last executing test programs: 6.27579586s ago: executing program 1 (id=4229): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = dup3(r0, r1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x18, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x8}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xc3}}], {{0x7, 0x1, 0xb, 0x1, 0x9, 0x10}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 6.200131507s ago: executing program 0 (id=4231): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x3) 5.492266155s ago: executing program 3 (id=4234): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 5.417661679s ago: executing program 1 (id=4235): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000001080)={{0x12, 0x1, 0x0, 0xff, 0x0, 0x0, 0x40, 0x572, 0xcb01, 0x2665, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xaa, 0x75, 0xb7}}]}}]}}, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) syz_usb_control_io(r0, &(0x7f0000000a80)={0x18, 0x0, &(0x7f0000000980)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x40b}}, 0x0, 0x0, 0x0}, 0x0) 4.962448934s ago: executing program 3 (id=4238): unshare(0x24020400) r0 = syz_io_uring_setup(0x44f, &(0x7f0000000140)={0x0, 0x0, 0x10780}, &(0x7f0000000000)=0x0, &(0x7f0000000080)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000740)=@IORING_OP_LINKAT={0x27, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f00000000c0)='./file0\x00'}) io_uring_enter(r0, 0x42d3e, 0x0, 0x0, 0x0, 0x0) 4.645292277s ago: executing program 0 (id=4240): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x10, &(0x7f00000001c0)={[{@nodelalloc}, {@user_xattr}, {@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@grpid}]}, 0xfe, 0x499, &(0x7f0000001780)="$eJzs3M1vVFUbAPDn3umUb9qXF78ApYrGxo+WFlQWbjS608REF7gxqW0hlYEaWhIhRKsxuDQk7o0rY/QvcKUbo65M3OrekBAlJqALM+bO3NtOS6ftlClTnN8vueWc3jNzzjPnnrnn3sNtAF1rIPuRROyMiF8ioq+eXVxgoP7PjWsXx/+6dnE8iWr11d+TWrnr1y6OF0WL1+3IM4NpRPphkley2Mz5C6fGKpXJs3l+ePb028Mz5y88OXV67GQyFzF67NjRIyPPPD36VFvizOK6vu/d6QNJz+uXXx4/fvnNH77qbdjfGMctSXfMJweywP+o1iwt9khbKts8djWkk54ONoSWlCIi665ybfz3RSkWOq8vXvygo40DNlR2btrSfPdcFfgPS6LTLQA6ozjRZ9e/xXabph6bwtXn6hdAWdw38q2+pyfSvEx5A+u/NyKOz/39abZF3g//7NzACgGArvdNNv95Yrn5Xxp3N5Tbna+h9EfE/yJiT0T8PyL2RsRdEbWy9+TzmVbUl4ZK8/mb55/plXUHtwbZ/O/ZfG1r8fyvmP1FfynP7arFX05OTFUmD+efyWCUt2T5kRXq+PaFnz9utm+gYf6XbVn9xVwwb8eVniU36CbGZsfaNSm9+n7Evp7l4k/mVwKSiLgvIva19ta7i8TUY18caFZo9fhX0IZ1pupnEY/W+38ulsRfSJauT06enDyzsD45vDUqk4eHi6PiZj/+dOmV5Wvfemvxt0HW/9sXH/9LSvT9mTSu1860XselXz9qek253uO/N3mtNiaLNdx3xmZnz45E9CYv1fKLfj+68NoiX5TP4h88tBB/NIz/Pflrsvj3R0R2EN8fEQ9ExMG87Q9GxEMRcWiF+L9//uG3Wop/6vb2/8Sy33/zx3//4v5vPVE69d3XzepfW/8fraUG89/Uvv9W0bw5UZmMqFbXfTQDAADAnSeNiJ2RpEPz6TQdGqr/H/69sT2tTM/MPn5i+tyZifozAv1RTos7XX35/dDsanskmcvfsX5/dDS/V1zcLz2S3zf+pLStlh8an65MdDh26HY7moz/zG+lTrcO2HCe14LutXT8px1qB3D7Of9D9zL+oXsZ/9C9Gsb/l+cu7a8l3qv9PDi/Y9m1gBX+cghwZ3D+h+5l/EP3Mv6hexn/0JXW/hR/eV3P/rc/sS1v+WqFe1d+n2SThHNz4vPypmjGaolIVyrzRiy/ayAiNqhhsSk+lnYnkjUc6mtNnDiZD521FO7ktxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED7/BsAAP//1ELiOQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xfffffffd}) 4.420720899s ago: executing program 3 (id=4241): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x22c, 0x65, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffe0}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'batadv_slave_0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_CLASSID={0x8, 0x1, {0xffe0}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}]}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0x4}}, @filter_kind_options=@f_route={{0xa}, {0x180, 0x2, [@TCA_ROUTE4_ACT={0x11c, 0x6, [@m_connmark={0x118, 0x0, 0x0, 0x0, {{0xd}, {0xac, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x30000003}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x0, 0x0, 0x5}}}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x1}}}, @TCA_CONNMARK_PARMS={0x1c}]}, {0x3d, 0x6, "91a991d04aa8cb411880b88050856c4a5b99aafe5cf70a535f4e162db7c30535ebf5e9ab54237bf6d2780785c80bcf9eae2d6d6d65f242d28d"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_ACT={0x60, 0x6, [@m_nat={0x2c, 0x19, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_csum={0x30, 0x0, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x22c}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 3.631653075s ago: executing program 3 (id=4244): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x798, &(0x7f0000002380)="$eJzs3c1rXFUbAPDnTr7Tvm/ywgvvW90EBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQhYIsIbgQVF4Juuvaj7tz6sdX/wlVL1bRYcSGROx/ttJlJJ21mJprfD27mnHvP5Jxnzv04d+7lTgD71kT6JxNxKCLeTyLGavOTiBiopPojTlTL3d5Yz6VTEpubr/2SVMrc2ljPRcN7Ugdqmf9HxHfvRBzObK23tLq2MFso5Jdr+any4vmp0urakXOLs/P5+fzSsemZmaPHnz1+bPdi/e3HtYPXP3j5qS9P/PH2/66+930SJ+JgbVljHLtlIiZqn8lA+hHe46XdrqzHkl43gIeSbpp91a08DsVY9FVSLYx0s2UAQKe8FRGb23p8uFpy+1IAwN9J4sgOAPtM/XuAWxvrufrUw68juu7GixExXI2/fn2zuqS/ds1uuHIddPRWcs+VkSQixneh/omI+PTrNz5Pp6j1g2tpQDdcuhwRZ8Yntu7/ky33LOzU09st3ByqvEzcN3u/HX+gl75Jxz/PNRv/Ze6Mf6LJ+Geoybb7MB68/Weu7UI1LaXjvxca7m273RB/zXhfLfevyphvIDl7rpBP923/jojJGBhK89OVos1HbpM3/7zZqv7G8d+vH775WVp/+nq3ROZa/9C975mbLc8+atx1Ny5HPNbfLP7kTv8nLca/p9qs45Xn3/2k1bI0/jTe+rQ1/s7avBLxZNP+v9uXybb3J05VVoep+krRxFc/fTzaqv7G/k+ntP76uUA3pP0/un3840nj/Zqlndfxw5Wxb1ste3D8zdf/weT1SnqwNu/ibLm8PB0xmLy6df7Ru++t5+vl0/gnn2i+/Verbb7+p+eEZ9qMv//6z188fPydlcY/t6P+33ni6u2Fvlb1t9f/M5XUZG1OO/u/ps3ZHNrSwEf57AAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOBhJJnsnnclks9WHn/43RjOFYql8+GxxZWkuKr+VPR4DmfqjLscanoc6XXsefj1/9L78MxHxn4j4aGikks/mioW5XgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHmv/+/2Cv2wUAdNhwrxsAAHSd4z8A7D87O/6PdKwdAED3OP8HgP2n7eP/mc62AwDonp2e/1/uUDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4xzp18mQ6bf6+sZ5L83MXVlcWiheOzOVLC9nFlVw2V1w+n50vFucL+WyuuNjyH12qvhSKxfMzsbRycaqcL5WnSqtrpxeLK0vl0+cWZ+fzp/MDXYsMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANpXWl1bmC0U8ssS2yZG9kYz9kyiP/ZEMyQ6lmjcS4z0bgcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMf9FQAA//9RLCJ1") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0) 3.468211597s ago: executing program 0 (id=4245): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x20, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x4}]}, 0x20}}, 0x0) 3.435849137s ago: executing program 2 (id=4246): r0 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r0, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000180)=[{{}, {0x0, 0x0, 0x1, 0x1}}, {{}, {0x0, 0x0, 0x1, 0x1}}], 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) 3.236326229s ago: executing program 4 (id=4247): r0 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r0, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) r1 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r1, &(0x7f0000000180)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) 3.165886036s ago: executing program 1 (id=4248): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000c40)={0x40, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x22, 0x33, @action={{{}, {}, @device_b}, @ext_ch_sw={0xf, 0x4, {{}, @void}}}}]}, 0x40}}, 0x0) 2.854099924s ago: executing program 4 (id=4249): bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'ip6gre0\x00'}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0x1, 'dummy0\x00'}, 0x18) 2.718165509s ago: executing program 2 (id=4250): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes)\x00'}, 0x58) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 2.454061501s ago: executing program 0 (id=4251): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0) syz_emit_ethernet(0x36, &(0x7f0000000300)={@random="19f7b81b4eda", @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @timestamp={0xd, 0x0, 0x0, 0x6, 0x1, 0x5, 0x9, 0x9}}}}}, 0x0) 2.439960429s ago: executing program 1 (id=4252): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000180)='./file2\x00', 0x4204, &(0x7f0000000a40)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRESDEC, @ANYRES64, @ANYRESDEC, @ANYRES32, @ANYRES64, @ANYBLOB="5e2a739ae8a46b7627568769d849c198411e5e065b05928d3d34a5d053d6ec5cc5305848e9457282a410150cf4e2407e44954e655e113a5b043bd69b7bdc9a9925fc358a6dc4b9ac9102cc49a8fe04d3345b67a254ff3551cb48bd02773de89d85e8dab0366ab6a5c96a0d15e4b3488b89c5c888af3310f4b821b89ed46cfb1728ede7b0e91311966e419b54c47dc0960da5697e077fa4d0f5d2759ccd39d4b6b7ec45c5301f24097e4e269f803c3baefbe9742366b90d30e13773352311a8b0edb8ee6c28bdffa64a3801cd839b059cc5a7f8fd719ed276e264a30bc453f5211ced32a48d9225e5f092353c791321b627972943945ee0", @ANYRES8], 0x6, 0x36f, &(0x7f0000000440)="$eJzs3c9rK1UUwPGTny/J4zVZiKIgvfg2uhna6FpekPdACPhoG7EVhGk70ZAxKZlQjYhNV27VvSvBRenOgouC9h/oxp1uRHDXjeDCLtSR+ZVMJolpY2J47fcDj9zce89kbu7N49y2k7l467P361VLq+ptiWeUxERELkUKEpdAzH+Mu+V077mjKy/d/f3H59c3KxmvQj0qbbxcVEotLX/3wcdZv9vpHTkvvHPxW/HX86fPn734e+O9mqVqlmo020pX282f2/q2aajdmlXXlHpsGrplqFrDMlpe+zf+cczm3l5H6Y3de7m9lmFZSm90VN3oqHZTtVsdpb+r1xpK0zR1LyeYpHK0tqaXpgzemfHJYE5arZKeEJHsUEvlaCEnBAAAFiqa/8edlH5C/h/Wy/+3ZKlcfrimnM79/P/4hbP23TdPlvz8/zQ9mP9/7mwY9Fd+8o41kP8724l+/t/09gfVyfn/l3KN/H84I7pdps7/C3M4GUxnOT1UFZNu6JmT/+f8z6/r8O3jFbdA/g8AAAAAAAAAAAAAAAAAAAAAwJPg0rbztm3ng8fgX/8if/85bqRx839HRDLO7NvM/022vrklGffCPWeOzU/3K/sV79HvcCYiphh/2VHO2giuPFKOgnxvHvjxB/uVhNtSqkrNiZdVyUvBXU+heNt+9Hr54ary+PG9y5Ry4fii5OWpcPy37up04ouD8f7rp+XF+6F4TfLyw440xZRdN7L/+p+sKvXaG+VIfNbtJyK//O+TAgAAAADAjGmqZ+T+XdNGtPe/GsjZX2dExJAVycufo/f3KyP358n8c8nFjRsAAAAAgNvE6nxU1yVutNyCaY4qZGVs0wwKyYGalIiM7JyO1KQifRL+gNyaRGiEVz2ftHh3MPmv4/oqeFevExX8IcVAk39HFZnufILxuzWx5PTTFOt672o33BSXK4Qnoye/7FSokZ3vjz3OoT+QXk3wY6P0mPdZHg8fJ/4vKyE1VGPHplsAz3zx9R+z+4C8euKvgA8ndz40DftArjIpkUImuurcQmqu/+kAAAAAWIh+0h/UPAg3h2/1Gb5ZDr+5BwAAAAAAAAAAAAAAAAAAAAAAAAAAAABghubylX5e4UH0mwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA2+6fAAAA//8kCO+D") r0 = open(&(0x7f0000000a00)='./file1\x00', 0x0, 0x0) setuid(0xee01) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, 0x0) 2.278561147s ago: executing program 2 (id=4253): r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f4, &(0x7f00000001c0)={'syztnl0\x00', 0x0}) 2.186239505s ago: executing program 4 (id=4254): fanotify_init(0x1f279ca9256c009e, 0x40000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='net_prio.prioidx\x00', 0x275a, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000670000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec46edc18d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef47ede2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61af8e8c473a7585436730db75da167481ab8921fe051b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000ff267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9745b3cabc908e623403c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e2112f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a805e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d06c790000087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace2fa90c68166396a2398d7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7258e9fc818ab3d76ab660a254d998592c31017f816e01a21c08a17ac"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x204, 0x0, &(0x7f0000000040)="5aee41dea43e63a3f7fb7f110800", 0x0, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 2.026400752s ago: executing program 3 (id=4255): r0 = socket(0x10, 0x3, 0x0) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="d5"], 0x24}}, 0x0) recvmmsg$unix(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000c40)=""/4105, 0x1009}, {&(0x7f0000000140)=""/37, 0x25}], 0x2}}], 0x1, 0x0, 0x0) write(r0, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000080000000000", 0x14) 1.536172175s ago: executing program 2 (id=4256): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f00000003c0)={'c', ' *:* ', 'rw\x00'}, 0x9) 1.416130971s ago: executing program 0 (id=4257): ioperm(0x0, 0x5, 0x5) shmget$private(0x0, 0x3000, 0x20, &(0x7f0000308000/0x3000)=nil) shmat(0x0, &(0x7f0000ffd000/0x1000)=nil, 0x7000) shmctl$IPC_RMID(0x0, 0x0) 1.34446316s ago: executing program 4 (id=4258): r0 = socket$inet(0x2, 0x80001, 0x84) listen(r0, 0x2f) listen(r0, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) 1.320589575s ago: executing program 1 (id=4259): openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r0, &(0x7f000000ab00)=[{{&(0x7f00000028c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0) 1.035974647s ago: executing program 2 (id=4260): r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f00000001c0)='+', 0x1) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, 0x0, 0x0) setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x17, 0x0, 0x0) 1.008012694s ago: executing program 3 (id=4261): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/meminfo\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ppoll(&(0x7f0000000280)=[{r0}], 0x1, 0x0, 0x0, 0x0) 879.09581ms ago: executing program 4 (id=4262): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_BACKLOG_LIMIT={0xffffffef}]}}]}, 0x38}}, 0x0) 736.578503ms ago: executing program 0 (id=4263): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x7}]}}}]}, 0x44}}, 0x0) 507.503722ms ago: executing program 1 (id=4264): r0 = gettid() r1 = io_uring_setup(0x7fe7, &(0x7f0000000140)={0x0, 0x0, 0x3000, 0x3, 0x8}) io_uring_enter(r1, 0x0, 0xe257, 0x1, 0x0, 0x0) rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff}) 152.462565ms ago: executing program 4 (id=4265): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, 0x0) 0s ago: executing program 2 (id=4266): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xffffffffffffff75}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0) kernel console output (not intermixed with test programs): 000-0000-0000-000000000000. [ 852.764073][T12711] nbd: couldn't find a device at index 1073741824 [ 852.971162][T12713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2998'. [ 852.980552][T12713] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2998'. [ 854.421442][T12735] öÿÿ: entered promiscuous mode [ 855.390016][ T5250] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 855.441874][ T29] audit: type=1326 audit(1726772838.664:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.464585][ T29] audit: type=1326 audit(1726772838.664:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.492689][ T29] audit: type=1326 audit(1726772838.674:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=277 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.517034][ T29] audit: type=1326 audit(1726772838.674:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.539500][ T29] audit: type=1326 audit(1726772838.694:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=278 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.561911][ T29] audit: type=1326 audit(1726772838.694:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12749 comm="syz.4.3017" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x7ffc0000 [ 855.610710][ T5250] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 855.621492][ T5250] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 855.633302][ T5250] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 855.643604][ T5250] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 855.657042][ T5250] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 855.666436][ T5250] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 855.771291][ T5250] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 855.779862][ T5250] usb 4-1: invalid MIDI out EP 0 [ 856.400265][ T5422] udevd[5422]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 856.533283][ T5250] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 856.611500][ T5250] usb 4-1: USB disconnect, device number 34 [ 857.932077][ T5248] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 