last executing test programs: 20.149099897s ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5c00000002060104000000000000000000000000050004000000000005000100060000000d000300686173683a6d61630000000005000500000000061400078008001240400000000800084000000000090002"], 0x5c}}, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000}) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@ifindex, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000011004b0426bd7000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001c0012800b00010062726964676500000c0002800500160002000000"], 0x3c}}, 0x0) 20.054698219s ago: executing program 2: getresgid(&(0x7f0000000140), &(0x7f0000000580)=0x0, &(0x7f0000000180)=0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000440)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r1, @ANYBLOB="00006b746769643d0092", @ANYRESOCT, @ANYRES32, @ANYRESOCT=r0], 0x1, 0x1fe, &(0x7f0000000240)="$eJzs28FqE10UB/Azbdpv8nVhF65EccCNq6A+gUEqiAEhkoWuDFQ3rQjpJgpin8e1D+HLuOlCsotMZmibaQuNYzISfz8Y7iH/GTizSM5d3Ly5/f5g/8PRu63PJ5EmWWxEPI5JxG5elZJyTWf1dsxJoo6ftZ4GAH5Lvz/sNt0DyzUadYc3I2LnQjL42khDAAAAAAAAAAAA1LbI+f+NiC/V8//HK+4XAKjP+f/11S7X0ag7vFPs3yqc/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACaM5lOb0zzKy3X8vovItKIaEfE/xHRioj886b7BQDqm0zn5/5V8z8ikogw/wFgDbx89fp5t9fb62dZGvHjeDwYD4q1yJ8+6+09yGZ2z546GY8Hm6f5wyLP5vOt2b4hzx9dmm/H/XtFnmdPXvQq+U7sL//1AeCf1MlOnZvvm+UV0elclufzuajO7Q8q87sVt1orew0AYAFHHz8dDA8P347+eJEs9lS7bOjqe761ltWq4lrF9+SvaENRt0ivc3PDP0zA0p196atJ2kxDAAAAAAAAAAAAAADABav4y1FE3G36PQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC+/AgAA//8VPFFq") r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bf", 0x5d0) sendfile(r2, r3, 0x0, 0xe065) open(0x0, 0x1431c0, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x3d, 0x48) ftruncate(r4, 0x20cf01) 19.760119459s ago: executing program 2: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000240), 0x0, 0x0}) 16.616095279s ago: executing program 2: syz_mount_image$fuse(0x0, &(0x7f0000004d40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000580)='debugfs\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) 15.661387721s ago: executing program 2: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000240), 0x0, 0x0}) 12.407802484s ago: executing program 2: r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x5, 0xf1e8, 0xffff}) r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0xfffffffffffffff1, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000340)={0x3, r2, 0x0, 0x0, 0xb, 0x1ff, 0x1}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0) r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f00000002c0)={0x0, 0x0}) 4.260846759s ago: executing program 1: memfd_create(0x0, 0x0) ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) socket$unix(0x1, 0x0, 0x0) unlinkat$binderfs_device(0xffffffffffffff9c, 0x0) r1 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000000)) close_range(r1, r1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) recvmsg$unix(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) close(r3) ioctl$NS_GET_PARENT(r0, 0x5450, 0x0) 3.76160161s ago: executing program 3: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000002400)) 3.739961951s ago: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000004d40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000580)='debugfs\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) 3.58389402s ago: executing program 3: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000a00)={0x14}, 0x14}}, 0x0) 3.401780113s ago: executing program 3: r0 = openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e05411, 0x0) 3.219001079s ago: executing program 3: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000003c0)={0x1c, &(0x7f0000000240), 0x0, 0x0}) 3.181411244s ago: executing program 1: r0 = io_uring_setup(0x667f, &(0x7f00000001c0)) r1 = dup2(r0, r0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0) 2.839324821s ago: executing program 1: r0 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) dup3(r1, r0, 0x0) ioctl$BINDER_ENABLE_ONEWAY_SPAM_DETECTION(r0, 0x40046210, 0x0) 2.553603859s ago: executing program 1: r0 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NLBL_MGMT_C_REMOVE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r0, 0xd10, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x29}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x20000000) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x38, r0, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}, @NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'NLBL_MGMT\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x40001}, 0x28000840) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ANNOUNCE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r2, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xff}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x20004004) sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, 0x0, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0xc0}, 0x800) r3 = syz_genetlink_get_family_id$nbd(&(0x7f00000004c0), r1) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000005c0)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x60, r3, 0x20, 0x70bd25, 0x0, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '^'}, @NBD_ATTR_BACKEND_IDENTIFIER={0x5, 0xa, '*'}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x8}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x60}, 0x1, 0x0, 0x0, 0x11}, 0x4002800) sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x54, r0, 0x100, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast2}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010102}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xffffffffffffffff}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}]}, 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x2000) r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r1) sendmsg$NLBL_MGMT_C_REMOVE(r1, &(0x7f0000000880)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000840)={&(0x7f00000007c0)={0x50, r4, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_DOMAIN={0xd, 0x1, 'mptcp_pm\x00'}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x90) syz_genetlink_get_family_id$ethtool(&(0x7f00000008c0), 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$team(&(0x7f0000000940), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000980)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000009c0)={'wg1\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000ac0)={'sit0\x00', &(0x7f0000000a00)={'sit0\x00', 0x0, 0x40, 0x0, 0xffffff01, 0x8000, {{0x1c, 0x4, 0x1, 0x9, 0x70, 0x65, 0x0, 0xe0, 0x29, 0x0, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@noop, @noop, @timestamp_addr={0x44, 0x14, 0xc6, 0x1, 0x2, [{@multicast1, 0xfffffffe}, {@dev, 0x8001}]}, @noop, @cipso={0x86, 0x43, 0x3, [{0x1, 0xa, "38b0a398b619f696"}, {0x7, 0xe, "5e7126d2b7a09577d50640c6"}, {0x5, 0x3, "b8"}, {0x1, 0xc, "968cc6a6175b3f2f1156"}, {0x7, 0x8, "f2667784d300"}, {0x7, 0xa, "473828c182daa02c"}, {0x6, 0x4, "36d5"}]}]}}}}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000b80)={'ip6_vti0\x00', &(0x7f0000000b00)={'syztnl1\x00', 0x0, 0x2f, 0x5, 0x8, 0x0, 0x4, @private2, @private0, 0x40, 0x40, 0x8cc, 0x925c}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000c40)={'syztnl1\x00', &(0x7f0000000bc0)={'syztnl0\x00', 0x0, 0x2f, 0x6, 0x0, 0x2, 0x10, @dev={0xfe, 0x80, '\x00', 0x10}, @remote, 0x8000, 0x1, 0x5, 0x7}}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000d00)={'ip6tnl0\x00', &(0x7f0000000c80)={'syztnl1\x00', 0x0, 0x29, 0x1, 0xf3, 0x7, 0x23, @dev={0xfe, 0x80, '\x00', 0x44}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x8000, 0xffff, 0x10001}}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000dc0)={'syztnl0\x00', &(0x7f0000000d40)={'gretap0\x00', 0x0, 0x1, 0x80, 0x7f, 0x8, {{0x18, 0x4, 0x0, 0x19, 0x60, 0x67, 0x0, 0x58, 0x29, 0x0, @private=0xa010100, @multicast1, {[@end, @cipso={0x86, 0x11, 0xffffffffffffffff, [{0x5, 0xb, "b7c1a9c96eb6301a45"}]}, @rr={0x7, 0xb, 0xd0, [@empty, @private=0xa010100]}, @ra={0x94, 0x4, 0x1}, @timestamp={0x44, 0x28, 0xff, 0x0, 0x1, [0x3, 0x7, 0xff, 0x401, 0x6, 0x3f, 0x3, 0x4, 0x0]}, @end]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000e00)={'team0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000ec0)={'ip_vti0\x00', &(0x7f0000000e40)={'syztnl1\x00', 0x0, 0x40, 0x8000, 0x200, 0x7fffffff, {{0x9, 0x4, 0x2, 0x38, 0x24, 0x64, 0x0, 0x4, 0x415d00cac3881aff, 0x0, @broadcast, @empty, {[@lsrr={0x83, 0x7, 0xe5, [@broadcast]}, @timestamp={0x44, 0x8, 0xfb, 0x0, 0x9, [0x7fff]}]}}}}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000f00)={'team0\x00', 0x0}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000fc0)={'gretap0\x00', &(0x7f0000000f40)={'erspan0\x00', 0x0, 0x1, 0x7, 0x80, 0x101, {{0x11, 0x4, 0x0, 0x9, 0x44, 0x66, 0x0, 0x4b, 0x4, 0x0, @multicast2, @multicast2, {[@timestamp_addr={0x44, 0x2c, 0x88, 0x1, 0x0, [{@local, 0x7}, {@rand_addr=0x64010102, 0x2}, {@broadcast}, {@rand_addr=0x64010100, 0x2}, {@multicast2, 0x101}]}, @noop]}}}}}) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000001140)={'syztnl0\x00', &(0x7f0000001000)={'gre0\x00', 0x0, 0x700, 0x700, 0x411, 0x7, {{0x3d, 0x4, 0x0, 0x16, 0xf4, 0x68, 0x0, 0x1c, 0x4, 0x0, @private=0xa010101, @local, {[@noop, @timestamp_prespec={0x44, 0x3c, 0x63, 0x3, 0x7, [{@private=0xa010100, 0x20}, {@remote, 0xf0}, {@loopback, 0x3}, {@empty, 0xff}, {@private=0xa010101}, {@dev={0xac, 0x14, 0x14, 0x1b}, 0x9}, {@broadcast}]}, @cipso={0x86, 0x54, 0x0, [{0x7, 0x2}, {0x0, 0xf, "7c837db5dba8dcfb1d4fcdf616"}, {0x2, 0x7, "4ae31b3553"}, {0x0, 0x11, "57fe8a45ea3de2e7833830993f9421"}, {0x1, 0xd, "cfc9a894ab7b3bbf268647"}, {0x7, 0xf, "ddbba57763233b00e917c2cf34"}, {0x2, 0x9, "da7bc02edbbb2d"}]}, @timestamp_prespec={0x44, 0x1c, 0x39, 0x3, 0x2, [{@broadcast, 0x7bff7705}, {@multicast2, 0x8}, {@remote, 0x3f}]}, @timestamp={0x44, 0xc, 0xe2, 0x0, 0x3, [0x0, 0x1ff]}, @timestamp_addr={0x44, 0xc, 0xda, 0x1, 0x3, [{@dev={0xac, 0x14, 0x14, 0x36}, 0xba788ced}]}, @lsrr={0x83, 0x17, 0x34, [@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @local, @remote]}, @ra={0x94, 0x4, 0x1}]}}}}}) sendmsg$TEAM_CMD_PORT_LIST_GET(0xffffffffffffffff, &(0x7f0000001900)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000018c0)={&(0x7f0000001180)={0x70c, r5, 0x800, 0x70bd2a, 0x25dfdbfe, {}, [{{0x8, 0x1, r6}, {0xf4, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x2}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}, {0x8, 0x6, r7}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff291}}, {0x8}}}]}}, {{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x80000}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xc85}}}]}}, {{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3f}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0x7ff, 0x80, 0x9, 0x6}, {0x5, 0x1, 0x2, 0x401}, {0xe5d6, 0x8, 0x6, 0x1}]}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1000}}, {0x8, 0x6, r11}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r12}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x150, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x5c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x2c, 0x4, [{0x2, 0x20, 0x6, 0x1}, {0x9, 0x3f, 0xfd, 0x4}, {0x401, 0x6, 0xc0, 0xb7}, {0xd437, 0x5d, 0x8, 0x10000}, {0xa45a, 0x7, 0x0, 0x2}]}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r14}}}]}}, {{0x8, 0x1, r15}, {0x1a4, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r17}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xfffffffb}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0xed3}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}]}}]}, 0x70c}, 0x1, 0x0, 0x0, 0x40882}, 0x11) recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000001940)=""/79, 0x4f, 0x2101, &(0x7f00000019c0)=@ieee802154={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0102}}}, 0x80) sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000001bc0)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001ac0)={0x94, r2, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x48, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x5}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x4}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private2}]}, @MPTCP_PM_ATTR_ADDR={0x38, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x4}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x81}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x844}, 0x40805) 2.14053742s ago: executing program 1: r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000d40), 0x0, 0x0) read$hiddev(r1, &(0x7f0000000000)=""/38, 0x26) 1.562520778s ago: executing program 0: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = eventfd2(0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={0x0}}, 0x0) 1.464089342s ago: executing program 4: r0 = openat$vnet(0xffffff9c, &(0x7f0000000200), 0x2, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, 0x0) 1.337525211s ago: executing program 0: getresgid(&(0x7f0000000140), &(0x7f0000000580)=0x0, &(0x7f0000000180)=0x0) syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000440)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r1, @ANYBLOB="00006b746769643d0092", @ANYRESOCT, @ANYRES32, @ANYRESOCT=r0], 0x1, 0x1fe, &(0x7f0000000240)="$eJzs28FqE10UB/Azbdpv8nVhF65EccCNq6A+gUEqiAEhkoWuDFQ3rQjpJgpin8e1D+HLuOlCsotMZmibaQuNYzISfz8Y7iH/GTizSM5d3Ly5/f5g/8PRu63PJ5EmWWxEPI5JxG5elZJyTWf1dsxJoo6ftZ4GAH5Lvz/sNt0DyzUadYc3I2LnQjL42khDAAAAAAAAAAAA1LbI+f+NiC/V8//HK+4XAKjP+f/11S7X0ag7vFPs3yqc/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACaM5lOb0zzKy3X8vovItKIaEfE/xHRioj886b7BQDqm0zn5/5V8z8ikogw/wFgDbx89fp5t9fb62dZGvHjeDwYD4q1yJ8+6+09yGZ2z546GY8Hm6f5wyLP5vOt2b4hzx9dmm/H/XtFnmdPXvQq+U7sL//1AeCf1MlOnZvvm+UV0elclufzuajO7Q8q87sVt1orew0AYAFHHz8dDA8P347+eJEs9lS7bOjqe761ltWq4lrF9+SvaENRt0ivc3PDP0zA0p196atJ2kxDAAAAAAAAAAAAAADABav4y1FE3G36PQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWC+/AgAA//8VPFFq") r2 = open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0) r3 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077f621608d81c12a5f5c6c295d74afd4dd5c051296be0b54c70bf899b347c36bff62f313079983409d7f9cf1242c917985c1b5d0736fe21f8514f63d0369a374c42da40bd5140bc3e602d00c3cb4f8e621863ab47422778d67d72de34753fd72cef80649a1548e4e8dcbcffe4054cc9d8a1f922623a75904cbdaacde768131e587269a4a99d82f7009c1b8ab79aa232a2fd45ad71b603803123f6ba979fa6a87525884b08d721a21400fb1f950b96ead82f408cc4388d3b78fb456616429a520656d5e5a876fd04748498902c86f58d45f4c1b3919eb846a00edf07e7a830bf723e4774f085f15534dd3b5246c0c0970b5ad7bb39b30b156a9430378c5b0aab1261c78d72ac301cd552d5e8dd4b642ec1dc0672745d593bb26d095b5b23576e3cfd6ab580f6e09419d0f0c64250fafaa3759aa1888da48d89c3f7c9454b0b3d0ab40445f5bed4493ef43ab08f31b1345ac4ffd94ad79c9eee53904ed6f572817153190d2e6863f2e39356bb99926419fd314341a536b7e76cae60bf7750a4c29e3f4c7f005530b1d4ee0e25b93b76fcc1108222f0b00de52cf4100e97adfd7b9db1370586ba27e1e183299be00d0df8439c380edf2f79deb441eac59b814b04accdff5e17f02046139f91f0332661676ff506e575f0cb2850bcc9f8666f6d1f69f8f4271cb804a79fccd7016f049d1a494c26a527c437fa0be6d51ec7543d9bd7a2f016194ebe3c99080a6c9b5119863dfe865f8e60cae29f50b67dbfaa0a3c9794d73034485ca1613344c572783db3dfab01b28089c51cda99cefa4c1c881a29e229f04c7e0fd04dc425ae8417852e6e31520c6207e9d4e35285feef2a2cb8a3bceb08a166fa4284a516362621e2c06731a442791f1db063a32cf1f005c914102c7273cb4d7ab1bf567d72f230783d2ea99c43a60e8729132441ee6c5362c33f9b613f84417c3c5549f4e3d9e73c6f83f16c8e57ae22fe5f54515e111fe43ad7c400d214281452bb6141cecad84b23a695f061988d906d03be5d89584634b9e9d9a9b072f8e7cbb47c47719318a2001cafa665dd2c82672d16877ea115bd023fc1975f7c59664bf", 0x5d0) sendfile(r2, r3, 0x0, 0xe065) open(&(0x7f00000001c0)='./bus\x00', 0x1431c0, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x3d, 0x0) ftruncate(r4, 0x20cf01) 1.208426346s ago: executing program 4: r0 = syz_open_dev$mouse(&(0x7f0000000080), 0x0, 0x1) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, 0x0, 0x0) 1.006770794s ago: executing program 4: r0 = io_uring_setup(0x667f, &(0x7f00000001c0)) r1 = dup2(r0, r0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1) io_uring_register$IORING_UNREGISTER_BUFFERS(r1, 0x1, 0x0, 0x0) 790.901317ms ago: executing program 4: r0 = openat$thread_pidfd(0xffffff9c, &(0x7f0000000300), 0x0, 0x0) syncfs(r0) 642.512483ms ago: executing program 4: r0 = openat$rfkill(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$I2C(&(0x7f0000000700), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$I2C_FUNCS(r2, 0x705, &(0x7f0000000780)) 617.608458ms ago: executing program 0: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close(r0) socket$kcm(0x29, 0x2, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x0) 493.499616ms ago: executing program 4: r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1, 0x2}, 0x18) sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000001a40)={0x14}, 0x14}}, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x28}}, 0x0) 378.652299ms ago: executing program 0: r0 = openat2(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x40}, 0x18) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) 285.908532ms ago: executing program 0: syz_mount_image$fuse(0x0, &(0x7f0000004d40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000580)='debugfs\x00', 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents(r3, 0x0, 0x0) 152.195738ms ago: executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_KEY_FLUSH(r0, &(0x7f0000008400)={0x0, 0x0, &(0x7f00000083c0)={0x0}}, 0x0) 125.937585ms ago: executing program 1: r0 = creat(&(0x7f0000000340)='./file0\x00', 0x0) close(r0) openat$loop_ctrl(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$LOOP_CTL_REMOVE(r0, 0x4c82, 0x0) 0s ago: executing program 3: r0 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x4001, 0x8000000, 0x240, 0x0, 0x720d, 0x148, 0x0, 0x148, 0x1a8, 0x240, 0x240, 0x1a8, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @empty, 0x0, 0x0, 'wlan1\x00', 'ip6erspan0\x00'}, 0x0, 0x70, 0xd8}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2a0) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, 0x0) kernel console output (not intermixed with test programs): port 1(bridge_slave_0) entered forwarding state [ 793.466138][T12664] bridge0: port 2(bridge_slave_1) entered blocking state [ 793.473534][T12664] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.490254][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.519010][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.597350][T12907] XFS (loop2): Ending clean mount [ 793.624163][T12914] overlayfs: upper fs does not support tmpfile. [ 793.648591][ T6855] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 793.670514][ T6855] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 793.679604][T12914] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 793.695480][ T29] audit: type=1804 audit(1717040742.207:320): pid=12907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3630437666/syzkaller.AXHstD/0/file0/bus" dev="loop2" ino=1065 res=1 errno=0 [ 793.751657][ T29] audit: type=1804 audit(1717040742.227:321): pid=12907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3630437666/syzkaller.AXHstD/0/file0/bus" dev="loop2" ino=1065 res=1 errno=0 [ 793.796401][T12722] ntfs3: loop3: failed to convert "0000" to cp950 [ 793.818722][T12722] ntfs3: loop3: failed to convert name for inode 1e. [ 793.986203][ T29] audit: type=1804 audit(1717040742.497:322): pid=12907 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3630437666/syzkaller.AXHstD/0/file0/bus" dev="loop2" ino=1065 res=1 errno=0 [ 794.196013][T12751] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 794.950494][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.063884][T12871] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 795.226659][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.446926][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.732885][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 795.769720][ T4489] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 795.808627][ T4489] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 795.821770][ T4489] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 795.832943][ T4489] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 795.843666][ T4489] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 795.853778][ T4489] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 796.442630][ T11] bridge_slave_1: left allmulticast mode [ 796.476812][ T11] bridge_slave_1: left promiscuous mode [ 796.482670][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 796.512630][ T11] bridge_slave_0: left allmulticast mode [ 796.522984][ T11] bridge_slave_0: left promiscuous mode [ 796.557469][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 796.806650][T12945] loop2: detected capacity change from 0 to 32768 [ 796.835200][T12945] XFS: noikeep mount option is deprecated. [ 796.930998][T12945] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 797.115900][T12945] XFS (loop2): Ending clean mount [ 797.140577][T12945] XFS (loop2): Quotacheck needed: Please wait. [ 797.288065][T12945] XFS (loop2): Quotacheck: Done. [ 797.691800][T12751] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 797.990925][ T4489] Bluetooth: hci3: command tx timeout [ 798.489071][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 798.525866][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 798.565337][ T11] bond0 (unregistering): Released all slaves [ 798.607045][ T9440] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 798.765770][T12871] veth0_vlan: entered promiscuous mode [ 798.818865][ T9440] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 798.828714][ T9440] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 798.840028][ T9440] usb 3-1: config 0 descriptor?? [ 798.850150][ T9440] cp210x 3-1:0.0: cp210x converter detected [ 799.053747][T12961] loop2: detected capacity change from 0 to 47 [ 799.062290][T12871] veth1_vlan: entered promiscuous mode [ 799.075999][ T9440] cp210x 3-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 799.096871][ T9440] cp210x 3-1:0.0: querying part number failed [ 799.105550][ T9440] usb 3-1: cp210x converter now attached to ttyUSB0 [ 799.160849][T12942] chnl_net:caif_netlink_parms(): no params data found [ 799.393865][ T11] hsr_slave_0: left promiscuous mode [ 799.411570][ T11] hsr_slave_1: left promiscuous mode [ 799.431914][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 799.444212][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 799.465344][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 799.486939][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 799.571669][ T11] veth1_macvtap: left promiscuous mode [ 799.586958][ T11] veth0_macvtap: left promiscuous mode [ 799.597088][ T11] veth1_vlan: left promiscuous mode [ 799.609443][ T11] veth0_vlan: left promiscuous mode [ 800.056870][ T4489] Bluetooth: hci3: command tx timeout [ 801.342474][ T5217] usb 3-1: USB disconnect, device number 41 [ 801.369187][ T5217] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 801.402084][ T5217] cp210x 3-1:0.0: device disconnected [ 801.507614][T12970] loop2: detected capacity change from 0 to 256 [ 801.531209][T12970] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 801.565550][ T29] audit: type=1804 audit(1717040750.077:323): pid=12970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir3630437666/syzkaller.AXHstD/4/file0/file0" dev="loop2" ino=1048697 res=1 errno=0 [ 801.651745][ T29] audit: type=1804 audit(1717040750.077:324): pid=12970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir3630437666/syzkaller.AXHstD/4/file0/bus" dev="loop2" ino=1048698 res=1 errno=0 [ 801.707850][ T11] team0 (unregistering): Port device team_slave_1 removed [ 801.919461][ T11] team0 (unregistering): Port device team_slave_0 removed [ 802.050242][ T29] audit: type=1326 audit(1717040750.567:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12971 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7d8aa7cee9 code=0x0 [ 802.136833][ T4489] Bluetooth: hci3: command tx timeout [ 803.190945][T12975] loop2: detected capacity change from 0 to 4096 [ 803.346215][T12975] overlayfs: upper fs does not support tmpfile. [ 803.370643][T12975] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 803.475405][T12751] ntfs3: loop2: failed to convert "0000" to cp950 [ 803.494197][T12751] ntfs3: loop2: failed to convert name for inode 1e. [ 803.895999][T12979] loop0: detected capacity change from 0 to 512 [ 803.946410][T12979] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 803.954137][T12979] UDF-fs: Scanning with blocksize 512 failed [ 803.968634][T12979] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 804.004422][T12979] UDF-fs: Scanning with blocksize 1024 failed [ 804.039533][T12979] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 804.058103][T12979] UDF-fs: Scanning with blocksize 2048 failed [ 804.065392][T12979] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 804.093518][T12979] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 804.132704][T12967] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 804.204526][T12967] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 804.226906][ T4489] Bluetooth: hci3: command tx timeout [ 804.391326][T12871] veth0_macvtap: entered promiscuous mode [ 804.683735][T12942] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.725236][T12942] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.764139][T12942] bridge_slave_0: entered allmulticast mode [ 804.795648][T12942] bridge_slave_0: entered promiscuous mode [ 804.834579][T12942] bridge0: port 2(bridge_slave_1) entered blocking state [ 804.870858][T12942] bridge0: port 2(bridge_slave_1) entered disabled state [ 804.901310][T12942] bridge_slave_1: entered allmulticast mode [ 804.968046][T12942] bridge_slave_1: entered promiscuous mode [ 805.009871][T12871] veth1_macvtap: entered promiscuous mode [ 805.262691][T12942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 805.323422][T12942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 805.451626][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 805.476623][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.502059][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 805.527237][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.546965][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 805.568034][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.589191][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 805.620167][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.653460][T12871] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 805.694861][T12942] team0: Port device team_slave_0 added [ 805.730605][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 805.754560][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.787041][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 805.805576][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.837256][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 805.857155][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.886665][T11635] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 805.896883][ T5217] usb 2-1: new high-speed USB device number 41 using dummy_hcd [ 805.899685][T12871] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 805.906899][T11635] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 805.950967][T11635] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 805.968700][T11635] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 805.976381][T12871] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 805.976651][T11635] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 806.009397][T11635] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 806.068615][T12871] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 806.080332][T12942] team0: Port device team_slave_1 added [ 806.184671][T12990] loop0: detected capacity change from 0 to 32768 [ 806.192962][T12871] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.203348][T12990] XFS: noikeep mount option is deprecated. [ 806.208826][ T5217] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 806.214775][T12871] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.227166][ T5217] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 806.235548][T12871] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.244850][T12871] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.253139][ T5217] usb 2-1: config 0 descriptor?? [ 806.269721][ T5217] cp210x 2-1:0.0: cp210x converter detected [ 806.315037][T12990] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 806.382795][T12942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 806.398567][T12990] XFS (loop0): Ending clean mount [ 806.406888][T12942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 806.434100][T12942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 806.439963][T12990] XFS (loop0): Quotacheck needed: Please wait. [ 806.492627][T12942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 806.524196][ T5217] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 806.528313][T12942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 806.532392][ T5217] cp210x 2-1:0.0: querying part number failed [ 806.572380][ T5217] usb 2-1: cp210x converter now attached to ttyUSB0 [ 806.581737][T12942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 806.592541][T12990] XFS (loop0): Quotacheck: Done. [ 806.723351][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 806.909959][T12799] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 806.962406][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 807.119199][T12942] hsr_slave_0: entered promiscuous mode [ 807.128909][T12942] hsr_slave_1: entered promiscuous mode [ 807.344675][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 807.370228][T13007] loop0: detected capacity change from 0 to 256 [ 807.410811][T13007] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 807.460057][ T29] audit: type=1804 audit(1717040755.977:326): pid=13007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1863987677/syzkaller.Dn8Qhi/4/file0/file0" dev="loop0" ino=1048699 res=1 errno=0 [ 807.536209][ T29] audit: type=1804 audit(1717040756.047:327): pid=13007 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1863987677/syzkaller.Dn8Qhi/4/file0/bus" dev="loop0" ino=1048700 res=1 errno=0 [ 807.538339][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 807.733590][T12254] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 807.762739][T12254] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 807.817556][T11635] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 807.828876][T11635] Bluetooth: hci2: Injecting HCI hardware error event [ 807.839453][T11635] Bluetooth: hci2: hardware error 0x00 [ 808.042900][ T29] audit: type=1326 audit(1717040756.557:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13010 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabd8a7cee9 code=0x0 [ 808.070140][T12994] chnl_net:caif_netlink_parms(): no params data found [ 808.086112][ T5166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 808.117180][ T5166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 808.139420][ T4489] Bluetooth: hci1: command tx timeout [ 808.399907][T13014] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 808.419776][ T11] bridge_slave_1: left allmulticast mode [ 808.426981][ T11] bridge_slave_1: left promiscuous mode [ 808.435365][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 808.454978][ T11] bridge_slave_0: left allmulticast mode [ 808.462271][ T11] bridge_slave_0: left promiscuous mode [ 808.468744][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 808.641825][T12649] usb 2-1: USB disconnect, device number 41 [ 808.657595][T12649] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 808.665827][T12649] cp210x 2-1:0.0: device disconnected [ 809.787803][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 809.829978][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 809.855910][ T11] bond0 (unregistering): Released all slaves [ 809.945247][T13015] bridge_slave_1: left allmulticast mode [ 809.955273][T13015] bridge_slave_1: left promiscuous mode [ 809.965953][T13015] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.000331][T11635] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 810.114134][T13027] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 810.139277][T13027] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 810.227358][T11635] Bluetooth: hci1: command tx timeout [ 810.554384][T12994] bridge0: port 1(bridge_slave_0) entered blocking