last executing test programs: 4.172889731s ago: executing program 3 (id=2768): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f00000000c0)={0x18, r1, 0x1, 0x0, &(0x7f0000000280)=[{0xffffffffffffffc1, 0xfffffffffffffffe}]}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000000)={0x28, 0x2, r1, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x200000000000000}) 3.962516075s ago: executing program 1 (id=2770): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000470000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) modify_ldt$write(0x1, &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffffff}, 0x10) modify_ldt$write(0x1, &(0x7f0000000040), 0x10) 3.824826704s ago: executing program 0 (id=2771): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000003b40), 0x0, 0x0) ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000003e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0xca, &(0x7f0000000100)=""/202, 0x0, 0x0}) 3.632292036s ago: executing program 3 (id=2773): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000), 0x0) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x4e20, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000400)="1c", 0x1}], 0x1}, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'nicvf0\x00'}) 3.471926775s ago: executing program 1 (id=2774): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={0x0, 0x0, 0x5}, 0x8) 3.233324285s ago: executing program 0 (id=2776): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x0, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0) ppoll(&(0x7f00000001c0)=[{r0}, {r1}], 0x2, 0x0, 0x0, 0x0) 2.939453431s ago: executing program 0 (id=2777): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202}) ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1) ioctl$BTRFS_IOC_BALANCE(r0, 0x800454d2, 0x0) 2.861585217s ago: executing program 1 (id=2780): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000780)={[{@noload}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@auto_da_alloc}, {@block_validity}, {@quota}]}, 0x3, 0x434, &(0x7f00000002c0)="$eJzs289rHFUcAPDv7CataVMTS/3RtGq0isEfSZPW2oMXRcGDgqCHeoxJWmK3jTQRbAkaRepRCt7Fo+Bf4Ekvop4Er3qXQpFcWj2tzO5MsrvZTbPpJlvdzwcmeW/mLe99d+btvjdvJ4CeNZr+SSIGI+L3iBiqZusLjFb/3Vpdnvl7dXkmiXL5rb+SSrmbq8szedH8dfvzTF9E4bMkjjSpd/HylfPTpdLcpSw/sXTh/YnFy1eem78wfW7u3NzFqdOnT56YfOHU1PMdiTON6+bIRwtHD7/2zrU3Zs5ce/fnb5M8/oY4OmR0s4NPlssdrq67DtSkk74uNoS2FKvdNPor/X8oirF+8obi1U+72jhgR5XL5fIDrQ+vlIH/sSS63QKgO/Iv+nT+m2+7NPS4K9x4qToBSuO+lW3VI31RyMr0N8xvO2k0Is6s/PNVusXO3IcAAKjzfTr+ebbZ+K8QtfeF7s3WUIYj4r6IOBgRpyLiUETcH1Ep+2BEPNRm/Y2LJBvHP4Xr2wpsi9Lx34vZ2lb9+C8f/cVwMcsdqMTfn5ydL80dz96Tsejfm+YnN6njh1d++6LVsdrxX7ql9edjwawd1/v21r9mdnpp+k5irnXjk4iRvmbxJ2srAUlEHI6IkW3WMf/0N0dbHbt9/JvowDpT+euIp6rnfyUa4s8lm69PTtwTpbnjE/lVsdEvv159s1X9dxR/B6Tnf1/T638t/uGkdr12sf06rv7xecs5zXav/z3J23X7PpxeWro0GbEneb3a6Nr9Uw3lptbLp/GPHWve/w/G+jtxJCLSi/jhiHgkIh7N2v5YRDweEcc2if+nl594r27H2GAb8e+sNP7Zts7/emJPNO5pniie//G7ukqHo4340/N/spIay/Zs5fNvK+3a3tUMAAAA/z2FiBiMpDC+li4Uxserv+E/FPsKpYXFpWfOLnxwcbb6jMBw9BfyO11DNfdDJ7NpfZ6fasifyO4bf1kcqOTHZxZKs90OHnrc/hb9P/VnsdutA3ac57Wgd+n/0Lv0f+hd+j/0rib9f6Ab7QB2X7Pv/4+70A5g9zX0f8t+0EPM/6F36f/Qu/R/6EmLA3H7h+QlJDYkonBXNENihxLd/mQCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADojH8DAAD//ygv5wk=") setxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000100), &(0x7f0000000880)=ANY=[], 0x386, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000000)='./file0\x00', 0x0) 2.660072778s ago: executing program 2 (id=2781): r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r0, &(0x7f0000000040)={0x1f, @fixed}, 0x8) listen(r0, 0x0) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000), 0x4) 2.478023179s ago: executing program 3 (id=2782): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000980)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000240)=[{0xffffffffffffffff}], 0x1}}], 0x2, 0x10162, 0x0) 2.373871486s ago: executing program 2 (id=2783): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1c751}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x0) 2.181556466s ago: executing program 4 (id=2784): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'ipvlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r0) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000800000014000280100003800c00050000000100040000050c00018008000100", @ANYRES32=r1], 0x34}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 2.181107002s ago: executing program 1 (id=2785): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xd3, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000001d80), &(0x7f0000001d40)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r1, &(0x7f0000000a80)="d47e2ecf7a6c9382d1ac78f6b9ad105e5d7c80d71c1e9725055d1ce878dec80a1acb0179", 0x0}, 0x20) 2.082374603s ago: executing program 0 (id=2786): syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', 0x4, &(0x7f0000001ac0)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRESHEX=0x0, @ANYBLOB="37385c645ea74d3cb2b7c5be2aac484b3cb7d880d4c102a2ce44483794e5c5afe14ec7c9fc38e3d72f7f96eba1520cf1c5e002f4e73e0c301a31d85040c52d01e243191b9c99bc0146a7e7c82cbeaec3ae3563ae99ca1573bcd36a90fa8272a71ba582a18a008ccc58cb5a518d1a95a528672c414a16aa51b4220106f41edd61c9c05080f30b4a44c8a3f7d58b6cde140e2809bdc044eec871442acc79526604279ae79fe1e9a166baf5f94476ff54f054f2ec604bc4c321fd4337069c5cd8434345a9dd3c570fd97a46a3565f7e91ba46be96374e4d30a0b608916477ef83ce3d3d25ff7ead72cf5be16afb7652ee56a68baa33ccf9d0c7447bf29ab6d8c934652485945d2383e56d819a90fb0766f62729efb213e43686dc2d403e5e53990830efd1365d6c172d9a37ded9d5e65d64a5486dc034514402bb3eacbde813294edd996d26944847da413eb3aa28cfe78e6d71bbd9781aa42840dd88debb25b95d2df87527915f3889e77a880b3443809a40b0bf1be9c387db8a884a928f63761795c5133f9989468a9f389514fecaf1c88d029087928342cd0ea918debd566b935e5f70257d5f80e136478c2ec0e82e7cacae09347b106b7c9a6701c683354b9a86e534bb3079016f14af66d2a4042d5e357719268d85df9e9b7e0b9112769b3496ec411de0cc0893e202c2ac90fca3fae98e1ffe097a9a74a1319ad372940e7d2be239a0e3e260edaa564b0d549304dce6c5fa3bcc2412a0e44a5de4ddff162fb5f57ffa0334722ab1507c560aec85e3000e1894582042f3d189db99f36c3f3d79c0d573bc2306d701fcd2cda5fbaa812bb99254433e3dc96487bed89ebc731fc6cad61a81c55757df059cb38a0371f51406784ae9940107ce30b11df1f9f261e80879bb53cd9ab75b2073ece49b553bf898bafb7ea6b961bc7888d6da2bccd30ba71e2d214f848874f671459c6c1a19c8c10d09ef93d33cb4a0d787b0339049222e4f943408dcc447f5b88fe118da7401b3277ed1dbcbb59216b55bf08265f61e85f70d32d8c9a741935397fdf18baa5c9fa90261cf957ad70ccf3bfef701ca94d12d01e8abe154699b7511d3c684636f17438564a7035d31e15ce7692cd7482190a23793dbfe8de787a1bd626eb95ced4b2dcd4733d5283243b5f3468ebbc321250e9742caf09ed43c8452ebe1c2e6c824f3a26c8ceb4b53f39688a66e2f10a5b14eef77c623aa4afe18b9df05b39a48b57ce9ffb74c34852043fb06240ca1e4e63dd5b700c29c3fad0987034e5e97a956c9ae0d98cf56f607dd5bff0eea33d465be4e43c580fa9f6f22b0a6c2ba3a45c7809647c577c466fcd42c6b55c948113ee89f69281cbab73dac0cca30cdd1f9e24a3857bce4674c928748f35730703a15f3c00718656bed282bb325e24af3f9af0d8a9074a6d7515a7111ed6884e909cdc52761e2b0cbc1643b90242c74ad789e05a91154277bbc6b62f9461f610b48a3d373ff6617180c97b401ec978b0cc03bb730bc727a9a0cf219b333fda350482f680e9a50c6b72bf4ef46f0e989a45141241711dc3e91cf6f0ff6e6fa5eedc802c4d784cd7a95a19f01ea1cab4a16d6a0ec1a148a6707f5a8e3f6b9f5346890c8b07f1e71e1fd8401764de78c080cb0fd7a95f6f9f493251a46fcf4438bd8587fca86d2146fd152c8d58356aa8f16ec67ba018c808fe5825e47c16d19e180041be1025c9f1d57ca02af5f30dc4bde4e8a88d2336b2febeb695a9d06bd92b6d9739e9d06f2744087bf7e6be448932908f4107167c17a21e376ff05dff1b6569a17dd2ed915fc1bcec29f0e7d07824daa16d7b4ba341f656c99ebecc4b57596dcc8333ab2ee186f7074fb4311219362bf6f22a54fca1ca92ec1f2a583528ea992b748e9098519bb2e5f8a17a4bea700eff232cadd30ca9ec4fb30ee3df2b41e767f420cc2f231a82c4580e3bd6b5dce050b87287e872aab77fe866a17f3f36ca678d880f612174e8f96654565735222b4bd95f8b3f39a144139f5bddca34f2a32be95bd5fe698c9cfa96c32deb62954fc4b213713bd5fc3c5e8517bf286bb35c73b5731c8b02bd9e49a1826c620b42a368005e0b9a8d3a3780dfdb6843d7e30c48b5f3fd2f5076f99f5f15eec65553b0da221ab36d5486a47651b7d7ace7b688fc6425336e7bb1a910627a5c7992cfb1d1bad25f451da6317a3ef0a644750948b93b640ddd7efd6a218a5b61d91866f7926018bf796556401f8bdee9b4291cd77b2302abdb4350ad25a751787cd4587599f41d85daf5d6b16a071787f29a7b1cdb41a94ac8dfb8c03008c551bb19f2dbc7c295360ea6eed148e3ec7021e77a572d87f868e95a036422cff7301a200b3a75da994f270ad2441a94a984308c39b521dcb30497aabc508317fe6a66548a16b57d6a6999e786838dfa0532c3da4f157c123a6048d530162c6d36e273d9c91d6b4556bbc30b82082c790d11cfb8944f2e60023519ba658a4ef5be5428c4a2f2d3f215639c7892d89dff1e5a1773dadbbd729f4bfa5a79a331de9722709e568cf49c8cfd4c5cd3e78d8c794bfa91a3017fe1d0ac411a8a466c70220e7af259e1e1366eaab0dc3da3ffdb6ab74af485fe317c4077d6cd6dc248064a1372e6c9ac2882397eb38d61980d16055093d23e09e36cd1bee5aca2b2eb5aeee80027651c7a569d4c8cbf26725eeec500a91477cf5f0b7db417959df620fd24fe996813615947ece51ab3fcff835d183c58f4c926bef47b21a0c2cdb83ccc0ee56eb08b28e84e7a860131870c1391fbdd85b83be20ad639899cb47a5adb8c25ebf890ba9fddfe9a22e2e38cbffe930ea621ba9430aae344c7ed37f48b7e80df6456f1d3e0188deb416ecb0e7929aac378892b67dedc2fd813cd29058d6f611d09bcbcc3af9dd0f3cb21f686c838599dbf8e33fada3277b917fff9fb1d890ff8eb573d451b11cded7b297b420b1647e865e65dfea2a7e5339e0b37c5ccf305ca210caeb550205c2faddc6d71e423ffdde70b297fb6004dc5a7fa752681fa77728ef353940fc4c5bc16cc8bde2ce1ec01236d09701e57ee546acb8a29580caa509e29100c0a3f77baf7196dd5bd71ffe6d927b64f9e946bf3b8387b511296e4c58510a17a532adc8a4617777427bf5443f18fd9cd567a81894365c9f1b704d8e3b6e7888403b4a01c48208b85c34eb80c57d362f7d827c657837ce657bf7ff5c328c62cf51a1b34227bc2cf7c1f1018050fe080a6f5bcdb9272ec1b1b9191280539cd03322d4c369961fb53ac837774a3d0d40bd23fb1c8313c90520cb3256f3c01895741562f89237c13720227969621c893fb8c637b240307358f0590f0c4ac113a8940c2a4cd58d0069e0063bc115fe1a4e77a62d2cf982a084610a3c2bb125e8551b674528d3b0204de5ca40e73b36d10966513f1a5620d3156c24aad13fa7c15b6fb6154b6891546f93e293367519b82af1e3d868fef91b487302db3cc1369cff1526810ddeaa745aa035e289c3569574ebb5dcffc8b7fe2ca2a6f82ae4c4428e4f647ad07de16029c4c50a5c9d99ccb6f47e30f225433edce71b6b063b695bfe6d4512014bb723779d5eb0c88221c2d9f43a41e8665d34e9077b8db1f0d73c06bb98f343751a3b473273f239cf58ae1f8f54cf375c0362675ae881fad509c718eaba02e5beb14202d120b4634055dcc2d87fc49645110b417fd80a865fa78ba67dba4f1666561c234082f3bc43d253ca2682cf27cd125f90c1b7fc4d92b1c9e68871833c68aba209f1e490d507aa082703be8ec0ba53b0bfffbe5b4075f1aaa55a176e1ef109b788361d8828589d0da1459a3568844844d0cb6312efd886e3a480f3e89a62dcbff267b642d91a31e833fa752a5d675e52c6c2c0dc5ab1b28ccfb5e70237c1347fbc0e71c4b83c1a94d99035e36017299902be458fb0667f2acd779775aba197d91c37bf3b6a74cee4bff7578bd13dce3ed888c7cdfd20d32cd97e26e7098dc8d4ac2b8371d1f008d5d9dc22410cd7ac76db63a2c081743dd03760ca9ed1fcdf0b1bc38ed301c05240f6966c37685ef67fa87ec81f1096cdb7ab137a3206be013d030270d98bd75eb09616d987083e9418cedd5994740fe0a386ecfa4639beedc79a59f92e468a9ff1860a848e075032b1c2d4243a8396203f7d3d65b721f77b8bd1e27828be5cfe30626c92caae4f6562a8e1452ad2e96b46a1ad70e60af684b125d6072428edf2d45b4aad20e21d036021fda3e2f3fe0287039a3f9efe0e87ab389103a7189083bcf220f5015957954aebe1b8420360fe750490a5814bf16b992ce4517b05c91faa1bb14fff74a5bde04d1e12fbfca011cdf9e579646a7cb128de0e6b509054b648178f5b26b0c08bf4775223ad55963397253e56f3bfed37d53ba06dff5e1b41f3c5b590bdc4143abcf3362f950f6b1b50ad3ca96e821f816d1d062f91a23158a6ace554629964f3ea457e8f21ca6214646b2f0a1cfc237adb4a42cf9364ccbd0033dbbc31a33c20542182daf4045052b7db410d694cb8923483e388877ad972e218fc01fcfc3202bd0aa9ecfe8866e8a5ad1cbba930046c89a22ad5026ea53d356c247d97b31c551573dcd354b7dab7d95dcdceea888dbf0d52058d79e99e072a8ac229005851bf47aaf7ec431c093b29160a8e13f3630f1d800969e19aa06e9fbb9ec50e0594363c658ff741548badc32a0f9aea625065af470360eb162d8945c76f10d6cbc8cf77ea9feac50243e086fefe9293e8e5404803e816dce96f2b0d275a21b70ae8873a9380301d65de450e6a5c2b3c5e5bee56f3b2729a0add50db4804c77bab515e5af6e4d42db2765d3125d3cd5eef61389f16c8f06112d238ed408d7016f4a899563eed025107a19df460fe7a8d2e82483b18b056dcb45690494e487876c743383ab34b02991d48911ef5932f08bafe7005bf7b8377d6e6167ebb86a4c4e7c51d3a66fcbf49114e49c322666ab655a0e3ef6e6c0b1adf56cc3de4e15bd53bba3f82e1763f111009de8567ef794af7d4dd91292320aba01b3a9e95a9d43c6259c5b8ffc5333ccb06e70f4d2b84cf048a455c126cb4202e475f090dd82f7c0766b186adebe554ea19b48de0070d0fe552740808ee46035686ffd3a7f400ebea7d2f2b29bc2b193ce8e52f9dccdc6da87682b41ee5fc35e7848861bfb95c9fe11b3b3b7505ae6e3a1bab4ac1c16832f75c7a3d686235648169be74c180fa7e1f7b56aff2397545f746695d2b97802f042c7dd5f7acec616c489562aaf0bb3ea2693e3b7147466548d0a73e85f7b6fb9549b15541e2dda5ca76ef3e044af5c86caee8b5844f9d4ddaea4b81adc5a3a0e762a1687d368f2416cf4f7d9fde980df375f5057249610f6a310ea77ef14ba88ecdefc2666afdbaea83ebf68168ec757cfa91e73a1521a91188c1e7bb51520541cee268e3d5c7a1e2083b5334cbc338ec59a0b938e6c16cfae621bdd6dcc3b80ac773038b3b65cff2f2433f4f09076661a49a1ffff531630c92af16de3507f44efa9baf35939dc6baaa88a0cd62dbe201dfb2e744152650c09547b2715aa4bff046cb833fd5f1c49cc46073b9d19834fbc7d365dc532838a862efbd735313e2635fc4599808165fb5225390b84d4e8b188c66115527ca513fb257ffbfd52c199990bf32ede4e2504398abf0434d72614cf3a4a83a150f8f1b28a81411d1a8e52aa44dff7e75b0b02012d88b0f1edc974981b8e0557f8797c5b4c3af7b196cc7903bb10eb6c8261566fb7a5cf0f667", @ANYRESOCT, @ANYRESHEX=0x0, @ANYRESHEX, @ANYRES64=0x0], 0x1, 0xaf0, &(0x7f0000006740)="$eJzs3U2oXFcBAOAz7715P21sJpq0zzS2idW2/vSleXnGn6BJSRAMTRE3haKLkKY1GCNYQS0FX7JyZ0uJ4EorrgpSqgh2I6ELcVOwgSJ0VV24MEYsuNBoMvJmzpk3czLTOzN5b34y3wd3zpx7zp1z7p07d+7vOQGYWFO115WVxVIIF1578ejf7v/rwtqYQ40cldrrTFOsHEIoxfhM9nnvTNfDa+8+d7JdWArLtdcUD49daUx7ewhhNewOF0Ml7Lxw6YU3lh89fu7Y+T1vvnzw8ubMPQAATJYvXzy4suPPf7x729VX7jkc5hrj0/55Jca3xP3+w3HHP+3/T4XWeKlpaDab5ZuJw9RCa77pNvmayyln+WY6lD+blV/ukG8uvHf5003j2s03jLO0HldCaWqpJT41tbRUPyYPteP62dLS2dNnnnpmSBUFNty/7g0h7G4ajpxvjY/acGgE6tDnUB2BOozlcHhwZV2t1g19ngc0VLcOewsEUJdfL7zBan5m4eY0Pm2mu/KvPDLVfnrYAINe//NTWe9Z/uymlB+6Lj8o/xfnbHHYOLfq2pTmK/2OtsR4fh0hv3+p8+8vv9LROja/HlHusp6driOMy/WFTvWcHnA9+tWp/vl6cav6fAzTcvhClt78+8m/03H5joH2/p2f/x+j4fAI1GEShr9/beXOYdfB0DSElnj5Zj6rOuTtDzC68vvmqun6aDxAyu/ra6RHcwXp8wXpCwXptxWk316QDpPs19/5UXi+tH6cnx/T93o+fEuWfEeP9cnPR/Zafn7fb69utvz8fmIYZb898fipzzz5xKX6/f+lxvp/Pa7v6XCjEn9bF2OGdL4wP6/euPe/0lrOVId878/q8742+Wvvt7fmK21f/5zQtJ25oR6LrdNt7ZRvV2u+SpZvIQ7zWX3z/ZPbsunS/kfarqblNZPNbzmbj9msHmm7si2GeT2gH2l97HT/f1o/F0O59NTpM6cejvG0nv5hujy3Nn7fgOsN3Lxun/9ZDK3P/2xpjC9PNW8Xtq6PL9W3C6/Gz2sdvxxC+H2b8ftjPP3PfX16oTZ+6eS3zjy5OYsAJtYz33/2GyfOnDn1bW/6fvPF0ahGL2/SYcuo1Meb4bxJ60GbpCFulICB2PuD+k7AQ6e/eeLpU0+fOrv/wIH9y8sHPrt/ZW9tv35v8959s9Uh1BbYSOt/+r1OeW5zKgQAAAAAAAAAAAAU+u6xo5feev3Tb9ef/19//i89/5/u/E3P//8we/4/f04+PQefngPc1ia9lidrYHU2y1eOwwey+m7PytmRTXdnDBv9+C3WmzBIxeXtuqb63JWNL3eIZs0J3NBeymzWBkneX+CHY3g+hj8PMESlhfajY1jUvnVa11P7FE3tUlS1Dzw+0veW1obUjkl6/js9753ag7gjtH7Z2wZQRzbeIJ40HPY8Au39YyTb/457H6vFeV/q6XP/uT7jQ59HQ+dhZrDl/WRy14lqx730bnuwAdgYw+7/M533TOHZ331pfm1I2a480rq9zNsvhV786a3W+Kj3P7nZ5ef99g26/GHP/6D7/2z0f9f19i/rMa/SX7n/+enlt5uKDTu7LT+f/9QO9Pbeyr8ay09z80DorvzqS1n5+QWhLv03K/+2LstP899ofWNXf+X/L5afFtuD93Vbfr3GpanW5ZCfN07X//Lzxsm1bP5T255r5Vbbl/+VZ9P8N1/E67OjxuuxfJhk49LPbK+y/YjGTnv//f9Gqxvb/2+jstnfSn4fxqdiPG2I030OeX8nvdY/3V+R/gd2ZJ9fKvh/0//vePtcDIt+D6n/37Q+VuJfflO8tixTvNxm2d6q2xoYV++M3vW/XzYqN/y6DGOYH4E6GHYvdJu3Ot3H589t6Do+3/e01Wp1c09oFRhq4Qx9+Q/7OGHY5Q97+RfJ+//N9+Hz/n/z9Lz/3zw97/83T1+I31Cn9Lz/33x55v3/5ul3ZZ+b9w+8WJD+wYL0ne3TG4ftdxdMv6sg/UMF6Xsa6YdacqT0ewqmv7cgvXb9c65z+n03TF+qvab0jxR8/kcL0u8vSH+wKb25D+iU/rGC6W916XmUSZ1/mGT583l+/zA50vWfTr//7QXpwPj68Sv7jjzxq69W6s//zzbOh6TreIdjvByPn74X4/l179AUX0t7Pcb/kqWP+vkOmCR5+xn5//sDBenA+Er3efl9wwQqzbcfHcOidqs67eczXj4ew0/E8JMxfCiGSzHcG8N9MVweUP3YHEde/c3B50vrx/tbs/Ru7yfPnwdqaScqhLC/y/rk5wd6vZ89b8evVzdbfp+PgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzNVO11ZWWxFMKF1148+vjx03vXxhxq5KjUXmeaYuXGdCE8HMPpGP4svrn27nMnm8PrMSyF5VAKpcb48NiVRkm3hxBWw+5wMVTCzguXXnhj+dHj546d3/Pmywcvb94SAAAAgFvf/wMAAP//LIwNqw==") setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) 1.840631486s ago: executing program 2 (id=2787): r0 = socket(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x10, 0x4, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x3c, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWTUNNEL_IP6_TC={0x5}}, @NHA_ID={0x8, 0x6, 0xf2}, @NHA_OIF={0x8, 0x5, r1}]}, 0x3c}}, 0x0) 1.672655812s ago: executing program 4 (id=2788): r0 = syz_io_uring_setup(0xd79, &(0x7f00000035c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=0x0, &(0x7f0000003580)=0x0) r3 = socket$inet_sctp(0x2, 0x5, 0x84) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r3, 0x0, 0x0}) io_uring_enter(r0, 0x291c, 0x0, 0x0, 0x0, 