last executing test programs: 3.167622492s ago: executing program 4 (id=2278): add_key$fscrypt_v1(&(0x7f0000000680), 0x0, 0x0, 0x0, 0x0) syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x1480c, &(0x7f0000033380)=ANY=[@ANYRES32=0x0, @ANYRESOCT, @ANYRESHEX, @ANYRES16=0x0, @ANYRES8, @ANYBLOB="c85fb6eba7e56788375cd72fce22a1abfcd6d806077c0ace8719da9e7cc6e83ba005b48ddc42acd013bbade11c45e63987cb0b242bef8593c4bf44b1c946746cba0a85ae7b00b3698e4f445f", @ANYBLOB="108f2bbc120007171ae540810800f1d9ed7e6b556183cf5283da18c329fc2d1132e25424748c5ce2f044a26a71a4de16e74d22c6a1c791fde85bd9a764fe6fce36aa6b3fa6955e74b5b00555552570a64d455cedd37b6ad3f685ff3807c16bc31bc554aedf0b654e4fd98d6fee2d132b17cfa29e5cb8ad61cfa808973a8765ee335d3d94ed492ec65735a9789fec9e90fcf11ddc857c39ecfaeff5d28676fb5647093c8d4c7ed6ffe24515ce75f94c6e71ba05f8f7afb787856e3c7f6296f2b92894e189750940ccc0dda4db6115e9c8399bc0805eaf4cd1cd0824c2ac82d9a43f9e763a90b662", @ANYRES64=0x0, @ANYRES8, @ANYRES16], 0x1, 0xa53, &(0x7f0000000bc0)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh") r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$EXT4_IOC_GROUP_ADD(r0, 0xc0185879, &(0x7f0000000680)={0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2401}) 2.866997483s ago: executing program 2 (id=2282): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000400)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000040)="18", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x0, 0x0, @private0}, 0x1c, &(0x7f0000000240)=[{&(0x7f00000001c0)="02", 0x1}], 0x1}}], 0x2, 0x0) shutdown(r0, 0x1) setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) 2.699896542s ago: executing program 4 (id=2285): bpf$OBJ_GET_PROG(0x7, &(0x7f0000000140)=@o_path={&(0x7f0000000100)='./file0\x00'}, 0x18) r0 = io_uring_setup(0x656a, &(0x7f0000000000)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_io_uring_setup(0x3f27, &(0x7f0000000100)={0x0, 0x0, 0x22, 0x0, 0x0, 0x0, r0}, &(0x7f0000000180), &(0x7f00000001c0)) 2.581086986s ago: executing program 2 (id=2286): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}, @in6={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000001c0)={r1}, &(0x7f0000000200)=0x14) 2.410666539s ago: executing program 2 (id=2288): r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000000)={0x2}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x5, 0x4}) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000280)={0x5}) 2.409489884s ago: executing program 4 (id=2289): timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = dup(r0) bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e) 2.334028225s ago: executing program 3 (id=2290): r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r0}, &(0x7f0000000540), &(0x7f0000000580)=r1}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r0, &(0x7f0000000780)}, 0x20) 2.250987973s ago: executing program 2 (id=2291): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x8, &(0x7f0000000300)={[{@codepage={'codepage', 0x3d, 'iso8859-13'}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@umask={'umask', 0x3d, 0x592}}, {@umask={'umask', 0x3d, 0xfffffffffffffff8}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}]}, 0x1, 0x2fc, &(0x7f00000008c0)="$eJzs3U9PE08cx/HPbFsof8Jvf4Ax8aJBSPRixD+JMSYY0pvh7smotCTEBiNgol5A403jA/Dmwafgg/CgxpsnPXnyAXBbM9PZsgvbLQ2UBXy/Eprt7Mzsd51uZ76b1BWAf9Z87efHq7/tn5FKKkm6KQWSqlJZ0imdrj5dWV9ebzbqeR2VXAv7Z9RqaXbVWVxpZDW17VwLL7TvyhpNlqE/oii6/avoIFA4d/VnCKRBfx26/dVDjqtfNqWzRcdw2JIDbLa0pWcaKzAcAMAR4Of/wE8To67IKAikGT/tn6j5f6voAA7Wteauoii3gZv/fwyPxZlXZOz4/ud2bed7LoWz+4M4S9xLMJUd7wfU+mSlFpimW1bpYgmGlpbLurT4UvVArzTnJapNutd666Mb6xLtVEZumqNzbxUtDLfOxq0od4pDWlpuNgbtRkb8E70dcX/e2FA/m2/mngn1XvX2+q8cGTtMbqTCHSMVVGz8lzv3OuJa2Vryaf+coiBV5X93kDP+CF6Xs6xmZyTJPuMbBJvtCPLidMceV/q2QuvsZru0mshqFbbfdWg1mWpVStwTyb2V0h/xKZp35q6Z0h99Ui2x/g9sfDNKXJl5X/XG1fSfjMXHzXp6ZBPKrma4a+bYvlzOtSPwBns+N0g93i17q4e6obG15y8elZrNxqrdeJCx8WR01fiSymsps07/N0rKqaPN7ZLI2oiivfYc9TP4iwfaof3+aJfYyyersr3K2iVB957jubqAMe3XxoY/pT4eovb1hPyLRZGUKlm49cXvOvDvJxxBayYefV8wVHBAOGx23WVa+Z9byftVnVuq2pcwZ52en2Qq1eNsO4NLLwXH3etwTxncSOcMLnHEKx1yRpdznb8gTScKjfwRNzK7DX2cJ4Sp6bvuc/8fAAAAAAAAAAAAAAAAAADguNnLTwUCSfv5pUHR5wgAAAAAAAAAAAAAAAAAAAAAwHE3Xxvo/fm/Wf9HvHv+b5j1/N8P16fvtLZ4/i9wpPwNAAD//9pfcAo=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000006000)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000500)=""/222, 0xde) 2.199557804s ago: executing program 4 (id=2292): r0 = syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x60001) close(r0) socket$kcm(0x29, 0x5, 0x0) sendmsg$NL80211_CMD_DEL_MPATH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x80044}, 0x41) 2.127415515s ago: executing program 3 (id=2293): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x4008032, 0xffffffffffffffff, 0xea7e8000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r0 = socket(0x15, 0x5, 0x0) getsockopt(r0, 0x200000000114, 0x5, &(0x7f000001ae00)=""/102385, &(0x7f00000001c0)=0xffffffcc) 1.901120473s ago: executing program 4 (id=2295): r0 = syz_io_uring_setup(0x6908, &(0x7f0000000540)={0x0, 0x0, 0x10100, 0x1, 0x4000000}, &(0x7f0000000140)=0x0, &(0x7f0000000240)=0x0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000300)=@l2}) io_uring_enter(r0, 0x1dd2, 0x0, 0x0, 0x0, 0x0) 1.900729828s ago: executing program 2 (id=2296): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="c400000010000100"/20, @ANYRES32=r2, @ANYBLOB="20000000000000009c001680980001800c0007"], 0xc4}}, 0x0) 1.87367267s ago: executing program 5 (id=2298): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14, 0x3eb}, [], {0x14, 0x3f9}}, 0x28}}, 0x0) 1.500051593s ago: executing program 4 (id=2300): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) syz_usb_connect(0x0, 0x2d, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000fd9e1a40f30c74933bbc0000000109021b0001040000000904000065d4695e000905", @ANYBLOB="e1ce74"], 0x0) getresuid(&(0x7f0000000100), &(0x7f0000000140), 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x24000010) 1.499782796s ago: executing program 5 (id=2301): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000040)={[{0x2b, 'cpu'}, {0x2b, 'pids'}]}, 0xb) 1.340917642s ago: executing program 0 (id=2302): syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x802, &(0x7f0000000280)={[{@codepage={'codepage', 0x3d, 'koi8-ru'}}, {@part={'part', 0x3d, 0x7d}}, {@umask={'umask', 0x3d, 0x6}}, {@iocharset={'iocharset', 0x3d, 'koi8-r'}}, {@dir_umask={'dir_umask', 0x3d, 0x3eea}}, {@uid}]}, 0x1, 0x2e3, &(0x7f0000001980)="$eJzs3c1u00oYxvFnnKRNP9Tj0/boSGxAhUqwqSiwQGyCULbsWSGgSaWKqIi2SMCmBbFEXAB7boGLYAPiBmDFigvozmjGE8dOHadFTdyP/09q5ExmPK81nsy8liACcG7da/74dPOX/TNSRRVJd6RAUl2qSvpP/9dfbO5s7HTaraITVVwL+2cUtzQH6qxttvOa2nauhRfad1XNpsswGlEU3f1ZdhAonZv9OQJp0s9D93l9zHGNyp50sewYxi09wGZf+3qpuRLDAQCcAH79D/wyMeuKjIJAWvbL/pla//fLDuB43eocKIoKG6TWf7e7i4wd33/cR718z6Vw9vOgmyUeJpha3/sJxXdWZoNphmWVLpZgan2jqpW1N2oFequGl6q26F5b8a3bNSTapZzctMDgs9V0fzq+Grej7OdD2l3vdpcT/0Jhj5NHifNwzBfzzTw0oT6qlez/qpGxw+RGKuwbqaC2vtFpXx98xhnXytaST/sbjUaQqfKv6+SC78EbMkr1/Iwkfc7uA4K9JIKiOF3f88o+VoivbnVIq4W8VmHybkCrxUwrezW2r5W1Z53CRymj0b1E88E8MEv6rc9qpvb/gY1vWamZWfRVb1xNf2fE1zORX7PqaoYHVo7edLmUROCN4KY/D472tOy9nui25rZfvX5a6XTaW/bgcebAyB48n90yvqT2TuqrM66DigrqaK9XElm7UXTYM0ejDP7asZ7Qfn8kJXb65FW2sywpCcY9TOfloPlVRTdk0UFkSptEvQPTvZGiSBpQZ2TfUzhBto0d69TSMVVmNCiB3XeZOP9zO3m/q3M5i30JC/bpxUmmMmdcTTK47FZw3r1OHymDmxmcwaV6vDEgZ3Q51+Wr0pVUoVFhj6GP84wwTX3XI57/AwAAAAAAAAAAAAAAAAAAnDbj+CcHZV8jAAAAAAAAAAAAAAAAAAAAAACn3V/9/m/e/xHvfv835Pd/gVPkTwAAAP//fMpzyA==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x2a) lseek(r0, 0xfffffffffffffffc, 0x2) getdents(r0, 0x0, 0x58) 1.340468598s ago: executing program 1 (id=2303): mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000001180)='pids.max\x00', 0x2, 0x0) write$cgroup_subtree(r1, &(0x7f0000000340)=ANY=[@ANYBLOB='-', @ANYRESDEC, @ANYRESDEC], 0x27) 1.299109163s ago: executing program 5 (id=2304): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) 1.262303616s ago: executing program 3 (id=2305): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc018620b, 0x0) 1.208986814s ago: executing program 2 (id=2306): syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000340)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xad7, &(0x7f0000002340)="$eJzs3U2MW0cBAOCxd73JtilxSkKXNLQJhbb8dNPsLuEngqRKhETUVIhLpQgOUZqWiBAkigRUlUhy4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKIxAECidHuznjtid1n74+fvf4+aTx+b97zzDw/P7/fmQCMrerS68LCTCWEy2+8cuzvD/9tenHM4eYU9aXXyZahWgihEocns897b2I5vnXjxdOd4kqYW3pNw+Gp68157w4hXAh7w5VQD7svX335rbknT1w8fmnf268eurYxtQcAgPHy1SuHFnb95U/377j52gNHwpY0evHN0v55PY7YFvf7j8Qd/7T/Xw3tw5WW0Goqm24yhup0+3QTHaZrzaeWTTfZJf+pLP9al+m2hPfPf6JlXKd6wyhL63E9VKqzbcPV6uzs8jF5WDqun6rMnj977tnnSyoosO7+9WAIYW9LOHqpfXi14Rtxy7Een9UaDm/AZ64x1HqsZ2MIyjqS4cjg8rrZWFZ6nQcUGttL3gABRPn1wjtcyM8srE3z0yZ7y//6E9XO88M6GPT631f+UyXnH+T/64u2OKyfzbo2pXql39G2OJxfR8jvX+r++8uvdLSPza9H1HosZ7frCKNyfaFbOScGXI7V6lb+fL3YrL4Y47QcvpSlt/5+8u90VL5joLN/5+f/BUEY7hDahmtr+axGydsfYHjl98010vXRKL+vL0/fUpC+tSB9uiD9roL0uwvSYZz99ns/CS9VVo7z82P6fs+Hp/Ns98T4A32WJz8f2W/++X2//Vpr/vn9xDDMfn/q6TOfe+bk1eX7/yvN9f92XN/T4UY9/rauxAnS+cL8vHrz3v96ez7VLtPdm5Xnng7TL73f2T5dZefK54SW7cwd5Zhpn297t+n2tE9Xz6abjmFrVt58/+SubL60/5G2q2l5TWb1rWX1mMrKkbYrO2KclwNWI62P3e7/T+vnTKhVnj177szjcTitp3+cqG1ZHH9gwOUG1q7X539mQvvzP9ua42vV1u3C9pXxleXtwuvx89rHzzXzaR8/H4fT/9w3J6aXxs+e/s65Z9a/+jDWnv/hC986de7cme+ux5taWMPs89NhLbOX+ObLw1GMft6kw5ZhKc+q3yxWZAiKsQnflLxhAjbc/h8t7wQ8dvbbp54789yZ8/MHD87PzR38/PzC/qX9+v2te/etLpRQWmA9rfzpl10SAAAAAAAAAAAAoFffP37s6jtvfvbd5ef/V57/S8//pzt/0/P/P86e/8+fk0/PwafnAHd0SF+aJmtgdSqbrhbDB7Py7szy2ZXN96EYN/vxi8//p+zydl1Tee7Lxte6DGbNCdzRXspU1gZJ3l/gR2N8Kca/ClCiynTn0TEuat86reupfYqWdika2gceHel7S2tDasckPf/dsV2nli97xwDKyPobxOOEZdcR6OwfY9X+9z9XKl56WYTuYXKw+f1sfNeJRte99F57sAFYH2X3/5nOe6b4/B++snUxpMmuP9G+vczbL4V+/Pmd9uFh739yo/PP++0bdP5l13/Q/X82+7/refuX9ZhXX12+//n5tXdbsg27e80/r39qB3pnf/nfjPmn2jwSesu/8css//yCUI/+m+V/V4/531H/PavL/38x/7TYHn2o1/yry9fMqu3lyM8bp+t/+Xnj5FZW/9S25/vk/7UXOtV/lR013o75wzgblX5m+5XtRzR32lff/290YX37/20WNtus5fdhfCaOSRvidJ9D3t9Jv+VP91ek/4Fd2edXCv7f9P872r4Q46LfQ+r/9/aN5ct59fiXn9bPelyWabjWYdlu1m0NjKr3xur63zqEkxuex9bS6zj04cgQlKEZGhOrmK/ZT1zJ5W80Ght7QqtAqZlT+vIv+zih7PzLXv5F8v5/8334vP/fPD3v/zdPz/v/zdOn4zfULT3v/zdfnnn/v3n6fdnn5v0DzxSkf7ggfXfn9OZh+/0F8+8pSP9IQfq+ZvrhtilS+gMF8z9YkH5ve/qWPP2hgvk/VpD+8YL0hwvSH21Jb+0DOqV/omD+zS49jzKu9Ydxlj+f5/cP4yNd/+n2+99ZkA6Mrp++duDoyd98vb78/P9U83xIuo53JA7X4vHTD+Jwft07tAwvpr0Zh/+apQ/7+Q4YJ3n7Gfn/+yMF6cDoSvd5+X3DGKps7Tw6xkXtVnXbz2e0fDLGn4rxp2P8WIxnY7w/xgdiPDeg8rExjr7+u0MvVVaO97dn6b3eT54/D9TWTlQIYb7H8uTnB/q9nz1vx69fa81/lY+DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlKa69LqwMFMJ4fIbrxx7+sTZ/YtjDjenqC+9TrYM1ZrzhfB4jCdi/Iv45taNF0+3xrdjXAlzoRIqzfHhqevNnO4OIVwIe8OVUA+7L199+a25J09cPH5p39uvHrq2cUsAAAAANr//BwAA//9tDQjy") r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) rename(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000f00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.202057428s ago: executing program 1 (id=2307): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = socket$pppl2tp(0x18, 0x1, 0x1) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=[0xffffffffffffffff], 0x0, 0x10, 0x0, @void, @value}, 0x90) getsockopt$bt_BT_SECURITY(r0, 0x111, 0x5, 0x0, 0x20001100) 1.178584818s ago: executing program 0 (id=2308): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000001300)="d2", 0x1}], 0x1}, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x6, 0x4, 0x21, 0xc1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000dc0), &(0x7f0000001280), 0xb46, r0}, 0x38) bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000100)={r0, &(0x7f0000002240), 0x20000000}, 0x20) 806.628309ms ago: executing program 0 (id=2310): r0 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000800)=ANY=[@ANYRES64=r0, @ANYRES16=r0, @ANYRESOCT=r0, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e732300000000000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c01ac63f7f959571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beecc74e667589d37100ec36292c15c6", @ANYBLOB="a823898492f698f73fe37c4ae415819149ba5e97198da48979ce703a", @ANYRES8, @ANYRES64, @ANYRES32, @ANYRES64, @ANYRES8=0x0], 0x5, 0x0, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x105042, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) 806.057177ms ago: executing program 1 (id=2311): r0 = fsopen(&(0x7f0000000000)='securityfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 799.056735ms ago: executing program 3 (id=2312): r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000000140), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000340)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000040)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f0000000280)={&(0x7f0000000080)={0x1, 0xb32, 0x0, {0x0, 0xea60}, {}, {}, 0x1, @canfd={{}, 0x48, 0x0, 0x0, 0x0, "4210220097b2bb36662d7dd22259126b470b759d7b9beb92913afbabb8971fdf7268450b731d6d110917f27e538256a669fea5023441347712804650cc7d8236"}}, 0x80}}, 0x0) 662.149136ms ago: executing program 0 (id=2313): r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x204, 0xa, 0x4}) r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$VIDIOC_REQBUFS(r1, 0xc0585609, &(0x7f0000000040)={0x0, 0xa}) 661.171543ms ago: executing program 5 (id=2314): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16f, @time}) 624.449866ms ago: executing program 3 (id=2315): r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f00000000c0)=0x3) ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000200)) 568.443339ms ago: executing program 1 (id=2316): r0 = socket(0x2, 0x80805, 0x0) r1 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000140)=@assoc_value={0x0}, &(0x7f0000000500)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={r2, 0x8}, &(0x7f00000002c0)=0x8) 397.315187ms ago: executing program 5 (id=2317): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000400)={@multicast, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0x7f000000, @empty=0xe0000001}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "fdcdae25a7a296872a8a5290e48e30acf8afc7e67d70a62c979cefa10a0028bd", "ae0000000000000000e400", {"35f3c07eeca4a20a9858ac1500", "63081fe8fe001a08ed082ad7121d696f"}}}}}}}, 0x0) 394.414703ms ago: executing program 0 (id=2318): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000084e27fc70000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x7dca, &(0x7f0000000340), &(0x7f0000000140), &(0x7f0000000100)) io_uring_register$IORING_UNREGISTER_PERSONALITY(r1, 0x17, 0x20000000, 0x0) 276.794496ms ago: executing program 1 (id=2319): r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg2\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x3b9acb00}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x3}]}}]}, 0x48}}, 0x0) 273.381767ms ago: executing program 3 (id=2320): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x0, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_usb_connect(0x0, 0x9b2, &(0x7f0000000300)={{0x12, 0x1, 0x250, 0x9, 0xbd, 0xc2, 0x8, 0x17dc, 0x202, 0x8add, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9a0, 0x4, 0x0, 0x0, 0x0, 0xd, [{{0x9, 0x4, 0x7d, 0x2, 0x2, 0xe, 0x1, 0x0, 0x0, [@uac_as={[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x0, 0x0, 0x4}]}, @uac_control={{0xa, 0x24, 0x1, 0xfff, 0xd}}], [{{0x9, 0x5, 0x8, 0x10, 0x8, 0x7, 0x7f, 0xf8, [@uac_iso={0x7, 0x25, 0x1, 0x3, 0x9, 0x6}, @generic={0x1b, 0x32, "7fc6d9b85cbf7d143b9290e22dd20d9aa1ae135442873038b1"}]}}, {{0x9, 0x5, 0x3, 0x0, 0x0, 0x0, 0xca, 0x66, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x79, 0x6}]}}]}}, {{0x9, 0x4, 0x53, 0x8, 0x10, 0xa5, 0xdd, 0x2a, 0x4, [@hid_hid={0x9, 0x21, 0x101, 0x8b, 0x1, {0x22, 0x8000}}], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x4, 0x8, 0x1, [@generic={0x7f, 0x3, "2ec80771d2efea551ed5f5266df81394ff8ab79e92616977b64d67c237b0645e2fff487bf98a6d13c17181645e60721b8bef3605875766c9619fd1b27d8e42b36d557ba514a13518b1e56bedeb800b0cb099dccc37d0b17e9dc69bb3d796dbc377f2dbd39e1547765fd52f20bb1e7751a2df60d8ff3ae7ce688fd5f32f"}, @generic={0x40, 0x3, "25f6834f9374f8846629fccd8c2f12d7e4626e844a1fad1e9980c2c02986dd32e95f760878b307a934dc23dafa5444897d69e05028f4a4da498927990235"}]}}, {{0x9, 0x5, 0x7, 0x3, 0x400, 0x9}}, {{0x9, 0x5, 0x0, 0x0, 0x20, 0x4, 0x0, 0x3, [@generic={0x76, 0x0, "d33501c36ca3f5700cdbc3a103864b88f0e2870e85309aed5931b79a3b3d735c8e026762d159da5c00985cd3d40bace232e46cf99334d251386ac139a3af7f155add521867a58070e090520a029afe9a60775edd9934659826585798b924d5aa62ea2d06f15b06c4013d6390dad6c08798c372f1"}, @uac_iso={0x7, 0x25, 0x1, 0x82, 0xf8, 0x9}]}}, {{0x9, 0x5, 0x9, 0x0, 0x40, 0x7, 0xc0, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x4, 0x4, 0xa60}, @generic={0xe3, 0xa, "ec9bd15e9d87cfe2bb344ab1ab24a1224283597f4a09903886305241be77504ea0c83a4f52763480a5f2b5d36bca35a3f1a7c85f48649dac5908a295f294fd9cd80184afa4d58dbc7552115ab592ee90286814f4b87f965bedcd3bd941c4c24d86db9eeddca0c4e42e74b6468da385f3f5aecb04fe0d9d4ed48dfadb0dd3c03c3ad317291ec30e60f8eaba101b2a3e4038c0cbd51f3330c9ae3af7def84b24c5c8297ed0b0891fbab6fc4e7d06b23869aaeda2cc9952c57d7b4fa426c88b3a1fb6980bedeb490ccf7511013ee8e7fc95bb7d65679fc508f09021e2831e4b7b4c05"}]}}, {{0x9, 