last executing test programs: 23m47.920145662s ago: executing program 32 (id=95): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)={0x48, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xfffffffffffffc40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}]}]}]}, 0x48}}, 0x0) 17m30.113820632s ago: executing program 33 (id=2021): r0 = socket$inet6(0xa, 0x3, 0xff) r1 = dup2(r0, r0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f00000000c0)={0x2, 0x28, 0xfa33, {0xf5ff, {0xa, 0x0, 0x0, @local, 0x3b}}}, 0x30) 13m13.018740906s ago: executing program 34 (id=3404): setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000001, 0xc3072, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 9m6.313486964s ago: executing program 4 (id=4708): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', 0x0}) sendmsg$can_raw(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f00000005c0)={&(0x7f00000000c0)=@can={{}, 0x86, 0x0, 0x4, 0x2, '\x00\x00\x00\x00\a\x00'}, 0x210}}, 0x0) 9m5.905412358s ago: executing program 4 (id=4711): sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x7) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100626f6e640000000018000280140008800800030001"], 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0) 9m5.262065945s ago: executing program 4 (id=4715): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000080)=0x4) 9m4.52968496s ago: executing program 4 (id=4719): syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@data_err_abort}, {@debug}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xfe, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00') 9m3.125997304s ago: executing program 4 (id=4725): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x80000001, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20000, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x81f], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xf25, 0x0, 0x7], [0x1, 0x0, 0xe6c7, 0xfffffffd, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xffffffff, 0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6]}, 0x45c) ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0) ioctl$UI_GET_SYSNAME(r0, 0x8040552c, &(0x7f0000000000)) 8m56.038741951s ago: executing program 4 (id=4762): r0 = syz_io_uring_setup(0xec5, &(0x7f00000008c0), &(0x7f0000000080), &(0x7f0000000340)) io_uring_enter(r0, 0x0, 0x10a5, 0x3, 0x0, 0x0) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000140), 0x2) 8m54.080575867s ago: executing program 35 (id=4762): r0 = syz_io_uring_setup(0xec5, &(0x7f00000008c0), &(0x7f0000000080), &(0x7f0000000340)) io_uring_enter(r0, 0x0, 0x10a5, 0x3, 0x0, 0x0) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000140), 0x2) 5m31.907104764s ago: executing program 7 (id=5826): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x25000000}, 0x1}}]}, {0x4}, {0xc}, {0xfffffffffffffcf3}}}]}]}, 0x68}}, 0x0) 5m31.188167564s ago: executing program 7 (id=5831): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x2c, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x10, 0x7d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x5, 0x1, 'H'}, @NL80211_BAND_60GHZ={0x4}]}]}, 0x2c}}, 0x0) 5m30.432301062s ago: executing program 7 (id=5835): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, r1, 0x8de13c6b70ae92c3, 0x0, 0x0, {{0x77}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 5m29.999855739s ago: executing program 7 (id=5838): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x1000806, &(0x7f00000018c0)={[{}, {@sys_tz}, {@gid={'gid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@time_offset={'time_offset', 0x3d, 0x4}}, {@errors_continue}, {@errors_remount}, {@errors_continue}, {@errors_remount}, {@uid={'uid', 