state [ 810.578535][T12994] bridge0: port 1(bridge_slave_0) entered disabled state [ 810.604060][T12994] bridge_slave_0: entered allmulticast mode [ 810.620319][T12994] bridge_slave_0: entered promiscuous mode [ 810.679444][T12994] bridge0: port 2(bridge_slave_1) entered blocking state [ 810.696200][T12994] bridge0: port 2(bridge_slave_1) entered disabled state [ 810.705463][T12994] bridge_slave_1: entered allmulticast mode [ 810.724209][T12994] bridge_slave_1: entered promiscuous mode [ 811.038140][T12994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 811.295013][T12994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 811.649207][ T11] hsr_slave_0: left promiscuous mode [ 811.681456][ T11] hsr_slave_1: left promiscuous mode [ 811.721572][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 811.741436][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 811.761146][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 811.783375][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 811.795612][T13031] loop4: detected capacity change from 0 to 32768 [ 811.845876][ T11] veth1_macvtap: left promiscuous mode [ 811.851674][ T11] veth0_macvtap: left promiscuous mode [ 811.859763][ T11] veth1_vlan: left promiscuous mode [ 811.868844][T13031] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 811.878914][ T11] veth0_vlan: left promiscuous mode [ 811.944692][T13031] XFS (loop4): Ending clean mount [ 812.011215][ T29] audit: type=1804 audit(1717040760.527:329): pid=13031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir313050690/syzkaller.WtDxXe/1/file0/bus" dev="loop4" ino=1065 res=1 errno=0 [ 812.083696][ T29] audit: type=1804 audit(1717040760.527:330): pid=13031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir313050690/syzkaller.WtDxXe/1/file0/bus" dev="loop4" ino=1065 res=1 errno=0 [ 812.297019][T11635] Bluetooth: hci1: command tx timeout [ 812.306872][ T29] audit: type=1804 audit(1717040760.817:331): pid=13031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir313050690/syzkaller.WtDxXe/1/file0/bus" dev="loop4" ino=1065 res=1 errno=0 [ 812.430168][T12871] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 814.219120][ T29] audit: type=1800 audit(1717040762.737:332): pid=13038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 814.380058][T11635] Bluetooth: hci1: command tx timeout [ 814.385850][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.396564][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.418303][ T11] team0 (unregistering): Port device team_slave_1 removed [ 814.506342][ T29] audit: type=1804 audit(1717040763.017:333): pid=13054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/155/file0" dev="sda1" ino=1954 res=1 errno=0 [ 814.580412][ T29] audit: type=1804 audit(1717040763.017:334): pid=13054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/155/bus" dev="sda1" ino=1955 res=1 errno=0 [ 814.712400][ T11] team0 (unregistering): Port device team_slave_0 removed [ 815.047022][ T5171] usb 2-1: new high-speed USB device number 42 using dummy_hcd [ 815.171762][T13052] loop4: detected capacity change from 0 to 32768 [ 815.208989][T13052] XFS: noikeep mount option is deprecated. [ 815.261420][ T5171] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 815.289260][ T5171] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 815.324377][ T5171] usb 2-1: config 0 descriptor?? [ 815.370227][ T5171] cp210x 2-1:0.0: cp210x converter detected [ 815.376828][T13052] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 815.496260][T13052] XFS (loop4): Ending clean mount [ 815.537981][T13052] XFS (loop4): Quotacheck needed: Please wait. [ 815.658883][ T5171] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 815.666441][ T5171] cp210x 2-1:0.0: querying part number failed [ 815.711173][ T5171] usb 2-1: cp210x converter now attached to ttyUSB0 [ 815.780740][T13052] XFS (loop4): Quotacheck: Done. [ 816.009421][T12871] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 816.588887][ T29] audit: type=1326 audit(1717040765.107:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13066 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f270567cee9 code=0x0 [ 816.696473][T12994] team0: Port device team_slave_0 added [ 816.728237][T12994] team0: Port device team_slave_1 added [ 816.848089][T12994] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 816.855101][T12994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 816.899082][T12994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 816.966586][T12994] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 816.984118][T12994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 817.010656][T12994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 817.213446][T12942] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 817.244864][T12994] hsr_slave_0: entered promiscuous mode [ 817.277831][T12994] hsr_slave_1: entered promiscuous mode [ 817.288516][T12994] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 817.297462][T12994] Cannot create hsr debugfs directory [ 817.308071][T12942] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 817.332591][T12942] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 817.495210][T12942] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 817.751525][T12664] usb 2-1: USB disconnect, device number 42 [ 817.776100][T13070] loop4: detected capacity change from 0 to 4096 [ 817.784974][T12664] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 817.821571][T12664] cp210x 2-1:0.0: device disconnected [ 817.987871][T13070] overlayfs: upper fs does not support tmpfile. [ 818.012747][T13070] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 818.086316][T12871] ntfs3: loop4: failed to convert "0000" to cp950 [ 818.102841][T12871] ntfs3: loop4: failed to convert name for inode 1e. [ 818.374214][T12942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 818.445846][T12942] 8021q: adding VLAN 0 to HW filter on device team0 [ 818.490990][ T5171] bridge0: port 1(bridge_slave_0) entered blocking state [ 818.498217][ T5171] bridge0: port 1(bridge_slave_0) entered forwarding state [ 818.524190][ T784] bridge0: port 2(bridge_slave_1) entered blocking state [ 818.531421][ T784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 818.742817][ T11] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 818.965254][T13077] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 818.983405][T13077] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 819.247136][ T11] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.364147][T12942] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 819.443822][ T11] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.475491][T12994] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 819.506397][T12994] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 819.592413][ T11] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 819.628187][T12994] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 819.656048][T12994] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 819.750577][ T4489] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 819.763128][ T4489] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 819.775431][ T4489] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 819.785926][ T4489] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 819.800158][ T4489] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 819.824944][ T4489] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 820.119910][T12942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 820.171322][ T11] bridge_slave_0: left allmulticast mode [ 820.179985][T13093] loop0: detected capacity change from 0 to 256 [ 820.185532][ T11] bridge_slave_0: left promiscuous mode [ 820.197905][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 820.223236][T13093] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 820.252606][ T29] audit: type=1804 audit(1717040768.767:336): pid=13093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1863987677/syzkaller.Dn8Qhi/8/file0/file0" dev="loop0" ino=1048704 res=1 errno=0 [ 820.320705][ T29] audit: type=1804 audit(1717040768.817:337): pid=13093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1863987677/syzkaller.Dn8Qhi/8/file0/bus" dev="loop0" ino=1048705 res=1 errno=0 [ 820.745396][T13095] loop0: detected capacity change from 0 to 1024 [ 820.765424][T13095] ext4: Unknown parameter 'nouser_xattr' [ 821.002838][ T29] audit: type=1326 audit(1717040769.507:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13096 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabd8a7cee9 code=0x0 [ 821.297475][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 821.312494][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 821.331252][ T11] bond0 (unregistering): Released all slaves [ 821.625035][T12994] 8021q: adding VLAN 0 to HW filter on device bond0 [ 821.634866][ T29] audit: type=1800 audit(1717040770.147:339): pid=13085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1953 res=0 errno=0 [ 821.864324][T12994] 8021q: adding VLAN 0 to HW filter on device team0 [ 821.918452][T11635] Bluetooth: hci4: command tx timeout [ 821.964969][ T11] hsr_slave_0: left promiscuous mode [ 821.986564][ T11] hsr_slave_1: left promiscuous mode [ 821.992563][T13103] loop0: detected capacity change from 0 to 4096 [ 822.000778][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 822.018959][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 822.028911][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 822.037876][T12649] usb 2-1: new high-speed USB device number 43 using dummy_hcd [ 822.055217][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 822.132153][T13103] overlayfs: upper fs does not support tmpfile. [ 822.140946][ T11] veth1_macvtap: left promiscuous mode [ 822.156557][ T11] veth0_macvtap: left promiscuous mode [ 822.157573][T13103] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 822.162600][ T11] veth1_vlan: left promiscuous mode [ 822.182448][ T11] veth0_vlan: left promiscuous mode [ 822.220263][T12799] ntfs3: loop0: failed to convert "0000" to cp950 [ 822.228373][T12649] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 822.231188][T12799] ntfs3: loop0: failed to convert name for inode 1e. [ 822.240285][T12649] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 822.282897][T12649] usb 2-1: config 0 descriptor?? [ 822.300241][T12649] cp210x 2-1:0.0: cp210x converter detected [ 822.547397][T12649] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 822.554988][T12649] cp210x 2-1:0.0: querying part number failed [ 822.597250][T12649] usb 2-1: cp210x converter now attached to ttyUSB0 [ 823.472880][ T11] team0 (unregistering): Port device team_slave_1 removed [ 823.561715][ T11] team0 (unregistering): Port device team_slave_0 removed [ 823.977902][T11635] Bluetooth: hci4: command tx timeout [ 824.613575][ T9440] bridge0: port 1(bridge_slave_0) entered blocking state [ 824.620858][ T9440] bridge0: port 1(bridge_slave_0) entered forwarding state [ 824.665789][ T9440] bridge0: port 2(bridge_slave_1) entered blocking state [ 824.673057][ T9440] bridge0: port 2(bridge_slave_1) entered forwarding state [ 824.794708][ T5168] usb 2-1: USB disconnect, device number 43 [ 824.837408][ T5168] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 824.845614][ T5168] cp210x 2-1:0.0: device disconnected [ 825.045159][T12942] veth0_vlan: entered promiscuous mode [ 825.082220][T12942] veth1_vlan: entered promiscuous mode [ 825.173841][T13108] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 825.206259][T13088] chnl_net:caif_netlink_parms(): no params data found [ 825.621720][T12942] veth0_macvtap: entered promiscuous mode [ 825.722443][T12942] veth1_macvtap: entered promiscuous mode [ 825.899530][T13088] bridge0: port 1(bridge_slave_0) entered blocking state [ 825.915877][T13088] bridge0: port 1(bridge_slave_0) entered disabled state [ 825.937084][T13088] bridge_slave_0: entered allmulticast mode [ 825.944713][T13088] bridge_slave_0: entered promiscuous mode [ 825.962052][T13088] bridge0: port 2(bridge_slave_1) entered blocking state [ 825.974741][T13088] bridge0: port 2(bridge_slave_1) entered disabled state [ 826.007488][T13088] bridge_slave_1: entered allmulticast mode [ 826.028177][T13088] bridge_slave_1: entered promiscuous mode [ 826.057882][T11635] Bluetooth: hci4: command tx timeout [ 826.069415][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 826.086657][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.107149][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 826.154215][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.184422][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 826.195253][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.216581][T12942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 826.252168][T13122] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 826.268726][ T4489] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 826.271093][T13122] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 826.283287][ T4489] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 826.304189][ T4489] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 826.325910][ T4489] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 826.337953][ T4489] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 826.345469][ T4489] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 826.413699][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 826.445426][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 826.468772][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.488533][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 826.504890][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.523650][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 826.538208][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 826.557957][T12942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 826.589331][T13088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 826.675274][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 826.711132][T12942] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 826.726302][T12942] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 826.735507][T12942] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 826.752008][T12942] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 826.801191][T13088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 826.891360][T12994] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 826.943441][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 827.014566][T13088] team0: Port device team_slave_0 added [ 827.101929][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 827.119307][T13088] team0: Port device team_slave_1 added [ 827.210355][T13088] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 827.226853][T13088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 827.260319][T13088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 827.302874][T13088] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 827.311751][T13088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 827.337828][T13088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 827.550872][T13088] hsr_slave_0: entered promiscuous mode [ 827.567972][T13088] hsr_slave_1: entered promiscuous mode [ 827.586793][T13088] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 827.595691][T13088] Cannot create hsr debugfs directory [ 827.624131][T12994] veth0_vlan: entered promiscuous mode [ 827.792801][ T29] audit: type=1804 audit(1717040776.307:340): pid=13131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/164/file0" dev="sda1" ino=1947 res=1 errno=0 [ 827.837385][ T29] audit: type=1804 audit(1717040776.347:341): pid=13131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/164/bus" dev="sda1" ino=1948 res=1 errno=0 [ 827.881815][T12994] veth1_vlan: entered promiscuous mode [ 827.889934][ T11] bridge_slave_1: left allmulticast mode [ 827.895647][ T11] bridge_slave_1: left promiscuous mode [ 827.904015][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 827.927908][ T11] bridge_slave_0: left allmulticast mode [ 827.933729][ T11] bridge_slave_0: left promiscuous mode [ 827.947040][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 828.137183][ T4489] Bluetooth: hci4: command tx