858.040211][T12791] loop1: detected capacity change from 0 to 128 [ 858.189148][ T5248] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 858.198681][ T5248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 858.207232][ T5248] usb 5-1: Product: syz [ 858.211797][ T5248] usb 5-1: Manufacturer: syz [ 858.216634][ T5248] usb 5-1: SerialNumber: syz [ 858.299855][ T5248] usb 5-1: config 0 descriptor?? [ 858.602109][ T5248] hso 5-1:0.0: Failed to find BULK IN ep [ 858.686375][ T5248] usb-storage 5-1:0.0: USB Mass Storage device detected [ 858.833052][ T5248] usb 5-1: USB disconnect, device number 24 [ 859.117659][T12805] loop1: detected capacity change from 0 to 256 [ 859.322003][T12805] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 860.495385][T12823] loop3: detected capacity change from 0 to 512 [ 860.538787][T12823] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 860.847747][T12809] loop2: detected capacity change from 0 to 4096 [ 860.936576][T12809] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 861.233634][T12815] loop4: detected capacity change from 0 to 4096 [ 861.317510][T12815] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 861.375646][T12823] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6 [ 861.467134][T12815] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 861.622727][ T10] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 861.650818][T12815] ntfs3: loop4: Failed to load $Extend (-22). [ 861.658587][T12815] ntfs3: loop4: Failed to initialize $Extend. [ 861.833861][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 861.857010][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 861.867209][ T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 861.877395][ T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 861.887583][ T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 861.897881][ T10] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 861.911306][ T10] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 861.920770][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 861.958632][ T10] usb 2-1: config 0 descriptor?? [ 862.202928][ T10] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 862.236795][T12835] loop2: detected capacity change from 0 to 64 [ 862.447635][ T29] audit: type=1800 audit(1726772845.704:43): pid=12835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3051" name="file1" dev="loop2" ino=18 res=0 errno=0 [ 862.902081][ T5248] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 863.098680][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 863.110187][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 863.120423][ T5248] usb 5-1: New USB device found, idVendor=05ac, idProduct=022a, bcdDevice=10.00 [ 863.129915][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 863.179739][ T5248] usb 5-1: config 0 descriptor?? [ 863.444134][ T5248] appletouch 5-1:0.0: Failed to read mode from device. [ 863.452268][ T5248] appletouch 5-1:0.0: probe with driver appletouch failed with error -5 [ 863.527385][ T5248] usb 5-1: USB disconnect, device number 25 [ 863.859461][T12850] loop3: detected capacity change from 0 to 512 [ 863.937096][T12850] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.3059: invalid block [ 864.009998][T12850] EXT4-fs (loop3): Remounting filesystem read-only [ 864.044363][T12850] EXT4-fs (loop3): 2 truncates cleaned up [ 864.052577][T12850] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 864.555212][ T7712] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 864.560723][ T10] usb 2-1: USB disconnect, device number 32 [ 864.639758][ T10] usblp0: removed [ 864.929674][T12859] loop4: detected capacity change from 0 to 512 [ 864.969668][T12859] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 865.207257][T12866] sg_write: process 828 (syz.1.3065) changed security contexts after opening file descriptor, this is not allowed. [ 865.720670][T12859] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6 [ 865.952666][T12875] loop1: detected capacity change from 0 to 128 [ 866.058418][T12875] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 866.276778][T12875] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 867.043282][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3075'. [ 867.356667][T12896] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3078'. [ 867.546656][T12898] loop0: detected capacity change from 0 to 128 [ 869.773529][T12912] loop0: detected capacity change from 0 to 4096 [ 869.840160][T12912] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 870.251043][T12912] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 870.394697][T12934] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3095'. [ 870.406860][ T29] audit: type=1800 audit(1726772853.674:44): pid=12912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3086" name="bus" dev="loop0" ino=24 res=0 errno=0 [ 870.524274][T12937] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_team, syncid = 0, id = 0 [ 870.697303][ T8127] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 871.238316][T12943] loop4: detected capacity change from 0 to 512 [ 871.568790][T12954] loop1: detected capacity change from 0 to 164 [ 871.579380][T12943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 871.592811][T12943] ext4 filesystem being mounted at /430/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 871.738505][T12954] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 871.835308][T12943] EXT4-fs error (device loop4): ext4_empty_dir:3103: inode #12: block 31: comm syz.4.3100: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=1, rec_len=6, size=1024 fake=1 [ 871.930931][T12943] EXT4-fs (loop4): Remounting filesystem read-only [ 871.938346][T12943] EXT4-fs warning (device loop4): ext4_empty_dir:3105: inode #12: comm syz.4.3100: directory missing '..' [ 872.290786][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 872.770934][T12967] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3109'. [ 872.781142][T12967] netlink: 56 bytes leftover after parsing attributes in process `syz.0.3109'. [ 873.025828][T12972] loop3: detected capacity change from 0 to 256 [ 873.452855][ T29] audit: type=1800 audit(1726772856.674:45): pid=12972 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3111" name="bus" dev="loop3" ino=1048957 res=0 errno=0 [ 874.841834][T12996] input: syz0 as /devices/virtual/input/input39 [ 876.750240][T13023] Bluetooth: hci3: too big key_count value 40847 [ 877.283183][T13032] loop0: detected capacity change from 0 to 164 [ 878.898527][T13057] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 879.596075][ T8950] usb 5-1: [UEAGLE-ATM] firmware is not available [ 879.609261][ T5245] usb 3-1: [UEAGLE-ATM] firmware is not available [ 879.842344][T13066] loop0: detected capacity change from 0 to 128 [ 879.885253][T13066] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 879.920151][T13066] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 879.928100][T13065] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 879.938254][T13065] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 879.947821][T13065] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 879.958181][T13065] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 879.967731][T13065] vxlan0: entered promiscuous mode [ 879.974702][T13065] vxlan0: entered allmulticast mode [ 880.082957][T13065] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 880.092334][T13065] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 880.101723][T13065] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 880.110932][T13065] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 882.326897][T13090] loop0: detected capacity change from 0 to 1024 [ 882.345452][T13095] loop2: detected capacity change from 0 to 512 [ 882.417251][T13090] EXT4-fs: Ignoring removed orlov option [ 882.423507][T13090] EXT4-fs: Ignoring removed nomblk_io_submit option [ 882.495694][T13095] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.3165: corrupted in-inode xattr: invalid ea_ino [ 882.544858][T13095] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.3165: couldn't read orphan inode 15 (err -117) [ 882.608180][T13095] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 882.692728][T13090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 882.708016][T13095] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.3165: invalid indirect mapped block 234881024 (level 0) [ 883.108700][ T8194] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 883.265463][ T8127] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 884.829639][T13136] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 885.162885][T13140] bridge: RTM_DELNEIGH with unconfigured vlan 3 on bridge_slave_0 [ 885.333793][T13142] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3184'. [ 885.343348][T13142] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3184'. [ 885.849796][T13150] loop4: detected capacity change from 0 to 128 [ 885.981025][T13150] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 886.042951][T13150] ext4 filesystem being mounted at /448/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 886.659348][ T7992] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 886.893629][T13166] loop1: detected capacity change from 0 to 256 [ 887.200185][ T29] audit: type=1800 audit(1726772870.414:46): pid=13166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3193" name="bus" dev="loop1" ino=1048958 res=0 errno=0 [ 887.220839][T13170] netlink: 'syz.4.3195': attribute type 4 has an invalid length. [ 888.939301][T13194] sctp: [Deprecated]: syz.3.3207 (pid 13194) Use of struct sctp_assoc_value in delayed_ack socket option. [ 888.939301][T13194] Use struct sctp_sack_info instead [ 889.404176][T13200] loop4: detected capacity change from 0 to 256 [ 889.428674][T13202] loop3: detected capacity change from 0 to 64 [ 889.571003][ T29] audit: type=1800 audit(1726772872.844:47): pid=13200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3208" name="bus" dev="loop4" ino=1048959 res=0 errno=0 [ 891.030008][T13222] loop1: detected capacity change from 0 to 128 [ 891.048520][T13222] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 891.080824][T13222] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 891.582468][T13227] sctp: [Deprecated]: syz.2.3221 (pid 13227) Use of struct sctp_assoc_value in delayed_ack socket option. [ 891.582468][T13227] Use struct sctp_sack_info instead [ 892.139363][T13233] loop0: detected capacity change from 0 to 256 [ 892.292769][ T29] audit: type=1800 audit(1726772875.564:48): pid=13233 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3224" name="bus" dev="loop0" ino=1048960 res=0 errno=0 [ 893.306714][T13249] loop4: detected capacity change from 0 to 128 [ 893.388595][T13249] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 893.512835][T13249] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 894.867263][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 894.874340][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 895.068471][T13274] loop2: detected capacity change from 0 to 256 [ 895.292897][ T29] audit: type=1800 audit(1726772878.574:49): pid=13274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3238" name="bus" dev="loop2" ino=1048961 res=0 errno=0 [ 895.814281][T13283] delete_channel: no stack [ 895.843030][T13282] delete_channel: no stack [ 896.289895][T13290] loop4: detected capacity change from 0 to 128 [ 898.136999][T13315] netlink: 'syz.4.3260': attribute type 2 has an invalid length. [ 898.164557][ T5245] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 898.335102][ T5245] usb 2-1: Using ep0 maxpacket: 8 [ 898.362175][ T5245] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 898.396533][ T5245] usb 2-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 898.411263][ T5245] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 898.419975][ T5245] usb 2-1: SerialNumber: syz [ 898.479164][ T5245] usb 2-1: config 0 descriptor?? [ 898.545372][ T5245] usb 2-1: Found UVC 0.00 device (05ac:8501) [ 898.556197][ T5245] usb 2-1: No valid video chain found. [ 898.641175][T13318] loop4: detected capacity change from 0 to 128 [ 898.732114][ T10] usb 2-1: USB disconnect, device number 33 [ 899.359714][ T29] audit: type=1326 audit(1726772882.664:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.3264" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f95579 code=0x0 [ 900.612459][T13338] loop4: detected capacity change from 0 to 8 [ 900.669517][T13338] SQUASHFS error: Unable to read inode 0x2000 [ 900.727371][T13338] netlink: 192 bytes leftover after parsing attributes in process `syz.4.3272'. [ 900.737834][T13338] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3272'. [ 901.125447][T13344] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 901.165221][T13344] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 901.197809][T13344] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 901.219733][T13344] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 901.234763][T13344] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 901.266858][T13344] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 901.394556][T13350] loop4: detected capacity change from 0 to 256 [ 901.420783][T13350] exfat: Deprecated parameter 'utf8' [ 901.426802][T13350] exfat: Deprecated parameter 'utf8' [ 901.432739][T13350] exfat: Deprecated parameter 'utf8' [ 901.613525][T13350] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 902.555435][ T5245] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 902.766688][ T5250] usb 3-1: new high-speed USB device number 29 using dummy_hcd [ 902.797604][T13343] chnl_net:caif_netlink_parms(): no params data found [ 902.819126][ T5245] usb 5-1: config index 0 descriptor too short (expected 106, got 36) [ 902.830700][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 202, changing to 11 [ 902.842408][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 33295, setting to 1024 [ 902.856745][ T5245] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 902.866201][ T5245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 902.936212][ T5245] usb 5-1: config 0 descriptor?? [ 903.023423][ T5250] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 903.034513][ T5250] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 903.130098][ T5250] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 903.139892][ T5250] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 903.149246][ T5250] usb 3-1: SerialNumber: syz [ 903.335707][ T5200] Bluetooth: hci2: command tx timeout [ 903.492826][ T5250] usb 3-1: 0:2 : does not exist [ 903.549766][ T5245] corsair 0003:1B1C:1B3E.0040: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.4-1/input0 [ 903.685392][ T5245] usb 5-1: USB disconnect, device number 26 [ 903.741415][ T5250] usb 3-1: USB disconnect, device number 29 [ 903.967636][ T6612] udevd[6612]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 904.879762][T13343] bridge0: port 1(bridge_slave_0) entered blocking state [ 904.887651][T13343] bridge0: port 1(bridge_slave_0) entered disabled state [ 904.897931][T13343] bridge_slave_0: entered allmulticast mode [ 904.909794][T13343] bridge_slave_0: entered promiscuous mode [ 904.997055][T13343] bridge0: port 2(bridge_slave_1) entered blocking state [ 905.005080][T13343] bridge0: port 2(bridge_slave_1) entered disabled state [ 905.013297][T13343] bridge_slave_1: entered allmulticast mode [ 905.022767][T13343] bridge_slave_1: entered promiscuous mode [ 905.413101][ T5200] Bluetooth: hci2: command tx timeout [ 905.458483][T13343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 905.613572][T13343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 906.026054][T13343] team0: Port device team_slave_0 added [ 906.100287][T13343] team0: Port device team_slave_1 added [ 906.470510][T13343] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 906.478766][T13343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.505458][T13343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 906.706365][T13343] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 906.713672][T13343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 906.740145][T13343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 907.390298][T13343] hsr_slave_0: entered promiscuous mode [ 907.443367][T13343] hsr_slave_1: entered promiscuous mode [ 907.497833][ T5200] Bluetooth: hci2: command tx timeout [ 907.502031][T13343] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 907.511815][T13343] Cannot create hsr debugfs directory [ 907.573569][T13412] loop4: detected capacity change from 0 to 1024 [ 907.587456][T13412] EXT4-fs: Ignoring removed orlov option [ 907.619860][T13412] EXT4-fs (loop4): Test dummy encryption mode enabled [ 907.640588][T13412] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal [ 907.794475][T13412] 9p: Unknown access argument 18446744073709551615ÿÿÿÿ: -22 [ 907.931845][T13415] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3304'. [ 908.331947][T13419] netlink: 10 bytes leftover after parsing attributes in process `syz.1.3306'. [ 908.871709][T13343] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.047080][T13343] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.112663][T13428] netlink: 'syz.2.3311': attribute type 9 has an invalid length. [ 909.187226][T13343] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.364856][T13343] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 909.572381][ T5200] Bluetooth: hci2: command tx timeout [ 909.862292][T13436] raw_sendmsg: syz.2.3314 forgot to set AF_INET. Fix it! [ 909.879604][T13432] loop4: detected capacity change from 0 to 2048 [ 909.904680][T13343] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 909.992623][T13343] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 910.034176][T13432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 910.158647][T13343] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 910.254991][ T29] audit: type=1800 audit(1726772893.514:51): pid=13432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3312" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 910.303762][T13343] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 910.564028][ T3541] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 910.625468][ T3541] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 11 with error 28 [ 910.638453][ T3541] EXT4-fs (loop4): This should not happen!! Data will be lost [ 910.638453][ T3541] [ 910.648616][ T3541] EXT4-fs (loop4): Total free blocks count 0 [ 910.654945][ T3541] EXT4-fs (loop4): Free/Dirty block details [ 910.661073][ T3541] EXT4-fs (loop4): free_blocks=2415919104 [ 910.667272][ T3541] EXT4-fs (loop4): dirty_blocks=16 [ 910.672793][ T3541] EXT4-fs (loop4): Block reservation details [ 910.679878][ T3541] EXT4-fs (loop4): i_reserved_data_blocks=1 [ 910.723348][T13439] loop1: detected capacity change from 0 to 4096 [ 910.802922][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 910.830033][T13439] NILFS (loop1): invalid segment: Checksum error in segment payload [ 910.838652][T13439] NILFS (loop1): trying rollback from an earlier position [ 911.036985][T13439] NILFS (loop1): recovery complete [ 911.123171][T13449] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 911.313443][T13451] bridge0: port 2(bridge_slave_1) entered disabled state [ 911.322148][T13451] bridge0: port 1(bridge_slave_0) entered disabled state [ 911.576622][T13343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 911.767281][T13343] 8021q: adding VLAN 0 to HW filter on device team0 [ 911.884976][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 911.892747][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.051150][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.058893][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 912.566935][ T29] audit: type=1326 audit(1726772895.824:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13458 comm="syz.0.3324" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f2f579 code=0x0 [ 912.716793][T13463] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3325'. [ 913.665703][T13473] loop2: detected capacity change from 0 to 2048 [ 913.872113][T13473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 914.029071][T13481] vlan2: entered allmulticast mode [ 914.146637][T13478] loop4: detected capacity change from 0 to 2048 [ 914.329620][T13478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 914.342750][T13478] ext4 filesystem being mounted at /481/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 914.490559][T13478] fs-verity: sha512 using implementation "sha512-generic" [ 914.496328][T13343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 914.535791][T13478] fs-verity (loop4, inode 13): fs-verity keyring is empty, rejecting signed file! [ 915.074063][T13343] veth0_vlan: entered promiscuous mode [ 915.096702][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 915.245450][T13343] veth1_vlan: entered promiscuous mode [ 915.435526][T13492] loop1: detected capacity change from 0 to 1024 [ 915.494256][T13492] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 915.652950][T13343] veth0_macvtap: entered promiscuous mode [ 915.673987][T13492] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 915.707179][T13343] veth1_macvtap: entered promiscuous mode [ 915.988400][T13496] loop2: detected capacity change from 0 to 128 [ 916.050857][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.062218][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.072524][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.083466][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.093592][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.105532][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.115998][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.126829][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.137011][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 916.147755][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.162923][T13343] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 916.341154][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 916.586398][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 916.597289][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.613220][T13343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 916.624968][T13343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 916.641506][T13343] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 916.837481][T13504] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3341'. [ 916.913240][T13343] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.923595][T13343] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.933113][T13343] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 916.943606][T13343] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 917.420410][ C0] IPv4: Oversized IP packet from 127.0.0.1 [ 917.809192][T13516] loop0: detected capacity change from 0 to 2048 [ 918.005503][T13520] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 918.094717][T13521] netlink: 'syz.4.3345': attribute type 3 has an invalid length. [ 918.103191][T13521] netlink: 'syz.4.3345': attribute type 3 has an invalid length. [ 918.232126][ T29] audit: type=1800 audit(1726772901.454:53): pid=13516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3344" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 920.802145][ T5248] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 921.039989][ T5248] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 921.052310][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 921.088598][ T5248] usb 5-1: config 0 descriptor?? [ 921.142985][ T10] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 921.346699][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 921.413097][ T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 921.423455][ T10] usb 2-1: config 0 interface 0 has no altsetting 0 [ 921.431268][ T10] usb 2-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 921.441040][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 921.485155][ T10] usb 2-1: config 0 descriptor?? [ 921.999818][ T5248] usb 5-1: Cannot set autoneg [ 922.007892][ T5248] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 922.039216][ T10] kye 0003:0458:0138.0041: unknown main item tag 0x0 [ 922.049656][ T10] kye 0003:0458:0138.0041: unknown main item tag 0x0 [ 922.057420][ T10] kye 0003:0458:0138.0041: unexpected long global item [ 922.109036][ T10] kye 0003:0458:0138.0041: parse failed [ 922.117240][ T10] kye 0003:0458:0138.0041: probe with driver kye failed with error -22 [ 922.143003][ T5248] usb 5-1: USB disconnect, device number 27 [ 922.229406][ T10] usb 2-1: USB disconnect, device number 34 [ 923.151885][T13578] loop4: detected capacity change from 0 to 256 [ 923.215312][ T8176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 923.226135][ T8176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 923.375101][T13582] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 923.402303][T13578] FAT-fs (loop4): Directory bread(block 64) failed [ 923.409269][T13578] FAT-fs (loop4): Directory bread(block 65) failed [ 923.418379][T13578] FAT-fs (loop4): Directory bread(block 66) failed [ 923.425961][T13578] FAT-fs (loop4): Directory bread(block 67) failed [ 923.433851][T13578] FAT-fs (loop4): Directory bread(block 68) failed [ 923.440624][T13578] FAT-fs (loop4): Directory bread(block 69) failed [ 923.447695][T13578] FAT-fs (loop4): Directory bread(block 70) failed [ 923.454556][T13578] FAT-fs (loop4): Directory bread(block 71) failed [ 923.461442][T13578] FAT-fs (loop4): Directory bread(block 72) failed [ 923.465184][ T3541] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 923.468227][T13578] FAT-fs (loop4): Directory bread(block 73) failed [ 923.485523][ T3541] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 923.935314][T13584] syz.2.3367 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 925.465731][T13603] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3375'. [ 925.475398][T13603] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3375'. [ 925.783056][T13606] tun0: tun_chr_ioctl cmd 1074025677 [ 925.789006][T13606] tun0: linktype set to 512 [ 926.003323][T13597] loop3: detected capacity change from 0 to 4096 [ 926.059016][T13597] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 926.614471][T13612] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3379'. [ 926.913236][T13615] program syz.4.3380 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 927.304297][T13621] loop3: detected capacity change from 0 to 64 [ 928.435843][T13632] loop4: detected capacity change from 0 to 1024 [ 928.647968][T13632] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 929.330686][T13646] tun0: tun_chr_ioctl cmd 1074025677 [ 929.337029][T13646] tun0: linktype set to 805 [ 929.405238][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.079147][T13661] loop0: detected capacity change from 0 to 256 [ 930.127154][T13661] exfat: Deprecated parameter 'utf8' [ 930.134761][T13661] exfat: Deprecated parameter 'utf8' [ 930.264227][T13661] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x811ad48d, utbl_chksum : 0xe619d30d) [ 930.888388][T13667] loop3: detected capacity change from 0 to 2048 [ 930.970628][T13669] netem: change failed [ 931.025186][T13674] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 931.255542][ T29] audit: type=1800 audit(1726772914.494:54): pid=13667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3398" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 932.250672][T13688] sctp: [Deprecated]: syz.0.3410 (pid 13688) Use of struct sctp_assoc_value in delayed_ack socket option. [ 932.250672][T13688] Use struct sctp_sack_info instead [ 932.595459][ T0] NOHZ tick-stop error: local softirq work is pending, handler #252!!! [ 932.747506][T13696] loop4: detected capacity change from 0 to 256 [ 932.780292][T13696] FAT-fs (loop4): bogus number of directory entries (4) [ 932.787799][T13696] FAT-fs (loop4): Can't find a valid FAT filesystem [ 933.212389][ T10] usb 2-1: new full-speed USB device number 35 using dummy_hcd [ 933.469838][ T10] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b [ 933.479296][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 933.554338][ T10] usb 2-1: config 0 descriptor?? [ 933.803340][ T10] usb 2-1: string descriptor 0 read error: -71 [ 933.815309][ T10] ums-realtek 2-1:0.0: USB Mass Storage device detected [ 933.899554][T13704] loop4: detected capacity change from 0 to 512 [ 933.955229][T13704] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 934.055828][ T10] usb 2-1: USB disconnect, device number 35 [ 934.077225][T13704] EXT4-fs (loop4): 1 truncate cleaned up [ 934.143973][T13704] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 934.458163][T13714] loop0: detected capacity change from 0 to 512 [ 934.737714][T13714] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 934.750233][T13716] loop2: detected capacity change from 0 to 2048 [ 934.760092][T13714] ext4 filesystem being mounted at /418/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 934.780477][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 934.901506][T13723] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 935.078782][ T29] audit: type=1800 audit(1726772918.324:55): pid=13716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3418" name="file1" dev="loop2" ino=15 res=0 errno=0 [ 935.451120][ T8127] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 937.017578][T13748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3434'. [ 937.027226][T13748] netlink: 'syz.2.3434': attribute type 1 has an invalid length. [ 937.035360][T13748] netlink: 'syz.2.3434': attribute type 2 has an invalid length. [ 938.618609][T13767] loop1: detected capacity change from 0 to 24 [ 939.027280][T13771] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3445'. [ 939.675031][ T5248] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 939.899269][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 939.910701][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 939.923821][ T5248] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 939.933372][ T5248] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 940.047200][ T5248] usb 2-1: config 0 descriptor?? [ 940.551226][ T5248] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0 [ 940.559369][ T5248] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x0 [ 940.569575][ T5248] mcp2221 0003:04D8:00DD.0042: unknown main item tag 0x7 [ 940.590869][ T5248] mcp2221 0003:04D8:00DD.0042: item fetching failed at offset 4/5 [ 940.803191][ T5248] mcp2221 0003:04D8:00DD.0042: can't parse reports [ 940.810347][ T5248] mcp2221 0003:04D8:00DD.0042: probe with driver mcp2221 failed with error -22 [ 940.930276][ T5248] usb 2-1: USB disconnect, device number 36 [ 941.168058][T13792] loop0: detected capacity change from 0 to 256 [ 941.386590][T13792] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 941.925265][T13796] loop4: detected capacity change from 0 to 2048 [ 