0x3d, 0xee01}}, {@gid}]}, 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=") mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) chdir(&(0x7f00000016c0)='./file0\x00') rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00') 5m28.818532776s ago: executing program 7 (id=5844): r0 = io_uring_setup(0x13545, &(0x7f00000001c0)={0x0, 0x0, 0x10}) mknod(&(0x7f0000000180)='./file1\x00', 0x1ffa, 0x0) creat(&(0x7f0000000100)='./file1\x00', 0x0) close(r0) 5m27.594977391s ago: executing program 7 (id=5849): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @dev, 0x7}, 0x80, 0x0}, 0x24000059) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000400020011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 5m25.88592151s ago: executing program 36 (id=5849): r0 = socket$kcm(0xa, 0x1, 0x106) sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @dev, 0x7}, 0x80, 0x0}, 0x24000059) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000100)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000400020011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) 5m1.408188911s ago: executing program 2 (id=5943): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2100000000000000140012800c0001006d6163766c616e000400028008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x44}}, 0x0) 5m0.676374582s ago: executing program 2 (id=5945): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000a0db000000000000000000850000000e000000c50000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x11) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@acquire={0x13c, 0x17, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}}, @in6=@private1, {@in=@dev, @in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {{@in=@dev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x2}}}, [@XFRMA_IF_ID={0x8}, @sec_ctx={0xc, 0x8, {0x8, 0x8, 0x0, 0x0, 0xfffffffffffffe84}}]}, 0x13c}}, 0x0) 4m59.955354935s ago: executing program 2 (id=5948): r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000000)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r0, 0x1c243911) keyctl$chown(0x4, r0, 0xee00, 0x0) keyctl$KEYCTL_MOVE(0x1e, r0, r0, r0, 0x0) 4m59.569758458s ago: executing program 2 (id=5951): syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x8, &(0x7f0000000180)={[{@type={'type', 0x3d, "d0a8c62b"}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@uid}, {@umask={'umask', 0x3d, 0xfffffffffffffffb}}, {@iocharset={'iocharset', 0x3d, 'cp1250'}}, {@codepage={'codepage', 0x3d, 'maciceland'}}]}, 0x1, 0x2fc, &(0x7f00000008c0)="$eJzs3U9PE08cx/HPbFsof8Jvf4Ax8aJBSPRixD+JMSYY0pvh7smotCTEBiNgol5A403jA/Dmwafgg/CgxpsnPXnyAXBbM9PZsgvbLQ2UBXy/Eprt7Mzsd51uZ76b1BWAf9Z87efHq7/tn5FKKkm6KQWSqlJZ0imdrj5dWV9ebzbqeR2VXAv7Z9RqaXbVWVxpZDW17VwLL7TvyhpNlqE/oii6/avoIFA4d/VnCKRBfx26/dVDjqtfNqWzRcdw2JIDbLa0pWcaKzAcAMAR4Of/wE8To67IKAikGT/tn6j5f6voAA7Wteauoii3gZv/fwyPxZlXZOz4/ud2bed7LoWz+4M4S9xLMJUd7wfU+mSlFpimW1bpYgmGlpbLurT4UvVArzTnJapNutd666Mb6xLtVEZumqNzbxUtDLfOxq0od4pDWlpuNgbtRkb8E70dcX/e2FA/m2/mngn1XvX2+q8cGTtMbqTCHSMVVGz8lzv3OuJa2Vryaf+coiBV5X93kDP+CF6Xs6xmZyTJPuMbBJvtCPLidMceV/q2QuvsZru0mshqFbbfdWg1mWpVStwTyb2V0h/xKZp35q6Z0h99Ui2x/g9sfDNKXJl5X/XG1fSfjMXHzXp6ZBPKrma4a+bYvlzOtSPwBns+N0g93i17q4e6obG15y8elZrNxqrdeJCx8WR01fiSymsps07/N0rKqaPN7ZLI2oiivfYc9TP4iwfaof3+aJfYyyersr3K2iVB957jubqAMe3XxoY/pT4eovb1hPyLRZGUKlm49cXvOvDvJxxBayYefV8wVHBAOGx23WVa+Z9byftVnVuq2pcwZ52en2Qq1eNsO4NLLwXH3etwTxncSOcMLnHEKx1yRpdznb8gTScKjfwRNzK7DX2cJ4Sp6bvuc/8fAAAAAAAAAAAAAAAAAADguNnLTwUCSfv5pUHR5wgAAAAAAAAAAAAAAAAAAAAAwHE3Xxvo/fm/Wf9HvHv+b5j1/N8P16fvtLZ4/i9wpPwNAAD//9pfcAo=") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000006000)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000500)=""/222, 