timeout [ 828.468198][ T4489] Bluetooth: hci2: command tx timeout [ 828.836549][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 828.858113][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 828.872554][ T11] bond0 (unregistering): Released all slaves [ 829.051230][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 829.067979][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 829.439449][ T5171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 829.456831][ T5171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 829.580936][T12994] veth0_macvtap: entered promiscuous mode [ 829.613047][T12994] veth1_macvtap: entered promiscuous mode [ 829.741896][ T11] hsr_slave_0: left promiscuous mode [ 829.754484][ T11] hsr_slave_1: left promiscuous mode [ 829.768244][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 829.779190][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 829.794281][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 829.805522][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 829.864227][ T11] veth1_macvtap: left promiscuous mode [ 829.877116][ T11] veth0_macvtap: left promiscuous mode [ 829.882974][ T11] veth1_vlan: left promiscuous mode [ 829.889681][ T11] veth0_vlan: left promiscuous mode [ 830.039954][ T5171] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 830.277646][ T5171] usb 4-1: no configurations [ 830.282329][ T5171] usb 4-1: can't read configurations, error -22 [ 830.445058][ T29] audit: type=1800 audit(1717040778.957:342): pid=13138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1952 res=0 errno=0 [ 830.467192][ T5171] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 830.537266][ T4489] Bluetooth: hci2: command tx timeout [ 830.702497][ T5171] usb 4-1: no configurations [ 830.713886][ T29] audit: type=1326 audit(1717040779.227:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13143 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 830.724826][ T5171] usb 4-1: can't read configurations, error -22 [ 830.764047][ T5171] usb usb4-port1: attempt power cycle [ 831.217185][ T5171] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 831.258017][ T5171] usb 4-1: no configurations [ 831.263705][ T5171] usb 4-1: can't read configurations, error -22 [ 831.291884][ T11] team0 (unregistering): Port device team_slave_1 removed [ 831.427837][ T11] team0 (unregistering): Port device team_slave_0 removed [ 831.447093][ T5171] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 831.488313][ T5171] usb 4-1: no configurations [ 831.493035][ T5171] usb 4-1: can't read configurations, error -22 [ 831.514412][ T5171] usb usb4-port1: unable to enumerate USB device [ 831.921317][T13147] overlayfs: failed to resolve './file0': -2 [ 832.346842][T12665] usb 2-1: new high-speed USB device number 44 using dummy_hcd [ 832.579981][T12665] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 832.596832][T12665] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 832.617354][ T4489] Bluetooth: hci2: command tx timeout [ 832.642005][T12665] usb 2-1: config 0 descriptor?? [ 832.650240][T12665] cp210x 2-1:0.0: cp210x converter detected [ 832.745559][T13123] chnl_net:caif_netlink_parms(): no params data found [ 832.905312][T12665] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -32 [ 832.925171][T12665] cp210x 2-1:0.0: querying part number failed [ 833.016639][T12665] usb 2-1: cp210x converter now attached to ttyUSB0 [ 833.771279][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 833.808235][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 833.838502][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 833.876295][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 833.906215][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 833.947199][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 834.000756][T12994] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 834.012458][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 834.023700][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 834.035446][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 834.046049][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 834.056212][T12994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 834.068165][T12994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 834.084009][T12994] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 834.121496][T13158] loop3: detected capacity change from 0 to 512 [ 834.170214][T13158] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 834.195726][T13158] UDF-fs: Scanning with blocksize 512 failed [ 834.207645][T12994] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 834.231304][T13158] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 834.245340][T12994] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 834.254423][T13158] UDF-fs: Scanning with blocksize 1024 failed [ 834.263809][T13158] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 834.276461][T12994] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 834.285413][T13158] UDF-fs: Scanning with blocksize 2048 failed [ 834.297912][T12994] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 834.308070][T13158] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 834.358310][T13158] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 834.646359][T13123] bridge0: port 1(bridge_slave_0) entered blocking state [ 834.654005][T13123] bridge0: port 1(bridge_slave_0) entered disabled state [ 834.667694][T13123] bridge_slave_0: entered allmulticast mode [ 834.682948][T13123] bridge_slave_0: entered promiscuous mode [ 834.699339][ T4489] Bluetooth: hci2: command tx timeout [ 834.814886][T13123] bridge0: port 2(bridge_slave_1) entered blocking state [ 834.850939][T13123] bridge0: port 2(bridge_slave_1) entered disabled state [ 834.881309][T13123] bridge_slave_1: entered allmulticast mode [ 834.903813][T13123] bridge_slave_1: entered promiscuous mode [ 835.145515][ T5166] usb 2-1: USB disconnect, device number 44 [ 835.177493][ T5166] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 835.219343][ T5166] cp210x 2-1:0.0: device disconnected [ 835.298880][T13123] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 835.361699][T13164] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 835.384054][T13123] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 835.413784][ T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 835.436832][ T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 835.493679][T13088] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 835.512702][T13088] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 835.629289][T13123] team0: Port device team_slave_0 added [ 835.637265][T13088] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 835.649845][T13170] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 835.662263][T13170] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 835.683005][T13123] team0: Port device team_slave_1 added [ 835.691135][T13088] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 835.692205][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 835.711546][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 835.803366][T13123] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 835.810750][T13123] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 835.837049][T13123] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 835.871443][T13123] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 835.886222][T13123] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 835.912531][T13123] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 836.063868][T13123] hsr_slave_0: entered promiscuous mode [ 836.094870][T13123] hsr_slave_1: entered promiscuous mode [ 836.120936][T13123] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 836.132434][T13123] Cannot create hsr debugfs directory [ 836.475531][T13178] loop3: detected capacity change from 0 to 256 [ 836.538799][T13178] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 836.585554][ T29] audit: type=1804 audit(1717040785.097:344): pid=13178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2312991236/syzkaller.xd3FO1/4/file0/file0" dev="loop3" ino=1048712 res=1 errno=0 [ 836.695457][ T29] audit: type=1804 audit(1717040785.197:345): pid=13178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2312991236/syzkaller.xd3FO1/4/file0/bus" dev="loop3" ino=1048713 res=1 errno=0 [ 836.898975][T13088] 8021q: adding VLAN 0 to HW filter on device bond0 [ 837.029700][T13088] 8021q: adding VLAN 0 to HW filter on device team0 [ 837.133312][ T784] bridge0: port 1(bridge_slave_0) entered blocking state [ 837.140578][ T784] bridge0: port 1(bridge_slave_0) entered forwarding state [ 837.234545][ T784] bridge0: port 2(bridge_slave_1) entered blocking state [ 837.242317][ T784] bridge0: port 2(bridge_slave_1) entered forwarding state [ 837.276954][ T29] audit: type=1326 audit(1717040785.787:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13184 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 837.292718][T13187] loop3: detected capacity change from 0 to 1024 [ 837.341298][T13187] ext4: Unknown parameter 'nouser_xattr' [ 837.405217][T13176] loop2: detected capacity change from 0 to 40427 [ 837.482218][T13176] F2FS-fs (loop2): Found nat_bits in checkpoint [ 837.686387][T13176] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 837.715583][T13123] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 837.750629][T13123] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 837.801258][T13123] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 837.866409][T13123] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 837.874937][T13196] loop3: detected capacity change from 0 to 4096 [ 837.875517][T12994] syz-executor.2: attempt to access beyond end of device [ 837.875517][T12994] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 837.903070][T12994] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 837.921020][T12994] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 837.965929][T13088] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 838.094743][T13196] overlayfs: failed to resolve './file0': -2 [ 838.207542][ T5227] usb 2-1: new high-speed USB device number 45 using dummy_hcd [ 838.325492][T13123] 8021q: adding VLAN 0 to HW filter on device bond0 [ 838.413375][T13123] 8021q: adding VLAN 0 to HW filter on device team0 [ 838.434483][ T5227] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 838.472040][ T5227] usb 2-1: config 0 has no interfaces? [ 838.488050][ T5227] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 838.509967][T12649] bridge0: port 1(bridge_slave_0) entered blocking state [ 838.517286][T12649] bridge0: port 1(bridge_slave_0) entered forwarding state [ 838.539294][ T5227] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 838.562883][ T5227] usb 2-1: config 0 descriptor?? [ 838.572535][ T5172] bridge0: port 2(bridge_slave_1) entered blocking state [ 838.579746][ T5172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 838.831523][T13088] veth0_vlan: entered promiscuous mode [ 838.894532][T13088] veth1_vlan: entered promiscuous mode [ 839.026206][T13088] veth0_macvtap: entered promiscuous mode [ 839.099321][T13088] veth1_macvtap: entered promiscuous mode [ 839.214104][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 839.584106][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 839.799816][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 839.865448][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 839.903938][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 839.944051][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 839.974586][T13220] loop3: detected capacity change from 0 to 512 [ 839.991578][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 840.022646][T13220] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 840.033929][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.056566][T13220] UDF-fs: Scanning with blocksize 512 failed [ 840.066201][T13088] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 840.073957][T13220] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 840.086541][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.097141][T13220] UDF-fs: Scanning with blocksize 1024 failed [ 840.103829][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.116861][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.129148][T13220] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 840.137746][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.147781][T13220] UDF-fs: Scanning with blocksize 2048 failed [ 840.147864][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.177240][T13220] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 840.182616][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.200157][T13088] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 840.213373][T13088] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 840.219825][T13220] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 840.238578][T13088] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 840.381658][T13088] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 840.425788][T13088] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 840.472816][T13088] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 840.519707][T13088] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 840.558842][T13225] bridge_slave_1: left allmulticast mode [ 840.564619][T13225] bridge_slave_1: left promiscuous mode [ 840.607480][T13225] bridge0: port 2(bridge_slave_1) entered disabled state [ 840.953308][T13123] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 841.110949][ T9440] usb 2-1: USB disconnect, device number 45 [ 841.164114][T13233] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 841.180099][T13233] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 841.235936][T12649] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 841.254142][ T29] audit: type=1804 audit(1717040789.767:347): pid=13237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/175/file0" dev="sda1" ino=1949 res=1 errno=0 [ 841.288140][T12649] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 841.305241][ T29] audit: type=1804 audit(1717040789.817:348): pid=13237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/175/bus" dev="sda1" ino=1958 res=1 errno=0 [ 841.401643][T13123] veth0_vlan: entered promiscuous mode [ 841.439679][ T145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 841.460474][ T145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 841.565125][T13123] veth1_vlan: entered promiscuous mode [ 841.664155][T13123] veth0_macvtap: entered promiscuous mode [ 841.702118][T13123] veth1_macvtap: entered promiscuous mode [ 841.793804][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 841.820854][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 841.846102][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 841.867065][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 841.878787][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 841.896539][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 841.926661][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 841.938361][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 841.949967][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 841.962902][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 841.978873][T13123] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 841.996257][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.022992][ T29] audit: type=1326 audit(1717040790.537:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13248 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 842.046348][ C0] vkms_vblank_simulate: vblank timer overrun [ 842.055931][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.068134][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.079253][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.089518][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.100468][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.130506][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.182837][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.201880][T13123] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 842.223646][T13123] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 