last executing test programs: 28.924804198s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x458, &(0x7f0000000600)={[{@abort}, {@usrquota}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@minixdf}, {@nobh}]}, 0xfe, 0x7ab, &(0x7f0000001100)="$eJzs3c1rHOUfAPDvbF6b9vdrBMHWS3PSQummrbFVEBpPIlgo6Nk2bLYhZpMt2U1pQg4WEQQRtHgQ9OLZl3rzJqJn/wYvItJSNS1WPMjK7Euy7SbpNk2ybfL5wCTPM/PsPPOd2Xnm2Z2HnQB2raH0TybiYER8mETsr89PIqKnmuqOGK2Vu7O0mEunJCqV1/9IqmVuLy3mouk1qb31zIGI+OHdiCOZ1npL8wtTY4VCfraeHy5PXxwuzS8cnZwem8hP5GdOHh8ZOXHq+VMnNy/Wv35a2Hfjo1ee/Xr0n3eeuvbBj0mMxr76suY4NstQDNX3SU+6C2u+2+xaHg1JpzeADUlPza7aWR4HY390VVMAwE6WXv8rAMAuk6x1/e/WNQCAnanxPcDtpcVcY+rsNxLb6+bLEdFfi79xf7O2pLt+z66/eh904HZy152RJCIGN6H+AxHx2bdvfplOsUX3IQFW8/aViDg/ONTa/icrYxY26FgbZYbuyWv/YPt8n/Z/Xlit/5dZ7v/EKv2fvlXO3Y0Yiuitr66q9fzPXF9O7mmafXoTKq/3/16qjW1LA23q/y0PWhvsquf+l2YORcRkIZ+2bf+PiMPR03dhspA/vk4dh2/9e2utZUNN/b8/r771RVp/+n+lROZ6d9/drxkfK489TMzNbl6JeLp7ZWzfnZb2v3HUW/u/Z9db8aGV5KsvvvfpWsXS+NN4G1Nr/Fur8nnEM7F6/A3JuuMTh9PDf6z2d/U6vvnlk4G16m8+/umU1t/4LLAd0uM/sH78g0nzeM3S5tZ///iX3//LG5S+/3uTN6rp3vq8y2Pl8uzxiN7ktdb5J1bW1sg3yqfx11a82Bt3xb/S/iWrtH/pZ8LzbcbYfeP3rzYe/9ZK4x9/oOP/4Ilrd6a61qq/veM/Uk0drs9pp/1rdwMfZt8BAAAAAAAAAAAAAAAAAAAAAAAAQLsyEbEvkkx2OZ3JZLO1Z3g/GQOZQrFUPnKhODczHtVnZQ9GT6bxU5f7a/mk8fung035E/fkn4uIJyLi47491Xw2VyyMdzp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbu8bz/1O/9XV66wCALdPfMqdSqVSa87fy6y4GAB47Tdf/0U5uBwCwfVo//wMAO53rPwDsPq7/ALD7uP4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwxc6eOZNOlb+XFnNpfvzS/NxU8dLR8XxpKjs9l8vmirMXsxPF4kQhn80Vp++3vkKxeHEkZuYuD5fzpfJwaX7h3HRxbqZ8bnJ67HScy/dsS1QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GBK8wtTY4VCfnZHJN6PiM5vRrpfH4W9sWMSvx79+cB6Za7e52082kZd/fUT4hEJufOJzrZLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+L/wIAAP//ZtQfTw==") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000300)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0) mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x297880, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00') pread64(r0, &(0x7f0000004180)=""/4096, 0x1000, 0x0) 27.455799647s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x4, &(0x7f00000003c0)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x5, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe80, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) 26.081342984s ago: executing program 1: r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index}) io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x18, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1) 23.68519614s ago: executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @in={0x2, 0x0, @multicast1}, @in={0x2, 0x0, @dev}], 0x58) 5.445119479s ago: executing program 0: syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f0000000040)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==") r0 = open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"}) ftruncate(r0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 4.898891511s ago: executing program 2: syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636f6465706167653d63703835352c63726561746f723dec0e6ba32c7569643d", @ANYRESHEX, @ANYBLOB="2c696f636861917365743d6b6fa9f38f2f2c756d61736b3d30303030303030303031312c00eaffffff0000000000000000"], 0x1, 0x2dd, &(0x7f0000000a00)="$eJzs3T9v00AYx/HfOUlJ/6iYtgiJBVSoBEtFgQGxBKGs7EwIaFKpIiqiLRKwUBAj4gWw8xZ4ESwg3gBMTLyAbofu4rh2YztpaZKm/X6kRvb57vycfI7vsQQRgFPrfv3Xl1t/3J+RSipJuisFkqpSWdJ5Xai+3Nhe3241G0UdlXwL92fUbmm66qxuNLOauna+RSR0e2XNJMswGNbae79zj54ZaiwYHX/3ZwjcJGjfh/54dchxDcqOdGnUMQxb8gKbXe3qlWZHGA4A4BiInv9B9JiY8UVGQSAtRY/9E/X83x11AEfrdquryBY2SDz//erOGnd9z/pDe/meT+Hc8aCTJfYTTGXf/oTaMyu1wDS9skofSzC5tl7W8uo7NQK9Vy2SqLbgPxvtqdvRI9rFjNy0QH5vFT2Yao/Gryj364S0tt5q+lQqI/75g52xbxN5B8w388M8MqE+qxGv/8rWuBa+UbjvSgUVF/+N/FNN+1aulqK0v1arBakq5/xJLqbD6jHKanZGkuyz84JgJ46gKE5/7jmlXyu0R7fSo9V8Vqsw3stptZBqVYpmwvLq81bhq5TB6AzRfDIPzaL+6qvqifV/4OJbUuLOLPqqN75mNDPa48mZcGVfM+x6cuzdLpfjCCK8dTiUg70t+6inuqPZrddvnpVaream23iSsfFiZtNEJZUPUmadQ26o/8olFfWzs1dinbfW9tuzPbrhdG9cP9IO3fdHXOJun6zK7i6LS4IBjevUb9S/q2hCjs+GtVLOoYF9T+EY2TKdi+53y5ocdUQYMrfuMtav//xKPlrV+RTJfYQF6/TiJFOpHlfiDC69FJzzn1MHyuCm8zO4xBlv5uSMPue6ck26mig0KjxjGMV5Qpi6fuox7/8BAAAAAAAAAAAAAAAAAADGzX/8m5y+N0Y9RgAAAAAAAAAAAAAAAAAAAAAAxt2hfv836/+I97//G/L7v8AY+RcAAP//gw94Dw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000009c0), 0x10f) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, 0x0, &(0x7f00000000c0)) 4.410647589s ago: executing program 0: r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000100)="0247f7a7b8c0000000000000000000e0", 0x10}, {&(0x7f0000000380)="e1f38d8bafa902023e2e95dc4ea0a11e83727f97e968daff14f83c0dc0712c618fd6b99895f986cb32d37a3b66942197f4edd0860f38a364a09fddf1f36e0078a34583bf1a5cc0a4698713da403a72aa1c2c222db63413e5bb180c873b973c8d8cf95728d566d3cf8bba90edf59654bb0cfdc3b44a92c0404adf2d6c2f1eec88034eb6cda38624f2cec8a2f8ac3fb130ce517f68dfc18f88fa8546a4cdcbcc1375162d2e0b00df4d215bafdc82fac653a603b1bf55edffb360a7b031df6efda27ee6b893a8117124b14f6279c162eee53dfa490eb0dec40eb2fe50c60e72a206", 0xe0}], 0x2}, 0x0) 4.359975197s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000000), 0x6, 0x51b, &(0x7f0000000c00)="$eJzs3U9vI2cZAPBnHLubbSOcthxKJbZL/2gXwTpJ0z8Rh9JI/DlVQpR7NiROFMWJV4nTbqIVpJ8AhCpA4gInLkh8ACTUj4CQKsGNAydQBVl64IKMZjzuJo6dJoqT2SS/nzQ777xv7Od5nLX9jmfiCeDKuhkRb0fESES8EhHVvL+UL7HbWdKfe7j3YCFdkmi33/1XEkne13ufT+U3S33/uxE/TA7H3dzeWZ1vNOobB7t37qyszS/Xl+vr09NTb8y8OfP6zOQxK0nKR40+HRFvfevTn//kt995649ff//vc/+8/aM0rbv5eL86hqFTeiVGD2xfHun/m3JWIQAAF8GzEfFMRLwYEV+NaozEkdNoAAAA4AJqf3PsWrcJAAAAXE6liBiLpFTLz/cdi1KpVuucw/vFeLLUaG62vrbU3FpfTMcixqNSWlpp1Cfzc4XHo5Kk21NZ+9H2qz3b0/k5uB9Wr6fb2RgAAABwPmZ79v8/rXb2/wEAAIBLpv/B+JFDPfmXV+2edT4AAADA8DkZHwAAAC4/+/8AAABwqX3vnXfSpf1w70F2HYDF97a3Vpvv3Vmsb67W1rYWagvNjXu15WZzuVGvHf6LgEMazea912J96/5Eq7zZmtjc3plba26tt+ay63rP1Z85h5oAAACAg55+4aO/JhGx+43r2ZJ6Ih+rFJoZ8BhJyj0dd79SUCbAUBzjI/2Dbm6dTSLAuet9TweuDvv4QNLb0TMxGB00VfhTb8eNz41lzgEAAMW49aVTHP83kYcLrVR0AkBhflp0AkBhjj2Fv3m2eQDnr3LyMwCBS+bQ8f8eo4MGDh3/H6TdPlFCAADA0I11Vtkl/UvZdqlUq312WDBZWmnUJyPiCxHxl2rlWro9VWC+AAAAAAAAAAAAAAAAAAAAAAAAAHARtdtJtAEAAIBLLaL0jyS//tet6stjvZ8PPJH8t5qtI+L9X737i/vzrdbGVNr/78/6W7/M+18t4hMMAAAAuIoqR45299O7+/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMEwP9x4sdJfzjPvJbFyP8X7xyzGarUejEhFP/ieJ8r7bJRExMoT4ux9ExHP94idpWjGeZ9EbvxQR1wuO/9QQ4sNV9tFsRLzd7/lXipvZuv/zr5wvp/XJbPYk7xu/+/o30if+STz/8e8nBsb/IOL5cv/Xn278ZMDr70vHjH/3Bzs7g8bav4m4lb3/pFUejJ8p5T/YWrs3sbm9c2dlbX65vlxfn56eemPmzZnXZyYnllYa9fzfvjF+9uU/7H44sP5OgP31d+sc72T440H1v3zM+v/38f29ZzvNyuH4Ebdf6v/7fy5b93/800frlfzhScdvddu7nfZ+N3735xuDckvjL/Z9/+/+/qvtR/HLB+q/fbzy99f86+PdBAA4S5vbO6vzjUZ94xwaL742vDtMskY6Czqn5ItudD/seFzyGS0m+rUotvZvn/p+utPh09zP34ZWV7rP0H+owBclAADgTDya9BedCQAAAAAAAAAAAAAAAAAAAFxd2d//j5zwiwBfONk3jfXG3C2mVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAI/0/AAD//9Gfvvo=") quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000000100)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)) 4.134546017s ago: executing program 2: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[], 0x0, 0x2d, 0x0, 0x1}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlEfv6X3gWy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLH1po507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+cGdz7") creat(&(0x7f00000000c0)='./bus\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x401c5820, &(0x7f00000001c0)) 3.582452821s ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000000)=0x1) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast}) poll(&(0x7f0000000040)=[{r0}], 0x1, 0x2) 3.533674271s ago: executing program 3: unshare(0x400) r0 = socket(0x2c, 0x3, 0x0) bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x14) 3.144029769s ago: executing program 4: r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x40041271, 0x0) 2.633307134s ago: executing program 4: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x62981) writev(r0, &(0x7f0000000580)=[{&(0x7f0000000000)='#', 0x1}], 0x1) r1 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x11900}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) 2.510519637s ago: executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000300)={0xff02, 0x0, 0x0, 0x0, 0x0, "1f7300"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000000)) 2.451010415s ago: executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_ADDRESS={0x4, 0x1, @remote}]}, 0x40}}, 0x0) 2.402382801s ago: executing program 3: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000001bc0)=ANY=[@ANYBLOB="180000000000000000000400200000006b11180000000000895c2f67d5e741283ab1f2df4497b2d457a60108f68613872aba0562b102ee1d3b20e759828b8091379a08e592683634b87470c88e92b3c58e8514e164e5556f88b4a113a1bb929e97c1b55edb319694e93cd600412c65ba65394fb445305b5e552bdcf0c2e822d9770b87686bc1b6a3bd39c18caffeb59d0ddc09aa52bfdafa3d1a530e505c276c9d7be7dffddbaa0cdd299de51d204cf60ca5b60426d9c01c3aa53c953dd907200aaa4c81fafe1a35e1b37e3b87091fb946182cddb65ea1c49275aa49ae9d658e3f4cdbe6db336fb63fd68aaa4d174ffa395d12dc4ef44824875991f4c3d246fb91728e21ca103f9176295e81e9ec422c6b47b155e28e63ae359049307296"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x70) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x4, 0xbf25}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r1, &(0x7f00000000c0), 0x20000000}, 0x20) close(r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x12, 0x1f, 0x3, 0x0, 0x0, r1, 0x4e9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x48) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000001440)={r2, 0xfffffffffffffeba, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001680)={&(0x7f0000001480)=ANY=[@ANYBLOB="9feb01001800000000000000aa000000aa0080000c000000060000000000000c03000000050000000100000f0200000001000000d631ec16ff03000056820f00000000000009050000000e0000000000000000000000010000000000000700000000050000000000000a00000000010000000000000c0200000000000000020000060400000002000000ff0700000000000001010000010000000000000e0200000001000000080000000200000604000000ecffffff00000000090000000100000000005f5f30002e3030302e6100"], &(0x7f0000001580)=""/214, 0xd0, 0xd6, 0x1, 0x10000}, 0x20) r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000000)={0x0, 0xfffffffffffffffe, &(0x7f0000000200), &(0x7f0000000280), 0x8, r5}, 0x38) r6 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001780)=@generic={&(0x7f0000001740)='./file0\x00', 0x0, 0x8}, 0x18) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) write$cgroup_subtree(r7, &(0x7f0000001c40)=ANY=[], 0x1a000) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001840)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000017c0), &(0x7f0000001800)='%pB \x00'}, 0x20) r9 = bpf$MAP_CREATE(0x0, &(0x7f0000001880)=@base={0x14, 0x8, 0x5, 0x0, 0x1020, 0xffffffffffffffff, 0x7}, 0x48) r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001900)={0x1b, 0x0, 0x0, 0x100, 0x0, 0x1, 0x9bf, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5}, 0x48) r11 = bpf$MAP_CREATE(0x0, &(0x7f0000001980)=@bloom_filter={0x1e, 0x799, 0x3, 0x1, 0x0, 0x1, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0xa}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001a80)={0x6, 0x1d, &(0x7f0000001200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x374b11c8}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @ldst={0x0, 0x2, 0x3, 0x8, 0x7, 0xffffffffffffffe0, 0x10}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000100)='syzkaller\x00', 0x4, 0xc7, &(0x7f0000001300)=""/199, 0x41100, 0x21, '\x00', r3, 0x25, r4, 0x8, &(0x7f00000016c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000001700)={0x2, 0xf, 0x9, 0xffffff08}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000001a00)=[r5, r6, r7, r8, r9, r10, r11], &(0x7f0000001a40)=[{0x0, 0x2, 0x10, 0x3}, {0x2, 0x5, 0xa, 0x4}, {0x8, 0x3, 0x7, 0x4}], 0x10, 0x9}, 0x90) r12 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0) r13 = socket(0x2, 0x2, 0x0) getsockopt$inet6_mreq(r13, 0x11, 0x0, 0x0, 0x0) r14 = creat(&(0x7f0000000000)='./file0\x00', 0xecf86c37d53049cc) write$binfmt_script(r14, &(0x7f0000000040), 0x191) close(r14) ioctl$EVIOCGPROP(r12, 0x40047438, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS1(r12, 0x40047459, &(0x7f0000000000)=0x20) 2.093456527s ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000068006f760000000000000000000000000000000014000200020000000000b4"], 0x2c}}, 0x0) 1.810999826s ago: executing program 0: syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636f6465706167653d63703835352c63726561746f723dec0e6ba32c7569643d", @ANYRESHEX, @ANYBLOB="2c696f636861917365743d6b6fa9f38f2f2c756d61736b3d30303030303030303031312c00eaffffff0000000000000000"], 0x1, 0x2dd, &(0x7f0000000a00)="$eJzs3T9v00AYx/HfOUlJ/6iYtgiJBVSoBEtFgQGxBKGs7EwIaFKpIiqiLRKwUBAj4gWw8xZ4ESwg3gBMTLyAbofu4rh2YztpaZKm/X6kRvb57vycfI7vsQQRgFPrfv3Xl1t/3J+RSipJuisFkqpSWdJ5Xai+3Nhe3241G0UdlXwL92fUbmm66qxuNLOauna+RSR0e2XNJMswGNbae79zj54ZaiwYHX/3ZwjcJGjfh/54dchxDcqOdGnUMQxb8gKbXe3qlWZHGA4A4BiInv9B9JiY8UVGQSAtRY/9E/X83x11AEfrdquryBY2SDz//erOGnd9z/pDe/meT+Hc8aCTJfYTTGXf/oTaMyu1wDS9skofSzC5tl7W8uo7NQK9Vy2SqLbgPxvtqdvRI9rFjNy0QH5vFT2Yao/Gryj364S0tt5q+lQqI/75g52xbxN5B8w388M8MqE+qxGv/8rWuBa+UbjvSgUVF/+N/FNN+1aulqK0v1arBakq5/xJLqbD6jHKanZGkuyz84JgJ46gKE5/7jmlXyu0R7fSo9V8Vqsw3stptZBqVYpmwvLq81bhq5TB6AzRfDIPzaL+6qvqifV/4OJbUuLOLPqqN75mNDPa48mZcGVfM+x6cuzdLpfjCCK8dTiUg70t+6inuqPZrddvnpVaream23iSsfFiZtNEJZUPUmadQ26o/8olFfWzs1dinbfW9tuzPbrhdG9cP9IO3fdHXOJun6zK7i6LS4IBjevUb9S/q2hCjs+GtVLOoYF9T+EY2TKdi+53y5ocdUQYMrfuMtav//xKPlrV+RTJfYQF6/TiJFOpHlfiDC69FJzzn1MHyuCm8zO4xBlv5uSMPue6ck26mig0KjxjGMV5Qpi6fuox7/8BAAAAAAAAAAAAAAAAAADGzX/8m5y+N0Y9RgAAAAAAAAAAAAAAAAAAAAAAxt2hfv836/+I97//G/L7v8AY+RcAAP//gw94Dw==") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.time\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000009c0), 0x10f) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000005, 0x10012, r0, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, 0x0, &(0x7f00000000c0)) 1.640395712s ago: executing program 2: mknodat$loop(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x6000, 0x1) r0 = open(&(0x7f0000000000)='./file2\x00', 0x0, 0x0) ioctl$BLKGETSIZE64(r0, 0x80041272, &(0x7f0000000080)) 1.573906752s ago: executing program 3: r0 = socket$kcm(0x2, 0x3, 0x84) sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x2, 0x0, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000100)="0247f7a7b8c0000000000000000000e0", 0x10}, {&(0x7f0000000380)="e1f38d8bafa902023e2e95dc4ea0a11e83727f97e968daff14f83c0dc0712c618fd6b99895f986cb32d37a3b66942197f4edd0860f38a364a09fddf1f36e0078a34583bf1a5cc0a4698713da403a72aa1c2c222db63413e5bb180c873b973c8d8cf95728d566d3cf8bba90edf59654bb0cfdc3b44a92c0404adf2d6c2f1eec88034eb6cda38624f2cec8a2f8ac3fb130ce517f68dfc18f88fa8546a4cdcbcc1375162d2e0b00df4d215bafdc82fac653a603b1bf55edffb360a7b031df6efda27ee6b893a8117124b14f6279c162eee53dfa490eb0dec40eb2fe50c60e72a206", 0xe0}], 0x2}, 0x0) 1.38852755s ago: executing program 4: r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x11781}, &(0x7f0000000100)=0x0, &(0x7f0000000480)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0xe85, 0x0, 0x0, 0x0, 0x0) 1.232632006s ago: executing program 2: r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_NEIGHBORS(r1, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="310300000000000000000900000008000300", @ANYRES16=r0], 0x24}}, 0x0) 1.158433735s ago: executing program 1: r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_int(r0, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @in={0x2, 0x0, @multicast1}, @in={0x2, 0x0, @dev}], 0x58) 938.01593ms ago: executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) ioctl$BLKBSZSET(r0, 0x40041271, 0x0) 932.182429ms ago: executing program 0: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[], 0x0, 0x2d, 0x0, 