0xde) 4m57.798680728s ago: executing program 2 (id=5956): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x8, 0x42, 0x40, 0xc2, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000400000004", @ANYRES32, @ANYBLOB="a8dc8c0800000000000020002f5989670de8a55e94e62a57456c4b"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000080), 0x1003, r0}, 0x38) bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500), 0x0, 0x2, r0}, 0x38) 4m56.469956356s ago: executing program 2 (id=5963): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)={0x58, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "f2a061aa11bcba9b0e07efaadd67505c"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0c77fa89fec9364767d2a157af22e7d7"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x1}]}, 0x58}}, 0x0) 4m55.434899946s ago: executing program 37 (id=5963): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)={0x58, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "f2a061aa11bcba9b0e07efaadd67505c"}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@device_b}, @NL80211_ATTR_PMK={0x14, 0xfe, "0c77fa89fec9364767d2a157af22e7d7"}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x1}]}, 0x58}}, 0x0) 3m35.009427385s ago: executing program 9 (id=6273): syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2000480, &(0x7f00000002c0), 0x1, 0x78e, &(0x7f0000001480)="$eJzs3c1rHOUfAPDvbJKmSfv7JYKg9RQQNFC6MTW2Ch4qHkSwUNCz7bLZhppNtmQ3pQkBW0QQQVDxIOilZ1/qzasvV/0vPEhL1bRY8SCR2eym22Y33bTZ3WA+H5js88zM5nm++8w888zOsBPAnjWW/slEHIqID5OIkdr8JCIGqqn+iBPr691eXcmnUxJra6//nlTXubW6ko+G96QO1DKPR8QP70Yczmwut7y0PJsrFgsLtfxEZe78RHlp+ci5udxMYaYwf2xyauro8eeOH9u5WP/8efng9Y9eefrrE3+/89jVD35M4kQcrC1rjGOnjMVY7TMZSD/Cu7y804X1WNLrCvBA0l2zb30vj0MxEn3VVAtD3awZANApb0fEGgCwxySO/wCwx9S/B7i1upKvT739RqK7brwUEfvX469f31xf0l+7Zre/eh10+FZy15WRJCJGd6D8sYj4/Ns3v0yn6NB1SIBmLl2OiDOjY5v7/2TTPQvb9cxWC9cGqy9j98y+b//3/kNWCtjwXTr+eb7Z+C+zMf6JJuOfwSb77oO4//6fubYDxbSUjv9ebLi37XZD/DWjfbXc/6pjvoHk7LliIe3b/h8R4zEwmOYnq6s2vwtq/OY/N1uV3zj+++Pjt75Iy09f76yRudY/ePd7pnOV3MPGXXfjcsQT/c3iTzbaP2kx/j3VZhmvvvDeZ62WpfGn8danzfF31tqViKeatv+dtky2vD9xoro5TNQ3iia++eXT4VblN7Z/OqXl188FuiFt/+Gt4x9NGu/XLG+/jJ+ujHzfatn942++/e9L3qim99XmXcxVKguTEfuS1zbPP3rnvfV8ff00/vEnm+//W23/6TnhmTbj77/+21cPHn9npfFPb6v9t5+4enu2r1X57bX/VDU1XpvTTv/XbgUf5rMDAAAAAAAAAAAAAAAAAAAAAAAAgHZlIuJgJJnsRjqTyWbXn+H9aAxniqVy5fDZ0uL8dFSflT0aA5n6T12ONPwe6mTt9/Dr+aP35J+NiEci4pPBoWo+my8Vp3sdPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHGjx/P/Ur4O9rh0A0DH7W8zv63I9AIDuaXX8BwD+u7Z3/B/qWD0AgO5x/g8Ae0/bx/8zna0HANA9zv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADosFMnT6bT2l+rK/k0P31haXG2dOHIdKE8m51bzGfzpYXz2ZlSaaZYyOZLcy3/0aX1l2KpdH4q5hcvTlQK5cpEeWn59Fxpcb5y+txcbqZwujDQtcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH3lpeXZXLFYWJDYMjG0O6qxaxL9sSuqIdGxRGMvMdS7DgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgl/s3AAD//4fPK2Y=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xff10, 0x8000c61) open(&(0x7f00000000c0)='./file1\x00', 0xa37e, 0x0) 3m33.116082911s ago: executing program 9 (id=6277): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000040)=0x30, 0x5e) 3m32.241682732s ago: executing program 9 (id=6281): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r2, @ANYBLOB="08000600", @ANYRESDEC], 0x24}}, 0x0) 3m31.389034621s ago: executing program 9 (id=6283): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000580)='./file2\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x1, 