last executing test programs: 12.123076344s ago: executing program 3 (id=664): syz_open_dev$tty20(0xc, 0x4, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"}) r5 = syz_open_pts(r4, 0x141601) write(r5, &(0x7f0000000000)="d5", 0xfffffedf) close_range(r4, 0xffffffffffffffff, 0x0) 7.800127887s ago: executing program 3 (id=677): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x1800000}]}]}}, 0x0, 0x32}, 0x20) 7.26428463s ago: executing program 0 (id=678): socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 6.983448842s ago: executing program 3 (id=682): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48) r1 = socket$isdn(0x22, 0x3, 0x23) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002140)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x9, 0x16, &(0x7f0000000900)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xb7}, @map_fd={0x18, 0x4, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0xa2}, @map_idx={0x18, 0xa, 0x5, 0x0, 0xf}, @map_fd={0x18, 0x3, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x6e}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x2}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x10}], &(0x7f0000000040)='syzkaller\x00', 0x8}, 0x90) sendmmsg$inet(r1, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000300)="bd8e2168ba1b7b2928c45363ff983fa4b1794b78c06b732aabfa8b2fc977ec90f2162c0af3ebe5ab43df0c4c74bbca4550003f084db0322eaadc005546a2e46aaf10d9b13c43d8881d9db9099d60763f6e5980ce8ebf82ef438d4722e21b4cf8d0da796fb839fd8f707c65766294c1f3027bbf315cb080caceb361f84b1bd5493ba49a60681e212eaaab0e2c31d506e4fdb87f28cd7d20559d318a015682c3a0fd096772a8ea6c148e10d057715dada04122b1b6ae264d0e190ac2fd24d685376d1d081241c255f0666d6c65920e0be990822b9509dd578c35e64b028367a08cf649", 0xe2}, {&(0x7f0000000400)="63f7e66013f146544c9e64601ebe30a2e1a1e54df96bfefeddcad19d62c2990764a3a31ab09a18b5b50dbbea75c570e9e1092fbcf9b4a6ee3927c60cc1da0d4cb291294a0d5eddcc5260ca5b539f849963d2eac7ca6fa66ea43613075e86ba6313cced896034e5d1e4f6ebcc83cec1cf22b2630dc193a129c888b7ba2a3c27a8d6661a9305dcaafffcee9e4a300478537980e6935fd724dc54d598d9a3e08b65e0368216cbb129f27fbe9506c7962a5b7d15671df93bf9c0e6e2210ffbe02ad01a", 0xc1}, {&(0x7f0000000500)="6199134c88d42862cd248e6c21cdbf2403681f2a089f26be8f06a1b8263de7b8c476e0368e264d3c6c0e445c989e015dd0313d7f82b1cf4b2a0d3e5fb96fe3b15deca973e369fe72b176832d48f83c92", 0x50}, {&(0x7f0000000640)="2be42fd42bf9d9b41d2a6f3221bdc854b78ef17c16c433fd00ba1948c76d04ba4b5bf64d61b0d643a7aad26bfbbb73140b23ecafb10ab0ece5b70a89d1e733f8a3b6e62fcd8a7fa0b8220f1f0dea9220930d0cf557850ddc7dc0bac7e9c9d75545a4c7b479edeb88dc4a4bdb286024923a686c393105a2fc931c0112141e35a521ec8de0b5763af8633825c4c59fab4cdfa69a269818ac2d3b970ee15f1720f7cbd7ea6da5df79d26e33063305d603d8593626507b8fc96eea530a02c597837b2e9980a503db3cddc76ab03d3c8a7acbb3ecfba1a17dc0625139f00c9b19bd", 0xdf}], 0x4, &(0x7f0000000740)=[@ip_tos_u8={{0x11}}, @ip_retopts={{0x34, 0x0, 0x7, {[@end, @generic={0x83, 0xb, "7f0e0d153b5e422c36"}, @timestamp={0x44, 0x10, 0xf, 0x0, 0x3, [0x8, 0x4, 0x2]}, @generic={0x88, 0x7, "1fd675bf55"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x68}}], 0x1, 0x4000080) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x0, &(0x7f0000000040)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8) sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{&(0x7f00000004c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f0000000640)=[{&(0x7f00000005c0)="1b", 0x1}], 0x1}}], 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={0x0}}, 0x4000000) pipe(0x0) socket$packet(0x11, 0xa, 0x300) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "81d90d", 0x0, 0x0, 0x0, @mcast1, @mcast2}}}}, 0x0) 6.611038926s ago: executing program 0 (id=683): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x3, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000000c40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @remote}, 0x10, &(0x7f0000000200)=[{&(0x7f00000000c0)="ae79d2a02d436528012852eb02a3c0fd", 0xffeb}], 0x1}], 0x1, 0x0) sched_setscheduler(0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xffda) socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = openat$dsp(0xffffff9c, &(0x7f0000000280), 0x101080, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r2, 0x80044dfb, &(0x7f00000002c0)) close_range(r1, 0xffffffffffffffff, 0x2) r3 = fanotify_init(0x200, 0x0) fanotify_mark(r3, 0x80, 0x0, 0xffffffffffffffff, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe9, 0xed, 0x78, 0x8, 0x921, 0x1000, 0xb9de, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5f, 0x52, 0xf8}}]}}]}}, 0x0) socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@multicast2}, {@multicast1}, {@private}, {@loopback}, {@multicast2}]}, @generic={0x0, 0x10, "abefe2eaf82f271de3410eb34730"}, @noop]}}}}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}) r6 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x20000, 0x0) ioctl$SNDCTL_SEQ_TESTMIDI(r6, 0x40045108, &(0x7f0000000100)) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x29) r8 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r8, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0x2f, 0x0, &(0x7f0000000a80)={0x11, 0x9, r5, 0x1, 0x0, 0x6, @local}, 0xffffffffffffff03) 6.534272179s ago: executing program 2 (id=684): iopl(0x3) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000002c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) 6.45847403s ago: executing program 1 (id=685): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x13}) 5.896406201s ago: executing program 2 (id=686): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d80000001900eb054e81f783db4cb9040a1d080006007c09e8f655a10a0015000600142603600e1208001e00060004012800090008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0) 5.520239978s ago: executing program 3 (id=687): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)={{0x12, 0x1, 0x0, 0x5f, 0x2a, 0xb4, 0x20, 0xc72, 0xd, 0x279b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xdb, 0xa2, 0x92}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000040)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) 5.419249876s ago: executing program 1 (id=688): openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r3 = gettid() process_vm_writev(r3, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x3cb, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mlock2(&(0x7f00006f7000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x14) 5.289756222s ago: executing program 4 (id=689): r0 = socket$inet6_sctp(0xa, 0x0, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f00000013c0)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x23, &(0x7f0000000080)={r2}, 0x8) 5.056582575s ago: executing program 2 (id=690): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 3.971092173s ago: executing program 2 (id=691): socket(0x11, 0x2, 0x0) socket$xdp(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.idle_time\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) pipe(&(0x7f0000000100)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x58, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x58}}, 0x0) 3.765441853s ago: executing program 4 (id=692): r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101101) socket$unix(0x1, 0x0, 0x0) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002303180007006000000002000020d3"]) 3.701971027s ago: executing program 0 (id=693): socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 3.066393965s ago: executing program 1 (id=694): socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x50007a2) r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) 2.776980823s ago: executing program 4 (id=695): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f00000000c0)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) bpf$BPF_PROG_DETACH(0x9, &(0x7f00000000c0)={@map}, 0x10) 2.776592048s ago: executing program 0 (id=696): iopl(0x3) r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0x3, &(0x7f00000002c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$binfmt_script(r0, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0), 0x48) 2.550868266s ago: executing program 3 (id=697): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x2e}, @printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x17}}]}, &(0x7f0000000080)='GPL\x00'}, 0x90) r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1}, 0x48) r1 = socket$isdn(0x22, 0x3, 0x23) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002140)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum]}}, 0x0, 0x26}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x9, 0x16, &(0x7f0000000900)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xb7}, @map_fd={0x18, 0x4, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0xa2}, @map_idx={0x18, 0xa, 0x5, 0x0, 0xf}, @map_fd={0x18, 0x3, 0x1, 0x0, r0}, @call={0x85, 0x0, 0x0, 0x6e}, @printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x2}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x10}], &(0x7f0000000040)='syzkaller\x00', 0x8}, 0x90) sendmmsg$inet(r1, &(0x7f00000007c0)=[{{&(0x7f00000002c0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000300)="bd8e2168ba1b7b2928c45363ff983fa4b1794b78c06b732aabfa8b2fc977ec90f2162c0af3ebe5ab43df0c4c74bbca4550003f084db0322eaadc005546a2e46aaf10d9b13c43d8881d9db9099d60763f6e5980ce8ebf82ef438d4722e21b4cf8d0da796fb839fd8f707c65766294c1f3027bbf315cb080caceb361f84b1bd5493ba49a60681e212eaaab0e2c31d506e4fdb87f28cd7d20559d318a015682c3a0fd096772a8ea6c148e10d057715dada04122b1b6ae264d0e190ac2fd24d685376d1d081241c255f0666d6c65920e0be990822b9509dd578c35e64b028367a08cf649", 0xe2}, {&(0x7f0000000400)="63f7e66013f146544c9e64601ebe30a2e1a1e54df96bfefeddcad19d62c2990764a3a31ab09a18b5b50dbbea75c570e9e1092fbcf9b4a6ee3927c60cc1da0d4cb291294a0d5eddcc5260ca5b539f849963d2eac7ca6fa66ea43613075e86ba6313cced896034e5d1e4f6ebcc83cec1cf22b2630dc193a129c888b7ba2a3c27a8d6661a9305dcaafffcee9e4a300478537980e6935fd724dc54d598d9a3e08b65e0368216cbb129f27fbe9506c7962a5b7d15671df93bf9c0e6e2210ffbe02ad01a", 0xc1}, {&(0x7f0000000500)="6199134c88d42862cd248e6c21cdbf2403681f2a089f26be8f06a1b8263de7b8c476e0368e264d3c6c0e445c989e015dd0313d7f82b1cf4b2a0d3e5fb96fe3b15deca973e369fe72b176832d48f83c92", 0x50}, {&(0x7f0000000640)="2be42fd42bf9d9b41d2a6f3221bdc854b78ef17c16c433fd00ba1948c76d04ba4b5bf64d61b0d643a7aad26bfbbb73140b23ecafb10ab0ece5b70a89d1e733f8a3b6e62fcd8a7fa0b8220f1f0dea9220930d0cf557850ddc7dc0bac7e9c9d75545a4c7b479edeb88dc4a4bdb286024923a686c393105a2fc931c0112141e35a521ec8de0b5763af8633825c4c59fab4cdfa69a269818ac2d3b970ee15f1720f7cbd7ea6da5df79d26e33063305d603d8593626507b8fc96eea530a02c597837b2e9980a503db3cddc76ab03d3c8a7acbb3ecfba1a17dc0625139f00c9b19bd", 0xdf}], 0x4, &(0x7f0000000740)=[@ip_tos_u8={{0x11}}, @ip_retopts={{0x34, 0x0, 0x7, {[@end, @generic={0x83, 0xb, "7f0e0d153b5e422c36"}, @timestamp={0x44, 0x10, 0xf, 0x0, 0x3, [0x8, 0x4, 0x2]}, @generic={0x88, 0x7, "1fd675bf55"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x68}}], 0x1, 0x4000080) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r2, 0x84, 0x0, &(0x7f0000000040)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8) sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{&(0x7f00000004c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f0000000640)=[{&(0x7f00000005c0)="1b", 0x1}], 0x1}}], 0x1, 0x0) r3 = socket$netlink(0x10, 0x3, 0x15) sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="04010000100053"], 0x104}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={0x0}}, 0x4000000) pipe(0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x1, 0xfffff034}, {0x80000006}]}, 0x10) syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @remote, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "81d90d", 0x0, 0x0, 0x0, @mcast1, @mcast2}}}}, 0x0) 2.433569401s ago: executing program 2 (id=698): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000740)={0x1, 0x0, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, '\x00', 0x7}]}}) 2.291380217s ago: executing program 0 (id=699): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0) read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, 0x0}, 0x2058) write$FUSE_LSEEK(r0, &(0x7f00000021c0)={0x18, 0x0, r2, {0x7}}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x404e, &(0x7f0000000080)={[{@i_version}, {@nombcache}, {@debug_want_extra_isize}, {@nodiscard}, {@noquota}, {@usrquota}]}, 0x1, 0x442, &(0x7f0000000d80)="$eJzs28tvG0UYAPBv7SQlfZBQlUcfQKAgKh5Jk5bSAxcQSBxAQoJDOYYkrULdBjVBolUEKULlwAFV4o44IvEXcIILAk5IXOGOKkUolxZORmvvJrZrJ3Xq1Gn9+0nbzuyOM/N5d+yZHW8APWsk/SeJ2B0Rf0bEUDVbX2Ck+t+NlcWpf1cWp5Iol9/5J6mUu76yOJUXzV+3K8/0RRQ+T+Jgk3rnL146O1kqzVzI8mML5z4cm7946YXZc5NnZs7MnJ84efL4sfGXTky82JE407iuH/hk7tD+N967+tbUqavv//p9ksffEEeHjKx38OlyucPVddeemnTS18WG0JZitZtGf6X/D0Ux1k7eULz+WVcbB2ypcrlcfqj14aUycA9LotstALoj/6JP57/5doeGHtvC8ivVCVAa941sqx7pi0JWpr9hfttJIxFxaum/b9IttuY+BABAnR/T8c/zzcZ/hai9L3R/toYyHBEPRMTeiDgREfsi4sGIStmHI+KRNutvXCS5efxTuFaTGWzzz28oHf+9nK1t1Y//8tFfDBez3J5K/P3J6dnSzNHsPTkS/TvS/Pg6dfz02h9ftTpWO/5Lt7T+fCyYteNa347610xPLkzeTsy1li9HHOhrFn+yuhKQRMT+iDiwyTpmn/3uUKtjG8e/jg6sM5W/jXimev6XoiH+XLL++uTYfVGaOTqWXxU3++33K2+3qv+24u+A5csxuLPp9b8a/3BSu147334dV/76ouWcZrPX/0Dybt2+jycXFi6MRwwkb1YbXbt/oqHcxFr59Po/crh5/98ba+/EwYhIL+JHI+KxiHg8a/sTEfFkRBxeJ/5fXn3qg83Hv7XS+KfbOv9riYFo3NM8UTz78w91lQ63E396/o9XUkeyPbfy+Xcr7drc1QwAAAB3n0JE7I6kMLqaLhRGR6u/4d8XOwulufmF507PfXR+uvqMwHD0F/I7XUM190PHs2l9np9oyB/L7ht/XRys5Een5krT3Q4eetyuFv0/9Xex260DtpzntaB36f/Qu/R/6F36P/SuJv2/4z+0BranZt//n3ahHcCd19D/LftBDzH/h96l/0PPWtL/oSfND8bGD8nfw4mB7H3YLu25exJR2MIqvtwGAfZ4ossfTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3yfwAAAP//RDPkFg==") read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_IOCTL(r0, &(0x7f0000002140)={0x20, 0x0, r3}, 0x20) lstat(&(0x7f0000008800)='./file0\x00', 0x0) getdents(r1, 0x0, 0x0) read$FUSE(r0, &(0x7f0000008d00)={0x2020}, 0x2020) read$FUSE(r0, &(0x7f0000002300)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10, 0x0, r4}, 0x10) 2.287751151s ago: executing program 1 (id=700): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000800000000000000100000094"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="d80000001900eb054e81f783db4cb9040a1d080006007c09e8f655a10a0015000600142603600e1208001e00060004012800090008000c4004000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece8b42a9ecbee5de6ccd4e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d9300"/216, 0xd8}], 0x1}, 0x0) 2.116173298s ago: executing program 4 (id=701): r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 1.486203967s ago: executing program 1 (id=702): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0xc, &(0x7f00000013c0)=@assoc_value={0x0}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x23, &(0x7f0000000080)={r2}, 0x8) 1.425222167s ago: executing program 2 (id=703): sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x3, 0x84) sendmmsg$inet_sctp(r0, &(0x7f0000000c40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @remote}, 0x10, &(0x7f0000000200)=[{&(0x7f00000000c0)="ae79d2a02d436528012852eb02a3c0fd", 0xffeb}], 0x1}], 0x1, 0x0) sched_setscheduler(0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, 0x0, 0x0) write$binfmt_elf64(0xffffffffffffffff, 0x0, 0xffda) socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r2 = openat$dsp(0xffffff9c, &(0x7f0000000280), 0x101080, 0x0) ioctl$SOUND_MIXER_READ_STEREODEVS(r2, 0x80044dfb, &(0x7f00000002c0)) close_range(r1, 0xffffffffffffffff, 0x2) r3 = fanotify_init(0x200, 0x0) fanotify_mark(r3, 0x80, 0x0, 0xffffffffffffffff, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe9, 0xed, 0x78, 0x8, 0x921, 0x1000, 0xb9de, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5f, 0x52, 0xf8}}]}}]}}, 0x0) socketpair(0x1, 0x80001, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@timestamp_addr={0x44, 0x2c, 0x0, 0x1, 0x0, [{@multicast2}, {@multicast1}, {@private}, {@loopback}, {@multicast2}]}, @generic={0x0, 0x10, "abefe2eaf82f271de3410eb34730"}, @noop]}}}}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000180)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}) r6 = openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x20000, 0x0) ioctl$SNDCTL_SEQ_TESTMIDI(r6, 0x40045108, &(0x7f0000000100)) r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) ioctl$KVM_CHECK_EXTENSION(r7, 0xae03, 0x29) r8 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r8, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0x2f, 0x0, &(0x7f0000000a80)={0x11, 0x9, r5, 0x1, 0x0, 0x6, @local}, 0xffffffffffffff03) 1.405140905s ago: executing program 4 (id=704): r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x428, 0x0, 0xb, 0x148, 0x0, 0x148, 0x390, 0x230, 0x242, 0x390, 0x215, 0x3, 0x0, {[{{@ip={@local, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'macvtap0\x00'}, 0x0, 0x2d0, 0x300, 0x0, {0xff0f000000000000}, [@common=@unspec=@cluster={{0x30}, {0xa0000000}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @fd}]}, @common=@inet=@SET2={0x30}}, {{@uncond, 0xec010000, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x488) 