last executing test programs: 8.587981118s ago: executing program 2 (id=2289): openat(0xffffffffffffffff, 0x0, 0x80000, 0xa0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r0 = epoll_create1(0x0) sync_file_range(r0, 0x7f, 0x7be6, 0x0) 7.644623974s ago: executing program 2 (id=2294): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)="30a0", 0x2}], 0x1}, 0x4040001) recvmsg$unix(r0, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1) recvmsg$unix(r0, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000500)=""/116, 0x74}], 0x1}, 0x2) 6.566388025s ago: executing program 2 (id=2301): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, &(0x7f0000000100)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 4.809522935s ago: executing program 2 (id=2310): bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0xa1}, [@ldst={0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2a) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1a41, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xd132}) write$cgroup_subtree(r0, &(0x7f0000000300)=ANY=[], 0x6e8a) 4.438563915s ago: executing program 1 (id=2312): socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0x1, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x80000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x24) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, 0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000800)={r2, &(0x7f0000000780), 0x0}, 0x20) 4.171565057s ago: executing program 4 (id=2314): syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x1000407, &(0x7f0000000040)={[{@abort}, {@norecovery}, {@orlov}, {@nomblk_io_submit}]}, 0x4, 0x5cd, &(0x7f0000001400)="$eJzs3c9PHFUcAPDvDAsUUMHGROvBEI22iRYKbU39cWjvTVN/3LyIhTa1tCUFo1QTaVI9mBgvHpp48mD9L7TRqycTDx68eDJNqjG9aIxZM/sDlmUXFsoylfl8kum+N2/gvSl8mTdv3tsNoLBGs3/SiH0RMZdEDDeUlaJWOFo97u6fH5zJtiTK5df+SOKZ2r768Untdaj2xf8OR/z4XRJ7e9bWO7949cLU7OzMlVp+fOHi3Pj84tWD5y9OnZs5N3Np8vnJY0ePHD02ceiezi9tSJ+8/va7w5+ceuOrL/5JJr7+5VQSx+P3s9WyxvPYLqMxGn+Vyx8278/+X49td2U56Vn+PVmRNO/g/pVUY6Q3Ih6N4ehp+GkOx0ev5No2oKvKSUQZKKhE/ENB1fsB9Xv7zu6D0y73SoCdcOdEVO7+18Z/qTo2GCOVsYHBu8mqcZ4WQ3pbktXxw/enrmdbdGkcDmht6Vp/LdUc/0klNkdiTyU3eDddFf9ZD+B07TXb/+oW6x9tyot/2DlL1yLisVb9/43j/82G+H9ri/WLfwAAAAAAANg+t05ExHOtnv+ltWdze+LJxvk/P62sEDy+DfVv/Pwvvb0N1QAt3DkR8fLq+b9J0yEjPbXn/A9WZwMmZ8/PzhyKiIci4kD09mf5iXXqOPjp3hvtyhrn/2Vb1ob6XMCq9Hapf/XXTE8tTG31fIEVd65FPF5qP/8n5kqVdf3N83+zvwdzHdax9+mbp9uVbRz/QLeUv4zY33L9z0o3IFn//TnGK/2B8XqvYK0n3v/sm3b1i3/IT3b9H1w//keSxvfrmd/c9++LiMOLpXK78rbxv9zZaN3/70te76l//8x7UwsLVyYi+pKTa/dPbq7NsFvV46EeL1n8H3hq/fG/5f5/QxwORMRSh3UOxNCv7cpc/yE/WfxPb+r6v/nE5M2Rb9vV39n435HKNf1AbY/xP1hfpwGadzsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P8ojYgHIknHltNpOjYWMRQRj8RgOnt5fuHZs5ffuTSdlVU+/z+tf9LvcDWf1D//f6QhP9mUPxwRD0fE5z0DlfzYmcuz03mfPAAAAAAAAAAAAAAAAAAAANwnhtqs/8/81pN364CuK9VexTsUTynvBgC5Ef9QXOIfikv8Q3GJfyiuLca/xwWwC7j+Q1H1dnbYnm63A8hDp9f/gS63AwAAAAAA2Ba3XnrhRhIRSy8OVLZMX61s+cGgcX/YldK8GwDkxhxeKC5Tf6G4Opz8C+xiyXLq73Kr8vaz/5PuNAgAAAAAAAAAAAAAWGP/vls/b7j+H9iVrP+H4lq1/r8/v3YAO8/6fygu9/jARqv4rf8HAAAAAAAAAAAAgPzNL169MDU7O3OlIIn6esf7pT0S6yR6I6LdMfVf4Huv6/DHrYqSXAOkL//w3Pm/RQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGv/BQAA//9qrhqf") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) getdents(r0, 0xfffffffffffffffd, 0x58) 3.935567932s ago: executing program 1 (id=2316): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000001f80)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,iocharset=default,anchor=00000000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c706172746974696f6e3d30303030303030303030303030303030303030322c756e64656c6574652c706172746974696f6e3d30303030303030303030303030303030303030312c756e686964652c001e066340c987db28915dbe6892bc3dce41ae76eaf528dc889820692d753009e30e567403a6c30e933de68a0a923eec1dccf226b58adb7d968bafe76628bceade8672fb893f87dc88"], 0x1, 0xc5a, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcVy9S+mYhXOqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeTEojUKpGhgNEXQI9O6QHLxocipJ6KFjaDogSkCBCgQMJjZt+KSIm3ZJCVK/nxs8js7897sezPrGZrgmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvv3Th5Km0xYYDD6AxAMB9cWnsKydPb3X/BwAeWVe2+/9/AAAAAAAAAAAAAABgv0hRxOORYvbSapqoXnfVL3YGbt0eHxndutqhVNU8UJUvv+qnTp85+4Xnhs/18mJn+j3q77ZPxStjVy40Xpy5OTvXnp9vTzbGpzvXZibb97yHndbf7Hh1ABo3X701ef36fOP0s2c2bL499O7gY0eHzg8/feKpXtnxkdHRsfUi9f7ytQ/dkK7tRngcjCJORIpnvvuT1IqIInZ+LOr399xvdqjqxPGqE+Mjo1VHpjqt6YVy4+XegSgiGn2Vmr1jtPW5iNrAfe3D9poRi2XzywYfL7s3Ntuaa12dajcut+YWOgudmenLqdvasj+NKOJciliKiJXBu3c3EEXUIsW3j6ymq/mpH9Vx+Hw1MHj7dhR72Md7ULazMRCxVDwE52wfG4wiXo4UP3vrWFzL15nqWvO5iJfL/H7EG2W+EJHKD8bZiHe2+BzxcKpFEX9Rnv/zq2myuh70risXv9r48vT1mb6yvevKB7w/3HWleED3h0Ob8v7Y59emehTRqq74q+nD/7ADAAAAAAAAAAAAAAAAwG47FEV8MlK89B9/XI0rjmpc+pHzw38w9Kv9Y8affJ/9lGWfjYjF4t7G5B7MAwMvp8spPeCxxB9l9SjiT/L4v2++T1mnCQAAAAAAAAAAAAAAAAAAYC8V8eNI8fzbx9JS9M8p3pm+0bjSujrVnRW2N/dvb870tbW1tUbqZjPnRM7FnEs5l3Ou5Iwi18/ZzDmRczHnUs7lnCs540Cun7OZcyLnYs6lnMs5V3JGLdfP2cw5kXMx51LO5ZwrOWOfzN0LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAoKaKIX0SKb319NUWKiGbERHRzefBBtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2mIr4XKRp/2LyzrhYRqfq361j57Ww0D5b58WgOl/lCNC/kbFVZa37zAbSfnRlIRfwoUgzW37xzwvP5H+i+uvMxiDe+sf7qU7VuHuhtHHp38LGjR84Pj37mye2W01YNOH6xM33rdmN8ZHR0rG91Lb/7x/vWDeX3LXan60TE/Guvv9qamvqbn0ZUC+25vObeF8qPwAev9TAupNpHpacWqoWo7YtmPJi+b1B/UBco9lR5/38nUvzu2//Zu+F37//1+JXuqzt3+Pj5n67f/5/fvKN7vP/XNtfL9//ynr7V/f/xvnXP559GBmoR9YWbswNHI+rzr71+onOzdaN9oz199uTJLw4Pf/HMyYGDEfXrnal239KuHC4AAAAAAAAAAAAAAACA+ycV8aVI0frRampExO1qvNbQ+eGnTzx1IA5U4602jNt+ZezKhcaLMzdn59rz8+3Jxvh059rMZPte365eDfcaHxndk868r0N73P5D9RdnZl+b69z4o4Uttx+uX7g6vzDXurb15jgURUSzf83xqsHjI6NVo6c6remq6uUtB9N/cAOpiP+KFNfONtJn87o8/n/zCP8N4/8XN+9oF8f/f+bw+vi/j/UVLd8zpSJ+Hil+5y+fjM9W7Twcdx2zXO7vIsXxc5/O5eJgWa7Xhu5zBbojA8uyP40U//SLjWV74yEfXy976gMd3IdAef6PRIrv/fl34jfzuo3Pf9j6/B/evKM9ev7DE33rDq8/r6A9N7/jrpPP/4lI8cLjb8ZvVWv+/z2f/9F79saxbuH153Ps0fn/9b51Q/l9f3u3Og8AAAAAAAAAAPAQG0hF/H2k+MFoLT2X193L3/9Nbt7RHv391yf61k1u+Pu/vVvY8UEFAAAAgH1iIBXx40hxY+HNO2OoN47/7hv/+Xvr4z9H0qat1e/5fq16bsBu/v6v31B+34mddxsAAAAAAAAAAAAAAAAAAAD2lZSKeC7Ppz5Rjeef3HY+9eVI8dL/PJPLpaNlud488EPV9/qlmekTF6amZuqx0Lo61W6Mzbautcu6T0SK1b/9dK77pWp+9d5889053tfnYp+LFKP/0CvbnYu9Nzf5E+tlT5VlPxYp/vsfN5bNU1PnuaOrsqfLsn8dKb72L72ya2vl1l7Zo+tlz5RlvxMpfvi1Rm+/h8v99p6P+on1ss9emyl2/6QAAAAAAAAAAAAAAAAAAADwkTOQivizSPG/N5fujOXP8/8P9L2svPGNvvn+N7ldzfM/VM3/v93yh5n/v3quwOJ27woAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+mFEW8HilmL62m5cHydVf9Ymf61u3xkdGtqx1KVc0DVfnyq37q9JmzX3hu+Fwv37v+bvtkvDJ25ULjxZmbs3Pt+fn2ZGN8unNtZrJ9z3vYaf3NjlcHoHHz1VuT16/PN04/e2bD5ttD7w4+dnTo/PDTJ55ajIiy7PjI6OhYX5nawId+97ukbdYfjCL+KlI8892fpB8MRhSx82PxPp+dvXao6sTxqhPjI6NVR6Y6remFcuPl3oEoIhp9lZq9Y5TP216eix1pRpSfl6Js8PGye2OzrbnW1al243JrbqGz0JmZvpy6rS3704gizqWIpYhYGbx7dwNRxKuR4ttHVtO/DkYc6B2Hz18a+8rJ09u3o9jDPt6Dsp2NgYil4iE4Z/vYYBTxz5HiZ28di38bjKhF9ys+F/Fymd+PeCO65zuVH4yzEe9s8Tni4VSLIv6vPP/nV9Nbg+X1oHddufjVxpenr8/0le1dVx76+8P9tM+vTfUo4ofVFX81/bv/rgEAAAAAAAAAAAAAAAD2kSJ+I1I8//axVI0PvjOmuDN9o3GldXWqO6yvN/avN2Z6bW1trZG62cw5kXMx51LO5ZwrOaPI9XM2y6yvrU3k14s5l3Iu51zJGQdy/ZzNnBM5F3Mu5VzOuZIzarl+zmbOiZyLOZdyLudcyRn7ZOweAAAAAAAAAAAAAAAAAADwaCmqf1J86+uraW2wO7/0RHRz2Xygj7xfBgAA//8XrPrB") dup(0xffffffffffffffff) r0 = open(&(0x7f0000000080)='.\x00', 0x40000, 0x0) getdents(r0, &(0x7f0000000180)=""/173, 0xad) 3.520509755s ago: executing program 0 (id=2317): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x15}}}, 0x24}}, 0x0) 3.488178653s ago: executing program 3 (id=2318): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @fib={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_FIB_RESULT={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_FIB_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_FIB_DREG={0x8, 0x1, 0x1, 0x0, 0x14}]}}}]}]}], {0x14}}, 0xdc}}, 0x0) 3.13963303s ago: executing program 3 (id=2319): r0 = add_key$user(&(0x7f0000000a40), &(0x7f0000000080)={'syz', 0x2}, &(0x7f0000000a80)='X', 0x1, 0xfffffffffffffffe) r1 = add_key$user(&(0x7f0000000180), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000480)='.', 0x1, 0xfffffffffffffffd) r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xf1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r0, r2, r1}, &(0x7f00000001c0)=""/241, 0xf1, &(0x7f0000000000)={&(0x7f0000000140)={'rmd160\x00'}}) 3.034722723s ago: executing program 4 (id=2320): r0 = io_uring_setup(0x3f00, &(0x7f0000000640)={0x0, 0x6a23, 0x1000, 0x0, 0x17e}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x1e, &(0x7f0000001940)=[{0x0, 0x700}], 0x1) 2.736141169s ago: executing program 0 (id=2321): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in6={0xa, 0x4e22, 0x0, @private0}], 0x1c) sendto$inet6(r0, &(0x7f0000000140)='l', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private0}, 0x1c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000180)=0x4) 2.552793571s ago: executing program 2 (id=2322): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000040)={@empty}, 0x14) close(0x3) 2.430224569s ago: executing program 3 (id=2323): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000140), r1) sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000220000000a0001007770616e3000000005002000000004000500200000000000050020000000000009001f"], 0x44}}, 0x0) 2.398007203s ago: executing program 1 (id=2324): set_mempolicy(0x3, &(0x7f0000000000)=0x1, 0x4) r0 = syz_io_uring_setup(0xf3d, &(0x7f0000000480)={0x0, 0x2, 0x0, 0x2, 0x40000}, &(0x7f0000000080)=0x0, &(0x7f0000000540)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) 2.184371416s ago: executing program 4 (id=2325): r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x181c82, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000007140), 0x2, 0x0) read$midi(r1, 0x0, 0x0) write$sequencer(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="930190"], 0x8) 2.020644421s ago: executing program 3 (id=2326): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x21081e, &(0x7f0000000280)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@errors_remount}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @desc3}}) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x80000, 0x0, @desc1}}) 1.495937264s ago: executing program 0 (id=2327): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000800)=ANY=[@ANYBLOB="00020201"], 0x18) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000000)={0x0, 0x1, '\x00', [@jumbo, @ra]}, 0x18) sendmmsg$inet6(r0, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c, &(0x7f00000005c0)=[{&(0x7f0000000300)='Y', 0x1}], 0x1}}], 0x1, 0x40) 1.486121594s ago: executing program 4 (id=2328): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0}}}}}, 0x0) 1.477713029s ago: executing program 1 (id=2329): r0 = syz_open_dev$sg(&(0x7f0000000440), 0x0, 0x181801) writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000a00)="c3d20c7ccf073600040000000000005800ecff130091d42700ff81000e224e227f0000017b00092b1e58e6000001e80900e10a3a313ac7100003ffffffff00000003000000deff000000", 0x4a}], 0x1) capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100)) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0]) 1.163006358s ago: executing program 2 (id=2330): syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x17e, &(0x7f0000000240)="$eJzsmDFP8kAYx/935YW8xvgBXBwkEWMsbVHDwoCJu4mocZNIJWgBAzUREgc/gKODiYuDX8DRycFvoYM6uTA61/TuoCcR0EET4/MbHn5Hnx7Xh+Q/FARB/Fmen14fT5ezBQPAOJJIqO9fjKiHa/0P54dzZ7mVi+v7q7vaxPFN/34MQBB8/vdjAG7zBny1DoL3dyfVZwG85+vgmFW+CQZT+TY4NpS7YNhSvqd5Pew3zd2K55o7da8UihUWOyxOWDL95+ucMJS08zHterPV3i96ntv4Rhk1v06eI6edT/+/urOxtPnZ4LCVZ8CwpjyLRHc2ciTa80/Gov2NH35+EhKS3yZRPgWXDDNaPsW0/Ej71YN0s9Wer1SLZbfs1hwns2QtWNaikxZBJOuQ/Psv8mlM2//fgN44i+Oo6PsNW9be2pH1o8TlIv84UtNyHWZ/fOBp5HWm7mPCUsaQdoIgCIIgCIIgCIIgCIIgiC8wBSbego7AWRXdbwEAAP//gYN3SA==") r0 = syz_open_dev$ttys(0xc, 0x2, 0x1) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2d8051b8f704c07c, 0x0) sendfile(r0, r1, 0x0, 0xe396) 906.437147ms ago: executing program 0 (id=2331): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4004, r0}) mmap$dsp(&(0x7f0000fff000/0x1000)=nil, 0x1002, 0x0, 0x11, r2, 0x2000) 898.68234ms ago: executing program 1 (id=2332): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000002800)=ANY=[@ANYBLOB="73686f727461642c756e64656c6574652c73657373696f6e3d30303030000800003030303030303030303139302c6d6f64653d30303030303030303030303030303030303030303030352c726f6f746469723d30303030303030303030303030303030303030352c646d6f64653d30303030303030303030303030303030303030303030362c696f636861727365743d6370313235312c696f636861727365743d6b6f69382d722c6e6f7672732c0084f5b23d82aacbefd1de1daab7394a9b4696461da9ab46f2d71c895d8c"], 0xfc, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x18) mkdir(&(0x7f0000000180)='./bus\x00', 0x0) 711.468408ms ago: executing program 4 (id=2333): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_STATION(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x44, r1, 0xb97534d5fe9704cf, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x4}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x57e}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5}]}, 0x44}}, 0x0) 663.152403ms ago: executing program 0 (id=2334): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x14, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x10, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x6, 0x2, [{}, {0x0, 0x7}]}]}]}]}, 0x30}}, 0x0) 539.073264ms ago: executing program 3 (id=2335): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000), 0xe) listen(r0, 0x0) connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0xf6, @any, 0x0, 0x2}, 0xe) 82.754632ms ago: executing program 0 (id=2336): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x5a, &(0x7f0000000140)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "101040", 0x24, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x9, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x4, 0x6, '\x00\x00\x00\x00'}, @sack={0x5, 0xa, [0x0, 0x0]}]}}}}}}}}, 0x0) 55.532113ms ago: executing program 4 (id=2337): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000042020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)=ANY=[@ANYBLOB="600000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800e00010069703665727370616e0000001c0002800400120014000700fe8000000000000000000000000000aa08000500", @ANYRES32=0x0, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x60}}, 0x0) 51.113308ms ago: executing program 1 (id=2338): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/slabinfo\x00', 0x0, 0x0) read$char_usb(r0, &(0x7f0000001840)=""/4082, 0xff2) preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/140, 0x8c}], 0x1, 0x0, 0x0) read$char_usb(r0, &(0x7f0000000000)=""/59, 0x3b) 0s ago: executing program 3 (id=2339): munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}}) kernel console output (not intermixed with test programs): 7.124188][ T3223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 377.132685][ T3223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 377.185687][ T7649] loop3: detected capacity change from 0 to 4096 [ 377.298518][ T7649] NILFS (loop3): invalid segment: Checksum error in segment payload [ 377.308668][ T7649] NILFS (loop3): trying rollback from an earlier position [ 377.367778][ T7649] NILFS (loop3): recovery complete [ 377.393271][ T7666] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 377.839794][ T7672] loop2: detected capacity change from 0 to 1024 [ 377.950200][ T7677] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1010'. [ 378.034542][ T7680] loop1: detected capacity change from 0 to 16 [ 378.062481][ T7680] erofs: (device loop1): mounted with root inode @ nid 36. [ 378.088580][ T7672] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.169680][ T7672] EXT4-fs error (device loop2): ext4_get_first_dir_block:3554: inode #11: comm syz.2.1007: directory missing '..' [ 378.539506][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.585295][ T7694] loop1: detected capacity change from 0 to 8 [ 378.951267][ T5244] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 379.205702][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 379.217689][ T5244] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 379.228734][ T5244] usb 4-1: New USB device found, idVendor=12ba, idProduct=0100, bcdDevice= 0.00 [ 379.238331][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 379.289457][ T5244] usb 4-1: config 0 descriptor?? [ 379.810193][ T5244] sony 0003:12BA:0100.0016: hidraw0: USB HID vff.ff Device [HID 12ba:0100] on usb-dummy_hcd.3-1/input0 [ 379.822189][ T5244] sony 0003:12BA:0100.0016: failed to claim input [ 379.992369][ T5245] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 380.171603][ T44] usb 4-1: USB disconnect, device number 9 [ 380.210696][ T5245] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 380.222590][ T5245] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 380.232822][ T5245] usb 2-1: New USB device found, idVendor=0458, idProduct=5014, bcdDevice= 0.00 [ 380.242390][ T5245] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 380.243575][ T7705] loop0: detected capacity change from 0 to 4096 [ 380.323512][ T5245] usb 2-1: config 0 descriptor?? [ 380.457048][ T7718] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 380.465561][ T7713] loop4: detected capacity change from 0 to 4096 [ 380.498554][ T7713] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 380.788964][ T5245] kye 0003:0458:5014.0017: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 380.802099][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.809220][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.816611][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.823872][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.831116][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.838175][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.845985][ T5245] kye 0003:0458:5014.0017: unknown main item tag 0x0 [ 380.892391][ T5245] kye 0003:0458:5014.0017: hidraw0: USB HID v0.00 Device [HID 0458:5014] on usb-dummy_hcd.1-1/input0 [ 380.903947][ T5245] kye 0003:0458:5014.0017: tablet-enabling feature report not found [ 380.912418][ T5245] kye 0003:0458:5014.0017: tablet enabling failed [ 381.078756][ T5245] usb 2-1: USB disconnect, device number 9 [ 381.199628][ T7726] loop0: detected capacity change from 0 to 256 [ 381.229718][ T7713] ntfs3: loop4: failed to convert "c46c" to cp866 [ 381.368331][ T7726] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 381.608203][ T7732] tipc: Enabling of bearer rejected, media not registered [ 382.323602][ T7748] mmap: syz.4.1040 (7748) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 382.356127][ T5244] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 382.429785][ T7750] loop3: detected capacity change from 0 to 256 [ 382.438827][ T7750] exfat: Deprecated parameter 'namecase' [ 382.510498][ T7750] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 382.551137][ T5244] usb 3-1: Using ep0 maxpacket: 8 [ 382.649868][ T5244] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 382.661537][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 382.672940][ T5244] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 382.683129][ T5244] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 382.696874][ T5244] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 382.706510][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 382.757390][ T5244] usb 3-1: config 0 descriptor?? [ 383.161402][ T7763] loop3: detected capacity change from 0 to 2048 [ 383.170436][ T7763] EXT4-fs: Ignoring removed mblk_io_submit option [ 383.223592][ T5244] kye 0003:0458:5011.0018: tablet report size too small, or kye_tablet_rdesc unexpectedly large [ 383.267963][ T5244] kye 0003:0458:5011.0018: hidraw0: USB HID v0.00 Device [HID 0458:5011] on usb-dummy_hcd.2-1/input0 [ 383.280559][ T5244] kye 0003:0458:5011.0018: tablet-enabling feature report not found [ 383.289335][ T5244] kye 0003:0458:5011.0018: tablet enabling failed [ 383.362418][ T7763] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 383.413310][ T7763] EXT4-fs error (device loop3): ext4_find_extent:938: inode #2: comm syz.3.1045: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 383.634265][ T44] usb 3-1: USB disconnect, device number 13 [ 383.729061][ T5183] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.123403][ T7778] IPVS: Unknown mcast interface: wg0 [ 384.140751][ T7780] netlink: 'syz.1.1053': attribute type 16 has an invalid length. [ 384.294189][ T7785] loop0: detected capacity change from 0 to 256 [ 384.624387][ T7785] FAT-fs (loop0): Directory bread(block 64) failed [ 384.631677][ T7785] FAT-fs (loop0): Directory bread(block 65) failed [ 384.638604][ T7785] FAT-fs (loop0): Directory bread(block 66) failed [ 384.647608][ T7785] FAT-fs (loop0): Directory bread(block 67) failed [ 384.655534][ T7785] FAT-fs (loop0): Directory bread(block 68) failed [ 384.662491][ T7785] FAT-fs (loop0): Directory bread(block 69) failed [ 384.674915][ T7785] FAT-fs (loop0): Directory bread(block 70) failed [ 384.683538][ T7785] FAT-fs (loop0): Directory bread(block 71) failed [ 384.690494][ T7785] FAT-fs (loop0): Directory bread(block 72) failed [ 384.697434][ T7785] FAT-fs (loop0): Directory bread(block 73) failed [ 385.296328][ T7805] futex_wake_op: syz.1.1067 tries to shift op by 144; fix this program [ 386.302667][ T7834] netlink: 'syz.0.1079': attribute type 29 has an invalid length. [ 386.322771][ T7834] netlink: 'syz.0.1079': attribute type 29 has an invalid length. [ 386.657982][ T7836] loop4: detected capacity change from 0 to 1024 [ 386.700375][ T7840] loop1: detected capacity change from 0 to 1024 [ 386.969219][ T3223] hfsplus: b-tree write err: -5, ino 4 [ 387.715901][ T7861] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 387.949578][ T7860] loop2: detected capacity change from 0 to 1764 [ 387.977702][ T7866] loop4: detected capacity change from 0 to 512 [ 388.018590][ T7860] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 388.132997][ T7866] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 388.185322][ T7866] EXT4-fs (loop4): orphan cleanup on readonly fs [ 388.289286][ T7866] __quota_error: 5 callbacks suppressed [ 388.289384][ T7866] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated! [ 388.305079][ T7866] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota [ 388.315385][ T7866] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.1095: Failed to acquire dquot type 1 [ 388.348975][ T7866] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1095: bg 0: block 40: padding at end of block bitmap is not set [ 388.376373][ T7866] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 388.420268][ T7875] loop3: detected capacity change from 0 to 1024 [ 388.438519][ T7866] EXT4-fs (loop4): 1 truncate cleaned up [ 388.446606][ T7866] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 388.597618][ T7879] loop2: detected capacity change from 0 to 8 [ 388.853509][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 388.907830][ T4549] hfsplus: b-tree write err: -5, ino 3 [ 389.233146][ T7889] RDS: rds_bind could not find a transport for fe80::, load rds_tcp or rds_rdma? [ 389.245412][ T7886] loop3: detected capacity change from 0 to 512 [ 389.260734][ T5244] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 389.312161][ T7886] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 389.409431][ T7886] EXT4-fs (loop3): 1 orphan inode deleted [ 389.415670][ T7886] EXT4-fs (loop3): 1 truncate cleaned up [ 389.423265][ T7886] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 389.497045][ T5244] usb 2-1: Using ep0 maxpacket: 8 [ 389.514713][ T5244] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 389.526314][ T5244] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 389.536598][ T5244] usb 2-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00 [ 389.546094][ T5244] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 389.559834][ T5244] usb 2-1: config 0 descriptor?? [ 389.626799][ T5183] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 389.631257][ T7895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1107'. [ 389.936552][ T7900] netlink: 'syz.4.1111': attribute type 16 has an invalid length. [ 389.945422][ T7900] netlink: 'syz.4.1111': attribute type 3 has an invalid length. [ 389.953788][ T7900] netlink: 64066 bytes leftover after parsing attributes in process `syz.4.1111'. [ 390.041812][ T5244] hid-led 0003:04D8:F372.0019: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.1-1/input0 [ 390.080720][ T5244] hid-led 0003:04D8:F372.0019: Greynut Luxafor initialized [ 390.254082][ T5244] usb 2-1: USB disconnect, device number 10 [ 390.281468][ T7905] loop0: detected capacity change from 0 to 512 [ 390.314717][ T5245] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38) [ 390.335462][ T7905] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 390.375142][ T5245] leds luxafor0:green:led5: Setting an LED's brightness failed (-38) [ 390.408762][ T7905] EXT4-fs error (device loop0): __ext4_iget:4952: inode #16: block 469762080: comm syz.0.1113: invalid block [ 390.434567][ T5245] leds luxafor0:red:led5: Setting an LED's brightness failed (-38) [ 390.457571][ T7905] EXT4-fs (loop0): Remounting filesystem read-only [ 390.464850][ T7905] EXT4-fs (loop0): 1 orphan inode deleted [ 390.472715][ T7905] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 390.546157][ T5245] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38) [ 390.601301][ T5245] leds luxafor0:green:led4: Setting an LED's brightness failed (-38) [ 390.985036][ T5245] leds luxafor0:red:led4: Setting an LED's brightness failed (-38) [ 390.998084][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 391.147669][ T5245] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38) [ 391.242496][ T5245] leds luxafor0:green:led3: Setting an LED's brightness failed (-38) [ 391.257540][ T5245] leds luxafor0:red:led3: Setting an LED's brightness failed (-38) [ 391.298830][ T5245] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38) [ 391.319622][ T5245] leds luxafor0:green:led2: Setting an LED's brightness failed (-38) [ 391.442185][ T5245] leds luxafor0:red:led2: Setting an LED's brightness failed (-38) [ 391.551085][ T5245] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38) [ 391.616003][ T5245] leds luxafor0:green:led1: Setting an LED's brightness failed (-38) [ 391.717288][ T5245] leds luxafor0:red:led1: Setting an LED's brightness failed (-38) [ 391.792603][ T5239] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38) [ 391.874750][ T5239] leds luxafor0:green:led0: Setting an LED's brightness failed (-38) [ 391.999227][ T5245] leds luxafor0:red:led0: Setting an LED's brightness failed (-38) [ 393.207449][ T7951] loop0: detected capacity change from 0 to 4096 [ 393.218474][ T7951] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 393.490554][ T7951] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 394.235857][ T7972] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1143'. [ 394.329563][ T7975] loop2: detected capacity change from 0 to 256 [ 394.843402][ T7966] loop3: detected capacity change from 0 to 4096 [ 394.876604][ T7981] tipc: Started in network mode [ 394.876802][ T7981] tipc: Node identity aaaaaaaaaa1, cluster identity 4711 [ 394.877765][ T7981] tipc: Enabled bearer , priority 10 [ 395.719850][ T7997] PKCS8: Unsupported PKCS#8 version [ 395.759398][ T7998] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1154'. [ 395.768891][ T7998] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1154'. [ 396.011329][ T5244] tipc: Node number set to 12233386 [ 396.091716][ T8005] (unnamed net_device) (uninitialized): option lacp_rate: invalid value (20) [ 397.138821][ T8035] openvswitch: netlink: Tunnel attr 32 out of range max 16 [ 397.425222][ T29] audit: type=1326 audit(1727098846.663:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8036 comm="syz.4.1173" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa3f397def9 code=0x0 [ 398.153583][ T5244] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 398.605387][ T8064] loop2: detected capacity change from 0 to 512 [ 398.631828][ T8064] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 398.641808][ T8064] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 398.678989][ T5244] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 398.684923][ T8064] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 398.689492][ T5244] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 398.726683][ T5244] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 398.736404][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 398.744778][ T5244] usb 4-1: SerialNumber: syz [ 398.764145][ T8064] System zones: 0-2, 18-18, 34-34 [ 398.790372][ T8064] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 398.916274][ T8064] EXT4-fs (loop2): 1 truncate cleaned up [ 398.925437][ T8064] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 398.993348][ T5244] usb 4-1: 0:2 : does not exist [ 399.087701][ T5244] usb 4-1: USB disconnect, device number 10 [ 399.188340][ T8077] loop0: detected capacity change from 0 to 128 [ 399.253914][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 399.521901][ T8083] loop2: detected capacity change from 0 to 164 [ 400.547047][ T8107] No buffer was provided with the request [ 400.551535][ T5244] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 400.741330][ T5244] usb 1-1: Using ep0 maxpacket: 8 [ 400.774450][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 400.786662][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 400.798448][ T5244] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 400.809858][ T5244] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 1024 [ 400.822101][ T5244] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024 [ 400.833039][ T5244] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 400.842608][ T5244] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 401.012196][ T5244] usb 1-1: config 0 descriptor?? [ 401.025370][ T8100] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 401.301432][ T5197] Bluetooth: hci4: Opcode 0x0c03 failed: -71 [ 401.310476][ T5244] usb 1-1: USB disconnect, device number 4 [ 401.409898][ T8120] loop1: detected capacity change from 0 to 256 [ 401.464733][ T8120] exfat: Deprecated parameter 'utf8' [ 401.472425][ T8120] exfat: Deprecated parameter 'utf8' [ 401.587652][ T8120] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d) [ 401.971098][ T8130] loop3: detected capacity change from 0 to 512 [ 402.037468][ T8130] EXT4-fs: Ignoring removed orlov option [ 402.056468][ T8130] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 402.068162][ T8132] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1218'. [ 402.107943][ T8130] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.1216: casefold flag without casefold feature [ 402.128081][ T8130] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1216: couldn't read orphan inode 15 (err -117) [ 402.163018][ T8130] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 402.202145][ T8130] EXT4-fs error (device loop3): ext4_empty_dir:3087: inode #2: comm syz.3.1216: invalid size [ 402.413046][ T5183] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.745060][ T8139] loop0: detected capacity change from 0 to 2048 [ 402.814900][ T8139] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 402.844729][ T8149] IPv6: addrconf: prefix option has invalid lifetime [ 402.864031][ T8139] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 402.987085][ T8139] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 403.135149][ T8152] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1226'. [ 403.325543][ T8161] loop4: detected capacity change from 0 to 512 [ 403.334541][ T8161] EXT4-fs: Ignoring removed nomblk_io_submit option [ 403.380257][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.387218][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.419344][ T8161] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 403.428095][ T8161] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 403.465672][ T8161] EXT4-fs (loop4): 1 truncate cleaned up [ 403.473479][ T8161] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 403.648693][ T8161] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 403.753357][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 404.393930][ T44] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 404.581224][ T44] usb 1-1: Using ep0 maxpacket: 16 [ 404.842716][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 404.855247][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 404.865548][ T44] usb 1-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 404.878278][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.925898][ T8191] loop4: detected