0x21d, &(0x7f0000000b40)="$eJzsmL9rFEEUx78zu7e5FRFtUthYGDCi2cvuoaQ5NIJgJULir0oPs4Z4m5xcVjAHgsHGRjsLwcbCf8AiRSoLO/8BQQsVBAuvsLCxGZmd2b1JJnGPNVa+TzF8Z9978+a9233FgSCI/5Yvn39+enJuZv4kgP2YwJh+/s0BGFOaG/4fn9878ax1/sXrD6/erhx4sLn9PBkixNYH9T/kdwG8mXWQFpmK6F9STOjNPHihL4PjuNZXwRBofRMcV7SOwXBd6zuG7kr/ILi9lMTBrW6yIMW0XEK5RHJpbr/fYJ1hQe+FEIIZ9tW1fqedJHHPEK627WCqJIpknXGrfzV4GMxytIz7yS5ee/xoXe7z3kwb/QvBEeoimmCY089nMJb3RrXEqP+wOzzfserfsVrpKg1lRdaVaP3Yk2aZ4tBUtfBJWc5Z23QQVa6BrVE1DE2yk3tbsvXqZMItfxfP6B+0Qq6Lo1bx1Afwjyo1RaUqcjE+2Hxnm76WhQtWnoKN/v7UR71z/iFW75iPfof/Tcd2u9j7DTU/xEuGY8Z8co350UiX7zZW1/pTS8vtxXgxXomi5mkGPDwVNbJBpFZr7g3ns5/Np33G+bVdfD3u4X47TXuhWj3mwUea9qJsHxmfzdxG9/sNHZbiAoCjaiPHplec6Fg5mKd8eOYr1aTtRBAEQRAEQRAEQRAEQRAEUYkjYNm/oCVElzLv3wEAAP//0Ixjlw==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0) getdents64(r0, 0x0, 0x1000000) 3m29.812411417s ago: executing program 9 (id=6288): r0 = socket$inet(0x2, 0x6, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x10, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x80000000}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x8810) 3m29.03157134s ago: executing program 9 (id=6291): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x8, 0xb7e, 0x101, 0x1, 0x6480, 0x6, 0x9}, 0x1c) 3m26.94769787s ago: executing program 38 (id=6291): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r0, 0x0) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x8, 0xb7e, 0x101, 0x1, 0x6480, 0x6, 0x9}, 0x1c) 1m35.855187223s ago: executing program 0 (id=6780): r0 = creat(&(0x7f0000000d00)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x4400) io_setup(0xb, &(0x7f0000000140)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x20, 0x8, 0x0, r0, 0x0, 0x39}]) 1m34.417778459s ago: executing program 0 (id=6785): setresgid(0xee01, 0xee00, 0x0) setuid(0xee01) r0 = getegid() setresgid(0xffffffffffffffff, r0, 0xee00) 1m34.207925564s ago: executing program 0 (id=6787): r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6}]}) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0) fstat(r0, 0x0) 1m33.102961466s ago: executing program 0 (id=6793): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@abort}, {@auto_da_alloc}]}, 0x1, 0x501, &(0x7f0000001ac0)="$eJzs3c9vI1cdAPDveDeJs02btPQACOhSCgtarZN426jqAcoJIVQJ0SNI25B4oyh2HMVOacIe0v8BiUqc4MgfwLkn7lwQ3LiUAxI/IlBTiYPRjMepydobNz/srP35SLMzb57t73vrzHv214lfABPrdkQcRsR0RLwTEfP5+STf4s32lt7u46NHa8dHj9aSaLXe/meS1afnous+qWfyxyxGxI++F/HT5PG4jf2DrdVqtbLbLs4uNms7i439g3ubtdWNykZlu1xeWV5Zev3+a+VL6+tLten86Msf/eHwWz9PmzWXn+nux2Vqd33qJE7qZkT84CqCjcCNvD/To24I51KIiBci4uXs+p+PG9mzCQCMs1ZrPlrz3eUk+xcAGF+FLAeWFEp5LmAuCoVSqZ3DezFuFar1RvPuw/re9no7V7YQU4WHm9XKUp4rXIipJC0vZ8eflsunyvcj4vmI+MXMbFYurdWr66N84QMAE+yZU/P/f2ba8z8AMOaKo24AADB05n8AmDzmfwCYPOZ/AJg85n8AmDzmfwCYPOZ/AJgoP3zrrXRrHefff73+7v7eVv3de+uVxlaptrdWWqvv7pQ26vWN7Dt7amc9XrVe31l+NfbeW/j2TqO52Ng/eFCr7203H2Tf6/2gMjWUXgEAT/L8Sx/+OYmIwzdmsy261nIwV8N4K4y6AcDI3Djn/az3BE+/AVf76rGCH/C0u8B7fOkBGBNnTfDFiJg9fbLVarWurknAFbvzBfl/mFRd+X+/BQwT5rz5f+DpN2D+HxhDrVYy6Gr/MegNAYDrTY4f6PP5/wv5/rf5hwM/WT99iw+uslUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwvXXW/y3la4HPRaFQKkU8GxELMZU83KxWliLiuYj408zUTFpeHnGbAYCLKvwtydf/ujP/ytzp2unkk5lsHxE/+9Xbv3xvtdnc/WN6/l8n55sf5OfLo2g/AHCWzjyd7bveyH989Gitsw2zPX//bkQU2/GPj6bj+CT+zbiZ7YsxFRG3/p3k5bakK3dxEYfvR8Tne/U/ibksB9Je+fR0/DT2s0ONX/i/+IWsrr1P/y8+dwltgUnzYTr+vNnr+ivE7Wzf+/ovZiPUxeXjX/pQa8fZGPhp/M74d6PP+Hd70Biv/v777aPZx+vej/jizYhO7OOu8acTP+kT/5UB4//lS195uV9d69cRd6J3/O5Yi83azmJj/+DeZm11o7JR2S6XV5ZXll6//1p5MctRL/afDf7xxt3n+tWl/b/VJ37xjP5/fcD+/+a/7/z4q0+I/82v9YpfiBefED+dE78xYPzVW78r9qtL46/36f9Zz//dAeN/9NeDx5YNBwBGp7F/sLVarVZ2h3nQeSEx1KAOxuAg/am5Bs3oefCdYcWajs90r1brXLFOjxSd92OXkXUDroOTiz4iPhl1YwAAAAAAAAAAAAAAgJ6G8RdLo+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4+t/AQAA//8X/Mrj") mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount(0x0, &(0x7f00000001c0)='./file0/../file0/../file0\x00', 0x0, 0x834421, 0x0) quotactl$Q_SETINFO(0xffffffff80000601, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000280)) 