0x5, 0xb, 0x2, 0x200, 0x9, 0x8, 0x1, [@generic={0xe8, 0x0, "7c036800cbfba95ed76f9e4a4b0a3de16f63333ee82ccf1270ff13881aa44ac624a14c1c2df84d2636d8a304f01163f1044bf7641b2ea69132c313b4d1bbaa3f26712076d355c839223e6d0d9d47b634fe1c162a2b9ee2f2602499da20f1127a7d114900a4f56430ea6b18632c735dcd495ae54fc44bf3221f2558a9e8e5ca426f86cdfd0339cb9f771b60217df27e22d3f212753984387814a43ca471dcfb6444d315a7503804004a7678ec6e9689bb7a0ec66c114f732573aec615d7227931756d6c0323919f22bd9a4439374ba4ee67fc57730d95cd0d2035e880e22be51d1ce5dbc3641b"}]}}, {{0x9, 0x5, 0xb, 0x14, 0x20, 0xe0, 0x80, 0x0, [@generic={0xb9, 0x23, "e3684b8506f0af1cecc7767a074bfaf909a31b6076032a6708ede029e7ad35c21caaa83c1a79106e0edfc9abd2db5331001b28cb14e6e80dfe193656845dbb4832f2500904f9a2574ff2dad5215e9984abe8eb8299abc92d62af8acbccb2123bf347da646a110a1900de2802ed4c8d18249458c0cb7e604b7ed85f3f0b5fce81b3dea02c3490b332d7a81011641b7b8a2e3db80f6f910ae04a1dbf27915af0463d14a4c42ea5eda2b4232c406e037537164e81c3c28353"}]}}, {{0x9, 0x5, 0x3, 0x0, 0x1b7, 0x1, 0xff, 0x8}}, {{0x9, 0x5, 0x8, 0x10, 0x10, 0x1, 0x9, 0x0, [@generic={0x42, 0x0, "670ffdca832d53759612929f0a12f1c60c893d5a3fbc9dc62dedac34e2b8829a5a53fb34412cb5d09ae1198b03420a28175f8ad1841ef17a56dfed88e7963abe"}, @uac_iso={0x7, 0x25, 0x1, 0x83, 0x4}]}}, {{0x9, 0x5, 0x4, 0x10, 0x20, 0x5, 0xe1, 0x6, [@generic={0x87, 0x1, "244aec00df9a422efae80ca62d278f47196d219edda84ab2fcf2c59bd17092ffe5aa6dfe0fdd92d26100826d8726bdc7c02b396ea61b6b6c38daf49fd4bfafab79e5ed287e913e102171693bc1401d6f9c775cc8a57a8e55ff732569045788fd3d463515dc2d41d539974702fbef8532417092b9b858be9a80f03c36dc9ad8c604ebc81ddb"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x10, 0x87, 0x4, 0x0, [@generic={0xb7, 0x22, "6d72c3a27ed9fc7eb92ee469cfd48110c3d55baa7162788c4b42cb56e80d1f3d15d0b0576b31740bab6889035951696f1ecfefc18ace5b5851bbd84dabfcb53156982d18de0ffb459eb64f4d8368d7e681da02bd8e4e362d14832e1cca65169af504d93c9a7eedc3e2c88cc013f20259a43888727714ac7c90678382cdf22d85d26920e8abd23f28855ad4b3d5eb5483f93a257cb7ea103a34ab348e305e5786195d0f4571e8c9827ba0ddbba89dd9306c3837856e"}, @generic={0x34, 0x22, "3b51ebf944821be48a5dc48870fe64bd4890f2557b3baccd4db13d2ee785dbf214b44ef93a6ebf3aab2ea4767aa46fac5859"}]}}, {{0x9, 0x5, 0xf, 0x0, 0x20, 0x5, 0xc1, 0x81}}, {{0x9, 0x5, 0x0, 0x4, 0x40, 0x7, 0x3, 0x5, [@generic={0x12, 0x22, "4c918b66c2e90a3c87fd71751340b490"}, @generic={0x51, 0x22, "162c49e03ee1e727330e3169133e50c6cdafd854edf5d7fb30e2aa1636cc67d20958d3bcf5e1599c531ee930af4f01ea27d38667b05b443a5a4edfef3c81a7a850638d550dac39dad9220428c5239c"}]}}, {{0x9, 0x5, 0x1, 0x3, 0x200, 0x5, 0xa8, 0xd5, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x0, 0x4}]}}, {{0x9, 0x5, 0x4, 0xc, 0x400, 0x2, 0x9, 0x9c}}, {{0x9, 0x5, 0x0, 0xc, 0x40, 0x14, 0x8, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xb3}, @generic={0x5e, 0x22, "63fbff75eed5cfa208c5d0484766975ba13d529deb19659db0169f59e4b2207f1f8b34afce81e00061c8637fcafce5b85aa46993516a374b54e3434261e1112dfce2ab54aac9b2e72ee8cc6d35309d845a65b1ca33a5a24423a2810f"}]}}, {{0x9, 0x5, 0x5, 0x10, 0x3ff, 0x7, 0x2, 0xe}}]}}, {{0x9, 0x4, 0x25, 0x5, 0x7, 0xe6, 0x15, 0x65, 0x9, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, "ec"}, {0x5, 0x24, 0x0, 0x9}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x0, 0xe, 0x8}, [@ncm={0x6, 0x24, 0x1a, 0xff, 0x30}]}], [{{0x9, 0x5, 0xe, 0x3, 0x3ff, 0x5, 0x1, 0x4}}, {{0x9, 0x5, 0xb, 0x0, 0x40, 0xf1, 0x0, 0xc}}, {{0x9, 0x5, 0x0, 0x10, 0x0, 0xf8, 0x9, 0xb6, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xb4, 0x1}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x4, 0x7}]}}, {{0x9, 0x5, 0xb, 0x10, 0x200, 0x15, 0xa7, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0x0, 0x46c7}]}}, {{0x9, 0x5, 0x3, 0x2, 0x0, 0x1, 0x2, 0xfa}}, {{0x9, 0x5, 0xa, 0x0, 0x40, 0x7f, 0x0, 0x5}}, {{0x9, 0x5, 0x0, 0x3, 0x3ff, 0x2, 0x3, 0x3, [@generic={0xd7, 0x21, "5468ccd987b2faaba1336b3a424a3a459a94c7d94948edc262597f4b5ea459e34efe7731acedbcc2068b8b002536bc44b21060812efb5e32de928dd47a2eb51efdc8addd64ae371e0a135b270e3ff86e2110933674732f6697586feb0152e3dcc2d5e887500bbaac9d31a73185b1661479da8d9d312bed5918f8cc3f92ee6403c9135889da1ea9341d5e5cbd861091855b64db3cbe497719552a5d530911acf45a451f00ea440785c4c9c95a027bab75b88ff775adcc5c79d270ac39a6c735acb0e134da81955ce79aef00a133c9ec07966b4b0f38"}]}}]}}, {{0x9, 0x4, 0xa2, 0x7, 0x8, 0xf1, 0x32, 0xf2, 0x40, [], [{{0x9, 0x5, 0x8, 0x10, 0x8, 0xa, 0x5, 0x3}}, {{0x9, 0x5, 0x7, 0x0, 0x3ff, 0xa, 0xff, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0xc, 0x5}, @generic={0x8c, 0x22, "b93dd53ba4c7fa135f9b7f44ba84f4b32980284552777217da24c3cb76513cc590766015300f5700552fcf4608f2e743b77a379bd4530d73de374e277a1bdfca4d90596929549702b3a2384e500de77b67004832a33686349ae155733f07904a278a362fc1d7e31a497a998b2650eb455ad8ea22267a88513b8086d4678bd959af764d2de734499f51e3"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x400, 0xf7, 0x0, 0x49, [@generic={0x2, 0x7}, @generic={0xc, 0x0, "d0ff101c2ef66ca00242"}]}}, {{0x9, 0x5, 0x80, 0x1c, 0x20, 0x1, 0x10, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x104, 0x17, 0xb}]}}, {{0x9, 0x5, 0xb, 0xc, 0x400, 0x8, 0x7, 0x6}}, {{0x9, 0x5, 0x3, 0xc, 0x40, 0x3, 0x5, 0xd}}, {{0x9, 0x5, 0x0, 0x773e88e81f03147a, 0x0, 0xff, 0x0, 0x94, [@generic={0x3, 0x8, "8b"}]}}, {{0x9, 0x5, 0x0, 0x0, 0x200, 0x0, 0x3, 0x3}}]}}]}}]}}, &(0x7f0000001380)={0xa, &(0x7f0000001000)={0xa, 0x6, 0x300, 0x5, 0xa7, 0xf, 0x10}, 0x8, &(0x7f0000001040)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x1, [{0x10, &(0x7f00000011c0)=@string={0x10, 0x3, "0e04a47cb885dca45358da51c1c2"}}]}) 173.455481ms ago: executing program 5 (id=2321): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 122.785421ms ago: executing program 0 (id=2322): r0 = timerfd_create(0x0, 0x0) readv(r0, &(0x7f0000000640)=[{&(0x7f0000000140)=""/168, 0xa8}], 0x1) timerfd_settime(r0, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0) clock_adjtime(0x0, &(0x7f0000000040)={0xd54, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}) 0s ago: executing program 1 (id=2323): r0 = socket$l2tp6(0xa, 0x2, 0x73) bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20) connect$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback, 0x0, 0x1}, 0x20) getpeername$l2tp6(r0, 0x0, &(0x7f00000000c0)) kernel console output (not intermixed with test programs): change from 0 to 128 [ 270.083551][ T9691] FAT-fs (loop3): invalid media value (0x00) [ 270.105958][ T9691] FAT-fs (loop3): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 270.146646][ T9691] FAT-fs (loop3): Can't find a valid FAT filesystem [ 270.166049][ T5331] usb 2-1: config 0 has no interfaces? [ 270.170062][ T9694] loop5: detected capacity change from 0 to 64 [ 270.171745][ T5331] usb 2-1: New USB device found, idVendor=eb1a, idProduct=e350, bcdDevice=f8.fa [ 270.211089][ T5331] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.240850][ T9662] loop4: detected capacity change from 0 to 32768 [ 270.307225][ T5331] usb 2-1: config 0 descriptor?? [ 270.361508][ T9662] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 270.407061][ T9662] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 270.579119][ T5331] usb 2-1: USB disconnect, device number 11 [ 270.731717][ T9662] XFS (loop4): Ending clean mount [ 270.743660][ T9662] XFS (loop4): Quotacheck needed: Please wait. [ 270.815839][ T9662] XFS (loop4): Quotacheck: Done. [ 271.018791][ T5224] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 271.052266][ T9702] loop3: detected capacity change from 0 to 32768 [ 271.110783][ T9702] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 271.314561][ T9702] XFS (loop3): Ending clean mount [ 271.376873][ T9702] XFS (loop3): Quotacheck needed: Please wait. [ 271.506790][ T9702] XFS (loop3): Quotacheck: Done. [ 271.597943][ T5233] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 271.608711][ T5233] Bluetooth: hci5: Injecting HCI hardware error event [ 271.619626][ T5233] Bluetooth: hci5: hardware error 0x00 [ 271.720974][ T7311] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 272.039509][ T25] hid-generic 000D:0000:0000.000B: unknown main item tag 0x0 [ 272.071092][ T9745] loop0: detected capacity change from 0 to 512 [ 272.092455][ T9745] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 272.115267][ T25] hid-generic 000D:0000:0000.000B: unknown main item tag 0x0 [ 272.177774][ T9745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 272.180294][ T25] hid-generic 000D:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz1 [ 272.205538][ T9745] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 272.717910][ T5223] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.867971][ T9741] loop5: detected capacity change from 0 to 32768 [ 272.950191][ T9731] loop1: detected capacity change from 0 to 40427 [ 273.014379][ T9731] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12 [ 273.032049][ T9731] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 273.166475][ T9741] read_mapping_page failed! [ 273.185985][ T9741] ERROR: (device loop5): txCommit: [ 273.185985][ T9741] [ 273.282270][ T9731] F2FS-fs (loop1): Found nat_bits in checkpoint [ 273.565635][ T9731] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 273.587756][ T9731] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 273.617581][ T5289] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 273.751282][ T9779] loop4: detected capacity change from 0 to 256 [ 273.805025][ T5289] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 273.839035][ T5289] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 273.873205][ T5289] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 273.882530][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.897190][ T9767] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 273.908229][ T5289] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 273.914634][ T9781] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1430'. [ 273.916191][ T5233] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 273.924206][ T9781] netlink: 'syz.0.1430': attribute type 2 has an invalid length. [ 273.924232][ T9781] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1430'. [ 274.316487][ T5289] usb 4-1: USB disconnect, device number 12 [ 274.588377][ T9798] sctp: [Deprecated]: syz.1.1431 (pid 9798) Use of int in max_burst socket option. [ 274.588377][ T9798] Use struct sctp_assoc_value instead [ 274.614470][ T5226] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 274.755508][ T9800] nbd: nbd2 already in use [ 274.812962][ T5226] usb 5-1: Using ep0 maxpacket: 16 [ 274.915997][ T5226] usb 5-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f [ 274.925811][ T5226] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 274.933864][ T5226] usb 5-1: Product: syz [ 274.938965][ T5226] usb 5-1: Manufacturer: syz [ 274.943597][ T5226] usb 5-1: SerialNumber: syz [ 274.966318][ T5226] usb 5-1: config 0 descriptor?? [ 275.074260][ T9787] loop0: detected capacity change from 0 to 32768 [ 275.427719][ T5226] usb 5-1: USB disconnect, device number 5 [ 275.439935][ T9787] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=xxhash,str_hash=crc32c,nojournal_transaction_names,version_upgrade=none [ 275.473878][ T9787] bcachefs (loop0): recovering from clean shutdown, journal seq 8 [ 275.524961][ T9787] bcachefs (loop0): insufficient writeable journal devices available: have 0, need 1 [ 275.524961][ T9787] rw journal devs: loop0 [ 275.826745][ T9834] loop1: detected capacity change from 0 to 2048 [ 275.840059][ T9834] udf: Unknown parameter '00000000000000000000' [ 275.960821][ T9787] bcachefs (loop0): accounting_read... done [ 275.968455][ T9787] bcachefs (loop0): alloc_read... done [ 275.985119][ T9787] bcachefs (loop0): stripes_read... done [ 275.996305][ T5233] Bluetooth: hci5: Opcode 0x206c failed: -110 [ 275.997177][ T9834] [U] [ 276.006402][ T9787] bcachefs (loop0): snapshots_read... done [ 276.026960][ T9787] bcachefs (loop0): journal_replay... done [ 276.033206][ T9787] bcachefs (loop0): resume_logged_ops... done [ 276.042554][ T9787] bcachefs (loop0): going read-write [ 276.070484][ T9834] [U] Lë\Ȃ\M+ [ 276.107100][ T9787] bcachefs (loop0): done starting filesystem [ 276.110799][ T9834] [U] QKAҰ|" [ 276.161948][ T9843] wlan0 speed is unknown, defaulting to 1000 [ 276.172058][ T9834] [U] *K۶W :64]T~YZ~Q 3SǕCPYǃV]DB [ 276.179120][ T9834] [U] [ 276.220420][ T9834] [U] [ 276.223215][ T9834] [U] [ 276.225947][ T9834] [U] [ 276.228677][ T9834] [U] [ 276.233757][ T9787] bcachefs (loop0): shutdown by ioctl type 1 [ 276.256604][ T5291] bcachefs (loop0): going read-only [ 276.262314][ T5291] bcachefs (loop0): finished waiting for writes to stop [ 276.275197][ T5226] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 276.315204][ T9834] [U] [ 276.318003][ T9834] [U] [ 276.338085][ T9834] [U] [ 276.342561][ T9834] [U] OͷGF[{~˿N: [ 276.354014][ T9833] [U] EOEWQQK?V~WWؓNYֹX-6&HB<&RZC??߾٨ [ 276.439146][ T9787] syz.0.1436 (9787) used greatest stack depth: 17816 bytes left [ 276.464558][ T5226] usb 6-1: Using ep0 maxpacket: 16 [ 276.476525][ T5226] usb 6-1: config 0 has no interfaces? [ 276.501990][ T5226] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 276.542485][ T5226] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.558983][ T5223] bcachefs (loop0): shutting down [ 276.564610][ T5226] usb 6-1: Product: syz [ 276.568941][ T5226] usb 6-1: Manufacturer: syz [ 276.573564][ T5226] usb 6-1: SerialNumber: syz [ 276.824575][ T9851] loop3: detected capacity change from 0 to 32768 [ 276.835594][ T5226] usb 6-1: config 0 descriptor?? [ 276.865507][ T9851] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1455 (9851) [ 276.916781][ T9864] random: crng reseeded on system resumption [ 276.969277][ T9851] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 276.984562][ T9851] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 276.993053][ T9851] BTRFS info (device loop3): using free-space-tree [ 277.275395][ T47] usb 6-1: USB disconnect, device number 7 [ 277.541911][ T7311] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 278.063791][ T9885] loop5: detected capacity change from 0 to 1024 [ 278.074806][ T5233] Bluetooth: hci5: Opcode 0x2046 failed: -110 [ 278.267490][ T9885] hfsplus: bad catalog entry type [ 278.330559][ T62] hfsplus: b-tree write err: -5, ino 4 [ 278.558253][ T9897] loop5: detected capacity change from 0 to 24 [ 278.575592][ T9897] MTD: Attempt to mount non-MTD device "/dev/loop5" [ 278.624081][ C0] vkms_vblank_simulate: vblank timer overrun [ 278.624474][ T9897] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 279.140946][ T9911] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1474'. [ 279.219402][ T9911] netem: unknown loss type 13 [ 279.234548][ T9911] netem: change failed [ 280.253576][ T9910] loop1: detected capacity change from 0 to 40427 [ 280.287229][ T9910] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504) [ 280.294252][ T9910] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 280.398005][ T9910] F2FS-fs (loop1): invalid crc value [ 280.476677][ T9910] F2FS-fs (loop1): Found nat_bits in checkpoint [ 280.601334][ T9921] loop5: detected capacity change from 0 to 32768 [ 280.629983][ T9940] loop3: detected capacity change from 0 to 128 [ 280.642958][ T9910] F2FS-fs (loop1): Start checkpoint disabled! [ 280.673556][ T9910] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 280.705247][ T9910] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 280.723257][ T9921] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 280.769454][ T9910] syz.1.1473: attempt to access beyond end of device [ 280.769454][ T9910] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 280.869222][ T9921] XFS (loop5): Ending clean mount [ 280.878391][ T9921] XFS (loop5): Quotacheck needed: Please wait. [ 280.985335][ T1063] kworker/u8:6: attempt to access beyond end of device [ 280.985335][ T1063] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427 [ 281.001410][ T1063] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 281.008380][ T1063] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 281.015427][ T1063] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 281.023399][ T1063] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 281.234625][ T9921] XFS (loop5): Quotacheck: Done. [ 281.542770][ T8203] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 282.010357][ T9973] wlan0 speed is unknown, defaulting to 1000 [ 282.390194][ T9963] loop1: detected capacity change from 0 to 32768 [ 282.464831][ T9963] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 282.552338][ T9967] loop2: detected capacity change from 0 to 32768 [ 282.685663][ T9963] XFS (loop1): Ending clean mount [ 282.700050][ T9963] XFS (loop1): Quotacheck needed: Please wait. [ 282.713805][ T9967] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 282.809918][ T9963] XFS (loop1): Quotacheck: Done. [ 282.943391][ T5222] ocfs2: Unmounting device (7,2) on (node local) [ 283.030647][ T7149] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 283.038841][ T5242] Bluetooth: hci6: command 0x0406 tx timeout [ 283.392157][ T9974] loop3: detected capacity change from 0 to 32768 [ 283.476849][ T9974] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 283.588584][T10017] netlink: 'syz.2.1511': attribute type 10 has an invalid length. [ 283.596879][T10017] netlink: 55 bytes leftover after parsing attributes in process `syz.2.1511'. [ 283.727600][ T9974] XFS (loop3): Ending clean mount [ 283.851490][ T7311] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 284.044528][ T5226] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 284.216257][ T5308] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 284.252252][ T5226] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 284.276452][ T5226] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 284.315963][ T5226] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 4.00 [ 284.352450][ T5226] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 284.385931][ T5308] usb 5-1: Using ep0 maxpacket: 8 [ 284.395350][ T5308] usb 5-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b [ 284.407438][ T5226] usb 2-1: config 0 descriptor?? [ 284.420874][ T5308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.443039][ T5308] usb 5-1: Product: syz [ 284.468919][ T5308] usb 5-1: Manufacturer: syz [ 284.484268][ T5308] usb 5-1: SerialNumber: syz [ 284.506926][ T5308] usb 5-1: config 0 descriptor?? [ 284.539787][ T5308] option 5-1:0.0: GSM modem (1-port) converter detected [ 284.630268][T10033] loop5: detected capacity change from 0 to 32768 [ 284.647398][T10033] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1518 (10033) [ 284.663581][T10033] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 284.674011][T10033] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 284.704162][T10033] BTRFS info (device loop5): using free-space-tree [ 284.747093][ T5290] usb 5-1: USB disconnect, device number 6 [ 284.754091][ T5290] option 5-1:0.0: device disconnected [ 284.856383][ T5226] wacom 0003:056A:00F8.000C: unknown main item tag 0x7 [ 284.904624][ T5226] wacom 0003:056A:00F8.000C: hidraw0: USB HID v0.00 Device [HID 056a:00f8] on usb-dummy_hcd.1-1/input0 [ 285.012520][ T8203] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 285.066139][ T5290] usb 2-1: USB disconnect, device number 12 [ 285.634194][T10049] loop3: detected capacity change from 0 to 32768 [ 285.661168][T10049] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1523 (10049) [ 285.712273][T10070] loop5: detected capacity change from 0 to 4096 [ 285.747351][T10049] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 285.754255][T10070] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 285.773982][T10049] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 285.792976][T10049] BTRFS info (device loop3): disk space caching is enabled [ 285.867690][T10049] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 285.918479][T10070] ntfs3: loop5: ino=0, ntfs_iget5 [ 285.923954][T10070] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 285.946594][T10070] ntfs3: loop5: ino=3, ntfs_set_state failed, -22. [ 286.100100][ T5313] ntfs3: loop5: ino=3, ntfs3_write_inode failed, -22. [ 286.178729][T10049] BTRFS info (device loop3): rebuilding free space tree [ 286.214552][T10049] BTRFS info (device loop3): disabling free space tree [ 286.246550][T10049] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 286.260627][T10072] loop4: detected capacity change from 0 to 32768 [ 286.272252][T10072] XFS: noikeep mount option is deprecated. [ 286.278694][T10049] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 286.341143][T10072] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 286.415226][T10072] XFS (loop4): Ending clean mount [ 286.433696][T10072] XFS (loop4): Quotacheck needed: Please wait. [ 286.518239][T10072] XFS (loop4): Quotacheck: Done. [ 286.619239][ T7311] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 286.641671][ T5224] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 286.949672][ T5242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 286.974859][ T5242] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 286.984782][ T5242] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 286.997937][ T5242] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 287.005836][ T5242] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 287.013188][ T5242] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 287.128574][T10114] wlan0 speed is unknown, defaulting to 1000 [ 287.185754][ T5308] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 287.357267][ T5308] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 287.373625][ T5308] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 287.415110][ T5308] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00 [ 287.437119][ T5308] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 287.463653][ T5308] usb 6-1: config 0 descriptor?? [ 287.487036][T10114] chnl_net:caif_netlink_parms(): no params data found [ 287.744708][T10140] loop1: detected capacity change from 0 to 64 [ 287.802428][T10142] binder: 10141:10142 ioctl c0306201 200002c0 returned -14 [ 287.893824][T10114] bridge0: port 1(bridge_slave_0) entered blocking state [ 287.899719][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 287.910373][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 287.921249][T10114] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.928720][T10114] bridge_slave_0: entered allmulticast mode [ 287.936217][T10114] bridge_slave_0: entered promiscuous mode [ 287.945562][T10114] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.952731][T10114] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.960224][T10114] bridge_slave_1: entered allmulticast mode [ 287.969194][T10114] bridge_slave_1: entered promiscuous mode [ 287.983460][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 288.015691][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 288.026101][T10148] loop4: detected capacity change from 0 to 1024 [ 288.051030][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 288.080452][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 288.093332][T10147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1550'. [ 288.122629][T10114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.134016][ T5308] arvo 0003:1E7D:30D4.000D: unknown main item tag 0x0 [ 288.173361][ T5308] arvo 0003:1E7D:30D4.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.5-1/input0 [ 288.203098][T10114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.228292][T10153] syz.4.1549: attempt to access beyond end of device [ 288.228292][T10153] loop4: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 288.291069][T10148] syz.4.1549: attempt to access beyond end of device [ 288.291069][T10148] loop4: rw=0, sector=2046, nr_sectors = 2 limit=1024 [ 288.367453][T10114] team0: Port device team_slave_0 added [ 288.375955][T10148] syz.4.1549: attempt to access beyond end of device [ 288.375955][T10148] loop4: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 288.424835][ T5308] usb 6-1: USB disconnect, device number 8 [ 288.493888][T10162] loop2: detected capacity change from 0 to 16 [ 288.513181][T10114] team0: Port device team_slave_1 added [ 288.592358][T10114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 288.608167][T10162] erofs: (device loop2): mounted with root inode @ nid 36. [ 288.612785][T10114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.648091][T10162] erofs: (device loop2): erofs_find_target_block: corrupted dir block 0 @ nid 36 [ 288.657605][T10114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 288.664759][ T47] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 288.683035][T10159] wlan0 speed is unknown, defaulting to 1000 [ 288.697959][T10168] loop3: detected capacity change from 0 to 164 [ 288.713667][T10114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 288.744416][T10114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 288.796048][T10168] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 288.814383][T10114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 288.834609][ T47] usb 2-1: Using ep0 maxpacket: 16 [ 288.850395][ T47] usb 2-1: config 0 has no interfaces? [ 288.868847][T10168] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 288.894665][ T47] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 288.915915][ T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 288.930555][ T47] usb 2-1: Product: syz [ 288.939426][ T47] usb 2-1: Manufacturer: syz [ 288.944139][ T47] usb 2-1: SerialNumber: syz [ 288.963339][T10172] loop2: detected capacity change from 0 to 1024 [ 288.993840][ T47] usb 2-1: config 0 descriptor?? [ 289.046778][T10172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 289.068175][T10114] hsr_slave_0: entered promiscuous mode [ 289.127776][ T5233] Bluetooth: hci7: command tx timeout [ 289.134538][T10114] hsr_slave_1: entered promiscuous mode [ 289.163888][T10114] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 289.194987][T10114] Cannot create hsr debugfs directory [ 289.344833][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 289.361898][T10188] loop5: detected capacity change from 0 to 1024 [ 289.454184][ T47] usb 2-1: USB disconnect, device number 13 [ 289.727091][T10114] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.899081][T10114] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.099573][T10114] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.244551][T10195] ipvlan2: entered promiscuous mode [ 290.430689][T10170] loop4: detected capacity change from 0 to 40427 [ 290.465862][T10170] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504) [ 290.500145][T10170] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 290.514271][T10114] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.529829][T10170] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x1fffff [ 290.550927][T10170] F2FS-fs (loop4): invalid crc value [ 290.622940][ T29] audit: type=1326 audit(1727147823.075:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10191 comm="syz.2.1568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f345957def9 code=0x7fc00000 [ 290.652536][T10170] F2FS-fs (loop4): Found nat_bits in checkpoint [ 290.871222][T10206] loop2: detected capacity change from 0 to 1024 [ 290.891202][T10170] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 290.912091][T10170] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 291.027382][T10114] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 291.044510][T10206] hfsplus: found bad thread record in catalog [ 291.063660][T10206] hfsplus: catalog searching failed [ 291.077655][T10114] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 291.117901][T10114] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 291.126413][ T5224] syz-executor: attempt to access beyond end of device [ 291.126413][ T5224] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 291.147740][ T5224] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 291.198885][T10114] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 291.221533][ T12] hfsplus: found bad thread record in catalog [ 291.234736][ T5233] Bluetooth: hci7: command tx timeout [ 291.285096][ T12] hfsplus: found bad thread record in catalog [ 291.332791][T10199] loop3: detected capacity change from 0 to 32768 [ 291.346967][T10199] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1571 (10199) [ 291.380065][T10199] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 291.401698][T10199] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 291.418859][T10199] BTRFS info (device loop3): using free-space-tree [ 291.561506][T10114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 291.634608][T10114] 8021q: adding VLAN 0 to HW filter on device team0 [ 291.653603][ T29] audit: type=1800 audit(1727147824.115:34): pid=10199 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1571" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 291.690579][T10230] netlink: 'syz.1.1577': attribute type 8 has an invalid length. [ 291.728821][T10230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1577'. [ 291.788991][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 291.796188][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 291.876291][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 291.883505][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 291.942691][T10239] loop2: detected capacity change from 0 to 64 [ 291.964045][T10240] loop5: detected capacity change from 0 to 512 [ 292.002509][T10114] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 292.013414][T10114] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 292.105890][ T7311] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 292.184050][T10240] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1582: bg 0: block 393: padding at end of block bitmap is not set [ 292.233044][T10243] input: syz0 as /devices/virtual/input/input24 [ 292.296879][T10240] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 292.311615][T10114] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 292.371529][T10240] EXT4-fs (loop5): 2 truncates cleaned up [ 292.401322][T10240] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 292.576543][T10114] veth0_vlan: entered promiscuous mode [ 292.598326][T10114] veth1_vlan: entered promiscuous mode [ 292.715712][ T8203] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.806676][T10114] veth0_macvtap: entered promiscuous mode [ 292.864709][T10114] veth1_macvtap: entered promiscuous mode [ 292.950844][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 292.999088][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.054585][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.084426][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.107252][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.119863][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.136711][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.161406][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.181111][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.218989][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.238798][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.262293][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.275823][ T5233] Bluetooth: hci7: command tx timeout [ 293.295628][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 293.307837][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.342440][T10114] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 293.385518][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.435030][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.474543][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.485974][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.507739][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.519691][T10259] loop3: detected capacity change from 0 to 32768 [ 293.538637][T10259] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1584 (10259) [ 293.554640][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.585863][T10259] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 293.592314][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.609192][T10259] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 293.632827][T10259] BTRFS info (device loop3): using free-space-tree [ 293.645122][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.664195][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.675581][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.685544][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.699425][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.709919][T10114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 293.720917][T10114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 293.747169][T10114] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 293.825622][T10114] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.887725][T10114] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.922698][T10114] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 293.953495][T10114] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.041007][T10263] loop5: detected capacity change from 0 to 40427 [ 294.133311][ T29] audit: type=1800 audit(1727147826.595:35): pid=10259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1584" name="bus" dev="loop3" ino=263 res=0 errno=0 [ 294.135918][T10263] F2FS-fs (loop5): Found nat_bits in checkpoint [ 294.334784][ T25] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 294.343342][T10263] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 294.453686][ T7311] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 294.506849][ T8203] syz-executor: attempt to access beyond end of device [ 294.506849][ T8203] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 294.506908][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 294.532130][ T8203] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 294.538724][ T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 294.589172][ T25] usb 2-1: New USB device found, idVendor=056a, idProduct=00b5, bcdDevice= 0.00 [ 294.603255][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.622222][ T25] usb 2-1: config 0 descriptor?? [ 295.053761][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.084324][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.138772][ T25] wacom 0003:056A:00B5.000E: Unknown device_type for 'HID 056a:00b5'. Assuming pen. [ 295.177535][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.186013][ T25] wacom 0003:056A:00B5.000E: hidraw0: USB HID v0.00 Device [HID 056a:00b5] on usb-dummy_hcd.1-1/input0 [ 295.209543][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.218674][ T25] input: Wacom Intuos3 6x11 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00B5.000E/input/input25 [ 295.355139][ T5233] Bluetooth: hci7: command tx timeout [ 295.368840][ T25] usb 2-1: USB disconnect, device number 14 [ 295.921093][T10324] loop5: detected capacity change from 0 to 32768 [ 296.067051][T10315] loop2: detected capacity change from 0 to 32768 [ 296.186583][T10339] binder: 10338:10339 ioctl 400c620e 20000380 returned -22 [ 296.253666][T10324] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 296.267508][T10313] loop4: detected capacity change from 0 to 32768 [ 296.359783][T10341] tap0: tun_chr_ioctl cmd 1074025677 [ 296.385054][T10341] tap0: linktype set to 821 [ 296.402448][T10324] XFS (loop5): Ending clean mount [ 296.403160][T10313] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 296.572132][ T8203] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 296.589919][T10313] XFS (loop4): Ending clean mount [ 296.698127][T10313] XFS (loop4): Quotacheck needed: Please wait. [ 297.115208][T10313] XFS (loop4): Quotacheck: Done. [ 297.162094][T10370] netlink: 'syz.1.1622': attribute type 1 has an invalid length. [ 297.560542][T10385] loop1: detected capacity change from 0 to 1024 [ 297.701659][ T5224] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 297.714754][T10387] syz.5.1629[10387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 297.714894][T10387] syz.5.1629[10387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 297.798163][T10387] syz.5.1629[10387] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 297.871718][ T1063] hfsplus: b-tree write err: -5, ino 4 [ 298.484946][T10380] loop3: detected capacity change from 0 to 32768 [ 298.608157][T10380] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 299.358844][T10421] loop5: detected capacity change from 0 to 16 [ 299.377403][T10380] XFS (loop3): Ending clean mount [ 299.418731][T10421] erofs: (device loop5): mounted with root inode @ nid 36. [ 299.718274][T10413] loop1: detected capacity change from 0 to 32768 [ 300.079564][T10413] XFS (loop1): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 300.115580][T10380] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 300.412406][T10420] loop4: detected capacity change from 0 to 32768 [ 300.461911][T10413] XFS (loop1): Ending clean mount [ 300.780146][T10439] loop3: detected capacity change from 0 to 128 [ 300.956326][T10441] netlink: 105120 bytes leftover after parsing attributes in process `syz.0.1643'. [ 301.241679][ T7149] XFS (loop1): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 301.422931][T10446] loop5: detected capacity change from 0 to 64 [ 301.498703][T10446] Trying to free block not in datazone [ 301.533284][T10446] Trying to free block not in datazone [ 301.943728][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1656'. [ 302.273699][T10457] loop2: detected capacity change from 0 to 40427 [ 302.327841][T10457] F2FS-fs (loop2): Small segment_count (9 < 1 * 24) [ 302.334628][T10457] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 302.442480][T10483] loop1: detected capacity change from 0 to 128 [ 302.466648][T10483] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 302.570635][T10457] F2FS-fs (loop2): Found nat_bits in checkpoint [ 302.720760][T10492] loop5: detected capacity change from 0 to 2048 [ 302.797120][T10457] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 302.804267][T10457] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 302.816103][T10497] wlan0 speed is unknown, defaulting to 1000 [ 302.882015][T10500] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 302.905068][T10457] syz.2.1652: attempt to access beyond end of device [ 302.905068][T10457] loop2: rw=0, sector=53328, nr_sectors = 8 limit=40427 [ 302.924943][T10457] syz.2.1652: attempt to access beyond end of device [ 302.924943][T10457] loop2: rw=0, sector=53328, nr_sectors = 8 limit=40427 [ 302.941752][T10457] syz.2.1652: attempt to access beyond end of device [ 302.941752][T10457] loop2: rw=0, sector=53328, nr_sectors = 8 limit=40427 [ 302.959601][T10505] syz.2.1652: attempt to access beyond end of device [ 302.959601][T10505] loop2: rw=2049, sector=53336, nr_sectors = 8 limit=40427 [ 302.979963][ T29] audit: type=1800 audit(1727147835.365:36): pid=10457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1652" name="file2" dev="loop2" ino=10 res=0 errno=0 [ 303.124674][ T29] audit: type=1804 audit(1727147835.495:37): pid=10509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1665" name="/newroot/96/file0/file2" dev="loop5" ino=16 res=1 errno=0 [ 303.227423][ T5308] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 303.344795][ T5222] syz-executor: attempt to access beyond end of device [ 303.344795][ T5222] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 303.380105][ T5222] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 303.550589][T10519] pimreg: entered allmulticast mode [ 303.574075][T10519] pimreg: left allmulticast mode [ 303.595095][ T5308] usb 4-1: Using ep0 maxpacket: 16 [ 303.609245][ T5308] usb 4-1: config 0 has no interfaces? [ 303.664949][ T5308] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 303.680689][ T5308] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.695540][ T5308] usb 4-1: Product: syz [ 303.699765][ T5308] usb 4-1: Manufacturer: syz [ 303.708534][ T5308] usb 4-1: SerialNumber: syz [ 303.717427][ T5308] usb 4-1: config 0 descriptor?? [ 304.089529][ T5226] usb 4-1: USB disconnect, device number 13 [ 305.113622][T10566] loop3: detected capacity change from 0 to 4096 [ 305.164386][T10566] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 305.320275][T10566] ntfs3: loop3: Failed to initialize $Extend/$Reparse. [ 305.590613][ T5313] ntfs3: loop3: ino=1a, ntfs3_write_inode failed, -22. [ 305.603859][ T7311] ntfs3: loop3: ino=1a, ntfs_sync_fs failed, -22. [ 305.647049][T10548] loop2: detected capacity change from 0 to 40427 [ 305.756224][T10548] F2FS-fs (loop2): Found nat_bits in checkpoint [ 305.833831][T10582] loop5: detected capacity change from 0 to 512 [ 305.862325][T10582] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 305.926257][T10582] EXT4-fs (loop5): 1 truncate cleaned up [ 305.932955][T10582] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 305.945754][T10548] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 306.011175][T10562] loop4: detected capacity change from 0 to 40427 [ 306.127900][T10562] F2FS-fs (loop4): Found nat_bits in checkpoint [ 306.147719][ T5222] syz-executor: attempt to access beyond end of device [ 306.147719][ T5222] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 306.163353][ T8203] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 306.190252][ T5222] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 306.374794][T10562] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 306.596158][ T9846] Allocator stuck? Waited for 30 seconds [ 306.596185][ T9846] Allocator debug: [ 306.596197][ T9846] capacity1536 [ 306.596210][ T9846] reserved 31232 [ 306.596224][ T9846] hidden 0 [ 306.596237][ T9846] btree 0 [ 306.596249][ T9846] data 0 [ 306.596263][ T9846] cached 0 [ 306.596280][ T9846] reserved 0 [ 306.596294][ T9846] online_reserved 0 [ 306.596307][ T9846] nr_inodes 0 [ 306.596320][ T9846] [ 306.596331][ T9846] freelist_wait waiting [ 306.596344][ T9846] open buckets allocated1 [ 306.596357][ T9846] open buckets total 1024 [ 306.596370][ T9846] open_buckets_wait empty [ 306.596383][ T9846] open_buckets_btree 0 [ 306.596396][ T9846] open_buckets_user 0 [ 306.596408][ T9846] btree reserve cache 0 [ 306.596421][ T9846] [ 306.596432][ T9846] Dev 0: [ 306.596444][ T9846] buckets sectors fragmented [ 306.596459][ T9846] free 0 0 0 [ 306.596475][ T9846] sb 0 0 0 [ 306.596490][ T9846] journal 0 0 0 [ 306.596505][ T9846] btree 0 0 0 [ 306.596521][ T9846] user 0 0 0 [ 306.596537][ T9846] cached 0 0 0 [ 306.596553][ T9846] parity 0 0 0 [ 306.596568][ T9846] stripe 0 0 0 [ 306.596584][ T9846] need_gc_gens 0 0 0 [ 306.596599][ T9846] need_discard 0 0 0 [ 306.596614][ T9846] unstriped 0 0 0 [ 306.596630][ T9846] capacity 128 [ 306.596643][ T9846] [ 306.596654][ T9846] reserves: [ 306.596665][ T9846] stripe 60 [ 306.596679][ T9846] normal 58 [ 306.596691][ T9846] copygc 56 [ 306.596705][ T9846] btree 28 [ 306.596717][ T9846] btree_copygc 0 [ 306.596730][ T9846] reclaim 0 [ 306.606948][ T9846] interior_updates 0 [ 306.606966][ T9846] [ 306.606977][ T9846] open buckets 0 [ 306.606990][ T9846] buckets to invalidate 0 [ 306.607003][ T9846] [ 306.607014][ T9846] Copygc debug: [ 306.607026][ T9846] running: 1 [ 306.607038][ T9846] copygc_wait:0 [ 306.607051][ T9846] copygc_wait_at:0 [ 306.607062][ T9846] Currently waiting for:0 B [ 306.607075][ T9846] Currently waiting since:644 KiB [ 306.607089][ T9846] Currently calculated wait:0 B [ 306.607102][ T9846] [ 306.607113][ T9846] Journal debug: [ 306.607125][ T9846] flags: replay_done,running,need_flush_write [ 306.607142][ T9846] dirty journal entries: 0/32768 [ 306.607155][ T9846] seq: 8 [ 306.607167][ T9846] seq_ondisk: 8 [ 306.607181][ T9846] last_seq: 9 [ 306.607194][ T9846] last_seq_ondisk: 9 [ 306.607208][ T9846] flushed_seq_ondisk: 8 [ 306.607220][ T9846] watermark: stripe [ 306.607234][ T9846] each entry reserved: 321 [ 306.607248][ T9846] nr flush writes: 0 [ 306.607261][ T9846] nr noflush writes: 0 [ 306.607279][ T9846] average write size: 0 B [ 306.607293][ T9846] nr direct reclaim: 0 [ 306.607306][ T9846] nr background reclaim: 0 [ 306.607318][ T9846] reclaim kicked: 0 [ 306.607332][ T9846] reclaim runs in: 0 ms [ 306.607346][ T9846] blocked: 0 [ 306.607359][ T9846] current entry sectors: 0 [ 306.607373][ T9846] current entry error: insufficient_devices [ 306.607388][ T9846] current entry: error [ 306.607402][ T9846] unwritten entries: [ 306.607415][ T9846] last buf closed [ 306.607427][ T9846] space: [ 306.607438][ T9846] discarded 0:0 [ 306.607452][ T9846] clean ondisk 0:0 [ 306.607465][ T9846] clean 0:0 [ 306.607478][ T9846] total 0:0 [ 306.607491][ T9846] dev 0: [ 306.607502][ T9846] nr 8 [ 306.607515][ T9846] bucket size 256 [ 306.607528][ T9846] available 6:256 [ 306.607542][ T9846] discard_idx 0 [ 306.607555][ T9846] dirty_ondisk 0 (seq 0) [ 306.607568][ T9846] dirty_idx 0 (seq 0) [ 306.607581][ T9846] cur_idx 0 (seq 0) [ 306.607595][ T9846] [ 306.642569][T10599] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1707'. [ 306.642699][T10599] netem: unknown loss type 13 [ 306.642787][T10599] netem: change failed [ 306.699171][T10597] loop5: detected capacity change from 0 to 1024 [ 306.796216][ T29] audit: type=1800 audit(1727147839.265:38): pid=10597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1708" name="bus" dev="loop5" ino=26 res=0 errno=0 [ 306.801676][ T5224] syz-executor: attempt to access beyond end of device [ 306.801676][ T5224] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 306.801755][ T5224] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 306.938753][T10580] loop3: detected capacity change from 0 to 32768 [ 306.995911][T10605] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1711'. [ 307.016911][ T5313] hfsplus: b-tree write err: -5, ino 4 [ 307.234851][T10580] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 308.005853][ T7311] ocfs2: Unmounting device (7,3) on (node local) [ 308.211342][T10645] loop2: detected capacity change from 0 to 512 [ 308.332285][T10644] loop1: detected capacity change from 0 to 1024 [ 308.371401][T10644] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 308.371610][T10645] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 308.423214][T10645] ext4 filesystem being mounted at /318/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 308.441275][T10644] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1725: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 308.527695][ T7149] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.591375][T10660] tun0: tun_chr_ioctl cmd 1074025677 [ 308.597282][T10660] tun0: linktype set to 512 [ 308.860325][ T5222] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 308.904637][ T5222] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 308.941202][ T5222] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz-executor: Failed to acquire dquot type 0 [ 309.414847][ T5222] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 309.435166][T10690] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1746'. [ 309.638884][ T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.699774][T10694] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1746'. [ 309.709863][T10690] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1746'. [ 309.870270][ T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.088022][ T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.310038][T10716] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1758'. [ 310.337535][T10716] openvswitch: netlink: IP tunnel attribute has 3052 unknown bytes. [ 310.358577][ T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.614698][ T5242] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 310.631061][ T5242] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 310.643387][ T5242] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 310.652302][ T5242] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 310.688775][ T5242] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 310.704676][ T5242] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 310.831905][T10721] wlan0 speed is unknown, defaulting to 1000 [ 310.846229][ T35] bridge_slave_1: left allmulticast mode [ 310.895117][ T35] bridge_slave_1: left promiscuous mode [ 310.903840][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.991364][ T35] bridge_slave_0: left allmulticast mode [ 311.014643][ T35] bridge_slave_0: left promiscuous mode [ 311.020447][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.511895][T10710] loop3: detected capacity change from 0 to 40427 [ 311.552088][T10710] F2FS-fs (loop3): Mismatch start address, segment0(512) cp_blkaddr(175702528) [ 311.574579][T10710] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 311.595339][T10710] F2FS-fs (loop3): invalid crc value [ 311.606076][T10710] F2FS-fs (loop3): Found nat_bits in checkpoint [ 311.727484][T10710] F2FS-fs (loop3): Try to recover 1th superblock, ret: -30 [ 311.755590][T10710] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 312.009004][T10734] loop4: detected capacity change from 0 to 32768 [ 312.021893][T10710] F2FS-fs (loop3): Try to recover all the superblocks, ret: 0 [ 312.118065][T10710] syz.3.1754: attempt to access beyond end of device [ 312.118065][T10710] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 312.320812][T10734] find_entry called with index >= next_index [ 312.394463][T10710] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 312.484579][ T29] audit: type=1800 audit(1727147844.915:39): pid=10710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1754" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 312.795134][ T5242] Bluetooth: hci3: command tx timeout [ 313.842950][T10759] loop4: detected capacity change from 0 to 1024 [ 313.976110][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 313.998028][ T62] hfsplus: b-tree write err: -5, ino 4 [ 314.877751][ T5242] Bluetooth: hci3: command tx timeout [ 315.322095][T10775] netlink: 'syz.3.1782': attribute type 3 has an invalid length. [ 315.333336][T10775] netlink: 130984 bytes leftover after parsing attributes in process `syz.3.1782'. [ 315.375060][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 315.409448][ T35] bond0 (unregistering): Released all slaves [ 315.545777][ T35] : left promiscuous mode [ 315.752133][T10777] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 315.776271][T10783] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1786'. [ 315.795398][T10777] macvtap1: entered promiscuous mode [ 315.819748][T10777] macvtap1: entered allmulticast mode [ 315.830849][T10777] netdevsim netdevsim4 netdevsim0: entered allmulticast mode [ 316.000813][T10785] could not allocate digest TFM handle sha512-neon [ 316.192076][T10796] loop3: detected capacity change from 0 to 256 [ 