] loop1: detected capacity change from 0 to 256 [ 567.116844][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.127784][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.137967][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.148751][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.161018][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.174086][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.185203][ T8913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 567.198512][ T8913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 567.214301][ T8913] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 567.281101][ T9040] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 567.317923][ T9042] bridge0: port 3(syz_tun) entered blocking state [ 567.326458][ T9042] bridge0: port 3(syz_tun) entered disabled state [ 567.333763][ T9042] syz_tun: entered allmulticast mode [ 567.342060][ T9042] syz_tun: entered promiscuous mode [ 567.349911][ T9042] bridge0: port 3(syz_tun) entered blocking state [ 567.357096][ T9042] bridge0: port 3(syz_tun) entered forwarding state [ 567.382883][ T8913] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.392218][ T8913] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.408080][ T8913] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.419104][ T8913] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 568.104829][ T29] audit: type=1326 audit(1722177981.193:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9047 comm="syz.4.1230" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 568.632728][ T9062] team0: entered promiscuous mode [ 568.639320][ T9062] team_slave_0: entered promiscuous mode [ 568.646248][ T9062] team_slave_1: entered promiscuous mode [ 569.612312][ T9068] loop4: detected capacity change from 0 to 1024 [ 569.735563][ T9061] team0: left promiscuous mode [ 569.740734][ T9061] team_slave_0: left promiscuous mode [ 569.747509][ T9061] team_slave_1: left promiscuous mode [ 569.839523][ T9068] EXT4-fs (loop4): can't mount with commit=2048, fs mounted w/o journal [ 569.994507][ T9073] trusted_key: syz.0.1237 sent an empty control message without MSG_MORE. [ 572.604134][ T29] audit: type=1326 audit(1722177985.673:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9100 comm="syz.3.1245" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5579 code=0x0 [ 572.866944][ T9111] bridge0: port 3(syz_tun) entered blocking state [ 572.875078][ T9111] bridge0: port 3(syz_tun) entered disabled state [ 572.882449][ T9111] syz_tun: entered allmulticast mode [ 572.891367][ T9111] syz_tun: entered promiscuous mode [ 572.900883][ T9111] bridge0: port 3(syz_tun) entered blocking state [ 572.908102][ T9111] bridge0: port 3(syz_tun) entered forwarding state [ 573.520014][ T3186] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 573.528775][ T3186] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 573.676076][ T3186] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 573.685187][ T3186] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 574.579707][ T9130] overlayfs: failed to resolve './file1': -2 [ 576.450440][ T9149] overlayfs: missing 'lowerdir' [ 576.482146][ T29] audit: type=1326 audit(1722177989.563:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9143 comm="syz.4.1261" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 576.851294][ T9151] loop1: detected capacity change from 0 to 256 [ 576.956141][ T9151] exFAT-fs (loop1): failed to load upcase table (idx : 0x00000100, chksum : 0xec81c7e9, utbl_chksum : 0xe619d30d) [ 577.103241][ T29] audit: type=1804 audit(1722177990.213:44): pid=9151 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1264" name="/newroot/21/bus/bus" dev="loop1" ino=1048634 res=1 errno=0 [ 577.769472][ T9161] loop1: detected capacity change from 0 to 1024 [ 577.826702][ T9161] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 579.042257][ T9178] overlayfs: missing 'lowerdir' [ 579.563522][ T5194] Bluetooth: hci4: command 0x0406 tx timeout [ 579.571059][ T5194] Bluetooth: hci6: command 0x0406 tx timeout [ 579.753191][ T29] audit: type=1326 audit(1722177992.833:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9179 comm="syz.1.1275" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x0 [ 581.311422][ T9201] loop1: detected capacity change from 0 to 1024 [ 581.440549][ T9201] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 582.026962][ T9207] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 582.036247][ T9207] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 582.656709][ T44] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 582.912981][ T44] usb 4-1: Using ep0 maxpacket: 32 [ 582.946373][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0 [ 