1.034097343s ago: executing program 3 (id=705): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]}) creat(0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) setresgid(0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) chdir(&(0x7f0000000140)='./bus\x00') lchown(0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) fsync(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000140), 0xffffffffffffffff) r5 = socket$packet(0x11, 0x2, 0x300) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg0\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f0000000600)=ANY=[@ANYBLOB="2c020000", @ANYRES16=r4, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d7843e40108804400008024000100000000000100000000000000fdffff01000000000000000000000000000000001400040002000000ac1414bb00000000000000000600050000000000000100802400020073e591ec06154031d3954ac0e16752e72640f08b5281a8461d17d26d12f2bbb6060005000021000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b39228c00098028000080060001000a0000001400020020010000000000000000000000000001050003000000000088000080060001000a0000001400020020010000000000000000000000000002050003000000000003800080060001008c0e000008000200ac1414aa05000300000000001c000080060001000200000008000200ac1414bb0500030000000000200004000a00000000000000fe800000000000000000000000000000000000009c0000802400020073961633df6dc9cb418b15afd0bae7b90f1e6cfed8bb423cf9285c474163154908000a00010000002400010000000000000000000000000000000000000000000000000000000000000000004800098028000080060001000a00000014000200fe8000000000000000000000000000bb05000300000000001c000080060001000200000008000200000000000500030000000000080005000100000008000100", @ANYRES32=r6], 0x22c}}, 0x0) 702.269171ms ago: executing program 0 (id=706): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newtaction={0x74, 0x30, 0xb, 0x0, 0x0, {}, [{0x60, 0x1, [@m_ct={0x5c, 0x1, 0x0, 0x0, {{0x7}, {0x34, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @remote}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @private}, @TCA_CT_ACTION={0x6, 0x3, 0x19}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x74}}, 0x0) 652.741117ms ago: executing program 4 (id=707): socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELTABLE={0x20, 0x2, 0xa, 0x101, 0x0, 0x0, {}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x68}}, 0x0) 0s ago: executing program 1 (id=708): socket(0x11, 0x2, 0x0) socket$xdp(0x2c, 0x3, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.idle_time\x00', 0x26e1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)) pipe(&(0x7f0000000100)) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) r3 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001ac0)=@newlink={0x58, 0x10, 0x609, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x58}}, 0x0) kernel console output (not intermixed with test programs): 12b6, bcdDevice= 0.00 [ 316.120319][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.170103][ T8] usb 4-1: config 0 descriptor?? [ 316.363191][ T5241] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 316.550992][ T5241] usb 2-1: Using ep0 maxpacket: 16 [ 316.570150][ T5241] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 316.580985][ T5241] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 316.593266][ T5241] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 316.603747][ T5241] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 316.643292][ T5241] usb 2-1: config 0 descriptor?? [ 316.667739][ T3354] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 316.732872][ T3354] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 316.764080][ T8] usbhid 4-1:0.0: can't add hid device: -71 [ 316.773222][ T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 316.825725][ T3354] bond0 (unregistering): Released all slaves [ 316.832683][ T8] usb 4-1: USB disconnect, device number 6 [ 317.361900][ T5524] veth0_vlan: entered promiscuous mode [ 317.713456][ T5250] usb 2-1: USB disconnect, device number 2 [ 317.752225][ T5524] veth1_vlan: entered promiscuous mode [ 318.096702][ T3354] hsr_slave_0: left promiscuous mode [ 318.106415][ T3354] hsr_slave_1: left promiscuous mode [ 318.116249][ T3354] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 318.128245][ T3354] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 318.138661][ T3354] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 318.146565][ T3354] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 318.170227][ T3354] veth1_macvtap: left promiscuous mode [ 318.182958][ T3354] veth0_macvtap: left promiscuous mode [ 318.185342][ T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 318.188862][ T3354] veth1_vlan: left promiscuous mode [ 318.202258][ T3354] veth0_vlan: left promiscuous mode [ 318.609334][ T8] usb 4-1: config 0 has no interfaces? [ 318.615260][ T8] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 318.624853][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.662916][ T8] usb 4-1: config 0 descriptor?? [ 318.945962][ T5802] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 319.165678][ T3354] team0 (unregistering): Port device team_slave_1 removed [ 319.222352][ T3354] team0 (unregistering): Port device team_slave_0 removed [ 319.925292][ T5524] veth0_macvtap: entered promiscuous mode [ 320.113281][ T5524] veth1_macvtap: entered promiscuous mode [ 320.360903][ T5656] 8021q: adding VLAN 0 to HW filter on device bond0 [ 320.600535][ T5815] loop1: detected capacity change from 0 to 1024 [ 320.625663][ T5524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.637827][ T5524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.649597][ T5524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 320.661558][ T5524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 320.683544][ T5524] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 320.733319][ T5257] usb 4-1: USB disconnect, device number 7 [ 320.754970][ T5815] EXT4-fs: Ignoring removed nomblk_io_submit option [ 320.874122][ T5815] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.995286][ T5656] 8021q: adding VLAN 0 to HW filter on device team0 [ 321.021710][ T5524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.032700][ T5524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.042985][ T5524] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 321.053855][ T5524] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 321.069398][ T5524] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 321.145174][ T5251] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.153175][ T5251] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.270316][ T5524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.279582][ T5524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.288877][ T5524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.300492][ T5524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 321.369665][ T5251] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.377543][ T5251] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.450911][ T5689] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 321.555100][ T5689] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 321.664935][ T5689] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 321.789035][ T5689] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 323.323920][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.760481][ T5689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 323.934572][ T5844] loop3: detected capacity change from 0 to 512 [ 323.937013][ T5689] 8021q: adding VLAN 0 to HW filter on device team0 [ 324.022542][ T5844] EXT4-fs (loop3): blocks per group (71) and clusters per group (32768) inconsistent [ 324.061952][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 324.069902][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 324.194598][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 324.202709][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 324.297517][ T5844] loop3: detected capacity change from 0 to 512 [ 324.304483][ T5257] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 324.509562][ T5656] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 324.602430][ T5257] usb 2-1: Using ep0 maxpacket: 32 [ 324.723147][ T5257] usb 2-1: New USB device found, idVendor=0df6, idProduct=0059, bcdDevice=a3.f9 [ 324.732947][ T5257] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.741895][ T5257] usb 2-1: Product: syz [ 324.746334][ T5257] usb 2-1: Manufacturer: syz [ 324.751319][ T5257] usb 2-1: SerialNumber: syz [ 324.849419][ T5257] usb 2-1: config 0 descriptor?? [ 324.935004][ T5257] r8712u: register rtl8712_netdev_ops to netdev_ops [ 324.942063][ T5257] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints [ 325.172437][ T5848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 325.188093][ T5848] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 325.437554][ T5257] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed [ 325.446457][ T5257] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00 [ 325.456123][ T5257] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin" [ 325.470534][ T5844] EXT4-fs (loop3): Test dummy encryption mode enabled [ 325.477729][ T5844] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 325.491592][ T5844] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 325.559827][ T5257] usb 2-1: USB disconnect, device number 3 [ 325.631438][ T5844] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (20423!=33349) [ 325.683381][ T5844] EXT4-fs (loop3): orphan cleanup on readonly fs [ 325.711462][ T5844] EXT4-fs (loop3): 1 truncate cleaned up [ 325.718983][ T5844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 325.915473][ T5844] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 326.853583][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 326.871882][ T5257] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 327.121161][ T5257] usb 2-1: Using ep0 maxpacket: 8 [ 327.195343][ T5257] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 327.208815][ T5257] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 247, changing to 7 [ 327.312193][ T5257] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 327.321841][ T5257] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 327.330168][ T5257] usb 2-1: Product: ш [ 327.337463][ T5257] usb 2-1: Manufacturer: 潯䙇꓍裦堛跔組轒ⶎ鱮欩팗㾭ㆁ⸏䏛쏐ᠹ᪈ꖍᔷә⢠䥆ᢖ땫᥹秀㛲䆪鎹௟ꖎ観䯪薁撳ᣅง撆䍢⎕퀹蠧徜 ⲇ溛㐶舁䚩遼஫湀휰梧뇙蛈䇕ⱠƮἩᔌ㉑썡֍⟍槸୩ᘡﭕ쟽鏥 [ 327.364410][ T5257] usb 2-1: SerialNumber: 泟纀ꔝル狴恈ꟻ麷珒봐맶퐸㷷뿏ᒷ࡚櫓⻨㣴㊐䎦휭㯃逌鱍샗ᴄ訟횉㪭痩ؐ覌츒ဃ솝ꞙ鳪鷄㡣鲿׀禔䔅ꇿ쉭ゑ쨣벞潼묷⃾⸽ﲲ蝎✦ꣂ⸞핕㖊榯諶趡㞤瞪評㼚땟ʩ궧ᾳ蘭䷱ꃶ堲ጇ쌛혪ዬ災ࣾ싟掉ߙ䰅ஜꯃ師洕膰䤵ꫛ⫴뺚⊿崙祇㭂ː⬚ﶪᗅ乽⁀俏 [ 327.399507][ T5689] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 327.822692][ T5257] usb 2-1: 2:1 : sample bitwidth 9 in over sample bytes 1 [ 327.830201][ T5257] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 327.836867][ T5257] usb 2-1: 2:1 : invalid channels 0 [ 327.993387][ T5689] veth0_vlan: entered promiscuous mode [ 328.139090][ T5257] usb 2-1: USB disconnect, device number 4 [ 328.213663][ T5689] veth1_vlan: entered promiscuous mode [ 328.486220][ T5656] veth0_vlan: entered promiscuous mode [ 328.608348][ T5656] veth1_vlan: entered promiscuous mode [ 328.663663][ T5689] veth0_macvtap: entered promiscuous mode [ 328.705996][ T5421] udevd[5421]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 328.754125][ T5689] veth1_macvtap: entered promiscuous mode [ 329.046887][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.058867][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.069086][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.082499][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.093427][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.104332][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.119828][ T5689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.148052][ T5656] veth0_macvtap: entered promiscuous mode [ 329.275167][ T5656] veth1_macvtap: entered promiscuous mode [ 329.296543][ T5879] loop3: detected capacity change from 0 to 4096 [ 329.357499][ T5879] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 329.404757][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.416401][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.426647][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.437604][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.447815][ T5689] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 329.458645][ T5689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.474505][ T5689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 329.607312][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.618292][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.628580][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.639390][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.649555][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.660523][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.670851][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 329.681686][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 329.705554][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 329.924981][ T5689] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.936755][ T5689] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.946155][ T5689] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.955358][ T5689] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.103175][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.113979][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.124218][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.135070][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.145277][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.156093][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.166283][ T5656] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 330.178674][ T5656] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.194831][ T5656] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 330.295117][ T29] audit: type=1800 audit(1722149843.442:8): pid=5879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.126" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 330.404729][ T29] audit: type=1800 audit(1722149843.472:9): pid=5896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.126" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 330.528957][ T5656] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.538467][ T5656] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.548923][ T5656] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 330.558125][ T5656] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.091434][ T1524] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 331.302278][ T1524] usb 4-1: device descriptor read/64, error -71 [ 331.621113][ T1524] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 331.723010][ T5910] loop1: detected capacity change from 0 to 1024 [ 331.842926][ T1524] usb 4-1: device descriptor read/64, error -71 [ 331.921168][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 331.929282][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 331.979728][ T1524] usb usb4-port1: attempt power cycle [ 332.245777][ T3354] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.258109][ T3354] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.693002][ T29] audit: type=1804 audit(1722149845.752:10): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.129" name="/newroot/49/file1/bus" dev="loop1" ino=29 res=1 errno=0 [ 332.715134][ T29] audit: type=1800 audit(1722149845.752:11): pid=5911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.129" name="bus" dev="loop1" ino=29 res=0 errno=0 [ 335.201682][ T5250] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 335.545064][ T5250] usb 2-1: config 0 has an invalid interface number: 48 but max is 0 [ 335.553931][ T5250] usb 2-1: config 0 has no interface number 0 [ 335.560305][ T5250] usb 2-1: too many endpoints for config 0 interface 48 altsetting 120: 48, using maximum allowed: 30 [ 335.571950][ T5250] usb 2-1: config 0 interface 48 altsetting 120 has 0 endpoint descriptors, different from the interface descriptor's value: 48 [ 335.585679][ T5250] usb 2-1: config 0 interface 48 has no altsetting 0 [ 335.592810][ T5250] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 335.602375][ T5250] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 335.810497][ T5926] loop3: detected capacity change from 0 to 40427 [ 335.820982][ T5250] usb 2-1: config 0 descriptor?? [ 335.870398][ T5926] F2FS-fs (loop3): invalid crc value [ 335.912665][ T5926] F2FS-fs (loop3): Found nat_bits in checkpoint [ 336.425290][ T5250] usb 2-1: string descriptor 0 read error: -32 [ 337.302260][ T5241] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 337.571860][ T5241] usb 4-1: Using ep0 maxpacket: 8 [ 337.670927][ T5241] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 337.686149][ T5241] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 247, changing to 