0x1}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@init_itable}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x4aa, &(0x7f0000000740)="$eJzs3MtvG0UYAPBvN4++m7SURx9QQ0FEFJImLdADh4JA6gUJCQ7lGNJQlaYtaoJEq4oGhMoR8RcARyQkTlw4gYQQcAJxhTtCqlAvLRxQ0Nq7ybqxU8d5GOrfT7IzszvrmW93xx7vZB1A16pkT0nE1oj4NSIGatn6ApXan5vXL0/8df3yRBJzcy//mVTL3bh+eaIoWmy3Jc8MpRHp+0nsbVDv9MVLZ8anpiYv5PmRmbNvjkxfvPTE6bPjpyZPTZ4bO3r0yOHRp58ae3JV4sziurHnnfP7dh9/9aMXJ+bitR8+z9q7NV9fjqNmcMV1VqISc7mFpf3V50dW/Or/LdtK6aS3gw1hWXoiIjtcfdX+PxA9sXDwBuKF9+Yz33aogcCayT6bdixa2pP/Tec/v4A7UaKPQ5cqPvGz77/FYz3HH5127dnsebIa/838UVvTG2n2XXaw9o29p8n2x1ZY/9aIODH798fZIxpehwAAWF1fZ+OfxxuN/9K4p1Ruez6HMhgRByNiZ0TcFRG7IuLuiGrZeyPivmXWX7klv3j88/OmtgJrUTb+eyaf26of/6V5iWQ+t60af1/y+umpyUP5PhmKvg1ZfnSJOr55/pcPm62rlMZ/2SOrvxgL5u34o3dD/TYnx2fGVxBynWvvRuzpbRR/Mj8TkO2B3RGxp43Xz/bZ6cc+25elt29ZvP728S9hFeaZ5j6NeLR2/GfjlvgLSa2mZvOTIxtjavLQSHFWLPbjT1dfKuf7Sum6+De2FtPGdoNtIDv+mxue/3n8RTco5munl1/H1d8+aPqdZvHxT+LEbLlEfv6X3gWy878/eaWa7s+XvT0+M3NhNKI/X1C3fGxh2yJflM/iHzrQuP/vjPjnk3y7vRGRncT3R8QDEbE/b/uDEfFQRBxYIv7vn3v4jaX3UJvn/yrI4j+51PGPGEzK8/VtJHrOfPdVs/pbe/87Uk0N5Utaef9rtYEr2XcAAADwf5FW56CTdLhIly5O7YrN6dT56ZmDlXjr3MnaXPVg9KXFla6B0vXQ0fzacJEfuyV/OCJ2VP/TaFM1PzxxfmpbJwMHqvfq1PX/SNPh4dq635v90wtw51jWPFr57sAvvlz9xgDryv2a0L30f+he+j90L/0fulej/n8l4mYHmgKsM5//0L30f+he+j90L/0futLiW+KLH1po507/hcTO4yvafM0TcwNr8sqzy9+qZ40ijfKPdjRNJBHRXhWRLl2mv4XaO5ZIb1vmWJu7ZRmJ/XliQ0S0utWVddurnX1fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC3/BgAA//+cGdz7") creat(&(0x7f00000000c0)='./bus\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x1) socket$nl_route(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x401c5820, &(0x7f00000001c0)) 733.294793ms ago: executing program 4: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0, @ANYRESDEC], 0x15) 515.677465ms ago: executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000100)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) splice(r0, 0x0, r2, 0x0, 0x8ec3, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r4, 0x0, 0x800, 0x0) close(r2) 460.86924ms ago: executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x62981) writev(r0, &(0x7f0000000580)=[{&(0x7f0000000000)='#', 0x1}], 0x1) r1 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x11900}, &(0x7f0000000000)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0) 403.530623ms ago: executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_ADDRESS={0x4, 0x1, @remote}]}, 0x40}}, 0x0) 0s ago: executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000300)={0xff02, 0x0, 0x0, 0x0, 0x0, "1f7300"}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000000)) kernel console output (not intermixed with test programs): : 0xe619d30d) [ 622.783143][ T8840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 622.838111][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 622.934497][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 623.019617][ T8840] 8021q: adding VLAN 0 to HW filter on device team0 [ 623.044391][ T8973] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 623.117802][ T6965] bridge0: port 1(bridge_slave_0) entered blocking state [ 623.125804][ T6965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 623.246154][ T6965] bridge0: port 2(bridge_slave_1) entered blocking state [ 623.254128][ T6965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.804715][ T8980] netlink: 'syz-executor.0': attribute type 9 has an invalid length. [ 623.814616][ T8980] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 625.301252][ T8840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 625.360611][ T8993] usb usb9: usbfs: process 8993 (syz-executor.0) did not claim interface 0 before use [ 625.703987][ T8996] loop0: detected capacity change from 0 to 512 [ 625.820001][ T8996] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 625.828056][ T8996] UDF-fs: Scanning with blocksize 512 failed [ 625.995232][ T8840] veth0_vlan: entered promiscuous mode [ 626.164040][ T8840] veth1_vlan: entered promiscuous mode [ 626.214545][ T8996] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 626.222404][ T8996] UDF-fs: Scanning with blocksize 1024 failed [ 626.296896][ T9001] loop1: detected capacity change from 0 to 256 [ 626.328134][ T8996] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 626.336356][ T8996] UDF-fs: Scanning with blocksize 2048 failed [ 626.395906][ T8996] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 626.416534][ T9001] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x4323664b, utbl_chksum : 0xe619d30d) [ 626.499458][ T8996] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 626.595733][ T8840] veth0_macvtap: entered promiscuous mode [ 626.661891][ T8840] veth1_macvtap: entered promiscuous mode [ 626.877303][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 626.888392][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 626.908479][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 626.921927][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 626.932448][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 626.943318][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 626.953656][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 626.964646][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 626.974906][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 626.985715][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.014020][ T8840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 627.214469][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.225336][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.235693][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.246678][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.256989][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.267911][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.278606][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.294852][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.308134][ T8840] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 627.319636][ T8840] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 627.335654][ T8840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 627.338520][ T5088] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 627.418672][ T5088] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 627.438763][ T5088] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 627.509326][ T5088] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 627.518524][ T8840] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.518778][ T8840] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.519003][ T8840] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.546607][ T8840] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 627.590716][ T5088] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 627.604862][ T5088] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 627.800792][ T9011] loop0: detected capacity change from 0 to 256 [ 627.899498][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 628.004541][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 628.068077][ T9015] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 628.589594][ T9021] netlink: 'syz-executor.2': attribute type 9 has an invalid length. [ 628.598227][ T9021] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 628.908069][ T9005] chnl_net:caif_netlink_parms(): no params data found [ 629.185575][ T29] audit: type=1800 audit(1718187577.211:219): pid=9027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1953 res=0 errno=0 [ 629.207557][ T29] audit: type=1804 audit(1718187577.231:220): pid=9027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3226229704/syzkaller.jJpq3s/61/bus" dev="sda1" ino=1953 res=1 errno=0 [ 629.692846][ T5088] Bluetooth: hci1: command tx timeout [ 630.216913][ T9041] loop0: detected capacity change from 0 to 256 [ 630.309734][ T9041] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x4323664b, utbl_chksum : 0xe619d30d) [ 630.500581][ T9005] bridge0: port 1(bridge_slave_0) entered blocking state [ 630.509223][ T9005] bridge0: port 1(bridge_slave_0) entered disabled state [ 630.517416][ T9005] bridge_slave_0: entered allmulticast mode [ 630.527373][ T9005] bridge_slave_0: entered promiscuous mode [ 630.559644][ T9005] bridge0: port 2(bridge_slave_1) entered blocking state [ 630.567829][ T9005] bridge0: port 2(bridge_slave_1) entered disabled state [ 630.579322][ T9005] bridge_slave_1: entered allmulticast mode [ 630.589465][ T9005] bridge_slave_1: entered promiscuous mode [ 630.841977][ T9005] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 630.975508][ T9005] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 631.232604][ T9050] loop1: detected capacity change from 0 to 256 [ 631.269468][ T9005] team0: Port device team_slave_0 added [ 631.349712][ T9005] team0: Port device team_slave_1 added [ 631.480806][ T9054] usb usb9: usbfs: process 9054 (syz-executor.0) did not claim interface 0 before use [ 631.672093][ T9005] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 631.679490][ T9005] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 631.718190][ T9005] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 631.774740][ T5088] Bluetooth: hci1: command tx timeout [ 631.826547][ T9005] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 631.835908][ T9005] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 631.864055][ T9005] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 631.882808][ T9056] loop0: detected capacity change from 0 to 512 [ 631.938760][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 631.946580][ T9056] UDF-fs: Scanning with blocksize 512 failed [ 632.003755][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 632.013830][ T9056] UDF-fs: Scanning with blocksize 1024 failed [ 632.043726][ T9056] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 632.051428][ T9056] UDF-fs: Scanning with blocksize 2048 failed [ 632.141764][ T9060] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 632.171557][ T9056] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 632.246669][ T9060] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 632.291983][ T9005] hsr_slave_0: entered promiscuous mode [ 632.306668][ T9060] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 632.334568][ T9005] hsr_slave_1: entered promiscuous mode [ 632.360993][ T9005] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 632.369108][ T9005] Cannot create hsr debugfs directory [ 632.376869][ T9056] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 633.169341][ T9068] loop2: detected capacity change from 0 to 64 [ 633.403107][ T9005] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.414177][ T9005] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 633.622648][ T9005] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.633629][ T9005] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 633.848759][ T9005] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.870955][ T9005] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 633.872425][ T5088] Bluetooth: hci1: command tx timeout [ 634.069506][ T9005] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 634.080443][ T9005] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 634.458626][ T9005] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 634.540378][ T9083] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 634.545775][ T9005] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 634.553893][ T5127] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 634.617817][ T9005] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 634.744175][ T9005] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 634.823922][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 634.832027][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.044237][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.053960][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.059247][ T5127] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 635.071906][ T5127] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 635.088836][ T5127] usb 3-1: too many endpoints for config 1 interface 1 altsetting 255: 255, using maximum allowed: 30 [ 635.102777][ T5127] usb 3-1: config 1 interface 1 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255 [ 635.116998][ T5127] usb 3-1: config 1 interface 1 has no altsetting 0 [ 635.313214][ T5127] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 635.323011][ T5127] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 635.331329][ T5127] usb 3-1: Product: syz [ 635.335977][ T5127] usb 3-1: Manufacturer: syz [ 635.340856][ T5127] usb 3-1: SerialNumber: syz [ 635.454889][ T9088] loop0: detected capacity change from 0 to 256 [ 635.775437][ T5127] usb 3-1: 0:2 : does not exist [ 635.932815][ T5088] Bluetooth: hci1: command tx timeout [ 635.937011][ T5127] usb 3-1: USB disconnect, device number 8 [ 636.270041][ T9005] 8021q: adding VLAN 0 to HW filter on device bond0 [ 636.489187][ T9005] 8021q: adding VLAN 0 to HW filter on device team0 [ 636.614354][ T5132] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 636.615028][ T9096] usb usb9: usbfs: process 9096 (syz-executor.3) did not claim interface 0 before use [ 636.709467][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 636.717398][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 636.740050][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 636.747917][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 636.906341][ T9097] loop3: detected capacity change from 0 to 512 [ 637.020284][ T9005] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 637.048266][ T5132] usb 2-1: Using ep0 maxpacket: 8 [ 637.070519][ T9101] loop0: detected capacity change from 0 to 64 [ 637.087804][ T9097] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 637.087915][ T9097] UDF-fs: Scanning with blocksize 512 failed [ 637.098204][ T9097] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 637.098309][ T9097] UDF-fs: Scanning with blocksize 1024 failed [ 637.107060][ T9097] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 637.107166][ T9097] UDF-fs: Scanning with blocksize 2048 failed [ 637.110343][ T9097] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 637.151144][ T9097] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 637.176150][ T5132] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 637.176348][ T5132] usb 2-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 637.176562][ T5132] usb 2-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 637.176736][ T5132] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 637.513189][ T5132] usb 2-1: string descriptor 0 read error: -71 [ 637.556918][ T5132] hub 2-1:32.0: USB hub found [ 637.725952][ T5132] hub 2-1:32.0: config failed, can't read hub descriptor (err -22) [ 637.941756][ T5132] usb 2-1: USB disconnect, device number 6 [ 638.135691][ T9105] loop0: detected capacity change from 0 to 512 [ 638.173468][ T9107] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 638.417236][ T9105] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 638.430801][ T9105] ext4 filesystem being mounted at /root/syzkaller-testdir3760219493/syzkaller.Olxv7t/175/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 638.554878][ T9105] overlayfs: missing 'lowerdir' [ 638.845515][ T6890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 639.191111][ T9005] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 639.358074][ T29] audit: type=1800 audit(1718187587.361:221): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1941 res=0 errno=0 [ 639.379943][ T29] audit: type=1804 audit(1718187587.361:222): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir804406278/syzkaller.YJLLTB/52/bus" dev="sda1" ino=1941 