582.956495][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 583.010418][ T44] usb 4-1: New USB device found, idVendor=ae6f, idProduct=79f4, bcdDevice=8f.99 [ 583.020037][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 583.028463][ T44] usb 4-1: Product: syz [ 583.032855][ T44] usb 4-1: Manufacturer: syz [ 583.037844][ T44] usb 4-1: SerialNumber: syz [ 583.091328][ T44] usb 4-1: config 0 descriptor?? [ 583.738509][ T29] audit: type=1326 audit(1722177996.823:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9220 comm="syz.4.1291" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 584.748381][ T9235] loop2: detected capacity change from 0 to 1024 [ 584.832445][ T9235] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 585.348266][ T44] usb 4-1: USB disconnect, device number 19 [ 586.355343][ T29] audit: type=1326 audit(1722177999.423:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9257 comm="syz.4.1306" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 586.879293][ T9268] bridge0: port 3(syz_tun) entered blocking state [ 586.887311][ T9268] bridge0: port 3(syz_tun) entered disabled state [ 586.894774][ T9268] syz_tun: entered allmulticast mode [ 586.903465][ T9268] syz_tun: entered promiscuous mode [ 586.911198][ T9268] bridge0: port 3(syz_tun) entered blocking state [ 586.918400][ T9268] bridge0: port 3(syz_tun) entered forwarding state [ 587.212980][ T9273] loop1: detected capacity change from 0 to 1024 [ 587.259480][ T9273] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 587.478418][ T9278] nfs4: Unknown parameter 'ÿÿÿ' [ 587.759680][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.767436][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 588.652062][ T9296] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 588.661588][ T9296] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 588.683767][ T9293] netlink: 'syz.1.1320': attribute type 21 has an invalid length. [ 588.694632][ T9293] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1320'. [ 589.571916][ T9307] loop2: detected capacity change from 0 to 1024 [ 589.662364][ T9307] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 590.519488][ T9325] netlink: 'syz.0.1333': attribute type 21 has an invalid length. [ 590.529216][ T9325] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1333'. [ 591.002678][ T9329] overlayfs: missing 'lowerdir' [ 592.266877][ T9344] loop2: detected capacity change from 0 to 1024 [ 592.372707][ T9344] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 592.764958][ T9355] netlink: 'syz.1.1346': attribute type 21 has an invalid length. [ 592.774730][ T9355] netlink: 128 bytes leftover after parsing attributes in process `syz.1.1346'. [ 593.439099][ T9366] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1350'. [ 593.466309][ T9366] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1350'. [ 595.110572][ T9383] loop1: detected capacity change from 0 to 1024 [ 595.170101][ T9383] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 596.519516][ T5187] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 596.539785][ T5187] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 596.552356][ T5187] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 596.600309][ T5187] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 596.618139][ T5187] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 596.633497][ T5187] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 596.759513][ T9409] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1368'. [ 596.791386][ T9408] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1366'. [ 596.982928][ T9409] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1368'. [ 597.090259][ T9410] loop2: detected capacity change from 0 to 1024 [ 597.154105][ T9410] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 597.285997][ T9410] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 597.445660][ T9410] EXT4-fs (loop2): orphan cleanup on readonly fs [ 597.542757][ T9410] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=2 [ 597.553186][ T9410] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 597.568251][ T9410] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 597.728071][ T9410] EXT4-fs (loop2): 1 truncate cleaned up [ 597.736358][ T9410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 597.772988][ T29] audit: type=1326 audit(1722178010.803:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9416 comm="syz.0.1370" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 597.916016][ T9402] chnl_net:caif_netlink_parms(): no params data found [ 598.257161][ T8011] bridge0: port 3(syz_tun) entered disabled state [ 598.328976][ T8011] syz_tun (unregistering): left allmulticast mode [ 598.336587][ T8011] syz_tun (unregistering): left promiscuous mode [ 598.346758][ T8011] bridge0: port 3(syz_tun) entered disabled state [ 598.447582][ T8913] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.694962][ T5187] Bluetooth: hci1: command tx timeout [ 598.736015][ T7019] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 598.899602][ T7019] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.100464][ T7019] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.153791][ T9435] loop2: detected capacity change from 0 to 1024 [ 599.239814][ T9435] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 599.254665][ T7019] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.594103][ T7019] bridge_slave_1: left allmulticast mode [ 599.599997][ T7019] bridge_slave_1: left promiscuous mode [ 599.606752][ T7019] bridge0: port 2(bridge_slave_1) entered disabled state [ 599.679733][ T7019] bridge_slave_0: left allmulticast mode [ 599.685971][ T7019] bridge_slave_0: left promiscuous mode [ 599.692507][ T7019] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.380346][ T7019] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 600.465314][ T7019] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 600.504897][ T7019] bond0 (unregistering): Released all slaves [ 600.738771][ T9402] bridge0: port 1(bridge_slave_0) entered blocking state [ 600.746619][ T9402] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.754600][ T9402] bridge_slave_0: entered allmulticast mode [ 600.763417][ T5187] Bluetooth: hci1: command tx timeout [ 600.764072][ T9402] bridge_slave_0: entered promiscuous mode [ 600.925253][ T9402] bridge0: port 2(bridge_slave_1) entered blocking state [ 600.933886][ T9402] bridge0: port 2(bridge_slave_1) entered disabled state [ 600.944528][ T9402] bridge_slave_1: entered allmulticast mode [ 600.961333][ T9402] bridge_slave_1: entered promiscuous mode [ 601.276555][ T9402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 601.355165][ T7019] hsr_slave_0: left promiscuous mode [ 601.383892][ T7019] hsr_slave_1: left promiscuous mode [ 601.419816][ T7019] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 601.427852][ T7019] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 601.476803][ T7019] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 601.485027][ T7019] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 601.528564][ T7019] veth1_macvtap: left promiscuous mode [ 601.528709][ T7019] veth0_macvtap: left promiscuous mode [ 601.528996][ T7019] veth1_vlan: left promiscuous mode [ 601.529206][ T7019] veth0_vlan: left promiscuous mode [ 602.124870][ T9464] loop2: detected capacity change from 0 to 512 [ 602.134663][ T9464] EXT4-fs: Ignoring removed i_version option [ 602.432855][ T9464] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.1383: bad orphan inode 1 [ 602.459811][ T7019] team0 (unregistering): Port device team_slave_1 removed [ 602.465348][ T9464] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 602.497118][ T7019] team0 (unregistering): Port device team_slave_0 removed [ 602.824737][ T9402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 602.839234][ T9456] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1381'. [ 602.862228][ T5187] Bluetooth: hci1: command tx timeout [ 602.872065][ T9457] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1381'. [ 603.048150][ T8913] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 603.129926][ T9402] team0: Port device team_slave_0 added [ 603.191403][ T29] audit: type=1326 audit(1722178016.233:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9468 comm="syz.0.1384" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743d579 code=0x0 [ 603.210254][ T9402] team0: Port device team_slave_1 added [ 603.542701][ T9402] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 603.558464][ T9402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 603.584981][ T9402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 603.683774][ T9402] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 603.691060][ T9402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 603.718009][ T9402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 604.002717][ T9474] loop1: detected capacity change from 0 to 1024 [ 604.041289][ T9402] hsr_slave_0: entered promiscuous mode [ 604.092591][ T9474] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 604.094670][ T9402] hsr_slave_1: entered promiscuous mode [ 604.137143][ T9402] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 604.145222][ T9402] Cannot create hsr debugfs directory [ 604.923654][ T5187] Bluetooth: hci1: command tx timeout [ 605.678271][ T9402] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 605.744648][ T9402] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 