last executing test programs: 37.975840669s ago: executing program 3: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) r2 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000500)={0xa, 0x0, 0x0, @remote}, 0x1c) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12}, &(0x7f0000000340)) ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0) sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) close(r2) timer_create(0x0, &(0x7f0000000100)={0x0, 0x14}, &(0x7f0000000300)=0x0) timer_settime(r3, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) rt_sigreturn() timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff}) tee(r5, r4, 0x8, 0x0) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'syztnl0\x00', 0x0}) 37.265603883s ago: executing program 3: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x1412, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}}, 0x0) 36.787012724s ago: executing program 3: r0 = socket$unix(0x1, 0x1, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0x541b, 0x0) 36.357049539s ago: executing program 3: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x34, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=0x0, @ANYBLOB="67a9fde500000000280012800a00010076786c616e"], 0x3}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 8.003770714s ago: executing program 0: unshare(0x800) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) socket(0x1e, 0x4, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000001c0)='xprtrdma_err_vers\x00'}, 0x10) socketpair$unix(0x1, 0x1, 0x0, 0x0) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xfffffffffffffda4, &(0x7f00000001c0), 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000002840)=ANY=[@ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000140)=[{0x35, 0x0, 0x0, 0x5}, {0x35, 0x0, 0x0, 0xe12b}, {0x16}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x3, &(0x7f0000000240)=[{0x5, 0x33}, {0x0, 0x9, 0x80, 0x4}, {0x4, 0x2f, 0x3f, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000340)={0x0, 0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r2, 0xc0182101, &(0x7f0000000180)={r4}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00'}, 0x90) ftruncate(r3, 0x400) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000480)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r2, 0x40182103, &(0x7f0000000080)={r6, 0x3, r2, 0x5}) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x8, &(0x7f00000003c0)=ANY=[@ANYRES8=r5, @ANYBLOB="8aa973e10a695eab92e72a5f0236d72960150dc28d8e8a8443817aa9788bf0a377"], 0x0, 0x80000}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cgroup.controllers\x00', 0x275a, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r7, &(0x7f00000016c0), 0x3af4701e) 7.220780093s ago: executing program 2: getsockopt$nfc_llcp(0xffffffffffffffff, 0x114, 0x0, 0x0, 0xfffffffffffffe9e) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) ftruncate(0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200980000000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000006c0003806800008008000340000000025c000b80100001800c000100636f756e7465720048"], 0x12c}}, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x0) 6.2625633s ago: executing program 0: socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) r1 = socket$unix(0x1, 0x5, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) bind$unix(r2, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e) bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e21}, 0x6e) bind$unix(r1, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e24}, 0x6e) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0080bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="1c00000021002551071c0165ff00fc020200000003100f000ee1000c", 0x1c) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setresuid(0x0, 0x0, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000580)='/sys/module/hid_logitech_hidpp', 0x4a2700, 0x44) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @remote}) 5.890231391s ago: executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448c9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 5.843796677s ago: executing program 4: bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15) r2 = dup(r1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) r4 = io_uring_setup(0x1951, &(0x7f00000000c0)) r5 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) read$usbmon(r5, 0x0, 0x0) ioctl$MON_IOCH_MFLUSH(r5, 0x9208, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 5.49012093s ago: executing program 1: sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xeab8ea4ecdc67b28}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x34}}, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000580)='ns/cgroup\x00') socket$inet6_udplite(0xa, 0x2, 0x88) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff) r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000e80)='ns/net\x00') sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r2}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) r3 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}]}, &(0x7f0000000180)=0x10) 5.385492174s ago: executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="54000000020601020000000000000000002300000900020073797a32000000000500010007000000050004000000000005000500020000000c000780050015000300000010000300686173683a6970"], 0x54}}, 0x0) 5.020063395s ago: executing program 2: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 4.983114852s ago: executing program 4: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000840)={'wpan0\x00'}) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000880)={0x30, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x14, 0x2b, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x1}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}]}, 0x30}}, 0x0) 4.692595112s ago: executing program 0: r0 = socket$kcm(0x2, 0x1000000000000005, 0x0) sendmsg$inet(r0, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x20}, 0x140, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="1100000000000000004003001100000000000000000000001c00000000000000000f00fdffff0700", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c0000000000000000078f020c000000", @ANYRES32=0x0, @ANYBLOB="a00500000000000000000000240000000000000084000000070000009404000044100000000000000000000000000000000000001100000000000000000001160100"/76], 0x98}, 0x4dc) 4.07170964s ago: executing program 1: socket$kcm(0x2, 0x2, 0x73) socket$kcm(0x2, 0x2, 0x73) 4.040113073s ago: executing program 0: lsetxattr$system_posix_acl(&(0x7f0000000400)='.\x00', &(0x7f0000000440)='system.posix_acl_default\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0xee00, @ANYBLOB="02000000", @ANYRES32=0x0, @ANYBLOB="040000000000800008000000", @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x5c, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0) r0 = socket$inet6(0xa, 0x2, 0x3a) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec5000000f800000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'veth0_vlan\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x1f}}}}]}, 0x48}}, 0x0) setsockopt$inet6_int(r0, 0x29, 0x10, &(0x7f0000000000), 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) socket$unix(0x1, 0x0, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) fchmodat(r7, &(0x7f0000000140)='./file1\x00', 0x0) 3.711582841s ago: executing program 4: r0 = socket$inet6(0xa, 0x3, 0x1) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@ipv4, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x3c}, 0x0, @in=@multicast1}}, 0xe8) sendmmsg(r0, &(0x7f0000000480), 0x21, 0x0) 3.472253757s ago: executing program 2: syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[@ANYBLOB="00694ba7e2ae8959c3a1a1006a809454d1b9e49ca9bcfc4fc4988c654d24bf47f27cf5182a66907790f63da0382e7e8b6fa7bc01215b438ad0a0c54300383d371f98a51969e94000800000d1a09c066c83c90eb1659f642d9740b323fc7da8f03a2e547ee2dd62af8c0b51da0e3b75a1ccf23bb04d83fa977502819dcc5fbe622c4c35880cfe115f8743ddf5255ed6532d8ce9391e704bb6c64bf7bd3c353b218ccf99b00749bc4d22cdc096d92b7eaf583df7f136a59dade8dafa14bcefad343a259d07d5b6e7152b1031acbba628c1f5310e53cd87b92cdfd51281dba68af9b738f0a097f69b277ef9a9bd361570f431b43d9a107367e5ed6f27bd9ef071148bc60b4845accf826763066baf9b092754602e7fe53fbd347a39262850be890a0300863518f5cd8e1d6d388c66123eac43a65f0b3a585c80576666c4ee5d579c349d415741bd3de7fd5af2fa9b50f63bbd192fa1ee4eb9d2eb2b4afffa5dd5a32f292bffcecbcc18071375b13a01e4643601001601b7a1eca9816df0137b589441fca8b569993caed53c6d9deae2183ebdb1d37c31837dd8"], 0x1, 0x23b, &(0x7f00000005c0)="$eJzs3bFrU10YB+C3bb6vrUuKCIIIXhDBKbQF94ooFIuKJUhFitGmUppSsFDQoa2T4OTi6OhWEXRw0/9BcHERF3G0m4P0SnslaW0qVZtcMc+z5OWe88s95wznJkNOrh+dm52aX5heW/sYfX1dURi5tZ6mXTEQ3dETmZUAAP4lX9I0PqeZvMcCALSH5z8AdJ49Pv8vtXFIAECL/f73/0cTr95XqiOn9tA17a2X7yZ/fYwAwP4an7h6fv31if7RePEwYu7+YnmxnL1m7aenYyZqUY3BKMbXiLQuq8+Njp0dTDb0R5Tnlr/nlxfLPdvzQ1GMgYgrF3bmh5LM9vx/cWBrfjiKcaj5/Yeb5v+Pk8e35EtRjDc3Yz5qMbXxkWRLfmkoSc5cHPsh37vZDwAAAAAAAAAAAAAAAAAAAAAAWqGU1A00O7+nVNqtPcvv/Xygxvk8DzbzhThSiHv5zh4AAAAAAAAAAAAAAAAAAAD+Dgt37s5WarXq7Xpx4/LMwe1XFPtcbCx8C29xLCJaPYvnq9W3Tyavjee/mG0smq/qs/wH9pOiOyI2i8OPRyovlz582tknVhpXugrZvlCpNdkskjZvTgAAAAAAAAAAAAAAAAAA0GEaPwPerUfa3gEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQA4a////B8Vqf/Zmu/TJGp/mOk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrbtwAAAP//j2usdg==") open_tree(0xffffffffffffff9c, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940001000000fcffc50000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=@newtaction={0x64, 0x30, 0xb, 0x0, 0x0, {}, [{0x50, 0x1, [@m_ct={0x4c, 0x1, 0x0, 0x0, {{0x7}, {0xfffffffffffffdd5, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_MARK={0x8, 0x10}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) 3.445557932s ago: executing program 1: bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e) sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x30, 0x1412, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x5}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x30}}, 0x0) 2.973435732s ago: executing program 4: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r0}, 0x10) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.52509384s ago: executing program 3: r0 = msgget$private(0x0, 0x0) msgrcv(r0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46) r2 = socket$inet6(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000500)={0xa, 0x0, 0x0, @remote}, 0x1c) timer_create(0x0, &(0x7f00000001c0)={0x0, 0x12}, &(0x7f0000000340)) sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) timer_create(0x0, &(0x7f0000000100)={0x0, 0x14}, &(0x7f0000000300)=0x0) timer_settime(r3, 0x0, &(0x7f00000000c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) rt_sigreturn() timer_settime(0x0, 0x0, &(0x7f0000000140)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000000)={0xffffffffffffffff}) tee(r5, r4, 0x8, 0x0) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) 2.441711452s ago: executing program 1: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="54000000020601020000000000000000002300000900020073797a32000000000500010007000000050004000000000005000500020000000c000780050015000300000010000300686173683a6970"], 0x54}}, 0x0) 1.6322806s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x20000000000001c2, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x303}, "0400", "0d07080d004f1a8600", "cf0d00", "8657e2b7e43934e4"}, 0x28) sendmsg$inet6(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[], 0x30}, 0x0) 1.567613812s ago: executing program 1: mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) clock_settime(0x0, 0x0) setsockopt$MISDN_TIME_STAMP(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0) 1.472153787s ago: executing program 3: sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xeab8ea4ecdc67b28}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x34}}, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000580)='ns/cgroup\x00') socket$inet6_udplite(0xa, 0x2, 0x88) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000800), 0xffffffffffffffff) r2 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000e80)='ns/net\x00') sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_NETNS_FD={0x8, 0x1d, r2}, @NL802154_ATTR_WPAN_PHY={0x8}]}, 0x24}}, 0x0) r3 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @private=0xa010102}}]}, &(0x7f0000000180)=0x10) 506.227141ms ago: executing program 0: r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x2}, {{@in6=@private2, 0x0, 0x3c}, 0x0, @in=@remote}}, 0xe8) 476.446869ms ago: executing program 2: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r0, 0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)='%pK \x00'}, 0x20) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r1, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)='%ps \x00'}, 0x20) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r2}, 0x4) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0feffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r3, 0x2f08, 0x10, 0x10, &(0x7f00000006c0)="0000000000000005", &(0x7f0000000700)=""/8, 0x0, 0x6000000, 0x0, 0x0, 0x0, 0x0}, 0x4c) 353.474669ms ago: executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_RAW={0x8}]}}]}, 0x3c}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x3}}, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$nl_route(0x10, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0) 294.014197ms ago: executing program 4: r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) socket$inet(0x2, 0x200000003, 0x84) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000001280)={0x2, 0x0, @multicast1}, 0x10) writev(r0, &(0x7f0000000400)=[{&(0x7f00000000c0)="00c3ff", 0x3}, {0x0}, {&(0x7f0000000840)="577bf309c549c2797aeff4bc1f7100a4cf4428758f60b93823bc61a04b20fd895a664ae5c960b167da02054708eedc38e443b456420a94665897a9a58187ab1a269ba17c36e7a60ec1479aba3bc9450814446e35e59b75369848f45a70820549acdc261f5caadb7858bae11bafb822db34860d238e96e4850ffe33656e46df47954e8b23eec40d04086df9ccb6c1dbc76d2ebd9c8234c81b45c62d5bc2ebbefa1984a3e5613d8c0497a89c6f7f13f89f5c4a024a80091d66d8fc9b47f753faabb45193f3ebf847df3e8a1ad9f8307703d47982260adc5c59ba4231df9661456a491e36dacad2575f9eed7b9fa34beb6c40b358fa503d55f57e14cb5aa70aa78928ea0e67b57e5ee7505f981e41134a652e0d776438820d2159aea0670dddc88d6c6fa9d98242eab27518ac0c48eef1ac4a5d90ff03f434458ac080da122c06fcad69ca3a34c51a04e98387c401ef8e064829118209a700aa8f7c32d992fd2bdeb3079d6cecc4ce627fd0a400461bfabddb6d7f2d1c0686ff761cbcafa7ae0ffa000000000000", 