842.268339][T13123] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 842.355855][T13123] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.379677][T13123] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.403366][T13123] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.433171][T13123] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 842.653774][T13255] loop2: detected capacity change from 0 to 4096 [ 842.734032][ T2421] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 842.768233][ T2421] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 842.893483][ T5168] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 842.915208][T13255] overlayfs: failed to resolve './file0': -2 [ 842.919330][ T5168] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 842.987185][T13245] loop4: detected capacity change from 0 to 32768 [ 843.051798][T13245] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 843.190808][T13245] XFS (loop4): Ending clean mount [ 843.315472][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 844.340657][T13252] loop3: detected capacity change from 0 to 40427 [ 844.533914][T13252] F2FS-fs (loop3): Found nat_bits in checkpoint [ 844.584884][T13277] loop2: detected capacity change from 0 to 512 [ 844.634018][T13277] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 844.654314][T13277] UDF-fs: Scanning with blocksize 512 failed [ 844.704256][T13277] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 844.729945][T13277] UDF-fs: Scanning with blocksize 1024 failed [ 844.760740][T13252] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 844.763056][T13277] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 844.794539][T13277] UDF-fs: Scanning with blocksize 2048 failed [ 844.810694][T13277] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 844.834192][T13277] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 844.851863][T13283] bridge_slave_1: left allmulticast mode [ 844.861404][T13283] bridge_slave_1: left promiscuous mode [ 844.877307][T13283] bridge0: port 2(bridge_slave_1) entered disabled state [ 844.918855][ T5168] usb 2-1: new high-speed USB device number 46 using dummy_hcd [ 845.068015][T12942] syz-executor.3: attempt to access beyond end of device [ 845.068015][T12942] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 845.151153][T12942] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 845.156364][ T5168] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 845.160878][T12942] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 845.180801][ T5168] usb 2-1: config 0 has no interfaces? [ 845.186440][ T5168] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 845.205690][ T5168] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 845.233361][ T5168] usb 2-1: config 0 descriptor?? [ 845.732031][T13265] loop0: detected capacity change from 0 to 32768 [ 845.761566][T13265] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (13265) [ 845.818982][T13265] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 845.848539][T13265] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 845.870376][T13265] BTRFS info (device loop0): using free-space-tree [ 846.142045][T11635] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 846.151771][T13123] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 846.167090][T11635] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 846.179834][T11635] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 846.195027][T11635] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 846.211618][T11635] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 846.220866][T11635] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 847.062872][T13317] loop2: detected capacity change from 0 to 4096 [ 847.108646][ T2421] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 847.272995][T13323] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 847.302198][T13323] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 847.374982][T13317] overlayfs: failed to resolve './file1': -2 [ 847.417087][ T2421] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 847.564187][ T2421] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 847.679780][ T29] audit: type=1326 audit(1717040796.197:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13326 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdae427cee9 code=0x0 [ 847.848686][ T2421] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 847.868484][ T9440] usb 2-1: USB disconnect, device number 46 [ 848.274494][T13312] chnl_net:caif_netlink_parms(): no params data found [ 848.299741][ T4489] Bluetooth: hci6: command tx timeout [ 848.386326][ T2421] bridge_slave_1: left allmulticast mode [ 848.405977][ T2421] bridge_slave_1: left promiscuous mode [ 848.425780][ T2421] bridge0: port 2(bridge_slave_1) entered disabled state [ 848.548004][ T2421] bridge_slave_0: left allmulticast mode [ 848.565630][ T2421] bridge_slave_0: left promiscuous mode [ 848.589295][ T2421] bridge0: port 1(bridge_slave_0) entered disabled state [ 848.933709][T13344] loop0: detected capacity change from 0 to 512 [ 848.966503][T13344] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 848.982696][T13344] UDF-fs: Scanning with blocksize 512 failed [ 849.001577][T13344] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 849.010455][T13344] UDF-fs: Scanning with blocksize 1024 failed [ 849.022730][T13331] loop4: detected capacity change from 0 to 32768 [ 849.029727][T13344] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 849.045885][T13344] UDF-fs: Scanning with blocksize 2048 failed [ 849.055953][T13344] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 849.082166][T13344] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 849.125587][T13331] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 849.421056][T13331] XFS (loop4): Ending clean mount [ 849.554472][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 850.342609][ T2421] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 850.369013][ T2421] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 850.380793][ T4489] Bluetooth: hci6: command tx timeout [ 850.403354][ T2421] bond0 (unregistering): Released all slaves [ 850.419496][T13360] overlayfs: failed to resolve './file1': -2 [ 850.920010][T13369] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 850.935148][T13369] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 850.999866][T13312] bridge0: port 1(bridge_slave_0) entered blocking state [ 851.037664][T13312] bridge0: port 1(bridge_slave_0) entered disabled state [ 851.055299][T13312] bridge_slave_0: entered allmulticast mode [ 851.077736][T13312] bridge_slave_0: entered promiscuous mode [ 851.273863][T13312] bridge0: port 2(bridge_slave_1) entered blocking state [ 851.308972][T13312] bridge0: port 2(bridge_slave_1) entered disabled state [ 851.322186][T13312] bridge_slave_1: entered allmulticast mode [ 851.347761][T13312] bridge_slave_1: entered promiscuous mode [ 851.387199][ T784] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 851.462605][T13312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 851.483235][ T29] audit: type=1326 audit(1717040799.997:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13376 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff84727cee9 code=0x0 [ 851.529290][T13312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 851.571893][ T784] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 851.583867][ T784] usb 1-1: config 0 has no interfaces? [ 851.586190][ T2421] hsr_slave_0: left promiscuous mode [ 851.589976][ T784] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 851.590021][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 851.608245][ T784] usb 1-1: config 0 descriptor?? [ 851.675577][ T2421] hsr_slave_1: left promiscuous mode [ 851.697133][ T2421] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 851.704623][ T2421] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 851.723701][ T2421] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 851.745698][ T2421] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 851.815163][ T2421] veth1_macvtap: left promiscuous mode [ 851.844513][ T2421] veth0_macvtap: left promiscuous mode [ 851.861485][ T2421] veth1_vlan: left promiscuous mode [ 851.878915][ T2421] veth0_vlan: left promiscuous mode [ 852.476783][ T4489] Bluetooth: hci6: command tx timeout [ 852.857542][T13381] loop2: detected capacity change from 0 to 32768 [ 852.951134][T13381] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 853.207520][T13381] XFS (loop2): Ending clean mount [ 853.210882][T13384] loop4: detected capacity change from 0 to 32768 [ 853.225287][T13381] XFS (loop2): Quotacheck needed: Please wait. [ 853.293058][T13384] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 853.415224][T13381] XFS (loop2): Quotacheck: Done. [ 853.474885][T13384] XFS (loop4): Ending clean mount [ 853.640491][T12994] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 853.686421][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 854.174909][ T784] usb 1-1: USB disconnect, device number 29 [ 854.326880][ T29] audit: type=1326 audit(1717040802.817:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13408 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd788c7cee9 code=0x0 [ 854.495150][T13413] loop2: detected capacity change from 0 to 512 [ 854.527309][T13413] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 854.535239][T13413] UDF-fs: Scanning with blocksize 512 failed [ 854.541966][ T4489] Bluetooth: hci6: command tx timeout [ 854.578134][T13413] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 854.605642][T13411] loop4: detected capacity change from 0 to 4096 [ 854.613432][ T2421] team0 (unregistering): Port device team_slave_1 removed [ 854.632964][T13413] UDF-fs: Scanning with blocksize 1024 failed [ 854.685972][T13413] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found [ 854.713109][T13413] UDF-fs: Scanning with blocksize 2048 failed [ 854.748034][T13413] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 854.767317][T13411] overlayfs: failed to resolve './file1': -2 [ 854.786670][T13413] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 855.037662][ T2421] team0 (unregistering): Port device team_slave_0 removed [ 855.520913][ T29] audit: type=1326 audit(1717040804.037:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13424 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd788c7cee9 code=0x0 [ 856.169909][T13433] loop4: detected capacity change from 0 to 256 [ 856.274927][T13433] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.4'. [ 856.849716][T13428] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 856.874277][T13428] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 857.024667][T13312] team0: Port device team_slave_0 added [ 857.027280][T12649] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 857.058165][T13312] team0: Port device team_slave_1 added [ 857.153707][T13312] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 857.184128][T13312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 857.250536][T12649] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 857.263194][T13312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 857.278036][T13312] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 857.285042][T13312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 857.305522][T12649] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 857.384167][T12649] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 857.403550][T13312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 857.411440][T12649] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 857.486607][T12649] usb 5-1: config 0 descriptor?? [ 857.746275][T13435] loop0: detected capacity change from 0 to 32768 [ 857.762072][T13312] hsr_slave_0: entered promiscuous mode [ 857.790946][T13312] hsr_slave_1: entered promiscuous mode [ 857.815383][T13435] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 857.935816][T13435] XFS (loop0): Ending clean mount [ 857.972673][ T29] audit: type=1326 audit(1717040806.487:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13451 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 858.389417][T13123] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 858.873616][T13312] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 858.893587][T13312] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 858.933345][T13312] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 858.950985][T13312] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 859.166648][ T29] audit: type=1326 audit(1717040807.677:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdae427cee9 code=0x0 [ 859.178967][T13312] 8021q: adding VLAN 0 to HW filter on device bond0 [ 859.222682][T13312] 8021q: adding VLAN 0 to HW filter on device team0 [ 859.241881][T12649] bridge0: port 1(bridge_slave_0) entered blocking state [ 859.249169][T12649] bridge0: port 1(bridge_slave_0) entered forwarding state [ 859.272827][ T5171] bridge0: port 2(bridge_slave_1) entered blocking state [ 859.280063][ T5171] bridge0: port 2(bridge_slave_1) entered forwarding state [ 859.761555][ T9440] usb 5-1: USB disconnect, device number 29 [ 859.842923][T13312] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 860.018590][T13312] veth0_vlan: entered promiscuous mode [ 860.079762][T13312] veth1_vlan: entered promiscuous mode [ 860.122709][T13476] loop4: detected capacity change from 0 to 4096 [ 860.163546][T13312] veth0_macvtap: entered promiscuous mode [ 860.200750][T13480] loop0: detected capacity change from 0 to 512 [ 860.202813][T13312] veth1_macvtap: entered promiscuous mode [ 860.242206][T13480] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 860.271653][T13480] UDF-fs: Scanning with blocksize 512 failed [ 860.279506][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.303226][T13480] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 860.314277][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.323543][T13480] UDF-fs: Scanning with blocksize 1024 failed [ 860.328701][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.352821][T13476] overlayfs: failed to resolve './file1': -2 [ 860.359157][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.366051][T13480] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found [ 860.387675][T13480] UDF-fs: Scanning with blocksize 2048 failed [ 860.402159][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.418593][T13480] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 860.420950][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.438278][T13480] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 860.449323][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.461309][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.471629][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 860.482749][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.495389][T13312] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 860.505185][T13485] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 860.523573][T13485] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 860.623561][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.660497][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.706923][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.726972][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.744782][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.765117][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.783916][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.808405][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.826817][T13312] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 860.850966][T13312] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 860.881369][T13312] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 860.926142][T13312] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.058685][T13312] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.097366][T13312] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.106393][T13312] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 861.405165][ T5172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 861.458739][ T5172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 861.547000][ T5172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 