605.825000][ T9402] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 605.883378][ T44] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 605.884568][ T9402] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 606.129740][ T44] usb 1-1: too many configurations: 164, using maximum allowed: 8 [ 606.433596][ T44] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db [ 606.443253][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 606.501857][ T44] usb 1-1: config 0 descriptor?? [ 606.591682][ T44] usb 1-1: bad CDC descriptors [ 606.907915][ T29] audit: type=1326 audit(1722178019.993:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9498 comm="syz.1.1395" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f92579 code=0x0 [ 607.053631][ T9402] 8021q: adding VLAN 0 to HW filter on device bond0 [ 607.265666][ T9402] 8021q: adding VLAN 0 to HW filter on device team0 [ 607.368310][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 607.376211][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 607.487257][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 607.495161][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 607.878758][ T9505] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1396'. [ 607.971584][ T9505] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1396'. [ 609.314315][ T9402] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 609.451325][ T9518] netlink: 'syz.1.1399': attribute type 4 has an invalid length. [ 609.960000][ T9402] veth0_vlan: entered promiscuous mode [ 610.081589][ T9402] veth1_vlan: entered promiscuous mode [ 610.178285][ T9521] loop4: detected capacity change from 0 to 1024 [ 610.274877][ T9521] EXT4-fs (loop4): can't mount with commit=2048, fs mounted w/o journal [ 610.441094][ T9402] veth0_macvtap: entered promiscuous mode [ 610.516064][ T9402] veth1_macvtap: entered promiscuous mode [ 610.718570][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.729585][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.739872][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.750748][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.760975][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.772991][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.783370][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 610.794457][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 610.809742][ T9402] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 611.072116][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.084486][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.094666][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.105433][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.115579][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.131554][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.143242][ T9402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 611.154098][ T9402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 611.169271][ T9402] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 611.409909][ T9402] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.419142][ T9402] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.433964][ T9402] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.444864][ T9402] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 611.966061][ T9536] loop2: detected capacity change from 0 to 128 [ 612.000725][ T9536] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 612.073939][ T9536] ext4 filesystem being mounted at /29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 612.577324][ T8913] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 613.342849][ T9549] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1409'. [ 613.395021][ T9549] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1409'. [ 613.834810][ T5237] usb 1-1: USB disconnect, device number 27 [ 614.353721][ T10] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 614.531659][ T9561] overlayfs: failed to resolve './file1': -2 [ 614.625087][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 614.636561][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 614.646748][ T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 614.660264][ T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 614.669862][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 614.688039][ T10] usb 3-1: config 0 descriptor?? [ 615.273909][ T5237] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 615.488758][ T10] usbhid 3-1:0.0: can't add hid device: -71 [ 615.495796][ T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 615.506897][ T5237] usb 1-1: Using ep0 maxpacket: 8 [ 615.548535][ T10] usb 3-1: USB disconnect, device number 23 [ 615.560249][ T5237] usb 1-1: config 1 has an invalid