7 [ 337.801910][ T5241] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 337.812904][ T5241] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 337.821999][ T5241] usb 4-1: Product: ш [ 337.826360][ T5241] usb 4-1: Manufacturer: 潯䙇꓍裦堛跔組轒ⶎ鱮欩팗㾭ㆁ⸏䏛쏐ᠹ᪈ꖍᔷә⢠䥆ᢖ땫᥹秀㛲䆪鎹௟ꖎ観䯪薁撳ᣅง撆䍢⎕퀹蠧徜 ⲇ溛㐶舁䚩遼஫湀휰梧뇙蛈䇕ⱠƮἩᔌ㉑썡֍⟍槸୩ᘡﭕ쟽鏥 [ 337.852976][ T5241] usb 4-1: SerialNumber: 泟纀ꔝル狴恈ꟻ麷珒봐맶퐸㷷뿏ᒷ࡚櫓⻨㣴㊐䎦휭㯃逌鱍샗ᴄ訟횉㪭痩ؐ覌츒ဃ솝ꞙ鳪鷄㡣鲿׀禔䔅ꇿ쉭ゑ쨣벞潼묷⃾⸽ﲲ蝎✦ꣂ⸞핕㖊榯諶趡㞤瞪評㼚땟ʩ궧ᾳ蘭䷱ꃶ堲ጇ쌛혪ዬ災ࣾ싟掉ߙ䰅ஜꯃ師洕膰䤵ꫛ⫴뺚⊿崙祇㭂ː⬚ﶪᗅ乽⁀俏 [ 338.096967][ T5250] usb 2-1: Cannot set autoneg [ 338.104350][ T5250] MOSCHIP usb-ethernet driver 2-1:0.48: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 338.307678][ T5250] usb 2-1: USB disconnect, device number 5 [ 338.458930][ T5241] usb 4-1: 2:1 : sample bitwidth 9 in over sample bytes 1 [ 338.466742][ T5241] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc [ 338.473398][ T5241] usb 4-1: 2:1 : invalid channels 0 [ 338.697410][ T5241] usb 4-1: USB disconnect, device number 11 [ 339.183312][ T5251] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 339.190418][ T5421] udevd[5421]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 339.469353][ T5251] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 339.480920][ T5251] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 339.493313][ T5251] usb 2-1: New USB device found, idVendor=056a, idProduct=00d1, bcdDevice= 0.00 [ 339.503109][ T5251] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 339.608705][ T5251] usb 2-1: config 0 descriptor?? [ 340.192302][ T5251] wacom 0003:056A:00D1.0002: Unknown device_type for 'HID 056a:00d1'. Assuming pen. [ 340.283848][ T5251] wacom 0003:056A:00D1.0002: hidraw0: USB HID v0.00 Device [HID 056a:00d1] on usb-dummy_hcd.1-1/input0 [ 340.300566][ T5251] input: Wacom Bamboo 2FG 4x5 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:00D1.0002/input/input6 [ 340.541771][ T5251] usb 2-1: USB disconnect, device number 6 [ 341.300869][ C1] eth0: bad gso: type: 1, size: 1408 [ 341.796480][ T4277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 341.804708][ T4277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.096171][ T5998] netlink: 'syz.3.141': attribute type 9 has an invalid length. [ 342.188729][ T4229] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.197025][ T4229] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.374635][ T4229] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.383120][ T4229] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.626735][ T3025] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 342.629213][ T6004] loop1: detected capacity change from 0 to 256 [ 342.634890][ T3025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 342.902930][ T6004] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009b275e, utbl_chksum : 0x7319d30d) [ 343.033094][ T6004] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000007) [ 343.042942][ T6004] exFAT-fs (loop1): Filesystem has been set read-only [ 343.319390][ T6004] netlink: 'syz.1.142': attribute type 11 has an invalid length. [ 343.881791][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 344.029863][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 344.748013][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 346.329842][ C1] eth0: bad gso: type: 1, size: 1408 [ 346.640223][ T6027] sctp: [Deprecated]: syz.0.147 (pid 6027) Use of int in max_burst socket option. [ 346.640223][ T6027] Use struct sctp_assoc_value instead [ 346.906674][ T6033] netlink: 20 bytes leftover after parsing attributes in process `syz.4.149'. [ 346.961128][ T6033] input: syz0 as /devices/virtual/input/input9 [ 347.021011][ T8] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 347.241345][ T8] usb 3-1: device descriptor read/64, error -71 [ 347.531258][ T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 347.723158][ T8] usb 3-1: device descriptor read/64, error -71 [ 347.791164][ T5251] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 347.847678][ T8] usb usb3-port1: attempt power cycle [ 348.010190][ T5251] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 348.061252][ T5251] usb 1-1: Dual-Role OTG device on HNP port [ 348.082090][ T5251] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=7a.b1 [ 348.091903][ T5251] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 348.100205][ T5251] usb 1-1: Product: syz [ 348.104758][ T5251] usb 1-1: Manufacturer: syz [ 348.109605][ T5251] usb 1-1: SerialNumber: syz [ 348.162401][ T5251] usb 1-1: config 0 descriptor?? [ 348.201043][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.206799][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.212728][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.218445][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.233101][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.238830][ T5251] rndis_host 1-1:0.0: skipping garbage [ 348.246910][ T5251] usb 1-1: bad CDC descriptors [ 348.309219][ T5251] usb_ehset_test 1-1:0.0: probe with driver usb_ehset_test failed with error -32 [ 348.371045][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 348.461562][ T8] usb 3-1: device descriptor read/8, error -71 [ 348.751136][ T8] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 348.804761][ T6038] loop0: detected capacity change from 0 to 2048 [ 348.834109][ T8] usb 3-1: device descriptor read/8, error -71 [ 348.853674][ T6038] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 348.884306][ T6038] NILFS (loop0): invalid segment: Checksum error in segment payload [ 348.896618][ T6038] NILFS (loop0): unable to fall back to spare super block [ 348.904799][ T6038] NILFS (loop0): error -22 while searching super root [ 349.002552][ T8] usb usb3-port1: unable to enumerate USB device [ 349.201605][ T5251] usb 1-1: USB disconnect, device number 2 [ 349.219985][ T6026] loop1: detected capacity change from 0 to 8192 [ 349.280881][ T6026] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 349.505866][ T6026] ntfs3: loop1: Failed to read $UpCase (-4). [ 350.114354][ T6041] netlink: 'syz.2.153': attribute type 3 has an invalid length. [ 350.122557][ T6041] netlink: 'syz.2.153': attribute type 3 has an invalid length. [ 350.131029][ T6041] netlink: 16 bytes leftover after parsing attributes in process `syz.2.153'. [ 350.215933][ C1] eth0: bad gso: type: 1, size: 1408 [ 350.266015][ T6042] netlink: 'syz.2.153': attribute type 3 has an invalid length. [ 350.280016][ T6042] netlink: 'syz.2.153': attribute type 3 has an invalid length. [ 350.290045][ T6042] netlink: 16 bytes leftover after parsing attributes in process `syz.2.153'. [ 350.662841][ C1] eth0: bad gso: type: 1, size: 1408 [ 351.233210][ T6050] i2c i2c-0: Invalid block write size 33 [ 351.335077][ T6054] netlink: 'syz.3.157': attribute type 8 has an invalid length. [ 351.388514][ T6055] loop1: detected capacity change from 0 to 512 [ 351.512617][ T6049] loop2: detected capacity change from 0 to 256 [ 351.551935][ T6055] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.158: bg 0: block 393: padding at end of block bitmap is not set [ 351.662236][ T6055] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 351.716794][ T6055] EXT4-fs (loop1): 2 truncates cleaned up [ 351.723205][ T6053] loop3: detected capacity change from 0 to 512 [ 351.724995][ T6055] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 351.771780][ T6053] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 351.906406][ T6053] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.157: bg 0: block 248: padding at end of block bitmap is not set [ 351.962663][ T6053] Quota error (device loop3): write_blk: dquota write failed [ 351.970970][ T6053] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 351.981449][ T6053] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.157: Failed to acquire dquot type 1 [ 352.110216][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.122084][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 352.153635][ T6053] EXT4-fs (loop3): 1 truncate cleaned up [ 352.161804][ T6053] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.175189][ T6053] ext4 filesystem being mounted at /51/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 352.667493][ T6047] loop0: detected capacity change from 0 to 4095 [ 352.770983][ T6047] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 352.851267][ T6047] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 4096) [ 352.861626][ T6047] NILFS (loop0): mounting unchecked fs [ 353.012513][ T6047] NILFS (loop0): invalid segment: Checksum error in segment payload [ 353.020964][ T6047] NILFS (loop0): unable to fall back to spare super block [ 353.028335][ T6047] NILFS (loop0): error -22 while searching super root [ 353.307949][ T6045] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 353.680801][ T6053] syz.3.157 (6053) used greatest stack depth: 4136 bytes left [ 353.896508][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.936269][ T3273] Quota error (device loop3): do_check_range: Getting block 0 out of range 1-5 [ 353.945923][ T3273] EXT4-fs error (device loop3): ext4_release_dquot:6871: comm kworker/u8:18: Failed to release dquot type 1 [ 354.733844][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.901041][ T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 355.002628][ T6067] loop3: detected capacity change from 0 to 512 [ 355.062154][ T6067] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 355.070012][ T6067] UDF-fs: Scanning with blocksize 512 failed [ 355.164183][ T6067] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 355.169376][ T25] usb 1-1: Using ep0 maxpacket: 32 [ 355.172202][ T6067] UDF-fs: Scanning with blocksize 1024 failed [ 355.243820][ T25] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 355.253691][ T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 355.318955][ T25] usb 1-1: config 0 descriptor?? [ 355.349877][ T25] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 355.366743][ T6067] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 355.375115][ T6067] UDF-fs: Scanning with blocksize 2048 failed [ 355.518249][ T6067] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 355.585690][ T6071] loop2: detected capacity change from 0 to 2048 [ 355.682292][ T6071] GPT:first_usable_lbas don't match. [ 355.688017][ T6071] GPT:34 != 290 [ 355.692245][ T6071] GPT: Use GNU Parted to correct GPT errors. [ 355.707611][ T6071] loop2: p1 p2 p3 [ 355.759155][ T6067] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 355.986595][ T29] audit: type=1800 audit(1722149869.032:12): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.159" name="bus" dev="loop3" ino=42 res=0 errno=0 [ 356.171510][ T25] gspca_nw80x: reg_w err -110 [ 356.176736][ T25] nw80x 1-1:0.0: probe with driver nw80x failed with error -110 [ 356.201790][ T6069] loop1: detected capacity change from 0 to 2048 [ 356.237844][ T25] usb 1-1: USB disconnect, device number 3 [ 356.330656][ T8] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 356.381515][ T6069] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 356.457074][ T6069] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 356.593526][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 356.617454][ T6069] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 356.668588][ T8] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 356.680116][ T8] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 356.690637][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 356.699987][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 356.802755][ T8] hub 4-1:4.0: USB hub found [ 357.361226][ T6081] loop0: detected capacity change from 0 to 64 [ 357.428938][ T29] audit: type=1800 audit(1722149870.452:13): pid=6085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.159" name="bus" dev="loop3" ino=42 res=0 errno=0 [ 357.627223][ T5421] udevd[5421]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 357.675303][ T5353] udevd[5353]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 357.696830][ T5422] udevd[5422]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 357.921170][ T8] hub 4-1:4.0: config failed, can't read hub descriptor (err -22) [ 358.123310][ T8] usb 4-1: USB disconnect, device number 12 [ 358.845200][ T6094] loop1: detected capacity change from 0 to 128 [ 358.987208][ T6094] vfat: Unknown parameter '(' [ 359.519976][ T5203] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 359.540182][ T5203] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 359.576674][ T5203] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 359.609553][ T5203] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 359.636442][ T5203] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 359.650054][ T5203] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 359.970338][ T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 360.382781][ T8] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 360.392326][ T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.404497][ T6102] i2c i2c-0: Invalid block write size 33 [ 360.584605][ T8] usb 1-1: config 0 descriptor?? [ 360.827489][ T6101] loop1: detected capacity change from 0 to 256 [ 361.687060][ T5241] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 361.735983][ T8] usb 1-1: Cannot read MAC address [ 361.751637][ T8] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 361.777333][ T5203] Bluetooth: hci3: command tx timeout [ 361.900347][ T8] usb 1-1: USB disconnect, device number 4 [ 362.097539][ T5241] usb 3-1: device descriptor read/64, error -71 [ 362.193162][ T6098] chnl_net:caif_netlink_parms(): no params data found [ 362.431863][ T5241] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 362.652334][ T5241] usb 3-1: device descriptor read/64, error -71 [ 362.797964][ T5241] usb usb3-port1: attempt power cycle [ 362.957781][ T3533] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.112691][ T6116] netlink: 4 bytes leftover after parsing attributes in process `syz.1.173'. [ 363.197790][ T3533] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.283323][ T5241] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 363.333551][ T5241] usb 3-1: device descriptor read/8, error -71 [ 363.384378][ T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 363.416130][ T3533] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.593290][ T3533] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 363.623663][ C1] eth0: bad gso: type: 1, size: 1408 [ 363.642909][ T5241] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 363.678891][ T25] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 363.723713][ T25] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 363.733542][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 363.742109][ T25] usb 4-1: SerialNumber: syz [ 363.771195][ T5241] usb 3-1: device descriptor read/8, error -71 [ 363.851682][ T5192] Bluetooth: hci3: command tx timeout [ 363.971762][ T5241] usb usb3-port1: unable to enumerate USB device [ 364.160128][ T3533] bridge_slave_1: left allmulticast mode [ 364.168361][ T3533] bridge_slave_1: left promiscuous mode [ 364.181759][ T3533] bridge0: port 2(bridge_slave_1) entered disabled state [ 364.392313][ T3533] bridge_slave_0: left allmulticast mode [ 364.398239][ T3533] bridge_slave_0: left promiscuous mode [ 364.413417][ T3533] bridge0: port 1(bridge_slave_0) entered disabled state [ 364.426566][ T5192] Bluetooth: hci2: command 0x0406 tx timeout [ 365.252193][ T6131] netlink: 'syz.2.177': attribute type 12 has an invalid length. [ 365.320288][ T6133] loop1: detected capacity change from 0 to 16 [ 365.378566][ T6133] erofs: Unknown parameter '' [ 365.464157][ T3533] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 365.566324][ T3533] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 365.668058][ T3533] bond0 (unregistering): Released all slaves [ 365.951028][ T5203] Bluetooth: hci3: command tx timeout [ 366.091015][ T6137] netlink: 88 bytes leftover after parsing attributes in process `syz.0.176'. [ 366.133723][ T6138] netlink: 16 bytes leftover after parsing attributes in process `syz.0.176'. [ 366.477740][ T6098] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.485901][ T6098] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.493971][ T6098] bridge_slave_0: entered allmulticast mode [ 366.503654][ T6098] bridge_slave_0: entered promiscuous mode [ 366.562843][ T25] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71 [ 366.692504][ T25] usb 4-1: USB disconnect, device number 13 [ 366.898363][ T6098] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.906372][ T6098] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.914457][ T6098] bridge_slave_1: entered allmulticast mode [ 366.924171][ T6098] bridge_slave_1: entered promiscuous mode [ 366.994711][ T6147] FAULT_INJECTION: forcing a failure. [ 366.994711][ T6147] name failslab, interval 1, probability 0, space 0, times 1 [ 367.008477][ T6147] CPU: 1 UID: 0 PID: 6147 Comm: syz.0.180 