942.090445][T13804] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 942.141287][T13803] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3468'. [ 942.297483][ T29] audit: type=1800 audit(1726772925.494:56): pid=13796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3455" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 942.532216][T13811] loop3: detected capacity change from 0 to 256 [ 942.717634][T13811] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 943.444815][T13820] loop1: detected capacity change from 0 to 256 [ 943.691468][T13826] loop2: detected capacity change from 0 to 512 [ 943.835886][T13826] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 943.849171][T13826] ext4 filesystem being mounted at /488/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 943.917385][T13832] netlink: 'syz.4.3470': attribute type 29 has an invalid length. [ 943.930071][T13832] netlink: 'syz.4.3470': attribute type 29 has an invalid length. [ 943.946621][T13832] netlink: 'syz.4.3470': attribute type 29 has an invalid length. [ 944.100895][T13826] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 944.112434][T13826] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 944.123115][T13826] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.3467: Failed to acquire dquot type 0 [ 944.317946][T13834] loop3: detected capacity change from 0 to 1024 [ 944.444774][T13838] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3473'. [ 944.678262][ T8194] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 944.741006][T13840] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3474'. [ 946.525821][T13865] ax25_connect(): syz.2.3482 uses autobind, please contact jreuter@yaina.de [ 946.969674][T13862] loop2: detected capacity change from 0 to 2048 [ 947.007645][T13871] loop0: detected capacity change from 0 to 512 [ 947.063167][T13862] loop2: p4 < > [ 947.064666][T13871] EXT4-fs: Ignoring removed orlov option [ 947.098213][T13871] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 947.266304][T13871] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.3487: casefold flag without casefold feature [ 947.327367][T13871] EXT4-fs (loop0): Remounting filesystem read-only [ 947.337043][T13871] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 947.590710][ T6613] udevd[6613]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 947.906997][ T8127] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 948.368390][T13890] pimreg: entered allmulticast mode [ 948.496540][T13890] dvmrp5: entered allmulticast mode [ 948.633651][T13890] pimreg: left allmulticast mode [ 948.639362][T13890] dvmrp5: left allmulticast mode [ 948.889215][T13895] loop2: detected capacity change from 0 to 1024 [ 949.002707][T13895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 949.551309][ T8194] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 949.608331][T13908] loop1: detected capacity change from 0 to 128 [ 949.810754][T13910] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3503'. [ 950.119611][T13913] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 951.737265][T13935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3515'. [ 951.993225][T13939] loop1: detected capacity change from 0 to 64 [ 952.602626][T13946] misc userio: Can't change port type on an already running userio instance [ 952.779399][T13949] loop4: detected capacity change from 0 to 512 [ 952.835553][T13942] loop0: detected capacity change from 0 to 2048 [ 952.887163][T13949] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 952.927618][T13942] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 953.036770][T13949] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #16: comm syz.4.3521: invalid indirect mapped block 83886080 (level 1) [ 953.071999][T13942] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 953.163271][T13949] EXT4-fs (loop4): 1 orphan inode deleted [ 953.169299][T13949] EXT4-fs (loop4): 1 truncate cleaned up [ 953.189133][T13949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 953.319772][T13949] EXT4-fs error (device loop4): ext4_empty_dir:3103: inode #2: block 13: comm syz.4.3521: bad entry in directory: rec_len is too small for name_len - offset=12, inode=2, rec_len=12, size=1024 fake=0 [ 953.525011][T13949] EXT4-fs warning (device loop4): ext4_empty_dir:3105: inode #2: comm syz.4.3521: directory missing '..' [ 953.874553][T13959] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3525'. [ 953.913799][ T7992] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=12, inode=2, rec_len=12, size=1024 fake=0 [ 954.269722][ T7992] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 954.677166][ T3541] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 954.690055][T13952] loop1: detected capacity change from 0 to 4096 [ 954.869238][T13952] NILFS (loop1): invalid segment: Checksum error in segment payload [ 954.877833][T13952] NILFS (loop1): trying rollback from an earlier position [ 954.949498][T13952] NILFS (loop1): recovery complete [ 955.020486][ T3541] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 955.075064][T13970] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 955.235005][ T3541] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 955.389469][ T3541] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 955.863764][ T3541] bridge_slave_1: left allmulticast mode [ 955.869676][ T3541] bridge_slave_1: left promiscuous mode [ 955.876403][ T3541] bridge0: port 2(bridge_slave_1) entered disabled state [ 955.932439][ T3541] bridge_slave_0: left allmulticast mode [ 955.939613][ T3541] bridge_slave_0: left promiscuous mode [ 955.950053][ T3541] bridge0: port 1(bridge_slave_0) entered disabled state [ 956.311835][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 956.318531][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 956.788331][ T3541] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 956.835195][ T3541] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 956.886868][ T3541] bond0 (unregistering): Released all slaves [ 957.106889][ T3541] IPVS: stopping master sync thread 12937 ... [ 957.801844][ T3541] hsr_slave_0: left promiscuous mode [ 957.862944][ T3541] hsr_slave_1: left promiscuous mode [ 957.903397][ T3541] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 957.911184][ T3541] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 958.002516][ T3541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 958.010370][ T3541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 958.066292][ T3541] veth1_macvtap: left promiscuous mode [ 958.072676][ T3541] veth0_macvtap: left promiscuous mode [ 958.078731][ T3541] veth1_vlan: left promiscuous mode [ 958.084450][ T3541] veth0_vlan: left promiscuous mode [ 958.230091][T13989] loop2: detected capacity change from 0 to 512 [ 958.372526][T13989] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 958.436215][T13344] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 958.446543][T13344] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 958.459557][T13344] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 958.567707][T13344] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 958.587358][T13344] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 958.606373][T13344] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 958.662732][T13989] EXT4-fs (loop2): 1 truncate cleaned up [ 958.670312][T13989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 959.215554][ T8194] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 959.475085][ T3541] team0 (unregistering): Port device team_slave_1 removed [ 959.564476][ T3541] team0 (unregistering): Port device team_slave_0 removed [ 959.965768][T13986] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 960.200428][T14007] loop1: detected capacity change from 0 to 512 [ 960.402336][T14007] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.3544: corrupted in-inode xattr: invalid ea_ino [ 960.519097][T14014] bond0: option use_carrier: invalid value (11) [ 960.563291][T14007] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.3544: couldn't read orphan inode 15 (err -117) [ 960.709029][T14007] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 960.741703][ T3541] IPVS: stop unused estimator thread 0... [ 960.774094][T13344] Bluetooth: hci4: command tx timeout [ 961.387481][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 961.940798][T13994] chnl_net:caif_netlink_parms(): no params data found [ 962.033302][T14031] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3549'. [ 962.075079][T14033] vivid-000: disconnect [ 962.113338][T14032] vivid-000: reconnect [ 962.852576][T13344] Bluetooth: hci4: command tx timeout [ 963.092522][T14046] Bluetooth: hci5: Frame reassembly failed (-84) [ 963.123826][ T8176] Bluetooth: hci5: Frame reassembly failed (-84) [ 963.902269][T13994] bridge0: port 1(bridge_slave_0) entered blocking state [ 963.910094][T13994] bridge0: port 1(bridge_slave_0) entered disabled state [ 963.921290][T13994] bridge_slave_0: entered allmulticast mode [ 963.944873][T13994] bridge_slave_0: entered promiscuous mode [ 964.017664][T13994] bridge0: port 2(bridge_slave_1) entered blocking state [ 964.027387][T13994] bridge0: port 2(bridge_slave_1) entered disabled state [ 964.035434][T13994] bridge_slave_1: entered allmulticast mode [ 964.044606][T13994] bridge_slave_1: entered promiscuous mode [ 964.118239][T14056] loop0: detected capacity change from 0 to 1024 [ 964.306737][T14056] hfsplus: bad catalog entry type [ 964.337867][T13994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 964.384091][T14061] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3561'. [ 964.422723][T13994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 964.677121][T13994] team0: Port device team_slave_0 added [ 964.722687][T13994] team0: Port device team_slave_1 added [ 964.763996][ T3194] hfsplus: b-tree write err: -5, ino 4 [ 964.934583][ T5200] Bluetooth: hci4: command tx timeout [ 964.990520][T13994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 964.998930][T13994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 965.026351][T13994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 965.086661][T13994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 965.094644][T13994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 965.121051][T13994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 965.133966][T13344] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 965.707567][T13994] hsr_slave_0: entered promiscuous mode [ 965.762074][T13994] hsr_slave_1: entered promiscuous mode [ 965.808080][T13994] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 965.818765][T13994] Cannot create hsr debugfs directory [ 965.825555][T14070] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3563'. [ 966.593851][T14086] loop3: detected capacity change from 0 to 256 [ 966.677088][T14086] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 967.024659][ T5200] Bluetooth: hci4: command tx timeout [ 968.295292][T14105] netlink: 'syz.0.3575': attribute type 5 has an invalid length. [ 968.303953][T14105] netlink: 'syz.0.3575': attribute type 11 has an invalid length. [ 968.596534][T13994] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 968.723435][T13994] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 968.755339][T14110] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3576'. [ 968.836036][T13994] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 968.958522][T13994] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 969.207985][T14116] loop1: detected capacity change from 0 to 64 [ 969.423415][T14118] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3578'. [ 970.506536][T14126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3584'. [ 970.580584][T13994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 970.827014][T13994] 8021q: adding VLAN 0 to HW filter on device team0 [ 970.968716][ T8176] bridge0: port 1(bridge_slave_0) entered blocking state [ 970.976526][ T8176] bridge0: port 1(bridge_slave_0) entered forwarding state [ 971.130222][ T8176] bridge0: port 2(bridge_slave_1) entered blocking state [ 971.137976][ T8176] bridge0: port 2(bridge_slave_1) entered forwarding state [ 971.994630][T14147] loop3: detected capacity change from 0 to 256 [ 972.003371][T14129] loop1: detected capacity change from 0 to 4096 [ 973.539278][T14164] loop3: detected capacity change from 0 to 1024 [ 973.788062][T14164] hfsplus: extend alloc file! (8192,65536,366) [ 973.833372][T13994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 974.493647][T14173] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3595'. [ 974.579221][T14176] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3594'. [ 975.453833][T14189] loop3: detected capacity change from 0 to 512 [ 975.604295][T14189] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.3599: corrupted in-inode xattr: invalid ea_ino [ 975.627299][T14189] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.3599: couldn't read orphan inode 15 (err -117) [ 975.676647][T14189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 976.133529][T13343] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 976.766696][T14203] tun0: tun_chr_ioctl cmd 1074025675 [ 976.777825][T14203] tun0: persist disabled [ 977.218256][T13994] veth0_vlan: entered promiscuous mode [ 977.350042][T13994] veth1_vlan: entered promiscuous mode [ 977.470893][T14199] loop2: detected capacity change from 0 to 4096 [ 977.608268][T14199] NILFS (loop2): invalid segment: Checksum error in segment payload [ 977.616805][T14199] NILFS (loop2): trying rollback from an earlier position [ 977.690675][T14199] NILFS (loop2): recovery complete [ 977.707815][T14214] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 977.773302][T13994] veth0_macvtap: entered promiscuous mode [ 977.946234][T13994] veth1_macvtap: entered promiscuous mode [ 978.189723][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 978.204094][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.214411][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 978.225378][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.238209][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 978.249022][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.259174][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 978.283741][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.294226][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 978.307639][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.323329][T13994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 978.555116][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 978.567102][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.578091][T13994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 978.588912][T13994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 978.604213][T13994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 978.809829][T13994] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 978.819149][T13994] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 978.828336][T13994] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 978.837612][T13994] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 984.964412][T14292] loop0: detected capacity change from 0 to 4096 [ 985.193925][T14292] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 985.643192][ T4883] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 985.658006][ T8127] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 985.682885][T14312] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3641'. [ 