last executing test programs: 27.014262544s ago: executing program 3 (id=713): syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000700)='./file0\x00', 0x2800818, &(0x7f00000013c0)=ANY=[], 0xf, 0x6b4, &(0x7f0000001b80)="$eJzs3c1vHGcdB/DvrNeON62C0yZthIqIEikgRSROrBTCpQEhlEOFqnLgbCVOY2WTVLaL3ApRFxCckDj0DyhIvnFC4sQlKJzLrVcfKyFxiZCwuCya2dn12l7HduKXGD6favo8M88zz/zmN2/e3aw2wP+tmxfTfJQiNy++vVjOryxPtVeWp47Vze0kZb2RNLtFigdJ8Ti5UbYXA1MGyk0+nb3+7hdPVr7szjXrqerfeNp6Qwzpu1RPOZtkpC43G93pJtaNdyvJy5u6jO10rH7Hv6SbtPN1CYeuUxrvFl1Lu1l9N9ct8ILpPZ2K7nNzk4nkeJLx+u+A1HeHxsFFuD92dZcDAACAI+rzh4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw99e//F/XUqMucTdH7/f+x3rK6fsR0Ph6ce1QUhxcKAAAAAAAAAOyRr69mNYs50ZvvFNVn/ueqmVP5Tyd5KR9kPjOZy6UsZjoLWchcriSZGBhobHF6YWHuSn/N0vA1rw5d8+pB7TEAAAAAAAAA/E/6RW6uff4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvgiIZ6RbVdKpXn0ijmW7bWNlvKfl7r35EFMMWPjr4OAAAAOC5jD/DOl9ZzWoWc6I33ymq1/yvVa+Xx/NBHmQhs1lIOzO5Xb+GLl/1N1aWp9ory1P3y2nzuN/7567CqEas318YvuUzVY9W7mS2WnIpt6pgbqdRrVk604tneFyflDEVb9V2GFmzTmu5sd9t9S7CntjtWxETZXBJPyOTdWyN5FiSMgNF9UZNWV+/6rZHp7lxS2lktL+lK2n03/k5tQ85P16X5f78el9zvlv9TDRSZeLqwNn32tMzkXzjz3/8yd32g3t378xffHF2aRsjWyzfeE5MDWTi9SOdieYu+09WmTjdn7+ZH+bHuZizeSdzmc1PM52FzKRTt/+706mq5Y5PPD1TN9bNvbNdJGP1cekes53EdDY/qGrTOVeteyKzKfIwtzOTN6v/ruZKvp1ruZbrA0f49JZxV4ezuuobG6/63pH+69Dgz3+zrrSS/KYuN+Vgg63Ozr3SvfeXeT05kNfuWf+k3+vkwHUwOZClV3rZGR0y9Ooz3RubX60r5TZ+WZcvhok6E+UF1HtK9KJ7tZuJZv1c2nie/766IObbD+7N3Z1+f4vxlzbMX6jL8rRa/tpOoxx2KPZaeb68kvH6TrL+7CjbXu3fZU6ue6qO1Z+4dNsam9pOV21F0btSf7TllTpW/w23eaSrVdvrQ9umqrYzeavftu7vrTxMO7cPIH8APKeJHB9r/aP1eeuz1q9ad1tvj3//2HeOvTGW0b+Nfrc5OXKh8Ubxp3yWn6+9/gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7d/Icf3Ztut2fmhlcadWX8KX2GV7YbeUOlqH/QZ3dr7V3lwkvJXg44nmTdktFyQX9JKwezX62NYWyqdD5ODjzhvR8RHN7nt2WlmZ0MeGO7Pp8c9Il05CojS8NPgEO+MQH77vLC/fcvz3/40bdm70+/N/PezIPRa9euT16/9ubU5Tuz7ZnJ7v8PO0pgP6w99A87EgAAAAAAAAAAAGCnhn0x4NzL231pZEff8fAvCwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA9cfNimo9S5MrkpclyfmV5ql1Ovfpaz2aSRiMpfpYUj5Mb6U6ZGBiuyB8epzNkO5/OXn/3iycrX66N1ez2Txp1+RyW6ilnk4zU5V6Nd+u5xyv+1dvDMmHne4mDw/bfAAAA//9vW/YP") r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) fcntl$setlease(r0, 0x400, 0x0) link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 26.328986104s ago: executing program 3 (id=723): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x1f}, 0x14) 25.045001992s ago: executing program 3 (id=734): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240), 0xfe, 0x54b, &(0x7f0000001c40)="$eJzs3d9rW1UcAPDvTdv96nQdjKE+SGEPTubStfXHBB/mo+hwoO8ztHdlNF1Gk461Dtwe3IsvMgQRB+If4LuPw3/Av2KggyGj6IMvkZvebNmaNGmXrZn5fOC259x70nNP7v2enpOTkACG1mT2oxDxakR8m0Qcajk2GvnByY1y6w+uzWVbEvX6Z38lkeT7muWT/Pd4nnklIn77OuJEYXO91dW1xVK5nC7n+ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dvbX3z3D8/fHrno9PfHFv//pd7h28lcSYO5sda2/EUrrdmJmMyf07G4swTBaf7UNkgSXb7BNiRkTzOxyLrAw7FSB71wP/fVxFRB4ZUIv5hSDXHAc25fZ/mwS+M+x9uTIA2tz/ZeG0k9jXmRgfWk8dmRtl8d6IP9Wd1/Prn7VvZFv17HQKgq+s3IuLU6Gjn/m/nTvVQ5sk69H/w/NzJxj9vtRv/FB6Of6LN+Ge8TezuRPf4L9zrQzUdZeO/D9qOfx8uWk2M5LmXGmO+seTCxXKa9W0vR8TxGNub5bdazzm9frfe6Vjr+C/bsvqbY8H8PO6N7n38MfOlWulp2tzq/o2I17qMf5M21z97Ps71WMfR9PbrnY51b/+zVf854o221//Rilay9frkVON+mGreFZv9ffPo753q3+32Z9f/wNbtn0ha12ur26/jp33/pp2OTSb5ouk27/89yeeN9J5839VSrbY8HbEn+WTz/plHj23mm+Wz9h8/tnX/1+7+3x8RX/TY/ptHbnYsOgjXf35b13/7ibsff/ljp/p76//ebqSO53t66f96PcGnee4AAAAAAABg0BQi4mAkheLDdKFQLG68v+NIHCiUK9XaiQuVlUvz0fis7ESMFZor3eMt74eYzt8P28zPPJGfjYjDEfHdyP5GvjhXKc/vduMBAAAAAAAAAAAAAAAAAABgQIx3+Px/5o+R3T474Jnzld8wvLrGfz++6QkYSP7/w/AS/zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXXu7Nlsq68/uDaX5eevrK4sVq6cnE+ri8WllbniXGX5cnGhUlkop8W5ylK3v1euVC5Pz8TK1alaWq1NVVfXzi9VVi7Vzl9cKi2k59Ox59IqAAAAAAAAAAAAAAAAAAAAeLFUV9cWS+VyuiwhsaPE6GCchkSfE7vdMwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI/8FAAD//wZvNao=") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) pwritev(r0, &(0x7f0000000480)=[{&(0x7f0000000000)='4', 0x1}], 0x1, 0x1a4e, 0x0) fallocate(r0, 0x10, 0x6, 0x9128) 24.187539478s ago: executing program 3 (id=741): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001200000008000300", @ANYRES32=r2, @ANYBLOB="0800a400010000000a000600ffffffffffff00000600000084020000050074"], 0x40}}, 0x0) 23.508225614s ago: executing program 3 (id=747): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) accept$alg(r0, 0x0, 0x0) accept$alg(r0, 0x0, 0x0) 23.026365107s ago: executing program 3 (id=749): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x2d, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x2000000, 0x0, 0x1, 0x57}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r0, 0x4008744b, 0x2000000c) 7.973906606s ago: executing program 2 (id=767): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) syz_emit_ethernet(0x8e, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0) recvfrom(r0, 0x0, 0xff25, 0x0, 0x0, 0x0) 7.773716788s ago: executing program 32 (id=749): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x2d, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x2000000, 0x0, 0x1, 0x57}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400) ioctl$TUNSETOFFLOAD(r0, 0x4008744b, 0x2000000c) 6.941868067s ago: executing program 2 (id=773): unshare(0x2c020400) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f00000010c0)=ANY=[@ANYRES32], 0x2000, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x5800) 6.457157045s ago: executing program 2 (id=777): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x19) r1 = fcntl$dupfd(r0, 0x0, r0) ioctl$TCFLSH(r1, 0x40085500, 0x0) 6.095315797s ago: executing program 2 (id=778): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x40) ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x7e) 5.620693459s ago: executing program 2 (id=780): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x40, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xffffffffffffff75}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0) 5.188461195s ago: executing program 4 (id=782): r0 = syz_io_uring_setup(0x24ee, &(0x7f0000000440)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f00000003c0)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}) io_uring_enter(r0, 0xa3d, 0x0, 0x0, 0x0, 0x0) 4.889965914s ago: executing program 4 (id=783): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) clock_getres(0x0, 0x0) 4.051192537s ago: executing program 1 (id=784): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'netdevsim0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="1501000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1, @ANYBLOB="0a0003"], 0x48}}, 0x0) 2.932567569s ago: executing program 4 (id=786): r0 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)) keyctl$link(0x8, r1, r0) 2.752502477s ago: executing program 4 (id=787): r0 = syz_io_uring_setup(0x444b, &(0x7f0000000100), &(0x7f0000000540), &(0x7f0000000280)) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r1 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(r0, 0x13, 0x2000ac0a, r1) 2.486369769s ago: executing program 4 (id=789): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000400), 0x0) 2.166753621s ago: executing program 1 (id=791): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4ff, 0xfff}) 2.12085237s ago: executing program 2 (id=792): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) statx(0xffffffffffffff9c, &(0x7f0000001740)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0, &(0x7f00000046c0)) 2.039238759s ago: executing program 0 (id=793): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x56, &(0x7f00000000c0)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x20, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0xc, 0x1f, 0x4, "74c01ff5133cf07e"}]}}}}}}}}, 0x0) 1.814045849s ago: executing program 1 (id=794): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @local, 0x1}, r1}}, 0x30) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @mcast2}, {0x2, 0x0, 0x4, @mcast1, 0x3}, r1}}, 0x48) 1.604424365s ago: executing program 0 (id=795): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = dup(r0) ioctl$PTP_EXTTS_REQUEST2(r1, 0x40603d10, &(0x7f0000000040)={0x7}) 1.472172411s ago: executing program 1 (id=796): gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f0000004000), 0x5, 0x0, 0x0, &(0x7f0000004000), 0xb0024000) 1.299044065s ago: executing program 0 (id=797): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x2, 0x4, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000380)={r0, &(0x7f0000000300), &(0x7f0000000340)=""/55}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000a80)={r0, &(0x7f0000000940)="18", &(0x7f0000000980)=""/235}, 0x20) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={0x0, &(0x7f0000000200)=""/169, &(0x7f0000000040), &(0x7f00000003c0), 0x2, r0}, 0x38) 1.104457027s ago: executing program 1 (id=798): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0xfff) syz_emit_ethernet(0x4e, &(0x7f00000005c0)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}, @generic={0x8, 0x2}]}}}}}}}}, 0x0) 1.010099852s ago: executing program 0 (id=799): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f0000000180)={[{}, {@codepage={'codepage', 0x3d, 'iso8859-6'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-3'}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==") r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e3000000000000000000000000800030000000000140006"], 0x58}}, 0x0) 741.755936ms ago: executing program 1 (id=800): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000140)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x2, "7bf374f5"}]}}, 0x0}, 0x0) syz_usb_ep_write(r0, 0x81, 0x0, 0x0) 548.97266ms ago: executing program 0 (id=801): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) r2 = pidfd_getfd(r1, r1, 0x0) setns(r2, 0x20000) 276.49682ms ago: executing program 0 (id=802): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000600)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x29, 0xf, {0xf, 0x29, 0x0, 0x0, 0x0, 0x0, "8cda8079", "87cb6669"}}, 0x0}, 0x0) 0s ago: executing program 4 (id=803): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000002040)=ANY=[@ANYBLOB="01000000000000048e"]) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.199' (ED25519) to the list of known hosts. [ 54.465447][ T5833] cgroup: Unknown subsys name 'net' [ 54.579576][ T5833] cgroup: Unknown subsys name 'cpuset' [ 54.587465][ T5833] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 55.889911][ T5833] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 59.210540][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 59.243725][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 59.252857][ T5862] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 59.254934][ T5852] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 59.261366][ T5862] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 59.275464][ T5862] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 59.275503][ T5852] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 59.284337][ T5862] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 59.290686][ T5852] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 59.305176][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 59.312491][ T5852] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 59.320239][ T5862] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 59.327627][ T5864] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 59.329685][ T5862] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 59.342227][ T5864] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 59.347052][ T5862] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 59.352910][ T5863] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 59.364693][ T5863] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 59.364880][ T5862] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 59.375178][ T5863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 59.387197][ T5863] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 59.394750][ T5863] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 59.395314][ T5866] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 59.402053][ T5864] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 59.417414][ T5865] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 59.419769][ T5864] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 59.431921][ T5865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 59.433224][ T5864] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 59.447025][ T53] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 59.456553][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 59.834559][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 59.932334][ T5855] chnl_net:caif_netlink_parms(): no params data found [ 59.946862][ T5853] chnl_net:caif_netlink_parms(): no params data found [ 59.971913][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 60.014125][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 60.109252][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.117603][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.125073][ T5845] bridge_slave_0: entered allmulticast mode [ 60.132353][ T5845] bridge_slave_0: entered promiscuous mode [ 60.145243][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.152461][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.159832][ T5845] bridge_slave_1: entered allmulticast mode [ 60.166872][ T5845] bridge_slave_1: entered promiscuous mode [ 60.243312][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.250882][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.258110][ T5855] bridge_slave_0: entered allmulticast mode [ 60.264877][ T5855] bridge_slave_0: entered promiscuous mode [ 60.305721][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.318420][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.328462][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.335585][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.342990][ T5855] bridge_slave_1: entered allmulticast mode [ 60.350629][ T5855] bridge_slave_1: entered promiscuous mode [ 60.372500][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.379696][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.387639][ T5843] bridge_slave_0: entered allmulticast mode [ 60.394135][ T5843] bridge_slave_0: entered promiscuous mode [ 60.429205][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.438548][ T5853] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.445601][ T5853] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.452898][ T5853] bridge_slave_0: entered allmulticast mode [ 60.460114][ T5853] bridge_slave_0: entered promiscuous mode [ 60.466867][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.473953][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.481617][ T5843] bridge_slave_1: entered allmulticast mode [ 60.488304][ T5843] bridge_slave_1: entered promiscuous mode [ 60.506373][ T5845] team0: Port device team_slave_0 added [ 60.514393][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.531909][ T5853] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.539094][ T5853] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.546712][ T5853] bridge_slave_1: entered allmulticast mode [ 60.553261][ T5853] bridge_slave_1: entered promiscuous mode [ 60.588181][ T5845] team0: Port device team_slave_1 added [ 60.611077][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.620578][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.628671][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.635806][ T5848] bridge_slave_0: entered allmulticast mode [ 60.642933][ T5848] bridge_slave_0: entered promiscuous mode [ 60.659117][ T5855] team0: Port device team_slave_0 added [ 60.667003][ T5853] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.677871][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.687508][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.694843][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.702118][ T5848] bridge_slave_1: entered allmulticast mode [ 60.709378][ T5848] bridge_slave_1: entered promiscuous mode [ 60.725171][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.732363][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.759648][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 60.772619][ T5855] team0: Port device team_slave_1 added [ 60.780446][ T5853] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.823411][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 60.830681][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 60.856879][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 60.888833][ T5853] team0: Port device team_slave_0 added [ 60.897895][ T5843] team0: Port device team_slave_0 added [ 60.915385][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 60.927660][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 60.944345][ T5853] team0: Port device team_slave_1 added [ 60.952212][ T5843] team0: Port device team_slave_1 added [ 60.973419][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 60.985583][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.011991][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.025264][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.032506][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.059392][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.109986][ T5848] team0: Port device team_slave_0 added [ 61.118205][ T5848] team0: Port device team_slave_1 added [ 61.134760][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.142076][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.168266][ T5853] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.188973][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.196230][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.222262][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.238319][ T5845] hsr_slave_0: entered promiscuous mode [ 61.244621][ T5845] hsr_slave_1: entered promiscuous mode [ 61.272236][ T5853] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.279313][ T5853] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.305825][ T5853] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.323561][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.330626][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.356921][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.381593][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.388742][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.414924][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.427426][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.434392][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.460367][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.465210][ T53] Bluetooth: hci2: command tx timeout [ 61.480601][ T5855] hsr_slave_0: entered promiscuous mode [ 61.487070][ T5855] hsr_slave_1: entered promiscuous mode [ 61.493124][ T5855] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.501023][ T5855] Cannot create hsr debugfs directory [ 61.539642][ T53] Bluetooth: hci3: command tx timeout [ 61.539654][ T5857] Bluetooth: hci0: command tx timeout [ 61.539911][ T53] Bluetooth: hci1: command tx timeout [ 61.545365][ T5857] Bluetooth: hci4: command tx timeout [ 61.556323][ T5853] hsr_slave_0: entered promiscuous mode [ 61.568638][ T5853] hsr_slave_1: entered promiscuous mode [ 61.574830][ T5853] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.582864][ T5853] Cannot create hsr debugfs directory [ 61.667458][ T5843] hsr_slave_0: entered promiscuous mode [ 61.673461][ T5843] hsr_slave_1: entered promiscuous mode [ 61.679753][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.688104][ T5843] Cannot create hsr debugfs directory [ 61.707622][ T5848] hsr_slave_0: entered promiscuous mode [ 61.714037][ T5848] hsr_slave_1: entered promiscuous mode [ 61.720337][ T5848] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.728829][ T5848] Cannot create hsr debugfs directory [ 61.991234][ T5845] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 62.024188][ T5845] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 62.047039][ T5845] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 62.067772][ T5845] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 62.096556][ T5855] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 62.105817][ T5855] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 62.130556][ T5855] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 62.141056][ T5855] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 62.181948][ T5853] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 62.217178][ T5853] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 62.228887][ T5853] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 62.240178][ T5853] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 62.280011][ T5843] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 62.290017][ T5843] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 62.321746][ T5843] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 62.330710][ T5843] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 62.392565][ T5848] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 62.403113][ T5848] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 62.424102][ T5848] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 62.434449][ T5848] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 62.460926][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.507150][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.537221][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.568713][ T5855] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.592571][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.599811][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.612940][ T51] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.620040][ T51] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.661159][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.668261][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.691522][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.698644][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.712894][ T5853] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.722384][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.759678][ T5853] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.805344][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.826651][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.838577][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.845670][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.871903][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.879054][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.888740][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.895845][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.908869][ T74] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.916030][ T74] bridge0: port 2(bridge_slave_1) entered forwarding state [ 62.943823][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.015592][ T74] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.022775][ T74] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.074300][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.081849][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.100243][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.254579][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.372041][ T5845] veth0_vlan: entered promiscuous mode [ 63.415018][ T5845] veth1_vlan: entered promiscuous mode [ 63.462820][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.536811][ T5857] Bluetooth: hci2: command tx timeout [ 63.561736][ T5845] veth0_macvtap: entered promiscuous mode [ 63.579606][ T5845] veth1_macvtap: entered promiscuous mode [ 63.608691][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.617150][ T5857] Bluetooth: hci4: command tx timeout [ 63.623192][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.630561][ T5865] Bluetooth: hci0: command tx timeout [ 63.630608][ T5865] Bluetooth: hci3: command tx timeout [ 63.630705][ T5857] Bluetooth: hci1: command tx timeout [ 63.665432][ T5845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.674552][ T5845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.684264][ T5845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.693190][ T5845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.738424][ T5843] veth0_vlan: entered promiscuous mode [ 63.759577][ T5853] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.784020][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.794661][ T5843] veth1_vlan: entered promiscuous mode [ 63.814138][ T5855] veth0_vlan: entered promiscuous mode [ 63.885586][ T5843] veth0_macvtap: entered promiscuous mode [ 63.908438][ T5855] veth1_vlan: entered promiscuous mode [ 63.917799][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.921702][ T5843] veth1_macvtap: entered promiscuous mode [ 63.927053][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.968846][ T5853] veth0_vlan: entered promiscuous mode [ 63.999614][ T5848] veth0_vlan: entered promiscuous mode [ 64.008946][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.022587][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.034127][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.044272][ T5853] veth1_vlan: entered promiscuous mode [ 64.047792][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.058081][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.062465][ T5848] veth1_vlan: entered promiscuous mode [ 64.079626][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.090266][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.102068][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.128285][ T5843] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.138138][ T5843] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.147730][ T5843] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.156944][ T5843] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.200364][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 64.205773][ T5855] veth0_macvtap: entered promiscuous mode [ 64.243026][ T5848] veth0_macvtap: entered promiscuous mode [ 64.308424][ T5853] veth0_macvtap: entered promiscuous mode [ 64.324842][ T5848] veth1_macvtap: entered promiscuous mode [ 64.329581][ T5932] Driver unsupported XDP return value 0 on prog (id 2) dev N/A, expect packet loss! [ 64.333892][ T5855] veth1_macvtap: entered promiscuous mode [ 64.361361][ T5853] veth1_macvtap: entered promiscuous mode [ 64.384083][ T5855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.396827][ T5855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.406887][ T5855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.418448][ T5855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.430389][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.464426][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.475284][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.485464][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.496193][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.506072][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.516549][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.527716][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.550263][ T5855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.559752][ T5936] loop1: detected capacity change from 0 to 512 [ 64.564040][ T5855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.584189][ T5855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.596650][ T5855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.607904][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.615375][ T5936] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.7: corrupted in-inode xattr: invalid ea_ino [ 64.618994][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.639975][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.646231][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 64.650192][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.668896][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.679336][ T5848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.688599][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 64.690104][ T5848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.703922][ T5936] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.7: couldn't read orphan inode 15 (err -117) [ 64.708190][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 64.732815][ T5936] EXT4-fs (loop1): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.740733][ T5855] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.755342][ T5855] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.765958][ T5855] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.775797][ T5855] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.793109][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.804517][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.814423][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.827636][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.837867][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.848525][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.858361][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 64.869274][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 64.882355][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 