capacity change from 0 to 256 [ 404.935641][ T44] usb 1-1: config 0 descriptor?? [ 404.965718][ T8191] exfat: Deprecated parameter 'utf8' [ 404.971938][ T8191] exfat: Deprecated parameter 'utf8' [ 405.099132][ T8191] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 405.245782][ T5248] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 405.531044][ T8203] loop2: detected capacity change from 0 to 256 [ 405.571262][ T5248] usb 4-1: Using ep0 maxpacket: 32 [ 405.587796][ T5248] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.599339][ T5248] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.609929][ T5248] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 405.619799][ T5248] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.693282][ T5248] hub 4-1:4.0: USB hub found [ 405.738054][ T44] waterforce 0003:1044:7A4D.001A: unknown main item tag 0x0 [ 405.749059][ T8203] FAT-fs (loop2): Directory bread(block 64) failed [ 405.749205][ T8203] FAT-fs (loop2): Directory bread(block 65) failed [ 405.749442][ T8203] FAT-fs (loop2): Directory bread(block 66) failed [ 405.749563][ T8203] FAT-fs (loop2): Directory bread(block 67) failed [ 405.749796][ T8203] FAT-fs (loop2): Directory bread(block 68) failed [ 405.749917][ T8203] FAT-fs (loop2): Directory bread(block 69) failed [ 405.750248][ T8203] FAT-fs (loop2): Directory bread(block 70) failed [ 405.750365][ T8203] FAT-fs (loop2): Directory bread(block 71) failed [ 405.750596][ T8203] FAT-fs (loop2): Directory bread(block 72) failed [ 405.750715][ T8203] FAT-fs (loop2): Directory bread(block 73) failed [ 405.834088][ T44] waterforce 0003:1044:7A4D.001A: item fetching failed at offset 3/4 [ 405.914158][ T5248] hub 4-1:4.0: 2 ports detected [ 405.919471][ T5248] usb 4-1: selecting invalid altsetting 1 [ 405.926308][ T5248] hub 4-1:4.0: Using single TT (err -22) [ 406.009660][ T44] waterforce 0003:1044:7A4D.001A: hid parse failed with -22 [ 406.017880][ T44] waterforce 0003:1044:7A4D.001A: probe with driver waterforce failed with error -22 [ 406.090418][ T44] usb 1-1: USB disconnect, device number 5 [ 406.117674][ T5248] hub 4-1:4.0: hub_hub_status failed (err = -71) [ 406.124693][ T5248] hub 4-1:4.0: config failed, can't get hub status (err -71) [ 406.154243][ T8207] loop1: detected capacity change from 0 to 1024 [ 406.188788][ T8207] EXT4-fs: Ignoring removed orlov option [ 406.195765][ T8207] EXT4-fs: Ignoring removed nomblk_io_submit option [ 406.206932][ T5248] usb 4-1: USB disconnect, device number 11 [ 406.337981][ T8207] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 406.645877][ T5185] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 407.831049][ T44] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 407.996905][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 407.997093][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 407.997242][ T44] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 407.997474][ T44] usb 4-1: New USB device found, idVendor=056e, idProduct=00fd, bcdDevice= 0.00 [ 407.997630][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 408.001985][ T44] usb 4-1: config 0 descriptor?? [ 408.412107][ T8242] loop0: detected capacity change from 0 to 2048 [ 408.523007][ T44] elecom 0003:056E:00FD.001B: hidraw0: USB HID v0.00 Device [HID 056e:00fd] on usb-dummy_hcd.3-1/input0 [ 408.543302][ T8242] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 408.680228][ T44] usb 4-1: USB disconnect, device number 12 [ 409.331781][ T5197] Bluetooth: hci5: unexpected event for opcode 0x0c5a [ 410.742158][ T8278] tipc: Started in network mode [ 410.747368][ T8278] tipc: Node identity ac141428, cluster identity 4711 [ 410.756903][ T8278] tipc: Enabled bearer , priority 10 [ 411.432181][ T8297] loop0: detected capacity change from 0 to 512 [ 411.468569][ T8297] EXT4-fs: Ignoring removed orlov option [ 411.518827][ T8300] nbd: must specify a size in bytes for the device [ 411.631117][ T8297] Quota error (device loop0): v2_read_file_info: Can't read info structure [ 411.645741][ T8297] EXT4-fs warning (device loop0): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 411.722619][ T8297] EXT4-fs (loop0): mount failed [ 411.751618][ T5244] tipc: Node number set to 2886997032 [ 411.967858][ T8311] loop1: detected capacity change from 0 to 64 [ 412.015523][ T5245] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 412.170660][ T8317] loop2: detected capacity change from 0 to 256 [ 412.191588][ T5245] usb 5-1: Using ep0 maxpacket: 16 [ 412.225794][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 412.237208][ T5245] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 412.247509][ T5245] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40 [ 412.257012][ T5245] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 412.324531][ T8317] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0xa154a131, utbl_chksum : 0xe619d30d) [ 412.368916][ T5245] usb 5-1: config 0 descriptor?? [ 412.817442][ T5245] cp2112 0003:10C4:EA90.001C: unbalanced delimiter at end of report description [ 412.875608][ T5245] cp2112 0003:10C4:EA90.001C: parse failed [ 412.882703][ T5245] cp2112 0003:10C4:EA90.001C: probe with driver cp2112 failed with error -22 [ 413.052788][ T5245] usb 5-1: USB disconnect, device number 7 [ 413.148532][ T8332] loop3: detected capacity change from 0 to 8 [ 413.157598][ T8332] squashfs: Unknown parameter '017777777777777777777770xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿ01777777777777777777777' [ 413.361162][ T5197] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 413.370144][ T5197] Bluetooth: hci5: Injecting HCI hardware error event [ 413.386065][ T5197] Bluetooth: hci5: hardware error 0x00 [ 413.431399][ T44] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 413.468501][ T8334] loop0: detected capacity change from 0 to 2048 [ 413.523481][ T8337] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 413.641195][ T44] usb 4-1: Using ep0 maxpacket: 8 [ 413.713276][ T44] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 413.722308][ T44] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 413.733084][ T44] usb 4-1: config 135 has no interface number 0 [ 413.739619][ T44] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 413.742197][ T8336] loop2: detected capacity change from 0 to 2048 [ 413.838450][ T8336] EXT4-fs: Ignoring removed mblk_io_submit option [ 414.127686][ T8336] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 414.298976][ T44] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 414.308895][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 414.317367][ T44] usb 4-1: Product: syz [ 414.321942][ T44] usb 4-1: Manufacturer: syz [ 414.326793][ T44] usb 4-1: SerialNumber: syz [ 414.340038][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 414.759220][ T44] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 414.767668][ T44] usb 4-1: No valid video chain found. [ 414.799599][ T44] usb 4-1: USB disconnect, device number 13 [ 414.858150][ T8349] loop1: detected capacity change from 0 to 1024 [ 414.943742][ T8343] loop4: detected capacity change from 0 to 4096 [ 414.954093][ T8349] EXT4-fs: Ignoring removed oldalloc option [ 414.997948][ T8349] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 415.056326][ T8343] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 415.085239][ T8349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.224390][ T8359] loop0: detected capacity change from 0 to 512 [ 415.281747][ T8359] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 415.357069][ T5185] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /304/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 415.377983][ T8359] EXT4-fs (loop0): 1 truncate cleaned up [ 415.389951][ T8359] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 415.448104][ T5197] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 415.497717][ T5185] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 415.505817][ T8343] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 415.621090][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 415.636330][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.640583][ T5185] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /304/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 415.687198][ T7320] ntfs3: loop4: ino=1a, ntfs_sync_fs failed, -22. [ 415.705324][ T5185] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 415.832138][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 415.885521][ T5185] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /304/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 415.980118][ T5185] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 416.078100][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.111741][ T8364] loop3: detected capacity change from 0 to 2048 [ 416.132391][ T5185] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /304/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 416.201719][ T8364] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 416.235529][ T5185] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 416.276175][ T8364] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 416.325103][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.389116][ T5185] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /304/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 416.557852][ T5185] EXT4-fs error (device loop1): ext4_empty_dir:3096: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 416.594923][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.626467][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.649772][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.687476][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.728157][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 416.728982][ T8381] loop4: detected capacity change from 0 to 256 [ 416.879703][ T5185] EXT4-fs warning (device loop1): ext4_empty_dir:3098: inode #11: comm syz-executor: directory missing '.' [ 417.275251][ T8393] loop0: detected capacity change from 0 to 8 [ 417.477036][ T8393] SQUASHFS error: Unable to read inode 0x24 [ 417.718181][ T8399] sctp: [Deprecated]: syz.0.1338 (pid 8399) Use of int in max_burst socket option. [ 417.718181][ T8399] Use struct sctp_assoc_value instead [ 418.390002][ T8416] loop4: detected capacity change from 0 to 512 [ 418.410395][ T8416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 418.490644][ T8416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 418.504386][ T8416] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 418.529651][ T8422] netlink: 'syz.3.1346': attribute type 1 has an invalid length. [ 418.566637][ T5248] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 418.654337][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.931826][ T5248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 418.943185][ T5248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 418.953553][ T5248] usb 1-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00 [ 418.965523][ T5248] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.997875][ T5248] usb 1-1: config 0 descriptor?? [ 419.498473][ T5248] hid-led 0003:1D34:000A.001D: unknown main item tag 0x0 [ 419.657525][ T8434] loop3: detected capacity change from 0 to 256 [ 419.696073][ T5248] hid-led 0003:1D34:000A.001D: probe with driver hid-led failed with error -71 [ 419.707962][ T8434] exfat: Deprecated parameter 'utf8' [ 419.715037][ T8434] exfat: Deprecated parameter 'namecase' [ 419.738839][ T5248] usb 1-1: USB disconnect, device number 6 [ 419.846917][ T8434] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 420.252573][ T5185] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.267648][ T3223] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.410702][ T3223] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.797279][ T3223] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 420.892105][ T5248] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 420.954696][ T3223] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 421.051099][ T5248] usb 4-1: Using ep0 maxpacket: 32 [ 421.059981][ T5248] usb 4-1: too many configurations: 30, using maximum allowed: 8 [ 421.094185][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.104907][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.139758][ T3223] bridge_slave_1: left allmulticast mode [ 421.146881][ T3223] bridge_slave_1: left promiscuous mode [ 421.153703][ T3223] bridge0: port 2(bridge_slave_1) entered disabled state [ 421.168567][ T3223] bridge_slave_0: left allmulticast mode [ 421.174915][ T3223] bridge_slave_0: left promiscuous mode [ 421.181957][ T3223] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.185577][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.199826][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.259799][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.270530][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.316853][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.331288][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.379254][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.389952][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.418274][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.432523][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.609354][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.620074][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.746190][ T5248] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 421.757305][ T5248] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1 [ 421.801433][ T3223] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 421.835447][ T5248] usb 4-1: string descriptor 0 read error: -71 [ 421.846202][ T5248] usb 4-1: New USB device found, idVendor=05ac, idProduct=0214, bcdDevice= 0.40 [ 421.856715][ T5248] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 421.888849][ T3223] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 421.947663][ T3223] bond0 (unregistering): Released all slaves [ 421.964979][ T5248] usb 4-1: rejected 8 configurations due to insufficient available bus power [ 421.967201][ T3223] bond1 (unregistering): Released all slaves [ 421.974202][ T5248] usb 4-1: no configuration chosen from 8 choices [ 422.075611][ T44] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 422.119296][ T5248] usb 4-1: USB disconnect, device number 14 [ 422.226675][ T3223] tipc: Disabling bearer [ 422.233188][ T3223] tipc: Left network mode [ 422.281145][ T44] usb 1-1: Using ep0 maxpacket: 8 [ 422.321074][ T8461] Bluetooth: MGMT ver 1.23 [ 422.331015][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 223, changing to 11 [ 422.342804][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.356356][ T44] usb 1-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00 [ 422.365897][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 422.482618][ T44] usb 1-1: config 0 descriptor?? [ 422.567423][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 422.617483][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 422.711491][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 422.728154][ T8469] loop4: detected capacity change from 0 to 512 [ 422.786167][ T8469] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 422.906804][ T8469] EXT4-fs (loop4): invalid journal inode [ 422.914741][ T8469] EXT4-fs (loop4): can't get journal size [ 422.944676][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 422.982031][ T44] hid-alps 0003:044E:1215.001E: unknown main item tag 0x0 [ 422.989571][ T44] hid-alps 0003:044E:1215.001E: item fetching failed at offset 2/5 [ 423.004741][ T44] hid-alps 0003:044E:1215.001E: parse failed [ 423.012137][ T44] hid-alps 0003:044E:1215.001E: probe with driver hid-alps failed with error -22 [ 423.024561][ T8469] EXT4-fs (loop4): 1 truncate cleaned up [ 423.027169][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 423.032423][ T8469] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.057869][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 423.082480][ T8469] EXT4-fs warning (device loop4): ext4_group_add:1734: No reserved GDT blocks, can't resize [ 423.108132][ T3223] hsr_slave_0: left promiscuous mode [ 423.117917][ T3223] hsr_slave_1: left promiscuous mode [ 423.130671][ T3223] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 423.140123][ T3223] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 423.176869][ T3223] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 423.184919][ T3223] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 423.211629][ T3223] veth1_macvtap: left promiscuous mode [ 423.213970][ T44] usb 1-1: USB disconnect, device number 7 [ 423.217420][ T3223] veth0_macvtap: left promiscuous mode [ 423.229527][ T3223] veth1_vlan: left promiscuous mode [ 423.235212][ T3223] veth0_vlan: left promiscuous mode [ 423.532365][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 423.851192][ T5245] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 424.018065][ T3223] team0 (unregistering): Port device team_slave_1 removed [ 424.072063][ T3223] team0 (unregistering): Port device team_slave_0 removed [ 424.110162][ T5245] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 424.121824][ T5245] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 424.132141][ T5245] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 424.145534][ T5245] usb 4-1: New USB device found, idVendor=20d6, idProduct=ca17, bcdDevice= 0.f3 [ 424.155600][ T5245] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 424.259568][ T5245] usb 4-1: config 0 descriptor?? [ 424.495748][ T8481] loop4: detected capacity change from 0 to 1024 [ 424.620408][ T8483] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1375'. [ 424.640652][ T8481] hfsplus: invalid btree flag [ 424.646637][ T8481] hfsplus: failed to load extents file [ 424.727736][ T5245] hid (null): usage index exceeded [ 424.786796][ T5245] hid-generic 0003:20D6:CA17.001F: ignoring exceeding usage max [ 424.802257][ T5245] hid-generic 0003:20D6:CA17.001F: ignoring exceeding usage max [ 424.816595][ T5245] hid-generic 0003:20D6:CA17.001F: usage index exceeded [ 424.825542][ T5245] hid-generic 0003:20D6:CA17.001F: item 0 1 2 2 parsing failed [ 424.870116][ T5245] hid-generic 0003:20D6:CA17.001F: probe with driver hid-generic failed with error -22 [ 424.891388][ T8481] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1374'. [ 424.926894][ T5245] usb 4-1: USB disconnect, device number 15 [ 425.202044][ T5197] Bluetooth: hci2: command tx timeout [ 425.207771][ T8492] loop0: detected capacity change from 0 to 64 [ 425.542130][ T8462] chnl_net:caif_netlink_parms(): no params data found [ 426.698208][ T8462] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.700104][ T8521] usb usb9: usbfs: process 8521 (syz.4.1390) did not claim interface 0 before use [ 426.709183][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state [ 426.724097][ T8462] bridge_slave_0: entered allmulticast mode [ 426.733428][ T8462] bridge_slave_0: entered promiscuous mode [ 426.803167][ T8462] bridge0: port 2(bridge_slave_1) entered blocking state [ 426.806810][ T8523] loop3: detected capacity change from 0 to 64 [ 426.811193][ T8462] bridge0: port 2(bridge_slave_1) entered disabled state [ 426.824760][ T8462] bridge_slave_1: entered allmulticast mode [ 426.833862][ T8462] bridge_slave_1: entered promiscuous mode [ 426.900124][ T8521] loop4: detected capacity change from 0 to 1024 [ 426.912292][ T8523] hfs: filesystem is marked locked, mounting read-only. [ 426.986536][ T8521] EXT4-fs (loop4): bad geometry: first data block is 0 with a 1k block and cluster size [ 426.987638][ T8523] hfs: walked past end of dir [ 427.068624][ T8462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 427.158379][ T8462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 427.282673][ T5197] Bluetooth: hci2: command tx timeout [ 427.437119][ T8462] team0: Port device team_slave_0 added [ 427.461086][ T8462] team0: Port device team_slave_1 added [ 427.578957][ T8529] loop2: detected capacity change from 0 to 1024 [ 427.589807][ T8529] EXT4-fs: Ignoring removed nomblk_io_submit option [ 427.848674][ T8529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 427.892670][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 427.899875][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 427.927423][ T8462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 427.953385][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 427.960583][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 427.991670][ T8462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 428.273133][ T8462] hsr_slave_0: entered promiscuous mode [ 428.312522][ T8462] hsr_slave_1: entered promiscuous mode [ 428.327823][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.338158][ T8462] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 428.346249][ T8462] Cannot create hsr debugfs directory [ 428.867268][ T8551] loop3: detected capacity change from 0 to 1024 [ 428.920249][ T8551] EXT4-fs: Ignoring removed nobh option [ 428.926601][ T8551] EXT4-fs: Ignoring removed orlov option [ 428.932925][ T8551] EXT4-fs: Ignoring removed nomblk_io_submit option [ 429.309927][ T8551] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 429.361433][ T5197] Bluetooth: hci2: command tx timeout [ 429.411095][ T44] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 429.491390][ T8551] EXT4-fs error (device loop3): __ext4_remount:6522: comm syz.3.1402: Abort forced by user [ 429.512905][ T8551] EXT4-fs (loop3): Remounting filesystem read-only [ 429.544945][ T8551] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 429.591158][ T44] usb 1-1: Using ep0 maxpacket: 16 [ 429.691585][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 429.703476][ T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 429.718184][ T44] usb 1-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00 [ 429.729964][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 429.759574][ T44] usb 1-1: config 0 descriptor?? [ 429.763833][ T5183] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.183966][ T8462] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 430.243005][ T8462] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 430.264204][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.271703][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.279022][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.286616][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.294308][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.301760][ T44] razer 0003:1532:010D.0020: unknown main item tag 0x0 [ 430.329127][ T8462] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 430.359498][ T44] razer 0003:1532:010D.0020: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.0-1/input0 [ 430.388080][ T8462] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 430.419185][ T5244] usb 1-1: USB disconnect, device number 8 [ 431.441515][ T5197] Bluetooth: hci2: command tx timeout [ 431.655300][ T8462] 8021q: adding VLAN 0 to HW filter on device bond0 [ 432.112382][ T8462] 8021q: adding VLAN 0 to HW filter on device team0 [ 432.174531][ T4442] bridge0: port 1(bridge_slave_0) entered blocking state [ 432.182555][ T4442] bridge0: port 1(bridge_slave_0) entered forwarding state [ 432.401049][ T4442] bridge0: port 2(bridge_slave_1) entered blocking state [ 432.408797][ T4442] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.757967][ T8583] loop3: detected capacity change from 0 to 32768 [ 432.767786][ T8583] XFS (loop3): sunit and swidth must be specified together [ 432.846401][ T8462] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 433.626029][ T8609] loop2: detected capacity change from 0 to 128 [ 433.684043][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.684043][ T8609] loop2: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 433.698149][ T8609] Buffer I/O error on dev loop2, logical block 3245768, async page read [ 433.708529][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.708529][ T8609] loop2: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 433.726797][ T8609] Buffer I/O error on dev loop2, logical block 8833403, async page read [ 433.737017][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.737017][ T8609] loop2: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 433.751079][ T8609] Buffer I/O error on dev loop2, logical block 13269809, async page read [ 433.759882][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.759882][ T8609] loop2: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 433.773979][ T8609] Buffer I/O error on dev loop2, logical block 8073606, async page read [ 433.782952][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.782952][ T8609] loop2: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 433.797191][ T8609] Buffer I/O error on dev loop2, logical block 3245771, async page read [ 433.805937][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.805937][ T8609] loop2: rw=0, sector=17668342, nr_sectors = 2 limit=128 [ 433.824157][ T8609] Buffer I/O error on dev loop2, logical block 8834171, async page read [ 433.834344][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.834344][ T8609] loop2: rw=0, sector=26932834, nr_sectors = 2 limit=128 [ 433.850039][ T8609] Buffer I/O error on dev loop2, logical block 13466417, async page read [ 433.859449][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.859449][ T8609] loop2: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 433.873446][ T8609] Buffer I/O error on dev loop2, logical block 8073606, async page read [ 433.882723][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.882723][ T8609] loop2: rw=0, sector=6491548, nr_sectors = 2 limit=128 [ 433.896649][ T8609] Buffer I/O error on dev loop2, logical block 3245774, async page read [ 433.905470][ T8609] syz.2.1426: attempt to access beyond end of device [ 433.905470][ T8609] loop2: rw=0, sector=17669878, nr_sectors = 2 limit=128 [ 433.919804][ T8609] Buffer I/O error on dev loop2, logical block 8834939, async page read [ 435.168982][ T8462] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 435.452308][ T44] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 435.681794][ T44] usb 4-1: Using ep0 maxpacket: 32 [ 435.723605][ T44] usb 4-1: descriptor type invalid, skip [ 435.729847][ T44] usb 4-1: descriptor type invalid, skip [ 435.736014][ T44] usb 4-1: descriptor type invalid, skip [ 435.742077][ T44] usb 4-1: descriptor type invalid, skip [ 435.747947][ T44] usb 4-1: descriptor type invalid, skip [ 435.785697][ T8462] veth0_vlan: entered promiscuous mode [ 435.865177][ T8462] veth1_vlan: entered promiscuous mode [ 435.914683][ T44] usb 4-1: config 0 has no interfaces? [ 435.951693][ T44] usb 4-1: New USB device found, idVendor=056a, idProduct=0017, bcdDevice= 0.40 [ 435.961452][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 435.972209][ T44] usb 4-1: Product: syz [ 435.976663][ T44] usb 4-1: Manufacturer: syz [ 435.984106][ T44] usb 4-1: SerialNumber: syz [ 436.106915][ T44] usb 4-1: config 0 descriptor?? [ 436.224054][ T8462] veth0_macvtap: entered promiscuous mode [ 436.301285][ T8462] veth1_macvtap: entered promiscuous mode [ 436.362462][ T25] usb 4-1: USB disconnect, device number 16 [ 436.519307][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.530482][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.541388][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.552236][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.563403][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.574506][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.587530][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 436.599270][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 436.614580][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 437.007707][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.018771][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.028993][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.039929][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.050205][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.061179][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.071416][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 437.082198][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 437.100945][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 437.278882][ T8462] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 437.293320][ T8462] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 437.308039][ T8462] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 437.318101][ T8462] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 438.589174][ T8635] loop3: detected capacity change from 0 to 64 [ 438.831839][ T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 439.031701][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 439.083621][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 439.095176][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 439.105613][ T25] usb 5-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00 [ 439.115087][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.365765][ T25] usb 5-1: config 0 descriptor?? [ 439.871064][ T25] elecom 0003:056E:010D.0021: item fetching failed at offset 5/7 [ 439.919326][ T25] elecom 0003:056E:010D.0021: probe with driver elecom failed with error -22 [ 440.118182][ T25] usb 5-1: USB disconnect, device number 8 [ 442.159020][ T8656] loop3: detected capacity change from 0 to 256 [ 445.302590][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 445.322125][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 445.345093][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 445.359007][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 445.372373][ T51] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 445.860086][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 446.313804][ T8677] loop3: detected capacity change from 0 to 4096 [ 447.015864][ T8686] loop0: detected capacity change from 0 to 2048 [ 447.276012][ T8686] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 447.316434][ T8686] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 448.453506][ T8679] chnl_net:caif_netlink_parms(): no params data found [ 448.628300][ T3380] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 448.636751][ T3380] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 448.682251][ T51] Bluetooth: hci4: command tx timeout [ 448.796589][ T3380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 448.808194][ T3380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 450.741387][ T51] Bluetooth: hci4: command tx timeout [ 450.908198][ T8679] bridge0: port 1(bridge_slave_0) entered blocking state [ 450.916162][ T8679] bridge0: port 1(bridge_slave_0) entered disabled state [ 450.930085][ T8679] bridge_slave_0: entered allmulticast mode [ 450.939618][ T8679] bridge_slave_0: entered promiscuous mode [ 451.042576][ T8679] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.050203][ T8679] bridge0: port 2(bridge_slave_1) entered disabled state [ 451.058399][ T8679] bridge_slave_1: entered allmulticast mode [ 451.067541][ T8679] bridge_slave_1: entered promiscuous mode [ 451.544990][ T8679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 451.668896][ T8679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 452.111947][ T8679] team0: Port device team_slave_0 added [ 452.180390][ T8679] team0: Port device team_slave_1 added [ 452.533196][ T8679] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 452.533278][ T8679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.533427][ T8679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 452.573345][ T8679] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 452.573426][ T8679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 452.573573][ T8679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 452.787877][ T8679] hsr_slave_0: entered promiscuous mode [ 452.804080][ T5197] Bluetooth: hci4: command tx timeout [ 452.818417][ T8679] hsr_slave_1: entered promiscuous mode [ 452.821470][ T8679] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 452.821555][ T8679] Cannot create hsr debugfs directory [ 454.153809][ T8679] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 454.899867][ T5197] Bluetooth: hci4: command tx timeout [ 455.312163][ T8679] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 455.358595][ T8677] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 455.372234][ T8677] ntfs3: loop3: Failed to read $AttrDef (-4). [ 455.854789][ T8739] loop0: detected capacity change from 0 to 4096 [ 455.917659][ T8739] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512). [ 