985.882259][ T4883] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 985.891849][ T4883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 985.962256][ T4883] usb 3-1: config 0 descriptor?? [ 986.008150][ T4883] cp210x 3-1:0.0: cp210x converter detected [ 986.364651][ T8176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 986.374703][ T8176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 986.428052][ T4883] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 986.585359][ T4883] usb 3-1: cp210x converter now attached to ttyUSB0 [ 986.661485][ T10] usb 3-1: USB disconnect, device number 30 [ 986.684446][ T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 986.710763][ T10] cp210x 3-1:0.0: device disconnected [ 986.845239][ T3043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 986.845338][ T3043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 987.760764][T14324] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3644'. [ 988.209800][T14319] loop0: detected capacity change from 0 to 4096 [ 988.237767][T14319] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 988.454511][T14329] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3647'. [ 988.680245][T14319] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 988.858877][T14319] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 988.865603][T14319] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 989.614166][T14346] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3655'. [ 989.769364][T14348] pim6reg: left allmulticast mode [ 990.925042][T14359] loop0: detected capacity change from 0 to 1024 [ 990.974290][T14359] EXT4-fs: Ignoring removed orlov option [ 990.980359][T14359] ext4: Unknown parameter 'noacl' [ 991.454579][T14364] loop3: detected capacity change from 0 to 2048 [ 991.603203][T14371] binder: 14370:14371 ioctl 4018620d 0 returned -22 [ 991.668012][T14364] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 991.798153][T14378] loop0: detected capacity change from 0 to 256 [ 991.807349][T14378] exfat: Deprecated parameter 'namecase' [ 991.932002][ T29] audit: type=1804 audit(1726772975.194:57): pid=14364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.3663" name="/newroot/69/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 991.970976][T14378] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 992.079024][T14378] syz.0.3667: attempt to access beyond end of device [ 992.079024][T14378] loop0: rw=524288, sector=34359738488, nr_sectors = 1 limit=256 [ 992.105074][T14378] syz.0.3667: attempt to access beyond end of device [ 992.105074][T14378] loop0: rw=0, sector=34359738488, nr_sectors = 1 limit=256 [ 992.107783][T14381] loop4: detected capacity change from 0 to 128 [ 992.173312][T13343] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 992.202892][ T29] audit: type=1800 audit(1726772975.444:58): pid=14378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3667" name="file1" dev="loop0" ino=1048997 res=0 errno=0 [ 992.224930][T14378] exFAT-fs (loop0): error, tried to truncate zeroed cluster. [ 992.226500][T14378] exFAT-fs (loop0): error, invalid size(size(36864) > aligned(0) [ 992.226500][T14378] [ 992.368132][T14381] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 992.378676][T14381] FAT-fs (loop4): Filesystem has been set read-only [ 992.386731][T14381] syz.4.3669: attempt to access beyond end of device [ 992.386731][T14381] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 992.443413][ T29] audit: type=1800 audit(1726772975.654:59): pid=14381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3669" name="file2" dev="loop4" ino=1048999 res=0 errno=0 [ 993.457059][T14394] input: syz0 as /devices/virtual/input/input41 [ 993.499993][T14395] loop3: detected capacity change from 0 to 256 [ 993.748442][T14395] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 994.383006][ T5245] usb 5-1: new high-speed USB device number 28 using dummy_hcd [ 994.591902][ T5245] usb 5-1: Using ep0 maxpacket: 8 [ 994.708141][ T5245] usb 5-1: New USB device found, idVendor=0baf, idProduct=00f5, bcdDevice=df.c2 [ 994.717851][ T5245] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 994.729152][ T5245] usb 5-1: Product: syz [ 994.736271][ T5245] usb 5-1: Manufacturer: syz [ 994.741107][ T5245] usb 5-1: SerialNumber: syz [ 994.798721][ T5245] usb 5-1: config 0 descriptor?? [ 994.832580][ T5245] usb 5-1: [ueagle-atm] ADSL device founded vid (0XBAF) pid (0XF5) Rev (0XDFC2): Eagle I [ 995.062123][ T5245] usb 5-1: reset high-speed USB device number 28 using dummy_hcd [ 995.734949][ T5245] usb 5-1: device descriptor read/64, error -71 [ 996.012436][ T5245] usb 5-1: reset high-speed USB device number 28 using dummy_hcd [ 996.453134][T14414] loop2: detected capacity change from 0 to 4096 [ 996.516214][ T5245] usb 5-1: [UEAGLE-ATM] interface 1 not found [ 996.522868][ T5245] ueagle-atm 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 996.609341][T14424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3688'. [ 996.732972][ T10] usb 5-1: USB disconnect, device number 28 [ 997.908080][T14436] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3694'. [ 998.863017][T14451] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 998.910345][T14454] input: syz0 as /devices/virtual/input/input42 [ 998.932655][T14451] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 1001.237118][T14478] loop2: detected capacity change from 0 to 2048 [ 1001.321430][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3715'. [ 1001.442010][T14478] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1001.546132][T14486] netlink: 'syz.3.3717': attribute type 16 has an invalid length. [ 1001.554826][T14486] netlink: 'syz.3.3717': attribute type 3 has an invalid length. [ 1001.563112][T14486] netlink: 64066 bytes leftover after parsing attributes in process `syz.3.3717'. [ 1001.752014][ T4883] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 1001.963895][ T4883] usb 2-1: Using ep0 maxpacket: 32 [ 1002.034338][ T4883] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 1002.043839][ T4883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1002.052345][ T4883] usb 2-1: Product: syz [ 1002.056753][ T4883] usb 2-1: Manufacturer: syz [ 1002.061929][ T4883] usb 2-1: SerialNumber: syz [ 1002.144182][ T4883] usb 2-1: config 0 descriptor?? [ 1002.914370][ T4883] rtl8150 2-1:0.0: eth1: rtl8150 is detected [ 1003.120457][T14500] loop3: detected capacity change from 0 to 256 [ 1003.178953][ T4883] usb 2-1: USB disconnect, device number 37 [ 1003.377822][T14500] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x88000078, utbl_chksum : 0xe619d30d) [ 1004.142526][ T4883] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1004.427232][ T4883] usb 3-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36 [ 1004.437062][ T4883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1004.524830][ T4883] usb 3-1: config 0 descriptor?? [ 1004.897219][ T4883] kaweth 3-1:0.0: Firmware present in device. [ 1005.143092][ T4883] kaweth 3-1:0.0: Statistics collection: 0 [ 1005.149295][ T4883] kaweth 3-1:0.0: Multicast filter limit: 0 [ 1005.155746][ T4883] kaweth 3-1:0.0: MTU: 0 [ 1005.160242][ T4883] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00 [ 1005.485381][ T4883] kaweth 3-1:0.0: Error setting SOFS wait [ 1005.492107][ T4883] kaweth 3-1:0.0: probe with driver kaweth failed with error -5 [ 1005.573430][ T4883] usb 3-1: USB disconnect, device number 31 [ 1006.590895][T14537] loop0: detected capacity change from 0 to 256 [ 1006.806108][T14537] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1007.002531][T14541] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3743'. [ 1007.315500][T14531] loop3: detected capacity change from 0 to 4096 [ 1007.363575][T14531] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512). [ 1008.494247][T14555] vlan0: invalid flags given to default FDB implementation [ 1008.574682][T14557] block nbd3: shutting down sockets [ 1010.327275][T14583] input: syz1 as /devices/virtual/input/input43 [ 1012.086052][T14606] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3773'. [ 1012.712590][T14618] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3778'. [ 1013.012868][T14616] loop1: detected capacity change from 0 to 2048 [ 1013.204694][T14625] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1013.307631][T14627] loop2: detected capacity change from 0 to 256 [ 1014.899187][T14657] loop2: detected capacity change from 0 to 128 [ 1015.117164][ T29] audit: type=1800 audit(1726772998.374:60): pid=14657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3795" name="file0" dev="loop2" ino=1049003 res=0 errno=0 [ 1015.618393][T14670] loop3: detected capacity change from 0 to 1024 [ 1016.111938][ T29] audit: type=1326 audit(1726772999.374:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.136133][ T29] audit: type=1326 audit(1726772999.384:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.160242][ T29] audit: type=1326 audit(1726772999.384:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.183631][ T29] audit: type=1326 audit(1726772999.384:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.206087][ T29] audit: type=1326 audit(1726772999.394:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.228491][ T29] audit: type=1326 audit(1726772999.394:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.252400][ T29] audit: type=1326 audit(1726772999.394:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=369 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1016.275791][ T29] audit: type=1326 audit(1726772999.394:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14677 comm="syz.4.3804" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73dd579 code=0x7ffc0000 [ 1017.728855][T14704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3815'. [ 1017.757454][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 1017.757714][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 1017.773859][T14704] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1017.781715][T14704] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1017.849692][T14704] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1017.858103][T14704] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1018.245115][ T5200] Bluetooth: hci3: Dropping invalid advertising data [ 1018.252425][ T5200] Bluetooth: hci3: unknown advertising packet type: 0x0a [ 1018.252544][ T5200] Bluetooth: hci3: unknown advertising packet type: 0x80 [ 1018.259792][ T5200] Bluetooth: hci3: unknown advertising packet type: 0x61 [ 1018.268485][ T5200] Bluetooth: hci3: unknown advertising packet type: 0x80 [ 1018.278526][ T5200] Bluetooth: hci3: Malformed LE Event: 0x02 [ 1018.445541][T14713] loop1: detected capacity change from 0 to 2048 [ 1018.586451][T14713] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1018.967791][T14724] loop4: detected capacity change from 0 to 256 [ 1019.074135][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1020.168555][T14747] loop4: detected capacity change from 0 to 256 [ 1020.209894][T14744] loop3: detected capacity change from 0 to 2048 [ 1020.283501][T14744] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1021.764030][T14778] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3848'. [ 1021.801865][T14776] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3847'. [ 1021.866287][T14780] @ÿ: renamed from veth0_vlan (while UP) [ 1022.358586][T14786] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3853'. [ 1022.368338][T14786] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3853'. [ 1022.691297][T14794] ALSA: mixer_oss: invalid index -1404626105 [ 1023.166969][T14801] loop4: detected capacity change from 0 to 512 [ 1023.197995][T14801] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1023.288027][T14801] EXT4-fs (loop4): 1 truncate cleaned up [ 1023.295987][T14801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1023.373442][T14808] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3862'. [ 1023.814256][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1023.889570][T14818] block nbd3: shutting down sockets [ 1024.095548][T14821] loop1: detected capacity change from 0 to 1024 [ 1024.209385][T14821] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1024.307703][T14827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3870'. [ 1024.317330][T14827] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3870'. [ 1024.742793][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1024.932081][T13344] Bluetooth: hci2: command 0x0406 tx timeout [ 1025.492554][T14850] loop2: detected capacity change from 0 to 8 [ 1026.205396][T14860] netlink: 64 bytes leftover after parsing attributes in process `syz.2.3884'. [ 1026.510166][T14866] binder: binder_mmap: 14865 20000000-20002000 bad vm_flags failed -1 [ 1026.786625][T14870] bond0: option min_links: invalid value (18446744073709551615) [ 1026.794693][T14870] bond0: option min_links: allowed values 0 - 2147483647 [ 1026.864195][T14872] loop1: detected capacity change from 0 to 128 [ 1026.906969][T14872] VFS: Found a Xenix FS (block size = 512) on device loop1 [ 1026.956445][T14872] sysv_count_free_blocks: free block count was -2041545935, correcting to 3 [ 1027.364614][T14878] loop2: detected capacity change from 0 to 1024 [ 1027.367025][T14880] loop4: detected capacity change from 0 to 16 [ 1027.442715][T14880] erofs: (device loop4): mounted with root inode @ nid 36. [ 1027.482145][T14872] sysv_count_free_inodes: unable to read inode table [ 1027.540343][ T1050] hfsplus: b-tree write err: -5, ino 4 [ 1027.550472][T14884] loop0: detected capacity change from 0 to 128 [ 1027.812095][ T8190] sysv_free_block: trying to free block not in datazone [ 1027.860285][ T8190] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1027.896267][ T8176] hfsplus: b-tree write err: -5, ino 4 [ 1028.486391][T14898] loop3: detected capacity change from 0 to 164 [ 1028.588243][T14898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3903'. [ 1028.620395][T14898] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3903'. [ 1028.630171][T14898] netlink: 277 bytes leftover after parsing attributes in process `syz.3.3903'. [ 1029.428272][T14909] netlink: 136 bytes leftover after parsing attributes in process `syz.4.3907'. [ 1029.438244][T14909] netlink: 89 bytes leftover after parsing attributes in process `syz.4.3907'. [ 1029.571983][ T29] audit: type=1800 audit(1726773012.834:69): pid=14911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3908" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 1031.290007][T14943] loop1: detected capacity change from 0 to 64 [ 1031.805398][T14951] loop3: detected capacity change from 0 to 1024 [ 1031.856318][T14951] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled [ 1031.892194][ T5245] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1031.986961][T14951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1032.062493][ T29] audit: type=1800 audit(1726773015.354:70): pid=14951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3927" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 1032.137541][ T5245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1032.149026][ T5245] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1032.162125][ T5245] usb 3-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00 [ 1032.171473][ T5245] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1032.200507][T14956] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3928'. [ 1032.233794][ T5245] usb 3-1: config 0 descriptor?? [ 1032.273770][T14946] loop4: detected