1m31.607868385s ago: executing program 0 (id=6799): r0 = epoll_create1(0x0) r1 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000440)={0x20002017}) ppoll(&(0x7f0000000380)=[{r0}], 0x1, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0) 1m30.006467586s ago: executing program 0 (id=6810): r0 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000100)) 1m29.048388978s ago: executing program 39 (id=6810): r0 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc0045540, &(0x7f0000000100)) 9.73550851s ago: executing program 5 (id=7247): socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) io_setup(0x7, &(0x7f0000000280)=0x0) io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) shutdown(r0, 0x0) 9.151396401s ago: executing program 5 (id=7252): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x6be00000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0) 5.38351298s ago: executing program 5 (id=7268): unshare(0x62040200) syz_usb_connect(0x0, 0x24, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newlink={0x58, 0x10, 0x44b, 0x0, 0x0, {0x7a}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x62, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}]}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x58}}, 0x0) 4.894024885s ago: executing program 6 (id=7272): r0 = memfd_secret(0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$SCSI_IOCTL_GET_PCI(r2, 0x2284, &(0x7f0000000000)) 4.346128693s ago: executing program 8 (id=7276): syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./bus\x00', 0x2, &(0x7f0000000b40)=ANY=[@ANYRES32=0x0, @ANYRES8=0x0, @ANYRES32], 0xff, 0x2e7, &(0x7f0000000280)="$eJzs3M9LG2kcx/Gvml9GNDksu+wuy37ZveyyMGj2XghFaWmgRU2pLRRGnbQh00QygyWlqD31WvpH9CDe6k1oe+jVS2899dKbhxZKqfTXlEwmGjX+oiZa836B5nGe5+vzTGYcPiNk1q48uFXIOUbOdKW7OyzdIguyLpKstkQq1W9dIhKTmi6JSKMF+bfv3cs/xiauXkhnMsOjqiPp8f9Tqjrw55Pbd5f+eub2XV4eWInKavL62tvU69WfV39d+zp+M+9o3tFiyVVTJ0uv3Mikbel03ikYqpc8z3QszRefT4j4/SXXrPbn7NLMTEXN4nR/fKZsOY6axYoWrIpKSKRcUfOGmS+qYRjaHxfsJ7o4Omqm/Wbs0MVTLVgQvtu5HSd+uZw2e0Skd8fY7GK7VgUAAE6OLfk/ptvzv68reK1u+eJ5XmO9n//fPxY5UP5fieyS/4N8X8//tlXL/45Vdg+W/92SutX8HyL/H0J2M//j1Krm/3jw9+u7d21p0G+Q/wEAAAAAAAAAAAAAAAAAAAAA+BGse17C87xE/bX+FQ0+El7/+bjXidbg+He2MQ0aqjER+/5sdjYrYodrGzeOuyWDkpDP/vkQqLVHzmeGB9WXlKf2fFA/P5vt8QvTOcmLLZYMSUKSzeuHavW6tT4s8cb6lCTkp+b1qab1Efnn74Z6QxLyYkpKYsu0f15v1s8NqZ69mNlW3+uPAwAAAADgNDB0Q9P7d8PYrb9Wn86J+PfX+/9/YNv9dUh+Cx3vvgMAAAAA0Cmcyp2CadtWuY2NmIi0fq7q3rV+d3r3HjP3X/vf3pPTSDRsqT9Euu3LCDVOGg1W0aK5fnn46MPR/cIzy79/atb1sS1v3QEuHuHWXZcAAAAAHL3N0L/7GO9NO1cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnad1TxHqCGfZ6sgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQWb4FAAD//9yVIwU=") r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x10, 0x0) landlock_restrict_self(r0, 0x0) open(&(0x7f0000000200)='./bus\x00', 0x1c507e, 0x0) 3.982959173s ago: executing program 6 (id=7278): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ipvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r1], 0x3c}}, 0x0) 3.648191354s ago: executing program 3 (id=7279): syz_mount_image$minix(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x1000002, &(0x7f00000017c0)=ANY=[], 0x1, 0x1d7, &(0x7f0000000440)="$eJzs28tO1FAcx/FfL9MC3m8bVyYuZONUh0mUnTyAL+COQCXEokbcQEzUje/hY7jjTXwBSPQJalo6KcW2nGkz07l8Pwn0cOiv55Dy75zORQCW1u30uyVLvbQVx/HXR5LevJbk1ka9qUwQwMTE1nnRV/HKu1fqUwDmg/OnvN+vLPBfo4bNVQCYZ2dbTroOOLGk33+/7JxmXz3D9cPZli052Q8X8p60YpT/bqXbh650eiHvq3gA61vF+uXnef6JivlV0/ln469dyq8Z5+10u/64mL8m6bqkG5JuSrqV3WvdkXS3ZPzdS+M/MBwfaCP57+sXeozKtpjv1+zg1+eT6nm7H4XPxho118vyzxvmvSw/aJnfMNj3pKTPz/L9nQ/RbmXyVcPZAfXs/+p/PFfWf6X86cPG9T86RIv6B5bZ4dHxu+0oCj+N37AbpWgsS2O0kEx6XElXp350PufpNVZnYxrFxrqbn6bk1MVOt1cnAJMUfD74GBweHT/dP9jeC/fC94Ph5svhxmD4YjNI1+VBm7tzALMsf/Q327/+LUEAAAAAAAAAAAAAAKAL9yTdL/8VL/UDAAAAC2Yanyvq+m8EAAAAAAAAAAAAAAAAAAAAFsW/AAAA//+azzze") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x242, 