0x186}, {&(0x7f0000000680)}, {&(0x7f00000012c0)="cc6b40687c4ba0010e1f893dac10ea2f67e1cf63d82ddc131f69eb52b7215444ca36aa8d30b3f808e045b02849483b68150dbb3365d8eafc76539e81cca78b7424cd7a1cbf72406f3473f5f7146dfd0aed36459ade37161d58223b31773ac6d6f1dde958cb60b3fb4183108bee4938c53db3331beddca6872058264dd30b6eddcb114a64805fe5cab23fcd920c3ee80161a29bdc835f34d914d6ba8db542472bdebf3420c1d7a1dee1edccfe644d35d19e3082030c65718324d72c8a300b55c31446ce4eb2e1088ccbc3a0feda6004195d09e9a812546f0c542a7d3f11df87976802b4b1cfd2e209baaf8f820a161a70029c14400f16ee13f2f4b901a619c6a9af821fc941c2fd17b13ddc557eb382744dc8ae54e6a92807e79e648484bfca2a69371bb274a399123cc16749cd7182b540ce7398638c184aad1ea5d4f65451ef6c73d5e3fbed78fb379c1ba210e631d133fedb7758e73d309768d3c224acecad25b8d9ac62080a59f0f592405871ce8e4b0bfeeacaf129c217c4da2a0adf4dd038d8a7d2303252c64a57e56b879f5490ae80ab6903ef07206b91c0c85ab2f804d3f1a3fec0213eb09161056dd1136d4dd2e699694323fee5dc0ff8d8bfa26c540f5f352265340d68ac26d251ca085bdb4d976acbcd0d9b995f0d8ea077f116cb1db3283eeaa3b81c1b85f5450f2b30154d45c5d294fd74e46b79d10c8e3975c15532c8aadbcb67f75510407a83fe364dd38b15271cf0e161f962f183e9f10d3dfdd79a7e20397330678d1fcb57cb7b38ba7a5dd78ac10621e1104146951862043443faaf51248bd0a2d2302e2a70722623e7fca24e3b56f447d79e29c19924dde21d2e4259274a155d747cf22b0ffea3cf7afca3e30d963a0de9fe7385099a18d7877413f786248e9b01c0517da8611978c44dcb9fab4f12388ac619df7c9769fdac8a999f498ae55881a719eb96e3703f9ac794dca97a0910445c47f1e29f5b960bacd61d763eebc282971831e6f03f607e3c0134af998dc892f18590989b681a3699cc6e68e91ff893e7a376327fcc0e65df06fe1ec47af4bc64d633db2a9563831764021601804adcfcf5e4bbc4a5cdaaf5dcf0aa1919d85d9c0c3d24fd10aed8a473710598f3b5686e45ae67301f1d846e0281d5eb43034997da7be64d864ed5eb60739f011538cf23343b4f19091efbeca93270edcd939feae16c06c5f0d9a65c4a6bfd903c9e6fdf85c8261ea99dac48977a75dabfb9f787b9b49358cb15512f3d7156a5f9c72633ac912bde906c2876e18733b9120be32cab9949be2c134ea749b918a786af542dd700104eca68d823e280dc79224e2c44cbc6d744092818462a9ce6036afea284b5b8c071ea6795f576c7463955b09daca2f87eb6291707506d338776e3e4adfe7825e5284ae8c69f9dbc768955b0b95b42556f3752bdb1639f283ccf55dbfa2a35eaa028fd7cfded5a8701fcdd9042b5bb98500fd30402cc5b11fd13c640abaf671598004ba818a47180cd9ff8014408e637c4324ed345c359a639f207c9f98fa605abfc9bcb14a8805de7846c8f0adcb26eb0116e3ce6a5c875996843ded3196ee0a254987cefce783a4c5f899e8ff3c976d6641b81372b69d1eda5424dd9c2de8430cb13467328bafe78788709096dc8c4f42f12d367d8c70513045be53b12571b0b6fe2130ff1f6850f0dee5e4d7eee7024ee30e8961b7d0acaf2d797cb1f70dac47b138325bb293832211053fd150abe53d84871dca9edfdecd5d45670ee2a4a5a972fed65d3f0188399af6eabc7ddf5bd4f25f6735f3ee6465ce1d657d347d839e076ec85453f49a246df9a38421b178afcbf0828d40ad0c6ecbf60285be6a2898f6f514104010baa8bdb5831313f00b0001a8141e512da6aec988be9e77f19b69040b4b34cc1786ab4e6c32dd0c2822f40601ee278ab975e67ce498bffc06d3256de1832c396738fb340a17ae05792ddb302712063ff7ed34015f10dd5a130a7f581a0f03aac3ebd31a98be4b33dc5d2b619e931d39c59ff8db0562d3ea818ddfd4d0ec0100b38f3e097fbd01c7e5ee0fb4988705a5cf4154cab5e3dd346158fce8bdd302d95f2e58aacce1e84d30333909064b3622c80dd2ce93787a9a7359de34571e8bd3021b7fee0b8831b87730987aa7d95ae8c08bf0948039b82c8ee4388b7fe1955df1b6068ab0e1b22991e1c42088e33b0e1264d0d45821fedfbdb88756454fe9f9c51091b9c5c0cca546558b2a776a2af3788818e6f8956a9572529fae9e021dfa18963bf9c51e72b3cef50094ef2185374fe47c08fe1ee63bb63ab2cbc5d0c3d00ac933cf711ff4798117d065be1e58dd4948655f3ec50e2f5f092285b1b1592e3cc1dcb4259faf40c6563f6c9c76349e0e630c4faa21a8bb9e8c26d822d91b13183de6c1dba33e0ac59294c3934b48985a4a036be6b153efc20b279773956e994a9539eeb3b51074a1d79aa4fc3089aff839827d78691fd0904ce47d6038d6d60a5f86435f2a4506d9c65b0b7ac4ab0c3432512e41ccbda3792e3eb9aba6e8c339c15ad6896818af3eddc73704e199760aa0d38ff762d8bfd5e992fc52e495de814475e6142982aac4eb4d1e741feeb9c8827de720d4a3714affc88a00c4a93c8bb2230fc1a51349e14744ef05c3f60c5e7e54596f4252e0375cfc6f6d337579c1644275ac8230a7a455f6a35e532170dc698539c206de5e921a0ec589de5e6997f1f62ae241d90e3a5f0aca99d00286d4eb8b5572b40790dc3f6a4aa7c1324c24b9a17882872dc0de829228c64a63d4890ebacb6a8baf34ddfb007646bf74afc1457e1d8394b6dd0dad4b5ea989c566768e9688ff911f237f213fb4a3ffeb5d9bcb441b3bc39cec3dbbae83008d72ac76033a9bb63314d684a99b3be77bd55e9b624bd0eb4394938178e2c740b15ca8048e9c10ba669c89f82bb6851a17cae894634ba071efb018e30ee2994", 0x840}], 0x5) 0s ago: executing program 0: socket$nl_generic(0x10, 0x3, 0x10) socket$inet_udp(0x2, 0x2, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) creat(0x0, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0xc020660b, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x13, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x0) kernel console output (not intermixed with test programs): syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 721.508345][ T9148] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 721.522839][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 721.574791][ T9148] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 721.584136][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 721.629260][ T9148] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 721.645024][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 14: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 721.726123][ T9148] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 721.741656][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 15: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 721.751907][ T25] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 721.782631][ T25] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 721.790300][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 721.792897][ T25] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 721.828033][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.865449][ T8963] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz-executor.2: path /root/syzkaller-testdir4246944959/syzkaller.IsdNik/4/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 721.907606][ T8963] EXT4-fs error (device loop2): ext4_map_blocks:580: inode #2: block 18: comm syz-executor.2: lblock 23 mapped to illegal pblock 18 (length 1) [ 721.911731][ T9200] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 722.509223][ T29] audit: type=1800 audit(1717863423.249:58): pid=9215 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1951 res=0 errno=0 [ 722.564246][ T43] usb 2-1: USB disconnect, device number 23 [ 722.588227][ T8963] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 722.613625][ T29] audit: type=1800 audit(1717863423.339:59): pid=9200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1951 res=0 errno=0 [ 722.677217][ T34] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.899393][ T34] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.004259][ T50] Bluetooth: hci2: command tx timeout [ 723.025607][ T34] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.155595][ T34] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 723.204827][ T5122] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 723.474680][ T9148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 723.483780][ T34] bridge_slave_1: left allmulticast mode [ 723.489723][ T34] bridge_slave_1: left promiscuous mode [ 723.496556][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 723.537012][ T34] bridge_slave_0: left allmulticast mode [ 723.542976][ T34] bridge_slave_0: left promiscuous mode [ 723.549569][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 723.794075][ T5122] usb 1-1: config 0 has an invalid interface number: 255 but max is 0 [ 723.802761][ T5122] usb 1-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 723.818005][ T5122] usb 1-1: config 0 has no interface number 0 [ 723.826983][ T5122] usb 1-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85 [ 723.837712][ T5122] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 723.866401][ T5122] usb 1-1: config 0 descriptor?? [ 724.230407][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 724.261210][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 724.291572][ T34] bond0 (unregistering): Released all slaves [ 724.334138][ T5122] usb 1-1: string descriptor 0 read error: -71 [ 724.381114][ T5122] comedi comedi0: Wrong number of endpoints [ 724.387271][ T5122] dt9812 1-1:0.255: driver 'dt9812' failed to auto-configure device. [ 724.465162][ T5122] usb 1-1: USB disconnect, device number 23 [ 724.560893][ T9148] 8021q: adding VLAN 0 to HW filter on device team0 [ 724.758069][ T7145] bridge0: port 1(bridge_slave_0) entered blocking state [ 724.765871][ T7145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 725.146563][ T7146] bridge0: port 2(bridge_slave_1) entered blocking state [ 725.154378][ T7146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 725.439018][ T34] hsr_slave_0: left promiscuous mode [ 725.491151][ T34] hsr_slave_1: left promiscuous mode [ 725.495782][ T29] audit: type=1800 audit(1717863426.259:60): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1943 res=0 errno=0 [ 725.526620][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 725.534921][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 725.586905][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 725.594738][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 725.631986][ T34] veth1_macvtap: left promiscuous mode [ 725.637726][ T34] veth0_macvtap: left promiscuous mode [ 725.643828][ T34] veth1_vlan: left promiscuous mode [ 725.655837][ T34] veth0_vlan: left promiscuous mode [ 725.671819][ T4425] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 725.746131][ T4425] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 725.756666][ T4425] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 725.765789][ T7145] usb 1-1: new low-speed USB device number 24 using dummy_hcd [ 725.816187][ T4425] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 725.828174][ T4425] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 725.857923][ T4425] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 725.873371][ T9234] loop7: detected capacity change from 0 to 16384 [ 726.060045][ T7145] usb 1-1: device descriptor read/64, error -71 [ 726.323097][ T9234] I/O error, dev loop7, sector 264 op 0x0:(READ) flags 0x80700 phys_seg 31 prio class 0 [ 726.370863][ T9236] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 726.380725][ T9236] Buffer I/O error on dev loop7, logical block 0, async page read [ 726.388959][ T9236] ldm_validate_partition_table(): Disk read failed. [ 726.395979][ T9236] Dev loop7: unable to read RDB block 0 [ 726.401946][ T9236] loop7: unable to read partition table [ 726.411603][ T7145] usb 1-1: new low-speed USB device number 25 using dummy_hcd [ 726.412305][ T9236] loop7: partition table beyond EOD, truncated [ 726.430515][ T9236] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 726.487486][ T34] team0 (unregistering): Port device team_slave_1 removed [ 726.517932][ T34] team0 (unregistering): Port device team_slave_0 removed [ 726.601855][ T7145] usb 1-1: device descriptor read/64, error -71 [ 726.728928][ T7145] usb usb1-port1: attempt power cycle [ 727.078959][ T5507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 727.088859][ T5507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.217470][ T7145] usb 1-1: new low-speed USB device number 26 using dummy_hcd [ 727.312273][ T949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 727.320445][ T949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 727.381132][ T7145] usb 1-1: device descriptor read/8, error -71 [ 727.680210][ T7145] usb 1-1: new low-speed USB device number 27 using dummy_hcd [ 727.803585][ T7145] usb 1-1: device descriptor read/8, error -71 [ 727.962109][ T7145] usb usb1-port1: unable to enumerate USB device [ 728.033747][ T9248] loop7: detected capacity change from 0 to 16384 [ 728.040911][ T50] Bluetooth: hci3: command tx timeout [ 728.097703][ T9231] chnl_net:caif_netlink_parms(): no params data found [ 728.388710][ T9251] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 728.398429][ T9251] Buffer I/O error on dev loop7, logical block 0, async page read [ 728.406837][ T9251] ldm_validate_partition_table(): Disk read failed. [ 728.416478][ T9251] Dev loop7: unable to read RDB block 0 [ 728.423391][ T9251] loop7: unable to read partition table [ 728.466678][ T9254] loop1: detected capacity change from 0 to 512 [ 728.541744][ T9248] I/O error, dev loop7, sector 256 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 728.561229][ T9251] loop7: partition table beyond EOD, truncated [ 728.567729][ T9251] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 728.650697][ T9254] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 728.659282][ T9254] System zones: 0-2, 18-18, 34-35 [ 728.754025][ T9254] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 728.768587][ T9254] ext4 filesystem being mounted at /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 728.801939][ T9148] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 729.108110][ T9148] veth0_vlan: entered promiscuous mode [ 729.230353][ T9148] veth1_vlan: entered promiscuous mode [ 729.445617][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 729.526251][ T9148] veth0_macvtap: entered promiscuous mode [ 729.542665][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 729.612707][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 13: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 729.663283][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 14: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 729.735577][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 15: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 729.783428][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 729.807280][ T9148] veth1_macvtap: entered promiscuous mode [ 729.811205][ T8900] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 17: comm syz-executor.1: path /root/syzkaller-testdir465642013/syzkaller.t1eImb/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 729.851095][ T9231] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.858808][ T9231] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.869441][ T9231] bridge_slave_0: entered allmulticast mode [ 729.872824][ T8900] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 18: comm syz-executor.1: lblock 23 mapped to illegal pblock 18 (length 1) [ 729.881998][ T9231] bridge_slave_0: entered promiscuous mode [ 729.964267][ T9231] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.974577][ T9231] bridge0: port 2(bridge_slave_1) entered disabled state [ 729.984955][ T9231] bridge_slave_1: entered allmulticast mode [ 729.994159][ T9231] bridge_slave_1: entered promiscuous mode [ 730.133463][ T50] Bluetooth: hci3: command tx timeout [ 730.207452][ T9231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 730.248908][ T9231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 730.485888][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 730.497934][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 730.508254][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 730.519179][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 730.529340][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 730.540177][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 730.555262][ T9148] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 730.578863][ T9273] loop4: detected capacity change from 0 to 1024 [ 730.586613][ T786] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 730.672361][ T9231] team0: Port device team_slave_0 added [ 730.691798][ T9231] team0: Port device team_slave_1 added [ 730.909376][ T8900] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.927327][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.936212][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.962850][ T9231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.967910][ T786] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 730.989129][ T786] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 731.001019][ T786] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 731.010587][ T786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.025618][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.036376][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.046514][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.057259][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.068436][ T9148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 731.083413][ T9148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 731.106089][ T9148] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 731.172170][ T9271] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 731.200116][ T5118] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 731.225761][ T9231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 731.233455][ T9231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 731.261131][ T9231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 731.315441][ T9148] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.326240][ T9148] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.337178][ T9148] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.346387][ T9148] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 731.531123][ T34] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 731.624233][ T5118] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.635636][ T5118] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.645873][ T5118] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 731.659169][ T5118] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 731.668644][ T5118] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.708080][ T5118] usb 5-1: config 0 descriptor?? [ 731.733040][ T34] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 731.806325][ T7145] usb 1-1: USB disconnect, device number 28 [ 731.838942][ T29] audit: type=1800 audit(1717863432.559:61): pid=9271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1953 res=0 errno=0 [ 731.860809][ T29] audit: type=1800 audit(1717863432.559:62): pid=9271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1953 res=0 errno=0 [ 731.985707][ T34] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.131925][ T9231] hsr_slave_0: entered promiscuous mode [ 732.164397][ T9231] hsr_slave_1: entered promiscuous mode [ 732.193089][ T9231] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 732.201221][ T9231] Cannot create hsr debugfs directory [ 732.211316][ T50] Bluetooth: hci3: command tx timeout [ 732.253951][ T34] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 732.255077][ T5118] acrux 0003:1A34:0802.0008: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0 [ 732.280330][ T5118] acrux 0003:1A34:0802.0008: no inputs found [ 732.286563][ T5118] acrux 0003:1A34:0802.0008: Failed to enable force feedback support, error: -19 [ 732.422119][ T5118] usb 5-1: USB disconnect, device number 14 [ 732.800974][ T34] bridge_slave_1: left allmulticast mode [ 732.806876][ T34] bridge_slave_1: left promiscuous mode [ 732.813650][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 732.880150][ T34] bridge_slave_0: left allmulticast mode [ 732.886040][ T34] bridge_slave_0: left promiscuous mode [ 732.892727][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 733.462510][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 733.514142][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 733.553328][ T34] bond0 (unregistering): Released all slaves [ 733.833422][ T2967] hfsplus: b-tree write err: -5, ino 4 [ 734.108207][ T4425] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 734.130374][ T4425] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 734.162240][ T4425] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 734.181451][ T4425] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 734.207461][ T4425] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 734.226245][ T4425] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 734.285519][ T4425] Bluetooth: hci3: command tx timeout [ 734.395619][ T9298] loop7: detected capacity change from 0 to 16384 [ 734.513994][ T34] hsr_slave_0: left promiscuous mode [ 734.532890][ T34] hsr_slave_1: left promiscuous mode [ 734.561699][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 734.569657][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 734.616252][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 734.624114][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 734.655596][ T34] veth1_macvtap: left promiscuous mode [ 734.662975][ T34] veth0_macvtap: left promiscuous mode [ 734.668886][ T34] veth1_vlan: left promiscuous mode [ 734.674748][ T34] veth0_vlan: left promiscuous mode [ 734.686035][ T9298] I/O error, dev loop7, sector 264 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0 [ 734.704772][ T9301] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 734.714455][ T9301] Buffer I/O error on dev loop7, logical block 0, async page read [ 734.723290][ T9301] ldm_validate_partition_table(): Disk read failed. [ 734.730281][ T9301] Dev loop7: unable to read RDB block 0 [ 734.736098][ T9301] loop7: unable to read partition table [ 734.753698][ T9301] loop7: partition table beyond EOD, truncated [ 734.761202][ T9301] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 735.089355][ T29] audit: type=1800 audit(1717863435.869:63): pid=9304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 735.287012][ T9306] loop7: detected capacity change from 0 to 16384 [ 735.420459][ T25] usb 5-1: new low-speed USB device number 15 using dummy_hcd [ 735.435900][ T34] team0 (unregistering): Port device team_slave_1 removed [ 735.467767][ T34] team0 (unregistering): Port device team_slave_0 removed [ 735.610298][ T25] usb 5-1: device descriptor read/64, error -71 [ 735.897837][ T25] usb 5-1: new low-speed USB device number 16 using dummy_hcd [ 736.121032][ T25] usb 5-1: device descriptor read/64, error -71 [ 736.278936][ T25] usb usb5-port1: attempt power cycle [ 736.360995][ T4425] Bluetooth: hci0: command tx timeout [ 736.718026][ T9316] loop0: detected capacity change from 0 to 512 [ 736.862669][ T25] usb 5-1: new low-speed USB device number 17 using dummy_hcd [ 736.900184][ T9316] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 736.951010][ T9316] System zones: 0-2, 18-18, 34-35 [ 736.964906][ T25] usb 5-1: device descriptor read/8, error -71 [ 736.969730][ T9231] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 736.988469][ T9316] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 737.002023][ T9316] ext4 filesystem being mounted at /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 737.090282][ T9291] chnl_net:caif_netlink_parms(): no params data found [ 737.108690][ T9231] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 737.180213][ T9231] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 737.249979][ T25] usb 5-1: new low-speed USB device number 18 using dummy_hcd [ 737.337920][ T9231] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 737.370967][ T25] usb 5-1: device descriptor read/8, error -71 [ 737.497172][ T25] usb usb5-port1: unable to enumerate USB device [ 737.577338][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 737.670456][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 12: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 737.716249][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 13: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 737.784929][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 14: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 737.856383][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 15: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 737.909619][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 16: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 737.982941][ T9002] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 17: comm syz-executor.0: path /root/syzkaller-testdir2848779003/syzkaller.CZjAzL/10/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 738.078977][ T9002] EXT4-fs error (device loop0): ext4_map_blocks:580: inode #2: block 18: comm syz-executor.0: lblock 23 mapped to illegal pblock 18 (length 1) [ 738.339335][ T9231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 738.442274][ T4425] Bluetooth: hci0: command tx timeout [ 738.534033][ T9291] bridge0: port 1(bridge_slave_0) entered blocking state [ 738.541813][ T9291] bridge0: port 1(bridge_slave_0) entered disabled state [ 738.549551][ T9291] bridge_slave_0: entered allmulticast mode [ 738.562909][ T9291] bridge_slave_0: entered promiscuous mode [ 738.748065][ T9291] bridge0: port 2(bridge_slave_1) entered blocking state [ 738.759577][ T9291] bridge0: port 2(bridge_slave_1) entered disabled state [ 738.769967][ T9291] bridge_slave_1: entered allmulticast mode [ 738.778979][ T9291] bridge_slave_1: entered promiscuous mode [ 738.801675][ T9231] 8021q: adding VLAN 0 to HW filter on device team0 [ 738.889558][ T7146] bridge0: port 1(bridge_slave_0) entered blocking state [ 738.897330][ T7146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 738.912586][ T2992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 738.921248][ T2992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 738.992220][ T9002] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 739.041542][ T7146] bridge0: port 2(bridge_slave_1) entered blocking state [ 739.049201][ T7146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 739.221056][ T9291] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 739.281515][ T2992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 739.289569][ T2992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 739.368126][ T9291] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 739.940285][ T9291] team0: Port device team_slave_0 added [ 740.019111][ T9291] team0: Port device team_slave_1 added [ 740.171064][ T9335] loop4: detected capacity change from 0 to 32768 [ 740.204086][ T9335] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9335) [ 740.244251][ T9335] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 740.255159][ T9335] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 740.264943][ T9335] BTRFS info (device loop4): using free-space-tree [ 740.427357][ T9291] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 740.434692][ T9291] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 740.462950][ T9291] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 740.540987][ T4425] Bluetooth: hci0: command tx timeout [ 740.614077][ T9291] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 740.621623][ T9291] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 740.648047][ T9291] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 741.093605][ T9291] hsr_slave_0: entered promiscuous mode [ 741.107353][ T9291] hsr_slave_1: entered promiscuous mode [ 741.146290][ T9291] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 741.154315][ T9291] Cannot create hsr debugfs directory [ 741.250808][ T786] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 741.278345][ T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.366977][ T9041] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 741.425722][ T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.524752][ T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.630372][ T786] usb 4-1: config 0 has an invalid interface number: 255 but max is 0 [ 741.638854][ T786] usb 4-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 741.649780][ T786] usb 4-1: config 0 has no interface number 0 [ 741.656370][ T786] usb 4-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85 [ 741.665901][ T786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 741.699132][ T786] usb 4-1: config 0 descriptor?? [ 741.734622][ T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 742.017357][ T9231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 742.389697][ T34] bridge_slave_1: left allmulticast mode [ 742.396277][ T34] bridge_slave_1: left promiscuous mode [ 742.403363][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.424246][ T34] bridge_slave_0: left allmulticast mode [ 742.431409][ T34] bridge_slave_0: left promiscuous mode [ 742.437955][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.462001][ T786] usb 4-1: string descriptor 0 read error: -71 [ 742.504438][ T786] comedi comedi0: Wrong number of endpoints [ 742.512678][ T786] dt9812 4-1:0.255: driver 'dt9812' failed to auto-configure device. [ 742.572138][ T786] usb 4-1: USB disconnect, device number 27 [ 742.607361][ T4425] Bluetooth: hci0: command tx timeout [ 742.761290][ T5076] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 742.770666][ T5076] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 742.780036][ T5076] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 742.890340][ T5076] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 742.906987][ T5076] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 743.087038][ T5076] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 743.228246][ T9365] loop4: detected capacity change from 0 to 1024 [ 743.335363][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 743.390498][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 743.414953][ T34] bond0 (unregistering): Released all slaves [ 743.605069][ T9367] I/O error, dev loop7, sector 384 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 743.615425][ T9367] Buffer I/O error on dev loop7, logical block 48, lost async page write [ 743.680648][ T7146] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 744.133525][ T9231] veth0_vlan: entered promiscuous mode [ 744.142065][ T7146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 744.154425][ T7146] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 744.164637][ T7146] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 744.177872][ T7146] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 744.189579][ T7146] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 744.209812][ T7146] usb 5-1: config 0 descriptor?? [ 744.418734][ T34] hsr_slave_0: left promiscuous mode [ 744.428785][ T34] hsr_slave_1: left promiscuous mode [ 744.438319][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 744.446415][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 744.459509][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 744.467426][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 744.486853][ T34] veth1_macvtap: left promiscuous mode [ 744.494781][ T34] veth0_macvtap: left promiscuous mode [ 744.500867][ T34] veth1_vlan: left promiscuous mode [ 744.506369][ T34] veth0_vlan: left promiscuous mode [ 744.713602][ T7146] acrux 0003:1A34:0802.0009: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0 [ 744.725278][ T7146] acrux 0003:1A34:0802.0009: no inputs found [ 744.731595][ T7146] acrux 0003:1A34:0802.0009: Failed to enable force feedback support, error: -19 [ 744.957715][ T7146] usb 5-1: USB disconnect, device number 19 [ 745.161279][ T5076] Bluetooth: hci1: command tx timeout [ 745.255623][ T34] team0 (unregistering): Port device team_slave_1 removed [ 745.288491][ T34] team0 (unregistering): Port device team_slave_0 removed [ 745.573403][ T9380] loop3: detected capacity change from 0 to 512 [ 745.633548][ T9380] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 745.648918][ T9380] System zones: 0-2, 18-18, 34-35 [ 745.667667][ T9380] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 745.681150][ T9380] ext4 filesystem being mounted at /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 745.709263][ T9231] veth1_vlan: entered promiscuous mode [ 746.038204][ T2967] hfsplus: b-tree write err: -5, ino 4 [ 746.083957][ T9291] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 746.167915][ T9291] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 746.239565][ T9291] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 746.309677][ T9291] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 746.344898][ T9231] veth0_macvtap: entered promiscuous mode [ 746.348972][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 746.364226][ T9362] chnl_net:caif_netlink_parms(): no params data found [ 746.401659][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 746.429560][ T29] audit: type=1800 audit(1717863447.189:64): pid=9387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1944 res=0 errno=0 [ 746.441230][ T9231] veth1_macvtap: entered promiscuous mode [ 746.468635][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 746.568538][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 746.679493][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 746.712078][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 746.779505][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 746.790328][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 746.800659][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 746.811429][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 746.826466][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 746.860185][ T25] usb 5-1: new low-speed USB device number 20 using dummy_hcd [ 746.890632][ T9148] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz-executor.3: path /root/syzkaller-testdir2746133432/syzkaller.qbZplM/5/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 746.992182][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 746.997396][ T9148] EXT4-fs error (device loop3): ext4_map_blocks:580: inode #2: block 18: comm syz-executor.3: lblock 23 mapped to illegal pblock 18 (length 1) [ 747.002987][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 747.003067][ T9231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 747.003155][ T9231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 747.007681][ T9231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 747.140680][ T25] usb 5-1: device descriptor read/64, error -71 [ 747.229307][ T9231] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 747.238572][ T9231] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 747.249539][ T9231] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 747.250360][ T5076] Bluetooth: hci1: command tx timeout [ 747.261465][ T9231] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 747.441588][ T25] usb 5-1: new low-speed USB device number 21 using dummy_hcd [ 747.651781][ T25] usb 5-1: device descriptor read/64, error -71 [ 747.781133][ T25] usb usb5-port1: attempt power cycle [ 747.912300][ T9148] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.012635][ T9362] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.020574][ T9362] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.028376][ T9362] bridge_slave_0: entered allmulticast mode [ 748.037582][ T9362] bridge_slave_0: entered promiscuous mode [ 748.088325][ T9291] 8021q: adding VLAN 0 to HW filter on device bond0 [ 748.175522][ T9362] bridge0: port 2(bridge_slave_1) entered blocking state [ 748.187867][ T9362] bridge0: port 2(bridge_slave_1) entered disabled state [ 748.195759][ T9362] bridge_slave_1: entered allmulticast mode [ 748.204945][ T9362] bridge_slave_1: entered promiscuous mode [ 748.242129][ T25] usb 5-1: new low-speed USB device number 22 using dummy_hcd [ 748.253620][ T9291] 8021q: adding VLAN 0 to HW filter on device team0 [ 748.328247][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.336059][ T5120] bridge0: port 1(bridge_slave_0) entered forwarding state [ 748.371118][ T25] usb 5-1: device descriptor read/8, error -71 [ 748.440788][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 748.448469][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 748.595533][ T9362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 748.678582][ T25] usb 5-1: new low-speed USB device number 23 using dummy_hcd [ 748.722158][ T9362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 748.800449][ T25] usb 5-1: device descriptor read/8, error -71 [ 748.921844][ T25] usb usb5-port1: unable to enumerate USB device [ 749.050995][ T9362] team0: Port device team_slave_0 added [ 749.115150][ T9362] team0: Port device team_slave_1 added [ 749.321716][ T5076] Bluetooth: hci1: command tx timeout [ 749.373377][ T9362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 749.380724][ T9362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 749.410206][ T9362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 749.514573][ T9362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 749.521962][ T9362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 749.548393][ T9362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 750.057572][ T9362] hsr_slave_0: entered promiscuous mode [ 750.091667][ T9362] hsr_slave_1: entered promiscuous mode [ 750.121136][ T9362] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 750.131035][ T9362] Cannot create hsr debugfs directory [ 750.986739][ T9407] loop4: detected capacity change from 0 to 32768 [ 751.010803][ T9407] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9407) [ 751.205385][ T9407] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 751.216159][ T9407] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 751.226029][ T9407] BTRFS info (device loop4): using free-space-tree [ 751.400360][ T5076] Bluetooth: hci1: command tx timeout [ 751.511325][ T4425] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 751.568899][ T4425] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 751.604523][ T4425] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 751.617833][ T4425] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 751.629035][ T4425] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 751.638405][ T4425] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 751.854995][ T9291] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 751.929432][ T2967] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.115977][ T2967] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.165061][ T9041] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 752.263586][ T2967] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.500601][ T2967] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 752.828681][ T9291] veth0_vlan: entered promiscuous mode [ 752.964688][ T2967] bridge_slave_1: left allmulticast mode [ 752.970885][ T2967] bridge_slave_1: left promiscuous mode [ 752.977428][ T2967] bridge0: port 2(bridge_slave_1) entered disabled state [ 753.015268][ T2967] bridge_slave_0: left allmulticast mode [ 753.021320][ T2967] bridge_slave_0: left promiscuous mode [ 753.027934][ T2967] bridge0: port 1(bridge_slave_0) entered disabled state [ 753.564831][ T2967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 753.589632][ T2967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 753.614852][ T2967] bond0 (unregistering): Released all slaves [ 753.758740][ T9291] veth1_vlan: entered promiscuous mode [ 753.809714][ T5122] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 753.816504][ T5076] Bluetooth: hci2: command tx timeout [ 753.818043][ T5122] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 753.940178][ T5113] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 754.081291][ T7145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 754.089434][ T7145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 754.106890][ T9291] veth0_macvtap: entered promiscuous mode [ 754.257453][ T9291] veth1_macvtap: entered promiscuous mode [ 754.342888][ T5113] usb 5-1: config 0 has an invalid interface number: 255 but max is 0 [ 754.351620][ T5113] usb 5-1: config 0 has an invalid descriptor of length 199, skipping remainder of the config [ 754.362413][ T5113] usb 5-1: config 0 has no interface number 0 [ 754.368807][ T5113] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=40.85 [ 754.378318][ T5113] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 754.415635][ T5113] usb 5-1: config 0 descriptor?? [ 754.476571][ T9362] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 754.537447][ T9362] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 754.579690][ T9421] chnl_net:caif_netlink_parms(): no params data found [ 754.651043][ T2967] hsr_slave_0: left promiscuous mode [ 754.659359][ T2967] hsr_slave_1: left promiscuous mode [ 754.676767][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 754.684961][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 754.696931][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 754.707727][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 754.738562][ T5113] usb 5-1: string descriptor 0 read error: -71 [ 754.759035][ T5113] comedi comedi0: Wrong number of endpoints [ 754.766166][ T5113] dt9812 5-1:0.255: driver 'dt9812' failed to auto-configure device. [ 754.776957][ T2967] veth1_macvtap: left promiscuous mode [ 754.783944][ T2967] veth0_macvtap: left promiscuous mode [ 754.790012][ T2967] veth1_vlan: left promiscuous mode [ 754.795575][ T2967] veth0_vlan: left promiscuous mode [ 754.808448][ T5113] usb 5-1: USB disconnect, device number 24 [ 754.877335][ T9446] loop7: detected capacity change from 0 to 16384 [ 755.264309][ T9446] I/O error, dev loop7, sector 760 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.274366][ T9446] Buffer I/O error on dev loop7, logical block 95, lost async page write [ 755.285084][ T9446] I/O error, dev loop7, sector 752 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.297085][ T9446] Buffer I/O error on dev loop7, logical block 94, lost async page write [ 755.307400][ T9446] I/O error, dev loop7, sector 744 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.318703][ T9446] Buffer I/O error on dev loop7, logical block 93, lost async page write [ 755.329108][ T9446] I/O error, dev loop7, sector 736 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.340244][ T9446] Buffer I/O error on dev loop7, logical block 92, lost async page write [ 755.351616][ T9446] I/O error, dev loop7, sector 728 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.363525][ T9446] Buffer I/O error on dev loop7, logical block 91, lost async page write [ 755.373728][ T9446] I/O error, dev loop7, sector 720 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.385229][ T9446] Buffer I/O error on dev loop7, logical block 90, lost async page write [ 755.394305][ T9446] I/O error, dev loop7, sector 712 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.404307][ T9446] Buffer I/O error on dev loop7, logical block 89, lost async page write [ 755.413251][ T9446] I/O error, dev loop7, sector 704 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.423211][ T9446] Buffer I/O error on dev loop7, logical block 88, lost async page write [ 755.432068][ T9446] I/O error, dev loop7, sector 696 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.442099][ T9446] Buffer I/O error on dev loop7, logical block 87, lost async page write [ 755.452375][ T9446] I/O error, dev loop7, sector 688 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 0 [ 755.462794][ T9446] Buffer I/O error on dev loop7, logical block 86, lost async page write [ 755.610460][ T9448] ldm_validate_partition_table(): Disk read failed. [ 755.617467][ T9448] Dev loop7: unable to read RDB block 0 [ 755.623485][ T9448] loop7: unable to read partition table [ 755.649748][ T9448] loop7: partition table beyond EOD, truncated [ 755.657917][ T9448] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 755.743928][ T2967] team0 (unregistering): Port device team_slave_1 removed [ 755.775100][ T2967] team0 (unregistering): Port device team_slave_0 removed [ 755.890384][ T5076] Bluetooth: hci2: command tx timeout [ 756.108439][ T9456] loop7: detected capacity change from 0 to 16384 [ 756.159202][ T9362] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 756.247510][ T9362] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 756.370617][ T9291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 756.381594][ T9291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 756.391791][ T9291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 756.402517][ T9291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 756.417422][ T9291] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 756.535657][ T9291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 756.547035][ T9291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 756.557300][ T9291] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 756.568159][ T9291] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 756.584509][ T9291] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 756.808334][ T9291] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.817662][ T9291] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.826857][ T9291] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.835978][ T9291] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 757.123422][ T9464] loop4: detected capacity change from 0 to 1024 [ 757.439719][ T9469] loop2: detected capacity change from 0 to 512 [ 757.541343][ T9469] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=2842c018, mo2=0002] [ 757.558027][ T9362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 757.627803][ T9469] System zones: 0-2, 18-18, 34-35 [ 757.670235][ T9469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 757.681360][ T5122] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 757.683249][ T9469] ext4 filesystem being mounted at /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 757.697673][ T9362] 8021q: adding VLAN 0 to HW filter on device team0 [ 757.789233][ T5113] bridge0: port 1(bridge_slave_0) entered blocking state [ 757.797314][ T5113] bridge0: port 1(bridge_slave_0) entered forwarding state [ 757.934054][ T5113] bridge0: port 2(bridge_slave_1) entered blocking state [ 757.941883][ T5113] bridge0: port 2(bridge_slave_1) entered forwarding state [ 757.972230][ T5076] Bluetooth: hci2: command tx timeout [ 758.048050][ T9421] bridge0: port 1(bridge_slave_0) entered blocking state [ 758.056907][ T9421] bridge0: port 1(bridge_slave_0) entered disabled state [ 758.064866][ T9421] bridge_slave_0: entered allmulticast mode [ 758.074260][ T9421] bridge_slave_0: entered promiscuous mode [ 758.093128][ T5122] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 758.106082][ T5122] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 758.117291][ T5122] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 758.131104][ T5122] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 758.140578][ T5122] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 758.173599][ T5122] usb 5-1: config 0 descriptor?? [ 758.185146][ T9421] bridge0: port 2(bridge_slave_1) entered blocking state [ 758.193489][ T9421] bridge0: port 2(bridge_slave_1) entered disabled state [ 758.204101][ T9421] bridge_slave_1: entered allmulticast mode [ 758.214730][ T9421] bridge_slave_1: entered promiscuous mode [ 758.446758][ T9421] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 758.516046][ T9421] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 758.530870][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0 [ 758.646174][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 