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 367.019073][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 367.029406][ T6147] Call Trace: [ 367.032907][ T6147] [ 367.036048][ T6147] dump_stack_lvl+0x216/0x2d0 [ 367.041111][ T6147] dump_stack+0x1e/0x30 [ 367.045635][ T6147] should_fail_ex+0x74e/0x800 [ 367.050679][ T6147] should_failslab+0x17f/0x210 [ 367.055806][ T6147] kmem_cache_alloc_noprof+0xe2/0xb20 [ 367.061536][ T6147] ? vm_area_alloc+0x1cc/0x410 [ 367.066658][ T6147] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 367.072861][ T6147] vm_area_alloc+0x1cc/0x410 [ 367.077815][ T6147] mmap_region+0x1b12/0x4420 [ 367.082742][ T6147] ? cap_mmap_addr+0x326/0x490 [ 367.087900][ T6147] do_mmap+0xebc/0x1b10 [ 367.092390][ T6147] ? kmsan_get_metadata+0x13e/0x1c0 [ 367.097983][ T6147] vm_mmap_pgoff+0x23b/0x5a0 [ 367.102925][ T6147] ksys_mmap_pgoff+0x16e/0x7a0 [ 367.108036][ T6147] ? kmsan_get_metadata+0x13e/0x1c0 [ 367.113608][ T6147] __x64_sys_mmap+0x1a8/0x240 [ 367.118624][ T6147] x64_sys_call+0x1d42/0x3c10 [ 367.123623][ T6147] do_syscall_64+0xcd/0x1e0 [ 367.128461][ T6147] ? clear_bhb_loop+0x25/0x80 [ 367.133453][ T6147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.139766][ T6147] RIP: 0033:0x7f47057772d3 [ 367.144488][ T6147] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 367.164467][ T6147] RSP: 002b:00007f47065dde28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 367.173268][ T6147] RAX: ffffffffffffffda RBX: 00000000000010ed RCX: 00007f47057772d3 [ 367.181588][ T6147] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000 [ 367.189857][ T6147] RBP: 00000000200011c2 R08: 00000000ffffffff R09: 0000000000000000 [ 367.198107][ T6147] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004 [ 367.206358][ T6147] R13: 00007f47065ddf00 R14: 00007f47065ddec0 R15: 0000000020001180 [ 367.214636][ T6147] [ 367.218084][ C1] vkms_vblank_simulate: vblank timer overrun [ 367.424962][ T3533] hsr_slave_0: left promiscuous mode [ 367.507142][ T3533] hsr_slave_1: left promiscuous mode [ 367.563546][ T3533] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 367.572358][ T3533] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 367.630085][ T3533] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 367.638137][ T3533] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 367.646374][ T25] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 367.748509][ T3533] veth1_macvtap: left promiscuous mode [ 367.754555][ T3533] veth0_macvtap: left promiscuous mode [ 367.761880][ T3533] veth1_vlan: left promiscuous mode [ 367.767528][ T3533] veth0_vlan: left promiscuous mode [ 368.056361][ T5203] Bluetooth: hci3: command tx timeout [ 368.207890][ T6159] i2c i2c-0: Invalid block write size 33 [ 368.262063][ T25] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 368.273610][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.341159][ T6159] loop1: detected capacity change from 0 to 256 [ 368.356599][ T25] usb 3-1: config 0 descriptor?? [ 368.987916][ T3533] team0 (unregistering): Port device team_slave_1 removed [ 369.085818][ T3533] team0 (unregistering): Port device team_slave_0 removed [ 369.466595][ T25] usb 3-1: Cannot read MAC address [ 369.472996][ T25] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 369.635859][ T25] usb 3-1: USB disconnect, device number 10 [ 370.169110][ T6098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 370.278264][ T6154] loop0: detected capacity change from 0 to 8192 [ 370.297399][ T6098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 370.496837][ T6154] REISERFS warning: read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025 [ 370.510465][ T6154] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal [ 370.523410][ T6154] REISERFS (device loop0): using ordered data mode [ 370.530261][ T6154] reiserfs: using flush barriers [ 370.666680][ T6154] REISERFS warning (device loop0): sh-458 journal_init_dev: cannot init journal device unknown-block(7,0): -16 [ 370.679873][ T6154] REISERFS warning (device loop0): sh-462 journal_init: unable to initialize journal device [ 370.735476][ T6154] REISERFS warning (device loop0): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 370.768440][ T6166] loop2: detected capacity change from 0 to 1024 [ 370.885519][ T6098] team0: Port device team_slave_0 added [ 370.996189][ T6098] team0: Port device team_slave_1 added [ 371.030877][ T6169] loop3: detected capacity change from 0 to 512 [ 371.144266][ T6169] EXT4-fs: Ignoring removed nobh option [ 371.150561][ T6169] ext2: Unknown parameter 'subj_role' [ 371.243620][ T6169] overlay: ./file0 is not a directory [ 371.506931][ T6098] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 371.514473][ T6098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.540867][ T6098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 371.772171][ T6098] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 371.782728][ T6098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 371.810318][ T6098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 372.043610][ C1] eth0: bad gso: type: 1, size: 1408 [ 372.122403][ T2515] hfsplus: b-tree write err: -5, ino 4 [ 372.364756][ T6186] loop1: detected capacity change from 0 to 256 [ 372.420494][ T6186] exfat: Unknown parameter 'fd' [ 372.536426][ T6098] hsr_slave_0: entered promiscuous mode [ 372.684260][ T6098] hsr_slave_1: entered promiscuous mode [ 372.738810][ T6098] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 372.746932][ T6098] Cannot create hsr debugfs directory [ 373.748652][ T6199] FAULT_INJECTION: forcing a failure. [ 373.748652][ T6199] name failslab, interval 1, probability 0, space 0, times 0 [ 373.762099][ T6199] CPU: 1 UID: 0 PID: 6199 Comm: syz.0.192 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 373.772701][ T6199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 373.783046][ T6199] Call Trace: [ 373.786532][ T6199] [ 373.789664][ T6199] dump_stack_lvl+0x216/0x2d0 [ 373.794729][ T6199] dump_stack+0x1e/0x30 [ 373.799235][ T6199] should_fail_ex+0x74e/0x800 [ 373.804286][ T6199] should_failslab+0x17f/0x210 [ 373.809420][ T6199] kmem_cache_alloc_noprof+0xe2/0xb20 [ 373.815141][ T6199] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 373.821298][ T6199] ? mas_alloc_nodes+0x4a3/0xf00 [ 373.826576][ T6199] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 373.832772][ T6199] mas_alloc_nodes+0x4a3/0xf00 [ 373.837939][ T6199] mas_preallocate+0x183c/0x2730 [ 373.843223][ T6199] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 373.849450][ T6199] mmap_region+0x2c69/0x4420 [ 373.854373][ T6199] ? cap_mmap_addr+0x326/0x490 [ 373.859504][ T6199] do_mmap+0xebc/0x1b10 [ 373.863971][ T6199] ? kmsan_get_metadata+0x13e/0x1c0 [ 373.869592][ T6199] vm_mmap_pgoff+0x23b/0x5a0 [ 373.874511][ T6199] ksys_mmap_pgoff+0x16e/0x7a0 [ 373.879584][ T6199] ? kmsan_get_metadata+0x13e/0x1c0 [ 373.885153][ T6199] __x64_sys_mmap+0x1a8/0x240 [ 373.890161][ T6199] x64_sys_call+0x1d42/0x3c10 [ 373.895178][ T6199] do_syscall_64+0xcd/0x1e0 [ 373.900047][ T6199] ? clear_bhb_loop+0x25/0x80 [ 373.905028][ T6199] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.911294][ T6199] RIP: 0033:0x7f47057772d3 [ 373.915977][ T6199] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7 [ 373.935919][ T6199] RSP: 002b:00007f47065dde28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 373.944654][ T6199] RAX: ffffffffffffffda RBX: 00000000000010ed RCX: 00007f47057772d3 [ 373.952819][ T6199] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000 [ 373.960985][ T6199] RBP: 00000000200011c2 R08: 00000000ffffffff R09: 0000000000000000 [ 373.969119][ T6199] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004 [ 373.977247][ T6199] R13: 00007f47065ddf00 R14: 00007f47065ddec0 R15: 0000000020001180 [ 373.985415][ T6199] [ 374.425930][ T25] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 374.674245][ T6098] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 374.764841][ T25] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 374.775129][ T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 374.794393][ T6098] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 374.877793][ T25] usb 3-1: config 0 descriptor?? [ 374.903053][ T6098] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 375.043650][ T6098] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 376.247896][ T25] usb 3-1: Cannot read MAC address [ 376.254211][ T25] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 376.372703][ T25] usb 3-1: USB disconnect, device number 11 [ 376.524993][ T6212] i2c i2c-0: Invalid block write size 33 [ 376.688972][ T6212] loop1: detected capacity change from 0 to 256 [ 376.789443][ T6215] netlink: 'syz.3.197': attribute type 21 has an invalid length. [ 376.801269][ T6215] netlink: 128 bytes leftover after parsing attributes in process `syz.3.197'. [ 376.812130][ T6215] netlink: 'syz.3.197': attribute type 5 has an invalid length. [ 376.820035][ T6215] netlink: 3 bytes leftover after parsing attributes in process `syz.3.197'. [ 376.927977][ T6218] loop2: detected capacity change from 0 to 1024 [ 377.685891][ T6098] 8021q: adding VLAN 0 to HW filter on device bond0 [ 377.810204][ T6230] loop3: detected capacity change from 0 to 64 [ 378.297672][ T6098] 8021q: adding VLAN 0 to HW filter on device team0 [ 378.390657][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 378.398623][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 378.546820][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 378.554691][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 378.677870][ C1] eth0: bad gso: type: 1, size: 1408 [ 378.716053][ T3273] hfsplus: b-tree write err: -5, ino 4 [ 379.724053][ T5250] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 380.078913][ T5250] usb 4-1: Using ep0 maxpacket: 16 [ 380.107161][ T5250] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 380.118942][ T5250] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 24 [ 380.165347][ T5250] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 380.179937][ T5250] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 380.189767][ T5250] usb 4-1: SerialNumber: syz [ 380.580120][ T6253] loop1: detected capacity change from 0 to 256 [ 380.644397][ T6253] exfat: Unknown parameter 'fd' [ 380.843148][ T6110] usb 4-1: USB disconnect, device number 14 [ 381.343618][ T6258] loop0: detected capacity change from 0 to 1024 [ 381.390944][ T6258] EXT4-fs: Ignoring removed oldalloc option [ 381.473539][ T6258] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 381.489790][ T6098] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 381.704629][ T6258] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 382.004111][ T6258] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 382.102216][ T6258] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 382.163707][ T6245] loop2: detected capacity change from 0 to 1024 [ 382.271529][ T6268] loop3: detected capacity change from 0 to 8 [ 382.310802][ T6245] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 383.203549][ T5524] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.981597][ T5251] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 384.160968][ T5251] usb 4-1: device descriptor read/64, error -71 [ 384.241725][ T5250] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 384.326413][ T5689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.390908][ T6282] loop1: detected capacity change from 0 to 2048 [ 384.438677][ T5250] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 384.448832][ T5250] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 384.496948][ T5251] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 384.549880][ T5250] usb 1-1: config 0 descriptor?? [ 384.721089][ T5251] usb 4-1: device descriptor read/64, error -71 [ 384.766658][ T6282] loop1: p2 p3 p7 [ 384.855113][ T5251] usb usb4-port1: attempt power cycle [ 385.210909][ T6110] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 385.310755][ T6098] veth0_vlan: entered promiscuous mode [ 385.391252][ T5251] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 385.460677][ C0] hrtimer: interrupt took 175247 ns [ 385.483939][ T6110] usb 3-1: Using ep0 maxpacket: 16 [ 385.489892][ T5251] usb 4-1: device descriptor read/8, error -71 [ 385.550154][ T6110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 385.561996][ T6110] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 385.572316][ T6110] usb 3-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00 [ 385.581830][ T6110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 385.583982][ T6098] veth1_vlan: entered promiscuous mode [ 385.661525][ T6110] usb 3-1: config 0 descriptor?? [ 385.752916][ T5250] usb 1-1: Cannot read MAC address [ 385.758869][ T5250] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 385.881161][ T5251] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 385.958979][ T5250] usb 1-1: USB disconnect, device number 5 [ 386.003466][ T5251] usb 4-1: device descriptor read/8, error -71 [ 386.155353][ T6098] veth0_macvtap: entered promiscuous mode [ 386.190306][ T5251] usb usb4-port1: unable to enumerate USB device [ 386.242367][ T8] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 386.282671][ T6098] veth1_macvtap: entered promiscuous mode [ 386.508620][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.519585][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.519717][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.536284][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.543357][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.543572][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.554000][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.561056][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.567929][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.578056][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.585045][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.595552][ T6110] wacom 0003:056A:5000.0003: unknown main item tag 0x0 [ 386.602582][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 386.636671][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.656216][ T6098] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 386.774787][ T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 386.786304][ T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 386.861747][ T6292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 386.871891][ T6292] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 386.937608][ T8] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 386.947836][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 386.956390][ T8] usb 2-1: SerialNumber: syz [ 386.973540][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 386.984403][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 386.994638][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 387.005625][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 387.015903][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 387.026771][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 387.042686][ T6098] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 387.055230][ T6098] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 387.071151][ T6098] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 387.113141][ T6110] wacom 0003:056A:5000.0003: hidraw0: USB HID v0.00 Device [HID 056a:5000] on usb-dummy_hcd.2-1/input0 [ 387.180220][ T6098] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.189888][ T6098] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.199550][ T6098] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.209062][ T6098] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 387.331794][ T6294] loop0: detected capacity change from 0 to 1024 [ 387.821305][ T8] usb 2-1: 0:2 : does not exist [ 388.035633][ T6304] loop1: detected capacity change from 0 to 256 [ 388.159303][ T8] usb 2-1: USB disconnect, device number 7 [ 388.371194][ T6304] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00006005) [ 388.383684][ T6304] FAT-fs (loop1): Filesystem has been set read-only [ 388.444607][ T29] audit: type=1804 audit(1722149901.472:14): pid=6306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.214" name="/newroot/71/file1/bus" dev="loop1" ino=1048612 res=1 errno=0 [ 388.554717][ T6304] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006005) [ 388.791472][ T5421] udevd[5421]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 388.943528][ T3533] hfsplus: b-tree write err: -5, ino 4 [ 389.164097][ T8] usb 3-1: USB disconnect, device number 12 [ 389.969755][ T6322] loop2: detected capacity change from 0 to 256 [ 389.997095][ T6322] exfat: Unknown parameter 'fd' [ 390.670805][ T6329] loop1: detected capacity change from 0 to 64 [ 391.117023][ T6333] loop0: detected capacity change from 0 to 128 [ 392.410379][ T6340] loop3: detected capacity change from 0 