0x0) fcntl$setlease(r0, 0x400, 0x0) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0) 3.574851947s ago: executing program 8 (id=7280): socket$inet6_tcp(0xa, 0x1, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0) clock_adjtime(0xffffffd3, &(0x7f0000000340)={0x5}) 3.38009653s ago: executing program 6 (id=7281): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x48000000, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4c, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x3}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_FLOW_PLIMIT={0x8}, @TCA_FQ_TIMER_SLACK={0x8}, @TCA_FQ_LOW_RATE_THRESHOLD={0x8}, @TCA_FQ_FLOW_DEFAULT_RATE={0x8}, @TCA_FQ_QUANTUM={0x5, 0xf}]}}]}, 0x78}}, 0x0) 3.303707558s ago: executing program 1 (id=7282): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001300050000000000000000000700d1d1", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a8018000580140007800800010000000000080002"], 0x3c}}, 0x0) 2.996426907s ago: executing program 3 (id=7283): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9) ioctl$TCXONC(r0, 0x540a, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x17) 2.932174795s ago: executing program 5 (id=7284): syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6}]}) pipe2$9p(0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') 2.870617561s ago: executing program 8 (id=7285): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0)={0x2, 0x0, [{0x0, 0x1000, &(0x7f0000001600)=""/4096}, {0x0, 0xffffffffffffffac, &(0x7f0000002600)=""/4096}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 2.440674928s ago: executing program 6 (id=7286): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd\x00') getsockopt$bt_hci(r0, 0x84, 0x1a, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7) 2.292602644s ago: executing program 1 (id=7287): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$restrict_keyring(0xa, r1, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)='ex.\x00') 2.143050283s ago: executing program 3 (id=7288): r0 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000140)="d8", 0x1, r0) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)=@chain) request_key(&(0x7f0000000400)='user\x00', &(0x7f0000000340)={'syz', 0x3}, 0x0, r0) 2.002288185s ago: executing program 6 (id=7289): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000f2ffffff850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e"], 0x58}}, 0x0) 1.912417284s ago: executing program 8 (id=7290): r0 = socket$kcm(0x11, 0xa, 0x300) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f00000008c0)=[{&(0x7f0000000b80)="a2f5c0c857d51787bbf42fe92a8b5f72af6022c473db28c1c317b820fc95b6df2e48471234bba823ee4e35692078f06e008178bab7e779d99be3309adcd75192331a03fd16c374e63edf878f852864e2eaa6f4e5ea80bcd179fe6646be4d08435915eabb07090caaeb8579cbcb2e6198b57136a9b7e5fc9e697ed0141429f03db0d807f0b30e349d5e98688ff84543692fe92625373ca60d36070ac23fbba1c3afd36e121673300f5d4aa25d9fd8c622dc4b34b8403342015eb0fdb95aa532f769c5198e86a3215ed980273e0a7a4c9f2c9f0972dd861236d1ebc719a16f1dacbf61f17581c08a6a3dbbee5aeed44bdc29b1c9f23890ccd82d0cbf471d769860dca224dda2fc25ddadc024ceace76fcf392eafda544746a12156387b987fcea04d4c618c71a5d7e8140903bf951720d34c594c49baad9b5f13502c7a144746c52b6ff73aca78f73bdceef2c870f5e2e19648b9a515c198f6c3d37c93ae017f83101c82e8a2df428d2939270b85b9ad1090b1d303a7271339880840a7332cb417a5c2a071269d44f04e2ae2bd90c9b5d6741d1d914c77dc1e8fb3f281dc6c73107799920a2b313ed7e0ee04a0da461cf03e7dc83f240ab56335