64.891439][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.900654][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.911433][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.914020][ T5845] EXT4-fs (loop1): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 64.920208][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 64.982618][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 64.995033][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.007149][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.018246][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.028833][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.039373][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.049414][ T5853] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 65.060325][ T5853] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 65.071644][ T5853] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 65.101278][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.138558][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.142988][ T5853] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.165037][ T5853] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.176140][ T5853] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.185339][ T5853] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 65.278190][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.317879][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.364284][ T5945] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 65.419526][ T5946] loop1: detected capacity change from 0 to 1024 [ 65.437987][ T53] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 65.449111][ T5946] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 65.455939][ T53] CPU: 1 UID: 0 PID: 53 Comm: kworker/u9:0 Not tainted 6.12.0-rc5-next-20241104-syzkaller #0 [ 65.467965][ T53] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 65.478041][ T53] Workqueue: hci0 hci_rx_work [ 65.482778][ T53] Call Trace: [ 65.486083][ T53] [ 65.487966][ T5946] EXT4-fs (loop1): The Hurd can't support 64-bit file systems [ 65.489016][ T53] dump_stack_lvl+0x241/0x360 [ 65.501170][ T53] ? __pfx_dump_stack_lvl+0x10/0x10 [ 65.506393][ T53] ? __pfx__printk+0x10/0x10 [ 65.511023][ T53] ? __kmalloc_cache_noprof+0x243/0x390 [ 65.516573][ T53] ? sysfs_create_dir_ns+0x28a/0x3a0 [ 65.521942][ T53] sysfs_create_dir_ns+0x2ce/0x3a0 [ 65.527085][ T53] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 65.532762][ T53] kobject_add_internal+0x435/0x8d0 [ 65.537992][ T53] kobject_add+0x152/0x220 [ 65.542433][ T53] ? do_raw_spin_unlock+0x13c/0x8b0 [ 65.547645][ T53] ? device_add+0x3e7/0xbf0 [ 65.552156][ T53] ? __pfx_kobject_add+0x10/0x10 [ 65.557102][ T53] ? _raw_spin_unlock+0x28/0x50 [ 65.561969][ T53] ? get_device_parent+0x165/0x410 [ 65.567118][ T53] device_add+0x4e5/0xbf0 [ 65.571460][ T53] hci_conn_add_sysfs+0xe8/0x200 [ 65.576405][ T53] le_conn_complete_evt+0xc9f/0x12e0 [ 65.581700][ T53] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 65.587419][ T53] ? __mutex_unlock_slowpath+0x21e/0x790 [ 65.593055][ T53] ? __pfx___mutex_lock+0x10/0x10 [ 65.598090][ T53] ? skb_pull_data+0x112/0x230 [ 65.602862][ T53] hci_le_enh_conn_complete_evt+0x185/0x420 [ 65.608764][ T53] hci_event_packet+0xa55/0x1540 [ 65.613701][ T53] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 65.618992][ T53] ? __pfx_hci_event_packet+0x10/0x10 [ 65.624360][ T53] ? do_raw_spin_unlock+0x13c/0x8b0 [ 65.629566][ T53] ? hci_send_to_monitor+0xd8/0x7f0 [ 65.634765][ T53] ? kcov_remote_start+0x97/0x7d0 [ 65.639796][ T53] hci_rx_work+0x3df/0xdd0 [ 65.644212][ T53] ? process_scheduled_works+0x976/0x1850 [ 65.649931][ T53] process_scheduled_works+0xa63/0x1850 [ 65.655500][ T53] ? __pfx_process_scheduled_works+0x10/0x10 [ 65.661490][ T53] ? assign_work+0x364/0x3d0 [ 65.666085][ T53] worker_thread+0x870/0xd30 [ 65.670692][ T53] ? __kthread_parkme+0x169/0x1d0 [ 65.675722][ T53] ? __pfx_worker_thread+0x10/0x10 [ 65.680836][ T53] kthread+0x2f0/0x390 [ 65.684904][ T53] ? __pfx_worker_thread+0x10/0x10 [ 65.690019][ T53] ? __pfx_kthread+0x10/0x10 [ 65.694607][ T53] ret_from_fork+0x4b/0x80 [ 65.699023][ T53] ? __pfx_kthread+0x10/0x10 [ 65.703618][ T53] ret_from_fork_asm+0x1a/0x30 [ 65.708488][ T53] [ 65.718831][ T53] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 65.731959][ T5857] Bluetooth: hci2: command tx timeout [ 65.733684][ T53] Bluetooth: hci0: failed to register connection device [ 65.739199][ T5857] Bluetooth: hci1: command tx timeout [ 65.747681][ T53] Bluetooth: hci3: command tx timeout [ 65.753175][ T5857] Bluetooth: hci4: command tx timeout [ 65.756335][ T53] Bluetooth: hci0: command tx timeout [ 65.772495][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.785189][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.788708][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.804832][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.805017][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.822987][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.864557][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.873124][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 65.976462][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 65.984325][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 66.387646][ T5954] loop4: detected capacity change from 0 to 64 [ 66.484564][ T5958] loop3: detected capacity change from 0 to 736 [ 66.650797][ T5962] loop2: detected capacity change from 0 to 256 [ 66.752424][ T5962] FAT-fs (loop2): Directory bread(block 64) failed [ 66.765077][ T5853] rock: directory entry would overflow storage [ 66.782287][ T5962] FAT-fs (loop2): Directory bread(block 65) failed [ 66.796701][ T5853] rock: sig=0x5850, size=36, remaining=14 [ 66.798495][ T5962] FAT-fs (loop2): Directory bread(block 66) failed [ 66.816780][ T5962] FAT-fs (loop2): Directory bread(block 67) failed [ 66.824381][ T5962] FAT-fs (loop2): Directory bread(block 68) failed [ 66.831353][ T5962] FAT-fs (loop2): Directory bread(block 69) failed [ 66.857516][ T5962] FAT-fs (loop2): Directory bread(block 70) failed [ 66.864091][ T5962] FAT-fs (loop2): Directory bread(block 71) failed [ 66.871030][ T5962] FAT-fs (loop2): Directory bread(block 72) failed [ 66.895014][ T5962] FAT-fs (loop2): Directory bread(block 73) failed [ 67.004761][ T29] audit: type=1800 audit(1730742529.673:2): pid=5962 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.14" name="bus" dev="loop2" ino=1048601 res=0 errno=0 [ 67.114614][ T5972] capability: warning: `syz.3.17' uses 32-bit capabilities (legacy support in use) [ 67.167177][ T5977] program syz.3.17 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.264490][ T5976] warning: `syz.2.20' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 67.671544][ T5981] loop3: detected capacity change from 0 to 2048 [ 67.746582][ T5981] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 67.787326][ T5865] Bluetooth: hci4: command tx timeout [ 67.793065][ T5865] Bluetooth: hci3: command tx timeout [ 67.799777][ T5865] Bluetooth: hci1: command tx timeout [ 67.805247][ T5865] Bluetooth: hci0: command tx timeout [ 67.814714][ T5865] Bluetooth: hci2: command tx timeout [ 67.867883][ T5981] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 68.399154][ T5992] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.414503][ T5953] loop0: detected capacity change from 0 to 40427 [ 68.548187][ T5953] F2FS-fs (loop0): Found nat_bits in checkpoint [ 68.867027][ T5953] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 68.986412][ T6006] capability: warning: `syz.4.33' uses deprecated v2 capabilities in a way that may be insecure [ 69.007214][ T5968] loop1: detected capacity change from 0 to 32768 [ 69.014397][ T5968] XFS: ikeep mount option is deprecated. [ 69.186374][ T5968] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 69.241847][ T5843] syz-executor: attempt to access beyond end of device [ 69.241847][ T5843] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 69.362427][ T5843] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 69.398974][ T5968] XFS (loop1): Ending clean mount [ 69.477450][ T6025] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 69.736437][ T5845] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 69.757204][ T6028] input: syz0 as /devices/virtual/input/input5 [ 69.857057][ T53] Bluetooth: hci0: command tx timeout [ 70.223931][ T6036] loop4: detected capacity change from 0 to 512 [ 70.268165][ T6036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 70.306271][ T6036] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 70.368184][ T6036] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 4 index 0 [ 70.390764][ T6036] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 70.416035][ T6036] EXT4-fs error (device loop4): ext4_acquire_dquot:6887: comm syz.4.44: Failed to acquire dquot type 0 [ 70.511653][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 70.575256][ T6024] loop2: detected capacity change from 0 to 32768 [ 70.593972][ T6024] XFS: ikeep mount option is deprecated. [ 70.619296][ T6024] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 70.661320][ T6024] XFS (loop2): Ending clean mount [ 70.671495][ T6024] XFS (loop2): Quotacheck needed: Please wait. [ 70.711460][ T6024] XFS (loop2): Quotacheck: Done. [ 70.743908][ T6024] syz.2.39 (6024) used greatest stack depth: 18960 bytes left [ 70.804068][ T5848] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 71.071007][ T6049] loop0: detected capacity change from 0 to 1024 [ 71.161078][ T6049] EXT4-fs: Ignoring removed orlov option [ 71.168006][ T6049] EXT4-fs (loop0): Test dummy encryption mode enabled [ 71.175274][ T6049] EXT4-fs (loop0): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 71.191138][ T6049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 71.285081][ T6049] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 71.367755][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.391786][ T24] sched: DL replenish lagged too much [ 71.517284][ T6058] netlink: 8 bytes leftover after parsing attributes in process `syz.3.48'. [ 71.531860][ T6058] netlink: 'syz.3.48': attribute type 30 has an invalid length. [ 71.545247][ T6058] netlink: 'syz.3.48': attribute type 1 has an invalid length. [ 71.636696][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.643203][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.804593][ T6079] loop3: detected capacity change from 0 to 2048 [ 72.835350][ T6079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.880481][ T29] audit: type=1800 audit(1730742535.583:3): pid=6079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.58" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 72.962769][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.663744][ T974] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 73.937373][ T974] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 74.003566][ T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 74.064952][ T6095] loop2: detected capacity change from 0 to 2048 [ 74.072860][ T974] usb 4-1: config 0 descriptor?? [ 74.188427][ T974] gspca_main: spca508-2.14.0 probing 8086:0110 [ 74.244105][ T6095] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 74.395025][ T974] gspca_spca508: reg_read err -32 [ 74.453145][ T974] gspca_spca508: reg_read err -32 [ 74.741681][ T974] gspca_spca508: reg_read err -71 [ 74.762529][ T974] gspca_spca508: reg_read err -71 [ 74.808456][ T974] gspca_spca508: reg write: error -71 [ 74.866168][ T974] spca508 4-1:0.0: probe with driver spca508 failed with error -71 [ 74.966409][ T974] usb 4-1: USB disconnect, device number 2 [ 75.068306][ T6112] @: renamed from vlan0 (while UP) [ 75.083138][ T6114] loop0: detected capacity change from 0 to 512 [ 75.101434][ T6114] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 75.123603][ T6114] EXT4-fs (loop0): 1 truncate cleaned up [ 75.137184][ T6114] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.317345][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.594411][ T6102] loop1: detected capacity change from 0 to 40427 [ 75.642958][ T6102] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 75.703073][ T6102] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 75.757723][ T6131] sctp: [Deprecated]: syz.4.76 (pid 6131) Use of struct sctp_assoc_value in delayed_ack socket option. [ 75.757723][ T6131] Use struct sctp_sack_info instead [ 75.798316][ T6102] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x1fffff [ 75.852244][ T6102] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x6 [ 75.864102][ T6102] F2FS-fs (loop1): invalid crc value [ 75.928032][ T6102] F2FS-fs (loop1): Found nat_bits in checkpoint [ 76.033099][ T6102] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 76.043967][ T6102] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 76.182933][ T5845] syz-executor: attempt to access beyond end of device [ 76.182933][ T5845] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 76.240595][ T5845] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 76.469657][ T6159] loop4: detected capacity change from 0 to 2048 [ 76.561279][ T6159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.749377][ T9] cfg80211: failed to load regulatory.db [ 76.750426][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.201448][ T6151] loop0: detected capacity change from 0 to 40427 [ 77.220779][ T6151] F2FS-fs (loop0): invalid crc value [ 77.275776][ T6151] F2FS-fs (loop0): Found nat_bits in checkpoint [ 77.416463][ T6151] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4 [ 77.541156][ T6151] syz.0.82: attempt to access beyond end of device [ 77.541156][ T6151] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 77.604415][ T6151] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 77.614269][ T6195] loop1: detected capacity change from 0 to 64 [ 77.658642][ T6191] loop3: detected capacity change from 0 to 4096 [ 77.674301][ T6191] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 77.727090][ T6191] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 77.816768][ T6193] Bluetooth: MGMT ver 1.23 [ 77.873111][ T6195] hfs: bad catalog entry type 0 [ 78.121623][ T6201] loop3: detected capacity change from 0 to 2048 [ 78.201755][ T6201] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 78.228700][ T6206] loop4: detected capacity change from 0 to 4096 [ 78.259201][ T6210] loop2: detected capacity change from 0 to 256 [ 78.271000][ T6210] exfat: Deprecated parameter 'namecase' [ 78.332638][ T6210] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 78.376714][ T6212] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 78.481390][ T29] audit: type=1800 