capacity change from 0 to 4096 [ 1032.387374][T13343] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1032.653385][T14946] ntfs3: loop4: ino=22, The size of extended attributes must not exceed 64KiB [ 1032.716678][ T5245] elecom 0003:056E:011C.0043: unknown main item tag 0x0 [ 1032.726922][ T5245] elecom 0003:056E:011C.0043: unknown main item tag 0xe [ 1032.734599][ T5245] elecom 0003:056E:011C.0043: unknown main item tag 0x5 [ 1032.753098][ T5245] elecom 0003:056E:011C.0043: unknown main item tag 0x4 [ 1032.765833][ T5245] elecom 0003:056E:011C.0043: ignoring exceeding usage max [ 1032.783950][ T5245] elecom 0003:056E:011C.0043: usage index exceeded [ 1032.790791][ T5245] elecom 0003:056E:011C.0043: item 0 0 2 0 parsing failed [ 1032.858286][T14958] loop1: detected capacity change from 0 to 256 [ 1032.876667][ T5245] elecom 0003:056E:011C.0043: probe with driver elecom failed with error -22 [ 1032.936009][T14960] netlink: 'syz.3.3929': attribute type 1 has an invalid length. [ 1032.946808][T14960] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3929'. [ 1032.972796][ T5250] usb 3-1: USB disconnect, device number 32 [ 1032.979804][T14958] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 1033.102862][T14958] exFAT-fs (loop1): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967295) [ 1033.102862][T14958] [ 1033.115475][T14958] exFAT-fs (loop1): Filesystem has been set read-only [ 1033.399320][T14962] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3932'. [ 1034.100874][T14974] loop4: detected capacity change from 0 to 512 [ 1034.103665][T14973] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3937'. [ 1034.313724][T14974] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1034.329777][T14974] ext4 filesystem being mounted at /63/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1034.595309][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1034.702266][T14983] netlink: 'syz.2.3939': attribute type 10 has an invalid length. [ 1034.752078][T14983] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1034.885675][T14987] loop1: detected capacity change from 0 to 256 [ 1034.943776][T14987] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1035.415655][T14989] loop4: detected capacity change from 0 to 512 [ 1035.532415][T14989] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 1035.582840][T14989] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1035.653341][T14989] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #16: comm syz.4.3942: casefold flag without casefold feature [ 1035.714667][T14989] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.3942: couldn't read orphan inode 16 (err -117) [ 1035.759448][T14996] loop1: detected capacity change from 0 to 1024 [ 1035.779020][T14996] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 1035.784647][T14989] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1035.790508][T14996] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 1035.870963][T14996] JBD2: no valid journal superblock found [ 1035.877341][T14996] EXT4-fs (loop1): Could not load journal inode [ 1036.064962][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1036.201952][T14996] loop1: detected capacity change from 0 to 1024 [ 1036.225742][T14996] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1036.306364][T14996] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1036.437292][T15000] loop2: detected capacity change from 0 to 2048 [ 1036.493799][T14996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1036.582280][ T29] audit: type=1800 audit(1726773019.884:71): pid=14996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3946" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 1036.599662][T15000] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1036.736695][T15000] overlayfs: upper fs needs to support d_type. [ 1036.746515][T15000] overlayfs: cleanup of 'work/#1' failed (-2) [ 1036.753119][T15000] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 1036.760290][T15000] overlayfs: failed to set xattr on upper [ 1036.766359][T15000] overlayfs: ...falling back to redirect_dir=nofollow. [ 1036.773568][T15000] overlayfs: ...falling back to index=off. [ 1036.779554][T15000] overlayfs: ...falling back to uuid=null. [ 1036.854781][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1036.869529][T15011] loop4: detected capacity change from 0 to 16 [ 1036.889051][T15011] erofs: (device loop4): mounted with root inode @ nid 36. [ 1037.136459][ T8194] UDF-fs: error (device loop2): udf_read_inode: (ino 1317) failed !bh [ 1037.183435][ T8194] UDF-fs: error (device loop2): udf_read_inode: (ino 1317) failed !bh [ 1037.409131][T15015] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3954'. [ 1038.361136][T15026] loop4: detected capacity change from 0 to 1024 [ 1038.452138][ T10] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 1038.631801][ T10] usb 4-1: Using ep0 maxpacket: 16 [ 1038.643864][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 1038.690960][ T1050] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.697539][ T10] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 1038.712623][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1038.720896][ T10] usb 4-1: Product: syz [ 1038.725806][ T10] usb 4-1: Manufacturer: syz [ 1038.730641][ T10] usb 4-1: SerialNumber: syz [ 1038.803762][ T10] usb 4-1: config 0 descriptor?? [ 1038.849936][ T10] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 1038.861988][ T1050] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1038.874558][ T10] em28xx 4-1:0.0: DVB interface 0 found: bulk [ 1039.035614][ T1050] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.146955][ T1050] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.416415][ T1050] bridge_slave_1: left allmulticast mode [ 1039.425194][ T1050] bridge_slave_1: left promiscuous mode [ 1039.432016][ T1050] bridge0: port 2(bridge_slave_1) entered disabled state [ 1039.464920][ T1050] bridge_slave_0: left allmulticast mode [ 1039.470817][ T1050] bridge_slave_0: left promiscuous mode [ 1039.477948][ T1050] bridge0: port 1(bridge_slave_0) entered disabled state [ 1039.499669][ T10] em28xx 4-1:0.0: unknown em28xx chip ID (0) [ 1039.798954][ T10] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1039.810037][ T10] em28xx 4-1:0.0: board has no eeprom [ 1040.067349][ T10] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1040.075636][ T10] em28xx 4-1:0.0: dvb set to bulk mode. [ 1040.087681][ T5250] em28xx 4-1:0.0: Binding DVB extension [ 1040.123071][ T10] usb 4-1: USB disconnect, device number 35 [ 1040.130569][ T10] em28xx 4-1:0.0: Disconnecting em28xx [ 1040.155063][ T1050] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1040.223370][ T1050] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1040.272656][ T1050] bond0 (unregistering): Released all slaves [ 1040.544247][ T5250] em28xx 4-1:0.0: Registering input extension [ 1040.576952][T15031] tun0: tun_chr_ioctl cmd 2147767506 [ 1040.670892][ T10] em28xx 4-1:0.0: Closing input extension [ 1040.683911][ T1050] öÿÿ: left promiscuous mode [ 1040.787761][ T10] em28xx 4-1:0.0: Freeing device [ 1041.283615][T13344] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1041.325304][T13344] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1041.354999][T13344] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1041.379250][T13344] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1041.410074][T13344] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1041.428176][T13344] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1041.588338][ T1050] hsr_slave_0: left promiscuous mode [ 1041.620640][ T1050] hsr_slave_1: left promiscuous mode [ 1041.662566][ T1050] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1041.670474][ T1050] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1041.808964][ T1050] veth1_macvtap: left promiscuous mode [ 1041.816585][ T1050] veth0_macvtap: left promiscuous mode [ 1041.822625][ T1050] veth1_vlan: left promiscuous mode [ 1041.828181][ T1050] @ÿ: left promiscuous mode [ 1042.227240][ T5200] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1042.238426][ T5200] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1042.255566][ T5200] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1042.291124][T15046] loop4: detected capacity change from 0 to 256 [ 1042.355165][ T5200] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1042.461862][ T5200] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 1042.482294][ T5200] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1042.675086][T15052] loop3: detected capacity change from 0 to 1024 [ 1042.709369][T15052] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1043.114953][ T1050] team0 (unregistering): Port device team_slave_1 removed [ 1043.218631][ T1050] team0 (unregistering): Port device team_slave_0 removed [ 1043.496282][ T5200] Bluetooth: hci3: command tx timeout [ 1044.528183][ T1050] IPVS: stop unused estimator thread 0... [ 1044.672035][ T5200] Bluetooth: hci5: command tx timeout [ 1045.047046][T15047] chnl_net:caif_netlink_parms(): no params data found [ 1045.348542][T15038] chnl_net:caif_netlink_parms(): no params data found [ 1045.584996][ T5200] Bluetooth: hci3: command tx timeout [ 1045.871399][T15085] loop1: detected capacity change from 0 to 2048 [ 1046.010032][T15088] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1046.321834][T15094] mac80211_hwsim hwsim32 veyh0_vlan: renamed from wlan1 (while UP) [ 1046.607690][T15047] bridge0: port 1(bridge_slave_0) entered blocking state [ 1046.615619][T15047] bridge0: port 1(bridge_slave_0) entered disabled state [ 1046.624986][T15047] bridge_slave_0: entered allmulticast mode [ 1046.634145][T15047] bridge_slave_0: entered promiscuous mode [ 1046.691821][ T5200] Bluetooth: hci5: command tx timeout [ 1046.707422][T15047] bridge0: port 2(bridge_slave_1) entered blocking state [ 1046.715347][T15047] bridge0: port 2(bridge_slave_1) entered disabled state [ 1046.723306][T15047] bridge_slave_1: entered allmulticast mode [ 1046.732687][T15047] bridge_slave_1: entered promiscuous mode [ 1047.105770][T15047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1047.117525][T15038] bridge0: port 1(bridge_slave_0) entered blocking state [ 1047.125949][T15038] bridge0: port 1(bridge_slave_0) entered disabled state [ 1047.134125][T15038] bridge_slave_0: entered allmulticast mode [ 1047.146130][T15038] bridge_slave_0: entered promiscuous mode [ 1047.179468][T15047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1047.233634][T15101] tap0: tun_chr_ioctl cmd 1074025677 [ 1047.239575][T15101] tap0: linktype set to 769 [ 1047.449654][T15038] bridge0: port 2(bridge_slave_1) entered blocking state [ 1047.457759][T15038] bridge0: port 2(bridge_slave_1) entered disabled state [ 1047.465736][T15038] bridge_slave_1: entered allmulticast mode [ 1047.474911][T15038] bridge_slave_1: entered promiscuous mode [ 1047.504813][T15047] team0: Port device team_slave_0 added [ 1047.568584][T15047] team0: Port device team_slave_1 added [ 1047.671840][ T5200] Bluetooth: hci3: command tx timeout [ 1048.010010][T15111] loop4: detected capacity change from 0 to 128 [ 1048.044868][T15047] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1048.054336][T15047] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.081137][T15047] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1048.125813][T15038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1048.189113][T15038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1048.236444][T15111] syz.4.3991: attempt to access beyond end of device [ 1048.236444][T15111] loop4: rw=2051, sector=96, nr_sectors = 287 limit=128 [ 1048.265991][T15047] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1048.273306][T15047] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.299897][T15047] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1048.482248][T15038] team0: Port device team_slave_0 added [ 1048.517911][T15038] team0: Port device team_slave_1 added [ 1048.775024][ T5200] Bluetooth: hci5: command tx timeout [ 1048.960298][T15038] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1048.967601][T15038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1048.994100][T15038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1049.038962][T15047] hsr_slave_0: entered promiscuous mode [ 1049.094285][T15047] hsr_slave_1: entered promiscuous mode [ 1049.173313][T15047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1049.181209][T15047] Cannot create hsr debugfs directory [ 1049.200686][T15038] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1049.208082][T15038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1049.236486][T15038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1049.378977][T15121] loop3: detected capacity change from 0 to 256 [ 1049.669934][T15123] netpci0: tun_chr_ioctl cmd 1074025677 [ 1049.676416][T15123] netpci0: linktype set to 804 [ 1049.690679][T15121] exFAT-fs (loop3): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 1049.706438][T15038] hsr_slave_0: entered promiscuous mode [ 1049.739474][ T5200] Bluetooth: hci3: command tx timeout [ 1049.765787][T15038] hsr_slave_1: entered promiscuous mode [ 1049.782416][T15038] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1049.790203][T15038] Cannot create hsr debugfs directory [ 1049.968050][T15126] loop4: detected capacity change from 0 to 1024 [ 1050.216673][T15126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1050.703843][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1050.795537][T15047] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.855439][ T5200] Bluetooth: hci5: command tx timeout [ 1050.945112][T15047] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1051.161471][T15047] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1051.335333][T15047] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1051.748724][T15145] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4006'. [ 1051.823752][T15146] loop4: detected capacity change from 0 to 256 [ 1051.938773][T15146] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 1052.055257][T15146] exFAT-fs (loop4): error, tried to truncate zeroed cluster. [ 1052.063470][T15146] exFAT-fs (loop4): Filesystem has been set read-only [ 1052.326387][T15151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4009'. [ 1052.335850][T15151] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4009'. [ 1052.366714][T15038] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1052.378279][T15154] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1052.463651][T15047] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1052.526532][T15038] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1052.573201][T15047] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1052.633410][T15038] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1052.683292][T15047] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1052.748136][T15038] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1052.798707][T15047] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1053.564725][T15160] loop3: detected capacity change from 0 to 2048 [ 1053.739810][T15160] EXT4-fs (loop3): DAX unsupported by block device. [ 1054.259755][T15038] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1054.324085][T15047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1054.527031][T15038] 8021q: adding VLAN 0 to HW filter on device team0 [ 1054.558262][T15047] 8021q: adding VLAN 0 to HW filter on device team0 [ 1054.637447][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 