ef31a8e6cb675f3cc6e11efdcc546a8f4d85a55b2f9a5e9673157ab349573302ccba0a724e76942254496c99f039c588ef0d99d92306a524426a39860367a32dc6c4c21cb71e3631ea2daa66e1aaf3b7c5a997b0751a5290ff7a27e9f5b536db550bb06d282f9c6051a20e983952569820af5ea26c96d1f78cf3cbdc908737414caa6183e5641a018d043b6a6fa3b1bc21531c5e9f3abb6ee2e413399b436c58f1a1fa79941c84d75610107b2c4853ebf2bda61e0e742ee432e0f5c4caa005a5e25a23a03b99dc58d7c408be504b0187bd71611f239bb5981e7c5758a077dfd47ec5bf94e15be8f1781a3355c05e1afd164377aa404e5db76c7e7d8be802b7d64735c2ede38a75062938cf4830b4a0e8aebafdd647631dd0736f9904fa6bbde95f629ace4b6c4b379e63c889e7e6b6cc6b5cb350b5b8a57e487a81a940fd6fcd93b14c547be7b579925481adb713c5eecf23649be3dafa8265a26ddea8e309a4b57e033de26c8418aa8d00cb0a538fb60294152bbac85c3b69c48094aa702442603951cebf195533e902748b66fbc4f330a79936cfc18ecbcb803ccb3747d0be7b697093f700175e93bf870f5e78f02d7cbf4ee2e86356b386316557c1ce6aa9236e5525ecaec27a45bf529b9bb3b50ea8a2f03bc10fe535a5217fb559b05e52b43886a866e9c624905946d050db53cec74735b477c3f231aa1e2ff5edb721ee79aaf17929c45e7a3954205ccd762bf1fd52bb7b9bf31b27d92ce0f75c693da82955ed2a8b5e09df71e4963748ebb9e8cb1df2648421e0685430af406506756abeed381fc3c52f3f1153a5b2e817de5ed1338c93706c253241d2798b631a48b42078092f024316c16384a03a32137356295bda32d74103f72d24404a223e565b710d0664a14feab185d65e70ce70f9144ff91375d4653e979d238978f20a288ab8f3c3505405f278f975e61e762bff9567131ae5ae499116d8bba97cc5945346382d2d771285c3a85695ca9faa18678a598110c2bbbea64f6e109be222d3f402b90925d5a0db107339e08cef580a6c80a6d19725e32258a909a392e113bd344570c2c0c9d1fc9a4842ba995c3e41a214ab20c800ee57a9915a2e18ebfdd31b0e4c21f3f614774cf2ece2ea31435df1fb1a8a7510c540f7285bc83d36ae28bf37ad8ab2d4bf6c13598388856f9e80048cad3697796e217c9bbd8ede8db5a0ee269493216f1ee6724f6b101aa9400303f66e1d4f51931f138931fd889aa5f0fcd3b9c32a259e2278a25af6ad2830d90ac2b7255dbb1c47ce332b067f9e6e3e3d8cc69c4e8f5c89ded0ec1fd0408bb7f8f8ad1c8ea72b4f87581b67548f027fcfb4146b50fc5232623ba3d986b3d0554b56da4e58e73f6fc02d6dd729750fcf5ac7c4ab4fd0dc11f19051e39c02dde6c625a95240f4962ea7dcf476abc33629c8e7e917648e26fa80ec6890b3f15a04eab105bfa4a92d28af217aa7115b2ba8ebc5820146b5afb0d2ee50acc9b49eb2e1c3b03c5cb406faadf1136b9743e1a2b0a633a032dbfa8c648781a2998d1202f7877fe23f2997b29dbd77b37d7326c06e7e369fafc13dcd9bb5f0ddeaac03e192eb784f0fbc63390d4c7b4b0877137dac2c4c5b47dab09dfe856ec734d1855ed9c7f0ab27ae477f8bccd20937132fa643c8aff04420814c86df86d1b968b64d9d0ec0522fbefb82bc1fa265ab335bd46b1970b74c90ea4110ebdcbba187a275d6f810ee9e273e56299060e423a9f227b0bd64e0b2fa372a204503cb48f8e509e3aac1d82024361aa88fb3db5b8f0c06707e186da394fa89a7a052da9521ee36bf30fa04fd12d8b71158a7110d7986ad4b23de3236b72ef1d006b64447bc749232454793c3017355ff41ffeb8feb8793b59bcdd511fd90166ee6d29f5aef4e4d235677cbc516fd52356e2b1484ad4b4647674940ac112532fadf77110fbbb5c9d51a9eff9f9e18e75ef5e409c8e77f1fefde0d6b462433af2bfa2e667c4cd40579c6b7c16c0c1ba7c5594dabfee2fa45968652a280e71b5ad80e545879d6933333f1fe4669b341fee8446d645e6f08a47331a1e1c24ea46ed12730bd0feb375fcada36c009dfaffecb42e8655647779e488fbc3a143d4ab6f883870e0c5483fce968e2c19ccf42055d4c4c836ab7362296a9460f677dad15eb94ae831ce64605fe1e9ba614cee381e1c308a66a97a1beebd39b4a0050443af2b5312ec5ddced1042572371a7526ef1e3edde0b9578bcf5af7f09764a01265e551249ced6dd24eb85eed0dcaa72b37f3625d7d63911917350d6ddb5aeb107d3e9efede05deb136f74c27eeead939d5547587896d3b63a08e581be5b44e4eebd5afa2aebd679a61e29f1a6a204c1fe1a13f66c5aa5dee85abad67e99c6699802f46fbe73910e5f1cc166991cb1899b91850c2d2cca09702b26a90ae07a780ddb4d921571162509a90ec80b19d2587b2ba4d7239342269e38c16367e9bb97cad833a091c37dca65066393be4e85bbcd683cb8dbf213cfbc7c5985827e21e1cc9e4e31d05eb2104d43056fc76ce630069358efa5ab677bab21e6fd6e737ff10f46dbe7fa92d0d0d77b6fbc239723ea66ecb539954d8b8