res=1 errno=0 [ 639.405180][ C1] vkms_vblank_simulate: vblank timer overrun [ 640.147899][ T9131] sd 0:0:1:0: PR command failed: 1026 [ 640.154548][ T9131] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 640.161832][ T9131] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 640.708588][ T9134] loop1: detected capacity change from 0 to 4096 [ 641.331434][ T9134] ntfs3: loop1: ino=3, ntfs_iget5 [ 641.338321][ T9134] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 641.339234][ T6965] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 641.647681][ T6965] usb 4-1: Using ep0 maxpacket: 8 [ 641.679707][ T9151] loop0: detected capacity change from 0 to 512 [ 641.689983][ T9150] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 641.793206][ T6965] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 641.804935][ T6965] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 641.815411][ T6965] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 641.825633][ T6965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 641.956236][ T9151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 641.970001][ T9151] ext4 filesystem being mounted at /root/syzkaller-testdir3760219493/syzkaller.Olxv7t/179/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 642.026119][ T9005] veth0_vlan: entered promiscuous mode [ 642.198731][ T9005] veth1_vlan: entered promiscuous mode [ 642.204015][ T6965] usb 4-1: string descriptor 0 read error: -71 [ 642.211862][ T6965] hub 4-1:32.0: USB hub found [ 642.265865][ T9151] overlayfs: missing 'lowerdir' [ 642.330654][ T6965] hub 4-1:32.0: config failed, can't read hub descriptor (err -22) [ 642.521465][ T6965] usb 4-1: USB disconnect, device number 7 [ 642.583633][ T9005] veth0_macvtap: entered promiscuous mode [ 642.670098][ T6890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 642.725971][ T9005] veth1_macvtap: entered promiscuous mode [ 642.996325][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.008034][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.018691][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.029553][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.053038][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.065099][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.080236][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.092580][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.109204][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.120114][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.130457][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 643.147205][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.163758][ T9005] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 643.383903][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.394835][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.405099][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.416031][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.426911][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.437752][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.448086][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.459132][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.469294][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.485502][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.498596][ T9005] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 643.509526][ T9005] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 643.529886][ T9005] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 643.948586][ T9005] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.957872][ T9005] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.967519][ T9005] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 643.976771][ T9005] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 644.360752][ T9171] dccp_close: ABORT with 32 bytes unread [ 645.091525][ T9183] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 645.187525][ T9180] loop1: detected capacity change from 0 to 4096 [ 645.293773][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 645.920658][ T9180] ntfs3: loop1: ino=3, ntfs_iget5 [ 645.926254][ T9180] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 646.753050][ T6965] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 646.966278][ T29] audit: type=1326 audit(1718187595.001:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.038862][ T29] audit: type=1326 audit(1718187595.101:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.053634][ T6965] usb 1-1: Using ep0 maxpacket: 8 [ 647.068680][ T29] audit: type=1326 audit(1718187595.101:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.068953][ T29] audit: type=1326 audit(1718187595.111:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.069206][ T29] audit: type=1326 audit(1718187595.111:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.069460][ T29] audit: type=1326 audit(1718187595.121:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.069715][ T29] audit: type=1326 audit(1718187595.121:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.196680][ T29] audit: type=1326 audit(1718187595.121:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.223031][ T29] audit: type=1326 audit(1718187595.121:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.246392][ T29] audit: type=1326 audit(1718187595.131:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9202 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7475579 code=0x7ffc0000 [ 647.309969][ T6965] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 647.321681][ T6965] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0 [ 647.332342][ T6965] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7 [ 647.341920][ T6965] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 647.673819][ T6965] usb 1-1: string descriptor 0 read error: -71 [ 647.692000][ T6965] hub 1-1:32.0: USB hub found [ 647.795422][ T6965] hub 1-1:32.0: config failed, can't read hub descriptor (err -22) [ 647.969579][ T6965] usb 1-1: USB disconnect, device number 11 [ 648.391478][ T9215] dccp_close: ABORT with 32 bytes unread [ 648.883292][ T9224] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 649.523719][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 650.174279][ T9237] loop2: detected capacity change from 0 to 4096 [ 650.323080][ T9248] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.1'. [ 650.833143][ T9237] ntfs3: loop2: ino=3, ntfs_iget5 [ 650.838642][ T9237] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 651.577503][ T3912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.586513][ T3912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 651.790930][ T3912] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 651.799844][ T3912] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 651.892529][ T10] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 652.144671][ T10] usb 1-1: Using ep0 maxpacket: 8 [ 652.353013][ T10] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 652.360993][ T10] usb 1-1: can't read configurations, error -71 [ 653.419259][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 653.899993][ T9273] loop2: detected capacity change from 0 to 512 [ 654.352526][ T1216] ieee802154 phy0 wpan0: encryption failed: -22 [ 654.359541][ T1216] ieee802154 phy1 wpan1: encryption failed: -22 [ 654.394753][ T9273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 654.409460][ T9273] ext4 filesystem being mounted at /root/syzkaller-testdir804406278/syzkaller.YJLLTB/67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 654.660596][ T9283] netlink: 144 bytes leftover after parsing attributes in process `syz-executor.3'. [ 656.245951][ T8178] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 656.610865][ T9292] loop0: detected capacity change from 0 to 4096 [ 657.139095][ T9292] ntfs3: loop0: ino=3, ntfs_iget5 [ 657.145286][ T9292] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 657.488116][ T6965] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 657.972649][ T6965] usb 4-1: device not accepting address 8, error -71 [ 658.435225][ T0] NOHZ tick-stop error: local softirq work is pending, handler #2c2!!! [ 659.105532][ T9318] loop0: detected capacity change from 0 to 2048 [ 659.214574][ T9318] EXT4-fs: Ignoring removed nomblk_io_submit option [ 659.224618][ T9318] EXT4-fs: Ignoring removed nomblk_io_submit option [ 659.326212][ T9318] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 659.340963][ T9324] loop4: detected capacity change from 0 to 512 [ 659.581641][ T9329] loop2: detected capacity change from 0 to 256 [ 659.889117][ T9324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 659.902853][ T9324] ext4 filesystem being mounted at /root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 660.090241][ T9329] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 660.734394][ T9327] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 2: invalid block bitmap [ 661.453591][ T5076] Bluetooth: hci0: command 0x0406 tx timeout [ 662.009999][ T9005] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 662.680434][ T9348] loop2: detected capacity change from 0 to 4096 [ 663.261705][ T9348] ntfs3: loop2: ino=3, ntfs_iget5 [ 663.267820][ T9348] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 664.429146][ T5088] Bluetooth: hci5: unexpected cc 0x0402 length: 65 > 1 [ 666.806757][ T9392] loop2: detected capacity change from 0 to 4096 [ 667.177235][ T9392] ntfs3: loop2: ino=3, ntfs_iget5 [ 667.183023][ T9392] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 667.937762][ T29] kauditd_printk_skb: 31 callbacks suppressed [ 667.937846][ T29] audit: type=1326 audit(1718187616.031:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9408 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741d579 code=0x0 [ 668.007991][ T5088] Bluetooth: hci0: unexpected cc 0x0402 length: 65 > 1 [ 668.015564][ T5088] Bluetooth: hci0: unexpected event for opcode 0x0402 [ 668.497987][ T5088] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 668.506955][ T5088] Bluetooth: hci5: Injecting HCI hardware error event [ 668.514800][ T5076] Bluetooth: hci5: hardware error 0x00 [ 670.578753][ T5076] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 671.484018][ T29] audit: type=1326 audit(1718187619.541:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9456 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741d579 code=0x0 [ 672.093260][ T5076] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 672.102128][ T5076] Bluetooth: hci0: Injecting HCI hardware error event [ 672.110724][ T5088] Bluetooth: hci0: hardware error 0x00 [ 672.944742][ T5076] Bluetooth: hci2: unexpected cc 0x0402 length: 65 > 1 [ 674.158413][ T9495] loop2: detected capacity change from 0 to 2048 [ 674.172774][ T5088] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 674.355408][ T9495] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 674.368631][ T9495] ext4 filesystem being mounted at /root/syzkaller-testdir804406278/syzkaller.YJLLTB/81/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 674.536097][ T29] audit: type=1326 audit(1718187622.601:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9505 comm="syz-executor.4" exe="/root/syz-executor.4" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf747b579 code=0x0 [ 674.657296][ T9495] syz-executor.2 (9495) used greatest stack depth: 4568 bytes left [ 674.984448][ T8178] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 675.135633][ T5088] Bluetooth: hci2: unexpected cc 0x0402 length: 65 > 1 [ 676.974476][ T5088] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 676.984023][ T5088] Bluetooth: hci2: Injecting HCI hardware error event [ 676.992849][ T5088] Bluetooth: hci2: hardware error 0x00 [ 677.212356][ T9543] team0: entered promiscuous mode [ 677.217696][ T9543] team_slave_0: entered promiscuous mode [ 677.224876][ T9543] team_slave_1: entered promiscuous mode [ 677.323750][ T9540] team0: left promiscuous mode [ 677.332953][ T9540] team_slave_0: left promiscuous mode [ 677.339552][ T9540] team_slave_1: left promiscuous mode [ 677.442587][ T29] audit: type=1326 audit(1718187625.481:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.466165][ T29] audit: type=1326 audit(1718187625.481:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.494930][ T29] audit: type=1326 audit(1718187625.501:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=70 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.519744][ T29] audit: type=1326 audit(1718187625.501:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.542863][ T29] audit: type=1326 audit(1718187625.501:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.565872][ T29] audit: type=1326 audit(1718187625.521:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=395 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.594688][ T29] audit: type=1326 audit(1718187625.521:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.619467][ T29] audit: type=1326 audit(1718187625.521:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9544 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x7ffc0000 [ 677.645918][ T29] audit: type=1326 audit(1718187625.521:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9546 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf748b579 code=0x0 [ 679.054967][ T5088] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 679.598309][ T9578] team0: entered promiscuous mode [ 679.604020][ T9578] team_slave_0: entered promiscuous mode [ 679.610935][ T9578] team_slave_1: entered promiscuous mode [ 679.694261][ T9577] team0: left promiscuous mode [ 679.699323][ T9577] team_slave_0: left promiscuous mode [ 679.707715][ T9577] team_slave_1: left promiscuous mode [ 680.124575][ T29] kauditd_printk_skb: 70 callbacks suppressed [ 680.124656][ T29] audit: type=1326 audit(1718187628.221:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9582 comm="syz-executor.0" exe="/root/syz-executor.0" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf741d579 code=0x0 [ 680.585290][ T9591] Illegal XDP return value 4294967274 on prog (id 191) dev N/A, expect packet loss! [ 681.130288][ T9597] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 681.772700][ T9610] tmpfs: Bad value for 'size' [ 682.631571][ T9620] loop1: detected capacity change from 0 to 1024 [ 682.876541][ T9620] loop1: detected capacity change from 0 to 512 [ 682.979127][ T9628] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 683.873562][ T9640] tmpfs: Bad value for 'size' [ 685.007932][ T59] bridge_slave_1: left allmulticast mode [ 685.014341][ T59] bridge_slave_1: left promiscuous mode [ 685.021203][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.124147][ T59] bridge_slave_0: left allmulticast mode [ 685.130086][ T59] bridge_slave_0: left promiscuous mode [ 685.137841][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 685.229571][ T29] audit: type=1326 audit(1718187633.241:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9659 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x0 [ 686.173318][ T9671] input: syz0 as /devices/virtual/input/input9 [ 686.199815][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 686.263138][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 686.302104][ T59] bond0 (unregistering): Released all slaves [ 687.595627][ T59] hsr_slave_0: left promiscuous mode [ 687.683060][ T59] hsr_slave_1: left promiscuous mode [ 687.734103][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 687.741937][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 687.807602][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 