last executing test programs: 1.986200758s ago: executing program 0: r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x5c, &(0x7f0000000500)={[{0x58, 0x4e00, "14bf47425dbdd07df93c769e1b77f0b5c5780995ae50458956bf89e4c24328b920111e39ff3f5c49d6b0885738343af5f8a09ec9d284fb892d6d0db4ead9c39ec1772430753bff9347476727054f06b1e7a437a033017ef1"}]}) 1.631083617s ago: executing program 2: unshare(0x2000400) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) shutdown(r1, 0x0) recvmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) 1.031329984s ago: executing program 2: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000000700000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_enter\x00', r0}, 0x10) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) bind$inet6(0xffffffffffffffff, 0x0, 0x0) keyctl$clear(0x11, 0xfffffffffffffffd) r3 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r3, &(0x7f0000000040), 0x400000000000284, 0x0, 0x0) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000140)=0x40, 0x4) sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0) ioctl$KDDELIO(r4, 0x4b35, 0x4) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r5, 0xffffffffffffffff}, 0x0, &(0x7f00000005c0)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) dup(0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f00000002c0)=[{0x6}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xc, &(0x7f0000000100), 0x4) 374.731476ms ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x10, &(0x7f0000000740), 0xfe, 0x499, &(0x7f0000001780)="$eJzs3M1vVFUbAPDn3umUb9qXF78ApYrGxo+WFlQWbjS608REF7gxqW0hlYEaWhIhRKsxuDQk7o0rY/QvcKUbo65M3OrekBAlJqALM+bO3NtOS6ftlClTnN8vueWc3jNzzjPnnrnn3sNtAF1rIPuRROyMiF8ioq+eXVxgoP7PjWsXx/+6dnE8iWr11d+TWrnr1y6OF0WL1+3IM4NpRPphkley2Mz5C6fGKpXJs3l+ePb028Mz5y88OXV67GQyFzF67NjRIyPPPD36VFvizOK6vu/d6QNJz+uXXx4/fvnNH77qbdjfGMctSXfMJweywP+o1iwt9khbKts8djWkk54ONoSWlCIi665ybfz3RSkWOq8vXvygo40DNlR2btrSfPdcFfgPS6LTLQA6ozjRZ9e/xXabph6bwtXn6hdAWdw38q2+pyfSvEx5A+u/NyKOz/39abZF3g//7NzACgGArvdNNv95Yrn5Xxp3N5Tbna+h9EfE/yJiT0T8PyL2RsRdEbWy9+TzmVbUl4ZK8/mb55/plXUHtwbZ/O/ZfG1r8fyvmP1FfynP7arFX05OTFUmD+efyWCUt2T5kRXq+PaFnz9utm+gYf6XbVn9xVwwb8eVniU36CbGZsfaNSm9+n7Evp7l4k/mVwKSiLgvIva19ta7i8TUY18caFZo9fhX0IZ1pupnEY/W+38ulsRfSJauT06enDyzsD45vDUqk4eHi6PiZj/+dOmV5Wvfemvxt0HW/9sXH/9LSvT9mTSu1860XselXz9qek253uO/N3mtNiaLNdx3xmZnz45E9CYv1fKLfj+68NoiX5TP4h88tBB/NIz/Pflrsvj3R0R2EN8fEQ9ExMG87Q9GxEMRcWiF+L9//uG3Wop/6vb2/8Sy33/zx3//4v5vPVE69d3XzepfW/8fraUG89/Uvv9W0bw5UZmMqFbXfTQDAADAnSeNiJ2RpEPz6TQdGqr/H/69sT2tTM/MPn5i+tyZifozAv1RTos7XX35/dDsanskmcvfsX5/dDS/V1zcLz2S3zf+pLStlh8an65MdDh26HY7moz/zG+lTrcO2HCe14LutXT8px1qB3D7Of9D9zL+oXsZ/9C9Gsb/l+cu7a8l3qv9PDi/Y9m1gBX+cghwZ3D+h+5l/EP3Mv6hexn/0JXW/hR/eV3P/rc/sS1v+WqFe1d+n2SThHNz4vPypmjGaolIVyrzRiy/ayAiNqhhsSk+lnYnkjUc6mtNnDiZD521FO7ktxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED7/BsAAP//1ELiOQ==") mkdir(&(0x7f0000000000)='./control\x00', 0x0) r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x0) lseek(r0, 0x8, 0x0) ioperm(0x0, 0x0, 0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) getdents64(r0, 0x0, 0x0) 0s ago: executing program 3: syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x3b, 0xf, 0x33, 0x8, 0x10b8, 0xbb9, 0x2f2a, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x20, 0xb6, 0x3}}]}}]}}, 0x0) r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCSKEYCODE(r0, 0x40084504, &(0x7f0000000040)) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.125' (ED25519) to the list of known hosts. 2024/06/07 03:36:56 fuzzer started 2024/06/07 03:36:56 dialing manager at 10.128.0.169:30026 [ 181.901305][ T5044] cgroup: Unknown subsys name 'net' [ 182.172433][ T5044] cgroup: Unknown subsys name 'rlimit' [ 224.231906][ T1220] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.238976][ T1220] ieee802154 phy1 wpan1: encryption failed: -22 2024/06/07 03:37:51 starting 5 executor processes [ 234.880671][ T5046] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 237.797049][ T5074] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 237.806808][ T5074] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 237.819163][ T5074] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 237.928685][ T5074] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 237.949833][ T5074] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 237.959192][ T5073] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 237.980196][ T5074] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 237.989331][ T5074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 237.999017][ T5077] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 238.018801][ T5077] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 238.030517][ T5077] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 238.040052][ T5077] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 238.380071][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 238.390179][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 238.400291][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 238.452583][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 238.573263][ T4429] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 238.578007][ T5074] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 238.590449][ T5074] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 238.590471][ T4429] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 238.608422][ T5074] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 238.624605][ T5074] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 238.642243][ T5074] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 238.655153][ T5074] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 238.941050][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 238.950724][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 238.963020][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 238.977092][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 239.010810][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 239.031645][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 239.654053][ T5071] chnl_net:caif_netlink_parms(): no params data found [ 239.753635][ T5070] chnl_net:caif_netlink_parms(): no params data found [ 240.177226][ T5074] Bluetooth: hci0: command tx timeout [ 240.181518][ T51] Bluetooth: hci1: command tx timeout [ 240.707890][ T51] Bluetooth: hci2: command tx timeout [ 240.795253][ T51] Bluetooth: hci3: command tx timeout [ 240.819350][ T5086] chnl_net:caif_netlink_parms(): no params data found [ 240.840489][ T5083] chnl_net:caif_netlink_parms(): no params data found [ 240.932620][ T5079] chnl_net:caif_netlink_parms(): no params data found [ 241.089722][ T5071] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.097228][ T51] Bluetooth: hci4: command tx timeout [ 241.103101][ T5071] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.111024][ T5071] bridge_slave_0: entered allmulticast mode [ 241.119815][ T5071] bridge_slave_0: entered promiscuous mode [ 241.245723][ T5071] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.253687][ T5071] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.261793][ T5071] bridge_slave_1: entered allmulticast mode [ 241.271731][ T5071] bridge_slave_1: entered promiscuous mode [ 241.282377][ T5070] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.290604][ T5070] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.301118][ T5070] bridge_slave_0: entered allmulticast mode [ 241.310672][ T5070] bridge_slave_0: entered promiscuous mode [ 241.490456][ T5070] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.498444][ T5070] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.506177][ T5070] bridge_slave_1: entered allmulticast mode [ 241.515652][ T5070] bridge_slave_1: entered promiscuous mode [ 241.564774][ T5071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 241.754684][ T5070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 241.774468][ T5071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 241.898617][ T5070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 241.926705][ T5071] team0: Port device team_slave_0 added [ 241.997983][ T5071] team0: Port device team_slave_1 added [ 242.219001][ T51] Bluetooth: hci1: command tx timeout [ 242.224701][ T5074] Bluetooth: hci0: command tx timeout [ 242.243742][ T5070] team0: Port device team_slave_0 added [ 242.256863][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 242.264048][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.290488][ T5071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 242.356208][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 242.363738][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.390524][ T5071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 242.438135][ T5070] team0: Port device team_slave_1 added [ 242.688768][ T5071] hsr_slave_0: entered promiscuous mode [ 242.701543][ T5071] hsr_slave_1: entered promiscuous mode [ 242.756946][ T5079] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.764750][ T5079] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.772713][ T5079] bridge_slave_0: entered allmulticast mode [ 242.782442][ T5079] bridge_slave_0: entered promiscuous mode [ 242.783297][ T51] Bluetooth: hci2: command tx timeout [ 242.856880][ T51] Bluetooth: hci3: command tx timeout [ 242.873477][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.883369][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state [ 242.891465][ T5086] bridge_slave_0: entered allmulticast mode [ 242.901152][ T5086] bridge_slave_0: entered promiscuous mode [ 242.914441][ T5079] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.922453][ T5079] bridge0: port 2(bridge_slave_1) entered disabled state [ 242.930539][ T5079] bridge_slave_1: entered allmulticast mode [ 242.940198][ T5079] bridge_slave_1: entered promiscuous mode [ 243.030299][ T5070] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 243.038866][ T5070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.066194][ T5070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 243.079011][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.087029][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.094928][ T5086] bridge_slave_1: entered allmulticast mode [ 243.104572][ T5086] bridge_slave_1: entered promiscuous mode [ 243.183326][ T51] Bluetooth: hci4: command tx timeout [ 243.194521][ T5083] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.202462][ T5083] bridge0: port 1(bridge_slave_0) entered disabled state [ 243.210486][ T5083] bridge_slave_0: entered allmulticast mode [ 243.219633][ T5083] bridge_slave_0: entered promiscuous mode [ 243.243125][ T5079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 243.273740][ T5070] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 243.281112][ T5070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 243.307502][ T5070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 243.397228][ T5083] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.404874][ T5083] bridge0: port 2(bridge_slave_1) entered disabled state [ 243.412749][ T5083] bridge_slave_1: entered allmulticast mode [ 243.422483][ T5083] bridge_slave_1: entered promiscuous mode [ 243.442008][ T5079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 243.704748][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 243.764435][ T5083] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 243.841482][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 243.858857][ T5079] team0: Port device team_slave_0 added [ 243.875389][ T5083] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 243.891713][ T5079] team0: Port device team_slave_1 added [ 243.945210][ T5070] hsr_slave_0: entered promiscuous mode [ 243.955760][ T5070] hsr_slave_1: entered promiscuous mode [ 243.964808][ T5070] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 243.972778][ T5070] Cannot create hsr debugfs directory [ 244.194613][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 244.201948][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.228578][ T5079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 244.252691][ T5083] team0: Port device team_slave_0 added [ 244.262799][ T5079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 244.270284][ T5079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.296878][ T5079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 244.316395][ T51] Bluetooth: hci1: command tx timeout [ 244.322417][ T51] Bluetooth: hci0: command tx timeout [ 244.336390][ T5086] team0: Port device team_slave_0 added [ 244.413644][ T5083] team0: Port device team_slave_1 added [ 244.542661][ T5086] team0: Port device team_slave_1 added [ 244.849471][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 244.858634][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.866444][ T51] Bluetooth: hci2: command tx timeout [ 244.886500][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 244.921570][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 244.928892][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 244.936937][ T51] Bluetooth: hci3: command tx timeout [ 244.955618][ T5083] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 244.987290][ T5079] hsr_slave_0: entered promiscuous mode [ 244.997666][ T5079] hsr_slave_1: entered promiscuous mode [ 245.006328][ T5079] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 245.014457][ T5079] Cannot create hsr debugfs directory [ 245.101351][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 245.108672][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.135173][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 245.150047][ T5083] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 245.157444][ T5083] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 245.183929][ T5083] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 245.287575][ T51] Bluetooth: hci4: command tx timeout [ 245.499968][ T5086] hsr_slave_0: entered promiscuous mode [ 245.510739][ T5086] hsr_slave_1: entered promiscuous mode [ 245.519606][ T5086] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 245.527655][ T5086] Cannot create hsr debugfs directory [ 245.919896][ T5083] hsr_slave_0: entered promiscuous mode [ 245.930134][ T5083] hsr_slave_1: entered promiscuous mode [ 245.939988][ T5083] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 245.948038][ T5083] Cannot create hsr debugfs directory [ 245.990908][ T5071] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 246.042553][ T5071] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 246.089895][ T5071] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 246.223115][ T5071] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 246.383091][ T51] Bluetooth: hci1: command tx timeout [ 246.389242][ T5074] Bluetooth: hci0: command tx timeout [ 246.643065][ T5070] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 246.690962][ T5070] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 246.795337][ T5070] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 246.891296][ T5070] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 246.951528][ T51] Bluetooth: hci2: command tx timeout [ 247.018080][ T51] Bluetooth: hci3: command tx timeout [ 247.059029][ T5079] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 247.111671][ T5079] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 247.137105][ T5079] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 247.225747][ T5079] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 247.345990][ T51] Bluetooth: hci4: command tx timeout [ 247.546381][ T5083] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 247.568762][ T5086] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 247.593776][ T5086] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 247.619060][ T5086] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 247.682128][ T5083] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 247.709133][ T5083] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 247.732563][ T5086] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 247.767960][ T5083] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 248.419171][ T5071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.819707][ T5070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.874134][ T5071] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.986764][ T781] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.994564][ T781] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.034950][ T5079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.107297][ T781] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.115145][ T781] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.150411][ T5070] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.342760][ T5079] 8021q: adding VLAN 0 to HW filter on device team0 [ 249.402434][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.410339][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.498488][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.506277][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.522270][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.530174][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 249.755624][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.763541][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.838250][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 249.874350][ T5083] 8021q: adding VLAN 0 to HW filter on device bond0 [ 250.099177][ T5086] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.144614][ T5079] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 250.277967][ T5083] 8021q: adding VLAN 0 to HW filter on device team0 [ 250.334001][ T5107] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.342021][ T5107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.360105][ T5107] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.368151][ T5107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 250.551940][ T5107] bridge0: port 1(bridge_slave_0) entered blocking state [ 250.559883][ T5107] bridge0: port 1(bridge_slave_0) entered forwarding state [ 250.583654][ T5107] bridge0: port 2(bridge_slave_1) entered blocking state [ 250.591580][ T5107] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.074806][ T5083] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 251.224900][ T5086] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 251.238104][ T5086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 252.197960][ T5071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 252.571024][ T5079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.091096][ T5071] veth0_vlan: entered promiscuous mode [ 253.190675][ T5070] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.250106][ T5071] veth1_vlan: entered promiscuous mode [ 253.427505][ T5083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.454786][ T5079] veth0_vlan: entered promiscuous mode [ 253.615663][ T5079] veth1_vlan: entered promiscuous mode [ 253.636533][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 253.825422][ T5071] veth0_macvtap: entered promiscuous mode [ 253.966428][ T5071] veth1_macvtap: entered promiscuous mode [ 254.202544][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 254.233069][ T5079] veth0_macvtap: entered promiscuous mode [ 254.344316][ T5079] veth1_macvtap: entered promiscuous mode [ 254.363787][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 254.408665][ T5083] veth0_vlan: entered promiscuous mode [ 254.510324][ T5086] veth0_vlan: entered promiscuous mode [ 254.525976][ T5071] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.538539][ T5071] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.547933][ T5071] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.557189][ T5071] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.673947][ T5083] veth1_vlan: entered promiscuous mode [ 254.732252][ T5086] veth1_vlan: entered promiscuous mode [ 254.760766][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 254.772610][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 254.790058][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.061205][ T5079] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 255.073446][ T5079] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.089880][ T5079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 255.196729][ T5083] veth0_macvtap: entered promiscuous mode [ 255.291662][ T5079] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.300944][ T5079] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.310462][ T5079] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.319672][ T5079] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.346139][ T5086] veth0_macvtap: entered promiscuous mode [ 255.431901][ T5083] veth1_macvtap: entered promiscuous mode [ 255.475387][ T5086] veth1_macvtap: entered promiscuous mode [ 255.720734][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.733708][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.744148][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.754931][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.771442][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.816531][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.833821][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.844100][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.854946][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.865204][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 255.876049][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 255.892527][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 255.999922][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.012199][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.022546][ T5083] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.033347][ T5083] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.049485][ T5083] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.118396][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.129324][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.142053][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.157088][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.167395][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 