audit(1730742541.173:4): pid=6210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.108" name="bus" dev="loop2" ino=1048603 res=0 errno=0 [ 79.000437][ T6229] loop0: detected capacity change from 0 to 2048 [ 79.018158][ T6227] program syz.1.114 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.136678][ T6215] loop3: detected capacity change from 0 to 32768 [ 79.569423][ T6241] loop1: detected capacity change from 0 to 128 [ 80.064926][ T6255] netlink: 'syz.1.127': attribute type 15 has an invalid length. [ 80.086360][ T57] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 80.298683][ T57] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 80.313244][ T57] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 80.350057][ T57] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 80.368065][ T6243] loop0: detected capacity change from 0 to 32768 [ 80.374536][ T57] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 80.408117][ T6247] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 80.412397][ T6243] XFS (loop0): DAX unsupported by block device. Turning off DAX. [ 80.435337][ T57] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 80.453156][ T6243] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 80.463155][ T6263] netlink: 8 bytes leftover after parsing attributes in process `syz.3.129'. [ 80.523262][ T6243] XFS (loop0): Ending clean mount [ 80.563161][ T6243] XFS (loop0): Quotacheck needed: Please wait. [ 80.657165][ T6243] XFS (loop0): Quotacheck: Done. [ 80.688501][ T6273] netlink: 'syz.3.130': attribute type 10 has an invalid length. [ 80.719629][ T6273] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 80.822572][ T6275] loop1: detected capacity change from 0 to 128 [ 80.830681][ T6275] ======================================================= [ 80.830681][ T6275] WARNING: The mand mount option has been deprecated and [ 80.830681][ T6275] and is ignored by this kernel. Remove the mand [ 80.830681][ T6275] option from the mount to silence this warning. [ 80.830681][ T6275] ======================================================= [ 80.899092][ T5859] usb 3-1: USB disconnect, device number 2 [ 81.002925][ T5843] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 81.122864][ T6283] loop1: detected capacity change from 0 to 1024 [ 81.215593][ T6287] loop4: detected capacity change from 0 to 64 [ 81.269174][ T6287] hfs: request for non-existent node 1280 in B*Tree [ 81.292766][ T6287] hfs: request for non-existent node 1280 in B*Tree [ 81.307489][ T6287] hfs: request for non-existent node 1280 in B*Tree [ 81.331454][ T6287] hfs: request for non-existent node 1280 in B*Tree [ 81.473914][ T6291] loop4: detected capacity change from 0 to 64 [ 81.677656][ T6297] loop4: detected capacity change from 0 to 512 [ 81.702045][ T6297] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 81.739238][ T6300] loop2: detected capacity change from 0 to 64 [ 81.755255][ T6297] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 81.775551][ T6300] BFS-fs: bfs_readdir(): Bad f_pos=00000003 for loop2:00000002 [ 81.840836][ T6297] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.143: invalid indirect mapped block 4294967295 (level 0) [ 81.868450][ T6297] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.143: invalid indirect mapped block 4294967295 (level 1) [ 81.916529][ T6297] EXT4-fs (loop4): 1 orphan inode deleted [ 81.922369][ T6297] EXT4-fs (loop4): 1 truncate cleaned up [ 81.966822][ T6297] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.011194][ T6297] EXT4-fs (loop4): shut down requested (2) [ 82.103964][ T6310] loop1: detected capacity change from 0 to 1024 [ 82.130751][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.232583][ T6310] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 82.262514][ T6310] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 82.405506][ T29] audit: type=1800 audit(1730742545.103:5): pid=6310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.149" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 82.542542][ T29] audit: type=1804 audit(1730742545.213:6): pid=6310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.149" name="/newroot/28/file1/file1" dev="loop1" ino=15 res=1 errno=0 [ 82.627290][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 82.723905][ T6314] loop3: detected capacity change from 0 to 32768 [ 82.853264][ T6313] loop2: detected capacity change from 0 to 32768 [ 82.874893][ T6314] JBD2: Ignoring recovery information on journal [ 82.902903][ T6313] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 82.951702][ T6314] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 83.101781][ T6339] netlink: 132 bytes leftover after parsing attributes in process `syz.1.156'. [ 83.161658][ T29] audit: type=1800 audit(1730742545.863:7): pid=6314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.148" name="file1" dev="loop3" ino=16946 res=0 errno=0 [ 83.268425][ T6313] XFS (loop2): Ending clean mount [ 83.311871][ T6345] loop0: detected capacity change from 0 to 2048 [ 83.369807][ T6348] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 83.417119][ T5853] ocfs2: Unmounting device (7,3) on (node local) [ 83.447992][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 83.783082][ T6356] netlink: 14601 bytes leftover after parsing attributes in process `syz.0.163'. [ 83.836214][ T5898] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 83.904990][ T6359] loop1: detected capacity change from 0 to 256 [ 83.962128][ T6362] ax25_connect(): syz.2.162 uses autobind, please contact jreuter@yaina.de [ 84.019595][ T5898] usb 4-1: Using ep0 maxpacket: 32 [ 84.031785][ T5898] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.064471][ T5898] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 84.095060][ T5898] usb 4-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5 [ 84.123177][ T6341] loop4: detected capacity change from 0 to 32768 [ 84.136743][ T5898] usb 4-1: config 0 interface 0 has no altsetting 0 [ 84.143404][ T5898] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00 [ 84.167040][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.184334][ T5898] usb 4-1: config 0 descriptor?? [ 84.195541][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.168'. [ 84.227313][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.168'. [ 84.234745][ T6341] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 84.252837][ T6375] netlink: 'syz.1.169': attribute type 1 has an invalid length. [ 84.265059][ T6375] netlink: 'syz.1.169': attribute type 4 has an invalid length. [ 84.272901][ T6375] netlink: 192 bytes leftover after parsing attributes in process `syz.1.169'. [ 84.445417][ T6381] loop1: detected capacity change from 0 to 2048 [ 84.529622][ T6341] XFS (loop4): Ending clean mount [ 84.532044][ T6381] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 84.567875][ T25] kernel read not supported for file /dsp (pid: 25 comm: kworker/1:0) [ 84.638795][ T5898] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 84.638804][ T5855] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 84.707268][ T5898] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 84.715249][ T5898] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 84.735609][ T5898] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 84.744257][ T5898] hid-thrustmaster 0003:044F:B65D.0001: unknown main item tag 0x0 [ 84.773628][ T5898] hid-thrustmaster 0003:044F:B65D.0001: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.3-1/input0 [ 84.818634][ T6391] loop1: detected capacity change from 0 to 2048 [ 84.940655][ T6394] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 85.030051][ T5898] hid-thrustmaster 0003:044F:B65D.0001: setup data couldn't be sent [ 85.039968][ C1] hid-thrustmaster 0003:044F:B65D.0001: URB to get model id failed with error -71 [ 85.044204][ T6391] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0 [ 85.070182][ T6391] Remounting filesystem read-only [ 85.072924][ T5898] usb 4-1: USB disconnect, device number 3 [ 85.196586][ T6399] process 'syz.4.175' launched './file0' with NULL argv: empty string added [ 85.245972][ T974] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 85.268147][ T6401] loop1: detected capacity change from 0 to 128 [ 85.334338][ T5845] sysv_free_block: flc_count > flc_size [ 85.341646][ T5845] sysv_free_block: flc_count > flc_size [ 85.365934][ T5845] sysv_free_block: flc_count > flc_size [ 85.372177][ T5845] sysv_free_block: flc_count > flc_size [ 85.384074][ T5845] sysv_free_block: flc_count > flc_size [ 85.392608][ T5845] sysv_free_block: flc_count > flc_size [ 85.402736][ T5845] sysv_free_block: flc_count > flc_size [ 85.409756][ T5845] sysv_free_block: flc_count > flc_size [ 85.415325][ T5845] sysv_free_block: flc_count > flc_size [ 85.416404][ T974] usb 3-1: Using ep0 maxpacket: 8 [ 85.425549][ T5845] sysv_free_block: flc_count > flc_size [ 85.435655][ T5845] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 85.446569][ T974] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 85.467372][ T974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 85.503655][ T974] usb 3-1: Product: syz [ 85.514951][ T974] usb 3-1: Manufacturer: syz [ 85.526079][ T974] usb 3-1: SerialNumber: syz [ 85.538023][ T974] usb 3-1: config 0 descriptor?? [ 85.771969][ T974] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 85.842272][ T6418] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 85.903943][ T6418] CIFS mount error: No usable UNC path provided in device string! [ 85.903943][ T6418] [ 85.932301][ T6418] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 86.169505][ T6424] netlink: 32 bytes leftover after parsing attributes in process `syz.4.191'. [ 86.306885][ T974] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71 [ 86.375590][ T974] usb 3-1: USB disconnect, device number 3 [ 86.439282][ T6430] netlink: 124 bytes leftover after parsing attributes in process `syz.0.193'. [ 86.697431][ T6435] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 86.725949][ T6437] overlayfs: missing 'workdir' [ 86.876080][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 86.963735][ T6451] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 87.035985][ T9] usb 5-1: Using ep0 maxpacket: 16 [ 87.045222][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 87.063042][ T9] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 87.072396][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 87.086005][ T9] usb 5-1: Product: syz [ 87.090210][ T9] usb 5-1: Manufacturer: syz [ 87.105078][ T9] usb 5-1: SerialNumber: syz [ 87.120726][ T9] usb 5-1: config 0 descriptor?? [ 87.140476][ T9] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 87.156051][ T57] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 87.174145][ T9] em28xx 5-1:0.0: DVB interface 0 found: bulk [ 87.316083][ T57] usb 2-1: Using ep0 maxpacket: 16 [ 87.332117][ T57] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.363781][ T57] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.378499][ T57] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 87.407714][ T57] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.428793][ T57] usb 2-1: config 0 descriptor?? [ 87.516026][ T5898] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 87.685936][ T5898] usb 4-1: Using ep0 maxpacket: 16 [ 87.694936][ T5898] usb 4-1: config 0 has an invalid interface number: 4 but max is 0 [ 87.703757][ T5898] usb 4-1: config 0 has no interface number 0 [ 87.710045][ T5898] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.721525][ T5898] usb 4-1: config 0 interface 4 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.731756][ T5898] usb 4-1: New USB device found, idVendor=046d, idProduct=c517, bcdDevice= 0.00 [ 87.739959][ T9] em28xx 5-1:0.0: chip ID is em28174 [ 87.740861][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.778003][ T6477] xt_hashlimit: size too large, truncated to 1048576 [ 87.787777][ T5898] usb 4-1: config 0 descriptor?? [ 87.850256][ T57] corsair 0003:1B1C:1B02.0002: unknown main item tag 0x0 [ 87.873652][ T57] corsair 0003:1B1C:1B02.0002: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.1-1/input0 [ 88.007184][ T9] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 88.035380][ T9] em28xx 5-1:0.0: board has no eeprom [ 88.050954][ T57] corsair 0003:1B1C:1B02.0002: Read invalid backlight brightness: db. [ 88.176266][ T9] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 88.184376][ T9] em28xx 5-1:0.0: dvb set to bulk mode. [ 88.196271][ T5859] em28xx 5-1:0.0: Binding DVB extension [ 88.209934][ T5898] logitech-djreceiver 0003:046D:C517.0003: unknown main item tag 0x0 [ 88.216271][ T6475] loop2: detected capacity change from 0 to 32768 [ 88.228744][ T6475] XFS: ikeep mount option is deprecated. [ 88.234169][ T5898] logitech-djreceiver 0003:046D:C517.0003: unknown main item tag 0x0 [ 88.235542][ T9] usb 5-1: USB disconnect, device number 2 [ 88.249320][ T9] em28xx 5-1:0.0: Disconnecting em28xx [ 88.274922][ T8] usb 2-1: USB disconnect, device number 2 [ 88.300785][ T5898] logitech-djreceiver 0003:046D:C517.0003: unknown main item tag 0x0 [ 88.310585][ T6475] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 88.324818][ T5898] logitech-djreceiver 0003:046D:C517.0003: unknown main item tag 0x0 [ 88.334081][ T5859] em28xx 5-1:0.0: Registering input extension [ 88.362470][ T5898] logitech-djreceiver 0003:046D:C517.0003: unknown main item tag 0x0 [ 88.383146][ T5898] logitech-djreceiver 0003:046D:C517.0003: hidraw0: USB HID v0.05 Device [HID 046d:c517] on usb-dummy_hcd.3-1/input4 [ 88.422972][ T5898] usb 4-1: USB disconnect, device number 4 [ 88.516342][ T5859] rc_core: IR keymap rc-pinnacle-pctv-hd not found [ 88.523190][ T5859] Registered IR keymap rc-empty [ 88.543383][ T6475] XFS (loop2): Ending clean mount [ 88.569040][ T5859] rc rc0: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 88.585693][ T6475] XFS (loop2): Quotacheck needed: Please wait. [ 88.600631][ T5859] input: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input6 [ 88.682163][ T6475] XFS (loop2): Quotacheck: Done. [ 88.682911][ T5859] em28xx 5-1:0.0: Input extension successfully initialized [ 88.701832][ T9] em28xx 5-1:0.0: Closing input extension [ 88.778206][ T9] em28xx 5-1:0.0: Freeing device [ 88.803656][ T6494] sch_fq: defrate 4294967292 ignored. [ 88.859599][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 89.431934][ T6508] loop4: detected capacity change from 0 to 128 [ 89.633927][ T6510] netlink: 8 bytes leftover after parsing attributes in process `syz.2.224'. [ 89.656178][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.224'. [ 89.869646][ T6512] loop2: detected capacity change from 0 to 1024 [ 89.905779][ T12] kworker/u8:1: attempt to access beyond end of device [ 89.905779][ T12] loop4: rw=1, sector=145, nr_sectors = 896 limit=128 [ 89.938894][ T6512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 90.248255][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 90.261555][ T6500] loop3: detected capacity change from 0 to 32768 [ 90.326826][ T6500] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 90.682265][ T6500] XFS (loop3): Ending clean mount [ 90.706153][ T6530] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 90.712944][ T6530] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 90.737483][ T6500] XFS (loop3): Quotacheck needed: Please wait. [ 90.853325][ T6530] vhci_hcd vhci_hcd.0: Device attached [ 90.887512][ T6500] XFS (loop3): Quotacheck: Done. [ 90.950709][ T6531] vhci_hcd: connection closed [ 90.984794][ T1142] vhci_hcd: stop threads [ 91.021491][ T1142] vhci_hcd: release socket [ 91.026362][ T9] usb 41-1: new high-speed USB device number 2 using vhci_hcd [ 91.051962][ T1142] vhci_hcd: disconnect device [ 91.181708][ T5853] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 91.665627][ T6547] loop4: detected capacity change from 0 to 512 [ 91.714677][ T6547] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 91.815069][ T6547] EXT4-fs (loop4): 1 truncate cleaned up [ 91.842172][ T6547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 91.944023][ T6547] fscrypt (loop4, inode 18): Unsupported encryption flags (0x10) [ 92.176061][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.369973][ T6563] loop1: detected capacity change from 0 to 1024 [ 92.409711][ T6563] EXT4-fs: Ignoring removed orlov option [ 92.416078][ T5897] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 92.433490][ T6563] EXT4-fs (loop1): Test dummy encryption mode enabled [ 92.448868][ T6569] loop4: detected capacity change from 0 to 512 [ 92.457101][ T6563] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 92.494247][ T6563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 92.531126][ T6569] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 92.565720][ T6569] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 92.598113][ T5897] usb 4-1: Using ep0 maxpacket: 16 [ 92.609455][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.620793][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.631029][ T5897] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 92.640498][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 92.640736][ T6569] overlayfs: conflicting options: nfs_export=on,index=off [ 92.657155][ T5897] usb 4-1: config 0 descriptor?? [ 92.698380][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 92.730150][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 93.025753][ T6565] loop2: detected capacity change from 0 to 32768 [ 93.069895][ T6565] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 93.329172][ T6565] XFS (loop2): Ending clean mount [ 93.363851][ T6565] XFS (loop2): Quotacheck needed: Please wait. [ 93.396962][ T5897] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 93.397002][ T5897] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 93.397030][ T5897] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 93.397057][ T5897] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 93.397083][ T5897] cp2112 0003:10C4:EA90.0004: unknown main item tag 0x0 [ 93.412246][ T5897] cp2112 0003:10C4:EA90.0004: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 93.526740][ T6565] XFS (loop2): Quotacheck: Done. [ 93.575751][ T5897] cp2112 0003:10C4:EA90.0004: Part Number: 0x00 Device Version: 0x00 [ 93.659454][ T5848] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 93.816173][ T5897] cp2112 0003:10C4:EA90.0004: error requesting SMBus config [ 93.826731][ T5897] cp2112 0003:10C4:EA90.0004: probe with driver cp2112 failed with error -71 [ 93.862543][ T5897] usb 4-1: USB disconnect, device number 5 [ 94.635413][ T6644] loop0: detected capacity change from 0 to 256 [ 94.643483][ T6645] loop2: detected capacity change from 0 to 128 [ 94.686120][ T5897] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 94.856041][ T5897] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 94.885201][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.914628][ T5897] usb 2-1: config 0 descriptor?? [ 94.932979][ T5897] cp210x 2-1:0.0: cp210x converter detected [ 94.999877][ T6652] netlink: 19 bytes leftover after parsing attributes in process `syz.2.275'. [ 95.106121][ T971] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 95.322194][ T971] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 95.344899][ T5897] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 95.370868][ T971] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 95.392498][ T5897] usb 2-1: cp210x converter now attached to ttyUSB0 [ 95.401447][ T971] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 95.435374][ T971] usb 1-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00 [ 95.476582][ T971] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.498454][ T971] usb 1-1: config 0 descriptor?? [ 95.568759][ T5897] usb 2-1: USB disconnect, device number 3 [ 95.604098][ T5897] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 95.635063][ T5897] cp210x 2-1:0.0: device disconnected [ 95.782902][ T29] audit: type=1400 audit(1730742558.483:8): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200D3A544850656C696769626C653A2020202020202020202020300A566D466C6167733A206D72206D77206D65207364200A32303030303030302D323130303030303020727778702030303030303030302030303A30302030200A53697A653A20202020202020202020202020203136333834206B420A4B65726E656C5061676553697A653A202020202020202034206B420A4D4D555061676553697A653A202020202020202020202034206B420A5273733A2020202020202020202020202020202020202034206B420A5073733A2020202020202020202020202020202020202034206B420A5073735F44697274793A pid=6672 comm="syz.4.284" [ 95.939287][ T971] betop 0003:11C2:2208.0005: unknown main item tag 0x0 [ 95.961601][ T971] betop 0003:11C2:2208.0005: unknown main item tag 0x0 [ 96.047814][ T971] betop 0003:11C2:2208.0005: unknown main item tag 0x0 [ 96.084120][ T971] betop 0003:11C2:2208.0005: hidraw0: USB HID v0.00 Device [HID 11c2:2208] on usb-dummy_hcd.0-1/input0 [ 96.127056][ T971] betop 0003:11C2:2208.0005: no inputs found [ 96.166252][ T9] vhci_hcd: vhci_device speed not set [ 96.171602][ T971] usb 1-1: USB disconnect, device number 2 [ 96.693533][ T6693] loop3: detected capacity change from 0 to 2048 [ 96.741021][ T6693] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 97.340906][ T6685] loop2: detected capacity change from 0 to 32768 [ 97.471810][ T6685] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 97.615124][ T6685] XFS (loop2): Ending clean mount [ 97.625774][ T6685] XFS (loop2): Quotacheck needed: Please wait. [ 97.688799][ T6685] XFS (loop2): Quotacheck: Done. [ 98.009502][ T5848] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 98.143850][ T6728] netlink: zone id is out of range [ 98.187320][ T6728] netlink: set zone limit has 4 unknown bytes [ 98.825389][ T6740] netlink: 'syz.1.310': attribute type 1 has an invalid length. [ 98.944933][ T6744] nvme_fabrics: missing parameter 'transport=%s' [ 98.996294][ T6744] nvme_fabrics: missing parameter 'nqn=%s' [ 99.793768][ T6722] loop3: detected capacity change from 0 to 32768 [ 100.327875][ T6775] tap0: tun_chr_ioctl cmd 1074025680 [ 101.175842][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 101.407037][ T8] usb 4-1: config 0 interface 0 has no altsetting 0 [ 101.413720][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 101.497128][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 101.589741][ T6760] loop4: detected capacity change from 0 to 32768 [ 101.612348][ T8] usb 4-1: config 0 descriptor?? [ 101.767508][ T6760] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 102.085851][ T5855] ocfs2: Unmounting device (7,4) on (node local) [ 102.379105][ T6801] loop1: detected capacity change from 0 to 1024 [ 102.530768][ T8] video4linux radio48: keene_cmd_main failed (-71) [ 102.554437][ T6801] hfsplus: request for non-existent node 3 in B*Tree [ 102.581427][ T8] radio-keene 4-1:0.0: V4L2 device registered as radio48 [ 102.619216][ T6801] hfsplus: request for non-existent node 3 in B*Tree [ 102.676040][ T8] usb 4-1: USB disconnect, device number 6 [ 103.658047][ T6786] loop0: detected capacity change from 0 to 32768 [ 103.875114][ T8] kernel read not supported for file /dsp (pid: 8 comm: kworker/0:0) [ 104.495795][ T6820] veth1_macvtap: left promiscuous mode [ 104.696830][ T5897] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 104.776077][ T6830] Cannot find add_set index 0 as target [ 104.898741][ T5897] usb 3-1: Using ep0 maxpacket: 16 [ 104.974797][ T5897] usb 3-1: config 0 interface 0 has no altsetting 0 [ 105.056032][ T5897] usb 3-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82 [ 105.065133][ T5897] usb 3-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10 [ 105.188298][ T5897] usb 3-1: Product: syz [ 105.192528][ T5897] usb 3-1: Manufacturer: syz [ 105.256304][ T5897] usb 3-1: SerialNumber: syz [ 105.305773][ T5897] usb 3-1: config 0 descriptor?? [ 105.625852][ T6828] loop2: detected capacity change from 0 to 16 [ 105.788568][ T6828] erofs: (device loop2): mounted with root inode @ nid 36. [ 105.812598][ T6846] loop3: detected capacity change from 0 to 256 [ 105.898561][ T5897] usb 3-1: selecting invalid altsetting 1 [ 106.159569][ T5897] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22 [ 106.503922][ T5854] udevd[5854]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 106.552867][ T6859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.358'. [ 106.599702][ T6859] netlink: 16 bytes leftover after parsing attributes in process `syz.1.358'. [ 106.890532][ T6864] netlink: 32 bytes leftover after parsing attributes in process `syz.4.361'. [ 107.252746][ T29] audit: type=1326 audit(1730742569.913:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6870 comm="syz.2.364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0faf7e719 code=0x0 [ 107.512673][ T6879] loop1: detected capacity change from 0 to 64 [ 109.106309][ T5897] usb 3-1: USB disconnect, device number 4 [ 109.495294][ T6867] loop0: detected capacity change from 0 to 32768 [ 109.886245][ T6867] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop0": -EINTR [ 110.706329][ T6938] loop1: detected capacity change from 0 to 512 [ 110.928421][ T6938] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 110.935847][ T6938] UDF-fs: Scanning with blocksize 512 failed [ 110.994350][ T6938] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 111.038100][ T6938] UDF-fs: Scanning with blocksize 1024 failed [ 111.095395][ T6938] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found [ 111.144845][ T6938] UDF-fs: Scanning with blocksize 2048 failed [ 111.192657][ T6938] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 111.272100][ T6938] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 111.394066][ T6942] loop3: detected capacity change from 0 to 2048 [ 111.512902][ T6942] Alternate GPT is invalid, using primary GPT. [ 111.556124][ T6942] loop3: p1 p2 p3 [ 111.871411][ T6950] loop4: detected capacity change from 0 to 4096 [ 112.318581][ T6950] ntfs3(loop4): ino=0, "file0" failed to parse mft record [ 112.957241][ T6971] gretap0: entered promiscuous mode [ 113.048733][ T6971] erspan0: entered promiscuous mode [ 113.467975][ T6982] vlan2: entered promiscuous mode [ 113.473345][ T6982] vlan2: entered allmulticast mode [ 113.480154][ T6982] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 113.488016][ T6982] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 113.500368][ T6982] team0: Port device vlan2 added [ 114.580057][ T7000] loop4: detected capacity change from 0 to 128 [ 114.615839][ T6998] loop0: detected capacity change from 0 to 2048 [ 114.644527][ T7000] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 114.722700][ T7000] syz.4.416: attempt to access beyond end of device [ 114.722700][ T7000] loop4: rw=2049, sector=2066843070, nr_sectors = 1 limit=128 [ 114.788728][ T7003] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 114.907737][ T6998] NILFS (loop0): error -2 truncating bmap (ino=16) [ 114.929974][ T7003] NILFS (loop0): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 114.993719][ T5855] sysv_free_block: trying to free block not in datazone [ 115.011762][ T7003] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16) [ 115.044824][ T5855] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 115.091209][ T7003] Remounting filesystem read-only [ 115.193668][ T7006] loop3: detected capacity change from 0 to 2048 [ 115.243956][ T5843] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 115.277489][ T7006] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 115.293922][ T6967] loop1: detected capacity change from 0 to 32768 [ 115.434802][ T6967] XFS (loop1): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 115.699759][ T6967] XFS (loop1): Ending clean mount [ 115.766302][ T7022] netlink: 16 bytes leftover after parsing attributes in process `syz.4.422'. [ 115.883813][ T7025] loop2: detected capacity change from 0 to 256 [ 115.894242][ T5845] XFS (loop1): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 115.941392][ T7025] exfat: Deprecated parameter 'utf8' [ 116.054218][ T7025] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 116.582785][ T7039] loop3: detected capacity change from 0 to 164 [ 116.650396][ T7039] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 116.791927][ T7044] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 116.898614][ T7044] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 116.958635][ T7044] batman_adv: batadv0: Adding interface: gretap1 [ 116.990986][ T7044] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.145852][ T7044] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 117.181987][ T7034] mmap: syz.0.429 (7034) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 117.248515][ T7049] misc userio: Can't change port type on an already running userio instance [ 118.393497][ T7063] loop0: detected capacity change from 0 to 512 [ 118.401333][ T7063] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 118.455489][ T7043] loop2: detected capacity change from 0 to 32768 [ 118.463867][ T7043] XFS: ikeep mount option is deprecated. [ 118.811673][ T7063] EXT4-fs (loop0): 1 truncate cleaned up [ 118.818683][ T7063] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 119.104425][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 119.151381][ T7043] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 119.191682][ T7078] loop3: detected capacity change from 0 to 1024 [ 119.326377][ T971] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 