687.815979][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 687.933703][ T59] veth1_macvtap: left promiscuous mode [ 687.939628][ T59] veth0_macvtap: left promiscuous mode [ 687.945715][ T59] veth1_vlan: left promiscuous mode [ 687.951319][ T59] veth0_vlan: left promiscuous mode [ 689.223601][ T5076] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 689.235939][ T5076] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 689.246025][ T5076] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 689.269148][ T5076] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 689.445436][ T5076] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 689.464051][ T5076] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 689.536343][ T59] team0 (unregistering): Port device team_slave_1 removed [ 689.621847][ T59] team0 (unregistering): Port device team_slave_0 removed [ 689.748388][ T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 690.012570][ T10] usb 1-1: Using ep0 maxpacket: 16 [ 690.229082][ T10] usb 1-1: config 0 has no interfaces? [ 690.453509][ T10] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 690.463270][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 690.471630][ T10] usb 1-1: Product: syz [ 690.477087][ T10] usb 1-1: Manufacturer: syz [ 690.487319][ T10] usb 1-1: SerialNumber: syz [ 690.565068][ T10] usb 1-1: config 0 descriptor?? [ 690.965503][ T10] usb 1-1: USB disconnect, device number 14 [ 691.555703][ T5076] Bluetooth: hci3: command tx timeout [ 692.258925][ T9697] chnl_net:caif_netlink_parms(): no params data found [ 692.333899][ T9722] netlink: 1148 bytes leftover after parsing attributes in process `syz-executor.0'. [ 693.617579][ T5076] Bluetooth: hci3: command 0x041b tx timeout [ 694.326776][ T9697] bridge0: port 1(bridge_slave_0) entered blocking state [ 694.334907][ T9697] bridge0: port 1(bridge_slave_0) entered disabled state [ 694.342998][ T9697] bridge_slave_0: entered allmulticast mode [ 694.353057][ T9697] bridge_slave_0: entered promiscuous mode [ 694.495823][ T9697] bridge0: port 2(bridge_slave_1) entered blocking state [ 694.504015][ T9697] bridge0: port 2(bridge_slave_1) entered disabled state [ 694.512057][ T9697] bridge_slave_1: entered allmulticast mode [ 694.522433][ T9697] bridge_slave_1: entered promiscuous mode [ 694.532506][ T10] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 694.570000][ T9742] loop4: detected capacity change from 0 to 2048 [ 694.814265][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 694.833034][ T10] usb 2-1: Using ep0 maxpacket: 16 [ 694.902568][ T9697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 694.915193][ T9742] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 694.928017][ T9742] ext4 filesystem being mounted at /root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 694.998418][ T9697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 695.009332][ T10] usb 2-1: config 0 has no interfaces? [ 695.069348][ T9742] fs-verity: sha256 using implementation "sha256-generic" [ 695.204022][ T10] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 695.217645][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 695.228018][ T10] usb 2-1: Product: syz [ 695.232671][ T10] usb 2-1: Manufacturer: syz [ 695.237561][ T10] usb 2-1: SerialNumber: syz [ 695.300737][ T9697] team0: Port device team_slave_0 added [ 695.328958][ T10] usb 2-1: config 0 descriptor?? [ 695.354301][ T9697] team0: Port device team_slave_1 added [ 695.587978][ T9697] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 695.595235][ T9697] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 695.625878][ T9697] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 695.692665][ T5088] Bluetooth: hci3: command 0x041b tx timeout [ 695.719807][ T9697] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 695.727352][ T9697] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 695.753754][ T9697] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 695.812909][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 695.871518][ T9756] netlink: 1148 bytes leftover after parsing attributes in process `syz-executor.0'. [ 696.016037][ T5132] usb 2-1: USB disconnect, device number 7 [ 696.205849][ T9697] hsr_slave_0: entered promiscuous mode [ 696.227426][ T9005] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.258765][ T9697] hsr_slave_1: entered promiscuous mode [ 697.201227][ T9763] loop1: detected capacity change from 0 to 512 [ 697.370132][ T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 697.392751][ T9763] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 697.476924][ T6890] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 697.522345][ T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 697.715763][ T9763] EXT4-fs (loop1): 1 truncate cleaned up [ 697.721714][ T9763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 697.758737][ T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 697.791523][ T5088] Bluetooth: hci3: command 0x041b tx timeout [ 698.040531][ T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 698.447953][ T59] bridge_slave_1: left allmulticast mode [ 698.454916][ T59] bridge_slave_1: left promiscuous mode [ 698.461850][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 698.525940][ T59] bridge_slave_0: left allmulticast mode [ 698.532008][ T59] bridge_slave_0: left promiscuous mode [ 698.541445][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 698.549713][ T8064] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 698.625271][ T59] bridge_slave_1: left allmulticast mode [ 698.631260][ T59] bridge_slave_1: left promiscuous mode [ 698.638235][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 698.665420][ T5076] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 698.691857][ T59] bridge_slave_0: left allmulticast mode [ 698.699891][ T59] bridge_slave_0: left promiscuous mode [ 698.706808][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 698.723471][ T5076] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 698.746802][ T5076] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 698.758984][ T29] audit: type=1804 audit(1718187646.831:348): pid=9770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir804406278/syzkaller.YJLLTB/104/file0" dev="sda1" ino=1945 res=1 errno=0 [ 698.789467][ T29] audit: type=1804 audit(1718187646.831:349): pid=9774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir804406278/syzkaller.YJLLTB/104/file0" dev="sda1" ino=1945 res=1 errno=0 [ 698.890205][ T5076] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 698.924909][ T5076] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 698.939489][ T5076] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 699.853574][ T5088] Bluetooth: hci3: command 0x041b tx timeout [ 700.120087][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 700.131323][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 700.168146][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 700.231165][ T9785] netlink: 1148 bytes leftover after parsing attributes in process `syz-executor.1'. [ 700.294724][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 700.356017][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 700.423194][ T59] bond0 (unregistering): Released all slaves [ 700.469350][ T9782] loop2: detected capacity change from 0 to 2048 [ 700.522495][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 700.572868][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 700.654921][ T9782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 700.668930][ T9782] ext4 filesystem being mounted at /root/syzkaller-testdir804406278/syzkaller.YJLLTB/105/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 700.698815][ T59] bond0 (unregistering): Released all slaves [ 700.755777][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 701.215336][ T5088] Bluetooth: hci5: command tx timeout [ 701.322132][ T59] tipc: Left network mode [ 702.038880][ T9799] loop4: detected capacity change from 0 to 512 [ 702.077702][ T9799] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 702.146683][ T8178] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.228835][ T9799] EXT4-fs (loop4): 1 truncate cleaned up [ 702.235015][ T9799] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 702.637583][ T9697] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 702.736705][ T9005] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 702.947212][ T9697] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 703.064508][ T9697] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 703.223116][ T9697] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 703.292800][ T5088] Bluetooth: hci5: command tx timeout [ 703.376418][ T59] hsr_slave_0: left promiscuous mode [ 703.437354][ T59] hsr_slave_1: left promiscuous mode [ 703.524506][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 703.532535][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 703.598705][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 703.606738][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 703.742458][ T59] hsr_slave_0: left promiscuous mode [ 703.865938][ T59] hsr_slave_1: left promiscuous mode [ 703.883341][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 703.886808][ T9815] netlink: 1148 bytes leftover after parsing attributes in process `syz-executor.2'. [ 703.891304][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 703.973180][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 703.981000][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 704.122923][ T59] veth1_macvtap: left promiscuous mode [ 704.128725][ T59] veth0_macvtap: left promiscuous mode [ 704.135144][ T59] veth1_vlan: left promiscuous mode [ 704.140756][ T59] veth0_vlan: left promiscuous mode [ 704.165974][ T59] veth1_macvtap: left promiscuous mode [ 704.171997][ T59] veth0_macvtap: left promiscuous mode [ 704.178312][ T59] veth1_vlan: left promiscuous mode [ 704.184120][ T59] veth0_vlan: left promiscuous mode [ 705.161238][ T9819] loop4: detected capacity change from 0 to 2048 [ 705.374155][ T5088] Bluetooth: hci5: command tx timeout [ 705.476104][ T9819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 705.489077][ T9819] ext4 filesystem being mounted at /root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 705.748429][ T59] team0 (unregistering): Port device team_slave_1 removed [ 705.823381][ T59] team0 (unregistering): Port device team_slave_0 removed [ 706.088653][ T9829] loop1: detected capacity change from 0 to 512 [ 706.205337][ T9829] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 706.401366][ T9829] EXT4-fs (loop1): 1 truncate cleaned up [ 706.408013][ T9829] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 706.801296][ T59] team0 (unregistering): Port device team_slave_1 removed [ 706.919140][ T59] team0 (unregistering): Port device team_slave_0 removed [ 707.019630][ T9005] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 707.453177][ T5088] Bluetooth: hci5: command tx timeout [ 707.577288][ T8064] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 708.124462][ T9775] chnl_net:caif_netlink_parms(): no params data found [ 708.691000][ T9697] 8021q: adding VLAN 0 to HW filter on device bond0 [ 709.024580][ T9697] 8021q: adding VLAN 0 to HW filter on device team0 [ 709.129754][ T781] bridge0: port 1(bridge_slave_0) entered blocking state [ 709.137739][ T781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 709.254767][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 709.262728][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 709.598357][ T9697] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 709.611145][ T9697] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 710.428649][ T9775] bridge0: port 1(bridge_slave_0) entered blocking state [ 710.439650][ T9775] bridge0: port 1(bridge_slave_0) entered disabled state [ 710.457071][ T9775] bridge_slave_0: entered allmulticast mode [ 710.468716][ T9775] bridge_slave_0: entered promiscuous mode [ 710.600631][ T9775] bridge0: port 2(bridge_slave_1) entered blocking state [ 710.608931][ T9775] bridge0: port 2(bridge_slave_1) entered disabled state [ 710.619375][ T9775] bridge_slave_1: entered allmulticast mode [ 710.629077][ T9775] bridge_slave_1: entered promiscuous mode [ 710.821761][ T9775] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 710.936379][ T9775] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 711.324609][ T9775] team0: Port device team_slave_0 added [ 711.398683][ T9775] team0: Port device team_slave_1 added [ 711.825602][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 711.832962][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 711.859723][ T9775] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 711.936471][ T9866] loop4: detected capacity change from 0 to 4096 [ 711.981361][ T9866] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 712.011912][ T9775] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 712.019445][ T9775] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 712.046181][ T9775] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 712.204841][ T9697] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 712.678291][ T9775] hsr_slave_0: entered promiscuous mode [ 712.756292][ T9775] hsr_slave_1: entered promiscuous mode [ 712.792418][ T9775] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 712.800259][ T9775] Cannot create hsr debugfs directory [ 713.495185][ T9697] veth0_vlan: entered promiscuous mode [ 713.614355][ T9697] veth1_vlan: entered promiscuous mode [ 714.285650][ T9775] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 714.585655][ T9775] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 714.691065][ T9697] veth0_macvtap: entered promiscuous mode [ 714.816891][ T9775] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 714.898572][ T9697] veth1_macvtap: entered promiscuous mode [ 715.038527][ T9775] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 715.266608][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 715.279559][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.289876][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 715.300954][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.311128][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 715.321929][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.332097][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 715.342982][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 715.359036][ T9697] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 715.433044][ T59] bridge_slave_1: left allmulticast mode [ 715.439111][ T59] bridge_slave_1: left promiscuous mode [ 715.448589][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.540529][ T59] bridge_slave_0: left allmulticast mode [ 715.546740][ T59] bridge_slave_0: left promiscuous mode [ 715.553639][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.716011][ T1216] ieee802154 phy0 wpan0: encryption failed: -22 [ 715.722944][ T1216] ieee802154 phy1 wpan1: encryption failed: -22 [ 716.364145][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 716.396673][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 716.427881][ T59] bond0 (unregistering): Released all slaves [ 716.587484][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 716.606184][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 716.618381][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 716.629204][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 716.639365][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 716.650177][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 716.661201][ T9697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 