316.375256][T10801] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.1793'. [ 316.447294][T10801] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 316.488636][ C1] vkms_vblank_simulate: vblank timer overrun [ 316.551569][T10806] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 316.946065][ T1253] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.952552][ T1253] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.973062][T10809] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1797'. [ 316.984059][ T5242] Bluetooth: hci3: command tx timeout [ 317.072646][T10815] pim6reg0: tun_chr_ioctl cmd 1074025677 [ 317.079364][T10815] pim6reg0: linktype set to 778 [ 317.403390][ T35] hsr_slave_0: left promiscuous mode [ 317.483114][ T35] hsr_slave_1: left promiscuous mode [ 317.528612][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 317.559871][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 317.594240][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 317.756932][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 317.824075][ T35] veth1_macvtap: left promiscuous mode [ 317.870896][ T35] veth0_macvtap: left promiscuous mode [ 317.885981][ T35] veth1_vlan: left promiscuous mode [ 317.915190][ T35] veth0_vlan: left promiscuous mode [ 318.404797][ T5308] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 318.568329][ T5308] usb 5-1: Using ep0 maxpacket: 8 [ 318.577675][ T5308] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 318.599907][ T5308] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 318.643597][ T5308] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.40 [ 318.655739][ T5308] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.684575][ T5308] usb 5-1: Product: syz [ 318.688814][ T5308] usb 5-1: Manufacturer: syz [ 318.693432][ T5308] usb 5-1: SerialNumber: syz [ 318.875639][T10835] loop3: detected capacity change from 0 to 32768 [ 318.890860][T10835] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1808 (10835) [ 318.927701][T10835] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 318.944583][T10835] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 318.963507][T10835] BTRFS info (device loop3): using free-space-tree [ 319.036622][ T5233] Bluetooth: hci3: command tx timeout [ 319.427468][ T5308] hid (null): report_id 2668810406 is invalid [ 319.446657][ T5308] asus 0003:0B05:19B6.000F: report_id 2668810406 is invalid [ 319.454100][ T5308] asus 0003:0B05:19B6.000F: item 0 4 1 8 parsing failed [ 319.473637][ T5308] asus 0003:0B05:19B6.000F: Asus hid parse failed: -22 [ 319.484983][ T5308] asus 0003:0B05:19B6.000F: probe with driver asus failed with error -22 [ 319.639027][ T5308] usb 5-1: USB disconnect, device number 7 [ 319.666037][ T7311] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 320.935825][ T5226] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 321.124633][ T5226] usb 5-1: Using ep0 maxpacket: 16 [ 321.136363][ T5226] usb 5-1: config 0 has no interfaces? [ 321.158582][ T5226] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 321.172668][ T5226] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.229637][ T5226] usb 5-1: Product: syz [ 321.234203][ T5226] usb 5-1: Manufacturer: syz [ 321.253258][ T5226] usb 5-1: SerialNumber: syz [ 321.273558][ T5226] usb 5-1: config 0 descriptor?? [ 322.859660][ T35] team0 (unregistering): Port device team_slave_1 removed [ 322.953680][ T5242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 322.990815][ T5242] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 323.022287][ T5242] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 323.035957][ T35] team0 (unregistering): Port device team_slave_0 removed [ 323.035967][ T5242] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 323.058880][ T5242] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 323.066495][ T5242] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 324.005877][T10854] wlan0 speed is unknown, defaulting to 1000 [ 324.206053][T10861] loop3: detected capacity change from 0 to 4096 [ 324.352932][T10869] loop5: detected capacity change from 0 to 1024 [ 324.419551][T10857] wlan0 speed is unknown, defaulting to 1000 [ 324.550627][T10721] chnl_net:caif_netlink_parms(): no params data found [ 324.798349][T10884] loop5: detected capacity change from 0 to 1024 [ 324.829516][T10884] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 324.909224][T10884] EXT4-fs error (device loop5): ext4_ext_check_inode:524: inode #11: comm syz.5.1820: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 324.957512][T10884] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.1820: couldn't read orphan inode 11 (err -117) [ 325.002804][T10884] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 325.050371][T10884] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.1820: Invalid block bitmap block 0 in block_group 0 [ 325.082363][T10884] Quota error (device loop5): write_blk: dquota write failed [ 325.099461][T10884] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota [ 325.157707][T10721] bridge0: port 1(bridge_slave_0) entered blocking state [ 325.172632][T10721] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.194857][ T5233] Bluetooth: hci7: command tx timeout [ 325.209136][T10884] EXT4-fs error (device loop5): ext4_acquire_dquot:6879: comm syz.5.1820: Failed to acquire dquot type 0 [ 325.221436][T10721] bridge_slave_0: entered allmulticast mode [ 325.237215][T10721] bridge_slave_0: entered promiscuous mode [ 325.270866][ T35] IPVS: stop unused estimator thread 0... [ 325.330623][ T8203] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.344796][T10721] bridge0: port 2(bridge_slave_1) entered blocking state [ 325.357745][T10721] bridge0: port 2(bridge_slave_1) entered disabled state [ 325.374767][T10721] bridge_slave_1: entered allmulticast mode [ 325.383347][T10721] bridge_slave_1: entered promiscuous mode [ 325.461168][T10891] xt_hashlimit: size too large, truncated to 1048576 [ 325.513143][T10721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 325.539691][T10721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 325.594676][T10857] chnl_net:caif_netlink_parms(): no params data found [ 326.100057][T10721] team0: Port device team_slave_0 added [ 326.278265][ T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.592718][T10721] team0: Port device team_slave_1 added [ 326.728199][ T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 326.746517][ T932] usb 5-1: USB disconnect, device number 8 [ 326.862321][T10857] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.890463][T10857] bridge0: port 1(bridge_slave_0) entered disabled state [ 326.915156][T10857] bridge_slave_0: entered allmulticast mode [ 326.932606][T10857] bridge_slave_0: entered promiscuous mode [ 327.118423][ T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.132879][T10857] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.140378][T10857] bridge0: port 2(bridge_slave_1) entered disabled state [ 327.147878][T10857] bridge_slave_1: entered allmulticast mode [ 327.157656][T10857] bridge_slave_1: entered promiscuous mode [ 327.237075][T10721] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 327.277266][ T5242] Bluetooth: hci7: command tx timeout [ 327.296374][T10908] loop1: detected capacity change from 0 to 128 [ 327.304585][T10908] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 327.674987][T10721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.718324][T10721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 327.881029][ T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 327.917334][T10721] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 327.935692][T10721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 327.983573][T10721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 328.087484][T10857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 328.141250][T10721] hsr_slave_0: entered promiscuous mode [ 328.165522][T10721] hsr_slave_1: entered promiscuous mode [ 328.191580][T10721] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 328.214507][T10721] Cannot create hsr debugfs directory [ 328.240230][T10857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 328.432943][T10857] team0: Port device team_slave_0 added [ 328.468058][T10857] team0: Port device team_slave_1 added [ 328.602464][ T35] bridge_slave_1: left allmulticast mode [ 328.634091][ T35] bridge_slave_1: left promiscuous mode [ 328.655410][ T35] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.677549][ T35] bridge_slave_0: left allmulticast mode [ 328.683329][ T35] bridge_slave_0: left promiscuous mode [ 328.700776][ T35] bridge0: port 1(bridge_slave_0) entered disabled state [ 329.124380][ T5242] Bluetooth: hci4: command 0x0406 tx timeout [ 329.388158][ T5233] Bluetooth: hci7: command tx timeout [ 329.919364][ T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 329.933020][ T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 329.955266][ T35] bond0 (unregistering): Released all slaves [ 329.967970][T10857] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 329.975394][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.002028][T10857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 330.116401][T10857] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 330.151699][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 330.224314][T10857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 330.451100][T10857] hsr_slave_0: entered promiscuous mode [ 330.473397][T10857] hsr_slave_1: entered promiscuous mode [ 330.485249][T10857] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 330.493046][T10857] Cannot create hsr debugfs directory [ 330.695525][ T35] hsr_slave_0: left promiscuous mode [ 330.721489][ T35] hsr_slave_1: left promiscuous mode [ 330.738752][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 330.762195][ T35] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 330.774237][ T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 330.791831][ T35] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 330.827372][ T35] veth1_macvtap: left promiscuous mode [ 330.833058][ T35] veth0_macvtap: left promiscuous mode [ 330.839652][ T35] veth1_vlan: left promiscuous mode [ 330.846049][ T35] veth0_vlan: left promiscuous mode [ 331.448177][ T5233] Bluetooth: hci7: command tx timeout [ 331.921658][ T35] team0 (unregistering): Port device team_slave_1 removed [ 332.029218][ T35] team0 (unregistering): Port device team_slave_0 removed [ 332.923730][T10939] loop5: detected capacity change from 0 to 256 [ 332.960353][T10939] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 333.308921][T10943] vlan2: entered allmulticast mode [ 333.314695][T10943] bridge0: port 3(vlan2) entered blocking state [ 333.321218][T10943] bridge0: port 3(vlan2) entered disabled state [ 333.540555][T10941] loop4: detected capacity change from 0 to 32768 [ 333.979036][T10721] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 334.006409][T10721] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 334.055038][T10721] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 334.065391][ T5308] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 334.108755][T10721] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 334.170526][T10857] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 334.192413][T10857] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 334.221935][T10857] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 334.253359][T10857] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 334.282837][ T5308] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 334.305285][ T5308] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 334.321649][ T5308] usb 6-1: Product: syz [ 334.334551][ T5308] usb 6-1: Manufacturer: syz [ 334.339279][ T5308] usb 6-1: SerialNumber: syz [ 334.362848][ T5308] usb 6-1: config 0 descriptor?? [ 334.383197][ T5308] ch341 6-1:0.0: ch341-uart converter detected [ 334.458688][T10721] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.557411][T10721] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.602860][T10857] 8021q: adding VLAN 0 to HW filter on device bond0 [ 334.619561][ T5313] bridge0: port 1(bridge_slave_0) entered blocking state [ 334.627119][ T5313] bridge0: port 1(bridge_slave_0) entered forwarding state [ 334.674522][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 334.681848][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.690725][ T5242] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 334.709668][ T5242] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 334.719830][ T5242] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 334.737402][ T5242] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 334.747440][T10857] 8021q: adding VLAN 0 to HW filter on device team0 [ 334.757986][ T5242] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 334.766971][ T5242] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 334.799467][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 334.806809][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 334.833721][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 334.840962][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 334.922639][T10958] wlan0 speed is unknown, defaulting to 1000 [ 335.197850][ T5308] usb 6-1: failed to send control message: -71 [ 335.235707][ T5308] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 335.289636][T10958] chnl_net:caif_netlink_parms(): no params data found [ 335.298802][ T5308] usb 6-1: USB disconnect, device number 9 [ 335.326173][ T5308] ch341 6-1:0.0: device disconnected [ 335.441800][T10721] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 335.519151][T10958] bridge0: port 1(bridge_slave_0) entered blocking state [ 335.529082][T10958] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.536576][T10958] bridge_slave_0: entered allmulticast mode [ 335.543517][T10958] bridge_slave_0: entered promiscuous mode [ 335.560089][T10857] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 335.580987][T10958] bridge0: port 2(bridge_slave_1) entered blocking state [ 335.596360][T10958] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.603637][T10958] bridge_slave_1: entered allmulticast mode [ 335.612430][T10958] bridge_slave_1: entered promiscuous mode [ 335.667642][T10958] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 335.694118][T10958] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 335.766157][T10958] team0: Port device team_slave_0 added [ 335.783520][T10958] team0: Port device team_slave_1 added [ 335.817174][T10721] veth0_vlan: entered promiscuous mode [ 335.866377][T10958] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 335.873379][T10958] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 335.915772][T10958] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 335.958515][T10857] veth0_vlan: entered promiscuous mode [ 335.973531][T10958] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 335.989244][T10958] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 336.064336][T10958] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 336.260044][T10721] veth1_vlan: entered promiscuous mode [ 336.270295][T10857] veth1_vlan: entered promiscuous mode [ 336.289021][T10958] hsr_slave_0: entered promiscuous mode [ 336.311163][T10958] hsr_slave_1: entered promiscuous mode [ 336.319105][T10958] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 336.328366][T10958] Cannot create hsr debugfs directory [ 336.490240][T10721] veth0_macvtap: entered promiscuous mode [ 336.522655][T10857] veth0_macvtap: entered promiscuous mode [ 336.538070][T10721] veth1_macvtap: entered promiscuous mode [ 336.558814][T10857] veth1_macvtap: entered promiscuous mode [ 336.613036][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.628192][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.644003][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.659018][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.670460][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.683003][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.693943][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.705885][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.706973][ T1160] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 336.717261][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.736695][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.764449][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.784672][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.794929][ T5233] Bluetooth: hci8: command tx timeout [ 336.799290][T10721] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 336.845740][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.866633][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.877625][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.888301][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.894472][ T1160] usb 6-1: Using ep0 maxpacket: 