861.570941][ T5172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 862.381830][T13502] loop3: detected capacity change from 0 to 256 [ 862.454245][T13502] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 862.495698][ T29] audit: type=1804 audit(1717040811.007:356): pid=13502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1902758240/syzkaller.tkeOtE/0/file0/file0" dev="loop3" ino=1048748 res=1 errno=0 [ 862.574782][ T29] audit: type=1804 audit(1717040811.087:357): pid=13502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir1902758240/syzkaller.tkeOtE/0/file0/bus" dev="loop3" ino=1048749 res=1 errno=0 [ 862.645934][T13494] loop0: detected capacity change from 0 to 32768 [ 862.703417][T13494] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 862.881767][T13494] XFS (loop0): Ending clean mount [ 862.918709][T13492] loop4: detected capacity change from 0 to 32768 [ 862.927156][T13492] XFS: noikeep mount option is deprecated. [ 863.034841][T13492] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 863.159179][T13492] XFS (loop4): Ending clean mount [ 863.177252][T13492] XFS (loop4): Quotacheck needed: Please wait. [ 863.344714][T13123] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 863.354649][T13492] XFS (loop4): Quotacheck: Done. [ 863.407052][T12649] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 863.557173][ T29] audit: type=1326 audit(1717040812.067:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13521 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 863.632243][T12649] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 863.645796][T12649] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 863.687281][T12649] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 863.722834][T12649] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 863.741872][T12649] usb 4-1: config 0 descriptor?? [ 863.866602][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 865.322613][T13547] ALSA: seq fatal error: cannot create timer (-22) [ 865.407322][T13545] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 865.429529][T13545] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 865.979237][T13535] loop0: detected capacity change from 0 to 32768 [ 865.994193][T13535] XFS: noikeep mount option is deprecated. [ 866.039029][T13535] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 866.181834][T13535] XFS (loop0): Ending clean mount [ 866.192947][ T5168] usb 4-1: USB disconnect, device number 34 [ 866.202252][T13562] loop4: detected capacity change from 0 to 256 [ 866.233429][T13535] XFS (loop0): Quotacheck needed: Please wait. [ 866.249173][T13562] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 866.283378][ T29] audit: type=1804 audit(1717040814.797:359): pid=13562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/16/file0/file0" dev="loop4" ino=1048750 res=1 errno=0 [ 866.356557][ T29] audit: type=1804 audit(1717040814.797:360): pid=13562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/16/file0/bus" dev="loop4" ino=1048751 res=1 errno=0 [ 866.427131][T13535] XFS (loop0): Quotacheck: Done. [ 866.815844][T13123] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 867.759153][T13564] loop3: detected capacity change from 0 to 32768 [ 867.767730][T13566] loop2: detected capacity change from 0 to 32768 [ 867.784720][T13566] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (13566) [ 867.787955][T13572] loop0: detected capacity change from 0 to 4096 [ 867.821236][T13566] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 867.831755][T13566] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 867.841214][T13566] BTRFS info (device loop2): using free-space-tree [ 867.911677][T13564] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 868.057156][T13564] XFS (loop3): Ending clean mount [ 868.127982][T12994] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 868.175061][T13572] overlayfs: failed to resolve './file1': -2 [ 868.742356][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 868.814580][ T29] audit: type=1326 audit(1717040817.327:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13598 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd788c7cee9 code=0x0 [ 869.178273][ T4489] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 869.188481][ T4489] Bluetooth: hci1: Injecting HCI hardware error event [ 869.206995][ T4489] Bluetooth: hci1: hardware error 0x00 [ 869.757435][T13608] ALSA: seq fatal error: cannot create timer (-22) [ 870.367072][T13621] loop4: detected capacity change from 0 to 256 [ 870.377191][ T5227] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 870.411303][T13621] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 870.473315][ T29] audit: type=1804 audit(1717040818.987:362): pid=13621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/18/file0/file0" dev="loop4" ino=1048752 res=1 errno=0 [ 870.480947][T13622] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 870.539850][T13622] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 870.589264][ T29] audit: type=1804 audit(1717040819.037:363): pid=13621 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/18/file0/bus" dev="loop4" ino=1048753 res=1 errno=0 [ 870.630426][ T5227] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 870.656036][ T5227] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 870.690342][ T5227] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 870.718468][T13624] loop2: detected capacity change from 0 to 4096 [ 870.733890][ T5227] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 870.746837][ T5227] usb 1-1: config 0 descriptor?? [ 870.904973][T13624] overlayfs: failed to resolve './file1': -2 [ 871.506840][ T4489] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 872.367819][T13643] Cannot find add_set index 0 as target [ 872.513077][T13646] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 872.837825][ T29] audit: type=1326 audit(1717040821.337:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13647 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 872.915270][T13627] loop4: detected capacity change from 0 to 32768 [ 872.959094][T13627] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (13627) [ 873.008202][T13627] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 873.027378][T13627] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 873.069982][T13627] BTRFS info (device loop4): using free-space-tree [ 873.157452][ T5227] usb 1-1: USB disconnect, device number 30 [ 873.278873][T13633] loop3: detected capacity change from 0 to 32768 [ 873.356434][T13633] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 873.377361][T13088] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 873.613135][T13633] XFS (loop3): Ending clean mount [ 873.959908][T13687] loop4: detected capacity change from 0 to 256 [ 873.997023][T13687] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 874.039036][ T29] audit: type=1804 audit(1717040822.557:365): pid=13687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/20/file0/file0" dev="loop4" ino=1048754 res=1 errno=0 [ 874.108629][ T29] audit: type=1804 audit(1717040822.597:366): pid=13687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/20/file0/bus" dev="loop4" ino=1048755 res=1 errno=0 [ 874.141566][ T4489] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0 [ 874.150909][ T4489] Bluetooth: hci6: Injecting HCI hardware error event [ 874.164220][ T4489] Bluetooth: hci6: hardware error 0x00 [ 874.305542][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 874.467938][T13698] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 874.511693][T13698] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 875.821841][ T1247] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.831410][ T1247] ieee802154 phy1 wpan1: encryption failed: -22 [ 876.327709][ T4489] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 876.662233][ T29] audit: type=1326 audit(1717040825.177:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13716 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 876.697100][ T784] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 876.930143][ T784] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 876.953482][ T784] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 876.983847][ T784] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 877.005412][T13700] loop3: detected capacity change from 0 to 40427 [ 877.024947][ T784] usb 1-1: config 0 descriptor?? [ 877.041565][T13700] F2FS-fs (loop3): Invalid log sectorsize (2) [ 877.050122][T13700] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 877.089420][T13700] F2FS-fs (loop3): Found nat_bits in checkpoint [ 877.301389][T13700] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 877.321293][T13700] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 877.432903][T13312] syz-executor.3: attempt to access beyond end of device [ 877.432903][T13312] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 877.467287][T13312] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 877.507396][T13713] loop2: detected capacity change from 0 to 32768 [ 877.513168][T13706] loop4: detected capacity change from 0 to 32768 [ 877.539292][T13713] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (13713) [ 877.605416][T13713] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 877.608277][T13706] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 877.638981][T13713] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 877.671887][T13713] BTRFS info (device loop2): using free-space-tree [ 877.870766][T13706] XFS (loop4): Ending clean mount [ 877.921054][T13706] XFS (loop4): Quotacheck needed: Please wait. [ 878.000799][T12994] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 878.056789][T13706] XFS (loop4): Quotacheck: Done. [ 878.386038][T13088] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 878.431316][T13753] bridge_slave_1: left allmulticast mode [ 878.507241][T13753] bridge_slave_1: left promiscuous mode [ 878.514037][T13753] bridge0: port 2(bridge_slave_1) entered disabled state [ 878.715123][ T784] usb 1-1: USB disconnect, device number 31 [ 879.014132][T13767] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 879.033375][T13767] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 879.151726][T13769] loop4: detected capacity change from 0 to 256 [ 879.192036][T13769] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 879.303046][ T29] audit: type=1804 audit(1717040827.817:368): pid=13769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/23/file0/file0" dev="loop4" ino=1048756 res=1 errno=0 [ 879.373416][ T29] audit: type=1804 audit(1717040827.867:369): pid=13769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/23/file0/bus" dev="loop4" ino=1048757 res=1 errno=0 [ 879.417215][ T4489] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 879.427074][ T4489] Bluetooth: hci2: Injecting HCI hardware error event [ 879.440884][T11635] Bluetooth: hci2: hardware error 0x00 [ 880.463241][T13778] loop0: detected capacity change from 0 to 128 [ 880.918210][T13778] Process accounting resumed [ 881.228194][T13756] loop2: detected capacity change from 0 to 32768 [ 881.383649][ T29] audit: type=1326 audit(1717040829.887:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13780 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 881.500294][T13756] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 881.593668][T11635] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 881.669649][T13756] XFS (loop2): Ending clean mount [ 881.707097][T13799] loop0: detected capacity change from 0 to 512 [ 881.724799][T13799] EXT4-fs (loop0): Invalid log block size: 8388352 [ 881.752765][T12994] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 882.356982][T12665] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 882.564002][T12665] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 882.591974][T12665] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 882.605804][T12665] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 882.627850][T12665] usb 1-1: config 0 descriptor?? [ 882.733739][T13787] loop4: detected capacity change from 0 to 32768 [ 882.748810][T13787] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (13787) [ 882.778584][T13787] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 882.789322][T13787] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 882.798697][T13787] BTRFS info (device loop4): using free-space-tree [ 883.708266][T13797] loop3: detected capacity change from 0 to 32768 [ 883.762852][T13797] XFS: noikeep mount option is deprecated. [ 883.882074][T13797] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 883.934036][T13088] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 884.014374][T13797] XFS (loop3): Ending clean mount [ 884.046461][T13797] XFS (loop3): Quotacheck needed: Please wait. [ 884.154220][T13849] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 884.172407][T13797] XFS (loop3): Quotacheck: Done. [ 884.217447][T13849] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 884.402387][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 884.592789][T13852] loop4: detected capacity change from 0 to 256 [ 884.647096][T13852] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 884.685382][ T29] audit: type=1804 audit(1717040833.197:371): pid=13852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/25/file0/file0" dev="loop4" ino=1048760 res=1 errno=0 [ 884.785219][ T29] audit: type=1804 audit(1717040833.227:372): pid=13852 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/25/file0/bus" dev="loop4" ino=1048761 res=1 errno=0 [ 885.131088][T12665] usb 1-1: USB disconnect, device number 32 [ 887.684680][T13890] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 887.700509][T13890] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 888.361310][T13893] loop0: detected capacity change from 0 to 256 [ 888.415333][T13893] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 888.481291][ T29] audit: type=1804 audit(1717040836.997:373): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/29/file0/file0" dev="loop0" ino=1048762 res=1 errno=0 [ 888.571157][ T29] audit: type=1804 audit(1717040837.037:374): pid=13893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/29/file0/bus" dev="loop0" ino=1048763 res=1 errno=0 [ 888.809813][T13880] loop3: detected capacity change from 0 to 32768 [ 888.820252][T12665] usb 5-1: new high-speed USB device number 30 using dummy_hcd [ 888.834734][T13880] XFS: noikeep mount option is deprecated. [ 888.869308][T13880] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 889.015821][T13880] XFS (loop3): Ending clean mount [ 889.065137][T12665] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 889.075741][T12665] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 889.089694][T13880] XFS (loop3): Quotacheck needed: Please wait. [ 889.108596][T12665] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 889.137856][T12665] usb 5-1: config 0 descriptor?? [ 889.200823][T13907] loop0: detected capacity change from 0 to 64 [ 889.217298][T13880] XFS (loop3): Quotacheck: Done. [ 889.289233][T13907] hfs: request for non-existent node 131072 in B*Tree [ 889.314975][T13907] hfs: request for non-existent node 131072 in B*Tree [ 889.361378][T13908] hfs: request for non-existent node 131072 in B*Tree [ 889.393991][T13908] hfs: request for non-existent node 131072 in B*Tree [ 889.513202][T13907] hfs: request for non-existent node 131072 in B*Tree [ 889.522053][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 889.541798][T13907] hfs: request for non-existent node 131072 in B*Tree [ 889.574358][T13908] hfs: request for non-existent node 131072 in B*Tree [ 889.615928][T13896] loop2: detected capacity change from 0 to 32768 [ 889.624672][T13908] hfs: request for non-existent node 131072 in B*Tree [ 889.870946][T13896] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 889.886676][T13896] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 889.898719][T13896] bcachefs (loop2): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.8: bucket_stripe_sectors [ 889.898719][T13896] [ 890.017487][T13896] bcachefs (loop2): alloc_read... done [ 890.032979][T13896] bcachefs (loop2): stripes_read... done [ 890.042710][T13896] bcachefs (loop2): snapshots_read... done [ 