716.671977][ T9697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 716.688026][ T9697] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 716.708319][ T9901] loop2: detected capacity change from 0 to 4096 [ 716.774468][ T9901] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 717.033402][ T9697] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.042874][ T9697] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.051969][ T9697] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.061339][ T9697] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 717.131007][ T9775] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 717.232052][ T9775] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 717.505005][ T9775] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 717.723497][ T59] hsr_slave_0: left promiscuous mode [ 717.755451][ T59] hsr_slave_1: left promiscuous mode [ 717.798477][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 717.806880][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 717.856028][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 717.864179][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 717.917589][ T59] veth1_macvtap: left promiscuous mode [ 717.928463][ T59] veth0_macvtap: left promiscuous mode [ 717.934582][ T59] veth1_vlan: left promiscuous mode [ 717.940309][ T59] veth0_vlan: left promiscuous mode [ 718.970224][ T59] team0 (unregistering): Port device team_slave_1 removed [ 719.057350][ T59] team0 (unregistering): Port device team_slave_0 removed [ 719.489166][ T9775] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 720.093902][ T4504] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 720.499321][ T4504] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 720.510951][ T4504] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 720.521282][ T4504] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 720.530799][ T4504] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 720.603771][ T4504] usb 5-1: config 0 descriptor?? [ 721.186595][ T9775] 8021q: adding VLAN 0 to HW filter on device bond0 [ 721.206215][ T4504] sony 0003:054C:024B.0011: hiddev0,hidraw0: USB HID v0.00 Device [HID 054c:024b] on usb-dummy_hcd.4-1/input0 [ 721.221095][ T4504] sony 0003:054C:024B.0011: failed to claim input [ 721.379870][ T9775] 8021q: adding VLAN 0 to HW filter on device team0 [ 721.469774][ T4504] bridge0: port 1(bridge_slave_0) entered blocking state [ 721.477820][ T4504] bridge0: port 1(bridge_slave_0) entered forwarding state [ 721.593264][ T4504] bridge0: port 2(bridge_slave_1) entered blocking state [ 721.601065][ T4504] bridge0: port 2(bridge_slave_1) entered forwarding state [ 721.845561][ T9937] loop2: detected capacity change from 0 to 4096 [ 722.007952][ T9937] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 722.203573][ T9937] ntfs3: loop2: Failed to load $MFT (-2). [ 723.000428][ T4504] usb 5-1: USB disconnect, device number 8 [ 724.163247][ T9775] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 724.908776][ T9775] veth0_vlan: entered promiscuous mode [ 725.077470][ T9775] veth1_vlan: entered promiscuous mode [ 725.499772][ T9775] veth0_macvtap: entered promiscuous mode [ 725.598779][ T9775] veth1_macvtap: entered promiscuous mode [ 725.847851][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 725.858790][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 725.870929][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 725.881829][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 725.892069][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 725.903093][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 725.919518][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 725.930308][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 725.947652][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 726.087424][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.098469][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.110495][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.128448][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.140923][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.151723][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.161954][ T9775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 726.167958][ T9978] loop1: detected capacity change from 0 to 8 [ 726.172901][ T9775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 726.178946][ T9775] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 726.293423][ T9978] squashfs image failed sanity check [ 726.381986][ T9775] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.393108][ T9775] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.402366][ T9775] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.411462][ T9775] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 726.511253][ T9973] loop4: detected capacity change from 0 to 4096 [ 726.592736][ T9973] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 726.947999][ T3912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 726.956627][ T3912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.208922][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 727.219736][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.526569][ T4504] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 727.854908][ T9991] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 727.930357][ T9994] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 727.957347][ T4504] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 727.973819][ T4504] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 727.984294][ T4504] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 727.993838][ T4504] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 728.044181][ T4504] usb 3-1: config 0 descriptor?? [ 728.454187][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 728.640383][ T4504] sony 0003:054C:024B.0012: hiddev0,hidraw0: USB HID v0.00 Device [HID 054c:024b] on usb-dummy_hcd.2-1/input0 [ 728.653463][ T4504] sony 0003:054C:024B.0012: failed to claim input [ 729.203368][T10012] loop4: detected capacity change from 0 to 8 [ 729.260288][T10012] squashfs image failed sanity check [ 730.141363][T10016] loop3: detected capacity change from 0 to 4096 [ 730.180217][T10023] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 730.432865][ T6964] usb 3-1: USB disconnect, device number 9 [ 730.769394][T10016] ntfs3: loop3: failed to convert "0080" to cp860 [ 732.194369][ T29] audit: type=1800 audit(1718187680.211:350): pid=10044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1955 res=0 errno=0 [ 732.725162][T10052] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 733.162441][ T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 733.525568][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 733.534278][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 733.576565][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 733.588381][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 733.603207][ T10] usb 5-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 733.614042][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 733.702384][ T10] usb 5-1: config 0 descriptor?? [ 733.829011][ T3146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 733.837682][ T3146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 734.070743][T10067] Zero length message leads to an empty skb [ 734.220559][ T10] sony 0003:054C:024B.0013: hiddev0,hidraw0: USB HID v0.00 Device [HID 054c:024b] on usb-dummy_hcd.4-1/input0 [ 734.233909][ T10] sony 0003:054C:024B.0013: failed to claim input [ 734.754791][ T29] audit: type=1800 audit(1718187682.791:351): pid=10078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1967 res=0 errno=0 [ 735.336735][T10086] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.3'. [ 736.070982][T10095] loop3: detected capacity change from 0 to 1024 [ 736.170563][ T6964] usb 5-1: USB disconnect, device number 9 [ 736.250210][T10095] hfsplus: bad catalog entry type [ 736.569767][ T3204] hfsplus: b-tree write err: -5, ino 4 [ 737.845907][T10118] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. [ 738.687736][T10128] loop2: detected capacity change from 0 to 1024 [ 738.848043][T10128] hfsplus: bad catalog entry type [ 738.986777][ T29] audit: type=1800 audit(1718187687.001:352): pid=10136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1956 res=0 errno=0 [ 739.025788][ T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 739.099777][ T3204] hfsplus: b-tree write err: -5, ino 4 [ 739.463202][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 739.474933][ T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 739.485382][ T10] usb 1-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 739.495036][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 739.554687][ T10] usb 1-1: config 0 descriptor?? [ 740.069327][ T29] audit: type=1326 audit(1718187688.131:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10146 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf747b579 code=0x0 [ 740.206157][ T29] audit: type=1800 audit(1718187688.251:354): pid=10147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 740.227791][ T29] audit: type=1800 audit(1718187688.261:355): pid=10147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 740.273272][ T10] sony 0003:054C:024B.0014: hiddev0,hidraw0: USB HID v0.00 Device [HID 054c:024b] on usb-dummy_hcd.0-1/input0 [ 740.285626][ T10] sony 0003:054C:024B.0014: failed to claim input [ 741.445165][T10163] loop4: detected capacity change from 0 to 1024 [ 741.551370][T10163] hfsplus: bad catalog entry type [ 741.838254][ T9911] hfsplus: b-tree write err: -5, ino 4 [ 741.940294][ T5127] usb 1-1: USB disconnect, device number 15 [ 742.536849][T10177] macvlan2: entered promiscuous mode [ 742.542807][T10177] vlan1: entered promiscuous mode [ 742.550358][T10177] macvlan2: entered allmulticast mode [ 742.556132][T10177] vlan1: entered allmulticast mode [ 742.561513][T10177] veth0_vlan: entered allmulticast mode [ 742.576026][T10177] team0: Device macvlan2 is up. Set it down before adding it as a team port [ 742.631342][T10177] vlan1: left allmulticast mode [ 742.636795][T10177] veth0_vlan: left allmulticast mode [ 742.642677][T10177] vlan1: left promiscuous mode [ 743.209010][T10188] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 743.225370][T10188] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 743.864568][T10196] loop1: detected capacity change from 0 to 1024 [ 744.079509][T10196] hfsplus: bad catalog entry type [ 744.233044][ T3204] hfsplus: b-tree write err: -5, ino 4 [ 744.233116][ T5127] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 744.642870][ T5127] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 744.658251][ T5127] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 744.669631][ T5127] usb 3-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00 [ 744.679347][ T5127] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 744.744656][ T5127] usb 3-1: config 0 descriptor?? [ 745.026549][T10211] loop3: detected capacity change from 0 to 8 [ 745.111987][T10211] Major/Minor mismatch, trying to mount newer 256.0 filesystem [ 745.120585][T10211] Please update your kernel [ 745.122091][T10215] loop4: detected capacity change from 0 to 164 [ 745.226403][T10215] ALSA: mixer_oss: invalid OSS volume '0000007f,map=normal,map=acorn,o' [ 745.316178][ T5127] sony 0003:054C:024B.0015: hiddev0,hidraw0: USB HID v0.00 Device [HID 054c:024b] on usb-dummy_hcd.2-1/input0 [ 745.329502][ T5127] sony 0003:054C:024B.0015: failed to claim input [ 745.808562][T10222] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 745.817640][T10222] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 746.306395][T10227] loop1: detected capacity change from 0 to 1024 [ 746.376687][T10227] hfsplus: bad catalog entry type [ 746.567642][T10231] sp0: Synchronizing with TNC [ 746.581115][ T3146] hfsplus: b-tree write err: -5, ino 4 [ 746.950462][T10225] loop0: detected capacity change from 0 to 8192 [ 747.148752][ T5127] usb 3-1: USB disconnect, device number 10 [ 747.562740][ T29] audit: type=1800 audit(1718187695.591:356): pid=10225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1048667 res=0 errno=0 [ 747.585135][ T29] audit: type=1800 audit(1718187695.621:357): pid=10225 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1048667 res=0 errno=0 [ 747.679318][T10241] loop1: detected capacity change from 0 to 164 [ 747.751177][T10242] loop4: detected capacity change from 0 to 256 [ 747.850568][T10241] ALSA: mixer_oss: invalid OSS volume '0000007f,map=normal,map=acorn,o' [ 748.020517][T10242] FAT-fs (loop4): Directory bread(block 64) failed [ 748.032573][T10242] FAT-fs (loop4): Directory bread(block 65) failed [ 748.039592][T10242] FAT-fs (loop4): Directory bread(block 66) failed [ 748.048019][T10242] FAT-fs (loop4): Directory bread(block 67) failed [ 748.055178][T10242] FAT-fs (loop4): Directory bread(block 68) failed [ 748.062000][T10242] FAT-fs (loop4): Directory bread(block 69) failed [ 748.069153][T10242] FAT-fs (loop4): Directory bread(block 70) failed [ 748.076112][T10242] FAT-fs (loop4): Directory bread(block 71) failed [ 748.083204][T10242] FAT-fs (loop4): Directory bread(block 72) failed [ 748.090059][T10242] FAT-fs (loop4): Directory bread(block 73) failed [ 748.639060][T10252] loop1: detected capacity change from 0 to 8 [ 748.743482][T10252] Major/Minor mismatch, trying to mount newer 256.0 filesystem [ 748.755884][T10252] Please update your kernel [ 748.806321][T10256] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 748.816092][T10256] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 748.874624][T10257] sp0: Synchronizing with TNC [ 749.833112][ T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 750.122715][ T10] usb 3-1: Using ep0 maxpacket: 32 [ 750.249446][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 750.261585][ T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 750.273428][ T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 750.288641][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 750.324776][ T10] usb 3-1: config 0 descriptor?? [ 750.343983][T10264] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 750.365750][ T10] hub 3-1:0.0: USB hub found [ 750.564510][T10278] loop1: detected capacity change from 0 to 256 [ 750.596985][T10271] loop3: detected capacity change from 0 to 8192 [ 750.642985][ T10] hub 3-1:0.0: 2 ports detected [ 750.754254][T10282] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 750.762846][T10282] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 750.777639][T10278] FAT-fs (loop1): Directory bread(block 64) failed [ 750.784848][T10278] FAT-fs (loop1): Directory bread(block 65) failed [ 750.791967][T10278] FAT-fs (loop1): Directory bread(block 66) failed [ 750.803777][T10278] FAT-fs (loop1): Directory bread(block 67) failed [ 750.810796][T10278] FAT-fs (loop1): Directory bread(block 68) failed [ 750.819041][T10278] FAT-fs (loop1): Directory bread(block 69) failed [ 750.826263][T10278] FAT-fs (loop1): Directory bread(block 70) failed [ 750.833228][T10278] FAT-fs (loop1): Directory bread(block 71) failed [ 750.840211][T10278] FAT-fs (loop1): Directory bread(block 72) failed [ 750.847260][T10278] FAT-fs (loop1): Directory bread(block 73) failed [ 751.295427][T10284] sp0: Synchronizing with TNC [ 751.382945][ T29] audit: type=1800 audit(1718187699.431:358): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1048670 res=0 errno=0 [ 751.405678][ T29] audit: type=1800 audit(1718187699.441:359): pid=10271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1048670 res=0 errno=0 [ 752.918542][ T781] usb 