interface descriptor of length 5, skipping [ 615.569615][ T5237] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 615.578983][ T5237] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 615.589475][ T5237] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 615.598762][ T5237] usb 1-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 615.641122][ T5237] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 615.650963][ T5237] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.659397][ T5237] usb 1-1: Product: syz [ 615.663998][ T5237] usb 1-1: Manufacturer: syz [ 615.668830][ T5237] usb 1-1: SerialNumber: syz [ 615.987711][ T5237] usb 1-1: 0:2 : does not exist [ 616.074420][ T5237] usb 1-1: USB disconnect, device number 28 [ 616.621283][ T3149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.630231][ T3149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.774755][ T7019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.783404][ T7019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 618.464978][ T9600] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1422'. [ 618.525775][ T9600] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1422'. [ 618.588546][ T9599] loop3: detected capacity change from 0 to 1024 [ 618.730212][ T9599] EXT4-fs (loop3): can't mount with commit=2048, fs mounted w/o journal [ 619.111457][ T44] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 619.351511][ T44] usb 1-1: too many configurations: 164, using maximum allowed: 8 [ 619.580220][ T44] usb 1-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db [ 619.590049][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 619.639682][ T44] usb 1-1: config 0 descriptor?? [ 619.680260][ T44] usb 1-1: bad CDC descriptors [ 622.422217][ T9628] loop2: detected capacity change from 0 to 1024 [ 622.559672][ T9628] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 622.635514][ T9633] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1435'. [ 622.664966][ T5184] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 622.684040][ T5184] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 622.685989][ T9633] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1435'. [ 622.724417][ T5184] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 622.747601][ T5184] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 622.773300][ T5184] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 622.784764][ T5184] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 624.370437][ T7017] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.459915][ T9634] chnl_net:caif_netlink_parms(): no params data found [ 624.525197][ T7017] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.789724][ T7017] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 624.847465][ T5184] Bluetooth: hci3: command tx timeout [ 624.987073][ T7017] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 625.394714][ T7017] bridge_slave_1: left allmulticast mode [ 625.402126][ T7017] bridge_slave_1: left promiscuous mode [ 625.409731][ T7017] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.479526][ T7017] bridge_slave_0: left allmulticast mode [ 625.485770][ T7017] bridge_slave_0: left promiscuous mode [ 625.492525][ T7017] bridge0: port 1(bridge_slave_0) entered disabled state [ 626.144097][ T7017] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 626.245066][ T7017] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 626.298410][ T7017] bond0 (unregistering): Released all slaves [ 626.923630][ T5184] Bluetooth: hci3: command tx timeout [ 627.026101][ T9634] bridge0: port 1(bridge_slave_0) entered blocking state [ 627.035801][ T9634] bridge0: port 1(bridge_slave_0) entered disabled state [ 627.043731][ T9634] bridge_slave_0: entered allmulticast mode [ 627.053175][ T9634] bridge_slave_0: entered promiscuous mode [ 627.145245][ T7017] hsr_slave_0: left promiscuous mode [ 627.188242][ T7017] hsr_slave_1: left promiscuous mode [ 627.219946][ T7017] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 627.229684][ T7017] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 627.312453][ T7017] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 627.320595][ T7017] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 627.388682][ T7017] veth1_macvtap: left promiscuous mode [ 627.394762][ T7017] veth0_macvtap: left promiscuous mode [ 627.400778][ T7017] veth1_vlan: left promiscuous mode [ 627.417159][ T7017] veth0_vlan: left promiscuous mode [ 627.519356][ T8] usb 1-1: USB disconnect, device number 29 [ 627.685827][ T9670] loop2: detected capacity change from 0 to 1024 [ 627.768787][ T9670] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 628.587211][ T7017] team0 (unregistering): Port device team_slave_1 removed [ 