890.065569][T13896] bcachefs (loop2): journal_replay... done [ 890.073038][T13896] bcachefs (loop2): resume_logged_ops... done [ 890.092611][T13896] bcachefs (loop2): going read-write [ 890.113118][T13896] bcachefs (loop2): done starting filesystem [ 890.178381][ T29] audit: type=1800 audit(1717040838.697:375): pid=13896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1073741829 res=0 errno=0 [ 890.279304][T13924] loop0: detected capacity change from 0 to 256 [ 890.287121][ T29] audit: type=1800 audit(1717040838.707:376): pid=13896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=1073741829 res=0 errno=0 [ 890.356858][T13924] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 890.424224][T13896] syz-executor.2 (13896) used greatest stack depth: 12408 bytes left [ 890.454108][T12994] bcachefs (loop2): shutting down [ 890.467715][T12994] bcachefs (loop2): going read-only [ 890.473006][T12994] bcachefs (loop2): finished waiting for writes to stop [ 890.519767][T12994] bcachefs (loop2): flushing journal and stopping allocators, journal seq 14 [ 890.631994][T12994] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 15 [ 890.748513][T12994] bcachefs (loop2): shutdown complete, journal seq 16 [ 890.775791][T12994] bcachefs (loop2): marking filesystem clean [ 891.037517][T12994] bcachefs (loop2): shutdown complete [ 891.639559][T12665] usb 5-1: USB disconnect, device number 30 [ 893.066302][ T29] audit: type=1804 audit(1717040841.577:377): pid=13947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/216/file0" dev="sda1" ino=1967 res=1 errno=0 [ 893.120269][T13923] loop3: detected capacity change from 0 to 32768 [ 893.151791][T13948] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 893.167964][ T29] audit: type=1804 audit(1717040841.627:378): pid=13947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/216/bus" dev="sda1" ino=1968 res=1 errno=0 [ 893.169547][T13923] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 21cb763f should be 29d2fb78 [ 893.223244][T13948] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 893.291920][T13923] workqueue: Failed to create a rescuer kthread for wq "bcachefs": -EINTR [ 893.315043][T13923] bcachefs (1e246536-b1b3-4f86-83c2-3dfcc2979a4c): shutdown complete [ 894.120991][T13963] loop4: detected capacity change from 0 to 256 [ 894.170688][T13963] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 894.207804][T13965] loop3: detected capacity change from 0 to 256 [ 894.245398][T13965] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 894.321355][T13943] loop0: detected capacity change from 0 to 32768 [ 894.399495][T13943] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 894.575756][T13943] XFS (loop0): Ending clean mount [ 894.770392][T13123] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 894.787033][T12664] usb 5-1: new high-speed USB device number 31 using dummy_hcd [ 895.798913][T12664] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 895.812362][T12664] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 895.832140][T12664] usb 5-1: config 0 descriptor?? [ 895.841009][T12664] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 895.981569][T13959] loop2: detected capacity change from 0 to 32768 [ 896.018310][T13959] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (13959) [ 896.106848][T13959] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 896.151200][T13959] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 896.186861][T13959] BTRFS info (device loop2): using free-space-tree [ 896.482399][T12994] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 897.619570][T14009] loop3: detected capacity change from 0 to 64 [ 897.866019][T14017] loop0: detected capacity change from 0 to 64 [ 897.999782][ T29] audit: type=1804 audit(1717040846.517:379): pid=14017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/37/file1/bus" dev="loop0" ino=3 res=1 errno=0 [ 898.053490][T14023] loop2: detected capacity change from 0 to 256 [ 898.070747][T14015] netlink: 'syz-executor.1': attribute type 2 has an invalid length. [ 898.092604][T14023] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 898.115284][T14015] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 898.151604][ T29] audit: type=1804 audit(1717040846.667:380): pid=14023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1462711128/syzkaller.Ip00tv/39/file0/file0" dev="loop2" ino=1048767 res=1 errno=0 [ 898.190524][ T29] audit: type=1804 audit(1717040846.707:381): pid=14023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir1462711128/syzkaller.Ip00tv/39/file0/bus" dev="loop2" ino=1048768 res=1 errno=0 [ 898.353020][T12664] usb 5-1: USB disconnect, device number 31 [ 898.752719][T14026] loop3: detected capacity change from 0 to 256 [ 898.802301][T14026] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 900.896804][T14028] loop2: detected capacity change from 0 to 32768 [ 900.944375][T14028] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 900.959399][T14034] loop4: detected capacity change from 0 to 32768 [ 901.045792][T14034] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (14034) [ 901.116639][T14028] XFS (loop2): Ending clean mount [ 901.139758][T14034] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 901.176919][T14034] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 901.215219][T14034] BTRFS info (device loop4): using free-space-tree [ 901.976025][T12994] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 902.208986][T13088] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 902.254371][ T29] audit: type=1804 audit(1717040850.767:382): pid=14076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/223/file0" dev="sda1" ino=1959 res=1 errno=0 [ 902.313762][ T29] audit: type=1804 audit(1717040850.827:383): pid=14076 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/223/bus" dev="sda1" ino=1961 res=1 errno=0 [ 902.797647][T14042] loop0: detected capacity change from 0 to 32768 [ 902.825365][T14042] XFS: noikeep mount option is deprecated. [ 902.860919][T12665] usb 2-1: new high-speed USB device number 47 using dummy_hcd [ 902.970452][T14042] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 903.012221][T14093] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 903.079341][T14093] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 903.129703][T12665] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 903.159658][T14042] XFS (loop0): Ending clean mount [ 903.175708][T12665] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 903.188810][T12665] usb 2-1: config 0 descriptor?? [ 903.202118][T12665] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 903.224016][T14042] XFS (loop0): Quotacheck needed: Please wait. [ 903.314435][T14082] loop3: detected capacity change from 0 to 32768 [ 903.557197][T14042] XFS (loop0): Quotacheck: Done. [ 903.636531][T13123] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 904.190870][T14108] loop0: detected capacity change from 0 to 256 [ 904.907562][T14118] loop4: detected capacity change from 0 to 256 [ 904.938583][T14118] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 904.989597][ T29] audit: type=1804 audit(1717040853.507:384): pid=14118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/37/file0/file0" dev="loop4" ino=1048794 res=1 errno=0 [ 905.070587][ T29] audit: type=1804 audit(1717040853.507:385): pid=14118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/37/file0/bus" dev="loop4" ino=1048795 res=1 errno=0 [ 905.123604][T12665] usb 2-1: USB disconnect, device number 47 [ 905.188311][ T9440] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 905.381028][ T9440] usb 1-1: config 1 has an invalid descriptor of length 134, skipping remainder of the config [ 905.399246][ T9440] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 905.429755][ T9440] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 905.457915][T14107] loop3: detected capacity change from 0 to 32768 [ 905.460323][ T9440] usb 1-1: New USB device found, idVendor=0525, idProduct=aca1, bcdDevice= 0.40 [ 905.481371][ T9440] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 905.506855][ T9440] usb 1-1: Product: syz [ 905.517054][ T9440] usb 1-1: Manufacturer: syz [ 905.525314][ T9440] usb 1-1: SerialNumber: syz [ 905.546576][ T9440] cdc_ncm 1-1:1.0: skipping garbage [ 905.558764][T14107] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 905.559552][ T9440] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 905.599334][ T9440] cdc_ncm 1-1:1.0: bind() failure [ 905.642832][T14107] XFS (loop3): Ending clean mount [ 905.850743][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 905.963576][T14114] loop2: detected capacity change from 0 to 32768 [ 905.976442][T14114] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (14114) [ 906.009672][T14114] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 906.029506][T14114] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 906.046955][T14114] BTRFS info (device loop2): using free-space-tree [ 906.210491][T12994] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 906.786248][T14150] loop2: detected capacity change from 0 to 512 [ 906.804368][T14150] EXT4-fs: Ignoring removed i_version option [ 906.826028][T14150] EXT4-fs: Ignoring removed oldalloc option [ 906.872453][T14126] loop4: detected capacity change from 0 to 32768 [ 906.883648][T14126] XFS: noikeep mount option is deprecated. [ 906.890458][T14150] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 906.922059][T14150] ext4 filesystem being mounted at /root/syzkaller-testdir1462711128/syzkaller.Ip00tv/44/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 907.021416][T14126] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 907.044093][ T29] audit: type=1326 audit(1717040855.557:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14149 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdae427cee9 code=0x0 [ 907.113754][T14126] XFS (loop4): Ending clean mount [ 907.148794][T14126] XFS (loop4): Quotacheck needed: Please wait. [ 907.310275][T12994] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 907.328991][T14126] XFS (loop4): Quotacheck: Done. [ 907.558420][T14165] loop2: detected capacity change from 0 to 256 [ 907.721404][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 907.928664][T14171] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 907.980964][T14171] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 908.010843][ T9440] usb 1-1: USB disconnect, device number 33 [ 908.269766][T14181] loop2: detected capacity change from 0 to 256 [ 908.287182][T14181] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 908.321758][ T29] audit: type=1804 audit(1717040856.837:387): pid=14181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1462711128/syzkaller.Ip00tv/49/file0/file0" dev="loop2" ino=1048820 res=1 errno=0 [ 908.566621][T14185] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. [ 908.659102][ T29] audit: type=1326 audit(1717040857.177:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14131 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 908.907204][ T5171] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 909.120422][ T5171] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 909.152970][ T5171] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 909.188185][ T5171] usb 3-1: config 0 descriptor?? [ 909.204432][ T5171] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 909.372824][T14198] loop4: detected capacity change from 0 to 256 [ 909.704761][T14191] loop3: detected capacity change from 0 to 32768 [ 909.798169][T14191] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 909.900826][T14191] XFS (loop3): Ending clean mount [ 909.983754][ T29] audit: type=1326 audit(1717040858.497:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14211 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902747cee9 code=0x0 [ 910.096404][T13312] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 910.224391][T14194] loop0: detected capacity change from 0 to 32768 [ 910.248633][T14194] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (14194) [ 910.662545][T14201] loop4: detected capacity change from 0 to 32768 [ 910.670820][T14201] XFS: noikeep mount option is deprecated. [ 910.682642][T14194] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 910.693628][T14194] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 910.709497][T14194] BTRFS info (device loop0): using free-space-tree [ 910.770438][T14201] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 910.851855][T14201] XFS (loop4): Ending clean mount [ 910.883273][T14201] XFS (loop4): Quotacheck needed: Please wait. [ 910.943269][T13123] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 911.060904][ T5171] usb 3-1: USB disconnect, device number 42 [ 911.100101][T14201] XFS (loop4): Quotacheck: Done. [ 911.249824][ T29] audit: type=1804 audit(1717040859.767:390): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/229/file0" dev="sda1" ino=1966 res=1 errno=0 [ 911.604934][T13088] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 912.534344][ T29] audit: type=1804 audit(1717040861.047:391): pid=14274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/233/file0" dev="sda1" ino=1940 res=1 errno=0 [ 913.196914][ T9440] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 913.400913][ T9440] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 913.433100][ T9440] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 913.454125][T14307] loop3: detected capacity change from 0 to 256 [ 913.469563][ T9440] usb 3-1: config 0 descriptor?? [ 913.484088][ T9440] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 913.511504][T14307] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 913.563394][ T29] audit: type=1804 audit(1717040862.077:392): pid=14307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1902758240/syzkaller.tkeOtE/38/file0/file0" dev="loop3" ino=1048821 res=1 errno=0 [ 914.680006][T14334] serio: Serial port pts0 [ 914.832295][T14340] loop3: detected capacity change from 0 to 256 [ 914.856430][T14340] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 914.900633][ T29] audit: type=1804 audit(1717040863.417:393): pid=14340 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1902758240/syzkaller.tkeOtE/45/file0/file0" dev="loop3" ino=1048822 res=1 errno=0 [ 915.297484][ T9440] usb 3-1: USB disconnect, device number 43 [ 915.804348][T14368] loop3: detected capacity change from 0 to 256 [ 915.876494][T14368] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 915.940392][ T29] audit: type=1804 audit(1717040864.457:394): pid=14368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir1902758240/syzkaller.tkeOtE/49/file0/file0" dev="loop3" ino=1048823 res=1 errno=0 [ 915.994361][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 917.120641][T12649] usb 4-1: new high-speed USB device number 35 using dummy_hcd [ 917.196845][T12665] usb 1-1: new high-speed USB device number 34 using dummy_hcd [ 917.307017][T12649] usb 4-1: device descriptor read/64, error -71 [ 917.390528][T12665] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 917.424273][T12665] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 917.462991][T12665] usb 1-1: config 0 descriptor?? [ 917.517375][T12665] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 917.555880][ T29] audit: type=1804 audit(1717040866.067:395): pid=14400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/249/file0" dev="sda1" ino=1957 res=1 errno=0 [ 917.588689][T12649] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 917.802442][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 918.968073][ T29] audit: type=1804 audit(1717040867.487:396): pid=14430 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/253/file0" dev="sda1" ino=1954 res=1 errno=0 [ 919.364254][T12665] usb 1-1: USB disconnect, device number 34 [ 920.277604][T14460] loop0: detected capacity change from 0 to 256 [ 920.306551][T14460] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 920.350909][ T29] audit: type=1804 audit(1717040868.867:397): pid=14460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/59/file0/file0" dev="loop0" ino=1048824 res=1 errno=0 [ 920.731695][T14467] loop0: detected capacity change from 0 to 512 [ 920.775872][T14467] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 