3-1: USB disconnect, device number 11 [ 753.133916][T10306] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 753.142511][T10306] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 753.183446][ T4504] usb 3-1-port2: config error [ 753.281733][T10308] loop1: detected capacity change from 0 to 256 [ 753.614835][ T5076] Bluetooth: hci1: command 0x0406 tx timeout [ 753.709849][T10308] FAT-fs (loop1): Directory bread(block 64) failed [ 753.717229][T10308] FAT-fs (loop1): Directory bread(block 65) failed [ 753.724594][T10308] FAT-fs (loop1): Directory bread(block 66) failed [ 753.731427][T10308] FAT-fs (loop1): Directory bread(block 67) failed [ 753.738566][T10308] FAT-fs (loop1): Directory bread(block 68) failed [ 753.745507][T10308] FAT-fs (loop1): Directory bread(block 69) failed [ 753.752655][T10308] FAT-fs (loop1): Directory bread(block 70) failed [ 753.759462][T10308] FAT-fs (loop1): Directory bread(block 71) failed [ 753.771466][T10308] FAT-fs (loop1): Directory bread(block 72) failed [ 753.779803][T10308] FAT-fs (loop1): Directory bread(block 73) failed [ 754.757428][T10328] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 754.781984][T10315] loop0: detected capacity change from 0 to 8192 [ 755.367668][ T29] audit: type=1800 audit(1718187703.381:360): pid=10315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1048673 res=0 errno=0 [ 755.390485][ T29] audit: type=1800 audit(1718187703.401:361): pid=10315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=1048673 res=0 errno=0 [ 756.293866][ T5127] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 756.344287][T10347] loop4: detected capacity change from 0 to 256 [ 756.525676][T10349] loop0: detected capacity change from 0 to 512 [ 756.568324][T10349] EXT4-fs: Ignoring removed nobh option [ 756.582849][ T5127] usb 4-1: Using ep0 maxpacket: 32 [ 756.615522][T10347] FAT-fs (loop4): Directory bread(block 64) failed [ 756.622739][T10347] FAT-fs (loop4): Directory bread(block 65) failed [ 756.637130][T10347] FAT-fs (loop4): Directory bread(block 66) failed [ 756.646155][T10347] FAT-fs (loop4): Directory bread(block 67) failed [ 756.656438][T10347] FAT-fs (loop4): Directory bread(block 68) failed [ 756.664624][T10347] FAT-fs (loop4): Directory bread(block 69) failed [ 756.671819][T10347] FAT-fs (loop4): Directory bread(block 70) failed [ 756.678905][T10347] FAT-fs (loop4): Directory bread(block 71) failed [ 756.686116][T10347] FAT-fs (loop4): Directory bread(block 72) failed [ 756.693129][T10347] FAT-fs (loop4): Directory bread(block 73) failed [ 756.710554][T10349] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 756.763832][ T5127] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 756.775703][ T5127] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 756.787495][ T5127] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 756.797192][ T5127] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 756.853403][ T5127] usb 4-1: config 0 descriptor?? [ 756.874602][T10341] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 756.961031][ T5127] hub 4-1:0.0: USB hub found [ 757.110475][ T9775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 757.237178][T10360] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 757.296053][ T5127] hub 4-1:0.0: 2 ports detected [ 759.037050][T10387] loop1: detected capacity change from 0 to 256 [ 759.040104][T10386] loop2: detected capacity change from 0 to 512 [ 759.074659][T10386] EXT4-fs: Ignoring removed nobh option [ 759.138955][T10386] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 759.337903][T10392] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 759.366060][T10387] FAT-fs (loop1): Directory bread(block 64) failed [ 759.373803][T10387] FAT-fs (loop1): Directory bread(block 65) failed [ 759.381349][T10387] FAT-fs (loop1): Directory bread(block 66) failed [ 759.388474][T10387] FAT-fs (loop1): Directory bread(block 67) failed [ 759.400543][T10387] FAT-fs (loop1): Directory bread(block 68) failed [ 759.408765][T10387] FAT-fs (loop1): Directory bread(block 69) failed [ 759.416601][T10387] FAT-fs (loop1): Directory bread(block 70) failed [ 759.423632][T10387] FAT-fs (loop1): Directory bread(block 71) failed [ 759.430662][T10387] FAT-fs (loop1): Directory bread(block 72) failed [ 759.438010][T10387] FAT-fs (loop1): Directory bread(block 73) failed [ 759.543653][ T6962] usb 4-1: USB disconnect, device number 11 [ 759.654145][ T8178] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 759.818505][ T5127] usb 4-1-port2: config error [ 760.616993][T10405] loop0: detected capacity change from 0 to 256 [ 760.717881][T10405] exFAT-fs (loop0): bogus sector size bits : 0 [ 760.725836][T10405] exFAT-fs (loop0): failed to read boot sector [ 760.739631][T10405] exFAT-fs (loop0): failed to recognize exfat type [ 762.014666][T10425] loop4: detected capacity change from 0 to 1764 [ 762.298459][T10434] loop1: detected capacity change from 0 to 256 [ 763.381255][T10441] loop0: detected capacity change from 0 to 256 [ 763.479277][T10441] exFAT-fs (loop0): bogus sector size bits : 0 [ 763.486093][T10441] exFAT-fs (loop0): failed to read boot sector [ 763.499133][T10441] exFAT-fs (loop0): failed to recognize exfat type [ 764.566215][ T5083] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 764.582103][ T5083] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 764.603777][ T5083] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 764.631346][ T5083] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 764.656873][ T5083] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 764.709171][ T5083] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 765.582036][T10471] loop0: detected capacity change from 0 to 256 [ 765.821736][ T3204] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 765.909576][T10473] loop1: detected capacity change from 0 to 1764 [ 766.120431][ T3204] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.135261][T10478] loop4: detected capacity change from 0 to 256 [ 766.170309][T10478] exFAT-fs (loop4): bogus sector size bits : 0 [ 766.177240][T10478] exFAT-fs (loop4): failed to read boot sector [ 766.183817][T10478] exFAT-fs (loop4): failed to recognize exfat type [ 766.288643][ T3204] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.481213][ T3204] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.842606][T10428] Bluetooth: hci4: command tx timeout [ 766.889155][ T3204] bridge_slave_1: left allmulticast mode [ 766.902527][ T3204] bridge_slave_1: left promiscuous mode [ 766.909663][ T3204] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.937781][ T3204] bridge_slave_0: left allmulticast mode [ 766.946468][ T3204] bridge_slave_0: left promiscuous mode [ 766.953458][ T3204] bridge0: port 1(bridge_slave_0) entered disabled state [ 767.799811][ T3204] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 767.856762][ T3204] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 767.918192][ T3204] bond0 (unregistering): Released all slaves [ 768.061312][T10461] chnl_net:caif_netlink_parms(): no params data found [ 768.596751][T10505] loop0: detected capacity change from 0 to 256 [ 768.630105][T10506] loop4: detected capacity change from 0 to 256 [ 768.664303][T10506] exFAT-fs (loop4): bogus sector size bits : 0 [ 768.670859][T10506] exFAT-fs (loop4): failed to read boot sector [ 768.678764][T10506] exFAT-fs (loop4): failed to recognize exfat type [ 768.892511][ T5088] Bluetooth: hci4: command tx timeout [ 768.961444][ T3204] hsr_slave_0: left promiscuous mode [ 769.038256][ T3204] hsr_slave_1: left promiscuous mode [ 769.092721][ T3204] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 769.100519][ T3204] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 769.194469][ T3204] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 769.202564][ T3204] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 769.288253][ T3204] veth1_macvtap: left promiscuous mode [ 769.294317][ T3204] veth0_macvtap: left promiscuous mode [ 769.300266][ T3204] veth1_vlan: left promiscuous mode [ 769.306438][ T3204] veth0_vlan: left promiscuous mode [ 769.994634][ T5127] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 770.437679][ T3204] team0 (unregistering): Port device team_slave_1 removed [ 770.520513][ T3204] team0 (unregistering): Port device team_slave_0 removed [ 770.943492][ T5127] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 770.956354][ T5127] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 770.967574][ T5127] usb 5-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 770.979880][ T5127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 770.989678][T10511] netlink: 'syz-executor.3': attribute type 7 has an invalid length. [ 771.013449][ T5088] Bluetooth: hci4: command 0x040f tx timeout [ 771.032015][ T5127] usb 5-1: config 0 descriptor?? [ 771.664184][T10461] bridge0: port 1(bridge_slave_0) entered blocking state [ 771.672049][T10461] bridge0: port 1(bridge_slave_0) entered disabled state [ 771.692591][T10461] bridge_slave_0: entered allmulticast mode [ 771.701053][ T5127] waltop 0003:172F:0038.0016: unknown main item tag 0x0 [ 771.702562][T10461] bridge_slave_0: entered promiscuous mode [ 771.708511][ T5127] waltop 0003:172F:0038.0016: unknown main item tag 0x0 [ 771.721936][ T5127] waltop 0003:172F:0038.0016: unknown main item tag 0x0 [ 771.729321][ T5127] waltop 0003:172F:0038.0016: unknown main item tag 0x0 [ 771.736695][ T5127] waltop 0003:172F:0038.0016: unknown main item tag 0x0 [ 771.835751][T10461] bridge0: port 2(bridge_slave_1) entered blocking state [ 771.843940][T10461] bridge0: port 2(bridge_slave_1) entered disabled state [ 771.851843][T10461] bridge_slave_1: entered allmulticast mode [ 771.861946][T10461] bridge_slave_1: entered promiscuous mode [ 771.953520][ T5127] waltop 0003:172F:0038.0016: hidraw0: USB HID v0.00 Device [HID 172f:0038] on usb-dummy_hcd.4-1/input0 [ 772.025898][ T5127] usb 5-1: USB disconnect, device number 10 [ 772.167163][T10461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 772.222682][T10538] loop1: detected capacity change from 0 to 256 [ 772.242933][T10537] loop0: detected capacity change from 0 to 256 [ 772.269088][T10461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 772.316412][T10537] exFAT-fs (loop0): bogus sector size bits : 0 [ 772.323119][T10537] exFAT-fs (loop0): failed to read boot sector [ 772.329615][T10537] exFAT-fs (loop0): failed to recognize exfat type [ 772.404170][T10534] loop3: detected capacity change from 0 to 2048 [ 772.489456][T10534] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 772.556560][T10461] team0: Port device team_slave_0 added [ 772.611254][T10534] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 772.663206][T10461] team0: Port device team_slave_1 added [ 772.914171][ T29] audit: type=1804 audit(1718187720.911:362): pid=10534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/46/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 772.941211][ T29] audit: type=1800 audit(1718187720.911:363): pid=10534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 772.962767][ T29] audit: type=1804 audit(1718187721.041:364): pid=10539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/46/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 772.989061][ T29] audit: type=1800 audit(1718187721.041:365): pid=10539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 773.052652][T10428] Bluetooth: hci4: command 0x040f tx timeout [ 773.093517][T10461] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 773.100748][T10461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 773.134205][T10461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 773.263088][T10461] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 773.270300][T10461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 773.297208][T10461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 773.877557][T10461] hsr_slave_0: entered promiscuous mode [ 773.945377][T10461] hsr_slave_1: entered promiscuous mode [ 773.989249][T10461] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 774.000284][T10461] Cannot create hsr debugfs directory [ 774.236799][T10551] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 774.395897][ T6962] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 774.483002][ T6961] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 774.828237][ T6962] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 774.838812][ T6962] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 774.903662][ T6961] usb 5-1: config 0 has an invalid interface number: 175 but max is 0 [ 774.912416][ T6961] usb 5-1: config 0 has an invalid interface number: 128 but max is 0 [ 774.920905][ T6961] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 774.931488][ T6961] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1 [ 774.940925][ T6961] usb 5-1: config 0 has no interface number 0 [ 774.947545][ T6961] usb 5-1: config 0 has no interface number 1 [ 774.954057][ T6961] usb 5-1: config 0 interface 175 altsetting 168 has an invalid endpoint with address 0x0, skipping [ 774.967161][ T6961] usb 5-1: config 0 interface 175 altsetting 168 has an invalid endpoint with address 0x0, skipping [ 774.979092][ T6961] usb 5-1: config 0 interface 175 altsetting 168 has 3 endpoint descriptors, different from the interface descriptor's value: 15 [ 774.992947][ T6961] usb 5-1: config 0 interface 175 has no altsetting 0 [ 775.000273][ T6961] usb 5-1: New USB device found, idVendor=059f, idProduct=1061, bcdDevice=8e.4f [ 775.009927][ T6961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 775.072946][ T6962] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 775.082583][ T6962] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 775.090987][ T6962] usb 4-1: SerialNumber: syz [ 775.110618][ T6961] usb 5-1: config 0 descriptor?? [ 775.135528][T10428] Bluetooth: hci4: command 0x040f tx timeout [ 775.160454][ T6961] usb-storage 5-1:0.175: USB Mass Storage device detected [ 775.176860][ T6962] usb 4-1: bad CDC descriptors [ 775.196935][ T6961] usb-storage 5-1:0.175: Quirks match for vid 059f pid 1061: 44000000 [ 775.261276][ T6961] usb-storage 5-1:0.128: USB Mass Storage device detected [ 775.395007][ T6961] usb-storage 5-1:0.128: Quirks match for vid 059f pid 1061: 44000000 [ 775.407854][ T10] usb 4-1: USB disconnect, device number 12 [ 775.533939][ T6961] usb 5-1: USB disconnect, device number 11 [ 775.760397][T10461] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 775.790077][T10461] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 775.812487][ T5133] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 775.833133][T10461] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 775.877952][T10461] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 776.218048][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 776.264011][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 776.275677][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 776.286162][ T5133] usb 1-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00 [ 776.301086][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 776.377807][ T5133] usb 1-1: config 0 descriptor?? [ 776.931904][T10572] loop3: detected capacity change from 0 to 2048 [ 776.970315][ T5133] waltop 0003:172F:0038.0017: unknown main item tag 0x0 [ 776.977999][ T5133] waltop 0003:172F:0038.0017: unknown main item tag 0x0 [ 776.985712][ T5133] waltop 0003:172F:0038.0017: unknown main item tag 0x0 [ 776.993200][ T5133] waltop 0003:172F:0038.0017: unknown main item tag 0x0 [ 777.000529][ T5133] waltop 0003:172F:0038.0017: unknown main item tag 0x0 [ 777.042003][T10461] 8021q: adding VLAN 0 to HW filter on device bond0 [ 