1054.645205][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1054.763734][ T3015] bridge0: port 1(bridge_slave_0) entered blocking state [ 1054.771377][ T3015] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1054.919212][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 1054.926931][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1054.943178][ T3015] bridge0: port 2(bridge_slave_1) entered blocking state [ 1054.950946][ T3015] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1055.285609][T15038] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1055.296397][T15038] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1055.320385][T15174] loop4: detected capacity change from 0 to 512 [ 1055.546661][T15174] EXT4-fs (loop4): 1 truncate cleaned up [ 1055.554459][T15174] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1056.069340][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1056.171878][T15187] Bluetooth: hci0: load_link_keys: too big key_count value 65280 [ 1057.162558][T15200] vhci_hcd: invalid port number 0 [ 1057.202442][T15038] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1057.770154][T15047] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1057.911130][T15038] veth0_vlan: entered promiscuous mode [ 1058.092163][T15038] veth1_vlan: entered promiscuous mode [ 1058.430595][T15047] veth0_vlan: entered promiscuous mode [ 1058.566238][T15038] veth0_macvtap: entered promiscuous mode [ 1058.664404][T15038] veth1_macvtap: entered promiscuous mode [ 1058.686019][T15047] veth1_vlan: entered promiscuous mode [ 1058.913438][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1058.924436][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1058.937053][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1058.948097][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1058.960145][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1058.971507][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1058.981855][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1058.992563][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.008243][T15038] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1059.172651][T15047] veth0_macvtap: entered promiscuous mode [ 1059.205314][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1059.216214][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.229050][T15038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1059.239921][T15038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.265237][T15038] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1059.364750][T15047] veth1_macvtap: entered promiscuous mode [ 1059.485523][T15038] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.497560][T15038] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.506964][T15038] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.516812][T15038] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1059.636435][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1059.647334][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.658520][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1059.671195][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.681936][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1059.692729][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.702872][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1059.713717][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.723841][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1059.735585][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1059.751971][T15047] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1059.854700][T15220] loop3: detected capacity change from 0 to 128 [ 1060.098517][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1060.110418][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.120619][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1060.134590][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.151064][T15047] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1060.161830][T15047] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1060.177095][T15047] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1060.480960][T15047] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.493866][T15047] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.503663][T15047] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.505493][T15231] loop4: detected capacity change from 0 to 8 [ 1060.512670][T15047] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1060.667840][T15232] delete_channel: no stack [ 1061.418814][T15241] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4041'. [ 1062.080188][T15251] loop4: detected capacity change from 0 to 47 [ 1064.282696][T15279] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4052'. [ 1067.133761][ T3043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.142168][ T3043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.498741][ T3015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.507275][ T3015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.545519][T15326] tun0: tun_chr_ioctl cmd 2148553947 [ 1067.799271][ T1050] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1067.808250][ T1050] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1067.917205][T15328] loop4: detected capacity change from 0 to 512 [ 1067.991885][T15328] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 1068.157105][ T1050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1068.165320][ T1050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1068.178912][T15328] EXT4-fs (loop4): 1 truncate cleaned up [ 1068.186542][T15328] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1068.488413][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1068.931097][T15338] loop3: detected capacity change from 0 to 1764 [ 1069.024932][T15338] iso9660: Bad value for 'gid' [ 1069.029975][T15338] iso9660: Bad value for 'gid' [ 1069.043938][T15342] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1069.412203][T14709] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 1069.647911][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1069.659383][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1069.669606][T14709] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 1069.679017][T14709] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1069.734053][T14709] usb 4-1: config 0 descriptor?? [ 1070.049354][T15352] loop1: detected capacity change from 0 to 512 [ 1070.162528][T15352] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 1070.229209][T14709] itetech 0003:06CB:73F5.0044: unknown main item tag 0x0 [ 1070.237517][T14709] itetech 0003:06CB:73F5.0044: unbalanced collection at end of report description [ 1070.271217][T15357] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4078'. [ 1070.537228][T14709] itetech 0003:06CB:73F5.0044: probe with driver itetech failed with error -22 [ 1070.572635][T14709] usb 4-1: USB disconnect, device number 36 [ 1070.595884][T15352] EXT4-fs (loop1): 1 truncate cleaned up [ 1070.603775][T15352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1070.775037][T15352] fscrypt (loop1, inode 18): Unsupported encryption flags (0xc5) [ 1071.181434][ T8190] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1071.366914][T15366] loop2: detected capacity change from 0 to 1024 [ 1071.715562][T15370] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 1073.263218][T15380] loop4: detected capacity change from 0 to 4096 [ 1073.311961][T15380] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 1073.557728][T15394] loop3: detected capacity change from 0 to 16 [ 1073.623185][T15394] erofs: (device loop3): mounted with root inode @ nid 36. [ 1073.643159][T15393] loop2: detected capacity change from 0 to 1024 [ 1073.744617][T15393] hfsplus: request for non-existent node 3 in B*Tree [ 1073.751543][T15393] hfsplus: request for non-existent node 3 in B*Tree [ 1073.939234][ T29] audit: type=1800 audit(1726773057.194:72): pid=15380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4088" name="file1" dev="loop4" ino=30 res=0 errno=0 [ 1074.188767][T15398] loop3: detected capacity change from 0 to 512 [ 1074.329786][T15398] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.4096: bad orphan inode 15 [ 1074.380066][T15398] ext4_test_bit(bit=14, block=18) = 1 [ 1074.385988][T15398] is_bad_inode(inode)=0 [ 1074.390460][T15398] NEXT_ORPHAN(inode)=1023 [ 1074.395256][T15398] max_ino=32 [ 1074.398648][T15398] i_nlink=0 [ 1074.452048][T15398] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2978: inode #15: comm syz.3.4096: corrupted xattr block 19: e_value size too large [ 1074.514636][T15398] EXT4-fs warning (device loop3): ext4_evict_inode:271: xattr delete (err -117) [ 1074.537895][T15398] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1074.553472][T15398] ext4 filesystem being mounted at /179/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1074.779488][T15398] EXT4-fs error (device loop3): ext4_add_entry:2435: inode #12: comm syz.3.4096: Directory hole found for htree leaf block 0 [ 1074.857454][T15407] EXT4-fs error (device loop3): ext4_empty_dir:3088: inode #12: comm syz.3.4096: Directory hole found for htree leaf block 0 [ 1075.215939][T13343] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1075.259487][T15411] loop2: detected capacity change from 0 to 64 [ 1075.460336][T15411] hfs: walked past end of dir [ 1075.629067][T15416] overlayfs: failed to clone lowerpath [ 1075.987930][T15421] netlink: 188 bytes leftover after parsing attributes in process `syz.1.4105'. [ 1078.047695][T15455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4120'. [ 1078.098668][ T5248] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 1078.273044][T15459] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 1078.366430][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1078.377921][ T5248] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1078.388216][ T5248] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 1078.400401][ T5248] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1078.464164][ T5248] usb 5-1: config 0 descriptor?? [ 1079.005410][ T5248] cp2112 0003:10C4:EA90.0045: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 1079.157883][ T5248] cp2112 0003:10C4:EA90.0045: Part Number: 0x82 Device Version: 0xFE [ 1079.195924][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 1079.202744][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 1079.381515][ T5248] cp2112 0003:10C4:EA90.0045: error requesting SMBus config [ 1079.414779][ T5248] cp2112 0003:10C4:EA90.0045: probe with driver cp2112 failed with error -71 [ 1079.495915][ T5248] usb 5-1: USB disconnect, device number 29 [ 1080.108629][T15472] batadv0: entered promiscuous mode [ 1080.114416][T15472] macsec1: entered promiscuous mode [ 1080.120716][T15472] macsec1: entered allmulticast mode [ 1080.129082][T15472] batadv0: entered allmulticast mode [ 1080.225314][T15472] batadv0: left allmulticast mode [ 1080.231532][T15472] batadv0: left promiscuous mode [ 1081.818491][T15492] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4137'. [ 1082.404502][T14709] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 1082.593012][T14709] usb 4-1: Using ep0 maxpacket: 8 [ 1082.622241][T14709] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1082.635480][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1082.647749][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1082.753414][T14709] usb 4-1: New USB device found, idVendor=1b80, idProduct=d700, bcdDevice=d0.46 [ 1082.763010][T14709] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1082.771274][T14709] usb 4-1: Product: syz [ 1082.775997][T14709] usb 4-1: Manufacturer: syz [ 1082.780832][T14709] usb 4-1: SerialNumber: syz [ 1082.864143][T14709] usb 4-1: config 0 descriptor?? [ 1083.106344][T14709] radio-si470x 4-1:0.0: DeviceID=0x0000 ChipID=0x0069 [ 1083.163744][T15491] loop1: detected capacity change from 0 to 4096 [ 1083.272041][T15491] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 1083.367942][T14709] radio-si470x 4-1:0.0: software version 0, hardware version 0 [ 1083.376023][T14709] radio-si470x 4-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 1083.389170][T14709] radio-si470x 4-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 1083.566827][T14709] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1083.579335][T14709] radio-si470x 4-1:0.0: submitting int urb failed (-90) [ 1083.662465][T14709] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -71 [ 1083.672396][T14709] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -22 [ 1083.687619][T15491] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 1083.764956][T14709] usb 4-1: USB disconnect, device number 37 [ 1084.714966][T15513] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4147'. [ 1084.727069][T15513] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1085.455948][T15519] Process accounting resumed [ 1085.460906][T15519] kernel write not supported for file /asound/timers (pid: 15519 comm: syz.0.4150) [ 1085.821856][T14709] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 1086.171951][T14709] usb 5-1: Using ep0 maxpacket: 16 [ 1086.205625][T14709] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1086.220454][T14709] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1086.221226][T15526] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4152'. [ 1086.238057][T14709] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1086.254986][T14709] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1086.376435][T13344] Bluetooth: hci4: command 0x0405 tx timeout [ 1086.400600][T14709] usb 5-1: config 0 descriptor?? [ 1086.920027][T14709] microsoft 0003:045E:07DA.0046: ignoring exceeding usage max [ 1087.150059][T14709] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0046/input/input46 [ 1087.324303][T14709] microsoft 0003:045E:07DA.0046: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 1087.378217][T14709] usb 5-1: USB disconnect, device number 30 [ 1087.452567][T15531] loop0: detected capacity change from 0 to 64 [ 1087.569573][T15533] loop3: detected capacity change from 0 to 64 [ 1088.541387][T13344] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1088.575222][T13344] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1088.590093][T13344] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1088.631036][T13344] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1088.678570][T13344] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 1088.695488][T13344] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1090.272973][T15539] chnl_net:caif_netlink_parms(): no params data found [ 1090.772804][ T5200] Bluetooth: hci7: command tx timeout [ 1091.183384][T15562] sctp: [Deprecated]: syz.4.4166 (pid 15562) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1091.183384][T15562] Use struct sctp_sack_info instead [ 1091.350777][T15566] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4165'. [ 1091.882702][T15539] bridge0: port 1(bridge_slave_0) entered blocking state [ 1091.890430][T15539] bridge0: port 1(bridge_slave_0) entered disabled state [ 1091.900824][T15539] bridge_slave_0: entered allmulticast mode [ 1091.910305][T15539] bridge_slave_0: entered promiscuous mode [ 1092.075005][T15539] bridge0: port 2(bridge_slave_1) entered blocking state [ 1092.085467][T15539] bridge0: port 2(bridge_slave_1) entered disabled state [ 1092.093608][T15539] bridge_slave_1: entered allmulticast mode [ 1092.102939][T15539] bridge_slave_1: entered