920.789795][T14467] System zones: 1-12 [ 920.882831][T14467] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 33619980: comm syz-executor.0: invalid block [ 920.997068][T14467] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 1) [ 921.092045][T14467] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor.0: bg 0: block 361: padding at end of block bitmap is not set [ 921.137705][T14467] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 921.185480][T14467] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz-executor.0: attempt to clear invalid blocks 33619980 len 1 [ 921.239227][T14467] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz-executor.0: invalid indirect mapped block 1819239214 (level 0) [ 921.292989][T14467] EXT4-fs (loop0): 1 truncate cleaned up [ 921.308966][T14467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 921.370859][T14467] EXT4-fs error (device loop0): dx_probe:822: inode #2: comm syz-executor.0: Directory hole found for htree index block [ 921.400017][T12665] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 921.500922][T13123] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.614957][T12665] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 921.628470][T12665] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 921.658300][T12665] usb 4-1: config 0 descriptor?? [ 921.663623][ T29] audit: type=1804 audit(1717040870.167:398): pid=14489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2571878481/syzkaller.tq9yty/259/file0" dev="sda1" ino=1961 res=1 errno=0 [ 921.709959][T12665] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 922.846104][T14510] loop0: detected capacity change from 0 to 1024 [ 922.887749][T14510] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 923.139557][T13123] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.522921][T12665] usb 4-1: USB disconnect, device number 37 [ 923.727690][T14523] loop0: detected capacity change from 0 to 256 [ 923.761565][T14523] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 923.806900][ T29] audit: type=1804 audit(1717040872.317:399): pid=14523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/66/file0/file0" dev="loop0" ino=1048826 res=1 errno=0 [ 924.873036][T14558] loop4: detected capacity change from 0 to 256 [ 924.910998][T14558] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 924.963635][ T29] audit: type=1804 audit(1717040873.477:400): pid=14558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1192459948/syzkaller.WxRfYK/79/file0/file0" dev="loop4" ino=1048828 res=1 errno=0 [ 925.437220][T12649] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 925.674599][T12649] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 925.689425][T12649] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 925.718153][T12649] usb 4-1: config 0 descriptor?? [ 925.732752][T12649] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 926.537619][ T5227] usb 2-1: new high-speed USB device number 48 using dummy_hcd [ 926.776227][ T5227] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7 [ 926.813058][ T5227] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0 [ 926.831813][ T5227] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 926.852702][ T5227] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 926.866900][ T5227] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 926.899931][ T5227] usb 2-1: config 0 descriptor?? [ 927.065308][T14588] loop0: detected capacity change from 0 to 256 [ 927.121734][T14588] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 927.185966][ T29] audit: type=1804 audit(1717040875.697:401): pid=14588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/72/file0/file0" dev="loop0" ino=1048830 res=1 errno=0 [ 927.266484][ T29] audit: type=1804 audit(1717040875.777:402): pid=14588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir146603079/syzkaller.jJJaSu/72/file0/bus" dev="loop0" ino=1048831 res=1 errno=0 [ 927.358140][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.378254][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.393645][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.415623][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.446563][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.461821][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.482282][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.501028][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.525998][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.549102][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.573091][T12649] usb 4-1: USB disconnect, device number 38 [ 927.582137][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.609970][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.628719][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.656424][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.687611][ T5227] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0 [ 927.721642][ T5227] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 927.804839][ T5227] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 927.849704][ T5227] usb 2-1: USB disconnect, device number 48 [ 928.424629][T14373] ------------[ cut here ]------------ [ 928.450686][T14373] UBSAN: shift-out-of-bounds in mm/vmscan.c:4715:21 2024/05/30 03:47:57 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 928.472823][T14373] shift exponent -1 is negative [ 928.528122][T14373] CPU: 0 PID: 14373 Comm: syz-executor.2 Not tainted 6.10.0-rc1-next-20240529-syzkaller #0 [ 928.538551][T14373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 928.549102][T14373] Call Trace: [ 928.552499][T14373] [ 928.555751][T14373] dump_stack_lvl+0x241/0x360 [ 928.562139][T14373] ? __pfx_dump_stack_lvl+0x10/0x10 [ 928.567490][T14373] ? __pfx__printk+0x10/0x10 [ 928.572126][T14373] ? __lock_acquire+0x1359/0x2000 [ 928.577188][T14373] __ubsan_handle_shift_out_of_bounds+0x3c8/0x420 [ 928.583661][T14373] try_to_shrink_lruvec+0xa99/0xbb0 [ 928.588914][T14373] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 928.594666][T14373] ? blk_start_plug+0x70/0x1b0 [ 928.599462][T14373] shrink_lruvec+0x554/0x3070 [ 928.604167][T14373] ? __lock_acquire+0x1359/0x2000 [ 928.609234][T14373] ? mark_lock+0x9a/0x360 [ 928.613590][T14373] ? mark_lock+0x9a/0x360 [ 928.617950][T14373] ? __lock_acquire+0x1359/0x2000 [ 928.623002][T14373] ? __pfx_shrink_lruvec+0x10/0x10 [ 928.628209][T14373] ? __pfx___might_resched+0x10/0x10 [ 928.633790][T14373] ? mem_cgroup_iter+0x3a/0x560 [ 928.638681][T14373] ? mem_cgroup_iter+0x3e9/0x560 [ 928.643649][T14373] ? mem_cgroup_iter+0x3a/0x560 [ 928.648613][T14373] shrink_node+0xb17/0x4150 [ 928.653276][T14373] ? __pfx_shrink_node+0x10/0x10 [ 928.660935][T14373] ? __pfx_queue_work_on+0x10/0x10 [ 928.666983][T14373] ? do_raw_spin_unlock+0x13c/0x8b0 [ 928.672579][T14373] ? _raw_spin_unlock+0x28/0x50 [ 928.679579][T14373] do_try_to_free_pages+0x789/0x1cb0 [ 928.685143][T14373] ? __pfx_do_try_to_free_pages+0x10/0x10 [ 928.692333][T14373] try_to_free_mem_cgroup_pages+0x48f/0xb10 [ 928.699159][T14373] ? do_raw_spin_unlock+0x13c/0x8b0 [ 928.704503][T14373] ? __pfx_try_to_free_mem_cgroup_pages+0x10/0x10 [ 928.710965][T14373] ? cgroup_file_notify+0x111/0x190 [ 928.716185][T14373] try_charge_memcg+0x704/0x1850 [ 928.721167][T14373] ? __pfx_try_charge_memcg+0x10/0x10 [ 928.726556][T14373] ? percpu_ref_tryget+0x14/0x180 [ 928.731619][T14373] charge_memcg+0xa2/0x160 [ 928.736066][T14373] __mem_cgroup_charge+0x27/0x80 [ 928.741038][T14373] shmem_alloc_and_add_folio+0x44b/0xbd0 [ 928.746715][T14373] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 928.752891][T14373] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 928.758904][T14373] shmem_get_folio_gfp+0x82d/0x1f50 [ 928.764140][T14373] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 928.769801][T14373] shmem_read_folio_gfp+0xd6/0x170 [ 928.774936][T14373] ? __pfx_shmem_read_folio_gfp+0x10/0x10 [ 928.780684][T14373] drm_gem_get_pages+0x21b/0xe50 [ 928.785647][T14373] ? __pfx_drm_gem_get_pages+0x10/0x10 [ 928.791171][T14373] drm_gem_shmem_get_pages+0xdd/0x290 [ 928.796587][T14373] drm_gem_shmem_vmap+0x2ba/0x630 [ 928.801633][T14373] drm_gem_vmap_unlocked+0x103/0x1d0 [ 928.807310][T14373] drm_gem_fb_vmap+0xa6/0x810 [ 928.814138][T14373] drm_atomic_helper_prepare_planes+0x2b2/0xb50 [ 928.821440][T14373] drm_atomic_helper_commit+0x18b/0x9f0 [ 928.827075][T14373] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 928.833982][T14373] drm_atomic_commit+0x2ac/0x310 [ 928.839522][T14373] ? __pfx_drm_atomic_commit+0x10/0x10 [ 928.845062][T14373] ? __pfx___drm_printfn_info+0x10/0x10 [ 928.850643][T14373] ? drm_mode_object_get+0xd0/0x150 [ 928.855899][T14373] ? drm_atomic_set_fb_for_plane+0x222/0x290 [ 928.861931][T14373] drm_atomic_helper_update_plane+0x238/0x3a0 [ 928.868057][T14373] drm_mode_cursor_common+0xd68/0x1570 [ 928.873569][T14373] ? __pfx_validate_chain+0x10/0x10 [ 928.879027][T14373] ? __pfx_drm_mode_cursor_common+0x10/0x10 [ 928.886139][T14373] ? drm_mode_cursor_ioctl+0x97/0x160 [ 928.893340][T14373] drm_mode_cursor_ioctl+0xe1/0x160 [ 928.900584][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 928.908139][T14373] ? _raw_spin_unlock+0x28/0x50 [ 928.913220][T14373] drm_ioctl_kernel+0x33a/0x440 [ 928.918119][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 928.924000][T14373] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 928.929604][T14373] ? __might_fault+0xc6/0x120 [ 928.935579][T14373] drm_ioctl+0x611/0xad0 [ 928.940057][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 928.947964][T14373] ? __pfx_drm_ioctl+0x10/0x10 [ 928.954145][T14373] ? bpf_lsm_file_ioctl+0x9/0x10 [ 928.959559][T14373] ? security_file_ioctl+0x87/0xb0 [ 928.965061][T14373] ? __pfx_drm_ioctl+0x10/0x10 [ 928.969948][T14373] __se_sys_ioctl+0xfc/0x170 [ 928.974665][T14373] do_syscall_64+0xf3/0x230 [ 928.979197][T14373] ? clear_bhb_loop+0x35/0x90 [ 928.983908][T14373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 928.989828][T14373] RIP: 0033:0x7fdae427cee9 [ 928.994352][T14373] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 929.014084][T14373] RSP: 002b:00007fdae4f860c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 929.022537][T14373] RAX: ffffffffffffffda RBX: 00007fdae43b3fa0 RCX: 00007fdae427cee9 [ 929.030630][T14373] RDX: 0000000020000340 RSI: 00000000c01c64a3 RDI: 0000000000000003 [ 929.038620][T14373] RBP: 00007fdae42c947f R08: 0000000000000000 R09: 0000000000000000 [ 929.046624][T14373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 929.054624][T14373] R13: 000000000000000b R14: 00007fdae43b3fa0 R15: 00007fff38110778 [ 929.062639][T14373] [ 929.148381][T14373] ---[ end trace ]--- [ 929.152438][T14373] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 929.159664][T14373] CPU: 1 PID: 14373 Comm: syz-executor.2 Not tainted 6.10.0-rc1-next-20240529-syzkaller #0 [ 929.170483][T14373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 929.180760][T14373] Call Trace: [ 929.184069][T14373] [ 929.187117][T14373] dump_stack_lvl+0x241/0x360 [ 929.191861][T14373] ? __pfx_dump_stack_lvl+0x10/0x10 [ 929.197120][T14373] ? __pfx__printk+0x10/0x10 [ 929.201767][T14373] ? vscnprintf+0x5d/0x90 [ 929.206138][T14373] panic+0x349/0x870 [ 929.210152][T14373] ? check_panic_on_warn+0x21/0xb0 [ 929.215299][T14373] ? __pfx_panic+0x10/0x10 [ 929.219738][T14373] ? _printk+0xd5/0x120 [ 929.223920][T14373] ? __pfx__printk+0x10/0x10 [ 929.228566][T14373] check_panic_on_warn+0x86/0xb0 [ 929.233565][T14373] __ubsan_handle_shift_out_of_bounds+0x3e7/0x420 [ 929.240047][T14373] try_to_shrink_lruvec+0xa99/0xbb0 [ 929.245299][T14373] ? __pfx_try_to_shrink_lruvec+0x10/0x10 [ 929.251062][T14373] ? blk_start_plug+0x70/0x1b0 [ 929.255874][T14373] shrink_lruvec+0x554/0x3070 [ 929.260596][T14373] ? __lock_acquire+0x1359/0x2000 [ 929.265677][T14373] ? mark_lock+0x9a/0x360 [ 929.270039][T14373] ? mark_lock+0x9a/0x360 [ 929.274394][T14373] ? __lock_acquire+0x1359/0x2000 [ 929.279540][T14373] ? __pfx_shrink_lruvec+0x10/0x10 [ 929.284725][T14373] ? __pfx___might_resched+0x10/0x10 [ 929.290038][T14373] ? mem_cgroup_iter+0x3a/0x560 [ 929.294921][T14373] ? mem_cgroup_iter+0x3e9/0x560 [ 929.300026][T14373] ? mem_cgroup_iter+0x3a/0x560 [ 929.304927][T14373] shrink_node+0xb17/0x4150 [ 929.309514][T14373] ? __pfx_shrink_node+0x10/0x10 [ 929.314491][T14373] ? __pfx_queue_work_on+0x10/0x10 [ 929.319642][T14373] ? do_raw_spin_unlock+0x13c/0x8b0 [ 929.324872][T14373] ? _raw_spin_unlock+0x28/0x50 [ 929.329758][T14373] do_try_to_free_pages+0x789/0x1cb0 [ 929.335184][T14373] ? __pfx_do_try_to_free_pages+0x10/0x10 [ 929.341042][T14373] try_to_free_mem_cgroup_pages+0x48f/0xb10 [ 929.346968][T14373] ? do_raw_spin_unlock+0x13c/0x8b0 [ 929.352196][T14373] ? __pfx_try_to_free_mem_cgroup_pages+0x10/0x10 [ 929.360244][T14373] ? cgroup_file_notify+0x111/0x190 [ 929.365503][T14373] try_charge_memcg+0x704/0x1850 [ 929.370956][T14373] ? __pfx_try_charge_memcg+0x10/0x10 [ 929.376362][T14373] ? percpu_ref_tryget+0x14/0x180 [ 929.381444][T14373] charge_memcg+0xa2/0x160 [ 929.385991][T14373] __mem_cgroup_charge+0x27/0x80 [ 929.390968][T14373] shmem_alloc_and_add_folio+0x44b/0xbd0 [ 929.396654][T14373] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 929.402855][T14373] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 929.408865][T14373] shmem_get_folio_gfp+0x82d/0x1f50 [ 929.414108][T14373] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 929.419777][T14373] shmem_read_folio_gfp+0xd6/0x170 [ 929.425044][T14373] ? __pfx_shmem_read_folio_gfp+0x10/0x10 [ 929.432115][T14373] drm_gem_get_pages+0x21b/0xe50 [ 929.437666][T14373] ? __pfx_drm_gem_get_pages+0x10/0x10 [ 929.444526][T14373] drm_gem_shmem_get_pages+0xdd/0x290 [ 929.449958][T14373] drm_gem_shmem_vmap+0x2ba/0x630 [ 929.455025][T14373] drm_gem_vmap_unlocked+0x103/0x1d0 [ 929.460350][T14373] drm_gem_fb_vmap+0xa6/0x810 [ 929.465185][T14373] drm_atomic_helper_prepare_planes+0x2b2/0xb50 [ 929.471481][T14373] drm_atomic_helper_commit+0x18b/0x9f0 [ 929.477237][T14373] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 929.483345][T14373] drm_atomic_commit+0x2ac/0x310 [ 929.488325][T14373] ? __pfx_drm_atomic_commit+0x10/0x10 [ 929.493934][T14373] ? __pfx___drm_printfn_info+0x10/0x10 [ 929.499528][T14373] ? drm_mode_object_get+0xd0/0x150 [ 929.504759][T14373] ? drm_atomic_set_fb_for_plane+0x222/0x290 [ 929.510774][T14373] drm_atomic_helper_update_plane+0x238/0x3a0 [ 929.516900][T14373] drm_mode_cursor_common+0xd68/0x1570 [ 929.522387][T14373] ? __pfx_validate_chain+0x10/0x10 [ 929.527625][T14373] ? __pfx_drm_mode_cursor_common+0x10/0x10 [ 929.533566][T14373] ? drm_mode_cursor_ioctl+0x97/0x160 [ 929.538960][T14373] drm_mode_cursor_ioctl+0xe1/0x160 [ 929.544183][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 929.550016][T14373] ? _raw_spin_unlock+0x28/0x50 [ 929.554887][T14373] drm_ioctl_kernel+0x33a/0x440 [ 929.559756][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 929.565604][T14373] ? __pfx_drm_ioctl_kernel+0x10/0x10 [ 929.570989][T14373] ? __might_fault+0xc6/0x120 [ 929.575680][T14373] drm_ioctl+0x611/0xad0 [ 929.579934][T14373] ? __pfx_drm_mode_cursor_ioctl+0x10/0x10 [ 929.586128][T14373] ? __pfx_drm_ioctl+0x10/0x10 [ 929.590922][T14373] ? bpf_lsm_file_ioctl+0x9/0x10 [ 929.597351][T14373] ? security_file_ioctl+0x87/0xb0 [ 929.605104][T14373] ? __pfx_drm_ioctl+0x10/0x10 [ 929.611920][T14373] __se_sys_ioctl+0xfc/0x170 [ 929.618290][T14373] do_syscall_64+0xf3/0x230 [ 929.625317][T14373] ? clear_bhb_loop+0x35/0x90 [ 929.631189][T14373] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 929.637258][T14373] RIP: 0033:0x7fdae427cee9 [ 929.641737][T14373] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 929.661395][T14373] RSP: 002b:00007fdae4f860c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 929.669992][T14373] RAX: ffffffffffffffda RBX: 00007fdae43b3fa0 RCX: 00007fdae427cee9 [ 929.678258][T14373] RDX: 0000000020000340 RSI: 00000000c01c64a3 RDI: 0000000000000003 [ 929.686787][T14373] RBP: 00007fdae42c947f R08: 0000000000000000 R09: 0000000000000000 [ 929.694787][T14373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 929.702780][T14373] R13: 000000000000000b R14: 00007fdae43b3fa0 R15: 00007fff38110778 [ 929.710795][T14373] [ 929.714142][T14373] Kernel Offset: disabled [ 929.718720][T14373] Rebooting in 86400 seconds..