777.057586][T10572] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 777.165597][ T1216] ieee802154 phy0 wpan0: encryption failed: -22 [ 777.172714][ T1216] ieee802154 phy1 wpan1: encryption failed: -22 [ 777.190298][T10572] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 777.198976][T10461] 8021q: adding VLAN 0 to HW filter on device team0 [ 777.243434][ T5133] waltop 0003:172F:0038.0017: hidraw0: USB HID v0.00 Device [HID 172f:0038] on usb-dummy_hcd.0-1/input0 [ 777.291076][T10576] loop1: detected capacity change from 0 to 2048 [ 777.310417][ T5133] usb 1-1: USB disconnect, device number 16 [ 777.349156][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 777.357111][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 777.440740][T10576] EXT4-fs: Ignoring removed nobh option [ 777.493598][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 777.501432][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 777.551593][T10576] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 777.564078][ T29] audit: type=1804 audit(1718187725.551:366): pid=10572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/48/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 777.591521][ T29] audit: type=1800 audit(1718187725.561:367): pid=10572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 777.613054][ T29] audit: type=1804 audit(1718187725.681:368): pid=10580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/48/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 777.644663][ T29] audit: type=1800 audit(1718187725.681:369): pid=10580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 777.887907][T10461] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 778.326635][ T8064] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz-executor.1: bg 0: block 2: invalid block bitmap [ 778.435101][T10585] netlink: 'syz-executor.0': attribute type 7 has an invalid length. [ 778.463930][ T8064] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6537: Corrupt filesystem [ 778.516026][ T8064] EXT4-fs error (device loop1): ext4_read_inline_dir:1560: inode #12: block 5: comm syz-executor.1: path /root/syzkaller-testdir3226229704/syzkaller.jJpq3s/223/file1/file0/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 778.592772][ T8064] EXT4-fs error (device loop1): ext4_read_inline_dir:1560: inode #12: block 5: comm syz-executor.1: path /root/syzkaller-testdir3226229704/syzkaller.jJpq3s/223/file1/file0/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 779.294915][ T8064] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 779.315077][T10590] xt_CT: You must specify a L4 protocol and not use inversions on it [ 779.378407][ T59] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.418015][T10590] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 779.560109][ T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.857586][ T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.896410][ T6961] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 779.983302][ T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 780.149738][T10461] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 780.255906][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 780.353873][ T6961] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 780.365754][ T6961] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 780.461219][ T59] bridge_slave_1: left allmulticast mode [ 780.467428][ T59] bridge_slave_1: left promiscuous mode [ 780.474327][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 780.512043][ T59] bridge_slave_0: left allmulticast mode [ 780.518539][ T59] bridge_slave_0: left promiscuous mode [ 780.527044][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 780.543714][ T6961] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 780.553256][ T6961] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 780.561558][ T6961] usb 5-1: SerialNumber: syz [ 780.670770][ T6961] usb 5-1: bad CDC descriptors [ 780.935426][ T781] usb 5-1: USB disconnect, device number 12 [ 781.393624][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 781.453174][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 781.509557][ T59] bond0 (unregistering): Released all slaves [ 781.710530][T10605] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 782.531927][T10461] veth0_vlan: entered promiscuous mode [ 782.638606][T10610] loop4: detected capacity change from 0 to 2048 [ 782.661652][ T59] hsr_slave_0: left promiscuous mode [ 782.710449][ T59] hsr_slave_1: left promiscuous mode [ 782.750249][T10610] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 782.768234][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 782.777110][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 782.816005][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 782.824225][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 782.872751][T10610] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 782.912641][ T59] veth1_macvtap: left promiscuous mode [ 782.918458][ T59] veth0_macvtap: left promiscuous mode [ 782.925666][ T59] veth1_vlan: left promiscuous mode [ 782.931293][ T59] veth0_vlan: left promiscuous mode [ 783.061287][ T29] audit: type=1804 audit(1718187731.131:370): pid=10616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/123/file0/bus" dev="loop4" ino=1367 res=1 errno=0 [ 783.088001][ T29] audit: type=1800 audit(1718187731.131:371): pid=10616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1367 res=0 errno=0 [ 783.109483][ T29] audit: type=1804 audit(1718187731.151:372): pid=10610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/123/file0/bus" dev="loop4" ino=1367 res=1 errno=0 [ 783.302731][ T29] audit: type=1804 audit(1718187731.331:373): pid=10610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2548333863/syzkaller.t1Vn2Z/123/file0/bus" dev="loop4" ino=1367 res=1 errno=0 [ 783.329355][ T29] audit: type=1800 audit(1718187731.331:374): pid=10610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1367 res=0 errno=0 [ 783.576849][ T5088] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 783.587400][ T5088] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 783.597164][ T5088] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 783.611423][ T5088] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 783.702715][ T5088] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 783.712649][ T5088] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 784.269252][T10628] xt_CT: You must specify a L4 protocol and not use inversions on it [ 784.305612][ T59] team0 (unregistering): Port device team_slave_1 removed [ 784.378133][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 784.402354][ T59] team0 (unregistering): Port device team_slave_0 removed [ 784.465930][T10626] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 785.045153][T10461] veth1_vlan: entered promiscuous mode [ 785.261709][ T6965] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 785.547487][T10461] veth0_macvtap: entered promiscuous mode [ 785.593936][T10461] veth1_macvtap: entered promiscuous mode [ 785.708294][ T6965] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 785.719781][ T6965] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 785.776674][ T5088] Bluetooth: hci0: command tx timeout [ 785.843526][ T6965] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 785.853392][ T6965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 785.861704][ T6965] usb 4-1: SerialNumber: syz [ 785.898485][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 785.910762][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.930724][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 785.946245][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.956910][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 785.967755][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 785.983792][T10461] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 785.990947][ T6965] usb 4-1: bad CDC descriptors [ 786.220858][T10639] netlink: 'syz-executor.0': attribute type 5 has an invalid length. [ 786.221091][ T6965] usb 4-1: USB disconnect, device number 13 [ 786.315406][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 786.333951][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 786.346270][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 786.357256][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 786.367498][T10461] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 786.378443][T10461] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 786.397320][T10461] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 786.568601][T10461] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.578567][T10461] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.588132][T10461] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.597349][T10461] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 786.932998][T10622] chnl_net:caif_netlink_parms(): no params data found [ 787.432570][ T5133] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 787.666644][T10654] loop3: detected capacity change from 0 to 2048 [ 787.712441][ T5133] usb 1-1: Using ep0 maxpacket: 8 [ 787.796655][T10654] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 787.838269][T10654] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 787.853668][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 787.870874][ T5133] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 787.883497][ T5088] Bluetooth: hci0: command tx timeout [ 787.883602][ T5133] usb 1-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 787.898791][ T5133] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 787.987132][ T5133] usb 1-1: config 0 descriptor?? [ 788.113547][ T29] audit: type=1804 audit(1718187736.111:375): pid=10654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/56/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 788.140100][ T29] audit: type=1800 audit(1718187736.111:376): pid=10654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 788.247704][ T29] audit: type=1804 audit(1718187736.291:377): pid=10661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/56/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 788.274265][ T29] audit: type=1800 audit(1718187736.291:378): pid=10661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 788.590785][ T5133] hid-led 0003:04D8:F372.0018: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.0-1/input0 [ 788.673728][ T5133] hid-led 0003:04D8:F372.0018: Greynut Luxafor initialized [ 788.748756][ T5133] usb 1-1: USB disconnect, device number 17 [ 788.798686][T10622] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.807266][T10622] bridge0: port 1(bridge_slave_0) entered disabled state [ 788.815345][T10622] bridge_slave_0: entered allmulticast mode [ 788.825382][T10622] bridge_slave_0: entered promiscuous mode [ 788.835930][ T781] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 788.927200][T10622] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.936639][T10622] bridge0: port 2(bridge_slave_1) entered disabled state [ 788.945031][T10622] bridge_slave_1: entered allmulticast mode [ 788.949619][ T10] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 788.954951][T10622] bridge_slave_1: entered promiscuous mode [ 788.986249][ T10] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 789.024955][T10666] pim6reg1: entered promiscuous mode [ 789.030544][T10666] pim6reg1: entered allmulticast mode [ 789.067308][ T10] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 789.109401][ T5132] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 789.162451][ T10] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 789.181948][ T10] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 789.204949][ T10] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 789.269451][ T10] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 789.304982][ T10] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 789.344343][ T10] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 789.384143][ T10] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 789.419398][ T10] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 789.451856][ T10] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 789.475504][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 789.506793][T10622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 789.542527][ T10] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 789.584361][ T10] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 789.626439][T10622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.662661][ T10] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 789.735445][ T10] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 789.952269][ T5088] Bluetooth: hci0: command tx timeout [ 790.058501][T10672] loop0: detected capacity change from 0 to 512 [ 790.070235][T10622] team0: Port device team_slave_0 added [ 790.115399][T10672] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 790.127614][T10672] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 790.138151][T10672] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 790.178820][T10622] team0: Port device team_slave_1 added [ 790.269051][T10672] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 790.340054][T10672] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 790.396948][T10672] EXT4-fs (loop0): Remounting filesystem read-only [ 790.404156][T10672] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 790.427116][T10622] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 790.434650][T10622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 790.461403][T10622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 790.555166][T10672] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 790.567505][T10672] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 790.585890][T10672] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 790.647651][T10622] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 790.655083][T10622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 790.681811][T10622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 790.795523][T10682] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 790.807691][T10682] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 790.821230][T10682] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 791.272591][T10622] hsr_slave_0: entered promiscuous mode [ 791.289310][T10622] hsr_slave_1: entered promiscuous mode [ 791.324811][T10622] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 791.325053][ T9775] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 791.333024][T10622] Cannot create hsr debugfs directory [ 791.363005][T10689] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 792.013074][ T5088] Bluetooth: hci0: command tx timeout [ 792.245757][ T6965] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 792.469623][T10701] loop3: detected capacity change from 0 to 2048 [ 792.591398][T10701] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 792.652715][T10701] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 792.684760][ T6965] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 792.695465][ T6965] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 792.822808][ T6965] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 792.832536][ T6965] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 792.840853][ T6965] usb 1-1: SerialNumber: syz [ 792.915240][ T29] audit: type=1804 audit(1718187740.941:379): pid=10701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/61/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 792.941742][ T29] audit: type=1800 audit(1718187740.941:380): pid=10701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 