628.689652][ T7017] team0 (unregistering): Port device team_slave_0 removed [ 629.053226][ T5184] Bluetooth: hci3: command tx timeout [ 629.138325][ T9634] bridge0: port 2(bridge_slave_1) entered blocking state [ 629.149261][ T9634] bridge0: port 2(bridge_slave_1) entered disabled state [ 629.157006][ T9634] bridge_slave_1: entered allmulticast mode [ 629.165378][ T9634] bridge_slave_1: entered promiscuous mode [ 629.325685][ T9680] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1449'. [ 629.335978][ T9681] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1449'. [ 629.653981][ T9634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 629.774599][ T9634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 630.077612][ T9634] team0: Port device team_slave_0 added [ 630.134282][ T9634] team0: Port device team_slave_1 added [ 630.315933][ T9634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 630.323307][ T9634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 630.355783][ T9634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 630.416771][ T9634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 630.424318][ T9634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 630.454717][ T9634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 630.729870][ T9634] hsr_slave_0: entered promiscuous mode [ 630.774697][ T9634] hsr_slave_1: entered promiscuous mode [ 630.807240][ T9634] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 630.815318][ T9634] Cannot create hsr debugfs directory [ 631.085699][ T5184] Bluetooth: hci3: command tx timeout [ 631.573775][ T9705] loop2: detected capacity change from 0 to 1024 [ 631.612046][ T9705] EXT4-fs (loop2): can't mount with commit=2048, fs mounted w/o journal [ 631.989057][ T9634] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 632.054987][ T9634] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 632.105989][ T9634] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 632.174181][ T9634] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 632.875874][ T9720] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1465'. [ 632.911660][ T9720] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1465'. [ 633.150987][ T9634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 633.290042][ T9634] 8021q: adding VLAN 0 to HW filter on device team0 [ 633.477155][ T1038] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.484760][ T1038] bridge0: port 1(bridge_slave_0) entered forwarding state [ 633.589487][ T1038] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.597344][ T1038] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.511903][ T9735] loop3: detected capacity change from 0 to 1024 [ 634.586005][ T9735] EXT4-fs (loop3): can't mount with commit=2048, fs mounted w/o journal [ 635.265725][ T9634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 636.820963][ T9765] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1480'. [ 636.906669][ T9765] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1480'. [ 637.228678][ T9634] veth0_vlan: entered promiscuous mode [ 637.434310][ T9634] veth1_vlan: entered promiscuous mode [ 637.803142][ T9634] veth0_macvtap: entered promiscuous mode [ 637.895737][ T9634] veth1_macvtap: entered promiscuous mode [ 638.115929][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 638.131295][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.142513][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 638.153743][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.165946][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 638.177440][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.187697][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 638.198551][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.214279][ T9634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 638.280127][ T9771] loop1: detected capacity change from 0 to 1024 [ 638.331816][ T9771] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 638.346667][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 638.358379][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.374907][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 638.387840][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.398101][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 638.409061][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.419461][ T9634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 638.430308][ T9634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 638.445755][ T9634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 638.508502][ T9634] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 638.519657][ T9634] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 638.528844][ T9634] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 638.538377][ T9634] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 641.386402][ T9813] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1493'. [ 641.420224][ T9813] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1493'. [ 642.476642][ T9826] loop1: detected capacity change from 0 to 1024 [ 642.540079][ T9826] EXT4-fs (loop1): can't mount with commit=2048, fs mounted w/o journal [ 644.412378][ T9846] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 644.419834][ T9846] overlayfs: failed to set xattr on upper [ 644.426467][ T9846] overlayfs: ...falling back to redirect_dir=nofollow. [ 644.433710][ T9846] overlayfs: ...falling back to index=off. [ 644.439807][ T9846] overlayfs: ...falling back to uuid=null. [ 644.464551][ T3149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.472641][ T3149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 644.718615][ T7019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 644.727025][ T7019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 646.118851][ T9855] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 646.128179][ T9855] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 646.775150][ T9859] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1505'. [ 646.810296][ T9859] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1505'. [ 646.948573][ T9861] loop4: detected capacity change from 0 to 1024 [ 647.079925][ T9861] EXT4-fs (loop4): can't mount with commit=2048, fs mounted w/o journal [ 647.459789][ T5187] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 647.496500][ T5187] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 647.520188][ T5187] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 647.547689][ T5187] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 647.565830][ T5187] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 647.582643][ T5187] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 648.341363][ T9875] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 648.348875][ T9875] overlayfs: failed to set xattr on upper [ 648.354958][ T9875] overlayfs: ...falling back to redirect_dir=nofollow. [ 648.362075][ T9875] overlayfs: ...falling back to index=off. [ 648.368274][ T9875] overlayfs: ...falling back to uuid=null. [ 648.630120][ T9879] ===================================================== [ 648.637663][ T9879] BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 [ 648.646128][ T9879] tcf_ct_flow_table_get+0x611/0x2260 [ 648.651710][ T9879] tcf_ct_init+0xa67/0x2890 [ 648.656636][ T9879] tcf_action_init_1+0x6cc/0xb30 [ 648.661782][ T9879] tcf_action_init+0x458/0xf00 [ 648.666982][ T9879] tc_ctl_action+0x4be/0x19d0 [ 648.671866][ T9879] rtnetlink_rcv_msg+0x12fc/0x1410 [ 648.677599][ T9879] netlink_rcv_skb+0x375/0x650 [ 648.682969][ T9879] rtnetlink_rcv+0x34/0x40 [ 648.687813][ T9879] netlink_unicast+0xf52/0x1260 [ 648.692898][ T9879] netlink_sendmsg+0x10da/0x11e0 [ 648.698173][ T9879] __sock_sendmsg+0x30f/0x380 [ 648.710105][ T9879] ____sys_sendmsg+0x877/0xb60 [ 648.717073][ T9879] ___sys_sendmsg+0x28d/0x3c0 [ 648.721968][ T9879] __sys_sendmsg+0x225/0x3c0 [ 648.728725][ T9879] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 648.734518][ T9879] ia32_sys_call+0x3aac/0x40d0 [ 648.740026][ T9879] __do_fast_syscall_32+0xb0/0x110 [ 648.745536][ T9879] do_fast_syscall_32+0x38/0x80 [ 648.750702][ T9879] do_SYSENTER_32+0x1f/0x30 [ 648.755527][ T9879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 648.762082][ T9879] [ 648.764767][ T9879] Local variable key created at: [ 648.769921][ T9879] tcf_ct_flow_table_get+0x4a/0x2260 [ 648.775628][ T9879] tcf_ct_init+0xa67/0x2890 [ 648.780412][ T9879] [ 648.783297][ T9879] CPU: 0 UID: 0 PID: 9879 Comm: syz.0.1512 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 648.794156][ T9879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 648.811533][ T9879] ===================================================== [ 648.820711][ T9879] Disabling lock debugging due to kernel taint [ 648.827297][ T9879] Kernel panic - not syncing: kmsan.panic set ... [ 648.833854][ T9879] CPU: 0 UID: 0 PID: 9879 Comm: syz.0.1512 Tainted: G B 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 648.845899][ T9879] Tainted: [B]=BAD_PAGE [ 648.850194][ T9879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 648.860505][ T9879] Call Trace: [ 648.864176][ T9879] [ 648.867233][ T9879] dump_stack_lvl+0x216/0x2d0 [ 648.872138][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 648.878187][ T9879] dump_stack+0x1e/0x30 [ 648.882562][ T9879] panic+0x4e2/0xcd0 [ 648.886835][ T9879] ? kmsan_get_metadata+0x71/0x1c0 [ 648.892213][ T9879] kmsan_report+0x2c7/0x2d0 [ 648.896960][ T9879] ? pcpu_alloc_area+0x114e/0x12c0 [ 648.902368][ T9879] ? __msan_warning+0x95/0x120 [ 648.907328][ T9879] ? tcf_ct_flow_table_get+0x611/0x2260 [ 648.913091][ T9879] ? tcf_ct_init+0xa67/0x2890 [ 648.917956][ T9879] ? tcf_action_init_1+0x6cc/0xb30 [ 648.923444][ T9879] ? tcf_action_init+0x458/0xf00 [ 648.928589][ T9879] ? tc_ctl_action+0x4be/0x19d0 [ 648.933724][ T9879] ? rtnetlink_rcv_msg+0x12fc/0x1410 [ 648.939206][ T9879] ? netlink_rcv_skb+0x375/0x650 [ 648.944350][ T9879] ? rtnetlink_rcv+0x34/0x40 [ 648.949213][ T9879] ? netlink_unicast+0xf52/0x1260 [ 648.954573][ T9879] ? netlink_sendmsg+0x10da/0x11e0 [ 648.959882][ T9879] ? __sock_sendmsg+0x30f/0x380 [ 648.965018][ T9879] ? ____sys_sendmsg+0x877/0xb60 [ 648.970150][ T9879] ? ___sys_sendmsg+0x28d/0x3c0 [ 648.975175][ T9879] ? __sys_sendmsg+0x225/0x3c0 [ 648.980189][ T9879] ? __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 648.985996][ T9879] ? ia32_sys_call+0x3aac/0x40d0 [ 648.991999][ T9879] ? __do_fast_syscall_32+0xb0/0x110 [ 648.997512][ T9879] ? do_fast_syscall_32+0x38/0x80 [ 649.002980][ T9879] ? do_SYSENTER_32+0x1f/0x30 [ 649.007830][ T9879] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 649.014531][ T9879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 649.021174][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.026581][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.032773][ T9879] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 649.038872][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.045016][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.050523][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.056546][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.062407][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.068558][ T9879] __msan_warning+0x95/0x120 [ 649.073357][ T9879] tcf_ct_flow_table_get+0x611/0x2260 [ 649.078965][ T9879] ? nf_ct_tmpl_alloc+0xbd/0x2d0 [ 649.084491][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.089911][ T9879] tcf_ct_init+0xa67/0x2890 [ 649.094693][ T9879] tcf_action_init_1+0x6cc/0xb30 [ 649.099903][ T9879] ? __pfx_tcf_ct_init+0x10/0x10 [ 649.105028][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.111068][ T9879] tcf_action_init+0x458/0xf00 [ 649.116124][ T9879] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 649.122826][ T9879] tc_ctl_action+0x4be/0x19d0 [ 649.127691][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.133149][ T9879] ? __pfx_tc_ctl_action+0x10/0x10 [ 649.138535][ T9879] ? __pfx_tc_ctl_action+0x10/0x10 [ 649.144089][ T9879] rtnetlink_rcv_msg+0x12fc/0x1410 [ 649.149502][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.155113][ T9879] netlink_rcv_skb+0x375/0x650 [ 649.160671][ T9879] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 649.166322][ T9879] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 649.171708][ T9879] rtnetlink_rcv+0x34/0x40 [ 649.176289][ T9879] netlink_unicast+0xf52/0x1260 [ 649.181446][ T9879] netlink_sendmsg+0x10da/0x11e0 [ 649.186575][ T9879] ? __pfx_netlink_sendmsg+0x10/0x10 [ 649.192047][ T9879] ? __pfx_netlink_sendmsg+0x10/0x10 [ 649.197543][ T9879] __sock_sendmsg+0x30f/0x380 [ 649.202437][ T9879] ____sys_sendmsg+0x877/0xb60 [ 649.207413][ T9879] ___sys_sendmsg+0x28d/0x3c0 [ 649.212333][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.217750][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.223170][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.229194][ T9879] ? __rcu_read_unlock+0x7b/0xe0 [ 649.234353][ T9879] ? __fget_files+0x4fe/0x5d0 [ 649.239386][ T9879] ? kmsan_get_metadata+0x13e/0x1c0 [ 649.244772][ T9879] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 649.250783][ T9879] __sys_sendmsg+0x225/0x3c0 [ 649.255552][ T9879] __ia32_compat_sys_sendmsg+0x9d/0xe0 [ 649.261632][ T9879] ia32_sys_call+0x3aac/0x40d0 [ 649.266605][ T9879] __do_fast_syscall_32+0xb0/0x110 [ 649.271974][ T9879] ? irqentry_exit+0x16/0x60 [ 649.276864][ T9879] do_fast_syscall_32+0x38/0x80 [ 649.281962][ T9879] do_SYSENTER_32+0x1f/0x30 [ 649.286643][ T9879] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 649.293241][ T9879] RIP: 0023:0xf743d579 [ 649.297623][ T9879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 649.317539][ T9879] RSP: 002b:00000000f575657c EFLAGS: 00000206 ORIG_RAX: 0000000000000172 [ 649.326139][ T9879] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000100 [ 649.334253][ T9879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 649.342523][ T9879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 649.350970][ T9879] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 649.359153][ T9879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 649.367283][ T9879] [ 649.370723][ T9879] Kernel Offset: disabled [ 649.375135][ T9879] Rebooting in 86400 seconds..