256.178351][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 256.194342][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 256.262297][ T5083] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.273771][ T5083] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.284946][ T5083] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.295803][ T5083] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.402890][ T5086] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.413560][ T5086] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.422897][ T5086] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.432215][ T5086] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 256.801793][ T5070] veth0_vlan: entered promiscuous mode [ 256.938357][ T5070] veth1_vlan: entered promiscuous mode [ 257.446024][ T5070] veth0_macvtap: entered promiscuous mode [ 257.583064][ T5070] veth1_macvtap: entered promiscuous mode [ 257.796327][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 257.809407][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 257.820253][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 257.831303][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 257.843220][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 257.855680][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 257.866419][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 257.877450][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 257.893524][ T5070] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 258.082687][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.094248][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.104639][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.115545][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.125818][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.136932][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.147212][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 258.158066][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 258.174255][ T5070] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 258.406437][ T5070] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.415908][ T5070] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.425298][ T5070] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 258.434489][ T5070] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.454180][ T3359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.463769][ T3359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.787264][ T5125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.795357][ T5125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.079867][ T3359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.088170][ T3359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.253128][ T3359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.266223][ T3359] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.057219][ T3359] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.065434][ T3359] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.347318][ T5127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.355517][ T5127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.396872][ T5125] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 264.515775][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.524105][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.802470][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.811013][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.978763][ T5125] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 264.988445][ T5125] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 265.002215][ T5125] usb 1-1: Product: syz [ 265.009146][ T5125] usb 1-1: Manufacturer: syz [ 265.014002][ T5125] usb 1-1: SerialNumber: syz [ 265.077431][ T5253] Zero length message leads to an empty skb [ 265.140432][ T5125] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 265.794960][ T5258] loop1: detected capacity change from 0 to 512 [ 265.947214][ T8] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 265.997984][ T29] audit: type=1326 audit(1717731502.197:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5252 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73f1579 code=0x0 [ 266.091615][ T3314] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.099618][ T43] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 266.107863][ T3314] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.248937][ T5258] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 266.291579][ T3314] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 266.300346][ T3314] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.324058][ T5258] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 266.338979][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 266.357167][ T43] usb 4-1: Using ep0 maxpacket: 8 [ 266.403427][ T5258] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 266.522862][ T5125] usb 1-1: USB disconnect, device number 2 [ 266.583100][ T5258] EXT4-fs warning (device loop1): __ext4fs_dirhash:270: inode #18: comm syz-executor.1: Siphash requires key [ 266.596427][ T5258] ===================================================== [ 266.603942][ T5258] BUG: KMSAN: uninit-value in ext4_inlinedir_to_tree+0xde2/0x15a0 [ 266.608730][ T43] usb 4-1: New USB device found, idVendor=10b8, idProduct=0bb9, bcdDevice=2f.2a [ 266.612266][ T5258] ext4_inlinedir_to_tree+0xde2/0x15a0 [ 266.621414][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.650950][ T5258] ext4_htree_fill_tree+0x1941/0x1cd0 [ 266.656878][ T5258] ext4_readdir+0x4bbf/0x5b00 [ 266.661879][ T5258] iterate_dir+0x688/0x870 [ 266.666941][ T5258] __se_sys_getdents64+0x169/0x530 [ 266.672422][ T5258] __ia32_sys_getdents64+0x93/0xe0 [ 266.678055][ T5258] ia32_sys_call+0xe3d/0x40a0 [ 266.683007][ T5258] __do_fast_syscall_32+0xb4/0x120 [ 266.688629][ T5258] do_fast_syscall_32+0x38/0x80 [ 266.693733][ T5258] do_SYSENTER_32+0x1f/0x30 [ 266.698896][ T5258] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 266.705510][ T5258] [ 266.709220][ T5258] Local variable hinfo created at: [ 266.714497][ T5258] ext4_htree_fill_tree+0x52/0x1cd0 [ 266.720172][ T5258] ext4_readdir+0x4bbf/0x5b00 [ 266.725179][ T5258] [ 266.727876][ T5258] CPU: 0 PID: 5258 Comm: syz-executor.1 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 266.747238][ T5258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 266.760677][ T5258] ===================================================== [ 266.768199][ T5258] Disabling lock debugging due to kernel taint [ 266.773667][ T43] usb 4-1: config 0 descriptor?? [ 266.774446][ T5258] Kernel panic - not syncing: kmsan.panic set ... [ 266.774497][ T5258] CPU: 0 PID: 5258 Comm: syz-executor.1 Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 266.774629][ T5258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 266.774703][ T5258] Call Trace: [ 266.774747][ T5258] [ 266.774787][ T5258] dump_stack_lvl+0x216/0x2d0 [ 266.774965][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 266.775118][ T5258] dump_stack+0x1e/0x30 [ 266.775269][ T5258] panic+0x4e2/0xcd0 [ 266.775424][ T5258] ? kmsan_get_metadata+0xf1/0x1d0 [ 266.775583][ T5258] kmsan_report+0x2d5/0x2e0 [ 266.775723][ T5258] ? __msan_warning+0x95/0x120 [ 266.775832][ T5258] ? ext4_inlinedir_to_tree+0xde2/0x15a0 [ 266.776007][ T5258] ? ext4_htree_fill_tree+0x1941/0x1cd0 [ 266.776163][ T5258] ? ext4_readdir+0x4bbf/0x5b00 [ 266.776297][ T5258] ? iterate_dir+0x688/0x870 [ 266.776457][ T5258] ? __se_sys_getdents64+0x169/0x530 [ 266.776633][ T5258] ? __ia32_sys_getdents64+0x93/0xe0 [ 266.776804][ T5258] ? ia32_sys_call+0xe3d/0x40a0 [ 266.776982][ T5258] ? __do_fast_syscall_32+0xb4/0x120 [ 266.777151][ T5258] ? do_fast_syscall_32+0x38/0x80 [ 266.777314][ T5258] ? do_SYSENTER_32+0x1f/0x30 [ 266.777508][ T5258] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 266.777725][ T5258] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 266.777872][ T5258] ? stack_depot_save_flags+0x66d/0x6e0 [ 266.778025][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.778163][ T5258] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 266.778365][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.778524][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.778661][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 266.778825][ T5258] __msan_warning+0x95/0x120 [ 266.778938][ T5258] ext4_inlinedir_to_tree+0xde2/0x15a0 [ 266.779113][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.779245][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 266.779391][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.779521][ T5258] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 266.978971][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 266.984419][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 266.990630][ T5258] ext4_htree_fill_tree+0x1941/0x1cd0 [ 266.996680][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.002123][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.007711][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.013140][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.018661][ T5258] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 267.025029][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.030477][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 267.036541][ T5258] ext4_readdir+0x4bbf/0x5b00 [ 267.041470][ T5258] ? aa_file_perm+0x3e4/0x17a0 [ 267.046489][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.051910][ T5258] ? kmsan_get_metadata+0x146/0x1d0 [ 267.057339][ T5258] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 267.063889][ T5258] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 267.069973][ T5258] ? __pfx_ext4_readdir+0x10/0x10 [ 267.075260][ T5258] iterate_dir+0x688/0x870 [ 267.079950][ T5258] __se_sys_getdents64+0x169/0x530 [ 267.085341][ T5258] ? __pfx_filldir64+0x10/0x10 [ 267.090385][ T5258] __ia32_sys_getdents64+0x93/0xe0 [ 267.095787][ T5258] ia32_sys_call+0xe3d/0x40a0 [ 267.100744][ T5258] __do_fast_syscall_32+0xb4/0x120 [ 267.106133][ T5258] ? irqentry_exit+0x16/0x60 [ 267.110985][ T5258] do_fast_syscall_32+0x38/0x80 [ 267.116115][ T5258] do_SYSENTER_32+0x1f/0x30 [ 267.120894][ T5258] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 267.127531][ T5258] RIP: 0023:0xf73ef579 2024/06/07 03:38:22 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 267.131815][ T5258] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 267.151681][ T5258] RSP: 002b:00000000f5e785ac EFLAGS: 00000206 ORIG_RAX: 00000000000000dc [ 267.160349][ T5258] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 267.168612][ T5258] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 267.176782][ T5258] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 267.184939][ T5258] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 267.193216][ T5258] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 267.201408][ T5258] [ 267.204920][ T5258] Kernel Offset: disabled [ 267.209448][ T5258] Rebooting in 86400 seconds..