456.359997][ T8739] ntfs3: loop0: Failed to initialize $Extend/$ObjId. [ 456.416604][ T8679] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.620208][ T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 456.630106][ T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 456.644018][ T8679] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 456.792417][ T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 456.806072][ T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 456.817637][ T51] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 457.206228][ T8679] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 457.262361][ T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 457.406924][ T8679] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 457.436859][ T8679] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 457.802841][ T29] audit: type=1326 audit(1727098907.049:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8751 comm="syz.1.1475" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f78e857def9 code=0x0 [ 458.383123][ T8679] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 459.602283][ T51] Bluetooth: hci6: command tx timeout [ 460.420738][ T3649] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.631512][ T8679] 8021q: adding VLAN 0 to HW filter on device bond0 [ 460.796653][ T3649] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.088334][ T8679] 8021q: adding VLAN 0 to HW filter on device team0 [ 461.274680][ T3649] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.375880][ T3380] bridge0: port 1(bridge_slave_0) entered blocking state [ 461.383678][ T3380] bridge0: port 1(bridge_slave_0) entered forwarding state [ 461.537523][ T3649] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 461.681386][ T51] Bluetooth: hci6: command tx timeout [ 461.894362][ T8744] chnl_net:caif_netlink_parms(): no params data found [ 462.442689][ T3380] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.450388][ T3380] bridge0: port 2(bridge_slave_1) entered forwarding state [ 462.663448][ T8679] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 462.907424][ T3649] bridge_slave_1: left allmulticast mode [ 462.913947][ T3649] bridge_slave_1: left promiscuous mode [ 462.920485][ T3649] bridge0: port 2(bridge_slave_1) entered disabled state [ 463.097315][ T3649] bridge_slave_0: left allmulticast mode [ 463.103392][ T3649] bridge_slave_0: left promiscuous mode [ 463.115503][ T3649] bridge0: port 1(bridge_slave_0) entered disabled state [ 463.920453][ T51] Bluetooth: hci6: command tx timeout [ 464.294101][ T3649] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 464.392664][ T3649] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 464.506235][ T3649] bond0 (unregistering): Released all slaves [ 464.817954][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.825090][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.079786][ T8797] loop4: detected capacity change from 0 to 64 [ 466.042143][ T8679] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 466.155999][ T51] Bluetooth: hci6: command tx timeout [ 466.199620][ T8744] bridge0: port 1(bridge_slave_0) entered blocking state [ 466.208806][ T8744] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.216827][ T8744] bridge_slave_0: entered allmulticast mode [ 466.225954][ T8744] bridge_slave_0: entered promiscuous mode [ 466.330597][ T8744] bridge0: port 2(bridge_slave_1) entered blocking state [ 466.339047][ T8744] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.347081][ T8744] bridge_slave_1: entered allmulticast mode [ 466.356379][ T8744] bridge_slave_1: entered promiscuous mode [ 467.758898][ T8744] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 468.188544][ T8816] netlink: 'syz.4.1495': attribute type 3 has an invalid length. [ 468.196909][ T8816] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1495'. [ 469.002776][ T8823] loop1: detected capacity change from 0 to 256 [ 469.358654][ T5248] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 469.571989][ T5248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 469.583511][ T5248] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 469.593833][ T5248] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 469.603453][ T5248] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.699639][ T5248] usb 1-1: config 0 descriptor?? [ 470.045060][ T8744] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 470.116966][ T3649] hsr_slave_0: left promiscuous mode [ 470.134833][ T3649] hsr_slave_1: left promiscuous mode [ 470.145698][ T3649] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 470.154503][ T3649] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 470.189860][ T3649] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 470.198003][ T3649] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 470.267679][ T3649] veth1_macvtap: left promiscuous mode [ 470.278750][ T3649] veth0_macvtap: left promiscuous mode [ 470.285583][ T3649] veth1_vlan: left promiscuous mode [ 470.291309][ T3649] veth0_vlan: left promiscuous mode [ 470.501980][ T5248] pyra 0003:1E7D:2CF6.0022: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0 [ 470.814259][ T5248] pyra 0003:1E7D:2CF6.0022: couldn't init struct pyra_device [ 470.835734][ T5248] pyra 0003:1E7D:2CF6.0022: couldn't install mouse [ 470.865728][ T5248] pyra 0003:1E7D:2CF6.0022: probe with driver pyra failed with error -71 [ 470.901939][ T5248] usb 1-1: USB disconnect, device number 9 [ 471.137969][ T3649] team0 (unregistering): Port device team_slave_1 removed [ 471.173254][ T3649] team0 (unregistering): Port device team_slave_0 removed [ 471.984058][ T8744] team0: Port device team_slave_0 added [ 472.005444][ T8744] team0: Port device team_slave_1 added [ 472.653918][ T8744] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.661381][ T8744] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.690898][ T8744] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.761374][ T8744] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.768681][ T8744] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 472.798309][ T8744] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 473.317078][ T8679] veth0_vlan: entered promiscuous mode [ 473.526995][ T8679] veth1_vlan: entered promiscuous mode [ 474.607258][ T8744] hsr_slave_0: entered promiscuous mode [ 474.642148][ T8845] vxcan1: tx address claim with dest, not broadcast [ 474.812750][ T8744] hsr_slave_1: entered promiscuous mode [ 474.871396][ T8744] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 474.879247][ T8744] Cannot create hsr debugfs directory [ 476.877218][ T8679] veth0_macvtap: entered promiscuous mode [ 477.495253][ T8679] veth1_macvtap: entered promiscuous mode [ 477.575917][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.586731][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.596865][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.614714][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.631771][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.645295][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.660194][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 477.676060][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.693392][ T8679] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 477.736761][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.752812][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.766949][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.777778][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.787952][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.801420][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.811659][ T8679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 477.823828][ T8679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 477.841386][ T8679] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 477.868799][ T8679] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.878007][ T8679] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.887339][ T8679] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.899110][ T8679] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 479.114635][ T8744] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 479.372567][ T8744] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 479.535419][ T8744] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 479.617732][ T8868] loop0: detected capacity change from 0 to 128 [ 479.641900][ T8868] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 479.712539][ T8744] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 479.722941][ T8868] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 480.045325][ T8872] overlay: Unknown parameter 'fsuuid' [ 480.876732][ T60] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 481.909095][ T8744] 8021q: adding VLAN 0 to HW filter on device bond0 [ 482.184297][ T8744] 8021q: adding VLAN 0 to HW filter on device team0 [ 482.502791][ T8744] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 482.513668][ T8744] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 482.673868][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.681689][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 482.697650][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.705590][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.519966][ T8744] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 485.852539][ T8744] veth0_vlan: entered promiscuous mode [ 485.912170][ T8744] veth1_vlan: entered promiscuous mode [ 486.170946][ T8744] veth0_macvtap: entered promiscuous mode [ 486.217668][ T8744] veth1_macvtap: entered promiscuous mode [ 486.311723][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 486.323535][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.333765][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 486.344549][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.357692][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 486.369449][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.379702][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 486.390527][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.400770][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 486.412222][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.427418][ T8744] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 486.720356][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 486.733981][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.747726][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 486.768402][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.779920][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 486.794778][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.806078][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 486.818210][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.831867][ T8744] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 486.842821][ T8744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 486.858068][ T8744] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 486.895540][ T8744] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 486.904739][ T8744] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 486.914014][ T8744] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 486.925808][ T8744] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 488.506526][ T8938] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1535'. [ 489.917823][ T4549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 489.928722][ T4549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.134011][ T5248] usb 2-1: new full-speed USB device number 11 using dummy_hcd [ 491.159948][ T2893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 491.173805][ T2893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 491.309961][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 491.321948][ T5248] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 491.334888][ T5248] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 491.344404][ T5248] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 491.531642][ T5248] usb 2-1: config 0 descriptor?? [ 491.623428][ T5248] hub 2-1:0.0: USB hub found [ 491.892737][ T5248] hub 2-1:0.0: 1 port detected [ 492.357731][ T5248] usb 2-1: USB disconnect, device number 11 [ 492.724892][ T8966] ptrace attach of "./syz-executor exec"[5184] was attempted by "./syz-executor exec"[8966] [ 494.001446][ T3649] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 494.009654][ T3649] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.130054][ T3649] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 494.141216][ T3649] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 494.869341][ T8998] program syz.3.1555 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 497.126545][ T9028] loop3: detected capacity change from 0 to 24 [ 497.674646][ T9036] [U]  [ 498.605023][ T9049] loop0: detected capacity change from 0 to 512 [ 498.715451][ T9049] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 498.723836][ T9049] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 498.732804][ T9049] EXT4-fs (loop0): orphan cleanup on readonly fs [ 498.754244][ T9049] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13 [ 498.764950][ T9049] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13 [ 498.776432][ T9049] EXT4-fs (loop0): 1 truncate cleaned up [ 498.784170][ T9049] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 498.804412][ T9049] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 498.812820][ T9049] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01c, mo2=0002] [ 498.889853][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 499.229152][ T9053] loop4: detected capacity change from 0 to 2048 [ 499.427651][ T9053] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 500.090560][ T9059] loop3: detected capacity change from 0 to 2048 [ 500.234527][ T9059] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 500.313528][ T9071] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 500.366027][ T9065] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 500.372880][ T9065] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 500.385647][ T9065] vhci_hcd vhci_hcd.0: Device attached [ 500.569763][ T9075] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 500.631176][ T5239] vhci_hcd: vhci_device speed not set [ 500.693736][ T9061] loop1: detected capacity change from 0 to 4096 [ 500.741330][ T5239] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 500.787103][ T9065] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(9) [ 500.793939][ T9065] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 500.809988][ T9065] vhci_hcd vhci_hcd.0: Device attached [ 500.837479][ T9076] vhci_hcd: connection closed [ 500.845214][ T9066] vhci_hcd: connection reset by peer [ 500.857320][ T2893] vhci_hcd: stop threads [ 500.863138][ T2893] vhci_hcd: release socket [ 500.867926][ T2893] vhci_hcd: disconnect device [ 500.873699][ T2893] vhci_hcd: stop threads [ 500.878121][ T2893] vhci_hcd: release socket [ 500.886210][ T2893] vhci_hcd: disconnect device [ 501.093204][ T9079] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 501.191501][ T29] audit: type=1800 audit(1727098950.399:31): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1582" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 501.216213][ T29] audit: type=1800 audit(1727098950.399:32): pid=9061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1582" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 501.736331][ T9074] loop4: detected capacity change from 0 to 4096 [ 502.064475][ T9087] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 503.162130][ T25] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 503.381116][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 503.495514][ T25] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 503.506120][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 503.517354][ T25] usb 4-1: Product: syz [ 503.521923][ T25] usb 4-1: Manufacturer: syz [ 503.526777][ T25] usb 4-1: SerialNumber: syz [ 503.643614][ T25] usb 4-1: config 0 descriptor?? [ 503.718072][ T25] gspca_main: se401-2.14.0 probing 047d:5003 [ 504.224526][ T9097] loop3: detected capacity change from 0 to 1024 [ 504.707541][ T25] gspca_se401: read req failed req 0x06 error -19 [ 504.732717][ T25] usb 4-1: USB disconnect, device number 17 [ 505.306344][ T9122] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1605'. [ 505.336741][ T9122] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 505.865412][ T5239] vhci_hcd: vhci_device speed not set [ 506.167710][ T9135] program syz.4.1610 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 508.094852][ T9162] gtp0: entered promiscuous mode [ 508.100065][ T9162] gtp0: entered allmulticast mode [ 508.439456][ T9166] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1625'. [ 508.735949][ T9173] loop4: detected capacity change from 0 to 16 [ 508.747143][ T9173] erofs: (device loop4): mounted with root inode @ nid 36. [ 511.924414][ T9211] loop0: detected capacity change from 0 to 256 [ 511.934199][ T9212] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1643'. [ 512.121748][ T9211] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 514.227255][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1659'. [ 514.366170][ T9248] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1661'. [ 515.453351][ T9259] loop4: detected capacity change from 0 to 128 [ 515.522433][ T9261] netlink: 'syz.3.1666': attribute type 7 has an invalid length. [ 515.542791][ T9259] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 515.570144][ T9259] sysv_free_block: trying to free block not in datazone [ 515.862223][ T7320] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 516.777455][ T9278] raw_sendmsg: syz.1.1673 forgot to set AF_INET. Fix it! [ 516.806066][ T9276] loop0: detected capacity change from 0 to 1024 [ 516.828840][ T9276] EXT4-fs: Ignoring removed nobh option [ 516.998012][ T9276] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 517.151196][ T29] audit: type=1800 audit(1727098966.389:33): pid=9276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1671" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 517.500442][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 517.778077][ T9292] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1677'. [ 518.508547][ T9304] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1685'. [ 519.167802][ T9320] input: syz0 as /devices/virtual/input/input15 [ 519.451441][ T5239] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 519.594547][ T9322] loop4: detected capacity change from 0 to 2048 [ 519.619700][ T5239] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 519.634909][ T5239] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 519.646333][ T5239] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 519.655863][ T5239] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 519.722529][ T9322] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 519.793466][ T5239] usb 1-1: config 0 descriptor?? [ 520.276522][ T9328] sctp: [Deprecated]: syz.1.1697 (pid 9328) Use of int in max_burst socket option deprecated. [ 520.276522][ T9328] Use struct sctp_assoc_value instead [ 520.440097][ T5239] hid-led 0003:27B8:01ED.0023: probe with driver hid-led failed with error -71 [ 520.493069][ T5239] usb 1-1: USB disconnect, device number 10 [ 520.547751][ T9337] loop1: detected capacity change from 0 to 1024 [ 520.566280][ T9337] EXT4-fs: Ignoring removed nomblk_io_submit option [ 520.647924][ T9337] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 521.352210][ T8462] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 521.926325][ T9359] bridge0: port 1(bridge_slave_0) entered blocking state [ 521.934009][ T9359] bridge0: port 1(bridge_slave_0) entered forwarding state [ 522.592450][ T5244] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 522.838093][ T5244] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 522.848832][ T5244] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 522.858227][ T5244] usb 5-1: config 1 has no interface number 0 [ 522.864974][ T5244] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 522.926659][ T9376] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1715'. [ 522.958267][ T5244] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 522.967806][ T5244] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 522.976359][ T5244] usb 5-1: Product: syz [ 522.980760][ T5244] usb 5-1: Manufacturer: syz [ 522.985996][ T5244] usb 5-1: SerialNumber: syz [ 523.042978][ T5244] usb 5-1: selecting invalid altsetting 1 [ 523.950907][ T5244] cdc_ncm 5-1:1.1: SET_CRC_MODE failed [ 523.972418][ T5244] usb 5-1: selecting invalid altsetting 1 [ 523.978551][ T5244] cdc_ncm 5-1:1.1: bind() failure [ 524.074574][ T5244] usb 5-1: USB disconnect, device number 9 [ 524.303349][ T9389] loop1: detected capacity change from 0 to 512 [ 524.370005][ T9389] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 524.577253][ T9389] EXT4-fs (loop1): 1 truncate cleaned up [ 524.584865][ T9389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 525.164109][ T8462] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 525.623142][ T9409] netlink: 87 bytes leftover after parsing attributes in process `syz.3.1728'. [ 526.058639][ T9418] loop3: detected capacity change from 0 to 17 [ 526.112263][ T9418] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing [ 526.120153][ T9418] BFS-fs: bfs_iget(): Bad inode number loop3:00000002 [ 526.283303][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 526.294372][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 526.784032][ T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 527.083632][ T25] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 527.093267][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 527.145969][ T25] usb 5-1: config 0 descriptor?? [ 527.179853][ T25] cp210x 5-1:0.0: cp210x converter detected [ 527.687334][ T25] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 527.729847][ T9438] loop0: detected capacity change from 0 to 8 [ 527.753544][ T9436] loop1: detected capacity change from 0 to 1024 [ 527.793332][ T9436] EXT4-fs: Ignoring removed nomblk_io_submit option [ 527.913104][ T9436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 527.919858][ T25] cp210x 5-1:0.0: failed to get vendor val 0x370c size 15: -71 [ 527.947056][ T25] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 528.048722][ T25] usb 5-1: cp210x converter now attached to ttyUSB0 [ 528.063334][ T25] usb 5-1: USB disconnect, device number 10 [ 528.086930][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 528.097226][ T25] cp210x 5-1:0.0: device disconnected [ 529.007057][ T8462] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 529.487836][ T9460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1746'. [ 532.473512][ T9509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1771'. [ 532.525608][ T9511] loop4: detected capacity change from 0 to 512 [ 532.870320][ T9511] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.1773: casefold flag without casefold feature [ 532.894719][ T9511] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1773: couldn't read orphan inode 15 (err -117) [ 532.925321][ T9511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 532.996856][ T9507] loop1: detected capacity change from 0 to 4096 [ 533.028365][ T9511] EXT4-fs warning (device loop4): ext4_empty_dir:3098: inode #2: comm syz.4.1773: directory missing '.' [ 533.131224][ T9507] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 533.505046][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 533.677188][ T9507] ntfs3: loop1: Failed to initialize $Extend/$ObjId. [ 535.555982][ T9541] loop1: detected capacity change from 0 to 2048 [ 535.758712][ T9541] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 535.800460][ T9541] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 536.043382][ T9554] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1791'. [ 537.055779][ T9552] loop3: detected capacity change from 0 to 4096 [ 537.134448][ T9560] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1793'. [ 537.149562][ T9560] erspan0: default FDB implementation only supports local addresses [ 537.275209][ T9562] program syz.4.1795 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 537.582778][ T9552] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 538.224627][ T9572] loop0: detected capacity change from 0 to 512 [ 538.253238][ T9574] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 538.260943][ T9574] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 538.445222][ T9572] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 538.719395][ T9572] EXT4-fs (loop0): 1 truncate cleaned up [ 538.729906][ T9572] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 539.008086][ T9572] EXT4-fs error (device loop0): ext4_generic_delete_entry:2680: inode #2: block 13: comm syz.0.1799: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 539.048456][ T9589] tun0: tun_chr_ioctl cmd 2148553947 [ 539.101718][ T9572] EXT4-fs (loop0): Remounting filesystem read-only [ 539.437878][ T9592] pimreg: entered allmulticast mode [ 539.473149][ T9595] loop3: detected capacity change from 0 to 764 [ 539.544502][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 539.811295][ T5244] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 539.978022][ T9600] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1810'. [ 539.984551][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 539.998625][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 540.012999][ T5244] usb 5-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 540.023696][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 540.065852][ T9600] netlink: 'syz.0.1810': attribute type 1 has an invalid length. [ 540.073990][ T9600] netlink: 'syz.0.1810': attribute type 2 has an invalid length. [ 540.192163][ T5244] usb 5-1: config 0 descriptor?? [ 540.366698][ T9599] loop1: detected capacity change from 0 to 2048 [ 540.507301][ T9599] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 540.742427][ T9606] loop0: detected capacity change from 0 to 512 [ 540.781334][ T9606] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1816: corrupted in-inode xattr: invalid ea_ino [ 540.803028][ T5244] steelseries 0003:1038:12B6.0024: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.4-1/input0 [ 540.850255][ T9606] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1816: couldn't read orphan inode 15 (err -117) [ 540.927439][ T9606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 541.002733][ T9610] netlink: 'syz.3.1815': attribute type 11 has an invalid length. [ 541.010948][ T9610] netlink: 204 bytes leftover after parsing attributes in process `syz.3.1815'. [ 541.166536][ T5244] usb 5-1: USB disconnect, device number 11 [ 541.408297][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 543.973800][ T5244] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 544.171068][ T5244] usb 2-1: Using ep0 maxpacket: 8 [ 544.253131][ T5244] usb 2-1: unable to get BOS descriptor or descriptor too short [ 544.297893][ T5244] usb 2-1: config 0 has an invalid interface number: 125 but max is 2 [ 544.306963][ T5244] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 3 [ 544.320304][ T5244] usb 2-1: config 0 has no interface number 0 [ 544.328077][ T5244] usb 2-1: config 0 interface 125 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 544.341825][ T5244] usb 2-1: config 0 interface 125 has no altsetting 0 [ 544.432170][ T5244] usb 2-1: string descriptor 0 read error: -22 [ 544.439079][ T5244] usb 2-1: Dual-Role OTG device on HNP port [ 544.466198][ T5244] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=8a.dd [ 544.476721][ T5244] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 544.562480][ T5244] usb 2-1: config 0 descriptor?? [ 544.576273][ T5244] hub 2-1:0.125: bad descriptor, ignoring hub [ 544.582772][ T5244] hub 2-1:0.125: probe with driver hub failed with error -5 [ 544.600658][ T5244] usb 2-1: Found UVC 15.ff device (17dc:0202) [ 544.608113][ T5244] usb 2-1: No valid video chain found. [ 544.902651][ T5244] usb 2-1: USB disconnect, device number 12 [ 544.984111][ T9664] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1840'. [ 546.056672][ T9673] loop4: detected capacity change from 0 to 1024 [ 546.294738][ T9673] hfsplus: bad catalog entry type [ 546.445173][ T9682] program syz.3.1850 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 546.629205][ T9681] loop0: detected capacity change from 0 to 4096 [ 546.681155][ T9681] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 546.817886][ T4442] hfsplus: b-tree write err: -5, ino 4 [ 547.096651][ T9681] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 547.193664][ T9690] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 547.565590][ T5184] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 548.971021][ T5197] Bluetooth: hci2: command 0x0406 tx timeout [ 550.683480][ T9717] loop0: detected capacity change from 0 to 32768 [ 552.372427][ T9744] netlink: set zone limit has 4 unknown bytes [ 552.673847][ T9746] loop1: detected capacity change from 0 to 256 [ 552.843505][ T9746] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 553.040509][ T9737] loop3: detected capacity change from 0 to 32768 [ 553.143811][ T29] audit: type=1804 audit(2000000004.990:34): pid=9748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1879" name="/newroot/100/file2/bus" dev="loop1" ino=1048733 res=1 errno=0 [ 553.203686][ T9749] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode [ 553.212086][ T9749] macvlan2: entered allmulticast mode [ 553.224429][ T9749] mac80211_hwsim hwsim15 wlan0: entered allmulticast mode [ 553.379658][ T9749] mac80211_hwsim hwsim15 wlan0: left promiscuous mode [ 553.477012][ T9737] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 554.000260][ T8744] ocfs2: Unmounting device (7,3) on (node local) [ 554.545142][ T9767] loop1: detected capacity change from 0 to 512 [ 554.744860][ T9767] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 554.803865][ T9767] EXT4-fs (loop1): 1 truncate cleaned up [ 554.811732][ T9767] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 554.952468][ T9765] loop4: detected capacity change from 0 to 2048 [ 555.048035][ T9765] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 555.151116][ T8462] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 555.157938][ T9772] input: syz1 as /devices/virtual/input/input16 [ 555.427601][ T9778] loop1: detected capacity change from 0 to 128 [ 559.236734][ T9836] netlink: 'syz.4.1916': attribute type 5 has an invalid length. [ 559.918234][ T9847] netlink: 'syz.1.1922': attribute type 3 has an invalid length. [ 559.926547][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1922'. [ 559.935895][ T9847] netlink: 'syz.1.1922': attribute type 3 has an invalid length. [ 559.943969][ T9847] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1922'. [ 560.091829][ T9846] loop0: detected capacity change from 0 to 1024 [ 560.100607][ T9846] EXT4-fs: Ignoring removed nobh option [ 560.109673][ T9846] EXT4-fs: Ignoring removed orlov option [ 560.117791][ T9846] EXT4-fs: Ignoring removed nomblk_io_submit option [ 560.326383][ T9846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 560.511075][ T29] audit: type=1800 audit(2000000012.350:35): pid=9846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1921" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 560.923273][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 562.620277][ T9862] loop0: detected capacity change from 0 to 4096 [ 562.681639][ T9862] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512). [ 563.035035][ T9882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1937'. [ 563.080972][ T9862] ntfs3: loop0: Failed to load $Extend (-22). [ 563.087436][ T9862] ntfs3: loop0: Failed to initialize $Extend. [ 564.062958][ T5248] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 564.444134][ T5248] usb 4-1: Using ep0 maxpacket: 8 [ 564.543666][ T9896] loop1: detected capacity change from 0 to 4096 [ 564.575556][ T5248] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 564.590654][ T5248] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 564.603676][ T5248] usb 4-1: Product: syz [ 564.608084][ T5248] usb 4-1: Manufacturer: syz [ 564.613215][ T5248] usb 4-1: SerialNumber: syz [ 564.642071][ T5248] usb 4-1: config 0 descriptor?? [ 564.662740][ T5248] gspca_main: sq930x-2.14.0 probing 2770:930c [ 565.251868][ T9896] ntfs3: loop1: failed