0x0) 1.661754121s ago: executing program 1 (id=2789): syz_mount_image$msdos(&(0x7f0000000480), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYRES64=0x0, @ANYRESOCT, @ANYRES32, @ANYRES64, @ANYRES32=0x0], 0x1, 0x159, &(0x7f0000000780)="$eJzs27HK01AUB/ATv6hVl87iEHBxKuoTKFJBDChKB4uDQnVppWCX6NRH8YV8FEE6dbuiKbXWVigYY7/+fksP/Sdw7pCc3EBe3Xg3Hk1nb6dPF9HJssjvRRHLLLpxIc6iNg8A4DxZphRfU0rp8jyufIqUUtsdAQBNM/8B4PSY/wBwev40/7ttNgYANOb5i+Hj+2XZf1YUnYgv82pQDerfOn/4qOzfLn7YeBxYVNXgbJ3fqfPi1/xiXF3ld3fml+LWzTr/nj14Um7l12LU/PIBAADgJPSKtZ37+16++uu3vK423g9s7d/zuJ7/kyUAAAeaffg4fj2ZvHmvUBxBMcwi/oM2jq/4/DLioLPavjMBTft50bfdCQAAAAAAAAAAAAAAsM/f+sAoj4h9x7S9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANj2LQAA//+EAU2W") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000180)='./bus\x00', 0x0) renameat2(r0, &(0x7f0000000380)='./file0\x00', r0, &(0x7f0000000200)='./bus/file0\x00', 0x0) 1.485914779s ago: executing program 4 (id=2790): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa08ff"], 0x0) 1.335040096s ago: executing program 4 (id=2791): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file0\x00', 0x420c, &(0x7f0000000100)=ANY=[], 0x6, 0x35e, &(0x7f00000025c0)="$eJzs3c9rM0UYwPEnP5vk5W1yEEVBOvhe9LK8jZ7FIG9BCFjaRmwFYdtuNGRNSjZUI2Lbk1fx7knwUHqz4KGg/Qd68aYXEbz1IniwF13ZX8lmk7RpTIy23w+UnczMs5nNbMozaTd7+fbnH9SrllbV2xLPKImJiFyJFCQugZi/jbvltIQdyksPfv/x+fXNSsarUCuljZeLSqnFpe8+/CTrdztbkIvCu5e/FX+9ePri2cu/Nt6vWapmqUazrXS13fy5rW+bhtqtWXVNqVXT0C1D1RqW0fLav/H3Yzb39jpKb+w+zO21DMtSeqOj6kZHtZuq3eoo/T291lCapqmHOcFNKsdra3ppwuCdKQ8GM9JqlfSEiGQHWirHcxkQAACYq2j+H3dS+kny/y1ZLJefrCmncy//P3nhvP3grdNFP/8/Sw/L/1/5ydtXX/7vLCd6+X/TWx9Ub87/v5Rb5P+DGdH9MnH+X5jBYDCZpfRAVazvkZP/5/z3r+vonZPHboH8HwAAAAAAAAAAAAAAAAAAAACA/4Mr287btp0PtsFP7xIC/zHupFHzvyAiGWf2beb/Llvf3JKMe+GeM8fmZ/uV/Yq39Tuci4gpxp92lHNuBFceKUdBvjcP/PiD/UrCbSlVpebEy7LkpeCeT6F42155o/xkWXn8+O5lSrlwfFHy8lQ4/lv37HTii/3x/vOn5cVHoXhN8vLDjjTFlF03svf8ny4r9fqb5Uh81u0nIr/865MCAAAAAMCUaapr6Ppd00a1e98yUqq6HxN11+zD1vePh67Pk/nnkvM8cgAAAAAA7g+r83Fdl7jRcgumOayQlZFNUygk+2pSIjK0czpSk7puz4nQEY47nrR4dzD5p8f1VfCq3iYq+EeKBX/rNvl3VJHJxhMcv1sTS04+TbFDbzyH4aa4jBGejA5+yalQQzs/GrmfI/9AujXBx0bpEa+zrA7uJ37NmZAaqLFjkZqEjPWKPfPF139M7w3y6ql/Bnx0c+cj07APZJxJiRScpxhsSs30lw4AAACAuegl/UHNa+Hm8I1EwjfL4S/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABM0Uy+0i9SmPcxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8VfwcAAP//kQTvaA==") capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0) ioctl$FIBMAP(r0, 0x1, 0x0) 1.179330157s ago: executing program 2 (id=2792): r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x8863}, @TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) 1.041377363s ago: executing program 3 (id=2793): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x8e, &(0x7f0000000140)={@local, @random="0077c500", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0000f5", 0x58, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x2}, @sack={0x5, 0xe, [0x9, 0xb3c, 0x8]}, @fastopen={0x22, 0x11, "f9f61e4eca0bc60710b842da06565c"}, @md5sig={0x13, 0x12, "c72b104a7159aaff8fc064f3f593e98b"}, @sack={0x5, 0xe, [0xd41, 0xc52d, 0x6]}]}}}}}}}}, 0x0) 796.510195ms ago: executing program 0 (id=2794): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x27) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 734.941925ms ago: executing program 3 (id=2795): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macsec0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_AF_SPEC={0x4}]}, 0x38}}, 0x0) 720.65341ms ago: executing program 2 (id=2796): syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file1\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x3, 0x632, &(0x7f0000001840)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=") creat(&(0x7f0000000100)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) 666.115264ms ago: executing program 1 (id=2797): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x80, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 611.992622ms ago: executing program 4 (id=2798): ioprio_set$pid(0x1, 0x0, 0x4004) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80080) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendfile(r0, r1, 0x0, 0x8) 401.161782ms ago: executing program 0 (id=2799): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect(0x4, 0x24, &(0x7f0000000100)=ANY=[], 0x0) ioctl$EVIOCRMFF(r0, 0x550c, &(0x7f0000000400)=0x7000220) 165.399046ms ago: executing program 3 (id=2800): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4) listen(r0, 0x0) 73.078426ms ago: executing program 2 (id=2801): r0 = socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) connect$inet(r0, &(0x7f0000000380)={0x2, 0x0, @remote}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @multicast2}, 0x10) 0s ago: executing program 4 (id=2802): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) r0 = socket$can_j1939(0x1d, 0x2, 0x7) r1 = dup2(r0, r0) setsockopt$SO_J1939_SEND_PRIO(r1, 0x6b, 0x3, &(0x7f0000000040), 0x4) kernel console output (not intermixed with test programs): T9021] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.308375][ T9021] bridge_slave_0: entered allmulticast mode [ 596.318235][ T9021] bridge_slave_0: entered promiscuous mode [ 596.338858][ T4410] tipc: Left network mode [ 596.458830][ T9021] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.466822][ T9021] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.474673][ T9021] bridge_slave_1: entered allmulticast mode [ 596.485566][ T9021] bridge_slave_1: entered promiscuous mode [ 596.572524][ T9105] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.1637: corrupted in-inode xattr: invalid ea_ino [ 596.631237][ T9105] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.1637: couldn't read orphan inode 15 (err -117) [ 596.690557][ T9105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 596.987080][ T29] audit: type=1800 audit(1727219193.718:37): pid=9105 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1637" name="file0" dev="loop2" ino=13 res=0 errno=0 [ 597.072427][ T9111] loop4: detected capacity change from 0 to 736 [ 597.076651][ T9021] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.568339][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 597.680227][ T9021] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 597.998943][ T5192] Bluetooth: hci0: command tx timeout [ 598.683050][ T9021] team0: Port device team_slave_0 added [ 599.255046][ T9021] team0: Port device team_slave_1 added [ 599.513748][ T9126] cgroup: fork rejected by pids controller in /syz1 [ 599.861810][ T4410] hsr_slave_0: left promiscuous mode [ 599.905483][ T4410] hsr_slave_1: left promiscuous mode [ 599.950430][ T4410] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 599.965820][ T4410] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 600.058406][ T5192] Bluetooth: hci0: command tx timeout [ 600.110640][ T4410] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 600.119136][ T4410] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 600.335594][ T4410] veth1_macvtap: left promiscuous mode [ 600.341698][ T4410] veth0_macvtap: left promiscuous mode [ 600.348124][ T4410] veth1_vlan: left promiscuous mode [ 600.353755][ T4410] veth0_vlan: left promiscuous mode [ 600.400934][ T9120] loop4: detected capacity change from 0 to 32768 [ 600.608495][ T4410] infiniband syz2: set down [ 600.885617][ T9120] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 601.081844][ T5187] ocfs2: Unmounting device (7,4) on (node local) [ 601.602442][ T4410] team0 (unregistering): Port device team_slave_1 removed [ 601.626376][ T4352] smc: removing ib device syz2 [ 601.722096][ T4410] team0 (unregistering): Port device team_slave_0 removed [ 602.068488][ T9021] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 602.078912][ T9021] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 602.106613][ T9021] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 602.149280][ T5192] Bluetooth: hci0: command tx timeout [ 602.149592][ T5243] infiniband syz2: ib_query_port failed (-19) [ 602.632112][ T9021] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 602.639614][ T9021] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 602.666678][ T9021] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 602.904088][ T9141] loop4: detected capacity change from 0 to 128 [ 602.913772][ T9141] EXT4-fs: Ignoring removed nobh option [ 604.248355][ T9141] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 604.278913][ T5192] Bluetooth: hci0: command tx timeout [ 604.353285][ T9141] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 604.419063][ T9141] fscrypt (loop4, inode 12): Direct key flag not allowed with different contents and filenames modes [ 604.977502][ T5187] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 605.047536][ T9021] hsr_slave_0: entered promiscuous mode [ 605.071666][ T9021] hsr_slave_1: entered promiscuous mode [ 605.671691][ T9098] chnl_net:caif_netlink_parms(): no params data found [ 605.789949][ T4410] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 605.879508][ T4410] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.088029][ T4410] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.234998][ T4410] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.735503][ T4410] bridge_slave_1: left allmulticast mode [ 606.741894][ T4410] bridge_slave_1: left promiscuous mode [ 606.749312][ T4410] bridge0: port 2(bridge_slave_1) entered disabled state [ 606.847163][ T4410] bridge_slave_0: left allmulticast mode [ 606.853131][ T4410] bridge_slave_0: left promiscuous mode [ 606.861155][ T4410] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.135093][ T5188] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 607.158984][ T5188] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 607.205670][ T5188] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 607.320889][ T9164] loop2: detected capacity change from 0 to 2048 [ 607.337951][ T5188] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 607.350058][ T5188] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 607.359905][ T5188] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 607.444593][ T9167] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 607.893101][ T4410] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 608.012235][ T4410] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 608.061453][ T4410] bond0 (unregistering): Released all slaves [ 608.974880][ T9178] loop2: detected capacity change from 0 to 512 [ 609.007896][ T9178] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 609.181486][ T9178] EXT4-fs (loop2): 1 truncate cleaned up [ 609.189943][ T9178] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 609.221657][ T9098] bridge0: port 1(bridge_slave_0) entered blocking state [ 609.229595][ T9098] bridge0: port 1(bridge_slave_0) entered disabled state [ 609.240353][ T9098] bridge_slave_0: entered allmulticast mode [ 609.249953][ T9098] bridge_slave_0: entered promiscuous mode [ 609.295891][ T9098] bridge0: port 2(bridge_slave_1) entered blocking state [ 609.304823][ T9098] bridge0: port 2(bridge_slave_1) entered disabled state [ 609.313019][ T9098] bridge_slave_1: entered allmulticast mode [ 609.322745][ T9098] bridge_slave_1: entered promiscuous mode [ 609.511450][ T9021] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 609.594968][ T5192] Bluetooth: hci3: command tx timeout [ 609.734947][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 609.737154][ T4410] hsr_slave_0: left promiscuous mode [ 609.762655][ T4410] hsr_slave_1: left promiscuous mode [ 609.781998][ T4410] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 609.790920][ T4410] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 609.842100][ T4410] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 609.855509][ T4410] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 610.019083][ T4410] veth1_macvtap: left promiscuous mode [ 610.024941][ T4410] veth0_macvtap: left promiscuous mode [ 610.031532][ T4410] veth1_vlan: left promiscuous mode [ 610.037526][ T4410] veth0_vlan: left promiscuous mode [ 610.830880][ T4410] team0 (unregistering): Port device team_slave_1 removed [ 610.863767][ T4410] team0 (unregistering): Port device team_slave_0 removed [ 611.257214][ T9021] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 611.469608][ T9098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 611.480013][ T9192] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1669'. [ 611.489946][ T9192] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1669'. [ 611.552742][ T9021] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 611.602629][ T9098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 611.650455][ T9021] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 611.713221][ T5192] Bluetooth: hci3: command tx timeout [ 611.744185][ T4410] IPVS: stop unused estimator thread 0... [ 611.918357][ T9098] team0: Port device team_slave_0 added [ 612.017169][ T9098] team0: Port device team_slave_1 added [ 612.524403][ T9098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 612.532089][ T9098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 612.558935][ T9098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 612.694219][ T9098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 612.701718][ T9098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 612.729742][ C1] vkms_vblank_simulate: vblank timer overrun [ 612.739465][ T9098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 613.304420][ T9161] chnl_net:caif_netlink_parms(): no params data found [ 613.442876][ T9098] hsr_slave_0: entered promiscuous mode [ 613.510258][ T9098] hsr_slave_1: entered promiscuous mode [ 613.546401][ T9098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 613.549672][ T9209] ptrace attach of "./syz-executor exec"[9212] was attempted by ""[9209] [ 613.554138][ T9098] Cannot create hsr debugfs directory [ 613.739333][ T5192] Bluetooth: hci3: command tx timeout [ 613.868384][ T9021] 8021q: adding VLAN 0 to HW filter on device bond0 [ 614.149758][ T9021] 8021q: adding VLAN 0 to HW filter on device team0 [ 614.455224][ T3353] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.463262][ T3353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.483299][ T3353] bridge0: port 2(bridge_slave_1) entered blocking state [ 614.491187][ T3353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 614.871731][ T9220] netlink: 'syz.2.1679': attribute type 10 has an invalid length. [ 614.891736][ T9220] bridge0: port 1(bridge_slave_0) entered disabled state [ 614.917917][ T9220] bridge0: port 1(bridge_slave_0) entered blocking state [ 614.925802][ T9220] bridge0: port 1(bridge_slave_0) entered forwarding state [ 614.945610][ T9220] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 615.001544][ T9161] bridge0: port 1(bridge_slave_0) entered blocking state [ 615.009627][ T9161] bridge0: port 1(bridge_slave_0) entered disabled state [ 615.020100][ T9161] bridge_slave_0: entered allmulticast mode [ 615.029937][ T9161] bridge_slave_0: entered promiscuous mode [ 615.096941][ T9222] bridge0: port 1(bridge_slave_0) entered disabled state [ 615.137700][ T9222] bond0: (slave bridge0): Releasing backup interface [ 615.242514][ T9161] bridge0: port 2(bridge_slave_1) entered blocking state [ 615.251409][ T9161] bridge0: port 2(bridge_slave_1) entered disabled state [ 615.259667][ T9161] bridge_slave_1: entered allmulticast mode [ 615.269117][ T9161] bridge_slave_1: entered promiscuous mode [ 615.820241][ T9161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 615.837578][ T5192] Bluetooth: hci3: command tx timeout [ 615.847980][ T9226] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1680'. [ 615.952202][ T9161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 616.300498][ T9161] team0: Port device team_slave_0 added [ 616.453352][ T9161] team0: Port device team_slave_1 added [ 616.648233][ T9098] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 616.789637][ T9098] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 616.831296][ T9161] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 616.839432][ T9161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 616.866580][ T9161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 616.931736][ T9098] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 616.986410][ T9161] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 616.994201][ T9161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 617.024060][ T9161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 617.079103][ T9021] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 617.177239][ T9098] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 617.675495][ T9021] veth0_vlan: entered promiscuous mode [ 617.934719][ T9161] hsr_slave_0: entered promiscuous mode [ 617.946569][ T5243] usb 3-1: new high-speed USB device number 22 using dummy_hcd [ 617.998450][ T9161] hsr_slave_1: entered promiscuous mode [ 618.017200][ T9161] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 618.025252][ T9161] Cannot create hsr debugfs directory [ 618.087473][ T9021] veth1_vlan: entered promiscuous mode [ 618.205278][ T5243] usb 3-1: config 0 has no interfaces? [ 618.211587][ T5243] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 618.222253][ T5243] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 618.418309][ T5243] usb 3-1: config 0 descriptor?? [ 619.006633][ T10] usb 3-1: USB disconnect, device number 22 [ 619.177830][ T9021] veth0_macvtap: entered promiscuous mode [ 619.309637][ T9021] veth1_macvtap: entered promiscuous mode [ 619.532612][ T9021] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 619.543913][ T9021] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.554321][ T9021] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 619.565215][ T9021] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 619.587644][ T9021] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 620.027431][ T9021] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.038551][ T9021] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.048846][ T9021] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 620.060619][ T9021] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 620.076733][ T9021] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 620.142670][ T9249] loop4: detected capacity change from 0 to 256 [ 620.193018][ T9098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 620.264694][ T9161] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 620.362584][ T9161] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 620.444600][ T9021] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.453856][ T9021] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.466406][ T9021] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.475546][ T9021] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 620.541313][ T9098] 8021q: adding VLAN 0 to HW filter on device team0 [ 620.563828][ T9161] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 620.647651][ T9161] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 620.723293][ T3353] bridge0: port 1(bridge_slave_0) entered blocking state [ 620.731228][ T3353] bridge0: port 1(bridge_slave_0) entered forwarding state [ 620.872800][ T3353] bridge0: port 2(bridge_slave_1) entered blocking state [ 620.880754][ T3353] bridge0: port 2(bridge_slave_1) entered forwarding state [ 621.246846][ T9098] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 622.366821][ T9161] 8021q: adding VLAN 0 to HW filter on device bond0 [ 622.509330][ T9161] 8021q: adding VLAN 0 to HW filter on device team0 [ 622.534788][ T9098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 622.594717][ T4218] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.602595][ T4218] bridge0: port 1(bridge_slave_0) entered forwarding state [ 622.727918][ T4218] bridge0: port 2(bridge_slave_1) entered blocking state [ 622.735715][ T4218] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.288583][ T9269] evm: overlay not supported [ 623.357993][ T9098] veth0_vlan: entered promiscuous mode [ 623.500742][ T9098] veth1_vlan: entered promiscuous mode [ 623.931274][ T9098] veth0_macvtap: entered promiscuous mode [ 624.070529][ T9098] veth1_macvtap: entered promiscuous mode [ 624.286416][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 624.299456][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.310673][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 624.321651][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.332057][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 624.343060][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.359065][ T9098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 624.591115][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 624.604715][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.615752][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 624.629040][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.639850][ T9098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 624.651122][ T9098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 624.667003][ T9098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 624.955159][ T9283] netlink: 154020 bytes leftover after parsing attributes in process `syz.2.1695'. [ 624.965087][ T9283] net_ratelimit: 1990 callbacks suppressed [ 624.965171][ T9283] openvswitch: netlink: ufid size 48894 bytes exceeds the range (1, 16) [ 624.980485][ T9283] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 625.037842][ T9098] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 625.047122][ T9098] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 625.056511][ T9098] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 625.068453][ T9098] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 625.334037][ T9161] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 626.054353][ T9161] veth0_vlan: entered promiscuous mode [ 626.241207][ T9161] veth1_vlan: entered promiscuous mode [ 626.408681][ T25] usb 3-1: new high-speed USB device number 23 using dummy_hcd [ 626.615508][ T9161] veth0_macvtap: entered promiscuous mode [ 626.623682][ T25] usb 3-1: Using ep0 maxpacket: 32 [ 626.675088][ T9161] veth1_macvtap: entered promiscuous mode [ 626.714442][ T25] usb 3-1: unable to get BOS descriptor or descriptor too short [ 626.806802][ T25] usb 3-1: config 255 has an invalid interface number: 81 but max is 0 [ 626.815566][ T25] usb 3-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config [ 626.827974][ T25] usb 3-1: config 255 has no interface number 0 [ 626.834607][ T25] usb 3-1: config 255 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 626.847129][ T25] usb 3-1: config 255 interface 81 altsetting 3 endpoint 0x83 has invalid wMaxPacketSize 0 [ 626.864580][ T25] usb 3-1: config 255 interface 81 has no altsetting 0 [ 626.989644][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.000844][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.011632][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.023609][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.034596][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.045598][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.059258][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 627.071587][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.088215][ T9161] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 627.222632][ T25] usb 3-1: string descriptor 0 read error: -22 [ 627.230916][ T25] usb 3-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 627.240731][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.341020][ T25] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:255.81/input/input19 [ 627.346835][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.365888][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.376922][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.387798][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.398138][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.408997][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.419431][ T9161] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.430296][ T9161] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.446869][ T9161] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 627.647169][ T9161] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.657282][ T25] usb 3-1: USB disconnect, device number 23 [ 627.663813][ T9161] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.675590][ T9161] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.685907][ T9161] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.036507][ T4410] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.044529][ T4410] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.576476][ T3353] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.584878][ T3353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 633.142922][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 633.152819][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 633.421883][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 633.430210][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 633.452883][ T9368] loop0: detected capacity change from 0 to 2048 [ 633.623254][ T9368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 633.636574][ T9368] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 633.914562][ T9377] loop4: detected capacity change from 0 to 1024 [ 633.930075][ T9377] ext4: Unknown parameter 'appraise_type' [ 634.339628][ T9384] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1714'. [ 634.462222][ T4218] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.470569][ T4218] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 634.481610][ T9021] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.622254][ T1053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.630612][ T1053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.220230][ T9402] loop4: detected capacity change from 0 to 1024 [ 636.243323][ T9404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1723'. [ 636.247849][ T9402] EXT4-fs: Ignoring removed nobh option [ 636.441259][ T9402] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 636.699765][ T29] audit: type=1800 audit(1727223328.481:38): pid=9402 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1718" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 637.797261][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 638.394167][ T9431] loop3: detected capacity change from 0 to 1024 [ 638.669370][ T29] audit: type=1326 audit(1727223330.451:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9437 comm="syz.2.1736" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x0 [ 639.046456][ T9444] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1738'. [ 639.339590][ T9446] loop0: detected capacity change from 0 to 512 [ 639.353600][ T9446] EXT4-fs: Ignoring removed oldalloc option [ 639.412464][ T9448] bridge_slave_0: default FDB implementation only supports local addresses [ 639.537603][ T9446] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1740: Parent and EA inode have the same ino 15 [ 639.596501][ T9446] EXT4-fs (loop0): Remounting filesystem read-only [ 639.603886][ T9446] EXT4-fs (loop0): 1 orphan inode deleted [ 639.612103][ T9446] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 639.991108][ T9021] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.444410][ T9464] netlink: 'syz.0.1745': attribute type 1 has an invalid length. [ 640.454094][ T9464] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1745'. [ 640.600409][ T9466] bridge0: port 2(bridge_slave_1) entered disabled state [ 640.610431][ T9466] bridge0: port 2(bridge_slave_1) entered blocking state [ 640.618507][ T9466] bridge0: port 2(bridge_slave_1) entered forwarding state [ 641.326847][ T29] audit: type=1326 audit(1727223333.061:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.349962][ T29] audit: type=1326 audit(1727223333.071:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.373778][ T29] audit: type=1326 audit(1727223333.071:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.398004][ T29] audit: type=1326 audit(1727223333.081:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.426585][ T29] audit: type=1326 audit(1727223333.081:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.453967][ T29] audit: type=1326 audit(1727223333.081:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.479028][ T29] audit: type=1326 audit(1727223333.081:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6a17def9 code=0x7ffc0000 [ 641.593619][ T9483] netlink: 'syz.4.1754': attribute type 11 has an invalid length. [ 641.721897][ T9485] tipc: Started in network mode [ 641.728853][ T9485] tipc: Node identity 5f00000000004c3a0000400000000001, cluster identity 4711 [ 641.740391][ T9485] tipc: Enabling of bearer rejected, failed to enable media [ 642.162627][ T9493] loop0: detected capacity change from 0 to 128 [ 642.386584][ T9493] VFS: Found a Xenix FS (block size = 512) on device loop0 [ 642.707544][ T9021] sysv_free_block: trying to free block not in datazone [ 642.739161][ T9021] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 643.106842][ T9506] syz.0.1765: attempt to access beyond end of device [ 643.106842][ T9506] loop0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 643.122246][ T9506] XFS (loop0): SB validate failed with error -5. [ 643.214002][ T40] I/O error, dev loop0, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 643.576785][ T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 643.578825][ T9520] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 643.711681][ T9523] loop0: detected capacity change from 0 to 128 [ 643.734920][ T9523] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 643.766594][ T10] usb 5-1: Using ep0 maxpacket: 32 [ 643.790045][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 643.802225][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 643.812608][ T10] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 643.825223][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 643.845051][ T5236] usb 3-1: new high-speed USB device number 24 using dummy_hcd [ 643.935375][ T9523] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 643.968961][ T10] usb 5-1: config 0 descriptor?? [ 644.011244][ T10] hub 5-1:0.0: USB hub found [ 644.038978][ T5236] usb 3-1: Using ep0 maxpacket: 8 [ 644.129691][ T9526] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 644.180690][ T5236] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 644.190701][ T5236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 644.199354][ T5236] usb 3-1: Product: syz [ 644.204167][ T5236] usb 3-1: Manufacturer: syz [ 644.209551][ T5236] usb 3-1: SerialNumber: syz [ 644.310735][ T5236] usb 3-1: config 0 descriptor?? [ 644.358615][ T5236] gspca_main: sq930x-2.14.0 probing 2770:930c [ 644.482658][ T10] hub 5-1:0.0: config failed, can't read hub descriptor (err -90) [ 644.744704][ T10] usbhid 5-1:0.0: can't add hid device: -71 [ 644.760098][ T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 644.851719][ T10] usb 5-1: USB disconnect, device number 13 [ 645.310059][ T5236] gspca_sq930x: ucbus_write failed -71 [ 645.316673][ T5236] sq930x 3-1:0.0: probe with driver sq930x failed with error -71 [ 645.362950][ T5236] usb 3-1: USB disconnect, device number 24 [ 645.746417][ T10] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 645.778577][ T9541] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1779'. [ 645.943583][ T10] usb 2-1: config 0 has no interfaces? [ 645.949959][ T10] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 645.972770][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 646.071771][ T10] usb 2-1: config 0 descriptor?? [ 646.367256][ T25] usb 2-1: USB disconnect, device number 14 [ 646.482409][ T9548] loop0: detected capacity change from 0 to 1024 [ 646.627203][ T9548] hfsplus: bad catalog entry type [ 646.881164][ T3353] hfsplus: b-tree write err: -5, ino 4 [ 647.877767][ T9568] loop0: detected capacity change from 0 to 512 [ 647.896794][ T9568] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 647.990768][ T9568] EXT4-fs (loop0): 1 truncate cleaned up [ 647.999500][ T9568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 648.449055][ T9021] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 648.784332][ T9586] loop0: detected capacity change from 0 to 256 [ 648.794581][ T9586] exfat: Deprecated parameter 'utf8' [ 649.137862][ T9589] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 649.167906][ T9589] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem [ 649.458331][ T9212] coredump: 771(syz.4.1675): written to core: VMAs: 34, size 82739200; core: 62157766 bytes, pos 82747392 [ 649.745518][ T9586] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x967df478, utbl_chksum : 0xe619d30d) [ 651.277444][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.314678][ T9611] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1808'. [ 651.863124][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.056551][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.241865][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.660374][ T59] bridge_slave_1: left allmulticast mode [ 652.667458][ T59] bridge_slave_1: left promiscuous mode [ 652.674229][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.707921][ T9620] loop1: detected capacity change from 0 to 512 [ 652.734121][ T9620] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 652.856571][ T9620] EXT4-fs (loop1): 1 truncate cleaned up [ 652.871634][ T9620] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 652.927959][ T59] bridge_slave_0: left allmulticast mode [ 652.934179][ T59] bridge_slave_0: left promiscuous mode [ 652.945648][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 653.020249][ T5188] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 653.287314][ T5188] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 653.297785][ T5188] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 653.313217][ T5188] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 653.325772][ T5188] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 653.335851][ T5188] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 653.767481][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 653.867845][ T9161] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.880887][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 653.968673][ T59] bond0 (unregistering): Released all slaves [ 654.259194][ T1238] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.266688][ T1238] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.919884][ T9648] loop3: detected capacity change from 0 to 512 [ 655.016376][ T59] hsr_slave_0: left promiscuous mode [ 655.030682][ T59] hsr_slave_1: left promiscuous mode [ 655.056822][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 655.064912][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 655.095567][ T9648] EXT4-fs error (device loop3): ext4_quota_enable:7049: comm syz.3.1821: Bad quota inum: 1, type: 2 [ 655.148286][ T9648] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=2, err=-117, ino=1). Please run e2fsck to fix. [ 655.179543][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 655.188347][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 655.223588][ T9648] EXT4-fs (loop3): mount failed [ 655.481000][ T59] veth1_macvtap: left promiscuous mode [ 655.487033][ T59] veth0_macvtap: left promiscuous mode [ 655.493144][ T59] veth1_vlan: left promiscuous mode [ 655.513193][ T59] veth0_vlan: left promiscuous mode [ 655.518813][ T9655] loop4: detected capacity change from 0 to 8 [ 655.718493][ T5192] Bluetooth: hci1: command tx timeout [ 655.820478][ T9655] squashfs: Unknown parameter '18446744073709551615ÿÿÿÿ' [ 656.598796][ T59] team0 (unregistering): Port device team_slave_1 removed [ 656.665357][ T59] team0 (unregistering): Port device team_slave_0 removed [ 656.797227][ T10] usb 2-1: new full-speed USB device number 15 using dummy_hcd [ 657.153773][ T9660] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1825'. [ 657.193799][ T10] usb 2-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 657.206138][ T10] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10 [ 657.217921][ T10] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64 [ 657.229513][ T10] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 657.239884][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 657.602772][ T9662] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 657.736831][ T5192] Bluetooth: hci1: command tx timeout [ 657.841604][ T10] aiptek 2-1:17.0: Aiptek using 400 ms programming speed [ 657.852583][ T10] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input20 [ 657.964357][ C0] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 657.973125][ T10] usb 2-1: USB disconnect, device number 15 [ 658.077119][ T9630] chnl_net:caif_netlink_parms(): no params data found [ 659.001558][ T9687] team0: No ports can be present during mode change [ 659.203621][ T9674] loop4: detected capacity change from 0 to 4096 [ 659.273463][ T9674] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 659.505877][ T9630] bridge0: port 1(bridge_slave_0) entered blocking state [ 659.514032][ T9630] bridge0: port 1(bridge_slave_0) entered disabled state [ 659.526371][ T9630] bridge_slave_0: entered allmulticast mode [ 659.535692][ T9630] bridge_slave_0: entered promiscuous mode [ 659.595582][ T9630] bridge0: port 2(bridge_slave_1) entered blocking state [ 659.603702][ T9630] bridge0: port 2(bridge_slave_1) entered disabled state [ 659.611706][ T9630] bridge_slave_1: entered allmulticast mode [ 659.625336][ T9630] bridge_slave_1: entered promiscuous mode [ 659.644968][ T9674] ntfs3: loop4: Failed to load $Extend (-22). [ 659.651638][ T9674] ntfs3: loop4: Failed to initialize $Extend. [ 659.826344][ T5192] Bluetooth: hci1: command tx timeout [ 659.867446][ T9630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 659.958840][ T9630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 660.059640][ T9698] ALSA: mixer_oss: invalid OSS volume '01777777777777777777777' [ 660.226591][ T9630] team0: Port device team_slave_0 added [ 660.279257][ T9630] team0: Port device team_slave_1 added [ 660.489925][ T9630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 660.498637][ T9630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 660.527351][ T9630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 660.635406][ T9630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 660.646229][ T9630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 660.673948][ T9630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 661.108922][ T9630] hsr_slave_0: entered promiscuous mode [ 661.163731][ T9630] hsr_slave_1: entered promiscuous mode [ 661.712570][ T9723] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1852'. [ 661.896558][ T5192] Bluetooth: hci1: command tx timeout [ 662.316773][ T9729] sit0: entered promiscuous mode [ 662.339638][ T9729] netlink: 'syz.4.1855': attribute type 1 has an invalid length. [ 662.347849][ T9729] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1855'. [ 662.579116][ T9740] loop2: detected capacity change from 0 to 64 [ 662.837613][ T9740] minix_free_block (loop2:21): bit already cleared [ 663.314641][ T9630] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 663.397833][ T9630] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 663.458113][ T9630] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 663.517325][ T9630] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 664.171926][ T9630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 664.241337][ T9759] loop3: detected capacity change from 0 to 24 [ 664.289223][ T9759] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 664.335688][ T9630] 8021q: adding VLAN 0 to HW filter on device team0 [ 664.365636][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 664.373656][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 664.523135][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 664.530971][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 666.732047][ T9630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 667.031262][ T9785] loop2: detected capacity change from 0 to 2048 [ 667.202499][ T9794] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 667.258123][ T9630] veth0_vlan: entered promiscuous mode [ 667.286491][ T29] audit: type=1800 audit(1727223359.071:47): pid=9785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1876" name="file2" dev="loop2" ino=16 res=0 errno=0 [ 667.345224][ T9630] veth1_vlan: entered promiscuous mode [ 667.654566][ T9630] veth0_macvtap: entered promiscuous mode [ 667.726507][ T9630] veth1_macvtap: entered promiscuous mode [ 667.883507][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.895559][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.907242][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.922295][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.933449][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.944431][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.954768][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 667.966464][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 667.988482][ T9630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 668.010493][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.025072][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.036327][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.049905][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.061307][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.072193][ T9804] loop3: detected capacity change from 0 to 128 [ 668.072238][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.072332][ T9630] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 668.100702][ T9630] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 668.119478][ T9630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 668.152887][ T9630] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.162281][ T9630] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.171575][ T9630] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.182689][ T9630] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 668.346900][ T9804] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 668.535839][ T9804] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 669.935626][ T9836] loop4: detected capacity change from 0 to 256 [ 671.099647][ T9831] loop3: detected capacity change from 0 to 4096 [ 672.739144][ T9877] loop3: detected capacity change from 0 to 8 [ 673.557240][ T3353] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 673.565392][ T3353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 673.573605][ T3353] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 673.583592][ T3353] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 673.760913][ T9891] ieee802154 phy0 wpan0: encryption failed: -90 [ 673.781521][ T9887] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1914'. [ 673.791347][ T9887] netlink: 'syz.3.1914': attribute type 9 has an invalid length. [ 673.847523][ T9889] netlink: 300 bytes leftover after parsing attributes in process `syz.4.1915'. [ 673.997431][ T9897] sg_write: process 107 (syz.1.1918) changed security contexts after opening file descriptor, this is not allowed. [ 674.068385][ T9900] program syz.1.1918 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 674.244833][ T9904] netlink: 'syz.4.1920': attribute type 11 has an invalid length. [ 674.253448][ T9904] netlink: 134780 bytes leftover after parsing attributes in process `syz.4.1920'. [ 674.810222][ T9914] loop1: detected capacity change from 0 to 1024 [ 675.008028][ T9914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 675.546973][ T9161] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 676.067943][ T9934] loop0: detected capacity change from 0 to 1024 [ 676.279154][ T9934] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 676.435106][ T9934] overlayfs: missing 'lowerdir' [ 676.839697][ T9630] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 677.011469][ T9951] loop3: detected capacity change from 0 to 256 [ 677.157533][ T9951] msdos: Unknown parameter 'ÿÿ0xffffffffffffffff' [ 677.244583][ T9736] kernel write not supported for file bpf-prog (pid: 9736 comm: kworker/0:0) [ 677.836939][ T9736] usb 2-1: new high-speed USB device number 16 using dummy_hcd [ 678.149209][ T9736] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 678.161366][ T9736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 678.229433][ T9971] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1945'. [ 678.263551][ T9736] usb 2-1: config 0 descriptor?? [ 678.307068][ T9736] cp210x 2-1:0.0: cp210x converter detected [ 678.700636][ T9736] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32 [ 678.715185][ T9736] cp210x 2-1:0.0: GPIO initialisation failed: -524 [ 678.731725][ T9736] usb 2-1: cp210x converter now attached to ttyUSB0 [ 679.035484][ T9736] usb 2-1: USB disconnect, device number 16 [ 679.128885][ T9736] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 679.138442][ T9736] cp210x 2-1:0.0: device disconnected [ 679.210269][ T9985] loop2: detected capacity change from 0 to 128 [ 679.244745][ T9985] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 680.243875][ T9994] loop3: detected capacity change from 0 to 512 [ 680.335201][ T9997] loop1: detected capacity change from 0 to 16 [ 680.475023][ T9994] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.1954: iget: bad extended attribute block 1 [ 680.568791][ T9994] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1954: couldn't read orphan inode 15 (err -117) [ 680.638709][ T9994] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 680.850081][T10003] loop2: detected capacity change from 0 to 512 [ 680.889801][T10005] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1961'. [ 680.903246][T10003] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 680.939196][T10001] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 13: invalid block bitmap [ 681.476914][T10003] EXT4-fs (loop2): 1 truncate cleaned up [ 681.484766][T10003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 681.767128][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 681.841964][T10003] fscrypt (loop2, inode 18): Unsupported log2_data_unit_size in encryption policy: 227 [ 682.223128][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 682.857084][ T5192] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 682.868449][ T5192] Bluetooth: hci0: Injecting HCI hardware error event [ 682.877250][ T5192] Bluetooth: hci0: hardware error 0x00 [ 683.465074][T10040] loop2: detected capacity change from 0 to 736 [ 683.711242][T10049] netlink: 'syz.3.1979': attribute type 9 has an invalid length. [ 684.227143][T10057] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1983'. [ 684.236522][T10057] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check. [ 685.133343][ T5192] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 687.245176][T10110] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 687.253046][T10110] syzkaller0: linktype set to 65535 [ 690.122225][T10164] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 690.512609][ T9736] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 690.707668][ T9736] usb 5-1: Using ep0 maxpacket: 8 [ 690.908029][ T9736] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4 [ 690.918429][ T9736] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3 [ 690.928295][ T9736] usb 5-1: Product: syz [ 690.932909][ T9736] usb 5-1: Manufacturer: syz [ 690.939459][ T9736] usb 5-1: SerialNumber: syz [ 690.968861][ T9736] usb 5-1: config 0 descriptor?? [ 691.015101][ T9736] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd [ 691.612786][ T9736] input: gspca_zc3xx as /devices/platform/dummy_hcd.4/usb5/5-1/input/input21 [ 691.837956][ T9736] usb 5-1: USB disconnect, device number 14 [ 692.523443][T10198] misc userio: Begin command sent, but we're already running [ 693.237522][T10208] netlink: 830 bytes leftover after parsing attributes in process `syz.4.2051'. [ 694.543127][ T5243] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 694.707088][ T5243] usb 5-1: Using ep0 maxpacket: 8 [ 694.784550][ T5243] usb 5-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=56.a0 [ 694.795463][ T5243] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 694.804107][ T5243] usb 5-1: Product: syz [ 694.808696][ T5243] usb 5-1: Manufacturer: syz [ 694.813582][ T5243] usb 5-1: SerialNumber: syz [ 694.895651][ T5243] usb 5-1: config 0 descriptor?? [ 695.246581][ T5243] kaweth 5-1:0.0: Firmware present in device. [ 695.686564][ T5243] kaweth 5-1:0.0: Statistics collection: 0 [ 695.692732][ T5243] kaweth 5-1:0.0: Multicast filter limit: 0 [ 695.699469][ T5243] kaweth 5-1:0.0: MTU: 0 [ 695.703996][ T5243] kaweth 5-1:0.0: Read MAC address 00:00:00:00:00:00 [ 696.018033][ T5243] kaweth 5-1:0.0: Error setting SOFS wait [ 696.024594][ T5243] kaweth 5-1:0.0: probe with driver kaweth failed with error -5 [ 696.068218][ T5243] usb 5-1: USB disconnect, device number 15 [ 696.162304][T10251] loop3: detected capacity change from 0 to 512 [ 696.337206][T10251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 696.350752][T10251] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 696.467143][T10258] geneve2: entered promiscuous mode [ 696.472660][T10258] geneve2: entered allmulticast mode [ 697.248354][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.387140][T10270] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2080'. [ 698.727636][T10294] netlink: 'syz.1.2089': attribute type 4 has an invalid length. [ 699.156403][ T25] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 699.346349][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 699.486938][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 699.498868][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 699.509101][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 699.522500][ T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 699.534615][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 699.598203][ T25] usb 5-1: config 0 descriptor?? [ 699.741976][T10307] netlink: set zone limit has 4 unknown bytes [ 699.999556][ T9922] coredump: 1(syz.3.1922): written to core: VMAs: 34, size 82739200; core: 62231494 bytes, pos 82747392 [ 700.101363][ T25] microsoft 0003:045E:07DA.0026: No inputs registered, leaving [ 700.136986][ T25] microsoft 0003:045E:07DA.0026: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 700.153545][ T25] microsoft 0003:045E:07DA.0026: no inputs found [ 700.161468][ T25] microsoft 0003:045E:07DA.0026: could not initialize ff, continuing anyway [ 700.299253][T10317] sp0: Synchronizing with TNC [ 700.309705][ T9736] usb 5-1: USB disconnect, device number 16 [ 700.620664][T10320] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 701.243266][T10327] loop3: detected capacity change from 0 to 1024 [ 701.409814][T10327] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 701.485164][T10333] loop0: detected capacity change from 0 to 256 [ 701.685444][T10327] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #14: comm syz.3.2105: attempt to clear invalid blocks 1886221359 len 1 [ 701.728283][T10327] EXT4-fs (loop3): Remounting filesystem read-only [ 701.837465][T10333] FAT-fs (loop0): Directory bread(block 64) failed [ 701.844369][T10333] FAT-fs (loop0): Directory bread(block 65) failed [ 701.851715][T10333] FAT-fs (loop0): Directory bread(block 66) failed [ 701.858872][T10333] FAT-fs (loop0): Directory bread(block 67) failed [ 701.866153][T10333] FAT-fs (loop0): Directory bread(block 68) failed [ 701.873008][T10333] FAT-fs (loop0): Directory bread(block 69) failed [ 701.880181][T10333] FAT-fs (loop0): Directory bread(block 70) failed [ 701.888251][T10333] FAT-fs (loop0): Directory bread(block 71) failed [ 701.895258][T10333] FAT-fs (loop0): Directory bread(block 72) failed [ 701.903128][T10333] FAT-fs (loop0): Directory bread(block 73) failed [ 702.019252][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.433111][T10345] loop4: detected capacity change from 0 to 1024 [ 702.805734][ T4410] hfsplus: b-tree write err: -5, ino 4 [ 702.922060][T10355] loop3: detected capacity change from 0 to 128 [ 703.057712][ T29] audit: type=1800 audit(1727223394.851:48): pid=10355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2117" name="file1" dev="loop3" ino=1048769 res=0 errno=0 [ 703.511643][T10370] loop3: detected capacity change from 0 to 256 [ 703.521386][T10370] exfat: Bad value for 'uid' [ 703.529918][T10370] exfat: Bad value for 'uid' [ 703.727815][ T25] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 703.924654][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 703.924860][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 703.925029][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 703.925284][ T25] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 703.925468][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 703.932227][ T25] usb 5-1: config 0 descriptor?? [ 704.434217][ T25] acrux 0003:1A34:0802.0027: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0 [ 704.434434][ T25] acrux 0003:1A34:0802.0027: no inputs found [ 704.434547][ T25] acrux 0003:1A34:0802.0027: Failed to enable force feedback support, error: -19 [ 704.640507][ T25] usb 5-1: USB disconnect, device number 17 [ 704.903459][T10387] input: syz0 as /devices/virtual/input/input24 [ 705.421446][T10393] netlink: 'syz.2.2135': attribute type 3 has an invalid length. [ 705.599224][ T29] audit: type=1326 audit(1727223397.341:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.599502][ T29] audit: type=1326 audit(1727223397.341:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.599761][ T29] audit: type=1326 audit(1727223397.351:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.600005][ T29] audit: type=1326 audit(1727223397.361:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.600250][ T29] audit: type=1326 audit(1727223397.361:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.645781][ T29] audit: type=1326 audit(1727223397.411:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.653761][ T29] audit: type=1326 audit(1727223397.441:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.659212][ T29] audit: type=1326 audit(1727223397.441:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 705.665031][ T29] audit: type=1326 audit(1727223397.451:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10394 comm="syz.2.2137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7fb6dd17def9 code=0x7ffc0000 [ 706.514025][T10391] loop1: detected capacity change from 0 to 4096 [ 706.520888][T10391] EXT4-fs: Ignoring removed i_version option [ 706.521082][T10391] EXT4-fs: Ignoring removed nomblk_io_submit option [ 706.579060][T10391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 707.274391][T10391] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.2134: corrupted inode contents [ 707.304634][T10391] EXT4-fs error (device loop1): ext4_dirty_inode:5984: inode #15: comm syz.1.2134: mark_inode_dirty error [ 707.306462][T10391] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.2134: corrupted inode contents [ 707.308261][T10391] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.2134: mark_inode_dirty error [ 707.309623][T10391] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.2134: corrupted inode contents [ 707.310880][T10391] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #15: comm syz.1.2134: mark_inode_dirty error [ 707.315381][T10391] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.2134: corrupted inode contents [ 707.325113][T10391] EXT4-fs error (device loop1): ext4_truncate:4208: inode #15: comm syz.1.2134: mark_inode_dirty error [ 707.326501][T10391] EXT4-fs error (device loop1) in ext4_setattr:5523: Corrupt filesystem [ 707.358514][T10406] EXT4-fs error (device loop1): ext4_do_update_inode:5121: inode #15: comm syz.1.2134: corrupted inode contents [ 707.910684][ T9161] EXT4-fs warning (device loop1): ext4_evict_inode:259: couldn't mark inode dirty (err -117) [ 707.917445][ T9161] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.202878][T10425] loop2: detected capacity change from 0 to 256 [ 708.635561][T10430] netlink: 'syz.1.2146': attribute type 16 has an invalid length. [ 708.645333][T10430] netlink: 'syz.1.2146': attribute type 3 has an invalid length. [ 708.654093][T10430] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.2146'. [ 708.693539][T10425] FAT-fs (loop2): Directory bread(block 64) failed [ 708.700734][T10425] FAT-fs (loop2): Directory bread(block 65) failed [ 708.707946][T10425] FAT-fs (loop2): Directory bread(block 66) failed [ 708.714814][T10425] FAT-fs (loop2): Directory bread(block 67) failed [ 708.722459][T10425] FAT-fs (loop2): Directory bread(block 68) failed [ 708.729494][T10425] FAT-fs (loop2): Directory bread(block 69) failed [ 708.736630][T10425] FAT-fs (loop2): Directory bread(block 70) failed [ 708.743470][T10425] FAT-fs (loop2): Directory bread(block 71) failed [ 708.751753][T10425] FAT-fs (loop2): Directory bread(block 72) failed [ 708.759183][T10425] FAT-fs (loop2): Directory bread(block 73) failed [ 708.810503][T10429] loop3: detected capacity change from 0 to 1024 [ 708.868436][T10429] EXT4-fs: Ignoring removed orlov option [ 708.877564][T10429] EXT4-fs: Ignoring removed nomblk_io_submit option [ 708.895381][T10429] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 708.907026][T10429] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 708.929029][T10429] EXT4-fs (loop3): invalid journal inode [ 708.935028][T10429] EXT4-fs (loop3): can't get journal size [ 708.971491][T10429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 709.301264][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 709.843820][T10440] loop2: detected capacity change from 0 to 2048 [ 709.935548][T10440] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 710.299037][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 710.943230][T10459] loop1: detected capacity change from 0 to 2048 [ 711.040150][T10464] loop2: detected capacity change from 0 to 128 [ 711.091030][T10464] VFS: Found a Xenix FS (block size = 512) on device loop2 [ 711.128322][T10465] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 711.259967][T10468] program syz.3.2167 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 711.335836][ T5191] sysv_free_block: trying to free block not in datazone [ 711.343347][ T5191] sysv_free_block: trying to free block not in datazone [ 711.350650][ T5191] sysv_free_block: trying to free block not in datazone [ 711.358061][ T5191] sysv_free_block: trying to free block not in datazone [ 711.358718][T10465] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 711.365132][ T5191] sysv_free_block: trying to free block not in datazone [ 711.365187][ T5191] sysv_free_block: trying to free block not in datazone [ 711.365238][ T5191] sysv_free_block: trying to free block not in datazone [ 711.398801][T10465] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4) [ 711.461701][ T5191] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 711.476847][T10465] Remounting filesystem read-only [ 712.279811][T10485] sctp: [Deprecated]: syz.4.2174 (pid 10485) Use of int in maxseg socket option. [ 712.279811][T10485] Use struct sctp_assoc_value instead [ 714.088916][ T9736] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 714.186530][ T5243] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 714.259407][ T9736] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 714.270471][ T9736] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 714.301968][ T9736] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 714.312463][ T9736] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 714.320924][ T9736] usb 5-1: SerialNumber: syz [ 714.394475][ T5243] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 714.407200][ T5243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 714.423436][ T5243] usb 4-1: config 0 descriptor?? [ 714.454406][ T5243] cp210x 4-1:0.0: cp210x converter detected [ 714.621145][ T9736] usb 5-1: 0:2 : does not exist [ 714.784787][ T9736] usb 5-1: USB disconnect, device number 18 [ 715.078543][ T5243] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 715.086892][ T5243] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 715.117293][ T5243] usb 4-1: cp210x converter now attached to ttyUSB0 [ 715.158917][ T5243] usb 4-1: USB disconnect, device number 11 [ 715.179882][ T5243] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 715.189218][ T5243] cp210x 4-1:0.0: device disconnected [ 715.422404][T10530] netlink: 'syz.2.2193': attribute type 11 has an invalid length. [ 715.455299][T10531] loop1: detected capacity change from 0 to 128 [ 715.479780][T10531] EXT4-fs: Ignoring removed nobh option [ 715.518477][T10531] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 715.537697][T10531] ext4 filesystem being mounted at /113/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 715.674576][ T1238] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.681600][ T1238] ieee802154 phy1 wpan1: encryption failed: -22 [ 715.960055][T10540] loop4: detected capacity change from 0 to 16 [ 716.004872][ T9161] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 716.047630][T10540] erofs: (device loop4): mounted with root inode @ nid 36. [ 716.156486][T10544] loop2: detected capacity change from 0 to 128 [ 717.085874][T10559] loop4: detected capacity change from 0 to 512 [ 717.121091][T10559] EXT4-fs: Ignoring removed bh option [ 717.134468][T10559] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 717.202473][T10559] EXT4-fs (loop4): 1 truncate cleaned up [ 717.210731][T10559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 717.224336][T10561] loop0: detected capacity change from 0 to 1024 [ 717.242148][T10561] EXT4-fs: Ignoring removed nomblk_io_submit option [ 717.419201][ T25] usb 3-1: new high-speed USB device number 25 using dummy_hcd [ 717.429590][T10561] EXT4-fs (loop0): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 717.528815][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 717.528899][ T29] audit: type=1800 audit(1727223409.321:60): pid=10561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2206" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 717.672854][ T25] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 717.685514][ T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 717.697177][ T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 717.706845][ T25] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 717.717436][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 717.791890][ T25] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 717.801928][ T25] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 717.810432][ T25] usb 3-1: Product: syz [ 717.810469][ T9630] EXT4-fs (loop0): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 717.814784][ T25] usb 3-1: Manufacturer: syz [ 717.843127][T10568] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.925919][T10568] bridge_slave_0: left promiscuous mode [ 717.933221][T10568] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.945691][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 717.951660][ T25] cdc_wdm 3-1:1.0: skipping garbage [ 717.961450][ T25] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 717.972933][ T25] cdc_wdm 3-1:1.0: Unknown control protocol [ 718.056123][T10572] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2210'. [ 718.179836][ T5243] usb 3-1: USB disconnect, device number 25 [ 718.572293][T10581] loop4: detected capacity change from 0 to 128 [ 718.717453][T10581] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 718.802607][T10581] ext4 filesystem being mounted at /474/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 719.363127][ T5187] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 719.480007][T10591] loop0: detected capacity change from 0 to 64 [ 719.604199][T10593] vxcan1: tx address claim with dlc 1 [ 719.619656][T10595] loop3: detected capacity change from 0 to 256 [ 720.213557][ T25] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 720.226795][ T25] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 720.236062][ T25] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 720.247261][ T25] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 720.256477][ T25] hid-generic 0000:0000:0000.0028: unknown main item tag 0x0 [ 720.395448][ T25] hid-generic 0000:0000:0000.0028: hidraw0: HID v0.00 Device [syz0] on syz0 [ 720.506432][T10609] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2227'. [ 720.824057][T10611] loop4: detected capacity change from 0 to 4096 [ 720.846650][T10611] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 721.320551][T10611] ntfs3: loop4: failed to convert "c46c" to iso8859-13 [ 721.471065][T10623] input: syz1 as /devices/virtual/input/input25 [ 722.544514][ T5192] Bluetooth: hci1: command 0x0405 tx timeout [ 722.599932][ T25] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 722.774096][ T25] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 722.790278][ T25] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 722.802419][ T25] usb 5-1: config 1 has no interface number 0 [ 722.809858][ T25] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 722.880882][ T25] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 722.890756][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 722.899315][ T25] usb 