119.454809][ T7078] hfsplus: request for non-existent node 3 in B*Tree [ 119.486121][ T971] usb 5-1: Using ep0 maxpacket: 16 [ 119.497381][ T7078] hfsplus: request for non-existent node 3 in B*Tree [ 119.513073][ T7043] XFS (loop2): Ending clean mount [ 119.520936][ T971] usb 5-1: config 0 has no interfaces? [ 119.539548][ T971] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 119.575420][ T7043] XFS (loop2): Quotacheck needed: Please wait. [ 119.604056][ T971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 119.663326][ T971] usb 5-1: config 0 descriptor?? [ 119.699220][ T7043] XFS (loop2): Quotacheck: Done. [ 119.889740][ T7090] loop1: detected capacity change from 0 to 2048 [ 119.952479][ T7079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.996023][ T5848] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 120.026679][ T7090] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 120.040416][ T7079] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.102815][ T971] usb 5-1: USB disconnect, device number 3 [ 120.370315][ T5845] UDF-fs: warning (device loop1): udf_evict_inode: Inode 1367 (mode 120777) has inode size 17 different from extent length 512. Filesystem need not be standards compliant. [ 120.646411][ T971] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 120.871010][ T7103] loop2: detected capacity change from 0 to 512 [ 120.895814][ T971] usb 5-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.932985][ T7103] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 120.956122][ T971] usb 5-1: config 0 interface 0 has no altsetting 0 [ 120.986136][ T971] usb 5-1: New USB device found, idVendor=0c45, idProduct=0010, bcdDevice= 0.00 [ 121.021229][ T7103] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 121.046806][ T971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.078338][ T971] usb 5-1: config 0 descriptor?? [ 121.320417][ T971] usbhid 5-1:0.0: can't add hid device: -71 [ 121.344885][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.355433][ T971] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 121.387752][ T971] usb 5-1: USB disconnect, device number 4 [ 121.524437][ T7113] input: syz0 as /devices/virtual/input/input8 [ 122.263218][ T7115] loop3: detected capacity change from 0 to 32768 [ 122.297332][ T7115] ERROR: (device loop3): dtSearch: DT_GETPAGE: dtree page corrupt [ 122.297332][ T7115] [ 122.361465][ T7115] ERROR: (device loop3): remounting filesystem as read-only [ 122.379352][ T7115] jfs_lookup: dtSearch returned -5 [ 122.396121][ T7118] ERROR: (device loop3): dtReadFirst: DT_GETPAGE: dtree page corrupt [ 122.396121][ T7118] [ 122.414071][ T7118] jfs_readdir: unexpected rc = -5 from dtReadNext [ 122.784626][ T7117] netlink: 8 bytes leftover after parsing attributes in process `syz.4.461'. [ 125.086194][ T7130] loop3: detected capacity change from 0 to 32768 [ 125.113673][ T7134] loop1: detected capacity change from 0 to 32768 [ 125.121178][ T7130] XFS: attr2 mount option is deprecated. [ 125.192590][ T7134] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.467 (7134) [ 125.251182][ T7130] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 125.354827][ T7130] XFS (loop3): Ending clean mount [ 125.425456][ T7130] XFS (loop3): Quotacheck needed: Please wait. [ 125.463226][ T7134] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 125.547470][ T7130] XFS (loop3): Quotacheck: Done. [ 125.553539][ T7134] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 125.609863][ T7134] BTRFS info (device loop1): using free-space-tree [ 125.752719][ T7133] netlink: 12 bytes leftover after parsing attributes in process `syz.0.468'. [ 125.775452][ T5853] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 125.803387][ T7136] netlink: 12 bytes leftover after parsing attributes in process `syz.0.468'. [ 125.861261][ T7136] Zero length message leads to an empty skb [ 127.114801][ T5845] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 127.382276][ T7176] loop0: detected capacity change from 0 to 32768 [ 127.440128][ T7189] loop3: detected capacity change from 0 to 512 [ 127.622582][ T7176] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 128.065083][ T7166] loop2: detected capacity change from 0 to 32768 [ 128.095471][ T29] audit: type=1800 audit(1730742590.793:10): pid=7166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.474" name="bus" dev="loop2" ino=7 res=0 errno=0 [ 128.438578][ T7176] XFS (loop0): Ending clean mount [ 128.445653][ T7176] XFS (loop0): Quotacheck needed: Please wait. [ 128.516651][ T7176] XFS (loop0): Quotacheck: Done. [ 128.647550][ T7189] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 128.660316][ T7189] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 128.740838][ T29] audit: type=1800 audit(1730742591.443:11): pid=7189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.481" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 129.038082][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 129.057221][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.085412][ T7197] loop4: detected capacity change from 0 to 32768 [ 129.235569][ T7210] loop2: detected capacity change from 0 to 736 [ 129.527187][ T5848] rock: directory entry would overflow storage [ 129.533682][ T5848] rock: sig=0x5850, size=36, remaining=14 [ 129.631594][ T7197] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 130.614847][ T7197] XFS (loop4): Ending clean mount [ 130.835091][ T5855] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 131.592626][ T7230] loop1: detected capacity change from 0 to 32768 [ 131.919427][ T7222] loop2: detected capacity change from 0 to 40427 [ 131.963096][ T7222] F2FS-fs (loop2): invalid crc value [ 131.983880][ T7222] F2FS-fs (loop2): Found nat_bits in checkpoint [ 132.135571][ T7222] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 132.382113][ T5848] syz-executor: attempt to access beyond end of device [ 132.382113][ T5848] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 132.441223][ T7237] loop4: detected capacity change from 0 to 32768 [ 132.496409][ T5848] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 133.087246][ T7230] workqueue: Failed to create a rescuer kthread for wq "xfs-inodegc/loop1": -EINTR [ 133.110269][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.126042][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.281442][ T7237] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 133.475171][ T7237] XFS (loop4): Ending clean mount [ 133.488743][ T7237] XFS (loop4): Quotacheck needed: Please wait. [ 133.629500][ T7237] XFS (loop4): Quotacheck: Done. [ 133.826555][ T7257] netem: change failed [ 133.914278][ T5855] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 134.644056][ T7266] loop4: detected capacity change from 0 to 128 [ 134.671796][ T7266] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 134.734425][ T7266] sysv_free_block: trying to free block not in datazone [ 134.846982][ T5855] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 135.750871][ T7280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.504'. [ 135.796008][ T7280] netlink: 16 bytes leftover after parsing attributes in process `syz.0.504'. [ 136.226622][ T7294] loop1: detected capacity change from 0 to 512 [ 136.876004][ T25] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 137.056279][ T25] usb 4-1: Using ep0 maxpacket: 16 [ 137.126416][ T25] usb 4-1: config 0 has no interfaces? [ 137.139727][ T7314] loop2: detected capacity change from 0 to 2048 [ 137.159321][ T25] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 137.201964][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.252732][ T25] usb 4-1: config 0 descriptor?? [ 137.413176][ T7314] Alternate GPT is invalid, using primary GPT. [ 137.433754][ T7314] loop2: p1 p2 p3 [ 137.526896][ T7305] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.756441][ T7305] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.879737][ T7294] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.976458][ T25] usb 4-1: USB disconnect, device number 7 [ 138.149418][ T7294] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 138.541746][ T971] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 138.748488][ T971] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 138.768575][ T971] usb 4-1: config 0 interface 0 has no altsetting 0 [ 138.775253][ T971] usb 4-1: New USB device found, idVendor=0c45, idProduct=0010, bcdDevice= 0.00 [ 138.833341][ T971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.856931][ T971] usb 4-1: config 0 descriptor?? [ 139.076065][ T971] usbhid 4-1:0.0: can't add hid device: -71 [ 139.086055][ T971] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 139.136248][ T971] usb 4-1: USB disconnect, device number 8 [ 139.262529][ T7316] loop4: detected capacity change from 0 to 32768 [ 139.325723][ T7316] ERROR: (device loop4): dtSearch: DT_GETPAGE: dtree page corrupt [ 139.325723][ T7316] [ 139.366285][ T7316] ERROR: (device loop4): remounting filesystem as read-only [ 139.386842][ T7316] jfs_lookup: dtSearch returned -5 [ 139.404732][ T7334] ERROR: (device loop4): dtReadFirst: DT_GETPAGE: dtree page corrupt [ 139.404732][ T7334] [ 139.425682][ T7334] jfs_readdir: unexpected rc = -5 from dtReadNext [ 139.569251][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.924573][ T7342] loop3: detected capacity change from 0 to 128 [ 140.381881][ T7351] loop0: detected capacity change from 0 to 2048 [ 140.452582][ T5221] Alternate GPT is invalid, using primary GPT. [ 140.481147][ T5221] loop0: p1 p2 p3 [ 140.542462][ T5221] Alternate GPT is invalid, using primary GPT. [ 140.564652][ T5221] loop0: p1 p2 p3 [ 140.621288][ T7351] Alternate GPT is invalid, using primary GPT. [ 140.644369][ T7351] loop0: p1 p2 p3 [ 141.178711][ T7362] loop0: detected capacity change from 0 to 2048 [ 141.191745][ T7364] loop2: detected capacity change from 0 to 164 [ 141.215677][ T5854] udevd[5854]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 141.228835][ T6089] udevd[6089]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 141.257046][ T6090] udevd[6090]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 141.295483][ T7364] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 141.307454][ T7362] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 141.440284][ T6090] udevd[6090]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 141.454310][ T5854] udevd[5854]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 141.491125][ T6089] udevd[6089]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 141.571015][ T5843] UDF-fs: warning (device loop0): udf_evict_inode: Inode 1367 (mode 120777) has inode size 17 different from extent length 512. Filesystem need not be standards compliant. [ 141.750003][ T6090] udevd[6090]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory [ 141.763071][ T6089] udevd[6089]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 141.775826][ T5854] udevd[5854]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 141.825747][ T7370] loop0: detected capacity change from 0 to 512 [ 141.894576][ T7370] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 141.906487][ T971] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 141.923606][ T7370] System zones: 0-2, 18-18, 34-34 [ 141.965060][ T7370] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.546: bg 0: block 248: padding at end of block bitmap is not set [ 142.015235][ T7370] Quota error (device loop0): write_blk: dquota write failed [ 142.034901][ T7370] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 142.061549][ T7370] EXT4-fs error (device loop0): ext4_acquire_dquot:6887: comm syz.0.546: Failed to acquire dquot type 1 [ 142.088269][ T971] usb 3-1: Using ep0 maxpacket: 16 [ 142.098746][ T971] usb 3-1: config 0 has no interfaces? [ 142.104450][ T971] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 142.124653][ T7370] EXT4-fs (loop0): 1 truncate cleaned up [ 142.133145][ T971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.146361][ T7370] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.171229][ T971] usb 3-1: config 0 descriptor?? [ 142.187517][ T7370] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 142.260953][ T7370] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 3: comm syz.0.546: path /99/file0: bad entry in directory: rec_len is smaller than minimal - offset=323, inode=0, rec_len=0, size=4096 fake=0 [ 142.335683][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.435737][ T7368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.451277][ T7368] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 142.473342][ T971] usb 3-1: USB disconnect, device number 5 [ 142.969271][ T971] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 143.151527][ T971] usb 3-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.165961][ T971] usb 3-1: config 0 interface 0 has no altsetting 0 [ 143.173966][ T971] usb 3-1: New USB device found, idVendor=0c45, idProduct=0010, bcdDevice= 0.00 [ 143.189143][ T971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.206742][ T971] usb 3-1: config 0 descriptor?? [ 143.431699][ T971] usbhid 3-1:0.0: can't add hid device: -71 [ 143.449304][ T971] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 143.457384][ T53] Bluetooth: hci0: command tx timeout [ 143.481079][ T971] usb 3-1: USB disconnect, device number 6 [ 144.103637][ T7375] loop2: detected capacity change from 0 to 512 [ 144.128741][ T7375] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.548: corrupted in-inode xattr: invalid ea_ino [ 144.178776][ T7375] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.548: couldn't read orphan inode 15 (err -117) [ 144.195777][ T7375] EXT4-fs (loop2): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 144.290143][ T5848] EXT4-fs (loop2): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 147.968010][ T7387] netlink: 8 bytes leftover after parsing attributes in process `syz.0.547'. [ 148.330906][ T7393] loop4: detected capacity change from 0 to 2048 [ 148.405383][ T7393] Alternate GPT is invalid, using primary GPT. [ 148.417113][ T7393] loop4: p1 p2 p3 [ 148.623919][ T7398] loop1: detected capacity change from 0 to 1024 [ 148.934961][ T7405] loop4: detected capacity change from 0 to 2048 [ 148.960228][ T7398] EXT4-fs: Ignoring removed nomblk_io_submit option [ 149.007619][ T7405] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 149.076020][ T7398] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 149.164988][ T7398] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.554: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 149.336806][ T7398] EXT4-fs (loop1): Remounting filesystem read-only [ 149.470171][ T5855] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1367 (mode 120777) has inode size 17 different from extent length 512. Filesystem need not be standards compliant. [ 149.505786][ T7413] loop2: detected capacity change from 0 to 4096 [ 149.746519][ T7421] netlink: 12 bytes leftover after parsing attributes in process `syz.4.560'. [ 149.848324][ T7423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.557'. [ 149.896091][ T7423] netlink: 16 bytes leftover after parsing attributes in process `syz.3.557'. [ 149.958519][ T7423] vlan2: entered allmulticast mode [ 150.024571][ T7425] loop0: detected capacity change from 0 to 1024 [ 150.063104][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.269666][ T7431] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 150.277827][ T7430] loop3: detected capacity change from 0 to 1024 [ 150.500340][ T7427] loop4: detected capacity change from 0 to 1024 [ 150.507862][ T7434] loop1: detected capacity change from 0 to 1024 [ 150.515132][ T7434] EXT4-fs: Ignoring removed orlov option [ 150.529000][ T7427] EXT4-fs: Ignoring removed orlov option [ 150.537553][ T7434] EXT4-fs: Ignoring removed nobh option [ 150.546579][ T7420] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 150.559779][ T7427] EXT4-fs: Ignoring removed nomblk_io_submit option [ 150.789359][ T29] audit: type=1800 audit(1730742613.493:12): pid=7433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.563" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 150.919514][ T7440] loop3: detected capacity change from 0 to 2048 [ 151.007637][ T7427] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.034730][ T7434] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.403384][ T7450] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 151.666639][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 151.910815][ T7459] loop2: detected capacity change from 0 to 256 [ 152.402316][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 152.582414][ T7465] netlink: 8 bytes leftover after parsing attributes in process `syz.2.576'. [ 152.693959][ T7465] netlink: 'syz.2.576': attribute type 30 has an invalid length. [ 152.774669][ T7465] netlink: 'syz.2.576': attribute type 1 has an invalid length. [ 152.972666][ T7457] loop1: detected capacity change from 0 to 32768 [ 152.979967][ T7457] XFS: noikeep mount option is deprecated. [ 153.358921][ T7480] overlayfs: upper fs does not support tmpfile. [ 153.442712][ T7457] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 153.614983][ T7489] program syz.2.585 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 154.199895][ T7457] XFS (loop1): Ending clean mount [ 154.215846][ T7457] XFS (loop1): Quotacheck needed: Please wait. [ 154.298743][ T7457] XFS (loop1): Quotacheck: Done. [ 154.569262][ T5845] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 155.672867][ T7495] loop3: detected capacity change from 0 to 32768 [ 155.698818][ T7495] XFS: ikeep mount option is deprecated. [ 155.722588][ T7514] loop1: detected capacity change from 0 to 256 [ 155.763552][ T7495] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 155.831953][ T7514] FAT-fs (loop1): Directory bread(block 64) failed [ 155.842033][ T7514] FAT-fs (loop1): Directory bread(block 65) failed [ 155.876663][ T7514] FAT-fs (loop1): Directory bread(block 66) failed [ 155.901531][ T7514] FAT-fs (loop1): Directory bread(block 67) failed [ 155.924930][ T7514] FAT-fs (loop1): Directory bread(block 68) failed [ 155.954139][ T7514] FAT-fs (loop1): Directory bread(block 69) failed [ 155.998650][ T7514] FAT-fs (loop1): Directory bread(block 70) failed [ 156.005244][ T7514] FAT-fs (loop1): Directory bread(block 71) failed [ 156.029607][ T7495] XFS (loop3): Ending clean mount [ 156.052838][ T7514] FAT-fs (loop1): Directory bread(block 72) failed [ 156.061647][ T7495] XFS (loop3): Quotacheck needed: Please wait. [ 156.084037][ T7514] FAT-fs (loop1): Directory bread(block 73) failed [ 156.227102][ T7495] XFS (loop3): Quotacheck: Done. [ 156.335857][ T29] audit: type=1800 audit(1730742619.033:13): pid=7514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.593" name="bus" dev="loop1" ino=1048619 res=0 errno=0 [ 156.877393][ T7495] syz.3.588 (7495): drop_caches: 2 [ 157.005769][ T5853] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 160.143924][ T7536] loop3: detected capacity change from 0 to 32768 [ 160.152627][ T7536] XFS: ikeep mount option is deprecated. [ 160.262183][ T7536] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 160.409282][ T7539] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 160.432350][ T7536] XFS (loop3): Ending clean mount [ 160.442766][ T7536] XFS (loop3): Quotacheck needed: Please wait. [ 160.453742][ T7539] batman_adv: batadv0: Adding interface: gretap1 [ 160.484635][ T7539] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 160.546761][ T7536] XFS (loop3): Quotacheck: Done. [ 160.553953][ T7539] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 160.815025][ T5853] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 160.828684][ T7558] loop4: detected capacity change from 0 to 512 [ 160.940339][ T7558] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 160.951921][ T7558] EXT4-fs (loop4): 1 truncate cleaned up [ 160.974949][ T7558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 161.109384][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 162.284694][ T7579] loop3: detected capacity change from 0 to 64 [ 162.696921][ T7583] pim6reg0: tun_chr_ioctl cmd 2148553947 [ 167.629690][ T7587] bridge_slave_0: default FDB implementation only supports local addresses [ 168.025613][ T7609] loop0: detected capacity change from 0 to 512 [ 168.138423][ T7609] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 168.182140][ T7612] sctp: [Deprecated]: syz.1.638 (pid 7612) Use of struct sctp_assoc_value in delayed_ack socket option. [ 168.182140][ T7612] Use struct sctp_sack_info instead [ 168.255286][ T7609] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 168.317565][ T7609] EXT4-fs (loop0): orphan cleanup on readonly fs [ 168.393417][ T7609] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 168.559594][ T7609] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 168.615259][ T7619] loop2: detected capacity change from 0 to 2048 [ 168.684353][ T7609] EXT4-fs (loop0): 1 truncate cleaned up [ 168.713133][ T7609] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 168.751042][ T7621] loop3: detected capacity change from 0 to 2048 [ 168.758560][ T7619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.843848][ T7621] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 168.927862][ T7619] EXT4-fs: Ignoring removed mblk_io_submit option [ 169.014372][ T7619] EXT4-fs (loop2): changing journal_checksum during remount not supported; ignoring [ 169.059363][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.136207][ T7619] EXT4-fs (loop2): can't enable nombcache during remount [ 169.496982][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 170.646758][ T7648] netlink: 'syz.2.641': attribute type 10 has an invalid length. [ 170.734592][ T7648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 171.391431][ T7658] loop2: detected capacity change from 0 to 1024 [ 171.516172][ T5897] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 171.746478][ T5897] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 171.817833][ T5897] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 171.917460][ T5897] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 171.985727][ T7665] loop2: detected capacity change from 0 to 64 [ 171.996020][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.088095][ T7667] loop0: detected capacity change from 0 to 1024 [ 172.105252][ T7657] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 172.160257][ T7665] hfs: request for non-existent node 1280 in B*Tree [ 172.184796][ T5897] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 172.225737][ T7665] hfs: request for non-existent node 1280 in B*Tree [ 172.249910][ T7667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 172.280374][ T7672] loop3: detected capacity change from 0 to 64 [ 172.295342][ T7665] hfs: request for non-existent node 1280 in B*Tree [ 172.355690][ T7665] hfs: request for non-existent node 1280 in B*Tree [ 172.372766][ T7667] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 172.437526][ T7672] BFS-fs: bfs_readdir(): Bad f_pos=00000003 for loop3:00000002 [ 172.556086][ T29] audit: type=1800 audit(1730742635.223:14): pid=7667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.648" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 172.805336][ T29] audit: type=1804 audit(1730742635.323:15): pid=7667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.648" name="/newroot/112/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 172.853965][ T5897] usb 2-1: USB disconnect, device number 4 [ 172.956963][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.769911][ T7696] netlink: 14601 bytes leftover after parsing attributes in process `syz.1.657'. [ 174.023357][ T9] kernel read not supported for file /dsp (pid: 9 comm: kworker/0:1) [ 175.125648][ T7716] overlayfs: missing 'workdir' [ 175.538505][ T7723] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 175.836918][ T7727] CIFS mount error: No usable UNC path provided in device string! [ 175.836918][ T7727] [ 175.886598][ T7727] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 176.263609][ T7730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.676'. [ 176.283517][ T7731] netlink: 32 bytes leftover after parsing attributes in process `syz.0.674'. [ 176.322875][ T7730] netlink: 4 bytes leftover after parsing attributes in process `syz.4.676'. [ 177.253174][ T7749] loop2: detected capacity change from 0 to 2048 [ 177.315638][ T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 177.399895][ T7749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 177.526990][ T9] usb 1-1: Using ep0 maxpacket: 16 [ 177.545164][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 177.616481][ T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 177.652553][ T7757] loop4: detected capacity change from 0 to 2048 [ 177.692582][ T9] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 177.730084][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 177.740600][ T7757] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 177.779723][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 177.842190][ T7759] gretap0: entered promiscuous mode [ 177.881231][ T9] usb 1-1: config 0 descriptor?? [ 177.933551][ T7759] erspan0: entered promiscuous mode [ 178.014425][ T7759] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 178.073986][ T7759] Cannot create hsr debugfs directory [ 178.393869][ T9] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 178.419852][ T7764] loop4: detected capacity change from 0 to 256 [ 178.473333][ T9] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 178.536220][ T9] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 178.562304][ T7764] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011fbe, chksum : 0xeb6f636c, utbl_chksum : 0xe619d30d) [ 178.610427][ T9] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 178.643231][ T9] cp2112 0003:10C4:EA90.0006: unknown main item tag 0x0 [ 178.720681][ T9] cp2112 0003:10C4:EA90.0006: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0 [ 178.876746][ T9] cp2112 0003:10C4:EA90.0006: Part Number: 0x00 Device Version: 0x00 [ 178.893482][ T7735] loop1: detected capacity change from 0 to 32768 [ 179.077022][ T7735] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 179.087558][ T9] cp2112 0003:10C4:EA90.0006: error requesting SMBus config [ 179.167504][ T9] cp2112 0003:10C4:EA90.0006: probe with driver cp2112 failed with error -71 [ 179.256211][ T9] usb 1-1: USB disconnect, device number 3 [ 179.404473][ T7735] XFS (loop1): Ending clean mount [ 179.512711][ T5845] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 180.058328][ T7788] loop0: detected capacity change from 0 to 64 [ 180.146848][ T7789] netlink: 'syz.4.698': attribute type 1 has an invalid length. [ 180.614699][ T7798] gretap0: entered promiscuous mode [ 180.761341][ T7798] erspan0: entered promiscuous mode [ 180.781656][ T7798] debugfs: Directory 'hsr1' with parent 'hsr' already present! [ 180.827812][ T7798] Cannot create hsr debugfs directory [ 181.242706][ T7806] nvme_fabrics: missing parameter 'transport=%s' [ 181.249363][ T7806] nvme_fabrics: missing parameter 'nqn=%s' [ 181.747646][ T7823] netlink: 20 bytes leftover after parsing attributes in process `syz.2.709'. [ 182.152838][ T7831] loop1: detected capacity change from 0 to 256 [ 182.175321][ T7834] loop3: detected capacity change from 0 to 1024 [ 182.296229][ T7834] hfsplus: request for non-existent node 3 in B*Tree [ 182.302972][ T7834] hfsplus: request for non-existent node 3 in B*Tree [ 182.854814][ T7849] loop4: detected capacity change from 0 to 1024 [ 183.523437][ T7862] netlink: 12 bytes leftover after parsing attributes in process `syz.4.727'. [ 183.645112][ T7866] netlink: 'syz.0.730': attribute type 12 has an invalid length. [ 183.702790][ T7866] netlink: 'syz.0.730': attribute type 29 has an invalid length. [ 183.763604][ T7866] netlink: 'syz.0.730': attribute type 2 has an invalid length. [ 183.846184][ T7866] netlink: 128 bytes leftover after parsing attributes in process `syz.0.730'. [ 184.299967][ T7877] loop3: detected capacity change from 0 to 1024 [ 184.422521][ T7877] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 184.579931][ T7889] loop2: detected capacity change from 0 to 512 [ 184.692642][ T7889] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 184.844056][ T7889] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 184.862836][ T5853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.950543][ T7889] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 185.165461][ T29] audit: type=1326 audit(1730742647.863:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31d57e719 code=0x7ffc0000 [ 185.280231][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 185.361482][ T29] audit: type=1326 audit(1730742647.863:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31d57e719 code=0x7ffc0000 [ 185.383568][ C0] vkms_vblank_simulate: vblank timer overrun [ 185.615065][ T7904] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.623283][ T7904] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.648825][ T29] audit: type=1326 audit(1730742647.893:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fe31d57e719 code=0x7ffc0000 [ 185.860750][ T29] audit: type=1326 audit(1730742647.893:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31d57e719 code=0x7ffc0000 [ 185.882840][ C0] vkms_vblank_simulate: vblank