to convert "0080" to cp869 [ 565.274328][ T9896] ntfs3: loop1: failed to convert name for inode 1e. [ 565.488562][ T5248] gspca_sq930x: ucbus_write failed -71 [ 565.724231][ T5248] gspca_sq930x: Sensor ov9630 not yet treated [ 565.731014][ T5248] sq930x 4-1:0.0: probe with driver sq930x failed with error -22 [ 565.864746][ T5248] usb 4-1: USB disconnect, device number 18 [ 566.274883][ T9915] loop0: detected capacity change from 0 to 164 [ 567.503469][ T9931] loop0: detected capacity change from 0 to 128 [ 567.976951][ T9931] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 568.035403][ T9931] ext4 filesystem being mounted at /432/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 568.438844][ T9944] program syz.3.1964 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 568.490101][ T5184] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 568.555484][ T29] audit: type=1326 audit(2000000020.400:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9936 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111697def9 code=0x7ffc0000 [ 568.582909][ T29] audit: type=1326 audit(2000000020.400:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9936 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111697def9 code=0x7ffc0000 [ 568.941592][ T29] audit: type=1326 audit(2000000020.760:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9936 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f111697def9 code=0x7ffc0000 [ 569.073633][ T29] audit: type=1326 audit(2000000020.910:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9936 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111697def9 code=0x7ffc0000 [ 569.100168][ T29] audit: type=1326 audit(2000000020.910:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9936 comm="syz.2.1960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111697def9 code=0x7ffc0000 [ 569.226315][ T9953] loop0: detected capacity change from 0 to 64 [ 569.362719][ T5197] Bluetooth: hci4: command 0x0406 tx timeout [ 570.209284][ T9966] loop1: detected capacity change from 0 to 1024 [ 570.586263][ T9963] input input18: cannot allocate more than FF_MAX_EFFECTS effects [ 570.587016][ T9966] hfsplus: request for non-existent node 2048 in B*Tree [ 570.602168][ T9966] hfsplus: request for non-existent node 2048 in B*Tree [ 570.647967][ T9976] hfsplus: request for non-existent node 2048 in B*Tree [ 570.655567][ T9976] hfsplus: request for non-existent node 2048 in B*Tree [ 570.692970][ T25] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 570.889250][ T25] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 570.901390][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 570.915389][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 570.925586][ T25] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 570.944326][ T25] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 570.958229][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 571.000363][ T25] usb 1-1: config 0 descriptor?? [ 571.498974][ T9982] loop1: detected capacity change from 0 to 128 [ 571.539079][ T25] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 571.557199][ T25] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 571.571158][ T25] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 571.578929][ T25] plantronics 0003:047F:FFFF.0025: unknown main item tag 0x0 [ 571.595073][ T25] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving [ 571.646166][ T25] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 571.693019][ T9984] block device autoloading is deprecated and will be removed. [ 571.701381][ T9984] syz.3.1982: attempt to access beyond end of device [ 571.701381][ T9984] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 571.819022][ T5248] usb 1-1: USB disconnect, device number 11 [ 572.865419][T10000] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode [ 572.935452][T10000] mac80211_hwsim hwsim15 wlan0: left promiscuous mode [ 572.962094][ T5244] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 573.552742][ T5244] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 573.564192][ T5244] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 573.574760][ T5244] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 573.584272][ T5244] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 573.724485][ T9997] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 573.806566][ T5244] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 574.631109][ T5244] usb 3-1: USB disconnect, device number 14 [ 575.251327][ T5244] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 575.501175][ T5244] usb 5-1: Using ep0 maxpacket: 16 [ 575.544971][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 575.557735][ T5244] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 575.568096][ T5244] usb 5-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 575.577566][ T5244] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 575.611189][T10038] loop0: detected capacity change from 0 to 164 [ 575.686418][ T5244] usb 5-1: config 0 descriptor?? [ 576.138039][ T5244] hid-led 0003:1294:1320.0026: unknown main item tag 0x2 [ 576.145609][ T5244] hid-led 0003:1294:1320.0026: unbalanced collection at end of report description [ 576.297406][ T5244] hid-led 0003:1294:1320.0026: probe with driver hid-led failed with error -22 [ 576.473743][ T5248] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 576.497536][ T5244] usb 5-1: USB disconnect, device number 12 [ 576.631143][ T5248] usb 1-1: Using ep0 maxpacket: 32 [ 576.687666][ T5248] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 576.697000][ T5248] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 576.707688][ T5248] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 577.197989][ T5248] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 577.207636][ T5248] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 577.218722][ T5248] usb 1-1: Product: syz [ 577.223331][ T5248] usb 1-1: Manufacturer: syz [ 577.228187][ T5248] usb 1-1: SerialNumber: syz [ 577.828988][ T5248] usb 1-1: 0:2 : does not exist [ 578.009021][ T5248] usb 1-1: USB disconnect, device number 12 [ 578.785105][T10070] netlink: 296 bytes leftover after parsing attributes in process `syz.2.2019'. [ 578.795747][T10070] unsupported nlmsg_type 40 [ 578.805867][T10072] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2020'. [ 579.349557][T10084] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2024'. [ 580.342516][T10096] loop4: detected capacity change from 0 to 512 [ 580.364052][T10098] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 580.370761][T10096] EXT4-fs: Ignoring removed oldalloc option [ 580.494665][T10096] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2029: Parent and EA inode have the same ino 15 [ 580.574334][T10096] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.2029: Parent and EA inode have the same ino 15 [ 580.594255][T10096] EXT4-fs (loop4): 1 orphan inode deleted [ 580.602615][T10096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 581.261588][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 581.534050][T10120] loop3: detected capacity change from 0 to 256 [ 581.563991][T10120] exfat: Deprecated parameter 'namecase' [ 581.570206][T10120] exfat: Deprecated parameter 'utf8' [ 581.576221][T10120] exfat: Deprecated parameter 'namecase' [ 581.591124][T10120] exfat: Deprecated parameter 'utf8' [ 581.778625][T10130] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 581.786228][T10130] IPv6: NLM_F_CREATE should be set when creating new route [ 581.867452][T10120] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 583.846517][T10156] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2053'. [ 583.877925][T10158] vlan3: entered promiscuous mode [ 583.883433][T10158] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode [ 583.934204][T10158] mac80211_hwsim hwsim15 wlan0: left promiscuous mode [ 585.219971][T10181] loop4: detected capacity change from 0 to 256 [ 586.503734][ T25] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 586.715394][ T25] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 586.725224][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 586.747250][ T25] usb 4-1: config 0 descriptor?? [ 586.759898][ T25] cp210x 4-1:0.0: cp210x converter detected [ 587.230722][ T25] cp210x 4-1:0.0: failed to get vendor val 0x0010 size 3: -121 [ 587.503029][ T25] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 587.513845][ T25] cp210x 4-1:0.0: GPIO initialisation failed: -71 [ 587.607903][ T25] usb 4-1: cp210x converter now attached to ttyUSB0 [ 587.712946][ T25] usb 4-1: USB disconnect, device number 19 [ 587.735572][ T1237] ieee802154 phy0 wpan0: encryption failed: -22 [ 587.742352][ T1237] ieee802154 phy1 wpan1: encryption failed: -22 [ 587.789135][ T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 587.798394][ T25] cp210x 4-1:0.0: device disconnected [ 588.159344][T10220] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 588.169153][T10220] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 588.178444][T10220] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 588.187953][T10220] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 589.198041][T10235] netlink: 'syz.1.2091': attribute type 1 has an invalid length. [ 589.609559][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.618303][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.626461][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.634572][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.642812][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.650759][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.658995][T10245] netlink: 'syz.3.2095': attribute type 1 has an invalid length. [ 589.668245][T10245] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2095'. [ 591.667033][T10275] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2109'. [ 591.678876][T10275] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2109'. [ 592.306682][T10284] loop4: detected capacity change from 0 to 1024 [ 592.318594][T10284] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 592.368559][T10284] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 592.377768][T10284] EXT4-fs (loop4): orphan cleanup on readonly fs [ 592.420732][T10284] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.2113: Freeing blocks not in datazone - block = 0, count = 4096 [ 592.581880][T10284] EXT4-fs (loop4): Remounting filesystem read-only [ 592.589045][T10284] EXT4-fs (loop4): 1 truncate cleaned up [ 592.596912][T10284] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 592.902974][ T5244] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 593.042865][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 593.273251][ T5244] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 593.284070][ T5244] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 593.338266][ T5244] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 593.348020][ T5244] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 593.356506][ T5244] usb 1-1: SerialNumber: syz [ 593.654517][ T5244] usb 1-1: 0:2 : does not exist [ 593.710252][T10303] loop1: detected capacity change from 0 to 256 [ 593.732270][ T5244] usb 1-1: USB disconnect, device number 13 [ 593.953297][ T29] audit: type=1800 audit(2000000045.790:41): pid=10303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2121" name="bus" dev="loop1" ino=1048739 res=0 errno=0 [ 595.117982][T10322] loop4: detected capacity change from 0 to 128 [ 595.200040][T10322] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 595.269339][T10322] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 595.659677][T10318] loop1: detected capacity change from 0 to 2048 [ 595.941404][T10318] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 595.951767][T10318] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 596.001530][T10330] pim6reg: entered allmulticast mode [ 596.072991][T10318] EXT4-fs (loop1): failed to initialize system zone (-117) [ 596.102261][T10318] EXT4-fs (loop1): mount failed [ 598.856621][T10349] loop3: detected capacity change from 0 to 2048 [ 598.924193][T10358] loop1: detected capacity change from 0 to 128 [ 598.952954][T10358] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 599.011827][T10349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 599.106676][T10361] loop0: detected capacity change from 0 to 512 [ 599.122587][T10358] UDF-fs: error (device loop1): udf_read_inode: (ino 86) failed unknown file type=13 [ 599.224468][T10361] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 599.362005][T10361] EXT4-fs (loop0): 1 truncate cleaned up [ 599.369609][T10361] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 599.476804][ T29] audit: type=1800 audit(2000000051.300:42): pid=10361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2142" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 599.499292][T10361] EXT4-fs (loop0): shut down requested (2) [ 599.642833][ T8744] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 599.871193][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 600.195988][T10374] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2149'. [ 600.844115][T10380] tap0: tun_chr_ioctl cmd 1074025694 [ 601.144025][T10382] loop0: detected capacity change from 0 to 1024 [ 601.223014][T10382] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 601.574942][T10393] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2792: inode #12: comm syz.0.2154: corrupted in-inode xattr: bad magic number in in-inode xattr [ 602.498941][ T5184] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 602.666960][T10402] netlink: 'syz.2.2163': attribute type 1 has an invalid length. [ 602.675161][T10402] netlink: 'syz.2.2163': attribute type 3 has an invalid length. [ 602.689625][T10402] netlink: 216 bytes leftover after parsing attributes in process `syz.2.2163'. [ 602.699220][T10402] NCSI netlink: No device for ifindex 813332851 [ 604.767439][T10427] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2171'. [ 607.952875][T10435] loop3: detected capacity change from 0 to 32768 [ 608.868436][T10463] loop4: detected capacity change from 0 to 512 [ 608.992381][T10463] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001) [ 608.992532][T10463] FAT-fs (loop4): Filesystem has been set read-only [ 610.120620][ T5197] Bluetooth: hci6: link tx timeout [ 610.120703][ T5197] Bluetooth: hci6: killing stalled connection 11:aa:aa:aa:aa:aa [ 611.110291][T10475] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2191'. [ 611.760748][T10488] loop3: detected capacity change from 0 to 128 [ 611.899352][ T5248] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 611.975557][T10494] loop1: detected capacity change from 0 to 512 [ 612.005435][T10494] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 612.028769][T10488] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 612.049629][T10488] sysv_free_block: trying to free block not in datazone [ 612.061136][ T5248] usb 5-1: Using ep0 maxpacket: 32 [ 612.134385][ T5248] usb 5-1: config 0 has an invalid interface number: 126 but max is 0 [ 612.146130][ T5248] usb 5-1: config 0 has no interface number 0 [ 612.152634][ T5248] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023 [ 612.167572][ T5248] usb 5-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8 [ 612.183522][ T5248] usb 5-1: config 0 interface 126 has no altsetting 0 [ 612.345999][ T9685] Bluetooth: hci6: command 0x0406 tx timeout [ 612.434305][T10494] EXT4-fs (loop1): 1 truncate cleaned up [ 612.444854][T10494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 612.547458][ T5248] usb 5-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c [ 612.559545][ T5248] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 612.570732][ T5248] usb 5-1: Product: syz [ 612.575279][ T5248] usb 5-1: Manufacturer: syz [ 612.580113][ T5248] usb 5-1: SerialNumber: syz [ 612.717828][ T5248] usb 5-1: config 0 descriptor?? [ 612.779873][T10479] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 612.796897][T10479] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 612.954189][ T29] audit: type=1800 audit(2000000064.750:43): pid=10501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2198" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 613.322235][ T8744] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 