5-1: Product: syz [ 722.906436][ T25] usb 5-1: Manufacturer: syz [ 722.911507][ T25] usb 5-1: SerialNumber: syz [ 722.954845][ T25] usb 5-1: selecting invalid altsetting 1 [ 723.092289][T10652] hsr0: entered promiscuous mode [ 723.354412][T10658] loop3: detected capacity change from 0 to 64 [ 723.570581][T10658] overlayfs: upper fs needs to support d_type. [ 723.659960][T10658] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 723.668598][T10658] overlayfs: failed to set xattr on upper [ 723.674825][T10658] overlayfs: ...falling back to redirect_dir=nofollow. [ 723.682351][T10658] overlayfs: ...falling back to index=off. [ 723.688621][T10658] overlayfs: ...falling back to uuid=null. [ 723.703481][ T25] cdc_ncm 5-1:1.1: SET_CRC_MODE failed [ 723.739351][ T25] usb 5-1: selecting invalid altsetting 1 [ 723.745533][ T25] cdc_ncm 5-1:1.1: bind() failure [ 723.796559][ T25] usb 5-1: USB disconnect, device number 19 [ 725.669187][T10700] loop0: detected capacity change from 0 to 64 [ 726.831269][T10725] loop0: detected capacity change from 0 to 512 [ 727.022148][T10725] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 727.030848][T10725] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 727.040289][T10725] EXT4-fs (loop0): orphan cleanup on readonly fs [ 727.047699][T10732] loop1: detected capacity change from 0 to 256 [ 727.054635][T10725] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 727.065550][T10725] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 727.081220][T10725] EXT4-fs (loop0): 1 truncate cleaned up [ 727.089080][T10725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 727.115071][T10717] loop2: detected capacity change from 0 to 2048 [ 727.146924][T10725] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 727.155479][T10725] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 727.279570][ T9630] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.387805][T10732] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 728.632757][T10758] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 728.645666][T10758] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 728.654691][T10758] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 729.207634][ T29] audit: type=1326 audit(1727223420.991:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.2.2298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x0 [ 730.003479][ T5192] Bluetooth: hci1: Dropping invalid advertising data [ 730.011010][ T5192] Bluetooth: hci1: unknown advertising packet type: 0x0a [ 730.011144][ T5192] Bluetooth: hci1: unknown advertising packet type: 0x80 [ 730.019335][ T5192] Bluetooth: hci1: unknown advertising packet type: 0x61 [ 730.026814][ T5192] Bluetooth: hci1: unknown advertising packet type: 0x80 [ 730.034136][ T5192] Bluetooth: hci1: Malformed LE Event: 0x02 [ 730.118044][T10781] loop1: detected capacity change from 0 to 512 [ 730.312428][T10787] netlink: 232 bytes leftover after parsing attributes in process `syz.2.2306'. [ 730.322045][T10787] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2306'. [ 730.362166][T10781] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2303: corrupted in-inode xattr: invalid ea_ino [ 730.428971][T10781] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.2303: couldn't read orphan inode 15 (err -117) [ 730.451711][T10781] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.513981][T10781] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.561438][T10795] veth1_macvtap: left promiscuous mode [ 730.567613][T10795] macsec0: entered promiscuous mode [ 730.573082][T10795] macsec0: entered allmulticast mode [ 730.615598][T10795] veth1_macvtap: entered promiscuous mode [ 730.622010][T10795] veth1_macvtap: entered allmulticast mode [ 730.632498][T10795] macsec0: left promiscuous mode [ 730.638863][T10795] macsec0: left allmulticast mode [ 730.644259][T10795] veth1_macvtap: left allmulticast mode [ 731.906542][ T5243] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 732.115447][ T5243] usb 2-1: config 0 has an invalid interface number: 32 but max is 0 [ 732.126942][ T5243] usb 2-1: config 0 has no interface number 0 [ 732.133379][ T5243] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 732.146035][ T5243] usb 2-1: config 0 interface 32 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 732.156576][ T5243] usb 2-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00 [ 732.166142][ T5243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 732.274767][ T5243] usb 2-1: config 0 descriptor?? [ 732.303882][T10819] netlink: 'syz.4.2321': attribute type 6 has an invalid length. [ 732.451431][T10821] loop2: detected capacity change from 0 to 1024 [ 732.848313][ T5243] logitech-djreceiver 0003:046D:C71B.0029: hidraw0: USB HID v0.00 Device [HID 046d:c71b] on usb-dummy_hcd.1-1/input32 [ 732.989182][T10829] netlink: 'syz.4.2325': attribute type 19 has an invalid length. [ 732.989291][T10829] netlink: 'syz.4.2325': attribute type 15 has an invalid length. [ 733.034108][ T9736] usb 2-1: USB disconnect, device number 17 [ 733.175659][ T4218] hfsplus: b-tree write err: -5, ino 4 [ 733.192148][ T5192] Bluetooth: hci3: command 0x0406 tx timeout [ 734.216841][T10846] netlink: 'syz.0.2333': attribute type 1 has an invalid length. [ 734.464370][T10840] loop4: detected capacity change from 0 to 4096 [ 734.612576][T10852] loop1: detected capacity change from 0 to 64 [ 734.620917][T10840] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 734.714434][T10840] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 4096) [ 734.841674][T10859] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 734.859909][T10852] syz.1.2336: attempt to access beyond end of device [ 734.859909][T10852] loop1: rw=0, sector=8192, nr_sectors = 2 limit=64 [ 734.954132][T10862] syz.1.2336: attempt to access beyond end of device [ 734.954132][T10862] loop1: rw=0, sector=8192, nr_sectors = 2 limit=64 [ 734.969367][T10862] Buffer I/O error on dev loop1, logical block 4096, async page read [ 735.010077][T10861] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2340'. [ 735.015105][ T29] audit: type=1800 audit(1727223426.771:62): pid=10862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2336" name="file1" dev="loop1" ino=5 res=0 errno=0 [ 737.924974][T10913] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 737.936860][T10913] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 738.222980][T10917] can0: slcan on ttyS3. [ 738.302022][ T9736] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 738.328052][T10917] can0 (unregistered): slcan off ttyS3. [ 738.335018][T10917] Falling back ldisc for ttyS3. [ 738.643659][T10925] loop2: detected capacity change from 0 to 8 [ 738.889105][ T9736] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 738.903864][T10925] SQUASHFS error: Failed to read block 0x260633: -5 [ 738.911118][T10925] SQUASHFS error: Unable to read metadata cache entry [260633] [ 738.919405][T10925] SQUASHFS error: Unable to read directory block [260633:0] [ 738.976945][ T9736] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 738.989211][ T9736] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 738.998754][ T9736] usb 2-1: SerialNumber: syz [ 739.891351][T10937] loop2: detected capacity change from 0 to 256 [ 739.994820][ T9736] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71 [ 740.119190][ T9736] usb 2-1: USB disconnect, device number 18 [ 741.815036][T10961] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2387'. [ 743.310541][T10983] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2396'. [ 743.803928][T10993] loop4: detected capacity change from 0 to 256 [ 743.845511][T10993] exfat: Deprecated parameter 'utf8' [ 743.891413][T10997] tipc: Started in network mode [ 743.901385][T10997] tipc: Node identity ac1414aa, cluster identity 4711 [ 743.910335][T10997] tipc: Enabling of bearer rejected, failed to enable media [ 744.004044][T10993] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 744.229618][T11004] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2407'. [ 744.265765][T11003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2406'. [ 744.488566][T11008] loop0: detected capacity change from 0 to 128 [ 744.621809][T11013] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2412'. [ 744.835216][T11014] program syz.2.2410 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 745.222362][T11017] loop1: detected capacity change from 0 to 4096 [ 745.255316][T11017] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 745.873084][T11030] loop4: detected capacity change from 0 to 1024 [ 745.890210][T11027] loop2: detected capacity change from 0 to 8 [ 746.041458][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.098276][T11027] SQUASHFS error: Failed to read block 0xc00090: -5 [ 746.105779][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.113282][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.120476][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.132244][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.139658][T11027] SQUASHFS error: Failed to read block 0x8f: -5 [ 746.167638][ T29] audit: type=1800 audit(1727223437.941:63): pid=11027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2418" name="file2" dev="loop2" ino=6 res=0 errno=0 [ 746.337695][ T3353] hfsplus: b-tree write err: -5, ino 4 [ 747.395354][T11045] loop3: detected capacity change from 0 to 256 [ 747.406628][T11032] loop1: detected capacity change from 0 to 4096 [ 747.449643][T11032] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 747.488830][T11045] exfat: Deprecated parameter 'utf8' [ 747.495047][T11045] exfat: Deprecated parameter 'utf8' [ 747.739311][T11045] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 748.023853][T11032] overlayfs: failed to create directory ./file0/work (errno: 22); mounting read-only [ 748.412131][T11054] loop2: detected capacity change from 0 to 1024 [ 748.432807][ T9161] ntfs3: loop1: failed to convert "076c" to cp932 [ 748.600676][T11058] netlink: 312 bytes leftover after parsing attributes in process `syz.0.2431'. [ 748.734671][T11054] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 749.088172][ T4218] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.295212][ T4218] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.466599][ T4218] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.575712][T11068] tipc: New replicast peer: 255.255.255.255 [ 749.586932][T11068] tipc: Enabled bearer , priority 10 [ 749.665715][ T4218] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.684616][T11067] loop2: detected capacity change from 0 to 2048 [ 749.713435][T11067] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 750.022701][ T4218] bridge_slave_1: left allmulticast mode [ 750.029073][ T4218] bridge_slave_1: left promiscuous mode [ 750.035849][ T4218] bridge0: port 2(bridge_slave_1) entered disabled state [ 750.067159][ T4218] bridge_slave_0: left allmulticast mode [ 750.073157][ T4218] bridge_slave_0: left promiscuous mode [ 750.080179][ T4218] bridge0: port 1(bridge_slave_0) entered disabled state [ 750.693009][ T4218] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 750.718899][ T9736] tipc: Node number set to 1593838651 [ 750.745364][ T4218] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 750.770071][ T4218] bond0 (unregistering): Released all slaves [ 751.650529][ T5188] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 751.669935][T11076] loop3: detected capacity change from 0 to 2048 [ 751.682459][ T5188] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 751.694630][ T5188] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 751.706305][ T4218] hsr_slave_0: left promiscuous mode [ 751.728206][ T5188] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 751.761062][ T5188] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 751.777397][ T4218] hsr_slave_1: left promiscuous mode [ 751.792372][ T5188] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 751.802395][ T4218] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 751.810617][ T4218] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 751.921505][ T4218] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 751.929706][ T4218] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 751.949553][T11076] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 751.997697][ T4218] veth1_macvtap: left promiscuous mode [ 752.003534][ T4218] veth0_macvtap: left promiscuous mode [ 752.009737][ T4218] veth1_vlan: left promiscuous mode [ 752.015439][ T4218] veth0_vlan: left promiscuous mode [ 752.830327][ T4218] team0 (unregistering): Port device team_slave_1 removed [ 752.912922][ T4218] team0 (unregistering): Port device team_slave_0 removed [ 753.245420][T11086] A link change request failed with some changes committed already. Interface macvlan0 may have been left with an inconsistent configuration, please check. [ 753.910342][ T5192] Bluetooth: hci3: command tx timeout [ 754.330816][T11079] chnl_net:caif_netlink_parms(): no params data found [ 754.625690][T11113] Process accounting resumed [ 754.857433][ T5266] usb 3-1: new high-speed USB device number 26 using dummy_hcd [ 754.958503][ T5243] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 755.052980][T11121] loop4: detected capacity change from 0 to 16 [ 755.071036][ T5266] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 755.078272][T11121] erofs: (device loop4): erofs_read_inode: negative i_size @ nid 36 [ 755.082722][ T5266] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 755.102969][ T5266] usb 3-1: New USB device found, idVendor=056a, idProduct=00bb, bcdDevice= 0.00 [ 755.112886][ T5266] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 755.144946][ T5266] usb 3-1: config 0 descriptor?? [ 755.169474][ T5243] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 755.180077][ T5243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 755.194045][ T5243] usb 4-1: config 0 descriptor?? [ 755.457427][ T5243] [drm] vendor descriptor length:6 data:06 5f 01 ff ff ff 00 00 00 00 00 [ 755.473848][ T5243] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 755.632341][T11079] bridge0: port 1(bridge_slave_0) entered blocking state [ 755.640518][T11079] bridge0: port 1(bridge_slave_0) entered disabled state [ 755.648853][T11079] bridge_slave_0: entered allmulticast mode [ 755.658436][T11079] bridge_slave_0: entered promiscuous mode [ 755.714363][ T5266] wacom 0003:056A:00BB.002A: Unknown device_type for 'HID 056a:00bb'. Assuming pen. [ 755.728868][ T5243] [drm:udl_init] *ERROR* Selecting channel failed [ 755.767149][ T5266] wacom 0003:056A:00BB.002A: hidraw0: USB HID v0.00 Device [HID 056a:00bb] on usb-dummy_hcd.2-1/input0 [ 755.779300][T11079] bridge0: port 2(bridge_slave_1) entered blocking state [ 755.779868][T11079] bridge0: port 2(bridge_slave_1) entered disabled state [ 755.780573][T11079] bridge_slave_1: entered allmulticast mode [ 755.783852][T11079] bridge_slave_1: entered promiscuous mode [ 755.794935][ T5266] input: Wacom Intuos4 12x19 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:00BB.002A/input/input26 [ 755.834144][ T5243] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 755.841411][ T5243] [drm] Initialized udl on minor 2 [ 755.877318][ T5243] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 755.888400][ T5243] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 755.922339][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 755.947211][ T5243] usb 4-1: USB disconnect, device number 12 [ 755.957071][ T25] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 755.965795][ T25] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 756.003081][T11124] loop0: detected capacity change from 0 to 2048 [ 756.030778][ T5266] usb 3-1: USB disconnect, device number 26 [ 756.046685][ T5192] Bluetooth: hci3: command tx timeout [ 756.125100][T11124] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 756.206409][T11124] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 756.249627][T11079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 756.311874][T11079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 756.523649][T11132] loop3: detected capacity change from 0 to 2048 [ 756.574489][T11079] team0: Port device team_slave_0 added [ 756.604503][T11079] team0: Port device team_slave_1 added [ 756.719126][T11132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 756.732237][T11132] ext4 filesystem being