timer overrun [ 186.116627][ T29] audit: type=1326 audit(1730742647.893:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7897 comm="syz.4.742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe31d57e719 code=0x7ffc0000 [ 186.342889][ T5866] Bluetooth: hci3: command 0x0406 tx timeout [ 186.349041][ T5850] Bluetooth: hci2: command 0x0406 tx timeout [ 186.355843][ T5850] Bluetooth: hci1: command 0x0406 tx timeout [ 186.364732][ T5850] Bluetooth: hci0: command 0x0406 tx timeout [ 186.908794][ T7879] loop0: detected capacity change from 0 to 32768 [ 186.983801][ T7879] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 187.285811][ T7879] XFS (loop0): Ending clean mount [ 187.328861][ T7879] XFS (loop0): Quotacheck needed: Please wait. [ 187.534614][ T7879] XFS (loop0): Quotacheck: Done. [ 187.700420][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 189.198857][ T7955] loop4: detected capacity change from 0 to 128 [ 189.244049][ T7955] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 189.375825][ T5855] sysv_free_block: trying to free block not in datazone [ 189.429330][ T5855] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 189.485209][ T7945] loop1: detected capacity change from 0 to 32768 [ 189.564468][ T7945] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.759 (7945) [ 189.690439][ T7945] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 189.747678][ T7945] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 189.810844][ T7945] BTRFS info (device loop1): using free-space-tree [ 190.291096][ T5845] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 194.522335][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.529267][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.877117][ T7953] netlink: 72 bytes leftover after parsing attributes in process `syz.0.762'. [ 201.116003][ T7978] netlink: 'syz.1.766': attribute type 29 has an invalid length. [ 202.741719][ T8002] loop4: detected capacity change from 0 to 1024 [ 202.947045][ T8002] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 203.250126][ T5160] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 203.276192][ T5160] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 203.287404][ T5160] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 203.297290][ T5160] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 203.305155][ T5160] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 203.313656][ T5160] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 203.426681][ T5855] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 203.689428][ T8017] netlink: 'syz.4.781': attribute type 11 has an invalid length. [ 204.252321][ T7988] loop1: detected capacity change from 0 to 32768 [ 204.381962][ T7988] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 204.713103][ T7988] XFS (loop1): Ending clean mount [ 204.820806][ T8010] loop0: detected capacity change from 0 to 32768 [ 204.939970][ T8010] JBD2: Ignoring recovery information on journal [ 204.962286][ T5845] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 205.141687][ T8010] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 205.376638][ T5160] Bluetooth: hci3: command tx timeout [ 205.477915][ T8010] (syz.0.779,8010,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 [ 205.526063][ T8010] (syz.0.779,8010,0):ocfs2_read_locked_inode:521 ERROR: status = -12 [ 205.561543][ T8010] (syz.0.779,8010,0):ocfs2_double_lock:1188 ERROR: status = -12 [ 205.594031][ T8010] (syz.0.779,8010,0):ocfs2_link:713 ERROR: status = -12 [ 205.743497][ T5843] ocfs2: Unmounting device (7,0) on (node local) [ 206.634351][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.2.780'. [ 207.187694][ T8052] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 207.465986][ T5160] Bluetooth: hci3: command tx timeout [ 207.727011][ T8058] futex_wake_op: syz.1.796 tries to shift op by 36; fix this program [ 208.147349][ T8064] loop0: detected capacity change from 0 to 64 [ 208.267122][ T8064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.799'. [ 208.676170][ T5897] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 208.891075][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 208.916014][ T5897] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 208.954084][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.005919][ C0] [ 209.008278][ C0] ============================= [ 209.013127][ C0] [ BUG: Invalid wait context ] [ 209.017989][ C0] 6.12.0-rc5-next-20241104-syzkaller #0 Not tainted [ 209.024575][ C0] ----------------------------- [ 209.029419][ C0] syz-executor/5855 is trying to lock: [ 209.034875][ C0] ffff88813fffc298 (&zone->lock){-.-.}-{3:3}, at: __rmqueue_pcplist+0x4c6/0x2b70 [ 209.044057][ C0] other info that might help us debug this: [ 209.049948][ C0] context-{2:2} [ 209.053403][ C0] 9 locks held by syz-executor/5855: [ 209.058689][ C0] #0: ffffffff8e9f2050 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x288/0x1f60 [ 209.067514][ C0] #1: ffff88807b1b0be0 (&mm->mmap_lock){++++}-{4:4}, at: copy_mm+0x2a6/0x1f60 [ 209.076510][ C0] #2: ffff8880320b01e0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: copy_mm+0x4b3/0x1f60 [ 209.085686][ C0] #3: ffffffff8e93c0e0 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x82/0x380 [ 209.095194][ C0] #4: ffff88807e236f78 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: __pte_offset_map_lock+0x1ba/0x300 [ 209.105844][ C0] #5: ffffffff8e93c0e0 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x82/0x380 [ 209.115358][ C0] #6: ffff88801ff892b8 (ptlock_ptr(ptdesc)#2/1){+.+.}-{3:3}, at: copy_pmd_range+0x76f/0x7ee0 [ 209.125671][ C0] #7: ffffffff8e93c0e0 (rcu_read_lock){....}-{1:3}, at: page_ext_get+0x20/0x2a0 [ 209.134830][ C0] #8: ffff8880b8644818 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x7e2/0x3870 [ 209.144786][ C0] stack backtrace: [ 209.148526][ C0] CPU: 0 UID: 0 PID: 5855 Comm: syz-executor Not tainted 6.12.0-rc5-next-20241104-syzkaller #0 [ 209.158861][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 209.168923][ C0] Call Trace: [ 209.172213][ C0] [ 209.175065][ C0] dump_stack_lvl+0x241/0x360 [ 209.179767][ C0] ? __pfx_dump_stack_lvl+0x10/0x10 [ 209.184976][ C0] ? __pfx__printk+0x10/0x10 [ 209.189586][ C0] __lock_acquire+0x15a8/0x2100 [ 209.194453][ C0] lock_acquire+0x1ed/0x550 [ 209.198962][ C0] ? __rmqueue_pcplist+0x4c6/0x2b70 [ 209.204174][ C0] ? ip_local_deliver_finish+0x230/0x5f0 [ 209.209818][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 209.214850][ C0] ? __pfx_ip_local_deliver_finish+0x10/0x10 [ 209.220844][ C0] ? NF_HOOK+0x3a4/0x450 [ 209.225100][ C0] ? mark_lock+0x9a/0x360 [ 209.229443][ C0] _raw_spin_lock_irqsave+0xd5/0x120 [ 209.234745][ C0] ? __rmqueue_pcplist+0x4c6/0x2b70 [ 209.239958][ C0] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 209.245867][ C0] __rmqueue_pcplist+0x4c6/0x2b70 [ 209.250910][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 209.255953][ C0] get_page_from_freelist+0x895/0x3870 [ 209.261428][ C0] ? __lock_acquire+0x1397/0x2100 [ 209.266478][ C0] __alloc_pages_noprof+0x292/0x710 [ 209.271701][ C0] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 209.277443][ C0] ? is_bpf_text_address+0x26/0x2a0 [ 209.282656][ C0] ? kernel_text_address+0xa7/0xe0 [ 209.287782][ C0] ? arch_stack_walk+0xfd/0x150 [ 209.292645][ C0] alloc_pages_mpol_noprof+0x3e8/0x680 [ 209.298114][ C0] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 209.304105][ C0] ? stack_trace_save+0x118/0x1d0 [ 209.309145][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 209.314542][ C0] ? alloc_pages_noprof+0x43/0x170 [ 209.319664][ C0] stack_depot_save_flags+0x666/0x830 [ 209.325058][ C0] kasan_save_stack+0x4f/0x60 [ 209.329749][ C0] ? kasan_save_stack+0x3f/0x60 [ 209.334614][ C0] ? __kasan_record_aux_stack+0xac/0xc0 [ 209.340176][ C0] ? task_work_add+0xd9/0x490 [ 209.344870][ C0] ? run_posix_cpu_timers+0x6ac/0x810 [ 209.350262][ C0] ? tick_nohz_handler+0x37c/0x500 [ 209.355388][ C0] ? __hrtimer_run_queues+0x551/0xd50 [ 209.360771][ C0] ? hrtimer_interrupt+0x396/0x990 [ 209.365890][ C0] ? __sysvec_apic_timer_interrupt+0x110/0x420 [ 209.372060][ C0] ? sysvec_apic_timer_interrupt+0xa1/0xc0 [ 209.377883][ C0] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 209.384052][ C0] ? lock_acquire+0x264/0x550 [ 209.388740][ C0] ? page_ext_get+0x3d/0x2a0 [ 209.393342][ C0] ? page_table_check_set+0x4f/0x540 [ 209.398637][ C0] ? __page_table_check_ptes_set+0x30f/0x410 [ 209.404630][ C0] ? copy_pmd_range+0x4572/0x7ee0 [ 209.409686][ C0] ? copy_page_range+0x99f/0xe90 [ 209.414633][ C0] ? copy_mm+0x122b/0x1f60 [ 209.419066][ C0] ? copy_process+0x1845/0x3d50 [ 209.423932][ C0] ? kernel_clone+0x226/0x8f0 [ 209.428623][ C0] ? __x64_sys_clone+0x258/0x2a0 [ 209.433570][ C0] ? do_syscall_64+0xf3/0x230 [ 209.438259][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.444350][ C0] ? __phys_addr+0xba/0x170 [ 209.448870][ C0] __kasan_record_aux_stack+0xac/0xc0 [ 209.454261][ C0] task_work_add+0xd9/0x490 [ 209.458776][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 209.463808][ C0] ? __pfx_task_work_add+0x10/0x10 [ 209.468932][ C0] ? __raise_softirq_irqoff+0xa2/0x1c0 [ 209.474407][ C0] run_posix_cpu_timers+0x6ac/0x810 [ 209.479624][ C0] ? __pfx_run_posix_cpu_timers+0x10/0x10 [ 209.485360][ C0] ? sched_balance_trigger+0x1a3/0x890 [ 209.490838][ C0] tick_nohz_handler+0x37c/0x500 [ 209.495799][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 209.501282][ C0] __hrtimer_run_queues+0x551/0xd50 [ 209.506496][ C0] ? ktime_get_update_offsets_now+0x2d/0x3b0 [ 209.512500][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 209.518235][ C0] ? read_tsc+0x9/0x20 [ 209.522320][ C0] ? ktime_get_update_offsets_now+0x393/0x3b0 [ 209.528409][ C0] hrtimer_interrupt+0x396/0x990 [ 209.533375][ C0] __sysvec_apic_timer_interrupt+0x110/0x420 [ 209.539374][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 209.545026][ C0] [ 209.547964][ C0] [ 209.550905][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 209.556902][ C0] RIP: 0010:lock_acquire+0x264/0x550 [ 209.562195][ C0] Code: 2b 00 74 08 4c 89 f7 e8 8a 24 8f 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 209.581828][ C0] RSP: 0018:ffffc90003a8f020 EFLAGS: 00000206 [ 209.587916][ C0] RAX: 0000000000000001 RBX: 1ffff92000751e10 RCX: ffff888062eba8d8 [ 209.595902][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0ae980 RDI: ffffffff8c605560 [ 209.603893][ C0] RBP: ffffc90003a8f178 R08: ffffffff942cd847 R09: 1ffffffff2859b08 [ 209.611879][ C0] R10: dffffc0000000000 R11: fffffbfff2859b09 R12: 1ffff92000751e0c [ 209.619858][ C0] R13: dffffc0000000000 R14: ffffc90003a8f080 R15: 0000000000000246 [ 209.627854][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 209.632900][ C0] ? pfn_valid+0xf6/0x450 [ 209.637241][ C0] ? __pfx_lock_release+0x10/0x10 [ 209.642275][ C0] ? __pfx_lock_release+0x10/0x10 [ 209.647307][ C0] ? page_ext_get+0x20/0x2a0 [ 209.651907][ C0] page_ext_get+0x3d/0x2a0 [ 209.656330][ C0] ? page_ext_get+0x20/0x2a0 [ 209.660933][ C0] page_table_check_set+0x4f/0x540 [ 209.666059][ C0] __page_table_check_ptes_set+0x30f/0x410 [ 209.671886][ C0] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 209.678227][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 209.683441][ C0] ? __folio_rmap_sanity_checks+0x15d/0x3a0 [ 209.689349][ C0] copy_pmd_range+0x4572/0x7ee0 [ 209.694213][ C0] ? __pfx_validate_chain+0x10/0x10 [ 209.699432][ C0] ? __pfx_copy_pmd_range+0x10/0x10 [ 209.704646][ C0] ? look_up_lock_class+0x77/0x170 [ 209.709776][ C0] ? register_lock_class+0x102/0x980 [ 209.715069][ C0] ? __pfx_mas_destroy+0x10/0x10 [ 209.720019][ C0] ? mark_lock+0x9a/0x360 [ 209.724362][ C0] ? __lock_acquire+0x1397/0x2100 [ 209.729408][ C0] copy_page_range+0x99f/0xe90 [ 209.734193][ C0] ? __pfx_copy_page_range+0x10/0x10 [ 209.739490][ C0] ? __pfx_up_write+0x10/0x10 [ 209.744182][ C0] ? __asan_memset+0x23/0x50 [ 209.748788][ C0] ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10 [ 209.755565][ C0] ? vma_interval_tree_insert_after+0x259/0x2b0 [ 209.761911][ C0] copy_mm+0x122b/0x1f60 [ 209.766181][ C0] ? __pfx_copy_mm+0x10/0x10 [ 209.770796][ C0] ? __init_rwsem+0x122/0x160 [ 209.775487][ C0] ? copy_signal+0x52a/0x650 [ 209.780098][ C0] copy_process+0x1845/0x3d50 [ 209.784798][ C0] ? copy_process+0x9fa/0x3d50 [ 209.789586][ C0] ? __lock_acquire+0x1397/0x2100 [ 209.794617][ C0] ? __pfx_copy_process+0x10/0x10 [ 209.799663][ C0] kernel_clone+0x226/0x8f0 [ 209.804183][ C0] ? __pfx_kernel_clone+0x10/0x10 [ 209.809232][ C0] __x64_sys_clone+0x258/0x2a0 [ 209.814004][ C0] ? __pfx___x64_sys_clone+0x10/0x10 [ 209.819295][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 209.825299][ C0] ? exc_page_fault+0x590/0x8c0 [ 209.830168][ C0] ? do_syscall_64+0xb6/0x230 [ 209.834862][ C0] do_syscall_64+0xf3/0x230 [ 209.839374][ C0] ? clear_bhb_loop+0x35/0x90 [ 209.844062][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.850056][ C0] RIP: 0033:0x7fe31d574f93 [ 209.854498][ C0] Code: 1f 84 00 00 00 00 00 64 48 8b 04 25 10 00 00 00 45 31 c0 31 d2 31 f6 bf 11 00 20 01 4c 8d 90 d0 02 00 00 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 89 c2 85 c0 75 2c 64 48 8b 04 25 10 00 00 [ 209.875766][ C0] RSP: 002b:00007ffc1d985c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 209.884194][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe31d574f93 [ 209.892175][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 209.900154][ C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 209.908132][ C0] R10: 0000555576b037d0 R11: 0000000000000246 R12: 0000000000000000 [ 209.916111][ C0] R13: 0000000000032f56 R14: 00000000000326ff R15: 00007ffc1d985e00 [ 209.924098][ C0] [ 210.015805][ T5160] Bluetooth: hci3: command tx timeout [ 210.166930][ T5897] usb 2-1: config 0 descriptor?? [ 210.198214][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 210.355932][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 210.726742][ T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.096338][ T5160] Bluetooth: hci3: command tx timeout [ 215.216606][ T5897] usb 2-1: can't set config #0, error -110 [ 215.376976][ T8] usb 1-1: device descriptor read/all, error -110 [ 215.575994][ T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 215.716547][ T8] usb 1-1: device descriptor read/64, error -32 [ 215.832773][ T8] usb usb1-port1: attempt power cycle [ 216.176021][ T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 216.208670][ T8] usb 1-1: device descriptor read/8, error -32 [ 216.446142][ T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 216.478450][ T8] usb 1-1: device descriptor read/8, error -32 [ 216.591586][ T8] raw-gadget.1 gadget.0: failed to queue suspend event [ 216.599641][ T8] usb usb1-port1: unable to enumerate USB device