to 8 [ 392.501482][ T6340] unable to read inode lookup table [ 392.795888][ T6346] netlink: 40 bytes leftover after parsing attributes in process `syz.0.223'. [ 393.447951][ T6341] loop1: detected capacity change from 0 to 512 [ 393.699329][ T6341] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.221: attempt to clear invalid blocks 2 len 1 [ 393.778885][ T6341] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 393.798060][ T6341] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.221: invalid indirect mapped block 1819239214 (level 0) [ 393.991000][ T6341] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.221: invalid indirect mapped block 1819239214 (level 1) [ 394.052283][ T6357] loop0: detected capacity change from 0 to 256 [ 394.108782][ T6341] EXT4-fs (loop1): 1 truncate cleaned up [ 394.116562][ T6341] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 394.255536][ T6341] EXT4-fs warning (device loop1): dx_probe:833: inode #2: comm syz.1.221: Unrecognised inode hash code 20 [ 394.269222][ T6341] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.221: Corrupt directory, running e2fsck is recommended [ 394.284098][ T6357] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00006005) [ 394.294846][ T6357] FAT-fs (loop0): Filesystem has been set read-only [ 394.426977][ T6357] FAT-fs (loop0): error, invalid access to FAT (entry 0x00006005) [ 394.690629][ T6357] netlink: 20 bytes leftover after parsing attributes in process `syz.0.226'. [ 395.078872][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.163780][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.172021][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 395.411055][ T2515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 395.419247][ T2515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 395.690478][ T6372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.229'. [ 395.820087][ T6379] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 396.033480][ T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 396.187646][ T6378] loop3: detected capacity change from 0 to 2048 [ 396.228858][ T6381] loop4: detected capacity change from 0 to 512 [ 396.297950][ T25] usb 2-1: config 0 has an invalid interface number: 136 but max is 0 [ 396.306759][ T25] usb 2-1: config 0 has no interface number 0 [ 396.361299][ T25] usb 2-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=4d.67 [ 396.371066][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 396.379348][ T25] usb 2-1: Product: syz [ 396.383915][ T25] usb 2-1: Manufacturer: syz [ 396.388801][ T25] usb 2-1: SerialNumber: syz [ 396.457917][ T25] usb 2-1: config 0 descriptor?? [ 396.498494][ T6381] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 396.507441][ T6381] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 396.593586][ T6381] EXT4-fs (loop4): 1 truncate cleaned up [ 396.602178][ T6381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 396.635109][ T5353] Alternate GPT is invalid, using primary GPT. [ 396.643897][ T5353] loop3: p2 p3 p7 [ 396.710485][ T6384] EXT4-fs error (device loop4): ext4_append:79: inode #2: comm syz.4.166: Logical block already allocated [ 396.799577][ T6389] loop2: detected capacity change from 0 to 256 [ 396.818489][ T6378] loop3: unable to read partition table [ 396.834856][ T6378] loop_reread_partitions: partition scan of loop3 () failed (rc=-5) [ 396.852475][ T6389] exfat: Unknown parameter 'fd' [ 397.316938][ T25] usb 2-1: USB disconnect, device number 8 [ 397.350800][ T5391] udevd[5391]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 397.438525][ T5421] udevd[5421]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 397.464167][ T5422] udevd[5422]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory [ 397.505506][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 398.271324][ T25] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 398.544781][ T25] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 398.553682][ T25] usb 4-1: config 0 has no interface number 0 [ 398.560053][ T25] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.571462][ T25] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 398.581688][ T25] usb 4-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00 [ 398.591165][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.636887][ T25] usb 4-1: config 0 descriptor?? [ 399.073450][ T25] hid (null): global environment stack underflow [ 399.111104][ T25] uclogic 0003:5543:0522.0004: global environment stack underflow [ 399.124004][ T25] uclogic 0003:5543:0522.0004: item 0 1 1 11 parsing failed [ 399.144833][ T25] uclogic 0003:5543:0522.0004: parse failed [ 399.151566][ T25] uclogic 0003:5543:0522.0004: probe with driver uclogic failed with error -22 [ 399.335008][ T6394] loop3: detected capacity change from 0 to 512 [ 399.346068][ T6394] ext3: Unknown parameter 'permit_directio' [ 400.241477][ T6406] loop3: detected capacity change from 0 to 8192 [ 400.293209][ T6406] loop3: p4 [ 400.297564][ T6406] loop3: p4 start 16779520 is beyond EOD, truncated [ 400.364559][ T25] usb 4-1: USB disconnect, device number 19 [ 405.374261][ T5203] Bluetooth: hci5: command 0x0406 tx timeout [ 413.548621][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 413.560269][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 425.851373][ T5203] Bluetooth: hci6: command 0x0406 tx timeout [ 430.653605][ T29] audit: type=1326 audit(1722149943.752:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6415 comm="syz.4.243" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f58ad577299 code=0x0 [ 430.728595][ T6412] netlink: 'syz.1.240': attribute type 4 has an invalid length. [ 431.061118][ T29] audit: type=1326 audit(1722149944.102:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.0.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x7fc00000 [ 431.085670][ T29] audit: type=1326 audit(1722149944.152:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.0.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f4705777299 code=0x7fc00000 [ 431.107885][ C1] vkms_vblank_simulate: vblank timer overrun [ 431.644430][ T6429] loop4: detected capacity change from 0 to 256 [ 431.692073][ T5251] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 431.746170][ T6429] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 431.910924][ T5251] usb 4-1: Using ep0 maxpacket: 8 [ 431.968276][ T5251] usb 4-1: config 2 has an invalid interface number: 202 but max is 1 [ 431.977603][ T5251] usb 4-1: config 2 has an invalid descriptor of length 235, skipping remainder of the config [ 431.995161][ T5251] usb 4-1: config 2 has no interface number 1 [ 432.003706][ T5251] usb 4-1: config 2 interface 0 altsetting 3 bulk endpoint 0xD has invalid maxpacket 64 [ 432.014209][ T5251] usb 4-1: config 2 interface 0 altsetting 3 has a duplicate endpoint with address 0x8, skipping [ 432.025361][ T5251] usb 4-1: config 2 interface 0 altsetting 3 endpoint 0xA has invalid maxpacket 44250, setting to 1024 [ 432.036913][ T5251] usb 4-1: config 2 interface 0 altsetting 3 bulk endpoint 0xA has invalid maxpacket 1024 [ 432.047531][ T5251] usb 4-1: config 2 interface 0 altsetting 3 has 4 endpoint descriptors, different from the interface descriptor's value: 8 [ 432.060990][ T5251] usb 4-1: config 2 interface 202 has no altsetting 0 [ 432.068068][ T5251] usb 4-1: config 2 interface 0 has no altsetting 0 [ 432.126430][ T6432] loop1: detected capacity change from 0 to 512 [ 432.176506][ T5251] usb 4-1: string descriptor 0 read error: -22 [ 432.183790][ T5251] usb 4-1: New USB device found, idVendor=1608, idProduct=030c, bcdDevice=9f.bc [ 432.199201][ T5251] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 432.278573][ T6429] loop4: detected capacity change from 0 to 1024 [ 432.309738][ T6432] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 432.318541][ T6432] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 432.323612][ T5251] io_ti 4-1:2.202: required endpoints missing [ 432.342742][ T5251] io_ti 4-1:2.0: required endpoints missing [ 432.450487][ T6429] EXT4-fs (loop4): stripe (205) is not aligned with cluster size (16), stripe is disabled [ 432.492017][ T6432] EXT4-fs (loop1): 1 truncate cleaned up [ 432.503574][ T6432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 432.595725][ T6429] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 432.617648][ T5192] Bluetooth: hci2: unexpected event for opcode 0x1804 [ 432.865439][ T6427] loop3: detected capacity change from 0 to 512 [ 432.922963][ T6427] EXT4-fs: Ignoring removed orlov option [ 433.076110][ T6427] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e02c, mo2=0002] [ 433.147543][ T6427] System zones: 1-12 [ 433.197980][ T6427] EXT4-fs error (device loop3): __ext4_iget:4985: inode #11: block 393240: comm syz.3.244: invalid block [ 433.242754][ T6427] EXT4-fs (loop3): Remounting filesystem read-only [ 433.251858][ T6427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 433.397151][ T29] audit: type=1326 audit(1722149946.442:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.0.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x7fc00000 [ 433.541629][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.555608][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.661964][ T6446] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.244: error -117 reading directory block [ 434.245555][ T6453] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 434.322356][ T6451] loop4: detected capacity change from 0 to 1024 [ 434.519953][ T6448] loop1: detected capacity change from 0 to 1024 [ 435.435110][ T5251] usb 4-1: USB disconnect, device number 20 [ 435.542351][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.929406][ T4229] hfsplus: b-tree write err: -5, ino 4 [ 436.658035][ T5192] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 436.666961][ T5192] Bluetooth: hci2: Injecting HCI hardware error event [ 436.674709][ T5192] Bluetooth: hci2: hardware error 0x00 [ 437.046286][ T6480] macvlan2: entered promiscuous mode [ 437.250288][ T6487] loop1: detected capacity change from 0 to 256 [ 438.021334][ T6493] netlink: 20 bytes leftover after parsing attributes in process `syz.0.257'. [ 438.116512][ T6490] netlink: 'syz.3.256': attribute type 4 has an invalid length. [ 438.671613][ T6496] loop4: detected capacity change from 0 to 512 [ 438.754882][ T5192] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 438.791586][ T6496] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 438.800215][ T6496] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 438.996266][ T6496] EXT4-fs (loop4): 1 truncate cleaned up [ 439.052245][ T6496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 439.643564][ T6509] netlink: 76 bytes leftover after parsing attributes in process `syz.3.260'. [ 439.732276][ T6505] loop1: detected capacity change from 0 to 512 [ 439.866742][ T6505] EXT4-fs: Ignoring removed mblk_io_submit option [ 439.883744][ T6505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 440.094236][ T6505] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:164: inode #15: comm syz.1.259: inline data xattr refers to an external xattr inode [ 440.118516][ T6505] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.259: couldn't read orphan inode 15 (err -117) [ 440.154109][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.346339][ T6505] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 440.585820][ T6519] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 440.751666][ T6525] netlink: 'syz.0.265': attribute type 24 has an invalid length. [ 440.762208][ T6524] loop0: detected capacity change from 0 to 1024 [ 440.812775][ T29] audit: type=1326 audit(1722149953.922:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6500 comm="syz.1.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6dea177299 code=0x7fc00000 [ 440.879212][ T6526] loop4: detected capacity change from 0 to 1024 [ 441.056454][ T29] audit: type=1326 audit(1722149954.092:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6511 comm="syz.2.262" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9bf9d77299 code=0x0 [ 441.447223][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.791429][ T3025] hfsplus: b-tree write err: -5, ino 4 [ 442.783106][ T6546] netlink: 72 bytes leftover after parsing attributes in process `syz.0.269'. [ 442.792545][ T6546] macvlan0: entered allmulticast mode [ 442.798192][ T6546] veth1_vlan: entered allmulticast mode [ 443.215168][ T6549] netlink: 'syz.2.270': attribute type 4 has an invalid length. [ 443.339091][ T6551] netlink: 20 bytes leftover after parsing attributes in process `syz.1.271'. [ 444.205618][ T6559] loop3: detected capacity change from 0 to 512 [ 444.297808][ T6558] loop4: detected capacity change from 0 to 512 [ 444.387903][ T6559] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.274: Parent and EA inode have the same ino 15 [ 444.405358][ T6558] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 444.414099][ T6558] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 444.511417][ T6559] EXT4-fs (loop3): Remounting filesystem read-only [ 444.518303][ T6559] EXT4-fs (loop3): 1 orphan inode deleted [ 444.548615][ T6558] EXT4-fs (loop4): 1 truncate cleaned up [ 444.558253][ T6558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 444.602607][ T6559] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 444.677216][ T6566] loop2: detected capacity change from 0 to 256 [ 444.741899][ T6566] exfat: Unknown parameter 'fd' [ 445.167511][ T6575] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 445.311246][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.205375][ T6556] loop0: detected capacity change from 0 to 8192 [ 446.286888][ T6556] REISERFS warning (device loop0): super-6502 reiserfs_getopt: unknown mount option "" [ 446.416638][ T6580] loop1: detected capacity change from 0 to 1024 [ 447.255553][ T2533] hfsplus: b-tree write err: -5, ino 4 [ 447.711823][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 447.990195][ T6600] bridge0: entered promiscuous mode [ 447.995996][ T6600] macsec1: entered promiscuous mode [ 448.085281][ T6600] bridge0: left promiscuous mode [ 448.293604][ T6605] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 448.585045][ T6607] netlink: 'syz.4.285': attribute type 4 has an invalid length. [ 448.775868][ T6610] netlink: 20 bytes leftover after parsing attributes in process `syz.0.286'. [ 449.666966][ T6617] loop2: detected capacity change from 0 to 512 [ 449.875576][ T6617] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 449.884308][ T6617] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 449.990776][ T29] audit: type=1326 audit(1722149963.122:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6599 comm="syz.1.280" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6dea177299 code=0x0 [ 449.995666][ T6617] EXT4-fs (loop2): 1 truncate cleaned up [ 450.024397][ T6617] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 450.227140][ T29] audit: type=1326 audit(1722149963.322:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6623 comm="syz.4.288" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f58ad577299 code=0x0 [ 450.293368][ T6628] mmap: syz.4.288 (6628) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 450.529099][ T29] audit: type=1326 audit(1722149963.582:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.0.289" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4705777299 code=0x0 [ 450.669606][ T5689] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.672349][ T6628] netlink: 'syz.4.288': attribute type 11 has an invalid length. [ 451.340415][ T6634] loop2: detected capacity change from 0 to 1024 [ 452.095694][ T3025] hfsplus: b-tree write err: -5, ino 4 [ 452.116514][ T6646] loop4: detected capacity change from 0 to 256 [ 452.183801][ T6646] exfat: Unknown parameter 'fd' [ 452.632850][ T6657] sp0: Synchronizing with TNC [ 453.873971][ T5203] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 453.889205][ T5203] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 453.899320][ T5203] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 453.957659][ T5203] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 453.978169][ T5203] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 453.987920][ T5203] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 454.294962][ T6669] loop3: detected capacity change from 0 to 512 [ 454.383637][ T6669] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 454.392472][ T6669] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 454.395461][ T6666] netlink: 'syz.0.299': attribute type 4 has an invalid length. [ 454.579378][ T6669] EXT4-fs (loop3): 1 truncate cleaned up [ 454.587975][ T6669] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.313976][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.011454][ T6663] chnl_net:caif_netlink_parms(): no params data found [ 456.058806][ T6683] netlink: 20 bytes leftover after parsing attributes in process `syz.3.302'. [ 456.090769][ T5203] Bluetooth: hci1: command tx timeout [ 456.593355][ T29] audit: type=1326 audit(1722149969.672:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6678 comm="syz.0.301" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x0 [ 456.753967][ T6691] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 457.115966][ T3533] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.348828][ T3533] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.609909][ T3533] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 457.957901][ T3533] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 458.153829][ T6663] bridge0: port 1(bridge_slave_0) entered blocking state [ 458.165722][ T6663] bridge0: port 1(bridge_slave_0) entered disabled state [ 458.173189][ T5203] Bluetooth: hci1: command tx timeout [ 458.179492][ T6663] bridge_slave_0: entered allmulticast mode [ 458.189169][ T6663] bridge_slave_0: entered promiscuous mode [ 458.350032][ T6663] bridge0: port 2(bridge_slave_1) entered blocking state [ 458.360701][ T6663] bridge0: port 2(bridge_slave_1) entered disabled state [ 458.369553][ T6663] bridge_slave_1: entered allmulticast mode [ 458.392766][ T6663] bridge_slave_1: entered promiscuous mode [ 458.762475][ T3533] bridge_slave_1: left allmulticast mode [ 458.768510][ T3533] bridge_slave_1: left promiscuous mode [ 458.775584][ T3533] bridge0: port 2(bridge_slave_1) entered disabled state [ 458.849190][ T3533] bridge_slave_0: left allmulticast mode [ 458.856396][ T3533] bridge_slave_0: left promiscuous mode [ 458.863386][ T3533] bridge0: port 1(bridge_slave_0) entered disabled state [ 459.832860][ T3533] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 459.972430][ T3533] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 460.034939][ T3533] bond0 (unregistering): Released all slaves [ 460.256047][ T5203] Bluetooth: hci1: command tx timeout [ 460.317856][ T6663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 460.345517][ T6663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 460.507036][ T6736] loop0: detected capacity change from 0 to 128 [ 460.711870][ T6736] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 460.821277][ T6736] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 461.006879][ T6663] team0: Port device team_slave_0 added [ 461.061311][ T6663] team0: Port device team_slave_1 added [ 461.279783][ T6736] overlayfs: upper fs needs to support d_type. [ 461.352826][ T6736] overlayfs: upper fs does not support tmpfile. [ 461.513489][ T6744] loop4: detected capacity change from 0 to 47 [ 461.774912][ T3533] hsr_slave_0: left promiscuous mode [ 461.832270][ T3533] hsr_slave_1: left promiscuous mode [ 461.901480][ T3533] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 461.909280][ T3533] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 461.975878][ T3533] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 461.983851][ T3533] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 462.127165][ T3533] veth1_macvtap: left promiscuous mode [ 462.133253][ T3533] veth0_macvtap: left promiscuous mode [ 462.139233][ T3533] veth1_vlan: left promiscuous mode [ 462.145112][ T3533] veth0_vlan: left promiscuous mode [ 462.358141][ T6749] loop1: detected capacity change from 0 to 512 [ 462.387661][ T5203] Bluetooth: hci1: command tx timeout [ 462.414909][ T6749] EXT4-fs: Ignoring removed oldalloc option [ 462.596492][ T6749] EXT4-fs error (device loop1): ext4_xattr_inode_iget:436: comm syz.1.318: Parent and EA inode have the same ino 15 [ 462.656440][ T6749] EXT4-fs (loop1): Remounting filesystem read-only [ 462.663626][ T6749] EXT4-fs (loop1): 1 orphan inode deleted [ 462.671823][ T6749] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.253851][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.456221][ T3533] team0 (unregistering): Port device team_slave_1 removed [ 463.573611][ T3533] team0 (unregistering): Port device team_slave_0 removed [ 464.148837][ T6663] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 464.157178][ T6663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 464.176211][ T6762] loop4: detected capacity change from 0 to 512 [ 464.183631][ T6663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 464.220875][ T6763] loop1: detected capacity change from 0 to 512 [ 464.299101][ T6663] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 464.306558][ T6663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 464.333437][ T6663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 464.434960][ T5524] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 464.458718][ T6762] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.322: corrupted in-inode xattr: invalid ea_ino [ 464.498977][ T6763] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.512586][ T6763] ext4 filesystem being mounted at /94/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 464.566248][ T6762] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.322: couldn't read orphan inode 15 (err -117) [ 464.617355][ T6764] loop3: detected capacity change from 0 to 512 [ 464.650819][ T6762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 464.761369][ T6764] EXT4-fs (loop3): orphan cleanup on readonly fs [ 464.768237][ T6764] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #4: comm syz.3.321: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 464.887885][ T6764] EXT4-fs error (device loop3): ext4_quota_enable:7025: comm syz.3.321: Bad quota inode: 4, type: 1 [ 464.919304][ T29] audit: type=1800 audit(1722149977.952:25): pid=6770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.320" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 464.940256][ T29] audit: type=1800 audit(1722149977.992:26): pid=6763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.320" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 464.963157][ T29] audit: type=1326 audit(1722149978.012:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.0.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x7ffc0000 [ 464.986381][ T29] audit: type=1326 audit(1722149978.012:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.0.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x7ffc0000 [ 465.008988][ T29] audit: type=1326 audit(1722149978.012:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.0.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f4705777299 code=0x7ffc0000 [ 465.031844][ T29] audit: type=1326 audit(1722149978.012:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6773 comm="syz.0.323" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x7ffc0000 [ 465.059057][ T6764] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 465.145615][ T6764] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 465.154880][ T6764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 465.275832][ T6663] hsr_slave_0: entered promiscuous mode [ 465.332447][ T6663] hsr_slave_1: entered promiscuous mode [ 465.504996][ T5186] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.591923][ T6760] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 465.697856][ T6764] EXT4-fs error (device loop3): ext4_lookup:1815: inode #2: comm syz.3.321: deleted inode referenced: 12 [ 465.957028][ T6760] EXT4-fs warning (device loop3): ext4_multi_mount_protect:332: MMP startup interrupted, failing mount [ 465.957028][ T6760] [ 466.153470][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.638501][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.801184][ T6663] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 467.859600][ T6663] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 468.057733][ T6663] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 468.122207][ T6804] loop4: detected capacity change from 0 to 1024 [ 468.158888][ T6804] EXT4-fs: Ignoring removed nomblk_io_submit option [ 468.188395][ T6663] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 468.201844][ T6804] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 468.436585][ T6804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 468.572213][ T6804] netlink: 20 bytes leftover after parsing attributes in process `syz.4.330'. [ 469.098800][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.407779][ T6814] loop1: detected capacity change from 0 to 1764 [ 469.791332][ T6825] netlink: 'syz.4.336': attribute type 21 has an invalid length. [ 469.799605][ T6825] netlink: 128 bytes leftover after parsing attributes in process `syz.4.336'. [ 470.263434][ T6663] 8021q: adding VLAN 0 to HW filter on device bond0 [ 470.589441][ T6663] 8021q: adding VLAN 0 to HW filter on device team0 [ 470.712129][ T5257] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.719918][ T5257] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.876973][ T5257] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.884898][ T5257] bridge0: port 2(bridge_slave_1) entered forwarding state [ 471.223804][ T6663] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 471.231151][ T6834] loop3: detected capacity change from 0 to 1764 [ 471.235721][ T6663] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 471.803148][ T6853] loop1: detected capacity change from 0 to 256 [ 472.101522][ T6853] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00006005) [ 472.112277][ T6853] FAT-fs (loop1): Filesystem has been set read-only [ 472.144052][ T1064] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 472.215701][ T6853] FAT-fs (loop1): error, invalid access to FAT (entry 0x00006005) [ 472.253217][ T29] audit: type=1804 audit(1722149985.322:31): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.343" name="/newroot/99/file1/bus" dev="loop1" ino=1048620 res=1 errno=0 [ 472.380931][ T1064] usb 1-1: Using ep0 maxpacket: 16 [ 472.405385][ C1] eth0: bad gso: type: 1, size: 1408 [ 472.496858][ T1064] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 472.508704][ T1064] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 24 [ 472.597304][ T1064] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 472.606978][ T1064] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 472.616578][ T1064] usb 1-1: SerialNumber: syz [ 473.099777][ T1064] usb 1-1: USB disconnect, device number 6 [ 473.573717][ T6663] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 473.930265][ T6871] netlink: 'syz.3.348': attribute type 21 has an invalid length. [ 473.940748][ T6871] netlink: 128 bytes leftover after parsing attributes in process `syz.3.348'. [ 473.997225][ T6874] Zero length message leads to an empty skb [ 474.304185][ T6663] veth0_vlan: entered promiscuous mode [ 474.498334][ T6663] veth1_vlan: entered promiscuous mode [ 475.103116][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.109863][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 475.140028][ T6663] veth0_macvtap: entered promiscuous mode [ 475.326598][ T6663] veth1_macvtap: entered promiscuous mode [ 475.528102][ T6883] loop3: detected capacity change from 0 to 1764 [ 475.537920][ T6890] loop0: detected capacity change from 0 to 256 [ 475.589957][ T6883] iso9660: Unknown parameter '01777777777777777777777FPQ3Hju}f?.x]D̊z3Ǖa' `CCC&' [ 475.622286][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.633317][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.644306][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.655172][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.665334][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.676212][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.686358][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.706377][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.724221][ T6663] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 475.859848][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.870917][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.881221][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.892127][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.902443][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.913326][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.927701][ T6663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.939892][ T6663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.955862][ T6663] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.286236][ T6663] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.295759][ T6663] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.305004][ T6663] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.314283][ T6663] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.066481][ T6904] bridge0: entered promiscuous mode [ 477.072419][ T6904] vlan2: entered promiscuous mode [ 477.078518][ T6904] vlan2: entered allmulticast mode [ 477.084123][ T6904] bridge0: entered allmulticast mode [ 477.242425][ T6904] bridge0: left allmulticast mode [ 477.255112][ T6904] bridge0: left promiscuous mode [ 477.662570][ T6910] netlink: 'syz.0.362': attribute type 21 has an invalid length. [ 477.672199][ T6910] netlink: 128 bytes leftover after parsing attributes in process `syz.0.362'. [ 478.583616][ T29] audit: type=1326 audit(1722149991.652:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6918 comm="syz.0.367" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4705777299 code=0x0 [ 479.121091][ T1064] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 479.403416][ T1064] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 479.416712][ T1064] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 479.428599][ T1064] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 479.438247][ T1064] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.506770][ T6932] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 480.149997][ T6932] netlink: 'syz.4.370': attribute type 10 has an invalid length. [ 480.158213][ T6932] netlink: 40 bytes leftover after parsing attributes in process `syz.4.370'. [ 480.176499][ T6932] bridge0: port 3(syz_tun) entered blocking state [ 480.183996][ T6932] bridge0: port 3(syz_tun) entered disabled state [ 480.191385][ T6932] syz_tun: entered allmulticast mode [ 480.200185][ T6932] syz_tun: entered promiscuous mode [ 480.208450][ T6932] bridge0: port 3(syz_tun) entered blocking state [ 480.215833][ T6932] bridge0: port 3(syz_tun) entered forwarding state [ 480.368042][ T1064] aiptek 5-1:17.0: Aiptek using 400 ms programming speed [ 480.381896][ T1064] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input13 [ 480.746396][ T1064] usb 5-1: USB disconnect, device number 3 [ 480.746633][ C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 482.170923][ T5192] Bluetooth: hci3: command 0x0406 tx timeout [ 484.011300][ T8] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 484.258007][ T8] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 484.270023][ T8] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 484.281923][ T8] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 484.291644][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.377838][ T6984] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 484.559772][ T3025] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.568456][ T3025] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 484.856215][ T3403] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 484.865096][ T3403] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 485.156770][ T6984] netlink: 'syz.1.387': attribute type 10 has an invalid length. [ 485.164936][ T6984] netlink: 40 bytes leftover after parsing attributes in process `syz.1.387'. [ 485.177589][ T6984] bridge0: port 3(syz_tun) entered blocking state [ 485.185232][ T6984] bridge0: port 3(syz_tun) entered disabled state [ 485.192566][ T6984] syz_tun: entered allmulticast mode [ 485.201659][ T6984] syz_tun: entered promiscuous mode [ 485.209911][ T6984] bridge0: port 3(syz_tun) entered blocking state [ 485.217335][ T6984] bridge0: port 3(syz_tun) entered forwarding state [ 485.493492][ T8] aiptek 2-1:17.0: Aiptek using 400 ms programming speed [ 485.506015][ T8] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input14 [ 485.907815][ T8] usb 2-1: USB disconnect, device number 9 [ 485.908052][ C0] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 488.460881][ T1064] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 488.695239][ T1064] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 255, changing to 11 [ 488.707192][ T1064] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 59391, setting to 1024 [ 488.723570][ T1064] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00 [ 488.734564][ T1064] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 488.829575][ T7037] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 489.593567][ T7054] netlink: 'syz.0.415': attribute type 21 has an invalid length. [ 489.601850][ T7054] netlink: 128 bytes leftover after parsing attributes in process `syz.0.415'. [ 489.623801][ T7037] netlink: 'syz.1.409': attribute type 10 has an invalid length. [ 489.631906][ T7037] netlink: 40 bytes leftover after parsing attributes in process `syz.1.409'. [ 489.803749][ T1064] aiptek 2-1:17.0: Aiptek using 400 ms programming speed [ 489.879116][ T7056] loop4: detected capacity change from 0 to 128 [ 489.891696][ T1064] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input15 [ 489.972285][ T7056] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 490.118660][ T7056] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 490.378743][ T1064] usb 2-1: USB disconnect, device number 10 [ 490.378994][ C0] aiptek 2-1:17.0: aiptek_irq - usb_submit_urb failed with result -19 [ 490.501053][ T7058] loop3: detected capacity change from 0 to 512 [ 496.480366][ T7088] sched: RT throttling activated [ 497.791777][ T7087] netlink: 'syz.1.428': attribute type 21 has an invalid length. [ 497.799900][ T7087] netlink: 128 bytes leftover after parsing attributes in process `syz.1.428'. [ 498.833641][ T7098] loop0: detected capacity change from 0 to 2048 [ 498.971134][ T7098] loop0: p1 < > p4 [ 498.997270][ T7098] loop0: p4 size 8388608 extends beyond EOD, truncated [ 499.532798][ T4623] loop0: p1 < > p4 [ 499.602439][ T4623] loop0: p4 size 8388608 extends beyond EOD, truncated [ 499.916875][ T7105] bridge0: entered promiscuous mode [ 499.922699][ T7105] vlan2: entered promiscuous mode [ 499.928790][ T7105] vlan2: entered allmulticast mode [ 499.935602][ T7105] bridge0: entered allmulticast mode [ 501.270385][ T6418] udevd[6418]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 501.462506][ T7122] trusted_key: encrypted_key: master key parameter 'user:' is invalid [ 501.543869][ T7121] netlink: 20 bytes leftover after parsing attributes in process `syz.0.439'. [ 501.569211][ T7121] vlan2: entered promiscuous mode [ 501.574971][ T7121] ip6gretap0: entered promiscuous mode [ 501.605283][ T7125] netlink: 'syz.3.442': attribute type 21 has an invalid length. [ 501.613699][ T7125] netlink: 128 bytes leftover after parsing attributes in process `syz.3.442'. [ 501.734197][ T6418] udevd[6418]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 501.837598][ T7127] bridge0: port 3(syz_tun) entered blocking state [ 501.845105][ T7127] bridge0: port 3(syz_tun) entered disabled state [ 501.853893][ T7127] syz_tun: entered allmulticast mode [ 501.863073][ T7127] syz_tun: entered promiscuous mode [ 501.871316][ T7127] bridge0: port 3(syz_tun) entered blocking state [ 501.878470][ T7127] bridge0: port 3(syz_tun) entered forwarding state [ 501.888679][ T7129] loop4: detected capacity change from 0 to 256 [ 503.618933][ T6418] udevd[6418]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 503.704727][ T6727] udevd[6727]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 505.498510][ T7153] netlink: 28 bytes leftover after parsing attributes in process `syz.0.453'. [ 506.288442][ T7157] netlink: 'syz.4.455': attribute type 21 has an invalid length. [ 506.296709][ T7157] netlink: 128 bytes leftover after parsing attributes in process `syz.4.455'. [ 506.779329][ T7159] netlink: 20 bytes leftover after parsing attributes in process `syz.0.456'. [ 507.999416][ T7182] bond0: option ad_select: unable to set because the bond device is up [ 508.301662][ T7186] netlink: 'syz.3.469': attribute type 21 has an invalid length. [ 508.309695][ T7186] netlink: 128 bytes leftover after parsing attributes in process `syz.3.469'. [ 508.682798][ T7192] netlink: 20 bytes leftover after parsing attributes in process `syz.4.472'. [ 508.712597][ T7192] vlan3: entered promiscuous mode [ 508.717933][ T7192] ip6gretap0: entered promiscuous mode [ 509.574455][ T7203] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:ac1e:0004 with DS=0xd [ 509.675431][ T7204] bridge0: entered promiscuous mode [ 509.681180][ T7204] vlan3: entered promiscuous mode [ 509.687319][ T7204] vlan3: entered allmulticast mode [ 509.692981][ T7204] bridge0: entered allmulticast mode [ 510.586110][ T7216] netlink: 'syz.2.483': attribute type 21 has an invalid length. [ 510.594431][ T7216] netlink: 128 bytes leftover after parsing attributes in process `syz.2.483'. [ 510.650126][ T7217] bond0: option ad_select: unable to set because the bond device is up [ 511.063306][ T7221] netlink: 20 bytes leftover after parsing attributes in process `syz.1.486'. [ 511.089185][ T7221] vlan2: entered promiscuous mode [ 511.094735][ T7221] ip6gretap0: entered promiscuous mode [ 511.625508][ T7230] loop3: detected capacity change from 0 to 512 [ 511.703561][ T7230] EXT4-fs: Ignoring removed i_version option [ 511.710315][ T7230] EXT4-fs: Invalid want_extra_isize 0 [ 512.121206][ T7234] loop2: detected capacity change from 0 to 512 [ 512.130336][ T7234] EXT4-fs: Ignoring removed i_version option [ 512.189489][ T7234] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.491: bad orphan inode 1 [ 512.237184][ T7234] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 512.253109][ T7238] bridge0: entered promiscuous mode [ 512.258719][ T7238] vlan3: entered promiscuous mode [ 512.265042][ T7238] vlan3: entered allmulticast mode [ 512.274004][ T7238] bridge0: entered allmulticast mode [ 512.734740][ T6663] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 513.959452][ T7250] netlink: 'syz.2.498': attribute type 21 has an invalid length. [ 513.968025][ T7250] netlink: 128 bytes leftover after parsing attributes in process `syz.2.498'. [ 515.212305][ T7259] netlink: 20 bytes leftover after parsing attributes in process `syz.2.502'. [ 515.581350][ T7263] netlink: 132 bytes leftover after parsing attributes in process `syz.3.503'. [ 519.382439][ T7283] netlink: 'syz.1.510': attribute type 21 has an invalid length. [ 519.390754][ T7283] netlink: 128 bytes leftover after parsing attributes in process `syz.1.510'. [ 520.309941][ T7294] netlink: 20 bytes leftover after parsing attributes in process `syz.2.515'. [ 526.050722][ T7324] netlink: 'syz.2.526': attribute type 21 has an invalid length. [ 526.058754][ T7324] netlink: 128 bytes leftover after parsing attributes in process `syz.2.526'. [ 526.262912][ T5192] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 526.283997][ T5192] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 526.296475][ T5192] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 526.351752][ T5192] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 526.374362][ T5192] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 526.384519][ T5192] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 527.624299][ T7338] netlink: 20 bytes leftover after parsing attributes in process `syz.3.530'. [ 528.433778][ T7325] chnl_net:caif_netlink_parms(): no params data found [ 528.491893][ T5192] Bluetooth: hci4: command tx timeout [ 529.683442][ T4229] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.947877][ T4229] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.267698][ T4229] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.382701][ T7364] netlink: 'syz.3.539': attribute type 21 has an invalid length. [ 530.392676][ T7364] netlink: 128 bytes leftover after parsing attributes in process `syz.3.539'. [ 530.539901][ T4229] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.572382][ T5192] Bluetooth: hci4: command tx timeout [ 530.974756][ T4229] bridge_slave_1: left allmulticast mode [ 530.981303][ T4229] bridge_slave_1: left promiscuous mode [ 530.988056][ T4229] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.060705][ T4229] bridge_slave_0: left allmulticast mode [ 531.066708][ T4229] bridge_slave_0: left promiscuous mode [ 531.074478][ T4229] bridge0: port 1(bridge_slave_0) entered disabled state [ 531.506649][ T7381] loop4: detected capacity change from 0 to 512 [ 531.559062][ T7381] EXT4-fs: Ignoring removed i_version option [ 531.565836][ T7381] EXT4-fs: Invalid want_extra_isize 0 [ 531.576195][ T4229] bridge0: left allmulticast mode [ 531.709703][ T4229] ip6gretap0 (unregistering): left promiscuous mode [ 532.266574][ T4229] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 532.312788][ T4229] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 532.332160][ T4229] bond0 (unregistering): Released all slaves [ 532.495783][ T7382] netlink: 20 bytes leftover after parsing attributes in process `syz.1.544'. [ 532.523482][ T7382] vlan4: entered promiscuous mode [ 532.662106][ T5192] Bluetooth: hci4: command tx timeout [ 532.680973][ T7325] bridge0: port 1(bridge_slave_0) entered blocking state [ 532.688910][ T7325] bridge0: port 1(bridge_slave_0) entered disabled state [ 532.697748][ T7325] bridge_slave_0: entered allmulticast mode [ 532.707367][ T7325] bridge_slave_0: entered promiscuous mode [ 532.930220][ T7325] bridge0: port 2(bridge_slave_1) entered blocking state [ 532.938389][ T7325] bridge0: port 2(bridge_slave_1) entered disabled state [ 532.946594][ T7325] bridge_slave_1: entered allmulticast mode [ 532.960227][ T7325] bridge_slave_1: entered promiscuous mode [ 533.295253][ T7394] netlink: 60 bytes leftover after parsing attributes in process `syz.3.548'. [ 533.350618][ T7394] loop3: detected capacity change from 0 to 1024 [ 533.410636][ T7394] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 533.438771][ T7394] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 533.450095][ T7394] EXT4-fs (loop3): orphan cleanup on readonly fs [ 533.461046][ T7394] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=2 [ 533.476761][ T7394] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 533.492723][ T7394] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 533.536933][ T7394] EXT4-fs (loop3): 1 truncate cleaned up [ 533.546239][ T7394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 533.730010][ T4229] hsr_slave_0: left promiscuous mode [ 533.807869][ T4229] hsr_slave_1: left promiscuous mode [ 533.899179][ T4229] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.907438][ T4229] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 534.097732][ T4229] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 534.106204][ T4229] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 534.128168][ T5190] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 534.221677][ T4229] veth1_macvtap: left promiscuous mode [ 534.227500][ T4229] veth0_macvtap: left promiscuous mode [ 534.233655][ T4229] veth1_vlan: left allmulticast mode [ 534.239199][ T4229] veth1_vlan: left promiscuous mode [ 534.245003][ T4229] veth0_vlan: left promiscuous mode [ 534.842876][ T5192] Bluetooth: hci4: command tx timeout [ 536.261507][ T4229] team0 (unregistering): Port device team_slave_1 removed [ 536.454462][ T4229] team0 (unregistering): Port device team_slave_0 removed [ 536.597103][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 536.603946][ T1243] ieee802154 phy1 wpan1: encryption failed: -22 [ 536.769130][ T7325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 536.817981][ T7401] netlink: 'syz.4.551': attribute type 21 has an invalid length. [ 536.826364][ T7401] netlink: 128 bytes leftover after parsing attributes in process `syz.4.551'. [ 536.871216][ T7325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 537.331873][ T7325] team0: Port device team_slave_0 added [ 537.379851][ T7325] team0: Port device team_slave_1 added [ 537.625786][ T7415] loop1: detected capacity change from 0 to 512 [ 537.662369][ T7325] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 537.674066][ T7325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 537.705905][ T7325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 537.753144][ T7415] EXT4-fs: Ignoring removed i_version option [ 537.759661][ T7415] EXT4-fs: Invalid want_extra_isize 0 [ 537.882823][ T7325] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 537.890344][ T7325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 537.917175][ T7325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 538.605100][ T7425] netlink: 20 bytes leftover after parsing attributes in process `syz.3.558'. [ 538.631103][ T7425] vlan2: entered promiscuous mode [ 538.636431][ T7425] syz_tun: entered promiscuous mode [ 538.724508][ T7325] hsr_slave_0: entered promiscuous mode [ 538.833598][ T7325] hsr_slave_1: entered promiscuous mode [ 538.915181][ T7325] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 538.923473][ T7325] Cannot create hsr debugfs directory [ 539.527159][ T7436] netlink: 60 bytes leftover after parsing attributes in process `syz.4.561'. [ 539.584040][ T7436] loop4: detected capacity change from 0 to 1024 [ 539.618295][ T7436] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 539.668054][ T7436] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 539.677810][ T7436] EXT4-fs (loop4): orphan cleanup on readonly fs [ 539.691491][ T7436] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=2 [ 539.702482][ T7436] EXT4-fs warning (device loop4): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 539.720723][ T7436] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 539.807168][ T7436] EXT4-fs (loop4): 1 truncate cleaned up [ 539.820285][ T7436] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 540.402481][ T6098] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 540.591458][ T1064] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 540.844080][ T1064] usb 3-1: Using ep0 maxpacket: 16 [ 540.848640][ T7445] netlink: 'syz.1.566': attribute type 21 has an invalid length. [ 540.859225][ T7445] netlink: 128 bytes leftover after parsing attributes in process `syz.1.566'. [ 540.864900][ T1064] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 540.881885][ T1064] usb 3-1: New USB device found, idVendor=046d, idProduct=c211, bcdDevice= 0.00 [ 540.891500][ T1064] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 541.021588][ T1064] usb 3-1: config 0 descriptor?? [ 541.077568][ T1064] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 541.600149][ T7325] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 541.663346][ T7325] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 541.743745][ T7325] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 541.851174][ T5241] usb 3-1: USB disconnect, device number 13 [ 541.865569][ T7325] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 542.805065][ T7468] loop1: detected capacity change from 0 to 512 [ 542.832682][ T7468] EXT4-fs: Ignoring removed i_version option [ 542.839159][ T7468] EXT4-fs: Invalid want_extra_isize 0 [ 542.839217][ T7467] netlink: 20 bytes leftover after parsing attributes in process `syz.4.572'. [ 542.856452][ T7467] vlan4: entered promiscuous mode [ 543.724143][ T7325] 8021q: adding VLAN 0 to HW filter on device bond0 [ 544.053314][ T7325] 8021q: adding VLAN 0 to HW filter on device team0 [ 544.165893][ T5257] bridge0: port 1(bridge_slave_0) entered blocking state [ 544.174013][ T5257] bridge0: port 1(bridge_slave_0) entered forwarding state [ 544.253189][ T7482] netlink: 4 bytes leftover after parsing attributes in process `syz.4.575'. [ 544.737616][ T5257] bridge0: port 2(bridge_slave_1) entered blocking state [ 544.745573][ T5257] bridge0: port 2(bridge_slave_1) entered forwarding state [ 544.982894][ T7485] netlink: 'syz.1.577': attribute type 21 has an invalid length. [ 544.991244][ T7485] netlink: 128 bytes leftover after parsing attributes in process `syz.1.577'. [ 545.049466][ T7325] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 545.060627][ T7325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 545.377345][ T7491] input: syz0 as /devices/virtual/input/input16 [ 547.720185][ T7325] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 547.852539][ T7516] netlink: 36 bytes leftover after parsing attributes in process `syz.2.587'. [ 548.386114][ T7523] netlink: 'syz.3.590': attribute type 21 has an invalid length. [ 548.395154][ T7523] netlink: 128 bytes leftover after parsing attributes in process `syz.3.590'. [ 548.506720][ T7325] veth0_vlan: entered promiscuous mode [ 548.746720][ T7325] veth1_vlan: entered promiscuous mode [ 549.297334][ T7325] veth0_macvtap: entered promiscuous mode [ 549.476398][ T7325] veth1_macvtap: entered promiscuous mode [ 549.684603][ T7535] loop3: detected capacity change from 0 to 512 [ 549.732667][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.743891][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.758827][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.771099][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.781397][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.792181][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.802915][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 549.813732][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 549.829772][ T7325] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 549.935405][ T7535] EXT4-fs: Ignoring removed i_version option [ 549.942334][ T7535] EXT4-fs: Invalid want_extra_isize 0 [ 