12: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 758.738679][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 13: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 758.750227][ T5122] acrux 0003:1A34:0802.000A: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.4-1/input0 [ 758.776647][ T5122] acrux 0003:1A34:0802.000A: no inputs found [ 758.782957][ T5122] acrux 0003:1A34:0802.000A: Failed to enable force feedback support, error: -19 [ 758.875272][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 14: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 758.882863][ T9421] team0: Port device team_slave_0 added [ 758.943026][ T5122] usb 5-1: USB disconnect, device number 25 [ 759.005802][ T9421] team0: Port device team_slave_1 added [ 759.018971][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 15: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 759.116871][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 759.187321][ T9231] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz-executor.2: path /root/syzkaller-testdir1415228433/syzkaller.Z47A8z/3/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 759.246573][ T9231] EXT4-fs error (device loop2): ext4_map_blocks:580: inode #2: block 18: comm syz-executor.2: lblock 23 mapped to illegal pblock 18 (length 1) [ 759.296361][ T9421] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 759.304337][ T9421] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 759.331099][ T9421] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 759.435015][ T9421] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 759.445289][ T9421] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 759.474551][ T9421] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 759.947860][ T9421] hsr_slave_0: entered promiscuous mode [ 760.025037][ T9421] hsr_slave_1: entered promiscuous mode [ 760.040118][ T5076] Bluetooth: hci2: command tx timeout [ 760.112203][ T9231] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 760.285426][ T59] hfsplus: b-tree write err: -5, ino 4 [ 760.951058][ T29] audit: type=1800 audit(1717863461.659:65): pid=9490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 761.202367][ T9362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 761.210150][ T5122] usb 5-1: new low-speed USB device number 26 using dummy_hcd [ 761.303599][ T2967] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.410219][ T5122] usb 5-1: device descriptor read/64, error -71 [ 761.447158][ T2967] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.561131][ T2967] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.691175][ T5122] usb 5-1: new low-speed USB device number 27 using dummy_hcd [ 761.733641][ T2967] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.904966][ T5122] usb 5-1: device descriptor read/64, error -71 [ 761.945465][ T9421] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 762.061829][ T5122] usb usb5-port1: attempt power cycle [ 762.106706][ T9421] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 762.139572][ T2967] bridge_slave_1: left allmulticast mode [ 762.145591][ T2967] bridge_slave_1: left promiscuous mode [ 762.152582][ T2967] bridge0: port 2(bridge_slave_1) entered disabled state [ 762.184760][ T2967] bridge_slave_0: left allmulticast mode [ 762.190964][ T2967] bridge_slave_0: left promiscuous mode [ 762.197534][ T2967] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.830211][ T4425] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 762.852070][ T4425] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 762.868400][ T4425] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 762.900210][ T4425] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 762.911285][ T5122] usb 5-1: new low-speed USB device number 28 using dummy_hcd [ 762.928008][ T4425] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 762.940147][ T4425] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 762.979427][ T2967] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 763.000806][ T5122] usb 5-1: device descriptor read/8, error -71 [ 763.013902][ T2967] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 763.032182][ T2967] bond0 (unregistering): Released all slaves [ 763.064036][ T9421] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 763.112018][ T9421] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 763.196921][ T9362] veth0_vlan: entered promiscuous mode [ 763.324127][ T5122] usb 5-1: new low-speed USB device number 29 using dummy_hcd [ 763.444198][ T5122] usb 5-1: device descriptor read/8, error -71 [ 763.509528][ T9362] veth1_vlan: entered promiscuous mode [ 763.616988][ T5122] usb usb5-port1: unable to enumerate USB device [ 763.905787][ T2967] hsr_slave_0: left promiscuous mode [ 763.922806][ T2967] hsr_slave_1: left promiscuous mode [ 763.934293][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 763.942197][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 763.953706][ T2967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 763.962496][ T2967] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 763.989698][ T2967] veth1_macvtap: left promiscuous mode [ 763.996261][ T2967] veth0_macvtap: left promiscuous mode [ 764.002336][ T2967] veth1_vlan: left promiscuous mode [ 764.007887][ T2967] veth0_vlan: left promiscuous mode [ 764.753301][ T9504] loop4: detected capacity change from 0 to 32768 [ 764.786463][ T9504] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9504) [ 764.806720][ T9504] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 764.817363][ T9504] BTRFS info (device loop4): using crc32c (crc32c-generic) checksum algorithm [ 764.827127][ T9504] BTRFS info (device loop4): using free-space-tree [ 764.838514][ T2967] team0 (unregistering): Port device team_slave_1 removed [ 764.955605][ T2967] team0 (unregistering): Port device team_slave_0 removed [ 765.129283][ T4425] Bluetooth: hci3: command tx timeout [ 765.198903][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 765.207112][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 765.359121][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 765.367454][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 765.671871][ T9362] veth0_macvtap: entered promiscuous mode [ 765.877270][ T9362] veth1_macvtap: entered promiscuous mode [ 766.173234][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 766.184123][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 766.194295][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 766.207134][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 766.222537][ T9362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 766.276094][ T9497] chnl_net:caif_netlink_parms(): no params data found [ 766.535046][ T9421] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.761741][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 766.772862][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 766.783111][ T9362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 766.793856][ T9362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 766.808452][ T9362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 766.903057][ T9421] 8021q: adding VLAN 0 to HW filter on device team0 [ 767.115985][ T5120] bridge0: port 1(bridge_slave_0) entered blocking state [ 767.123755][ T5120] bridge0: port 1(bridge_slave_0) entered forwarding state [ 767.196931][ T4425] Bluetooth: hci3: command tx timeout [ 767.233153][ T5120] bridge0: port 2(bridge_slave_1) entered blocking state [ 767.240922][ T5120] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.261477][ T9362] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.270659][ T9362] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.279660][ T9362] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.288731][ T9362] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 767.349369][ T9041] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 767.617283][ T9421] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 768.388755][ T9497] bridge0: port 1(bridge_slave_0) entered blocking state [ 768.396828][ T9497] bridge0: port 1(bridge_slave_0) entered disabled state [ 768.404735][ T9497] bridge_slave_0: entered allmulticast mode [ 768.413838][ T9497] bridge_slave_0: entered promiscuous mode [ 768.513960][ T9497] bridge0: port 2(bridge_slave_1) entered blocking state [ 768.523858][ T9497] bridge0: port 2(bridge_slave_1) entered disabled state [ 768.531829][ T9497] bridge_slave_1: entered allmulticast mode [ 768.540991][ T9497] bridge_slave_1: entered promiscuous mode [ 768.935622][ T9497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 769.011156][ T9497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 769.237382][ T9497] team0: Port device team_slave_0 added [ 769.246254][ T4425] Bluetooth: hci3: command tx timeout [ 769.358038][ T9497] team0: Port device team_slave_1 added [ 769.427547][ T9421] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 769.631851][ T9497] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 769.639009][ T9497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.665841][ T9497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 769.701411][ T9497] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 769.708673][ T9497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 769.735428][ T9497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 770.256329][ T9497] hsr_slave_0: entered promiscuous mode [ 770.321495][ T9497] hsr_slave_1: entered promiscuous mode [ 770.350138][ T9497] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 770.357924][ T9497] Cannot create hsr debugfs directory [ 770.414271][ T9421] veth0_vlan: entered promiscuous mode [ 770.755258][ T9421] veth1_vlan: entered promiscuous mode [ 771.202616][ T9421] veth0_macvtap: entered promiscuous mode [ 771.298010][ T9421] veth1_macvtap: entered promiscuous mode [ 771.323745][ T4425] Bluetooth: hci3: command tx timeout [ 771.588240][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.599279][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.610516][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.621445][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.635481][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 771.648239][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.663899][ T9421] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 771.805370][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.817061][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.827310][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.838043][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.849563][ T9421] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 771.860493][ T9421] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 771.875552][ T9421] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 772.091254][ T9421] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.097672][ T1227] ieee802154 phy0 wpan0: encryption failed: -22 [ 772.100453][ T9421] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.106758][ T1227] ieee802154 phy1 wpan1: encryption failed: -22 [ 772.115396][ T9421] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.131515][ T9421] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 772.206577][ T9497] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 772.275399][ T9497] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 772.371690][ T9497] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 772.503933][ T9497] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 773.649790][ T9497] 8021q: adding VLAN 0 to HW filter on device bond0 [ 773.874794][ T9497] 8021q: adding VLAN 0 to HW filter on device team0 [ 773.922783][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 773.930592][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 773.949218][ T5113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 773.957744][ T5113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 774.045466][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 774.053335][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 774.225999][ T5507] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 774.235425][ T5507] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 775.733582][ T9497] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 776.421300][ T9497] veth0_vlan: entered promiscuous mode [ 776.598215][ T9497] veth1_vlan: entered promiscuous mode [ 777.011799][ T9497] veth0_macvtap: entered promiscuous mode [ 777.044505][ T5076] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 777.057426][ T5076] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 777.072094][ T5076] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 777.103901][ T9497] veth1_macvtap: entered promiscuous mode [ 777.115314][ T5076] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 777.148493][ T5076] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 777.188422][ T5076] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 777.316629][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.328169][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.338333][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.349155][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.359331][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.371372][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.381871][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 777.392649][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.407921][ T9497] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 777.501639][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 777.512566][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.522859][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 777.533694][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.543871][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 777.554804][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.566117][ T9497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 777.577265][ T9497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 777.592563][ T9497] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 777.886527][ T9497] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 777.895778][ T9497] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 777.904961][ T9497] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 777.914095][ T9497] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 778.458519][ T9643] chnl_net:caif_netlink_parms(): no params data found [ 778.787143][ T9662] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 779.065787][ T2992] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.186227][ T2967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 779.195057][ T2967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 779.261839][ T4425] Bluetooth: hci5: command tx timeout [ 779.333815][ T2992] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.430557][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 779.438624][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 779.530124][ T2992] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.681631][ T2992] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 779.946884][ T2992] bridge_slave_1: left allmulticast mode [ 779.953067][ T2992] bridge_slave_1: left promiscuous mode [ 779.959666][ T2992] bridge0: port 2(bridge_slave_1) entered disabled state [ 780.009210][ T2992] bridge_slave_0: left allmulticast mode [ 780.015837][ T2992] bridge_slave_0: left promiscuous mode [ 780.026463][ T2992] bridge0: port 1(bridge_slave_0) entered disabled state [ 780.551231][ T5507] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 780.622409][ T2992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 780.682202][ T2992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 780.724830][ T2992] bond0 (unregistering): Released all slaves [ 780.949584][ T5507] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 780.961177][ T5507] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 780.971565][ T5507] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 780.980978][ T5507] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 781.037238][ T9643] bridge0: port 1(bridge_slave_0) entered blocking state [ 781.045332][ T9643] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.059452][ T9643] bridge_slave_0: entered allmulticast mode [ 781.068595][ T9643] bridge_slave_0: entered promiscuous mode [ 781.082507][ T9679] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 781.189707][ T9643] bridge0: port 2(bridge_slave_1) entered blocking state [ 781.197487][ T9643] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.207079][ T9643] bridge_slave_1: entered allmulticast mode [ 781.218341][ T9643] bridge_slave_1: entered promiscuous mode [ 781.334070][ T4425] Bluetooth: hci5: command tx timeout [ 781.670221][ T29] audit: type=1800 audit(1717863482.409:66): pid=9693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 781.690862][ T43] usb 4-1: USB disconnect, device number 28 [ 781.691345][ T29] audit: type=1800 audit(1717863482.419:67): pid=9693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 781.785812][ T2992] hsr_slave_0: left promiscuous mode [ 781.811778][ T2992] hsr_slave_1: left promiscuous mode [ 781.823036][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 781.830921][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 781.848594][ T2992] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 781.856526][ T2992] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 781.884881][ T2992] veth1_macvtap: left promiscuous mode [ 781.890873][ T2992] veth0_macvtap: left promiscuous mode [ 781.896674][ T2992] veth1_vlan: left promiscuous mode [ 781.902763][ T2992] veth0_vlan: left promiscuous mode [ 782.634555][ T2992] team0 (unregistering): Port device team_slave_1 removed [ 782.678147][ T2992] team0 (unregistering): Port device team_slave_0 removed [ 783.087137][ T9643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 783.305160][ T9643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 783.400840][ T9706] loop0: detected capacity change from 0 to 128 [ 783.411135][ T4425] Bluetooth: hci5: command tx timeout [ 783.581824][ T9643] team0: Port device team_slave_0 added [ 783.673090][ T9643] team0: Port device team_slave_1 added [ 783.931907][ T9643] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 783.939092][ T9643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 783.966164][ T9643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 783.992619][ T9711] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 784.072334][ T9713] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. [ 784.108873][ T9643] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 784.116255][ T9643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 784.145827][ T9643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 784.686413][ T9643] hsr_slave_0: entered promiscuous mode [ 784.731966][ T9643] hsr_slave_1: entered promiscuous mode [ 784.783318][ T9643] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 784.792772][ T9643] Cannot create hsr debugfs directory [ 785.491901][ T4425] Bluetooth: hci5: command tx timeout [ 786.725246][ T9643] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 786.791148][ T9643] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 786.897302][ T9643] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 786.951855][ T9643] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 787.079490][ T949] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 787.087911][ T949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 787.229432][ T2967] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 787.237987][ T2967] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 787.752327][ T9744] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 788.259785][ T9643] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.385232][ T9643] 8021q: adding VLAN 0 to HW filter on device team0 [ 788.433473][ T786] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.441288][ T786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 788.547314][ T786] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.555235][ T786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 789.614626][ T9769] loop0: detected capacity change from 0 to 256 [ 789.839658][ T9772] loop3: detected capacity change from 0 to 256 [ 790.020306][ T9772] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 790.062408][ T5120] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 790.157235][ T29] audit: type=1326 audit(1717863490.889:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.184439][ T29] audit: type=1326 audit(1717863490.889:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.209210][ T29] audit: type=1326 audit(1717863490.929:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.232444][ T29] audit: type=1326 audit(1717863490.929:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.255629][ T29] audit: type=1326 audit(1717863490.929:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.281192][ T29] audit: type=1326 audit(1717863490.929:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.305165][ T29] audit: type=1326 audit(1717863490.939:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.328323][ T29] audit: type=1326 audit(1717863490.939:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9775 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f337fc7cf69 code=0x7ffc0000 [ 790.560218][ T5120] usb 1-1: Using ep0 maxpacket: 32 [ 790.720927][ T9780] loop1: detected capacity change from 0 to 1024 [ 790.724338][ T9643] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 790.741656][ T5120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 790.753625][ T5120] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 790.765286][ T5120] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 790.777179][ T5120] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 790.830157][ T5120] usb 1-1: config 0 descriptor?? [ 790.859549][ T9781] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 790.869273][ T9769] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 790.948859][ T5120] hub 1-1:0.0: USB hub found [ 791.213091][ T5120] hub 1-1:0.0: 2 ports detected [ 791.393083][ T5120] hub 1-1:0.0: hub_hub_status failed (err = -71) [ 791.399707][ T5120] hub 1-1:0.0: config failed, can't get hub status (err -71) [ 791.611921][ T5120] usbhid 1-1:0.0: can't add hid device: -71 [ 791.618580][ T5120] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 791.729325][ T5120] usb 1-1: USB disconnect, device number 29 [ 792.049554][ T9802] netlink: 'syz-executor.3': attribute type 4 has an invalid length. [ 792.902509][ T9811] loop0: detected capacity change from 0 to 1024 [ 793.011110][ T9811] hfsplus: failed to load root directory [ 793.200714][ T9818] loop1: detected capacity change from 0 to 512 [ 793.214989][ T9819] loop2: detected capacity change from 0 to 256 [ 793.276479][ T9643] veth0_vlan: entered promiscuous mode [ 793.375714][ T9818] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 793.402857][ T9643] veth1_vlan: entered promiscuous mode [ 793.455163][ T9819] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 793.522008][ T9818] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 793.559396][ T9643] veth0_macvtap: entered promiscuous mode [ 793.588278][ T9818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 793.630708][ T9643] veth1_macvtap: entered promiscuous mode [ 793.733444][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.748608][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.759809][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.770894][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.781135][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.791998][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.806916][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.819075][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.834331][ T9643] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 793.887381][ T29] audit: type=1800 audit(1717863494.649:76): pid=9818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="loop1" ino=18 res=0 errno=0 [ 793.935190][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.947470][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.964888][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.977204][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.987426][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 793.998243][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.008406][ T9643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.019203][ T9643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.034295][ T9643] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 794.084823][ T9643] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.094316][ T9643] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.103538][ T9643] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.112678][ T9643] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.210594][ T29] audit: type=1804 audit(1717863494.989:77): pid=9818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2908303743/syzkaller.rr1l8b/27/file0/file0" dev="loop1" ino=18 res=1 errno=0 [ 794.526931][ T9827] kvm: kvm [9826]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x24600000000 [ 794.573196][ T9291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 794.576808][ T9827] kvm: kvm [9826]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x28000000000 [ 794.614814][ T9827] kvm: kvm [9826]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x3c700000800 [ 796.216645][ T9858] loop1: detected capacity change from 0 to 2048 [ 796.268211][ T9858] EXT4-fs: Ignoring removed mblk_io_submit option [ 796.346311][ T9858] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 796.383616][ T9863] loop2: detected capacity change from 0 to 512 [ 796.423609][ T9863] EXT4-fs (loop2): blocks per group (71) and clusters per group (32768) inconsistent [ 796.451925][ T9858] EXT4-fs error (device loop1): __ext4_iget:4913: inode #15: block 1803188595: comm syz-executor.1: invalid block [ 796.514279][ T9858] EXT4-fs (loop1): Remounting filesystem read-only [ 796.648554][ T9872] loop3: detected capacity change from 0 to 256 [ 796.762591][ T9291] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 796.855866][ T9872] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 797.111397][ T9877] loop0: detected capacity change from 0 to 2048 [ 797.186373][ T9877] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 798.508666][ T9879] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 800.722608][ T9907] loop3: detected capacity change from 0 to 1024 [ 802.893786][ T29] audit: type=1804 audit(1717863503.599:78): pid=9922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2274248040/syzkaller.ZYOKZL/20/file0" dev="sda1" ino=1951 res=1 errno=0 [ 806.737592][ T949] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.745723][ T949] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.944888][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.953084][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 815.854823][ C1] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies. [ 815.909155][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 816.393051][T10054] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 821.864515][T10104] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 825.232194][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 825.461725][T10138] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 831.368694][T10177] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 833.514731][ T1227] ieee802154 phy0 wpan0: encryption failed: -22 [ 833.521628][ T1227] ieee802154 phy1 wpan1: encryption failed: -22 [ 835.515256][T10210] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 837.113292][ T8] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 837.369646][ T29] audit: type=1800 audit(1717863538.119:79): pid=10219 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1964 res=0 errno=0 [ 837.420828][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 837.561869][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 837.577421][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 837.588862][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 837.598329][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 837.620268][ T5507] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 837.672972][ T8] usb 4-1: config 0 descriptor?? [ 837.747303][ T8] usb 4-1: can't set config #0, error -71 [ 837.801198][ T8] usb 4-1: USB disconnect, device number 29 [ 837.886757][ T5507] usb 3-1: Using ep0 maxpacket: 16 [ 838.031132][ T5507] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 11 [ 838.040706][ T5507] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0 [ 838.050996][ T5507] usb 3-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0 [ 838.061070][ T5507] usb 3-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0 [ 838.071279][ T5507] usb 3-1: config 1 interface 0 has no altsetting 0 [ 838.078205][ T5507] usb 3-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77 [ 838.091762][ T5507] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 838.204140][ T5507] ums-sddr09 3-1:1.0: USB Mass Storage device detected [ 838.794032][T10244] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 838.900260][ T5122] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 839.300773][ T5122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 839.316921][ T5122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 839.427379][ T5122] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 839.436925][ T5122] usb 1-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 839.445313][ T5122] usb 1-1: Product: syz [ 839.486500][ T5122] usb 1-1: config 0 descriptor?? [ 840.066099][ T5122] konepure 0003:1E7D:2DB4.000B: unknown main item tag 0x0 [ 840.074321][ T5122] konepure 0003:1E7D:2DB4.000B: collection stack underflow [ 840.081922][ T5122] konepure 0003:1E7D:2DB4.000B: item 0 2 0 12 parsing failed [ 840.138426][ T5122] konepure 0003:1E7D:2DB4.000B: parse failed [ 840.145776][ T5122] konepure 0003:1E7D:2DB4.000B: probe with driver konepure failed with error -22 [ 840.246992][ T5122] usb 1-1: USB disconnect, device number 30 [ 840.887050][T10260] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 841.091079][ T5122] usb 3-1: USB disconnect, device number 11 [ 842.785038][ T5076] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 842.806033][ T5076] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 842.816229][ T5076] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 842.851305][ T5076] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 842.865165][ T5076] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 842.875640][ T5076] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 844.055419][T10282] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 844.583920][T10273] chnl_net:caif_netlink_parms(): no params data found [ 844.680555][ T786] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 844.952391][ T786] usb 2-1: Using ep0 maxpacket: 32 [ 845.014627][ T5076] Bluetooth: hci4: command tx timeout [ 845.064442][ T1091] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 845.177351][ T1091] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 845.291189][ T786] usb 2-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 845.300630][ T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 845.308889][ T786] usb 2-1: Product: syz [ 845.313492][ T786] usb 2-1: Manufacturer: syz [ 845.318312][ T786] usb 2-1: SerialNumber: syz [ 845.341481][ T1091] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 845.402459][ T786] usb 2-1: config 0 descriptor?? [ 845.487621][ T1091] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 845.822898][ T1091] bridge_slave_1: left allmulticast mode [ 845.829002][ T1091] bridge_slave_1: left promiscuous mode [ 845.835717][ T1091] bridge0: port 2(bridge_slave_1) entered disabled state [ 845.913908][ T1091] bridge_slave_0: left allmulticast mode [ 845.920248][ T1091] bridge_slave_0: left promiscuous mode [ 845.926786][ T1091] bridge0: port 1(bridge_slave_0) entered disabled state [ 846.116304][ T786] (unnamed net_device) (uninitialized): Assigned a random MAC address: 7e:8e:5f:89:fc:2f [ 846.498536][ T1091] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 846.593830][ T1091] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 846.633875][ T1091] bond0 (unregistering): Released all slaves [ 846.824072][ T786] rtl8150 2-1:0.0: eth5: rtl8150 is detected [ 846.947897][ T786] usb 2-1: USB disconnect, device number 24 [ 847.036198][T10273] bridge0: port 1(bridge_slave_0) entered blocking state [ 847.044115][T10273] bridge0: port 1(bridge_slave_0) entered disabled state [ 847.051970][T10273] bridge_slave_0: entered allmulticast mode [ 847.061157][T10273] bridge_slave_0: entered promiscuous mode [ 847.081505][ T5076] Bluetooth: hci4: command tx timeout [ 847.237776][T10273] bridge0: port 2(bridge_slave_1) entered blocking state [ 847.247348][T10273] bridge0: port 2(bridge_slave_1) entered disabled state [ 847.255282][T10273] bridge_slave_1: entered allmulticast mode [ 847.264461][T10273] bridge_slave_1: entered promiscuous mode [ 848.510625][ T1091] hsr_slave_0: left promiscuous mode [ 848.586686][ T1091] hsr_slave_1: left promiscuous mode [ 848.649354][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 848.657404][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 848.737803][ T1091] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 848.745738][ T1091] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 848.880797][ T1091] veth1_macvtap: left promiscuous mode [ 848.886556][ T1091] veth0_macvtap: left promiscuous mode [ 848.892676][ T1091] veth1_vlan: left promiscuous mode [ 848.898213][ T1091] veth0_vlan: left promiscuous mode [ 849.258536][ T5076] Bluetooth: hci4: command tx timeout [ 849.598281][ T786] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 850.059689][ T1091] team0 (unregistering): Port device team_slave_1 removed [ 850.148868][ T1091] team0 (unregistering): Port device team_slave_0 removed [ 850.200565][ T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 850.211981][ T786] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 850.222227][ T786] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 850.231618][ T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 850.296626][ T786] usb 3-1: config 0 descriptor?? [ 850.505651][T10273] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 850.520618][T10322] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 850.811086][T10273] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 851.108859][ T786] usbhid 3-1:0.0: can't add hid device: -71 [ 851.116006][ T786] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 851.320243][ T786] usb 3-1: USB disconnect, device number 12 [ 851.331588][ T5076] Bluetooth: hci4: command tx timeout [ 851.468189][T10273] team0: Port device team_slave_0 added [ 851.582616][T10273] team0: Port device team_slave_1 added [ 852.017712][T10273] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 852.025052][T10273] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 852.051408][T10273] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 852.438197][T10273] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 852.445487][T10273] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 852.472497][T10273] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 852.924733][T10273] hsr_slave_0: entered promiscuous mode [ 852.989584][T10273] hsr_slave_1: entered promiscuous mode [ 853.306457][T10348] loop1: detected capacity change from 0 to 256 [ 854.745120][T10273] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 854.850224][T10273] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 854.915207][T10273] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 854.972305][T10273] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 856.225983][T10273] 8021q: adding VLAN 0 to HW filter on device bond0 [ 856.242262][T10356] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 856.408534][T10273] 8021q: adding VLAN 0 to HW filter on device team0 [ 856.488611][ T7145] bridge0: port 1(bridge_slave_0) entered blocking state [ 856.496465][ T7145] bridge0: port 1(bridge_slave_0) entered forwarding state [ 856.593469][ T7145] bridge0: port 2(bridge_slave_1) entered blocking state [ 856.601352][ T7145] bridge0: port 2(bridge_slave_1) entered forwarding state [ 857.432042][ T29] audit: type=1326 audit(1717863558.159:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.458003][ T29] audit: type=1326 audit(1717863558.159:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.482179][ T29] audit: type=1326 audit(1717863558.179:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.505461][ T29] audit: type=1326 audit(1717863558.179:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.528696][ T29] audit: type=1326 audit(1717863558.219:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.554444][ T29] audit: type=1326 audit(1717863558.219:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 857.578508][ T29] audit: type=1326 audit(1717863558.219:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10359 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x7ffc0000 [ 859.505052][T10273] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 860.885471][T10273] veth0_vlan: entered promiscuous mode [ 861.080799][T10273] veth1_vlan: entered promiscuous mode [ 861.160372][ T4425] Bluetooth: hci0: command 0x0406 tx timeout [ 861.805258][T10273] veth0_macvtap: entered promiscuous mode [ 861.910635][T10273] veth1_macvtap: entered promiscuous mode [ 862.140636][T10394] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 862.270359][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.281936][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.292621][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.303348][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.313434][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.324155][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.334257][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 862.345078][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.364258][T10273] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 862.581607][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.592730][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.603078][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.613845][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.624073][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.634847][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.645009][T10273] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 862.655747][T10273] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 862.676857][T10273] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 862.760100][T10273] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.774661][T10273] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.785466][T10273] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 862.794580][T10273] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 863.300704][T10407] syz-executor.4[10407] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 863.301352][T10407] syz-executor.4[10407] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 865.217930][T10443] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 866.286215][ T4425] Bluetooth: hci1: command 0x0406 tx timeout [ 867.919691][T10497] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 868.654727][ T2967] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 868.663664][ T2967] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 868.839551][ T4285] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 868.847931][ T4285] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 871.433827][T10548] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 871.457174][T10548] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 871.473552][T10548] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 871.484667][T10548] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 871.493915][T10548] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 871.503181][T10548] vxlan0: entered promiscuous mode [ 874.831949][T10592] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 876.970887][T10646] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 876.994567][T10646] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 877.012203][T10646] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 877.023635][T10646] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 877.032800][T10646] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 877.042072][T10646] vxlan0: entered promiscuous mode [ 879.755876][ T4425] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 879.801569][ T4425] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 879.841923][ T4425] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 879.881511][ T4425] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 879.901119][ T4425] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 879.910721][ T4425] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 880.837346][ T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 880.851863][ T59] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 881.058314][ T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 881.069087][ T59] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 881.181173][T10695] chnl_net:caif_netlink_parms(): no params data found [ 881.247708][ T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 881.258620][ T59] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 881.418966][ T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 881.429762][ T59] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 881.437044][T10721] loop0: detected capacity change from 0 to 512 [ 881.475642][T10721] EXT4-fs (loop0): Test dummy encryption mode enabled [ 881.629443][T10721] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino [ 881.770806][T10721] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 12 (err -117) [ 881.860731][ T59] bridge_slave_1: left allmulticast mode [ 881.860766][T10721] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 881.866526][ T59] bridge_slave_1: left promiscuous mode [ 881.867417][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 881.972326][ T59] bridge_slave_0: left allmulticast mode [ 881.978323][ T59] bridge_slave_0: left promiscuous mode [ 881.985183][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 882.041058][ T5076] Bluetooth: hci2: command tx timeout [ 882.226175][T10721] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 882.602263][ T9362] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 882.917282][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 883.004922][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 883.076826][ T59] bond0 (unregistering): Released all slaves [ 883.454341][T10756] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 883.502377][T10758] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 883.727519][T10695] bridge0: port 1(bridge_slave_0) entered blocking state [ 883.735764][T10695] bridge0: port 1(bridge_slave_0) entered disabled state [ 883.743667][T10695] bridge_slave_0: entered allmulticast mode [ 883.752853][T10695] bridge_slave_0: entered promiscuous mode [ 883.781867][T10695] bridge0: port 2(bridge_slave_1) entered blocking state [ 883.789551][T10695] bridge0: port 2(bridge_slave_1) entered disabled state [ 883.799367][T10695] bridge_slave_1: entered allmulticast mode [ 883.808696][T10695] bridge_slave_1: entered promiscuous mode [ 883.974187][ T59] hsr_slave_0: left promiscuous mode [ 884.011561][ T59] hsr_slave_1: left promiscuous mode [ 884.039812][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 884.050445][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 884.120840][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 884.128543][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 884.136408][ T5076] Bluetooth: hci2: command tx timeout [ 884.219927][ T59] veth1_macvtap: left promiscuous mode [ 884.225876][ T59] veth0_macvtap: left promiscuous mode [ 884.231903][ T59] veth1_vlan: left promiscuous mode [ 884.237453][ T59] veth0_vlan: left promiscuous mode [ 885.219099][ T59] team0 (unregistering): Port device team_slave_1 removed [ 885.281715][ T59] team0 (unregistering): Port device team_slave_0 removed [ 885.727345][T10765] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. [ 885.737867][T10765] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. [ 885.928668][T10695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 886.028133][T10695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 886.196072][T10695] team0: Port device team_slave_0 added [ 886.202255][ T4425] Bluetooth: hci2: command tx timeout [ 886.296857][T10695] team0: Port device team_slave_1 added [ 886.555502][T10695] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 886.562867][T10695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 886.589735][T10695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 886.801892][ T5076] Bluetooth: hci3: command 0x0406 tx timeout [ 887.067668][T10695] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 887.075925][T10695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 887.104349][T10695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 888.308794][ T4425] Bluetooth: hci2: command tx timeout [ 888.652906][T10695] hsr_slave_0: entered promiscuous mode [ 889.101612][T10695] hsr_slave_1: entered promiscuous mode [ 892.843793][T10695] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 892.951010][T10695] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 893.005558][T10695] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 