promiscuous mode [ 1092.465536][T15539] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1092.623346][T15539] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1092.858569][ T5200] Bluetooth: hci7: command tx timeout [ 1092.911803][ T8950] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 1093.011477][T15539] team0: Port device team_slave_0 added [ 1093.071501][T15539] team0: Port device team_slave_1 added [ 1093.200913][ T8950] usb 5-1: config index 0 descriptor too short (expected 106, got 36) [ 1093.212278][ T8950] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1093.223699][ T8950] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1093.233904][ T8950] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00 [ 1093.246544][ T8950] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1093.310378][ T8950] usb 5-1: config 0 descriptor?? [ 1093.419064][T15539] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1093.426611][T15539] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.453048][T15539] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1093.558595][T15539] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1093.586937][T15539] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1093.617336][T15539] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1093.808570][ T8950] corsair 0003:1B1C:1B3E.0047: failed to start in urb: -90 [ 1093.833124][ T8950] corsair 0003:1B1C:1B3E.0047: hidraw0: USB HID v0.00 Device [HID 1b1c:1b3e] on usb-dummy_hcd.4-1/input0 [ 1093.992819][ T8950] usb 5-1: USB disconnect, device number 31 [ 1094.035034][T15539] hsr_slave_0: entered promiscuous mode [ 1094.139018][T15539] hsr_slave_1: entered promiscuous mode [ 1094.154033][T15539] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1094.164955][T15539] Cannot create hsr debugfs directory [ 1094.938220][ T5200] Bluetooth: hci7: command tx timeout [ 1095.352601][T15539] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.607455][T15539] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.857125][T15539] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.922645][ T3194] bridge_slave_1: left allmulticast mode [ 1095.929472][ T3194] bridge_slave_1: left promiscuous mode [ 1095.938391][ T3194] bridge0: port 2(bridge_slave_1) entered disabled state [ 1095.961163][ T3194] bridge_slave_0: left allmulticast mode [ 1095.968689][ T3194] bridge_slave_0: left promiscuous mode [ 1095.975539][ T3194] bridge0: port 1(bridge_slave_0) entered disabled state [ 1096.623578][ T3194] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1096.661833][ T3194] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1096.691835][ T3194] bond0 (unregistering): Released all slaves [ 1096.814432][T15539] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1097.013228][ T5200] Bluetooth: hci7: command tx timeout [ 1097.268675][ T3194] hsr_slave_0: left promiscuous mode [ 1097.288220][ T3194] hsr_slave_1: left promiscuous mode [ 1097.316371][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1097.324438][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1097.370970][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1097.378930][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1097.408716][ T3194] veth1_macvtap: left promiscuous mode [ 1097.416452][ T3194] veth0_macvtap: left promiscuous mode [ 1097.422608][ T3194] veth1_vlan: left promiscuous mode [ 1097.428156][ T3194] veth0_vlan: left promiscuous mode [ 1097.799626][ T3194] pim6reg (unregistering): left allmulticast mode [ 1098.226987][ T3194] team0 (unregistering): Port device team_slave_1 removed [ 1098.263385][ T3194] team0 (unregistering): Port device team_slave_0 removed [ 1098.595534][T15539] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1098.722316][T15539] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1098.767889][T15539] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1098.866399][T15539] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1098.950447][ T3194] IPVS: stop unused estimator thread 0... [ 1099.386664][T15539] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1099.478475][T15539] 8021q: adding VLAN 0 to HW filter on device team0 [ 1099.515598][ T3541] bridge0: port 1(bridge_slave_0) entered blocking state [ 1099.523642][ T3541] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1099.579846][ T3541] bridge0: port 2(bridge_slave_1) entered blocking state [ 1099.587621][ T3541] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1100.653935][T15539] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1100.947273][T15539] veth0_vlan: entered promiscuous mode [ 1100.999410][T15539] veth1_vlan: entered promiscuous mode [ 1101.196779][T15539] veth0_macvtap: entered promiscuous mode [ 1101.223940][T15539] veth1_macvtap: entered promiscuous mode [ 1101.358322][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1101.371909][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.382139][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1101.392933][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.405845][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1101.416771][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.426935][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1101.440381][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.459271][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1101.475324][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.490454][T15539] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1101.540660][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1101.560619][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.579400][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1101.590296][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.600474][T15539] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1101.614043][T15539] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1101.629060][T15539] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1101.694987][T15539] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1101.704245][T15539] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1101.713391][T15539] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1101.722560][T15539] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1104.492867][ T3043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1104.500940][ T3043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1104.632553][ T3015] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1104.640649][ T3015] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1105.243804][T15630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4154'. [ 1105.255222][T15630] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4154'. [ 1105.916489][T15642] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4180'. [ 1107.057161][T15641] loop4: detected capacity change from 0 to 4096 [ 1107.130289][T15641] EXT4-fs: Ignoring removed nobh option [ 1107.136384][T15641] EXT4-fs: Ignoring removed i_version option [ 1107.254579][T15641] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1107.397719][ T29] audit: type=1800 audit(1726773090.664:73): pid=15641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4182" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 1107.690117][T13994] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1108.191868][T14709] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 1108.397249][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1108.408830][T14709] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1108.422926][T14709] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1108.435857][T14709] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1108.483684][T14709] usb 4-1: config 0 descriptor?? [ 1108.785786][T15673] sp0: Synchronizing with TNC [ 1109.044691][T14709] cm6533_jd 0003:0D8C:0022.0048: unknown main item tag 0x0 [ 1109.052447][T14709] cm6533_jd 0003:0D8C:0022.0048: unknown main item tag 0x0 [ 1109.060013][T14709] cm6533_jd 0003:0D8C:0022.0048: item fetching failed at offset 2/5 [ 1109.161134][T14709] cm6533_jd 0003:0D8C:0022.0048: parse failed [ 1109.169949][T14709] cm6533_jd 0003:0D8C:0022.0048: probe with driver cm6533_jd failed with error -22 [ 1109.262666][T14709] usb 4-1: USB disconnect, device number 38 [ 1112.869085][T15706] loop1: detected capacity change from 0 to 4096 [ 1112.973748][T15706] NILFS (loop1): invalid segment: Checksum error in segment payload [ 1112.982461][T15706] NILFS (loop1): trying rollback from an earlier position [ 1113.077832][T15706] NILFS (loop1): recovery complete [ 1113.170737][T15722] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1114.107845][T15732] loop1: detected capacity change from 0 to 24 [ 1114.159241][T15732] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1114.272416][T15734] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4226'. [ 1114.992516][T15742] loop2: detected capacity change from 0 to 256 [ 1116.003320][T14709] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 1116.236135][T14709] usb 2-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 1116.245964][T14709] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1116.254445][T14709] usb 2-1: Product: syz [ 1116.258842][T14709] usb 2-1: Manufacturer: syz [ 1116.263917][T14709] usb 2-1: SerialNumber: syz [ 1116.329066][T14709] usb 2-1: config 0 descriptor?? [ 1116.630598][T14709] usb 2-1: ignoring: probably an ADSL modem [ 1116.741314][T15763] loop0: detected capacity change from 0 to 512 [ 1116.865515][T14709] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19! [ 1116.890432][T14709] usb 2-1: USB disconnect, device number 38 [ 1116.927662][T15763] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.4240: corrupted in-inode xattr: invalid ea_ino [ 1117.033957][T15763] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.4240: couldn't read orphan inode 15 (err -117) [ 1117.075905][T15763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1117.396948][T15047] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1117.904030][T15774] loop3: detected capacity change from 0 to 2048 [ 1118.093019][T15774] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1118.319463][T15774] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.4244: bg 0: block 274: padding at end of block bitmap is not set [ 1118.400591][T15774] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 117 [ 1118.413766][T15774] EXT4-fs (loop3): This should not happen!! Data will be lost [ 1118.413766][T15774] [ 1118.435223][T15788] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 0, id = 0 [ 1118.454420][T15787] IPVS: stopping master sync thread 15788 ... [ 1118.843308][T13343] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1119.049544][T15796] loop1: detected capacity change from 0 to 128 [ 1120.266201][T15818] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4262'. [ 1120.484963][T15821] netlink: 'syz.0.4263': attribute type 8 has an invalid length. [ 1120.776756][ T8176] ===================================================== [ 1120.784178][ T8176] BUG: KMSAN: uninit-value in n_tty_lookahead_flow_ctrl+0x2cd/0x300 [ 1120.792566][ T8176] n_tty_lookahead_flow_ctrl+0x2cd/0x300 [ 1120.798401][ T8176] tty_port_default_lookahead_buf+0x144/0x210 [ 1120.814455][ T8176] flush_to_ldisc+0x8ec/0xdb0 [ 1120.819340][ T8176] process_scheduled_works+0xae0/0x1c40 [ 1120.827550][ T8176] worker_thread+0xea7/0x14f0 [ 1120.835081][ T8176] kthread+0x3e2/0x540 [ 1120.839352][ T8176] ret_from_fork+0x6d/0x90 [ 1120.844135][ T8176] ret_from_fork_asm+0x1a/0x30 [ 1120.849118][ T8176] [ 1120.851731][ T8176] Uninit was created at: [ 1120.856185][ T8176] __kmalloc_noprof+0x661/0xf30 [ 1120.861199][ T8176] __tty_buffer_request_room+0x36e/0x6d0 [ 1120.869825][ T8176] __tty_insert_flip_string_flags+0x140/0x570 [ 1120.876186][ T8176] uart_insert_char+0x39e/0xa10 [ 1120.881315][ T8176] serial8250_read_char+0x1a7/0x5d0 [ 1120.886967][ T8176] serial8250_handle_irq+0x970/0x1130 [ 1120.895225][ T8176] serial8250_default_handle_irq+0x120/0x2b0 [ 1120.901396][ T8176] serial8250_interrupt+0xc5/0x360 [ 1120.914139][ T8176] __handle_irq_event_percpu+0x118/0xca0 [ 1120.924974][ T8176] handle_irq_event+0xef/0x2c0 [ 1120.929919][ T8176] handle_edge_irq+0x340/0xfb0 [ 1120.935012][ T8176] __common_interrupt+0x97/0x1f0 [ 1120.940168][ T8176] common_interrupt+0x92/0xb0 [ 1120.945297][ T8176] asm_common_interrupt+0x2b/0x40 [ 1120.950528][ T8176] [ 1120.955638][ T8176] CPU: 1 UID: 0 PID: 8176 Comm: kworker/u8:1 Not tainted 6.11.0-syzkaller-07262-g839c4f596f89 #0 [ 1120.966578][ T8176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1120.976897][ T8176] Workqueue: events_unbound flush_to_ldisc [ 1120.985591][ T8176] ===================================================== [ 1120.992771][ T8176] Disabling lock debugging due to kernel taint [ 1120.999052][ T8176] Kernel panic - not syncing: kmsan.panic set ... [ 1121.005597][ T8176] CPU: 1 UID: 0 PID: 8176 Comm: kworker/u8:1 Tainted: G B 6.11.0-syzkaller-07262-g839c4f596f89 #0 [ 1121.017778][ T8176] Tainted: [B]=BAD_PAGE [ 1121.022029][ T8176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 1121.032224][ T8176] Workqueue: events_unbound flush_to_ldisc [ 1121.038221][ T8176] Call Trace: [ 1121.041596][ T8176] [ 1121.044623][ T8176] dump_stack_lvl+0x216/0x2d0 [ 1121.049466][ T8176] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1121.055474][ T8176] dump_stack+0x1e/0x30 [ 1121.059788][ T8176] panic+0x4e2/0xcf0 [ 1121.063834][ T8176] ? kmsan_get_metadata+0x101/0x1c0 [ 1121.069227][ T8176] kmsan_report+0x2c7/0x2d0 [ 1121.073908][ T8176] ? up_read+0x74/0x1e0 [ 1121.078223][ T8176] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1121.084212][ T8176] ? __msan_warning+0x95/0x120 [ 1121.089132][ T8176] ? n_tty_lookahead_flow_ctrl+0x2cd/0x300 [ 1121.095127][ T8176] ? tty_port_default_lookahead_buf+0x144/0x210 [ 1121.101550][ T8176] ? flush_to_ldisc+0x8ec/0xdb0 [ 1121.106559][ T8176] ? process_scheduled_works+0xae0/0x1c40 [ 1121.112463][ T8176] ? worker_thread+0xea7/0x14f0 [ 1121.117503][ T8176] ? kthread+0x3e2/0x540 [ 1121.121933][ T8176] ? ret_from_fork+0x6d/0x90 [ 1121.126685][ T8176] ? ret_from_fork_asm+0x1a/0x30 [ 1121.131822][ T8176] ? kmsan_get_metadata+0x13e/0x1c0 [ 1121.137216][ T8176] ? kmsan_get_metadata+0x13e/0x1c0 [ 1121.142593][ T8176] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1121.148589][ T8176] ? kmsan_get_metadata+0x13e/0x1c0 [ 1121.153964][ T8176] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1121.159959][ T8176] __msan_warning+0x95/0x120 [ 1121.164709][ T8176] n_tty_lookahead_flow_ctrl+0x2cd/0x300 [ 1121.170544][ T8176] ? __pfx_n_tty_lookahead_flow_ctrl+0x10/0x10 [ 1121.176886][ T8176] tty_port_default_lookahead_buf+0x144/0x210 [ 1121.183138][ T8176] ? __pfx_tty_port_default_lookahead_buf+0x10/0x10 [ 1121.189910][ T8176] flush_to_ldisc+0x8ec/0xdb0 [ 1121.194751][ T8176] ? __pfx_tty_port_default_lookahead_buf+0x10/0x10 [ 1121.201532][ T8176] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1121.206890][ T8176] process_scheduled_works+0xae0/0x1c40 [ 1121.212661][ T8176] worker_thread+0xea7/0x14f0 [ 1121.217534][ T8176] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1121.223551][ T8176] kthread+0x3e2/0x540 [ 1121.227819][ T8176] ? __pfx_worker_thread+0x10/0x10 [ 1121.233123][ T8176] ? __pfx_kthread+0x10/0x10 [ 1121.237902][ T8176] ret_from_fork+0x6d/0x90 [ 1121.242473][ T8176] ? __pfx_kthread+0x10/0x10 [ 1121.247256][ T8176] ret_from_fork_asm+0x1a/0x30 [ 1121.252221][ T8176] [ 1121.255588][ T8176] Kernel Offset: disabled [ 1121.259969][ T8176] Rebooting in 86400 seconds..