mounted at /145/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 756.871444][T11079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 756.881018][T11079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 756.911402][T11079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 756.992280][T11079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 756.999802][T11079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 757.030445][T11079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 757.466666][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.549155][T11079] hsr_slave_0: entered promiscuous mode [ 757.560782][T11079] hsr_slave_1: entered promiscuous mode [ 757.570933][T11079] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 757.578918][T11079] Cannot create hsr debugfs directory [ 757.958502][T11148] loop3: detected capacity change from 0 to 256 [ 758.063669][ T5192] Bluetooth: hci3: command tx timeout [ 759.077567][ T9736] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 759.195278][T11162] loop2: detected capacity change from 0 to 512 [ 759.225325][T11079] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 759.298599][T11079] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 759.333930][T11079] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 759.363975][T11079] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 759.425590][T11162] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2476: bg 0: block 5: invalid block bitmap [ 759.470668][ T9736] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 759.482962][ T9736] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 759.493438][ T9736] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 759.503043][ T9736] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 759.536740][T11162] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 759.556764][T11162] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2476: invalid indirect mapped block 3 (level 2) [ 759.568835][ T9736] usb 5-1: config 0 descriptor?? [ 759.616670][T11162] EXT4-fs (loop2): 1 orphan inode deleted [ 759.623006][T11162] EXT4-fs (loop2): 1 truncate cleaned up [ 759.631360][T11162] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 759.809878][T11160] loop3: detected capacity change from 0 to 4096 [ 759.862028][T11160] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 760.055222][ T9736] hid (null): nested delimiters [ 760.131291][T11079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 760.148587][ T5192] Bluetooth: hci3: command tx timeout [ 760.162254][ T9736] hid-led 0003:27B8:01ED.002B: nested delimiters [ 760.169331][ T9736] hid-led 0003:27B8:01ED.002B: item 0 1 2 10 parsing failed [ 760.212925][T11079] 8021q: adding VLAN 0 to HW filter on device team0 [ 760.245075][ T4410] bridge0: port 1(bridge_slave_0) entered blocking state [ 760.253041][ T4410] bridge0: port 1(bridge_slave_0) entered forwarding state [ 760.293963][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 760.344342][ T4410] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.352227][ T4410] bridge0: port 2(bridge_slave_1) entered forwarding state [ 760.361616][ T9736] hid-led 0003:27B8:01ED.002B: probe with driver hid-led failed with error -22 [ 760.470233][T11160] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 760.497378][ T9736] usb 5-1: USB disconnect, device number 20 [ 760.665388][T11160] ntfs3: loop3: ino=1e, "file1" encrypted i/o not supported [ 760.698819][ T29] audit: type=1800 audit(1727223452.461:64): pid=11160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2475" name="file1" dev="loop3" ino=30 res=0 errno=0 [ 761.428997][T11177] loop2: detected capacity change from 0 to 128 [ 762.013929][T11079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 762.029758][T11186] loop0: detected capacity change from 0 to 128 [ 762.084068][T11186] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 762.201500][T11186] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 762.477960][T11188] loop4: detected capacity change from 0 to 64 [ 762.495636][T11079] veth0_vlan: entered promiscuous mode [ 762.535515][T11079] veth1_vlan: entered promiscuous mode [ 762.706932][T11079] veth0_macvtap: entered promiscuous mode [ 762.730767][T11079] veth1_macvtap: entered promiscuous mode [ 762.794108][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 762.805242][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.815554][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 762.826436][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.839803][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 762.852010][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.862477][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 762.877771][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.893659][T11079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 762.945521][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 762.956939][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.967167][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 762.978658][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 762.989029][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 762.999977][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.010277][T11079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 763.021322][T11079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 763.037351][T11079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 763.094514][T11079] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.109061][T11079] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.122540][T11079] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.132977][T11079] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.313921][T11194] loop2: detected capacity change from 0 to 64 [ 763.879936][T11202] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2491'. [ 765.392938][T11228] netlink: 'syz.2.2501': attribute type 1 has an invalid length. [ 765.404414][T11228] netlink: 'syz.2.2501': attribute type 2 has an invalid length. [ 765.414607][T11228] netlink: 16074 bytes leftover after parsing attributes in process `syz.2.2501'. [ 767.377046][T11252] loop2: detected capacity change from 0 to 256 [ 768.480227][T11244] loop4: detected capacity change from 0 to 32768 [ 769.804302][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.812702][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.935688][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.945380][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.998576][T11264] loop3: detected capacity change from 0 to 4096 [ 770.067538][T11264] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 770.284308][T11275] loop0: detected capacity change from 0 to 128 [ 770.412338][T11264] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 770.663873][ T29] audit: type=1326 audit(1727223462.441:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.687003][ T29] audit: type=1326 audit(1727223462.441:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.713073][ T29] audit: type=1326 audit(1727223462.441:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.739780][ T29] audit: type=1326 audit(1727223462.441:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.763667][ T29] audit: type=1326 audit(1727223462.441:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.786580][ T29] audit: type=1326 audit(1727223462.451:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.812877][ T29] audit: type=1326 audit(1727223462.451:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.839677][ T29] audit: type=1326 audit(1727223462.451:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.863363][ T29] audit: type=1326 audit(1727223462.451:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 770.886372][ T29] audit: type=1326 audit(1727223462.451:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11278 comm="syz.4.2516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x50000 [ 772.526255][ T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 772.623798][T11290] loop3: detected capacity change from 0 to 256 [ 772.939342][ T10] usb 2-1: config 0 has an invalid interface descriptor of length 7, skipping [ 772.948960][ T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 772.959543][ T10] usb 2-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 772.969419][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 773.098687][ T10] usb 2-1: config 0 descriptor?? [ 773.122297][ T10] usb 2-1: Found UVC 0.00 device (046d:08c1) [ 773.129916][ T10] usb 2-1: No valid video chain found. [ 773.323864][ T10] usb 2-1: USB disconnect, device number 19 [ 773.438009][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 773.448403][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 773.718590][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 773.728720][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 773.767303][ T5243] usb 3-1: new high-speed USB device number 27 using dummy_hcd [ 773.979787][ T5243] usb 3-1: Using ep0 maxpacket: 32 [ 774.117817][T11305] block nbd4: shutting down sockets [ 774.313268][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 774.326585][ T5243] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 774.338113][ T5243] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 774.349155][ T5243] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 774.417162][ T5243] usb 3-1: config 0 descriptor?? [ 774.441720][ T5243] hub 3-1:0.0: USB hub found [ 774.782327][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 774.789617][T11312] loop1: detected capacity change from 0 to 2048 [ 774.792010][T11297] netlink: 58 bytes leftover after parsing attributes in process `syz.3.2528'. [ 774.815803][ T5243] hub 3-1:0.0: 1 port detected [ 774.978413][ T5243] hub 3-1:0.0: hub_hub_status failed (err = -71) [ 774.985538][ T5243] hub 3-1:0.0: config failed, can't get hub status (err -71) [ 775.051209][T11312] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 775.075628][ T5243] usbhid 3-1:0.0: can't add hid device: -71 [ 775.084150][ T5243] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 775.118213][ T5243] usb 3-1: USB disconnect, device number 27 [ 775.218441][T11079] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 775.336573][ T10] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 775.511585][ T10] usb 5-1: Using ep0 maxpacket: 16 [ 775.543769][ T10] usb 5-1: config 0 has an invalid descriptor of length 115, skipping remainder of the config [ 775.554706][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 775.564966][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 101, changing to 10 [ 775.583077][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 24675, setting to 1024 [ 775.595315][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 775.687320][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 775.697266][ T10] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 775.705577][ T10] usb 5-1: Manufacturer: syz [ 775.725468][ T10] usb 5-1: config 0 descriptor?? [ 775.753379][ T10] mceusb 5-1:0.0: mceusb_dev_probe: device setup failed! [ 775.761244][ T10] mceusb 5-1:0.0: probe with driver mceusb failed with error -12 [ 775.773199][ T10] usbhid 5-1:0.0: can't add hid device: -22 [ 775.782790][ T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -22 [ 775.970570][ T10] usb 5-1: USB disconnect, device number 21 [ 776.244980][T11332] loop1: detected capacity change from 0 to 128 [ 776.336281][T11332] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 776.402075][T11332] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 776.927312][T11347] netlink: 'syz.0.2546': attribute type 9 has an invalid length. [ 776.945883][T11347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2546'. [ 776.999352][T11079] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 777.120870][ T1238] ieee802154 phy0 wpan0: encryption failed: -22 [ 777.127764][ T1238] ieee802154 phy1 wpan1: encryption failed: -22 [ 778.238738][T11362] loop0: detected capacity change from 0 to 2048 [ 778.407702][T11362] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 778.478775][T11362] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 778.582511][ T9736] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 778.796349][T11379] netlink: 'syz.2.2560': attribute type 3 has an invalid length. [ 778.961911][ T9736] usb 5-1: Using ep0 maxpacket: 8 [ 779.026555][ T9736] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 779.050185][ T9736] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 779.059861][ T9736] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 779.068498][ T9736] usb 5-1: SerialNumber: syz [ 779.128462][ T9736] usb 5-1: config 0 descriptor?? [ 779.192271][ T9736] usb 5-1: Found UVC 0.00 device (05ac:8501) [ 779.199875][ T9736] usb 5-1: Failed to create links for entity 255 [ 779.206818][ T9736] usb 5-1: Failed to register entities (-22). [ 779.526462][T11366] loop4: detected capacity change from 0 to 512 [ 779.575445][ T9736] usb 5-1: USB disconnect, device number 22 [ 780.257168][ T9736] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 780.624326][ T9736] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 780.634153][ T9736] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 780.642704][ T9736] usb 4-1: Product: syz [ 780.647227][ T9736] usb 4-1: Manufacturer: syz [ 780.652118][ T9736] usb 4-1: SerialNumber: syz [ 780.699119][ T9736] usb 4-1: config 0 descriptor?? [ 781.010586][ T9736] usb 4-1: USB disconnect, device number 13 [ 781.073124][T11411] Bluetooth: MGMT ver 1.23 [ 781.999897][T11432] loop1: detected capacity change from 0 to 16 [ 782.026681][T11432] erofs: (device loop1): mounted with root inode @ nid 36. [ 782.545570][T11440] pimreg: entered allmulticast mode [ 783.030278][T11446] loop1: detected capacity change from 0 to 164 [ 783.351931][ T9736] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 783.656449][ T9736] usb 5-1: Using ep0 maxpacket: 32 [ 783.722458][ T9736] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 783.735435][ T9736] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 783.744954][ T9736] usb 5-1: Product: syz [ 783.749556][ T9736] usb 5-1: Manufacturer: syz [ 783.754439][ T9736] usb 5-1: SerialNumber: syz [ 783.772986][ T9736] usb 5-1: config 0 descriptor?? [ 784.244361][ T9736] airspy 5-1:0.0: Board ID: 00 [ 784.250625][ T9736] airspy 5-1:0.0: Firmware version: [ 784.689174][ T9736] airspy 5-1:0.0: usb_control_msg() failed -71 request 0e [ 784.724743][ T9736] airspy 5-1:0.0: Registered as swradio16 [ 784.732025][ T9736] airspy 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 784.798249][ T9736] usb 5-1: USB disconnect, device number 23 [ 785.183795][ T29] kauditd_printk_skb: 587 callbacks suppressed [ 785.183883][ T29] audit: type=1326 audit(1727223476.971:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.2602" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7a597def9 code=0x0 [ 785.336818][T11486] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null. [ 786.597568][ T9736] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 788.010982][ T9736] usb 4-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 788.020852][ T9736] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 788.085396][ T9736] usb 4-1: config 0 descriptor?? [ 788.247150][T11514] netlink: 'syz.1.2619': attribute type 10 has an invalid length. [ 788.300461][T11514] team0: Cannot enslave team device to itself [ 788.572753][ T9736] gs_usb 4-1:0.0: Configuring for 2 interfaces [ 788.868854][ T29] audit: type=1326 audit(1727223480.651:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.1.2621" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7a597def9 code=0x0 [ 788.982620][ T9736] gs_usb 4-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 789.029613][ T9736] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 1 (-EPROTO) [ 789.146987][ T9736] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -71 [ 789.200720][ T9736] usb 4-1: USB disconnect, device number 14 [ 790.414339][T11536] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 790.425166][T11488] syz.2.2608 (11488): drop_caches: 1 [ 790.737891][T11539] block nbd2: shutting down sockets [ 791.035285][T11542] loop1: detected capacity change from 0 to 1024 [ 791.842512][T11555] loop0: detected capacity change from 0 to 512 [ 791.960112][T11555] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 