613.356779][ T5248] ir_usb 5-1:0.126: IR Dongle converter detected [ 613.462024][ T8462] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 613.683435][T10510] loop3: detected capacity change from 0 to 1024 [ 613.797216][ T5248] usb 5-1: IR Dongle converter now attached to ttyUSB0 [ 613.858183][ T5248] usb 5-1: USB disconnect, device number 13 [ 613.874390][ T5248] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0 [ 613.887044][ T5248] ir_usb 5-1:0.126: device disconnected [ 613.990483][T10510] Option 'gr&gûŽð ' to dns_resolver key: bad/missing value [ 614.825994][T10525] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2209'. [ 616.066329][T10546] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2224'. [ 616.905533][T10560] loop4: detected capacity change from 0 to 64 [ 617.303633][T10560] hfs: request for non-existent node 16777216 in B*Tree [ 617.310945][T10560] hfs: request for non-existent node 16777216 in B*Tree [ 617.318421][T10560] hfs: request for non-existent node 16777216 in B*Tree [ 617.330026][T10560] hfs: request for non-existent node 16777216 in B*Tree [ 617.867128][T10571] loop3: detected capacity change from 0 to 1024 [ 617.995622][T10571] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 618.224783][T10581] loop1: detected capacity change from 0 to 256 [ 618.247281][T10581] exfat: Deprecated parameter 'utf8' [ 618.248690][T10580] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2792: inode #12: comm syz.3.2237: corrupted in-inode xattr: bad magic number in in-inode xattr [ 618.254846][T10581] exfat: Deprecated parameter 'utf8' [ 618.508301][T10581] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 618.897463][T10587] netlink: 'syz.4.2241': attribute type 4 has an invalid length. [ 618.948975][ T8744] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 620.510388][T10606] netlink: 196 bytes leftover after parsing attributes in process `syz.0.2251'. [ 620.660014][T10610] sp0: Synchronizing with TNC [ 621.872370][ T5245] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 622.034959][ T5245] usb 2-1: Using ep0 maxpacket: 8 [ 622.048063][ T5245] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 622.058483][ T5245] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 622.068794][ T5245] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 622.079124][ T5245] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 622.092687][ T5245] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 622.102169][ T5245] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 622.196471][ T5244] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 622.371152][ T5244] usb 4-1: Using ep0 maxpacket: 8 [ 622.392043][ T5244] usb 4-1: config 0 has an invalid interface number: 230 but max is 0 [ 622.400952][ T5244] usb 4-1: config 0 has no interface number 0 [ 622.407476][ T5244] usb 4-1: config 0 interface 230 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 622.423846][ T5244] usb 4-1: config 0 interface 230 altsetting 0 has an endpoint descriptor with address 0x97, changing to 0x87 [ 622.436148][ T5244] usb 4-1: config 0 interface 230 altsetting 0 endpoint 0x87 has an invalid bInterval 36, changing to 9 [ 622.455271][ T5244] usb 4-1: config 0 interface 230 altsetting 0 endpoint 0x87 has invalid maxpacket 50274, setting to 1024 [ 622.467403][ T5244] usb 4-1: config 0 interface 230 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 622.481259][ T5244] usb 4-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7 [ 622.490757][ T5244] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 622.531588][ T5245] usb 2-1: GET_CAPABILITIES returned 2f [ 622.537525][ T5245] usbtmc 2-1:16.0: can't read capabilities [ 622.611123][ T5244] usb 4-1: config 0 descriptor?? [ 622.621441][T10629] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 622.724980][ T5244] metro_usb 4-1:0.230: Metrologic USB to Serial converter detected [ 622.794011][ T25] usb 2-1: USB disconnect, device number 13 [ 622.825232][T10639] netpci0: tun_chr_ioctl cmd 1074025672 [ 622.831254][T10639] netpci0: ignored: set checksum disabled [ 622.839162][ T5244] usb 4-1: Metrologic USB to Serial converter now attached to ttyUSB0 [ 622.918235][ T5245] usb 4-1: USB disconnect, device number 20 [ 622.957896][ T5245] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0 [ 622.970429][ T5245] metro_usb 4-1:0.230: device disconnected [ 624.431000][T10659] bridge0: port 2(bridge_slave_1) entered disabled state [ 624.440992][T10659] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.046502][T10668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2278'. [ 628.054901][T10708] loop0: detected capacity change from 0 to 256 [ 628.244561][T10708] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 628.563598][T10717] netlink: 'syz.4.2300': attribute type 7 has an invalid length. [ 629.864218][T10733] loop4: detected capacity change from 0 to 64 [ 629.993055][T10733] hfs: bad catalog entry type 0 [ 630.149502][T10723] loop0: detected capacity change from 0 to 4096 [ 630.703402][T10723] ntfs3: loop0: failed to convert "0080" to cp860 [ 630.723685][T10723] ntfs3: loop0: failed to convert name for inode 1e. [ 631.195447][T10749] loop4: detected capacity change from 0 to 1024 [ 631.237194][T10749] EXT4-fs: Ignoring removed orlov option [ 631.243402][T10749] EXT4-fs: Ignoring removed nomblk_io_submit option [ 631.324471][T10749] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 631.336338][T10749] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 631.398809][T10749] EXT4-fs (loop4): invalid journal inode [ 631.405046][T10749] EXT4-fs (loop4): can't get journal size [ 631.499016][T10749] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 631.691643][T10755] loop1: detected capacity change from 0 to 2048 [ 632.037675][ T7320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.090390][T10755] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 632.314815][T10755] UDF-fs: error (device loop1): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 633.339066][T10777] loop3: detected capacity change from 0 to 512 [ 633.804375][T10777] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 633.821940][T10777] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 633.882445][T10787] program syz.1.2329 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 633.903024][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2328'. [ 634.519678][T10792] loop1: detected capacity change from 0 to 2048 [ 634.575675][ T8744] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 634.671694][T10792] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 635.340690][T10805] ===================================================== [ 635.348064][T10805] BUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 635.356372][T10805] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 635.362273][T10805] nf_send_reset6+0xd84/0x15b0 [ 635.367260][T10805] nft_reject_inet_eval+0x3c1/0x880 [ 635.372758][T10805] nft_do_chain+0x426/0x2290 [ 635.377590][T10805] nft_do_chain_inet+0x41a/0x4f0 [ 635.382843][T10805] nf_hook_slow+0xf4/0x400 [ 635.387531][T10805] ipv6_rcv+0x29b/0x390 [ 635.391996][T10805] __netif_receive_skb+0x1da/0xa00 [ 635.397301][T10805] netif_receive_skb+0x58/0x660 [ 635.402499][T10805] tun_rx_batched+0x3ee/0x980 [ 635.407378][T10805] tun_get_user+0x5783/0x6c60 [ 635.412350][T10805] tun_chr_write_iter+0x3ac/0x5d0 [ 635.417558][T10805] vfs_write+0xb28/0x1540 [ 635.422184][T10805] ksys_write+0x20f/0x4c0 [ 635.426707][T10805] __x64_sys_write+0x93/0xe0 [ 635.431593][T10805] x64_sys_call+0x306a/0x3ba0 [ 635.436493][T10805] do_syscall_64+0xcd/0x1e0 [ 635.441273][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.447378][T10805] [ 635.449799][T10805] Uninit was stored to memory at: [ 635.455195][T10805] nf_reject_ip6_tcphdr_put+0x60c/0x6c0 [ 635.461123][T10805] nf_send_reset6+0xd84/0x15b0 [ 635.466120][T10805] nft_reject_inet_eval+0x3c1/0x880 [ 635.471593][T10805] nft_do_chain+0x426/0x2290 [ 635.476419][T10805] nft_do_chain_inet+0x41a/0x4f0 [ 635.481665][T10805] nf_hook_slow+0xf4/0x400 [ 635.486280][T10805] ipv6_rcv+0x29b/0x390 SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 635.490628][T10805] __netif_receive_skb+0x1da/0xa00 [ 635.496023][T10805] netif_receive_skb+0x58/0x660 [ 635.501203][T10805] tun_rx_batched+0x3ee/0x980 [ 635.506075][T10805] tun_get_user+0x5783/0x6c60 [ 635.511021][T10805] tun_chr_write_iter+0x3ac/0x5d0 [ 635.516243][T10805] vfs_write+0xb28/0x1540 [ 635.520761][T10805] ksys_write+0x20f/0x4c0 [ 635.525376][T10805] __x64_sys_write+0x93/0xe0 [ 635.530151][T10805] x64_sys_call+0x306a/0x3ba0 [ 635.535135][T10805] do_syscall_64+0xcd/0x1e0 [ 635.539983][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.546192][T10805] [ 635.548611][T10805] Uninit was stored to memory at: [ 635.554017][T10805] nf_reject_ip6_tcphdr_put+0x2ca/0x6c0 [ 635.559795][T10805] nf_send_reset6+0xd84/0x15b0 [ 635.564990][T10805] nft_reject_inet_eval+0x3c1/0x880 [ 635.570369][T10805] nft_do_chain+0x426/0x2290 [ 635.575285][T10805] nft_do_chain_inet+0x41a/0x4f0 [ 635.580431][T10805] nf_hook_slow+0xf4/0x400 [ 635.585152][T10805] ipv6_rcv+0x29b/0x390 [ 635.589508][T10805] __netif_receive_skb+0x1da/0xa00 [ 635.594892][T10805] netif_receive_skb+0x58/0x660 [ 635.599973][T10805] tun_rx_batched+0x3ee/0x980 [ 635.604955][T10805] tun_get_user+0x5783/0x6c60 [ 635.609817][T10805] tun_chr_write_iter+0x3ac/0x5d0 [ 635.615122][T10805] vfs_write+0xb28/0x1540 [ 635.619636][T10805] ksys_write+0x20f/0x4c0 [ 635.624240][T10805] __x64_sys_write+0x93/0xe0 [ 635.629023][T10805] x64_sys_call+0x306a/0x3ba0 [ 635.634009][T10805] do_syscall_64+0xcd/0x1e0 [ 635.638698][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.644935][T10805] [ 635.647364][T10805] Uninit was created at: [ 635.651986][T10805] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 635.658120][T10805] kmalloc_reserve+0x13d/0x4a0 [ 635.663228][T10805] __alloc_skb+0x363/0x7b0 [ 635.667883][T10805] nf_send_reset6+0x98d/0x15b0 [ 635.672976][T10805] nft_reject_inet_eval+0x3c1/0x880 [ 635.678412][T10805] nft_do_chain+0x426/0x2290 [ 635.683318][T10805] nft_do_chain_inet+0x41a/0x4f0 [ 635.688478][T10805] nf_hook_slow+0xf4/0x400 [ 635.693203][T10805] ipv6_rcv+0x29b/0x390 [ 635.697564][T10805] __netif_receive_skb+0x1da/0xa00 [ 635.702970][T10805] netif_receive_skb+0x58/0x660 [ 635.708044][T10805] tun_rx_batched+0x3ee/0x980 [ 635.713020][T10805] tun_get_user+0x5783/0x6c60 [ 635.717890][T10805] tun_chr_write_iter+0x3ac/0x5d0 [ 635.723216][T10805] vfs_write+0xb28/0x1540 [ 635.727737][T10805] ksys_write+0x20f/0x4c0 [ 635.732352][T10805] __x64_sys_write+0x93/0xe0 [ 635.737129][T10805] x64_sys_call+0x306a/0x3ba0 [ 635.742104][T10805] do_syscall_64+0xcd/0x1e0 [ 635.747321][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.753528][T10805] [ 635.755961][T10805] CPU: 0 UID: 0 PID: 10805 Comm: syz.0.2336 Not tainted 6.11.0-syzkaller-08833-gde5cb0dcb74c #0 [ 635.766677][T10805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 635.777012][T10805] ===================================================== [ 635.784158][T10805] Disabling lock debugging due to kernel taint [ 635.790427][T10805] Kernel panic - not syncing: kmsan.panic set ... [ 635.796990][T10805] CPU: 0 UID: 0 PID: 10805 Comm: syz.0.2336 Tainted: G B 6.11.0-syzkaller-08833-gde5cb0dcb74c #0 [ 635.809109][T10805] Tainted: [B]=BAD_PAGE [ 635.813374][T10805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 635.823588][T10805] Call Trace: [ 635.826982][T10805] [ 635.830023][T10805] dump_stack_lvl+0x216/0x2d0 [ 635.834891][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 635.840952][T10805] dump_stack+0x1e/0x30 [ 635.845288][T10805] panic+0x4e2/0xcf0 [ 635.849409][T10805] ? kmsan_get_metadata+0xc1/0x1c0 [ 635.854783][T10805] kmsan_report+0x2c7/0x2d0 [ 635.859526][T10805] ? kmsan_internal_chain_origin+0x10/0xd0 [ 635.865572][T10805] ? __msan_warning+0x95/0x120 [ 635.870553][T10805] ? nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 635.876521][T10805] ? nf_send_reset6+0xd84/0x15b0 [ 635.881698][T10805] ? nft_reject_inet_eval+0x3c1/0x880 [ 635.887259][T10805] ? nft_do_chain+0x426/0x2290 [ 635.892248][T10805] ? nft_do_chain_inet+0x41a/0x4f0 [ 635.897587][T10805] ? nf_hook_slow+0xf4/0x400 [ 635.902383][T10805] ? ipv6_rcv+0x29b/0x390 [ 635.906916][T10805] ? __netif_receive_skb+0x1da/0xa00 [ 635.912380][T10805] ? netif_receive_skb+0x58/0x660 [ 635.917727][T10805] ? tun_rx_batched+0x3ee/0x980 [ 635.922781][T10805] ? tun_get_user+0x5783/0x6c60 [ 635.927821][T10805] ? tun_chr_write_iter+0x3ac/0x5d0 [ 635.933210][T10805] ? vfs_write+0xb28/0x1540 [ 635.937916][T10805] ? ksys_write+0x20f/0x4c0 [ 635.942609][T10805] ? __x64_sys_write+0x93/0xe0 [ 635.947569][T10805] ? x64_sys_call+0x306a/0x3ba0 [ 635.952634][T10805] ? do_syscall_64+0xcd/0x1e0 [ 635.957579][T10805] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.963875][T10805] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 635.970169][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 635.975614][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 635.981671][T10805] ? kmem_cache_alloc_node_noprof+0x6df/0xb80 [ 635.987969][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 635.993404][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 635.998858][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 636.004910][T10805] ? csum_partial+0x45e/0x4b0 [ 636.009831][T10805] __msan_warning+0x95/0x120 [ 636.014635][T10805] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 636.020432][T10805] nf_send_reset6+0xd84/0x15b0 [ 636.025459][T10805] nft_reject_inet_eval+0x3c1/0x880 [ 636.030847][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.036290][T10805] ? __pfx_nft_reject_inet_eval+0x10/0x10 [ 636.042205][T10805] nft_do_chain+0x426/0x2290 [ 636.047026][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.052473][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.057921][T10805] ? ipv6_find_hdr+0xe8d/0x12f0 [ 636.062993][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.068438][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 636.074527][T10805] nft_do_chain_inet+0x41a/0x4f0 [ 636.079703][T10805] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 636.085388][T10805] nf_hook_slow+0xf4/0x400 [ 636.090053][T10805] ipv6_rcv+0x29b/0x390 [ 636.094419][T10805] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 636.099848][T10805] __netif_receive_skb+0x1da/0xa00 [ 636.105139][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.110572][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 636.116631][T10805] netif_receive_skb+0x58/0x660 [ 636.121717][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 636.127766][T10805] ? tun_rx_batched+0x37c/0x980 [ 636.132809][T10805] tun_rx_batched+0x3ee/0x980 [ 636.137684][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.143113][T10805] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 636.149162][T10805] tun_get_user+0x5783/0x6c60 [ 636.154050][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.159482][T10805] ? kmsan_get_metadata+0x13e/0x1c0 [ 636.164916][T10805] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 636.171531][T10805] tun_chr_write_iter+0x3ac/0x5d0 [ 636.176789][T10805] vfs_write+0xb28/0x1540 [ 636.181327][T10805] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 636.187088][T10805] ksys_write+0x20f/0x4c0 [ 636.191629][T10805] __x64_sys_write+0x93/0xe0 [ 636.196431][T10805] x64_sys_call+0x306a/0x3ba0 [ 636.201332][T10805] do_syscall_64+0xcd/0x1e0 [ 636.206016][T10805] ? clear_bhb_loop+0x25/0x80 [ 636.210897][T10805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 636.217009][T10805] RIP: 0033:0x7fc7dd17c9df [ 636.221578][T10805] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 636.241419][T10805] RSP: 002b:00007fc7ddef9000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 636.250056][T10805] RAX: ffffffffffffffda RBX: 00007fc7dd335f80 RCX: 00007fc7dd17c9df [ 636.258201][T10805] RDX: 000000000000005a RSI: 0000000020000140 RDI: 00000000000000c8 [ 636.266334][T10805] RBP: 00007fc7dd1f0b76 R08: 0000000000000000 R09: 0000000000000000 [ 636.274462][T10805] R10: 000000000000005a R11: 0000000000000293 R12: 0000000000000000 [ 636.282599][T10805] R13: 0000000000000000 R14: 00007fc7dd335f80 R15: 00007ffc5ac58658 [ 636.290761][T10805] [ 636.294196][T10805] Kernel Offset: disabled [ 636.298586][T10805] Rebooting in 86400 seconds..