792.963142][ T29] audit: type=1804 audit(1718187741.031:381): pid=10706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1209831830/syzkaller.oIwKP5/61/file0/bus" dev="loop3" ino=1367 res=1 errno=0 [ 792.989579][ T29] audit: type=1800 audit(1718187741.031:382): pid=10706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=1367 res=0 errno=0 [ 793.007355][T10622] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 793.075155][ T6965] usb 1-1: bad CDC descriptors [ 793.145844][T10622] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 793.218710][T10622] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 793.348012][T10622] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 793.415495][ T10] usb 1-1: USB disconnect, device number 18 [ 793.616218][T10711] pim6reg1: entered promiscuous mode [ 793.621925][T10711] pim6reg1: entered allmulticast mode [ 794.112560][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 794.299308][ T6965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 794.307714][ T6965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 794.584280][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 794.593154][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 794.893402][T10622] 8021q: adding VLAN 0 to HW filter on device bond0 [ 795.108998][T10721] loop3: detected capacity change from 0 to 512 [ 795.119149][T10622] 8021q: adding VLAN 0 to HW filter on device team0 [ 795.186882][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 795.194959][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 795.294576][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 795.302592][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 795.398472][T10721] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 795.410499][T10721] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 795.421159][T10721] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 795.480992][T10721] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 795.505062][T10721] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 795.538275][T10721] EXT4-fs (loop3): Remounting filesystem read-only [ 795.554127][T10721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 795.591794][T10721] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 795.604423][T10721] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 795.615314][T10721] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 795.665556][T10721] EXT4-fs warning (device loop3): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 795.677812][T10721] EXT4-fs warning (device loop3): dx_probe:880: Enable large directory feature to access it [ 795.688465][T10721] EXT4-fs warning (device loop3): dx_probe:965: inode #2: comm syz-executor.3: Corrupt directory, running e2fsck is recommended [ 795.865396][T10729] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 796.405481][ T9697] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 797.152988][T10749] pim6reg1: entered promiscuous mode [ 797.158727][T10749] pim6reg1: entered allmulticast mode [ 797.189480][ T5133] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 797.268357][ T5127] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 797.540210][T10622] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 797.563282][ T5133] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 797.574745][ T5133] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 797.673774][ T5133] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 797.681439][ T5127] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config [ 797.683466][ T5133] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 797.683615][ T5133] usb 5-1: SerialNumber: syz [ 797.695436][ T5127] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=39.63 [ 797.695621][ T5127] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 797.794064][ T5127] pwc: Askey VC010 type 2 USB webcam detected. [ 797.856435][ T5133] usb 5-1: bad CDC descriptors [ 798.039297][ T5127] pwc: send_video_command error -71 [ 798.045456][ T5127] pwc: Failed to set video mode CIF@30 fps; return code = -71 [ 798.055312][ T5127] Philips webcam 1-1:2.0: probe with driver Philips webcam failed with error -71 [ 798.097990][T10622] veth0_vlan: entered promiscuous mode [ 798.147771][ T5127] usb 1-1: USB disconnect, device number 19 [ 798.185239][ T5133] usb 5-1: USB disconnect, device number 13 [ 798.192765][T10622] veth1_vlan: entered promiscuous mode [ 798.473953][T10622] veth0_macvtap: entered promiscuous mode [ 798.526302][T10622] veth1_macvtap: entered promiscuous mode [ 798.631911][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 798.643128][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.653291][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 798.664824][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.675085][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 798.685880][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.696208][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 798.707057][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.725794][T10622] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 798.813944][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 798.833541][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.846029][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 798.857029][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.867288][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 798.878110][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.888306][T10622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 798.900148][T10622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 798.941756][T10622] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 799.025308][T10622] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.036321][T10622] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.045507][T10622] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 799.054718][T10622] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 800.319925][T10773] nullb0: AHDI p1 [ 800.363200][T10775] loop0: detected capacity change from 0 to 256 [ 800.703016][T10775] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 800.914293][ T29] audit: type=1804 audit(1718187748.971:383): pid=10784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3512273026/syzkaller.P4wAuM/62/file2/bus" dev="loop0" ino=1048697 res=1 errno=0 [ 800.973213][T10786] loop2: detected capacity change from 0 to 64 [ 801.010685][T10786] hfs: invalid uid -1 [ 801.015184][T10786] hfs: unable to parse mount options [ 801.622535][T10790] loop3: detected capacity change from 0 to 512 [ 801.688506][T10790] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 801.840415][T10790] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #17: comm syz-executor.3: iget: bad i_size value: -6917529027641081756 [ 801.871336][T10790] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 17 (err -117) [ 801.931657][T10799] loop2: detected capacity change from 0 to 512 [ 801.938732][T10790] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.066614][T10799] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 802.078912][T10799] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 802.090033][T10799] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 802.165197][ T9697] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 802.195995][T10799] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 802.227713][T10799] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: invalid ea_ino [ 802.262683][T10799] EXT4-fs (loop2): Remounting filesystem read-only [ 802.269610][T10799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 802.330656][T10799] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 802.343467][T10799] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 802.354309][T10799] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 802.491724][T10799] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 802.504462][T10799] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it [ 802.525293][T10799] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz-executor.2: Corrupt directory, running e2fsck is recommended [ 802.591923][T10806] pim6reg1: entered promiscuous mode [ 802.597835][T10806] pim6reg1: entered allmulticast mode [ 803.085178][T10461] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 803.523498][T10820] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 803.784334][ T5133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.793303][ T5133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 804.071862][ T5133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 804.080323][ T5133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 804.178110][T10828] loop0: detected capacity change from 0 to 64 [ 804.211914][T10828] hfs: invalid uid -1 [ 804.216802][T10828] hfs: unable to parse mount options [ 805.187878][T10841] loop0: detected capacity change from 0 to 512 [ 805.259038][T10843] kernel profiling enabled (shift: 25) [ 805.302544][T10841] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 805.314952][T10841] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it [ 805.325523][T10841] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended [ 805.359772][T10841] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 805.412902][T10841] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 805.503050][T10841] EXT4-fs (loop0): Remounting filesystem read-only [ 805.509957][T10841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 805.592201][ C1] ===================================================== [ 805.599568][ C1] BUG: KMSAN: uninit-value in profile_tick+0x1ae/0x1b0 [ 805.606795][ C1] profile_tick+0x1ae/0x1b0 [ 805.611556][ C1] tick_nohz_handler+0x588/0x690 [ 805.616793][ C1] __hrtimer_run_queues+0x56f/0xe40 [ 805.622328][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 805.627594][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 805.633774][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 805.639660][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 805.645896][ C1] _raw_spin_unlock_irq+0x25/0x50 [ 805.651117][ C1] get_signal+0x21cd/0x2d00 [ 805.655906][ C1] arch_do_signal_or_restart+0x53/0xcb0 [ 805.661815][ C1] syscall_exit_to_user_mode+0x5d/0x160 [ 805.667609][ C1] do_syscall_64+0xdc/0x1e0 [ 805.672351][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.678483][ C1] [ 805.680913][ C1] Local variable timeout created at: [ 805.686321][ C1] futex_wait+0x4e/0x360 [ 805.690980][ C1] do_futex+0x341/0x4a0 [ 805.695429][ C1] [ 805.697888][ C1] CPU: 1 PID: 5047 Comm: syz-fuzzer Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 805.707721][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 805.717946][ C1] ===================================================== [ 805.725014][ C1] Disabling lock debugging due to kernel taint [ 805.731285][ C1] Kernel panic - not syncing: kmsan.panic set ... [ 805.737997][ C1] CPU: 1 PID: 5047 Comm: syz-fuzzer Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 805.749316][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 805.759549][ C1] Call Trace: [ 805.762962][ C1] [ 805.765926][ C1] dump_stack_lvl+0x216/0x2d0 [ 805.770832][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 805.776856][ C1] dump_stack+0x1e/0x30 [ 805.781217][ C1] panic+0x4e2/0xcd0 [ 805.785330][ C1] ? kmsan_get_metadata+0xf1/0x1d0 [ 805.790683][ C1] kmsan_report+0x2d5/0x2e0 [ 805.795401][ C1] ? update_load_avg+0x1865/0x29b0 [ 805.800710][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.806101][ C1] ? __msan_warning+0x95/0x120 [ 805.811036][ C1] ? profile_tick+0x1ae/0x1b0 [ 805.815926][ C1] ? tick_nohz_handler+0x588/0x690 [ 805.821242][ C1] ? __hrtimer_run_queues+0x56f/0xe40 [ 805.826857][ C1] ? hrtimer_interrupt+0x3ab/0x1490 [ 805.832275][ C1] ? __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 805.838577][ C1] ? sysvec_apic_timer_interrupt+0x7e/0x90 [ 805.844612][ C1] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 805.850998][ C1] ? _raw_spin_unlock_irq+0x25/0x50 [ 805.856404][ C1] ? get_signal+0x21cd/0x2d00 [ 805.861273][ C1] ? arch_do_signal_or_restart+0x53/0xcb0 [ 805.867247][ C1] ? syscall_exit_to_user_mode+0x5d/0x160 [ 805.873179][ C1] ? do_syscall_64+0xdc/0x1e0 [ 805.878067][ C1] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.884383][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.889808][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.895325][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 805.901349][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.906774][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 805.912887][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.918274][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 805.924297][ C1] ? kmsan_get_metadata+0x146/0x1d0 [ 805.929684][ C1] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 805.935708][ C1] __msan_warning+0x95/0x120 [ 805.940560][ C1] profile_tick+0x1ae/0x1b0 [ 805.945387][ C1] ? get_signal+0x21cd/0x2d00 [ 805.950275][ C1] tick_nohz_handler+0x588/0x690 [ 805.955440][ C1] ? __pfx_tick_nohz_handler+0x10/0x10 [ 805.961109][ C1] __hrtimer_run_queues+0x56f/0xe40 [ 805.966572][ C1] hrtimer_interrupt+0x3ab/0x1490 [ 805.971830][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 805.977500][ C1] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 805.983168][ C1] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 805.989303][ C1] sysvec_apic_timer_interrupt+0x7e/0x90 [ 805.995186][ C1] [ 805.998319][ C1] [ 806.001356][ C1] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 806.007606][ C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x50 [ 806.013636][ C1] Code: 90 90 90 90 90 f3 0f 1e fa 55 48 89 e5 53 48 89 fb e8 5f 68 bf f2 48 89 df e8 67 5a bf f2 c6 00 00 c6 03 00 fb be 04 00 00 00 <48> c7 c7 08 5d 0a 00 e8 7f 5c bf f2 65 ff 0d 30 b5 85 70 74 07 5b [ 806.033547][ C1] RSP: 0018:ffff888122083c88 EFLAGS: 00000282 [ 806.040395][ C1] RAX: ffff888115bd0840 RBX: ffff8881163d0840 RCX: 0000000115fd0840 [ 806.048533][ C1] RDX: ffff888115fd0840 RSI: 0000000000000004 RDI: ffff8881163d0840 [ 806.056665][ C1] RBP: ffff888122083c90 R08: ffffea000000000f R09: 0000000000000020 [ 806.064828][ C1] R10: ffff888121883e00 R11: ffff888115bd0c60 R12: 0000000000000000 [ 806.072962][ C1] R13: ffff888118488b40 R14: ffff888122083e00 R15: 0000000000000021 [ 806.081121][ C1] ? _raw_spin_unlock_irq+0x19/0x50 [ 806.086559][ C1] get_signal+0x21cd/0x2d00 [ 806.091374][ C1] ? stack_depot_save_flags+0x2c/0x6e0 [ 806.097085][ C1] arch_do_signal_or_restart+0x53/0xcb0 [ 806.102946][ C1] syscall_exit_to_user_mode+0x5d/0x160 [ 806.108754][ C1] do_syscall_64+0xdc/0x1e0 [ 806.113477][ C1] ? clear_bhb_loop+0x25/0x80 [ 806.118374][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.124503][ C1] RIP: 0033:0x473523 [ 806.128545][ C1] Code: 24 20 c3 cc cc cc cc 48 8b 7c 24 08 8b 74 24 10 8b 54 24 14 4c 8b 54 24 18 4c 8b 44 24 20 44 8b 4c 24 28 b8 ca 00 00 00 0f 05 <89> 44 24 30 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc [ 806.148452][ C1] RSP: 002b:000000c0001e3d70 EFLAGS: 00000286 ORIG_RAX: 00000000000000ca [ 806.157052][ C1] RAX: fffffffffffffe00 RBX: 0000000000000000 RCX: 0000000000473523 [ 806.165182][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000c000059148 [ 806.173389][ C1] RBP: 000000c0001e3db8 R08: 0000000000000000 R09: 0000000000000000 [ 806.181506][ C1] R10: 0000000000000000 R11: 0000000000000286 R12: 000000c0001e3d58 [ 806.189666][ C1] R13: 0000000000f249c0 R14: 000000c00012d1e0 R15: 000000000000008d [ 806.197842][ C1] [ 806.201132][ C1] Kernel Offset: disabled [ 806.205548][ C1] Rebooting in 86400 seconds..