893.063943][T10695] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 894.743679][T10695] 8021q: adding VLAN 0 to HW filter on device bond0 [ 895.053621][ T1227] ieee802154 phy0 wpan0: encryption failed: -22 [ 895.060428][ T1227] ieee802154 phy1 wpan1: encryption failed: -22 [ 895.266148][T10695] 8021q: adding VLAN 0 to HW filter on device team0 [ 895.474916][ T786] bridge0: port 1(bridge_slave_0) entered blocking state [ 895.482718][ T786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 895.699448][ T786] bridge0: port 2(bridge_slave_1) entered blocking state [ 895.707212][ T786] bridge0: port 2(bridge_slave_1) entered forwarding state [ 896.175532][T10969] loop4: detected capacity change from 0 to 256 [ 896.818258][T10969] FAT-fs (loop4): Directory bread(block 64) failed [ 896.826743][T10969] FAT-fs (loop4): Directory bread(block 65) failed [ 896.834959][T10969] FAT-fs (loop4): Directory bread(block 66) failed [ 896.841867][T10969] FAT-fs (loop4): Directory bread(block 67) failed [ 896.848791][T10969] FAT-fs (loop4): Directory bread(block 68) failed [ 896.855669][T10969] FAT-fs (loop4): Directory bread(block 69) failed [ 896.865583][T10969] FAT-fs (loop4): Directory bread(block 70) failed [ 896.873233][T10969] FAT-fs (loop4): Directory bread(block 71) failed [ 896.880586][T10969] FAT-fs (loop4): Directory bread(block 72) failed [ 896.887361][T10969] FAT-fs (loop4): Directory bread(block 73) failed [ 897.098512][T10969] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 897.108322][T10969] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 898.178229][T10695] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 898.495079][T10695] veth0_vlan: entered promiscuous mode [ 898.579289][T10695] veth1_vlan: entered promiscuous mode [ 898.827516][T10695] veth0_macvtap: entered promiscuous mode [ 898.903206][T10695] veth1_macvtap: entered promiscuous mode [ 899.080369][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.091163][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.101270][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.112024][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.126080][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.137689][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.147840][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 899.158787][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.174905][T10695] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 899.619296][T11010] loop1: detected capacity change from 0 to 256 [ 899.656683][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.667543][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.677889][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.688672][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.698837][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.709603][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.720177][T10695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 899.735990][T10695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 899.752555][T10695] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 899.802842][T10695] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.812723][T10695] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.821864][T10695] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 899.836543][T10695] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 900.515146][T11017] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 900.525910][T11017] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 900.557866][T11010] FAT-fs (loop1): Directory bread(block 64) failed [ 900.565206][T11010] FAT-fs (loop1): Directory bread(block 65) failed [ 900.572377][T11010] FAT-fs (loop1): Directory bread(block 66) failed [ 900.579131][T11010] FAT-fs (loop1): Directory bread(block 67) failed [ 900.586162][T11010] FAT-fs (loop1): Directory bread(block 68) failed [ 900.593079][T11010] FAT-fs (loop1): Directory bread(block 69) failed [ 900.600100][T11010] FAT-fs (loop1): Directory bread(block 70) failed [ 900.606860][T11010] FAT-fs (loop1): Directory bread(block 71) failed [ 900.613895][T11010] FAT-fs (loop1): Directory bread(block 72) failed [ 900.620756][T11010] FAT-fs (loop1): Directory bread(block 73) failed [ 901.093910][T11017] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 901.104765][T11017] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 901.482067][T11017] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 901.492836][T11017] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 901.853163][T11017] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 901.870547][T11017] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 901.961394][T11010] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. [ 901.972583][T11010] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. [ 902.122111][ T5076] Bluetooth: hci5: command 0x0406 tx timeout [ 902.202844][T11026] loop0: detected capacity change from 0 to 256 [ 902.316425][T11017] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 902.316989][T11026] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 902.325240][T11017] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 902.361896][T11017] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 902.371688][T11017] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 902.453936][T11017] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 902.462697][T11017] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 902.488613][T11017] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 902.504960][T11017] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 904.561698][T11060] loop4: detected capacity change from 0 to 256 [ 905.343106][T11060] FAT-fs (loop4): Directory bread(block 64) failed [ 905.350311][T11060] FAT-fs (loop4): Directory bread(block 65) failed [ 905.357208][T11060] FAT-fs (loop4): Directory bread(block 66) failed [ 905.367010][T11060] FAT-fs (loop4): Directory bread(block 67) failed [ 905.374817][T11060] FAT-fs (loop4): Directory bread(block 68) failed [ 905.381657][T11060] FAT-fs (loop4): Directory bread(block 69) failed [ 905.388546][T11060] FAT-fs (loop4): Directory bread(block 70) failed [ 905.395392][T11060] FAT-fs (loop4): Directory bread(block 71) failed [ 905.402414][T11060] FAT-fs (loop4): Directory bread(block 72) failed [ 905.409157][T11060] FAT-fs (loop4): Directory bread(block 73) failed [ 905.885692][ T29] audit: type=1326 audit(1717863606.589:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11069 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f44a007cf69 code=0x0 [ 906.975210][T11060] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 906.986362][T11060] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.4'. [ 907.005744][T11075] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'. [ 907.015703][T11075] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'. [ 908.253420][T11096] veth0_vlan: entered allmulticast mode [ 909.875809][T10907] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 909.884286][T10907] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 910.056826][T10848] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 910.065699][T10848] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 910.415990][T11124] loop2: detected capacity change from 0 to 256 [ 910.915483][T11124] FAT-fs (loop2): Directory bread(block 64) failed [ 910.923027][T11124] FAT-fs (loop2): Directory bread(block 65) failed [ 910.930072][T11124] FAT-fs (loop2): Directory bread(block 66) failed [ 910.936835][T11124] FAT-fs (loop2): Directory bread(block 67) failed [ 910.943898][T11124] FAT-fs (loop2): Directory bread(block 68) failed [ 910.951041][T11124] FAT-fs (loop2): Directory bread(block 69) failed [ 910.957942][T11124] FAT-fs (loop2): Directory bread(block 70) failed [ 910.964848][T11124] FAT-fs (loop2): Directory bread(block 71) failed [ 910.971920][T11124] FAT-fs (loop2): Directory bread(block 72) failed [ 910.978670][T11124] FAT-fs (loop2): Directory bread(block 73) failed [ 912.163955][ T29] audit: type=1326 audit(1717863612.779:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.188734][ T29] audit: type=1326 audit(1717863612.779:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.212810][ T29] audit: type=1326 audit(1717863612.809:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.241096][ T29] audit: type=1326 audit(1717863612.849:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.265824][ T29] audit: type=1326 audit(1717863612.849:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.289191][ T29] audit: type=1326 audit(1717863612.879:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.312520][ T29] audit: type=1326 audit(1717863612.899:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 912.340203][ T29] audit: type=1326 audit(1717863612.899:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f152807a6e7 code=0x7ffc0000 [ 912.364793][ T29] audit: type=1326 audit(1717863612.909:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f15280403b9 code=0x7ffc0000 [ 912.388048][ T29] audit: type=1326 audit(1717863612.919:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11136 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f152807cf69 code=0x7ffc0000 [ 913.171962][T11160] ===================================================== [ 913.179192][T11160] BUG: KMSAN: uninit-value in bstr_printf+0x19df/0x1b50 [ 913.186420][T11160] bstr_printf+0x19df/0x1b50 [ 913.191289][T11160] bpf_snprintf+0x1c8/0x360 [ 913.196086][T11160] ___bpf_prog_run+0x13fe/0xe0f0 [ 913.201462][T11160] __bpf_prog_run288+0xb5/0xe0 [ 913.206416][T11160] bpf_test_run+0x499/0xc30 [ 913.211315][T11160] bpf_prog_test_run_skb+0x14ea/0x1f20 [ 913.216984][T11160] bpf_prog_test_run+0x6b7/0xad0 [ 913.222274][T11160] __sys_bpf+0x6aa/0xd90 [ 913.226727][T11160] __x64_sys_bpf+0xa0/0xe0 [ 913.231406][T11160] x64_sys_call+0x96b/0x3b50 [ 913.236187][T11160] do_syscall_64+0xcf/0x1e0 [ 913.240984][T11160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 913.247107][T11160] [ 913.249521][T11160] Uninit was stored to memory at: [ 913.254892][T11160] bpf_bprintf_prepare+0x1393/0x23c0 [ 913.260482][T11160] bpf_snprintf+0x141/0x360 [ 913.265184][T11160] ___bpf_prog_run+0x13fe/0xe0f0 [ 913.270392][T11160] __bpf_prog_run288+0xb5/0xe0 [ 913.275337][T11160] bpf_test_run+0x499/0xc30 [ 913.280117][T11160] bpf_prog_test_run_skb+0x14ea/0x1f20 [ 913.285786][T11160] bpf_prog_test_run+0x6b7/0xad0 [ 913.291002][T11160] __sys_bpf+0x6aa/0xd90 [ 913.295413][T11160] __x64_sys_bpf+0xa0/0xe0 [ 913.300065][T11160] x64_sys_call+0x96b/0x3b50 [ 913.304861][T11160] do_syscall_64+0xcf/0x1e0 [ 913.309573][T11160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 913.315778][T11160] [ 913.318186][T11160] Local variable stack created at: [ 913.323467][T11160] __bpf_prog_run288+0x45/0xe0 [ 913.328420][T11160] bpf_test_run+0x499/0xc30 [ 913.333218][T11160] [ 913.335657][T11160] CPU: 1 PID: 11160 Comm: syz-executor.2 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 913.345992][T11160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 913.356266][T11160] ===================================================== [ 913.363476][T11160] Disabling lock debugging due to kernel taint [ 913.369736][T11160] Kernel panic - not syncing: kmsan.panic set ... [ 913.376274][T11160] CPU: 1 PID: 11160 Comm: syz-executor.2 Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 913.388081][T11160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 913.398277][T11160] Call Trace: [ 913.401675][T11160] [ 913.404711][T11160] dump_stack_lvl+0x216/0x2d0 [ 913.409610][T11160] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 913.415643][T11160] dump_stack+0x1e/0x30 [ 913.420011][T11160] panic+0x4e2/0xcd0 [ 913.424115][T11160] ? kmsan_get_metadata+0xf1/0x1d0 [ 913.429425][T11160] kmsan_report+0x2d5/0x2e0 [ 913.434102][T11160] ? __msan_chain_origin+0xc3/0x150 [ 913.439468][T11160] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 913.444769][T11160] ? __bpf_prog_run288+0xb5/0xe0 [ 913.449883][T11160] ? bpf_test_run+0x499/0xc30 [ 913.454762][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.460130][T11160] ? __msan_warning+0x95/0x120 [ 913.465049][T11160] ? bstr_printf+0x19df/0x1b50 [ 913.469970][T11160] ? bpf_snprintf+0x1c8/0x360 [ 913.474842][T11160] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 913.480130][T11160] ? __bpf_prog_run288+0xb5/0xe0 [ 913.485247][T11160] ? bpf_test_run+0x499/0xc30 [ 913.490111][T11160] ? bpf_prog_test_run_skb+0x14ea/0x1f20 [ 913.496037][T11160] ? bpf_prog_test_run+0x6b7/0xad0 [ 913.501325][T11160] ? __sys_bpf+0x6aa/0xd90 [ 913.505900][T11160] ? __x64_sys_bpf+0xa0/0xe0 [ 913.510640][T11160] ? x64_sys_call+0x96b/0x3b50 [ 913.515603][T11160] ? do_syscall_64+0xcf/0x1e0 [ 913.520470][T11160] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 913.526819][T11160] ? filter_irq_stacks+0x164/0x1a0 [ 913.532140][T11160] ? stack_depot_save_flags+0x2c/0x6e0 [ 913.537824][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.543186][T11160] ? kmsan_internal_set_shadow_origin+0x66/0xe0 [ 913.549810][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.555193][T11160] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 913.561297][T11160] ? format_decode+0x1102/0x1580 [ 913.566416][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.571797][T11160] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 913.577790][T11160] __msan_warning+0x95/0x120 [ 913.582534][T11160] bstr_printf+0x19df/0x1b50 [ 913.587312][T11160] bpf_snprintf+0x1c8/0x360 [ 913.592019][T11160] ___bpf_prog_run+0x13fe/0xe0f0 [ 913.597132][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.602512][T11160] __bpf_prog_run288+0xb5/0xe0 [ 913.607463][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.612828][T11160] ? kmsan_get_metadata+0x146/0x1d0 [ 913.618188][T11160] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 913.624169][T11160] ? ktime_get+0x4c7/0x530 [ 913.628773][T11160] ? __pfx___bpf_prog_run288+0x10/0x10 [ 913.634413][T11160] bpf_test_run+0x499/0xc30 [ 913.639110][T11160] ? bpf_test_run+0x388/0xc30 [ 913.644074][T11160] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 913.650142][T11160] bpf_prog_test_run_skb+0x14ea/0x1f20 [ 913.655838][T11160] ? __pfx_bpf_prog_test_run_skb+0x10/0x10 [ 913.661865][T11160] bpf_prog_test_run+0x6b7/0xad0 [ 913.667095][T11160] __sys_bpf+0x6aa/0xd90 [ 913.671534][T11160] __x64_sys_bpf+0xa0/0xe0 [ 913.676141][T11160] x64_sys_call+0x96b/0x3b50 [ 913.680915][T11160] do_syscall_64+0xcf/0x1e0 [ 913.685605][T11160] ? clear_bhb_loop+0x25/0x80 [ 913.690479][T11160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 913.696569][T11160] RIP: 0033:0x7f337fc7cf69 [ 913.701114][T11160] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 913.720901][T11160] RSP: 002b:00007f3380a0a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 913.729560][T11160] RAX: ffffffffffffffda RBX: 00007f337fdb3f80 RCX: 00007f337fc7cf69 [ 913.737675][T11160] RDX: 000000000000004c RSI: 0000000020000640 RDI: 000000000000000a [ 913.745775][T11160] RBP: 00007f337fcda6fe R08: 0000000000000000 R09: 0000000000000000 [ 913.753882][T11160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 913.761974][T11160] R13: 000000000000000b R14: 00007f337fdb3f80 R15: 00007ffe19f291d8 [ 913.770100][T11160] [ 913.773431][T11160] Kernel Offset: disabled [ 913.777815][T11160] Rebooting in 86400 seconds..