32 [ 336.898292][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.905169][ T1160] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 336.915473][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.936512][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.947518][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.957521][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.968055][ T1160] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 336.978822][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.979454][ T1160] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 336.988794][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.988820][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 336.988851][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 336.998195][ T1160] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0 [ 336.998232][ T1160] usb 6-1: Product: syz [ 336.998259][ T1160] usb 6-1: Manufacturer: syz [ 337.021946][ T1160] hub 6-1:4.0: USB hub found [ 337.031935][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.065923][T10857] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 337.088274][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.104955][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.131287][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.144332][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.154182][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.167410][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.177365][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.190078][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.203119][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.223109][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.239961][ T1160] hub 6-1:4.0: 2 ports detected [ 337.244316][T10721] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.273259][T10721] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.317124][T10721] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 337.365518][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.379293][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.394469][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.405331][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.420078][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.432691][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.450458][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.461657][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.471990][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.482893][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.493322][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.507468][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.518699][T10857] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 337.531399][T10857] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 337.544042][T10857] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 337.599180][T11002] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 337.657127][ T1160] hub 6-1:4.0: set hub depth failed [ 337.677274][ T1160] usb 6-1: USB disconnect, device number 10 [ 337.691598][ T5242] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 337.710978][ T5242] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 337.713072][T10958] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 337.729316][ T5242] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 337.730326][ T5242] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 337.748505][ T5242] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 337.765599][ T5242] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 337.788061][T10721] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.798031][T10721] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.806836][T10721] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.815727][T10721] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.854820][T10857] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.875983][T10857] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.886251][T10857] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.895136][T10857] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 337.970953][T10958] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.077508][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.102897][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.135966][T10958] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.209741][T11004] wlan0 speed is unknown, defaulting to 1000 [ 338.270462][T10958] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 338.362514][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.392670][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.507185][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.538323][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.675149][T11015] CUSE: zero length info key specified [ 338.804187][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 338.834902][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 338.876472][ T5233] Bluetooth: hci8: command tx timeout [ 338.931002][T10958] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 339.003305][T10958] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 339.091279][T11018] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'. [ 339.139053][T10958] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 339.189294][T10958] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 339.330895][T10958] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.354574][T10958] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.382975][T11004] chnl_net:caif_netlink_parms(): no params data found [ 339.529739][T10958] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 339.540324][T10958] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 339.584231][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.591618][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 339.643907][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.651328][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 339.810229][T11012] loop5: detected capacity change from 0 to 32768 [ 339.899646][T11027] loop4: detected capacity change from 0 to 32768 [ 339.914916][ T5233] Bluetooth: hci9: command tx timeout [ 339.939647][T11012] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.061877][T11027] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 340.182055][T11027] XFS (loop4): Ending clean mount [ 340.189693][T11012] XFS (loop5): Ending clean mount [ 340.195174][T11027] XFS (loop4): Quotacheck needed: Please wait. [ 340.213976][T11012] XFS (loop5): Quotacheck needed: Please wait. [ 340.331742][T11027] XFS (loop4): Quotacheck: Done. [ 340.456215][T11012] XFS (loop5): Quotacheck: Done. [ 340.485903][ T5224] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 340.606273][T11068] program syz.0.1879 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 340.651616][T10958] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 340.681665][ T8203] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.692295][T10958] veth0_vlan: entered promiscuous mode [ 340.712216][T10958] veth1_vlan: entered promiscuous mode [ 340.740345][T10958] veth0_macvtap: entered promiscuous mode [ 340.750590][T10958] veth1_macvtap: entered promiscuous mode [ 340.758899][T11004] bridge0: port 1(bridge_slave_0) entered blocking state [ 340.780559][T11004] bridge0: port 1(bridge_slave_0) entered disabled state [ 340.792546][T11071] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 340.854866][T11004] bridge_slave_0: entered allmulticast mode [ 340.905012][T11004] bridge_slave_0: entered promiscuous mode [ 340.929261][T11074] loop4: detected capacity change from 0 to 128 [ 340.936023][T11071] CIFS mount error: No usable UNC path provided in device string! [ 340.936023][T11071] [ 340.951384][T11071] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 340.978293][ T5233] Bluetooth: hci8: command tx timeout [ 340.994242][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 340.997217][T11074] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 341.027341][T11074] ext4 filesystem being mounted at /369/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 341.027844][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.071881][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.082517][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.092410][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.103095][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.140789][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.215223][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.259543][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.305378][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.311526][T11080] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 341.318954][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.336617][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.347506][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.375259][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.394519][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 341.405968][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.426922][T10958] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 341.449030][ T5224] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 341.476406][T11004] bridge0: port 2(bridge_slave_1) entered blocking state [ 341.488793][T11004] bridge0: port 2(bridge_slave_1) entered disabled state [ 341.497869][T11004] bridge_slave_1: entered allmulticast mode [ 341.505259][T11004] bridge_slave_1: entered promiscuous mode [ 341.702007][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.713583][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.725046][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.737733][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.748034][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.759139][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.770207][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.780764][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.790694][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.802251][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.812161][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.822684][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.834226][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.846041][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.856884][T10958] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 341.867439][T10958] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 341.879461][T10958] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 341.891452][T10958] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.900294][T10958] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.909075][T10958] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 341.917880][T10958] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 342.003935][ T5233] Bluetooth: hci9: command tx timeout [ 342.043398][T11093] binder_alloc: binder_alloc_mmap_handler: 11092 20ffd000-20fff000 already mapped failed -16 [ 342.232050][T11004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 342.300504][T11087] loop5: detected capacity change from 0 to 32768 [ 342.439604][T11087] JBD2: Ignoring recovery information on journal [ 342.449033][T11004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 342.569212][T11087] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode. [ 342.636532][T11104] netlink: 'syz.2.1893': attribute type 1 has an invalid length. [ 342.699617][T11004] team0: Port device team_slave_0 added [ 342.770217][T11004] team0: Port device team_slave_1 added [ 342.944517][T11004] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.969303][T11004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.008917][T11004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 343.023317][T11004] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 343.032091][T11004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 343.068359][ T5233] Bluetooth: hci8: command tx timeout [ 343.088540][ T8203] ocfs2: Unmounting device (7,5) on (node local) [ 343.091988][T11004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 343.131523][ T5313] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.184429][ T5313] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 343.540257][T11004] hsr_slave_0: entered promiscuous mode [ 343.566045][ T1160] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 343.579074][T11004] hsr_slave_1: entered promiscuous mode [ 343.724806][ T1160] usb 6-1: Using ep0 maxpacket: 8 [ 343.733832][ T1160] usb 6-1: New USB device found, idVendor=04bb, idProduct=0901, bcdDevice=55.a0 [ 343.764434][ T1160] usb 6-1: New USB device strings: Mfr=250, Product=2, SerialNumber=3 [ 343.776122][ T1160] usb 6-1: Product: syz [ 343.780328][ T1160] usb 6-1: Manufacturer: syz [ 343.785044][ T1160] usb 6-1: SerialNumber: syz [ 343.815367][ T1160] usb 6-1: config 0 descriptor?? [ 343.924523][T11004] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 343.934424][T11004] Cannot create hsr debugfs directory [ 343.954762][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 343.962747][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 344.026604][T11147] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 344.104824][ T5233] Bluetooth: hci9: command tx timeout [ 344.123431][ T1160] kaweth 6-1:0.0: Firmware present in device. [ 344.334494][ T1160] kaweth 6-1:0.0: Statistics collection: 0 [ 344.340397][ T1160] kaweth 6-1:0.0: Multicast filter limit: 0 [ 344.346555][ T1160] kaweth 6-1:0.0: MTU: 0 [ 344.350826][ T1160] kaweth 6-1:0.0: Read MAC address 00:00:00:00:00:00 [ 344.545920][T11157] loop4: detected capacity change from 0 to 128 [ 344.684119][ T29] audit: type=1326 audit(1727147877.145:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11162 comm="syz.2.1918" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f747ab7def9 code=0x0 [ 344.732162][ T1160] kaweth 6-1:0.0: Error setting SOFS wait [ 344.745690][ T1160] kaweth 6-1:0.0: probe with driver kaweth failed with error -5 [ 344.780299][ T1160] usb 6-1: USB disconnect, device number 11 [ 344.784159][T11157] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 344.850983][T11157] ext4 filesystem being mounted at /378/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 344.897542][T11004] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.004092][T11169] program syz.0.1920 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 345.092746][T11004] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.096761][ T5224] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 345.256345][T11004] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.418527][T11004] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 345.509140][T11182] loop5: detected capacity change from 0 to 1024 [ 345.616843][ T35] hfsplus: b-tree write err: -5, ino 4 [ 345.697822][T11004] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 345.719878][ T5313] hfsplus: b-tree write err: -5, ino 4 [ 345.732160][T11004] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 345.782134][T11004] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 345.810397][T11004] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 345.843668][T11191] loop2: detected capacity change from 0 to 2048 [ 345.899172][T11191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.982568][T11191] EXT4-fs error (device loop2): ext4_lookup:1813: inode #16: comm syz.2.1927: unexpected EA_INODE flag [ 346.170865][T11004] 8021q: adding VLAN 0 to HW filter on device bond0 [ 346.174475][ T5233] Bluetooth: hci9: command tx timeout [ 346.196883][T11004] 8021q: adding VLAN 0 to HW filter on device team0 [ 346.218399][ T1063] bridge0: port 1(bridge_slave_0) entered blocking state [ 346.225651][ T1063] bridge0: port 1(bridge_slave_0) entered forwarding state [ 346.243732][ T1063] bridge0: port 2(bridge_slave_1) entered blocking state [ 346.251014][ T1063] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.319695][T11004] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 346.333528][T11004] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 346.407845][T10721] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.667003][T11210] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1936'. [ 346.712798][T11212] vivid-001: disconnect [ 346.755220][T11211] vivid-001: reconnect [ 346.891056][T11004] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 346.931714][T11004] veth0_vlan: entered promiscuous mode [ 346.946006][T11004] veth1_vlan: entered promiscuous mode [ 347.015096][T11004] veth0_macvtap: entered promiscuous mode [ 347.026259][T11004] veth1_macvtap: entered promiscuous mode [ 