791.995763][T11564] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge0, syncid = 0, id = 0 [ 792.425613][ T9630] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 792.682943][T11574] @: renamed from vlan0 (while UP) [ 793.328948][T11579] loop3: detected capacity change from 0 to 512 [ 793.386935][T11579] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 793.573835][ T29] audit: type=1326 audit(1727223485.351:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11580 comm="syz.2.2647" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x0 [ 793.594113][T11579] EXT4-fs (loop3): 1 truncate cleaned up [ 793.597641][ T29] audit: type=1326 audit(1727223485.351:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11580 comm="syz.2.2647" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x0 [ 793.604090][T11579] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 793.625019][ T29] audit: type=1326 audit(1727223485.361:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11580 comm="syz.2.2647" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb6dd17def9 code=0x0 [ 793.934231][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 795.601710][T11614] loop4: detected capacity change from 0 to 256 [ 795.618200][T11616] loop3: detected capacity change from 0 to 512 [ 795.691207][T11614] exFAT-fs (loop4): failed to load alloc-bitmap [ 795.698858][T11614] exFAT-fs (loop4): failed to recognize exfat type [ 795.903658][T11616] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 795.917240][T11626] overlayfs: workdir and upperdir must reside under the same mount [ 795.929604][T11616] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 796.311208][T11588] coredump: 1235(syz.2.2647): interrupted: fatal signal pending [ 796.315553][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.319310][T11588] coredump: 1235(syz.2.2647): Error writing out the process memory [ 796.319753][T11588] coredump: 1235(syz.2.2647): written to core: VMAs: 36, size 97550336; core: 11314230 bytes, pos 11886592 [ 796.593975][T11631] loop4: detected capacity change from 0 to 512 [ 796.691491][T11631] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000079f) [ 796.702545][T11631] FAT-fs (loop4): Filesystem has been set read-only [ 796.975238][T11636] loop3: detected capacity change from 0 to 512 [ 797.036441][T11636] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 797.174100][T11639] loop2: detected capacity change from 0 to 1024 [ 797.239151][T11636] EXT4-fs (loop3): 1 truncate cleaned up [ 797.250099][T11636] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 797.383378][T11639] hfsplus: bad catalog entry type [ 797.638889][ T3353] hfsplus: b-tree write err: -5, ino 4 [ 797.721014][ T9098] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.896419][T11650] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2675'. [ 798.820413][T11659] loop2: detected capacity change from 0 to 2048 [ 798.923566][T11659] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 799.138366][T11658] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 799.154224][T11658] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28 [ 799.167026][T11658] EXT4-fs (loop2): This should not happen!! Data will be lost [ 799.167026][T11658] [ 799.178435][T11658] EXT4-fs (loop2): Total free blocks count 0 [ 799.184701][T11658] EXT4-fs (loop2): Free/Dirty block details [ 799.196676][T11658] EXT4-fs (loop2): free_blocks=2415919104 [ 799.202707][T11658] EXT4-fs (loop2): dirty_blocks=32 [ 799.211861][T11658] EXT4-fs (loop2): Block reservation details [ 799.218346][T11658] EXT4-fs (loop2): i_reserved_data_blocks=2 [ 799.247057][T11669] dvmrp1: tun_chr_ioctl cmd 1074025677 [ 799.253397][T11669] dvmrp1: linktype set to 805 [ 799.339387][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 800.197727][ T9736] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 800.437167][ T9736] usb 5-1: Using ep0 maxpacket: 32 [ 800.474551][ T9736] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 800.486433][ T9736] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 800.505468][ T9736] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 800.515424][ T9736] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 800.526717][ T9736] usb 5-1: Product: syz [ 800.531181][ T9736] usb 5-1: Manufacturer: syz [ 800.570449][ T9736] hub 5-1:4.0: USB hub found [ 801.041524][ T9736] hub 5-1:4.0: config failed, hub doesn't have any ports! (err -19) [ 801.427715][ T5243] usb 5-1: USB disconnect, device number 24 [ 801.661717][T11708] loop1: detected capacity change from 0 to 1024 [ 801.766819][T11708] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 801.856378][ T10] usb 3-1: new high-speed USB device number 28 using dummy_hcd [ 802.055708][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 802.069075][ T10] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 802.210405][T11079] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.243107][ T10] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 802.253091][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 802.258726][T11718] loop0: detected capacity change from 0 to 512 [ 802.263460][ T10] usb 3-1: SerialNumber: syz [ 802.512900][T11718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.526578][T11718] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 802.571503][ T10] usb 3-1: 0:2 : does not exist [ 802.673640][ T10] usb 3-1: USB disconnect, device number 28 [ 803.035197][ T9630] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.243846][T11733] program syz.4.2713 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 803.826204][T11745] loop4: detected capacity change from 0 to 256 [ 804.157106][T11745] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d) [ 804.175325][T11754] loop2: detected capacity change from 0 to 128 [ 804.196334][T11754] EXT4-fs: Ignoring removed nobh option [ 804.233005][T11752] netlink: 'syz.1.2721': attribute type 6 has an invalid length. [ 804.451948][T11754] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 804.467357][T11754] ext4 filesystem being mounted at /582/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 804.920143][ T5191] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 805.043348][T11766] loop4: detected capacity change from 0 to 256 [ 805.149948][ T29] audit: type=1326 audit(1727223496.941:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11764 comm="syz.4.2726" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc9717def9 code=0x0 [ 806.228030][ T9736] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 806.370966][T11791] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2736'. [ 806.456693][ T9736] usb 2-1: Using ep0 maxpacket: 8 [ 806.572102][ T9736] usb 2-1: config index 0 descriptor too short (expected 6427, got 27) [ 806.581011][ T9736] usb 2-1: config 0 has too many interfaces: 241, using maximum allowed: 32 [ 806.593350][ T9736] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 241 [ 806.604610][ T9736] usb 2-1: config 0 has no interface number 0 [ 806.611192][ T9736] usb 2-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 806.623382][ T9736] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 806.634932][ T9736] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 806.681947][ T9736] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4 [ 806.691532][ T9736] usb 2-1: New USB device strings: Mfr=228, Product=255, SerialNumber=0 [ 806.701458][ T9736] usb 2-1: Product: syz [ 806.708874][ T9736] usb 2-1: Manufacturer: syz [ 806.760965][ T9736] usb 2-1: config 0 descriptor?? [ 806.797881][T11785] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 807.481028][ T9736] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.21/input/input30 [ 807.755637][ C0] keyspan_remote 2-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19 [ 807.755695][T11806] loop4: detected capacity change from 0 to 512 [ 807.772328][ T10] usb 2-1: USB disconnect, device number 20 [ 807.808871][T11806] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 807.918510][T11806] EXT4-fs (loop4): 1 truncate cleaned up [ 807.926425][T11806] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 808.353803][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 808.929468][T11825] loop1: detected capacity change from 0 to 512 [ 809.153219][T11818] loop3: detected capacity change from 0 to 4096 [ 809.176768][T11825] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 809.187664][T11818] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 809.340960][T11825] EXT4-fs (loop1): 1 truncate cleaned up [ 809.349189][T11825] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 809.542073][T11818] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 809.844085][T11079] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 809.991156][ T9098] ntfs3: loop3: ino=1a, ntfs_sync_fs failed, -22. [ 810.063694][T11840] loop2: detected capacity change from 0 to 64 [ 810.685306][T11853] loop4: detected capacity change from 0 to 256 [ 810.794828][T11853] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 811.165193][T11855] loop2: detected capacity change from 0 to 2048 [ 811.383377][T11855] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.2762: bad orphan inode 8192 [ 811.439093][T11855] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 811.890292][ T5191] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 812.926218][T11899] loop1: detected capacity change from 0 to 512 [ 812.935467][T11899] EXT4-fs: Ignoring removed mblk_io_submit option [ 813.056900][T11899] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 813.106075][T11894] tap0: tun_chr_ioctl cmd 2147767506 [ 813.373506][T11899] EXT4-fs (loop1): 1 truncate cleaned up [ 813.381629][T11899] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 813.519712][T11079] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 814.284880][T11918] loop0: detected capacity change from 0 to 2048 [ 814.418956][T11926] loop1: detected capacity change from 0 to 128 [ 814.500105][T11929] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 814.614762][T11928] loop4: detected capacity change from 0 to 128 [ 814.640596][T11918] syz.0.2786: attempt to access beyond end of device [ 814.640596][T11918] loop0: rw=0, sector=15393162788900, nr_sectors = 2 limit=2048 [ 814.658078][T11918] NILFS error (device loop0): nilfs_readdir: bad page in #2 [ 814.716622][T11918] Remounting filesystem read-only [ 814.751487][T11933] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 815.236569][T11936] loop2: detected capacity change from 0 to 1024 [ 815.403403][ T29] audit: type=1326 audit(1727223507.191:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11940 comm="syz.1.2797" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe7a597def9 code=0x0 [ 815.669592][ T5191] hfsplus: bad catalog entry type [ 815.711410][ T5191] ===================================================== [ 815.719157][ T5191] BUG: KMSAN: uninit-value in hfsplus_uni2asc+0x821/0x2350 [ 815.727508][ T5191] hfsplus_uni2asc+0x821/0x2350 [ 815.732630][ T5191] hfsplus_readdir+0xbd7/0x18d0 [ 815.738063][ T5191] iterate_dir+0x5b3/0x9e0 [ 815.742906][ T5191] __se_sys_getdents64+0x16e/0x550 [ 815.748528][ T5191] __x64_sys_getdents64+0x96/0xe0 [ 815.758793][ T5191] x64_sys_call+0x3430/0x3ba0 [ 815.763814][ T5191] do_syscall_64+0xcd/0x1e0 [ 815.770505][ T5191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.776938][ T5191] [ 815.782085][ T5191] Uninit was created at: [ 815.788123][ T5191] __kmalloc_noprof+0x661/0xf30 [ 815.793279][ T5191] hfsplus_find_init+0x95/0x1d0 [ 815.798710][ T5191] hfsplus_readdir+0x1da/0x18d0 [ 815.803853][ T5191] iterate_dir+0x5b3/0x9e0 [ 815.808712][ T5191] __se_sys_getdents64+0x16e/0x550 [ 815.814116][ T5191] __x64_sys_getdents64+0x96/0xe0 [ 815.819568][ T5191] x64_sys_call+0x3430/0x3ba0 [ 815.824606][ T5191] do_syscall_64+0xcd/0x1e0 [ 815.829567][ T5191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.835752][ T5191] [ 815.838483][ T5191] CPU: 1 UID: 0 PID: 5191 Comm: syz-executor Not tainted 6.11.0-syzkaller-10045-g97d8894b6f4c #0 [ 815.850069][ T5191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 815.865227][ T5191] ===================================================== [ 815.874039][ T5191] Disabling lock debugging due to kernel taint [ 815.883650][ T5191] Kernel panic - not syncing: kmsan.panic set ... [ 815.890258][ T5191] CPU: 1 UID: 0 PID: 5191 Comm: syz-executor Tainted: G B 6.11.0-syzkaller-10045-g97d8894b6f4c #0 [ 815.902474][ T5191] Tainted: [B]=BAD_PAGE [ 815.906767][ T5191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 815.916997][ T5191] Call Trace: [ 815.920407][ T5191] [ 815.923462][ T5191] dump_stack_lvl+0x216/0x2d0 [ 815.928361][ T5191] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 815.934436][ T5191] dump_stack+0x1e/0x30 [ 815.938793][ T5191] panic+0x4e2/0xcf0 [ 815.942961][ T5191] ? kmsan_get_metadata+0x121/0x1c0 [ 815.948422][ T5191] kmsan_report+0x2c7/0x2d0 [ 815.953161][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 815.958620][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 815.964146][ T5191] ? __msan_warning+0x95/0x120 [ 815.969159][ T5191] ? hfsplus_uni2asc+0x821/0x2350 [ 815.974406][ T5191] ? hfsplus_readdir+0xbd7/0x18d0 [ 815.979625][ T5191] ? iterate_dir+0x5b3/0x9e0 [ 815.984423][ T5191] ? __se_sys_getdents64+0x16e/0x550 [ 815.989930][ T5191] ? __x64_sys_getdents64+0x96/0xe0 [ 815.995377][ T5191] ? x64_sys_call+0x3430/0x3ba0 [ 816.000563][ T5191] ? do_syscall_64+0xcd/0x1e0 [ 816.005448][ T5191] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.011766][ T5191] ? filter_irq_stacks+0x60/0x1a0 [ 816.017067][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.022602][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.028038][ T5191] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 816.034123][ T5191] ? hfsplus_bnode_read_u16+0x3e/0x2b0 [ 816.039812][ T5191] ? filter_irq_stacks+0x60/0x1a0 [ 816.045077][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.050522][ T5191] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 816.056584][ T5191] ? utf32_to_utf8+0x4b1/0x4e0 [ 816.061610][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.067054][ T5191] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 816.073123][ T5191] __msan_warning+0x95/0x120 [ 816.077941][ T5191] hfsplus_uni2asc+0x821/0x2350 [ 816.083016][ T5191] ? __msan_memcpy+0x108/0x1c0 [ 816.088003][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.093478][ T5191] ? __msan_memcpy+0x108/0x1c0 [ 816.098487][ T5191] hfsplus_readdir+0xbd7/0x18d0 [ 816.103579][ T5191] ? __rcu_read_unlock+0x7b/0xe0 [ 816.108733][ T5191] ? aa_file_perm+0x3de/0x1780 [ 816.113813][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.119270][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.124710][ T5191] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 816.131280][ T5191] ? kmsan_get_metadata+0x13e/0x1c0 [ 816.136728][ T5191] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 816.142842][ T5191] ? __pfx_hfsplus_readdir+0x10/0x10 [ 816.148359][ T5191] iterate_dir+0x5b3/0x9e0 [ 816.152982][ T5191] ? __pfx_hfsplus_readdir+0x10/0x10 [ 816.158469][ T5191] ? mutex_lock+0x38/0x60 [ 816.163170][ T5191] __se_sys_getdents64+0x16e/0x550 [ 816.168503][ T5191] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 816.175177][ T5191] ? __pfx_filldir64+0x10/0x10 [ 816.180169][ T5191] __x64_sys_getdents64+0x96/0xe0 [ 816.185414][ T5191] x64_sys_call+0x3430/0x3ba0 [ 816.190321][ T5191] do_syscall_64+0xcd/0x1e0 [ 816.195056][ T5191] ? clear_bhb_loop+0x25/0x80 [ 816.199928][ T5191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.206096][ T5191] RIP: 0033:0x7fb6dd1b0093 [ 816.210691][ T5191] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 816.230604][ T5191] RSP: 002b:00007ffd93571958 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 816.239243][ T5191] RAX: ffffffffffffffda RBX: 0000555558fa5600 RCX: 00007fb6dd1b0093 [ 816.248437][ T5191] RDX: 0000000000008000 RSI: 0000555558fa5600 RDI: 0000000000000005 [ 816.256570][ T5191] RBP: 0000555558fa55d4 R08: 0000000000000000 R09: 0000000000000000 [ 816.264711][ T5191] R10: 0000000000000100 R11: 0000000000000293 R12: ffffffffffffffa8 [ 816.272857][ T5191] R13: 0000000000000016 R14: 0000555558fa55d0 R15: 00007ffd93573c00 [ 816.281023][ T5191] [ 816.284471][ T5191] Kernel Offset: disabled [ 816.288886][ T5191] Rebooting in 86400 seconds..