550.623169][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.634166][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.644480][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.655347][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.665592][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.679688][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.692081][ T7325] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 550.703124][ T7325] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 550.718936][ T7325] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 551.676514][ T7325] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.685835][ T7325] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.698579][ T7325] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 551.708571][ T7325] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 555.715969][ T7573] netlink: 'syz.1.601': attribute type 21 has an invalid length. [ 555.724443][ T7573] netlink: 128 bytes leftover after parsing attributes in process `syz.1.601'. [ 556.139997][ T7579] netlink: 36 bytes leftover after parsing attributes in process `syz.2.603'. [ 556.482276][ T7585] syz.1.606 uses obsolete (PF_INET,SOCK_PACKET) [ 556.504629][ T7586] loop4: detected capacity change from 0 to 512 [ 556.643297][ T7586] EXT4-fs: Ignoring removed i_version option [ 556.649808][ T7586] EXT4-fs: Invalid want_extra_isize 0 [ 557.951205][ T7607] 9pnet_fd: Insufficient options for proto=fd [ 559.433106][ T7624] netlink: 'syz.2.615': attribute type 21 has an invalid length. [ 559.441501][ T7624] netlink: 128 bytes leftover after parsing attributes in process `syz.2.615'. [ 562.791238][ T7638] netlink: 36 bytes leftover after parsing attributes in process `syz.1.619'. [ 563.467503][ T7643] loop4: detected capacity change from 0 to 512 [ 563.523849][ T7643] EXT4-fs: Ignoring removed i_version option [ 563.530345][ T7643] EXT4-fs: Invalid want_extra_isize 0 [ 564.717827][ T7660] 9pnet_fd: Insufficient options for proto=fd [ 565.311348][ T7669] netlink: 'syz.1.627': attribute type 21 has an invalid length. [ 565.323924][ T7669] netlink: 128 bytes leftover after parsing attributes in process `syz.1.627'. [ 567.633826][ T4277] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.642514][ T4277] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.091854][ T2515] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 568.100162][ T2515] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 568.370316][ T7693] netlink: 36 bytes leftover after parsing attributes in process `syz.2.633'. [ 568.459178][ T7691] loop3: detected capacity change from 0 to 512 [ 568.553630][ T7691] EXT4-fs: Ignoring removed i_version option [ 568.560091][ T7691] EXT4-fs: Invalid want_extra_isize 0 [ 568.674072][ T7697] 9pnet_fd: Insufficient options for proto=fd [ 569.709109][ T7712] netlink: 'syz.2.640': attribute type 21 has an invalid length. [ 569.724024][ T7712] netlink: 128 bytes leftover after parsing attributes in process `syz.2.640'. [ 570.352618][ T1064] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 570.479937][ T7723] netlink: 20 bytes leftover after parsing attributes in process `syz.2.646'. [ 570.510627][ T7723] vlan2: entered promiscuous mode [ 570.653955][ T1064] usb 4-1: config 0 has no interfaces? [ 570.718131][ T1064] usb 4-1: New USB device found, idVendor=1c9e, idProduct=9801, bcdDevice=25.d8 [ 570.727759][ T1064] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 570.736331][ T1064] usb 4-1: Product: syz [ 570.746568][ T1064] usb 4-1: Manufacturer: syz [ 570.753330][ T1064] usb 4-1: SerialNumber: syz [ 570.813803][ T1064] usb 4-1: config 0 descriptor?? [ 570.968582][ T7728] 9pnet_fd: Insufficient options for proto=fd [ 571.102952][ T5250] usb 4-1: USB disconnect, device number 21 [ 571.398255][ T7735] netlink: 36 bytes leftover after parsing attributes in process `syz.0.650'. [ 571.738787][ T7742] loop1: detected capacity change from 0 to 512 [ 571.827881][ T7742] EXT4-fs: Ignoring removed i_version option [ 571.834861][ T7742] EXT4-fs: Invalid want_extra_isize 0 [ 572.434440][ T7754] netlink: 'syz.2.656': attribute type 21 has an invalid length. [ 572.444298][ T7754] netlink: 128 bytes leftover after parsing attributes in process `syz.2.656'. [ 572.578553][ T7752] vlan3: entered promiscuous mode [ 572.593800][ T7752] vlan3: entered allmulticast mode [ 572.599193][ T7752] syz_tun: entered allmulticast mode [ 572.697970][ T7752] syz_tun: left allmulticast mode [ 572.719352][ T7756] loop0: detected capacity change from 0 to 16 [ 572.809895][ T7756] erofs: (device loop0): mounted with root inode @ nid 36. [ 573.339554][ T7761] netlink: 20 bytes leftover after parsing attributes in process `syz.2.661'. [ 573.598767][ T7764] 9pnet_fd: Insufficient options for proto=fd [ 574.351114][ T8] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 574.629242][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 574.779479][ T8] usb 3-1: New USB device found, idVendor=0921, idProduct=1000, bcdDevice=b9.de [ 574.789171][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 574.797719][ T8] usb 3-1: Product: syz [ 574.802822][ T8] usb 3-1: Manufacturer: syz [ 574.807695][ T8] usb 3-1: SerialNumber: syz [ 574.914446][ T8] usb 3-1: config 0 descriptor?? [ 574.972407][ T8] belkin_sa 3-1:0.0: Belkin / Peracom / GoHubs USB Serial Adapter converter detected [ 574.985898][ T8] usb 3-1: bcdDevice: b9de, bfc: 0 [ 575.079210][ T8] usb 3-1: Belkin / Peracom / GoHubs USB Serial Adapter converter now attached to ttyUSB0 [ 575.482820][ T7784] loop1: detected capacity change from 0 to 512 [ 575.492367][ T7784] EXT4-fs: Ignoring removed i_version option [ 575.498836][ T7784] EXT4-fs: Invalid want_extra_isize 0 [ 575.687167][ T7785] netlink: 36 bytes leftover after parsing attributes in process `syz.4.669'. [ 576.566714][ T8] usb 3-1: USB disconnect, device number 14 [ 576.664767][ T8] belkin ttyUSB0: Belkin / Peracom / GoHubs USB Serial Adapter converter now disconnected from ttyUSB0 [ 576.689363][ T8] belkin_sa 3-1:0.0: device disconnected [ 577.006098][ T7796] netlink: 'syz.1.671': attribute type 21 has an invalid length. [ 577.014569][ T7796] netlink: 128 bytes leftover after parsing attributes in process `syz.1.671'. [ 577.653724][ T7800] netlink: 20 bytes leftover after parsing attributes in process `syz.2.675'. [ 577.735631][ T7803] vlan5: entered promiscuous mode [ 577.752382][ T7803] vlan5: entered allmulticast mode [ 577.906881][ T7805] 9pnet_fd: Insufficient options for proto=fd [ 578.983982][ T7818] netlink: 36 bytes leftover after parsing attributes in process `syz.3.682'. [ 579.159874][ T7821] loop4: detected capacity change from 0 to 512 [ 579.205874][ T7821] EXT4-fs: Ignoring removed i_version option [ 579.213763][ T7821] EXT4-fs: Invalid want_extra_isize 0 [ 579.451017][ T7798] Bluetooth: hci1: command 0x0406 tx timeout [ 579.771531][ T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 579.988015][ T7836] netlink: 'syz.2.686': attribute type 21 has an invalid length. [ 579.996346][ T7836] netlink: 128 bytes leftover after parsing attributes in process `syz.2.686'. [ 580.013583][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 580.136957][ T25] usb 1-1: New USB device found, idVendor=0921, idProduct=1000, bcdDevice=b9.de [ 580.146630][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 580.155298][ T25] usb 1-1: Product: syz [ 580.162492][ T25] usb 1-1: Manufacturer: syz [ 580.168247][ T25] usb 1-1: SerialNumber: syz [ 580.268183][ T25] usb 1-1: config 0 descriptor?? [ 580.311496][ T25] belkin_sa 1-1:0.0: Belkin / Peracom / GoHubs USB Serial Adapter converter detected [ 580.324758][ T25] usb 1-1: bcdDevice: b9de, bfc: 0 [ 580.439465][ T25] usb 1-1: Belkin / Peracom / GoHubs USB Serial Adapter converter now attached to ttyUSB0 [ 580.786682][ T8] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 581.036939][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 581.040169][ T7847] 9pnet_fd: Insufficient options for proto=fd [ 581.109398][ T8] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 581.119508][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 581.128201][ T8] usb 4-1: Product: syz [ 581.132828][ T8] usb 4-1: Manufacturer: syz [ 581.137702][ T8] usb 4-1: SerialNumber: syz [ 581.182914][ T8] usb 4-1: config 0 descriptor?? [ 581.484697][ T25] usb 1-1: USB disconnect, device number 7 [ 581.523829][ T6458] udevd[6458]: setting owner of /dev/ttyUSB0 to uid=0, gid=18 failed: No such file or directory [ 581.581790][ T25] belkin ttyUSB0: Belkin / Peracom / GoHubs USB Serial Adapter converter now disconnected from ttyUSB0 [ 581.597449][ T25] belkin_sa 1-1:0.0: device disconnected [ 581.878011][ T8] peak_usb 4-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 581.888812][ T8] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 581.896391][ T8] peak_usb 4-1:0.0 can0: sending command failure: -22 [ 582.033837][ T8] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -22 [ 582.135619][ T8] usb 4-1: USB disconnect, device number 22 [ 582.179342][ T7851] vlan3: entered promiscuous mode [ 582.185777][ T7851] vlan3: entered allmulticast mode [ 582.188725][ T7853] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 582.199250][ T7853] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 583.471820][ T7868] netlink: 36 bytes leftover after parsing attributes in process `syz.3.697'. [ 583.668619][ T7876] netlink: 'syz.1.700': attribute type 21 has an invalid length. [ 583.676920][ T7876] netlink: 128 bytes leftover after parsing attributes in process `syz.1.700'. [ 583.778845][ T7877] loop0: detected capacity change from 0 to 512 [ 583.790966][ T7879] 9pnet_fd: Insufficient options for proto=fd [ 583.832385][ T7877] EXT4-fs: Ignoring removed i_version option [ 583.838900][ T7877] EXT4-fs: Invalid want_extra_isize 0 [ 584.621707][ T7890] xt_cluster: you have exceeded the maximum number of cluster nodes (2684354560 > 32) [ 585.050996][ T8] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 585.290936][ T8] usb 3-1: Using ep0 maxpacket: 8 [ 585.422443][ T8] usb 3-1: New USB device found, idVendor=0921, idProduct=1000, bcdDevice=b9.de [ 585.432207][ T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 585.440388][ T8] usb 3-1: Product: syz [ 585.444887][ T8] usb 3-1: Manufacturer: syz [ 585.449649][ T8] usb 3-1: SerialNumber: syz [ 585.558281][ T7903] ===================================================== [ 585.566892][ T7903] BUG: KMSAN: uninit-value in tcf_ct_flow_table_get+0x611/0x2260 [ 585.575430][ T7903] tcf_ct_flow_table_get+0x611/0x2260 [ 585.581107][ T7903] tcf_ct_init+0xa67/0x2890 [ 585.585746][ T7903] tcf_action_init_1+0x6cc/0xb30 [ 585.595939][ T7903] tcf_action_init+0x458/0xf00 [ 585.603105][ T7903] tc_ctl_action+0x4be/0x19d0 [ 585.608059][ T7903] rtnetlink_rcv_msg+0x12fc/0x1410 [ 585.614328][ T7903] netlink_rcv_skb+0x375/0x650 [ 585.619229][ T7903] rtnetlink_rcv+0x34/0x40 [ 585.623986][ T7903] netlink_unicast+0xf52/0x1260 [ 585.629073][ T7903] netlink_sendmsg+0x10da/0x11e0 [ 585.634344][ T7903] __sock_sendmsg+0x30f/0x380 [ 585.639177][ T7903] ____sys_sendmsg+0x877/0xb60 [ 585.644223][ T7903] ___sys_sendmsg+0x28d/0x3c0 [ 585.649019][ T7903] __x64_sys_sendmsg+0x307/0x4a0 [ 585.654183][ T7903] x64_sys_call+0x2dd6/0x3c10 [ 585.659000][ T7903] do_syscall_64+0xcd/0x1e0 [ 585.663758][ T7903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.669816][ T7903] [ 585.672316][ T7903] Local variable key created at: [ 585.677336][ T7903] tcf_ct_flow_table_get+0x4a/0x2260 [ 585.682891][ T7903] tcf_ct_init+0xa67/0x2890 [ 585.687565][ T7903] [ 585.695791][ T7903] CPU: 0 UID: 0 PID: 7903 Comm: syz.0.706 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 585.707810][ T7903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 585.718062][ T7903] ===================================================== [ 585.725203][ T7903] Disabling lock debugging due to kernel taint [ 585.731565][ T7903] Kernel panic - not syncing: kmsan.panic set ... [ 585.738070][ T7903] CPU: 0 UID: 0 PID: 7903 Comm: syz.0.706 Tainted: G B 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 585.749950][ T7903] Tainted: [B]=BAD_PAGE [ 585.754168][ T7903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 585.764326][ T7903] Call Trace: [ 585.767685][ T7903] [ 585.770712][ T7903] dump_stack_lvl+0x216/0x2d0 [ 585.775631][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 585.781605][ T7903] dump_stack+0x1e/0x30 [ 585.785907][ T7903] panic+0x4e2/0xcd0 [ 585.789949][ T7903] ? kmsan_get_metadata+0x71/0x1c0 [ 585.795245][ T7903] kmsan_report+0x2c7/0x2d0 [ 585.799908][ T7903] ? pcpu_alloc_area+0x114e/0x12c0 [ 585.805161][ T7903] ? __msan_warning+0x95/0x120 [ 585.810067][ T7903] ? tcf_ct_flow_table_get+0x611/0x2260 [ 585.815753][ T7903] ? tcf_ct_init+0xa67/0x2890 [ 585.820602][ T7903] ? tcf_action_init_1+0x6cc/0xb30 [ 585.825937][ T7903] ? tcf_action_init+0x458/0xf00 [ 585.831040][ T7903] ? tc_ctl_action+0x4be/0x19d0 [ 585.836036][ T7903] ? rtnetlink_rcv_msg+0x12fc/0x1410 [ 585.841631][ T7903] ? netlink_rcv_skb+0x375/0x650 [ 585.846699][ T7903] ? rtnetlink_rcv+0x34/0x40 [ 585.851422][ T7903] ? netlink_unicast+0xf52/0x1260 [ 585.856611][ T7903] ? netlink_sendmsg+0x10da/0x11e0 [ 585.861887][ T7903] ? __sock_sendmsg+0x30f/0x380 [ 585.866887][ T7903] ? ____sys_sendmsg+0x877/0xb60 [ 585.871958][ T7903] ? ___sys_sendmsg+0x28d/0x3c0 [ 585.876960][ T7903] ? __x64_sys_sendmsg+0x307/0x4a0 [ 585.882209][ T7903] ? x64_sys_call+0x2dd6/0x3c10 [ 585.887217][ T7903] ? do_syscall_64+0xcd/0x1e0 [ 585.892052][ T7903] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 585.898300][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.903672][ T7903] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 585.910169][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.915612][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 585.921620][ T7903] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 585.927610][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.933172][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.938561][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 585.944550][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.949913][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 585.955910][ T7903] __msan_warning+0x95/0x120 [ 585.960675][ T7903] tcf_ct_flow_table_get+0x611/0x2260 [ 585.966248][ T7903] ? nf_ct_tmpl_alloc+0xbd/0x2d0 [ 585.971352][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 585.976726][ T7903] tcf_ct_init+0xa67/0x2890 [ 585.981413][ T7903] tcf_action_init_1+0x6cc/0xb30 [ 585.986510][ T7903] ? __pfx_tcf_ct_init+0x10/0x10 [ 585.991597][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 585.997603][ T7903] tcf_action_init+0x458/0xf00 [ 586.002600][ T7903] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 586.009157][ T7903] tc_ctl_action+0x4be/0x19d0 [ 586.013991][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 586.019413][ T7903] ? __pfx_tc_ctl_action+0x10/0x10 [ 586.024686][ T7903] ? __pfx_tc_ctl_action+0x10/0x10 [ 586.029949][ T7903] rtnetlink_rcv_msg+0x12fc/0x1410 [ 586.035201][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 586.040606][ T7903] netlink_rcv_skb+0x375/0x650 [ 586.045528][ T7903] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 586.051140][ T7903] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 586.056389][ T7903] rtnetlink_rcv+0x34/0x40 [ 586.060934][ T7903] netlink_unicast+0xf52/0x1260 [ 586.065961][ T7903] netlink_sendmsg+0x10da/0x11e0 [ 586.071039][ T7903] ? __pfx_netlink_sendmsg+0x10/0x10 [ 586.076452][ T7903] ? __pfx_netlink_sendmsg+0x10/0x10 [ 586.081869][ T7903] __sock_sendmsg+0x30f/0x380 [ 586.086701][ T7903] ____sys_sendmsg+0x877/0xb60 [ 586.091653][ T7903] ___sys_sendmsg+0x28d/0x3c0 [ 586.096543][ T7903] ? __rcu_read_unlock+0x7b/0xe0 [ 586.101680][ T7903] ? __fget_files+0x4fe/0x5d0 [ 586.106576][ T7903] ? kmsan_get_metadata+0x13e/0x1c0 [ 586.111938][ T7903] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 586.117917][ T7903] __x64_sys_sendmsg+0x307/0x4a0 [ 586.123014][ T7903] x64_sys_call+0x2dd6/0x3c10 [ 586.127847][ T7903] do_syscall_64+0xcd/0x1e0 [ 586.132515][ T7903] ? clear_bhb_loop+0x25/0x80 [ 586.137317][ T7903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.143376][ T7903] RIP: 0033:0x7f060e177299 [ 586.147898][ T7903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.167668][ T7903] RSP: 002b:00007f060efdf048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 586.176219][ T7903] RAX: ffffffffffffffda RBX: 00007f060e305f80 RCX: 00007f060e177299 [ 586.184345][ T7903] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003 [ 586.192429][ T7903] RBP: 00007f060e1e48e6 R08: 0000000000000000 R09: 0000000000000000 [ 586.200538][ T7903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 586.208664][ T7903] R13: 000000000000000b R14: 00007f060e305f80 R15: 00007fffefda11d8 [ 586.216759][ T7903] [ 586.220222][ T7903] Kernel Offset: disabled [ 586.224630][ T7903] Rebooting in 86400 seconds..