347.055745][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.066923][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.077083][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.089122][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.099276][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.110055][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.134495][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.151137][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.169671][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.189370][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.224190][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.242930][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.259995][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.281269][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.300719][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.321136][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.342892][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.380789][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.412628][T11004] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 347.460072][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.500023][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.536247][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.556397][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.579081][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.602886][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.632324][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.659987][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.672609][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.684540][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.697956][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.715635][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.745398][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.784413][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.809371][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.843469][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.879681][T11004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 347.915100][T11004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.949515][T11004] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 348.017867][T11004] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.050603][T11004] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.073505][T11004] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.092980][T11004] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.448805][T11242] loop5: detected capacity change from 0 to 64 [ 348.747045][ T1063] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 348.785289][ T1063] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 348.978056][ T1063] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 349.033884][ T1063] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 349.483184][T11254] tun0: tun_chr_ioctl cmd 1074025677 [ 349.524552][T11254] tun0: linktype set to 773 [ 349.624521][ T1160] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 349.804507][ T1160] usb 6-1: Using ep0 maxpacket: 8 [ 349.945360][ T1160] usb 6-1: config 135 has an invalid interface number: 230 but max is 0 [ 349.953790][ T1160] usb 6-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 349.964517][ T1160] usb 6-1: config 135 has no interface number 0 [ 349.970836][ T1160] usb 6-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 350.392928][ T1160] usb 6-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 350.429437][ T1160] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 350.458131][ T1160] usb 6-1: Product: syz [ 350.462386][ T1160] usb 6-1: Manufacturer: syz [ 350.510382][ T1160] usb 6-1: SerialNumber: syz [ 350.546894][ T1160] usb 6-1: Found UVC 0.00 device syz (18ec:3288) [ 350.553342][ T1160] usb 6-1: No valid video chain found. [ 350.749819][ T25] usb 6-1: USB disconnect, device number 12 [ 350.884516][ T5289] usb 2-1: new high-speed USB device number 15 using dummy_hcd [ 351.054952][T11291] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1972'. [ 351.073117][ T5289] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 351.084201][ T5289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 351.115562][ T5289] usb 2-1: config 0 descriptor?? [ 351.131884][ T5289] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 351.312854][T11303] netlink: 4056 bytes leftover after parsing attributes in process `syz.2.1978'. [ 351.351219][T11303] openvswitch: netlink: Actions may not be safe on all matching packets [ 351.523827][ T29] audit: type=1326 audit(1727147883.975:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11312 comm="syz.0.1983" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe3ad17def9 code=0x0 [ 351.628125][T11319] binder: 11318:11319 ioctl c018620b 0 returned -14 [ 351.704417][ T1160] usb 6-1: new high-speed USB device number 13 using dummy_hcd [ 351.882665][ T1160] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 351.892765][ T1160] usb 6-1: New USB device strings: Mfr=210, Product=154, SerialNumber=3 [ 351.907798][ T1160] usb 6-1: Product: syz [ 351.912023][ T1160] usb 6-1: Manufacturer: syz [ 351.917336][ T1160] usb 6-1: SerialNumber: syz [ 351.924205][ T1160] usb 6-1: config 0 descriptor?? [ 351.993565][ T5289] gspca_cpia1: usb_control_msg 02, error -71 [ 352.006131][ T5289] gspca_cpia1: usb_control_msg 05, error -71 [ 352.023297][ T5289] gspca_cpia1: usb_control_msg 04, error -71 [ 352.031048][ T5289] cpia1 2-1:0.0: probe with driver cpia1 failed with error -71 [ 352.053738][ T5289] usb 2-1: USB disconnect, device number 15 [ 352.205464][T11338] loop4: detected capacity change from 0 to 1024 [ 352.389274][T11342] loop2: detected capacity change from 0 to 512 [ 352.435520][ T12] hfsplus: b-tree write err: -5, ino 4 [ 352.495453][T11342] EXT4-fs error (device loop2): ext4_init_orphan_info:586: comm syz.2.1996: inode #0: comm syz.2.1996: iget: illegal inode # [ 352.510943][T11344] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 352.551074][T11342] EXT4-fs (loop2): get orphan inode failed [ 352.580293][ T29] audit: type=1326 audit(1727147885.045:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.585358][T11342] EXT4-fs (loop2): mount failed [ 352.602680][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.605527][ T29] audit: type=1326 audit(1727147885.075:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.654103][ T29] audit: type=1326 audit(1727147885.075:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.677542][ T29] audit: type=1326 audit(1727147885.075:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.753042][ T29] audit: type=1326 audit(1727147885.075:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.830867][ T29] audit: type=1326 audit(1727147885.075:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11347 comm="syz.4.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f638f17def9 code=0x7ffc0000 [ 352.864531][ T1160] usb 6-1: Firmware version (0.0) predates our first public release. [ 352.887696][T11353] openvswitch: netlink: Missing key (keys=20040, expected=80) [ 352.889993][ T1160] usb 6-1: Please update to version 0.2 or newer [ 352.946189][ T1160] usb 6-1: USB disconnect, device number 13 [ 353.143927][T11365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2007'. [ 353.266649][T11373] netlink: 209852 bytes leftover after parsing attributes in process `syz.4.2012'. [ 353.277088][T11373] openvswitch: netlink: IP tunnel attribute has 3048 unknown bytes. [ 353.369799][T11375] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2009'. [ 353.793814][T11385] tap0: tun_chr_ioctl cmd 2147767521 [ 353.812459][T11390] loop5: detected capacity change from 0 to 256 [ 354.059093][T11389] netlink: 'syz.4.2016': attribute type 29 has an invalid length. [ 354.074560][T11391] netlink: 'syz.4.2016': attribute type 29 has an invalid length. [ 354.085388][T11392] netlink: 'syz.4.2016': attribute type 29 has an invalid length. [ 354.239540][T11402] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2019'. [ 354.239542][T11400] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2021'. [ 355.104926][T11441] netlink: 428 bytes leftover after parsing attributes in process `syz.5.2042'. [ 355.127160][T11441] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2042'. [ 355.139991][T11444] Attempt to restore checkpoint with obsolete wellknown handles [ 355.494532][ T5331] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 355.665920][ T5331] usb 6-1: Using ep0 maxpacket: 8 [ 355.688718][ T5331] usb 6-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab [ 355.704077][ T5331] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.735790][ T5331] usb 6-1: Product: syz [ 355.744405][ T5331] usb 6-1: Manufacturer: syz [ 355.749024][ T5331] usb 6-1: SerialNumber: syz [ 355.768268][T11468] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 355.776379][ T5331] usb 6-1: config 0 descriptor?? [ 356.134376][ T5331] usb 6-1: USB disconnect, device number 14 [ 356.164768][T11482] hsr0: entered promiscuous mode [ 356.183078][T11482] macsec1: entered allmulticast mode [ 356.254863][T11482] hsr0: entered allmulticast mode [ 356.277442][T11482] hsr_slave_0: entered allmulticast mode [ 356.305907][T11482] hsr_slave_1: entered allmulticast mode [ 357.093762][T11521] tap0: tun_chr_ioctl cmd 1074025673 [ 357.443833][ T8] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 357.637441][ T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 357.659185][ T8] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 357.689638][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 357.736464][ T8] usb 1-1: config 0 descriptor?? [ 357.955344][ T8] usbhid 1-1:0.0: can't add hid device: -71 [ 357.962943][ T8] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 358.008478][ T8] usb 1-1: USB disconnect, device number 12 [ 358.155145][T11545] netlink: 203516 bytes leftover after parsing attributes in process `syz.2.2090'. [ 358.176673][T11545] netlink: 6324 bytes leftover after parsing attributes in process `syz.2.2090'. [ 358.194603][T11546] vivid-008: disconnect [ 358.203427][T11544] vivid-008: reconnect [ 358.395572][T11552] netpci0: tun_chr_ioctl cmd 1074025677 [ 358.410495][T11552] netpci0: linktype set to 805 [ 358.717992][T11565] siw: device registration error -23 [ 358.856690][T11569] binder: 11567:11569 ioctl c018620c 200005c0 returned -1 [ 358.966775][T11573] ALSA: seq fatal error: cannot create timer (-22) [ 359.189913][T11577] loop5: detected capacity change from 0 to 2048 [ 359.212151][T11564] loop4: detected capacity change from 0 to 32768 [ 359.238862][T11577] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 359.722299][T11596] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2116'. [ 359.742212][T11590] ceph: missing cluster fsid [ 359.764448][T11590] ceph: separator ':' missing in source [ 359.773377][T11596] xfrm1: entered promiscuous mode [ 359.814322][T11596] xfrm1: entered allmulticast mode [ 360.009562][T11603] loop4: detected capacity change from 0 to 1024 [ 360.100852][T11603] hfsplus: bad catalog entry type [ 360.117455][T11607] siw: device registration error -23 [ 361.086251][T11630] loop2: detected capacity change from 0 to 32768 [ 361.175431][T11630] [ 361.175431][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.175431][T11630] [ 361.224182][T11630] [ 361.224182][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.224182][T11630] [ 361.264238][T11630] [ 361.264238][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.264238][T11630] [ 361.296991][T11630] [ 361.296991][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.296991][T11630] [ 361.334688][T11630] [ 361.334688][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.334688][T11630] [ 361.401200][T11630] [ 361.401200][T11630] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.401200][T11630] [ 361.514521][T11655] loop5: detected capacity change from 0 to 128 [ 361.650725][ T29] audit: type=1326 audit(1727147894.115:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 361.744518][ T29] audit: type=1326 audit(1727147894.155:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 361.786697][ T29] audit: type=1326 audit(1727147894.155:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 361.832120][ T145] [ 361.832120][ T145] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.832120][ T145] [ 361.864910][ T145] [ 361.864910][ T145] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.864910][ T145] [ 361.893265][ T29] audit: type=1326 audit(1727147894.155:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 361.909936][T10721] [ 361.909936][T10721] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.909936][T10721] [ 361.948459][ T29] audit: type=1326 audit(1727147894.155:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 361.981020][ T110] [ 361.981020][ T110] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 361.981020][ T110] [ 362.011752][ T29] audit: type=1326 audit(1727147894.165:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 362.024382][T10721] [ 362.024382][T10721] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 362.024382][T10721] [ 362.047403][ T29] audit: type=1326 audit(1727147894.165:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f214f17def9 code=0x7ffc0000 [ 362.171031][ T29] audit: type=1326 audit(1727147894.165:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f214f174ea7 code=0x7ffc0000 [ 362.314470][ T29] audit: type=1326 audit(1727147894.165:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f214f119879 code=0x7ffc0000 [ 362.377600][ T29] audit: type=1326 audit(1727147894.165:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11663 comm="syz.1.2147" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f214f174ea7 code=0x7ffc0000 [ 363.107407][T11701] netem: change failed [ 363.256559][T11716] loop4: detected capacity change from 0 to 256 [ 363.357717][T11721] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 363.364804][T11721] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 363.400560][T11721] vhci_hcd vhci_hcd.0: Device attached [ 363.417745][T11725] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(6) [ 363.424353][T11725] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 363.439117][T11725] vhci_hcd vhci_hcd.0: Device attached [ 363.480560][T11721] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(5) [ 363.487188][T11721] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 363.500526][T11721] vhci_hcd vhci_hcd.0: Device attached [ 363.510873][T11716] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 363.551732][T11721] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(9) [ 363.558365][T11721] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 363.565301][ C0] vkms_vblank_simulate: vblank timer overrun [ 363.576104][ T1160] vhci_hcd: vhci_device speed not set [ 363.641117][T11721] vhci_hcd vhci_hcd.0: Device attached [ 363.646902][ T1160] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 363.692341][T11722] vhci_hcd: connection reset by peer [ 363.698016][T11726] vhci_hcd: connection closed [ 363.712930][T11730] vhci_hcd: connection closed [ 363.721082][T11735] vhci_hcd: connection closed [ 363.741589][ T35] vhci_hcd: stop threads [ 363.762359][ T35] vhci_hcd: release socket [ 363.828652][ T35] vhci_hcd: disconnect device [ 363.849791][ T35] vhci_hcd: stop threads [ 363.864351][ T35] vhci_hcd: release socket [ 363.869564][ T35] vhci_hcd: disconnect device [ 363.909295][ T35] vhci_hcd: stop threads [ 363.913657][ T35] vhci_hcd: release socket [ 363.938187][ T35] vhci_hcd: disconnect device [ 363.948666][ T35] vhci_hcd: stop threads [ 363.953052][ T35] vhci_hcd: release socket [ 363.976444][ T35] vhci_hcd: disconnect device [ 364.000221][T11749] loop5: detected capacity change from 0 to 2048 [ 364.100395][T11751] loop4: detected capacity change from 0 to 1024 [ 364.126650][T11752] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 364.157292][T11749] NILFS error (device loop5): nilfs_readdir: zero-length directory entry [ 364.181438][T11749] Remounting filesystem read-only [ 364.191690][T11751] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.244824][T11751] EXT4-fs (loop4): resizing filesystem from 512 to 0 blocks [ 364.257658][T11751] EXT4-fs warning (device loop4): ext4_resize_fs:2040: can't shrink FS - resize aborted [ 364.439087][ T5224] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 364.487198][ C0] vkms_vblank_simulate: vblank timer overrun [ 364.577716][T11759] netlink: 'syz.5.2185': attribute type 1 has an invalid length. [ 364.586011][T11759] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2185'. [ 365.375374][ T5289] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 365.557052][ T5289] usb 1-1: Using ep0 maxpacket: 16 [ 365.565761][ T5289] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 365.623569][ T5289] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 365.633997][ T5289] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 365.642258][ T5289] usb 1-1: Product: syz [ 365.646593][ T5289] usb 1-1: Manufacturer: syz [ 365.651221][ T5289] usb 1-1: SerialNumber: syz [ 365.682335][ T5289] usb 1-1: config 0 descriptor?? [ 365.716828][ T5289] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 365.725378][ T5289] usb 1-1: Detected FT232R [ 365.905726][T11808] netlink: 188 bytes leftover after parsing attributes in process `syz.4.2207'. [ 365.936375][ T5289] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 365.944686][T11808] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2207'. [ 366.146127][T11820] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2213'. [ 366.149427][ T5289] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 366.324592][ T25] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 366.354503][ T5289] usb 1-1: USB disconnect, device number 13 [ 366.439271][ T5289] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 366.459551][ T5289] ftdi_sio 1-1:0.0: device disconnected [ 366.494608][ T25] usb 6-1: Using ep0 maxpacket: 8 [ 366.509765][ T25] usb 6-1: unable to get BOS descriptor or descriptor too short [ 366.520318][ T25] usb 6-1: config 8 has an invalid interface number: 255 but max is 0 [ 366.529073][ T25] usb 6-1: config 8 has no interface number 0 [ 366.539079][ T25] usb 6-1: config 8 interface 255 has no altsetting 0 [ 366.571172][ T25] usb 6-1: string descriptor 0 read error: -22 [ 366.582027][ T25] usb 6-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf [ 366.609496][ T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 367.091943][T11827] loop2: detected capacity change from 0 to 32768 [ 367.103468][ T25] eth%d: CATC EL1210A NetMate USB Ethernet at usb-dummy_hcd.5-1, 00:00:00:00:00:00. [ 367.115467][T11827] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2217 (11827) [ 367.144870][ T25] usb 6-1: USB disconnect, device number 15 [ 367.178411][T11827] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 367.199942][T11827] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 367.209408][T11827] BTRFS info (device loop2): using free-space-tree [ 367.288079][ T5289] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 367.465094][ T5289] usb 5-1: Using ep0 maxpacket: 16 [ 367.473942][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 367.486466][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 367.504540][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 367.517959][ T5289] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 367.529132][ T5289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 367.552672][T10721] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885 [ 367.553890][ T5289] usb 5-1: config 0 descriptor?? [ 367.797540][T11868] loop5: detected capacity change from 0 to 256 [ 367.848647][T11868] FAT-fs (loop5): Directory bread(block 64) failed [ 367.864887][T11868] FAT-fs (loop5): Directory bread(block 65) failed [ 367.874675][T11868] FAT-fs (loop5): Directory bread(block 66) failed [ 367.894379][T11868] FAT-fs (loop5): Directory bread(block 67) failed [ 367.901188][T11868] FAT-fs (loop5): Directory bread(block 68) failed [ 367.963262][T11868] FAT-fs (loop5): Directory bread(block 69) failed [ 368.009457][ T5289] microsoft 0003:045E:07DA.0010: No inputs registered, leaving [ 368.042611][T11868] FAT-fs (loop5): Directory bread(block 70) failed [ 368.054504][T11868] FAT-fs (loop5): Directory bread(block 71) failed [ 368.061239][T11868] FAT-fs (loop5): Directory bread(block 72) failed [ 368.068877][T11868] FAT-fs (loop5): Directory bread(block 73) failed [ 368.100758][ T5289] microsoft 0003:045E:07DA.0010: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 368.113045][ T5289] microsoft 0003:045E:07DA.0010: no inputs found [ 368.119724][ T5289] microsoft 0003:045E:07DA.0010: could not initialize ff, continuing anyway [ 368.179923][ T29] kauditd_printk_skb: 61 callbacks suppressed [ 368.179950][ T29] audit: type=1800 audit(1727147900.615:119): pid=11868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2231" name="bus" dev="loop5" ino=1048652 res=0 errno=0 [ 368.182357][T11868] syz.5.2231: attempt to access beyond end of device [ 368.182357][T11868] loop5: rw=2049, sector=1296, nr_sectors = 4 limit=256 [ 368.248161][ T25] usb 5-1: USB disconnect, device number 9 [ 368.277571][ C0] vkms_vblank_simulate: vblank timer overrun [ 368.301258][T11877] syz.5.2231: attempt to access beyond end of device [ 368.301258][T11877] loop5: rw=2051, sector=1224, nr_sectors = 96 limit=256 [ 368.776215][ C0] vkms_vblank_simulate: vblank timer overrun [ 368.784435][ T1160] vhci_hcd: vhci_device speed not set [ 369.192719][ C0] vkms_vblank_simulate: vblank timer overrun [ 369.338669][T11920] loop4: detected capacity change from 0 to 64 [ 369.525935][ T5290] IPVS: starting estimator thread 0... [ 369.620032][T11927] IPVS: using max 16 ests per chain, 38400 per kthread [ 369.993294][T11946] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 370.070930][T11948] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2261'. [ 370.428838][T11962] program syz.3.2269 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 370.533352][T11965] netlink: 'syz.2.2271': attribute type 1 has an invalid length. [ 370.567922][T11965] netlink: 'syz.2.2271': attribute type 1 has an invalid length. [ 370.568273][T11967] IPVS: dh: SCTP 172.20.20.187:0 - no destination available [ 370.583265][ T5290] IPVS: starting estimator thread 0... [ 370.628963][T11965] netlink: 9292 bytes leftover after parsing attributes in process `syz.2.2271'. [ 370.656525][T11965] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2271'. [ 370.665979][T11965] netlink: 'syz.2.2271': attribute type 1 has an invalid length. [ 370.704557][T11968] IPVS: using max 17 ests per chain, 40800 per kthread [ 370.879291][T11978] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2275'. [ 370.944392][T11978] bataND2_0: renamed from lo (while UP) [ 371.022776][T11983] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2279'. [ 371.103040][T11984] loop4: detected capacity change from 0 to 2048 [ 371.128326][T11984] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 371.182382][T11988] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 371.240570][ T5290] kernel write not supported for file bpf-prog (pid: 5290 comm: kworker/1:5) [ 371.911802][T12012] loop2: detected capacity change from 0 to 64 [ 372.325143][ T5233] Bluetooth: hci9: Controller not accepting commands anymore: ncmd = 0 [ 372.336836][ T5233] Bluetooth: hci9: Injecting HCI hardware error event [ 372.347156][ T5233] Bluetooth: hci9: hardware error 0x00 [ 372.908820][ T5394] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 372.987291][T12043] binder: 12040:12043 ioctl c018620b 0 returned -14 [ 373.086361][ T5394] usb 5-1: too many endpoints for config 4 interface 0 altsetting 0: 101, using maximum allowed: 30 [ 373.091104][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 373.136649][ T5394] usb 5-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xE1, changing to 0x81 [ 373.173027][ T5394] usb 5-1: config 4 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 116 [ 373.188286][T12047] syzkaller0: tun_chr_ioctl cmd 1074812117 [ 373.224427][ T5394] usb 5-1: config 4 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 101 [ 373.257055][ T5394] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b [ 373.289426][ T5394] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 373.334677][T12030] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 373.503613][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 373.565304][ T5394] ath6kl: Failed to submit usb control message: -71 [ 373.615148][ T5394] ath6kl: unable to send the bmi data to the device: -71 [ 373.622266][ T5394] ath6kl: Unable to send get target info: -71 [ 373.675896][ T5394] ath6kl: Failed to init ath6kl core: -71 [ 373.699912][ T5394] ath6kl_usb 5-1:4.0: probe with driver ath6kl_usb failed with error -71 [ 373.751047][ T5394] usb 5-1: USB disconnect, device number 10 [ 373.852823][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.014811][ T5235] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 374.059281][ T5235] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 479.114227][ C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 479.121268][ C1] rcu: 0-...!: (0 ticks this GP) idle=ab84/1/0x4000000000000000 softirq=45958/45958 fqs=0 [ 479.133636][ C1] rcu: (detected by 1, t=10502 jiffies, g=46161, q=288 ncpus=2) [ 479.141374][ C1] Sending NMI from CPU 1 to CPUs 0: [ 479.141414][ C0] NMI backtrace for cpu 0 [ 479.141429][ C0] CPU: 0 UID: 0 PID: 5224 Comm: syz-executor Not tainted 6.11.0-syzkaller-09959-gabf2050f51fd #0 [ 479.141455][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 479.141471][ C0] RIP: 0010:check_preemption_disabled+0x19/0x120 [ 479.141523][ C0] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 <65> 8b 1d 4c 55 40 74 65 8b 05 41 55 40 74 a9 ff ff ff 7f 74 26 65 [ 479.141544][ C0] RSP: 0018:ffffc90000007ae8 EFLAGS: 00000086 [ 479.141565][ C0] RAX: 04e6a0ca245d8300 RBX: ffffc90000007b80 RCX: 04e6a0ca245d8300 [ 479.141584][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0adbc0 RDI: ffffffff8c60efc0 [ 479.141602][ C0] RBP: ffffc90000007c78 R08: ffffffff9425f7c7 R09: 1ffffffff284bef8 [ 479.141621][ C0] R10: dffffc0000000000 R11: fffffbfff284bef9 R12: 1ffff92000000f6c [ 479.141639][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000046 [ 479.141660][ C0] FS: 0000555588d4b500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 479.141681][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 479.141698][ C0] CR2: 00007fe3ae024d58 CR3: 0000000060cc8000 CR4: 0000000000350ef0 [ 479.141717][ C0] Call Trace: [ 479.141728][ C0] [ 479.141740][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 479.141775][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 479.141817][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 479.141851][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 479.141886][ C0] ? nmi_handle+0x151/0x5a0 [ 479.141911][ C0] ? nmi_handle+0x2a/0x5a0 [ 479.141933][ C0] ? check_preemption_disabled+0x19/0x120 [ 479.141970][ C0] ? default_do_nmi+0x63/0x160 [ 479.141996][ C0] ? exc_nmi+0x123/0x1f0 [ 479.142021][ C0] ? end_repeat_nmi+0xf/0x53 [ 479.142070][ C0] ? check_preemption_disabled+0x19/0x120 [ 479.142108][ C0] ? check_preemption_disabled+0x19/0x120 [ 479.142149][ C0] ? check_preemption_disabled+0x19/0x120 [ 479.142186][ C0] [ 479.142194][ C0] [ 479.142202][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.142226][ C0] lock_acquire+0x1fd/0x550 [ 479.142259][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.142284][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 479.142317][ C0] ? advance_sched+0x9b4/0xca0 [ 479.142340][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 479.142372][ C0] ? __pfx_lock_release+0x10/0x10 [ 479.142409][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.142430][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 479.142459][ C0] ? taprio_set_budgets+0x32c/0x370 [ 479.142482][ C0] ? advance_sched+0xa02/0xca0 [ 479.142505][ C0] advance_sched+0xa1e/0xca0 [ 479.142526][ C0] ? advance_sched+0xa02/0xca0 [ 479.142554][ C0] ? __pfx_advance_sched+0x10/0x10 [ 479.142577][ C0] __hrtimer_run_queues+0x59d/0xd50 [ 479.142607][ C0] ? ktime_get_update_offsets_now+0x3c/0x250 [ 479.142652][ C0] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 479.142680][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.142705][ C0] ? ktime_get_update_offsets_now+0x22d/0x250 [ 479.142738][ C0] hrtimer_interrupt+0x396/0x990 [ 479.142776][ C0] __sysvec_apic_timer_interrupt+0x112/0x3f0 [ 479.142802][ C0] sysvec_apic_timer_interrupt+0xa1/0xc0 [ 479.142839][ C0] [ 479.142847][ C0] [ 479.142855][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 479.142894][ C0] RIP: 0010:preempt_count_sub+0x23/0x170 [ 479.142928][ C0] Code: 90 90 90 90 90 90 90 f3 0f 1e fa 41 56 53 89 fb 48 c7 c0 40 69 3b 9a 48 c1 e8 03 49 be 00 00 00 00 00 fc ff df 42 0f b6 04 30 <84> c0 0f 85 d0 00 00 00 83 3d 6e 64 d8 18 00 75 22 65 8b 05 ed d2 [ 479.142948][ C0] RSP: 0018:ffffc900044c7bd0 EFLAGS: 00000216 [ 479.142967][ C0] RAX: 0000000000000004 RBX: 0000000000000001 RCX: 1ffff92000898f58 [ 479.142983][ C0] RDX: dffffc0000000000 RSI: ffffffff8c0aca40 RDI: 0000000000000001 [ 479.142999][ C0] RBP: ffff88802adcda00 R08: ffffffff901ca4af R09: 1ffffffff2039495 [ 479.143017][ C0] R10: dffffc0000000000 R11: fffffbfff2039496 R12: dffffc0000000000 [ 479.143035][ C0] R13: ffffc900044c7da0 R14: dffffc0000000000 R15: ffff88802adcec78 [ 479.143062][ C0] ? schedule+0x90/0x320 [ 479.143093][ C0] schedule+0x155/0x320 [ 479.143124][ C0] do_nanosleep+0x197/0x600 [ 479.143158][ C0] ? do_nanosleep+0x80/0x600 [ 479.143185][ C0] ? __pfx_do_nanosleep+0x10/0x10 [ 479.143213][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.143234][ C0] ? __asan_memset+0x23/0x50 [ 479.143274][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.143296][ C0] ? __hrtimer_init+0x170/0x250 [ 479.143343][ C0] hrtimer_nanosleep+0x1e3/0x3f0 [ 479.143369][ C0] ? __pfx_hrtimer_nanosleep+0x10/0x10 [ 479.143393][ C0] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 479.143418][ C0] ? __pfx_get_timespec64+0x10/0x10 [ 479.143454][ C0] ? blkcg_maybe_throttle_current+0x1ab/0xb80 [ 479.143486][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.143510][ C0] __se_sys_clock_nanosleep+0x32d/0x3c0 [ 479.143551][ C0] ? __pfx___se_sys_clock_nanosleep+0x10/0x10 [ 479.143585][ C0] ? do_syscall_64+0x100/0x230 [ 479.143628][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.143652][ C0] do_syscall_64+0xf3/0x230 [ 479.143688][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.143721][ C0] RIP: 0033:0x7f638f1affe5 [ 479.143740][ C0] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 c6 57 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 1f 58 ff ff 48 8b 04 24 48 83 c4 28 f7 d8 [ 479.143763][ C0] RSP: 002b:00007ffc1a628670 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 479.143786][ C0] RAX: ffffffffffffffda RBX: 000000000000040b RCX: 00007f638f1affe5 [ 479.143803][ C0] RDX: 00007ffc1a6286b0 RSI: 0000000000000000 RDI: 0000000000000000 [ 479.143819][ C0] RBP: 00007ffc1a62870c R08: 0000000000000000 R09: 7fffffffffffffff [ 479.143835][ C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032 [ 479.143850][ C0] R13: 000000000005b4fb R14: 000000000005af96 R15: 00007ffc1a628760 [ 479.143874][ C0] [ 479.144403][ C1] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g46161 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 479.743346][ C1] rcu: Possible timer handling issue on cpu=0 timer-softirq=27486 [ 479.751260][ C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g46161 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0 [ 479.762655][ C1] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 479.772640][ C1] rcu: RCU grace-period kthread stack dump: [ 479.778557][ C1] task:rcu_preempt state:I stack:24272 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 479.788827][ C1] Call Trace: [ 479.792116][ C1] [ 479.795067][ C1] __schedule+0x1895/0x4b30 [ 479.799628][ C1] ? __pfx___schedule+0x10/0x10 [ 479.804518][ C1] ? __pfx_lock_release+0x10/0x10 [ 479.809588][ C1] ? __asan_memset+0x23/0x50 [ 479.814316][ C1] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 479.820167][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 479.826536][ C1] ? schedule+0x90/0x320 [ 479.830811][ C1] schedule+0x14b/0x320 [ 479.835009][ C1] schedule_timeout+0x1be/0x310 [ 479.839895][ C1] ? __pfx_schedule_timeout+0x10/0x10 [ 479.845327][ C1] ? __pfx_process_timeout+0x10/0x10 [ 479.850676][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.856339][ C1] ? prepare_to_swait_event+0x330/0x350 [ 479.861931][ C1] rcu_gp_fqs_loop+0x2df/0x1330 [ 479.866900][ C1] ? lockdep_hardirqs_on+0x99/0x150 [ 479.872144][ C1] ? rcu_gp_init+0x1256/0x1630 [ 479.876935][ C1] ? __pfx_rcu_gp_init+0x10/0x10 [ 479.881933][ C1] ? __pfx_rcu_watching_snap_save+0x10/0x10 [ 479.888315][ C1] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 479.893713][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 479.899685][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.905439][ C1] ? finish_swait+0xd4/0x1e0 [ 479.910083][ C1] rcu_gp_kthread+0xa7/0x3b0 [ 479.914708][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 479.919931][ C1] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 479.926007][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 479.931856][ C1] ? __kthread_parkme+0x169/0x1d0 [ 479.936935][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 479.942161][ C1] kthread+0x2f2/0x390 [ 479.946256][ C1] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 479.951654][ C1] ? __pfx_kthread+0x10/0x10 [ 479.956283][ C1] ret_from_fork+0x4d/0x80 [ 479.960856][ C1] ? __pfx_kthread+0x10/0x10 [ 479.965481][ C1] ret_from_fork_asm+0x1a/0x30 [ 479.970302][ C1]