057e8e6806253151a04734220925d89e606e7a1ccf11bb9bbabbf4992c7f2bfa7342ccd1cc91a1c431d3d8453df29f52c7d8472f116aed32a322d5e6af0c578c8cfd59d67f5da519ca0adb0ab9ce45e1cd96e5d6ebdee628a44e2cd59b329945fa50fcaf752b67b0638ec873dfc1b5f8ab12db22782c0099b9ceee5b5a809484572c59165715a3f14a94998f61d18d81696c1c51692f4d208edfd398e2ea3f90813f789d58c6d5d1d5b3ade8b3ef850928e2aa43d7a28bb6614207d1e508ff31223dd7b8dbbbcc03b695e4d8240695b5702eb8c4dfc1da241c050d51487c74f4c57805d237bec473d2d290664b0945edd7858d552fdfc7e6fedb365623d5f1a5ac55077335d676bdf59ff15261a6a95bb4eee6712aa3f47356fd9480a674dc0fc0f618c02c368e68b0a650a31c4866720072616878e15f85461296e0eba8894010b3ace27a11ba326d96d7071575e9265e9023cc0d99d3cc08e948b9ea7226d1b1288dd56d507ff98d8aa05072899f6b93b3afeabd3fd393e856f125f14352ce10e01f48fed2181116f86cec39605e46bb4f79800441efdcc79e092019cf0df121f8c437361d7e9b0c648e7546a052daf164de93077813f5b276f313ae5d4d748ed38f112d74092437908803b91f19e423ef54404aa7d366bccee6a6aaf0a72db722984873e7685b01d0de2fa959dec58e56648583d5e44c258c1f039f802baed1639bc3d3cb994494821540725bb298f6128e42581e323393786b7f1182e2a4227a873e980dc1113c3be0b1869195e1e3f14c1437fa9a8fd2e5344afdd3c020251fe13750afe16f7ab4d0158a19b597b7c7ae6f1cec5061a038e9705ced2deea4ecf929f13eea73143d0c52dec311863f2b455ce728eb39b58223cccf9d8413ae60847b7b5f040466c09b2e1790951aa7571030b3ec04bb33ecdf1cf891ecea431425f9deaa5bbae7a2a9c3ef5fb1da8807ceb0161d4522ea383a2aa8e0e64c2aee1354bf6f2876837aead2d46456f9866af6073e2d0dc3f225ebe3834da470117d05ab56ed981efa555e487838711099d4740278c008f73ad468c11ae9ea600407f3bc4c59a7b9ffd375d2f3258a54917ca773665f82fa869b54fb49728cd4d5cdcb6afe2422e8c878508f86a73852d2db3e66007331dd164a8c292dfb855b59e9c384d3fc6d6c61634b805343c098a6b27411171796df4bb00af4ea7cbe61ecbe3be44592a94601928b4a170549e2dd8b5e24cde5b24170a8beb2c6bbd3d17d58ec719375919cdf052640153510848510c9fd5cdae54b17fca187d7a1d1a6cd533a8a426e1e72520af4f492e2b74a7b66e13392b17663a42f5c94351530620315dd3b019517d3ac8a89acb4474c7900d9d8d193920210cc74a0db16273366d9a6b3f4da573e24bc5f122544e2935fc08bfe0aed46ca5fbd04767717852993095e0baa1ff65c145bc94aaf616cc4dcc4e39afb355f4e5a30f2e62430419a1927208ed4e77083b98a0f9f0d1b6256b0c3290e1611d28bdeb7af1ffa7f2dd4ef756b23b24e69ce33aef47936830cc014b1be6e475ab74993f98067eb017ff292fb427648dcb05b2b6260f17d4f9c14b4747b01930278c53dbe6c119ccdf9a96b5d64caf6318ff7ef7c515944435c9cb7c2c96c246b2e04638114502413d65635a4674819ac3d4a5f", 0xd9d}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002940)=""/4096, 0x1000}], 0x1}, 0x0) 1.79514381s ago: executing program 1 (id=7291): r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) shutdown(r0, 0x0) 1.586759587s ago: executing program 5 (id=7292): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB="340000001c00070c000000000000000007000000", @ANYRES32=r1, @ANYBLOB="400000000a000200aaaaaaaaaa0c"], 0x34}}, 0x0) 1.514516088s ago: executing program 8 (id=7293): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="a7ffa888000000001c00128009000100766c616e000000000c00028006000100fcff"], 0x44}}, 0x0) 1.470596362s ago: executing program 3 (id=7294): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3800004, 0x3032, 0xffffffffffffffff, 0xd063c000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000340)=0x1d, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500)=""/19, &(0x7f0000000240)=0x10) 1.064947745s ago: executing program 1 (id=7295): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/tcp\x00') r1 = socket$inet(0x2, 0x1, 0x0) listen(r1, 0x0) pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x7d) 988.631903ms ago: executing program 3 (id=7296): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4) sendmsg$unix(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@cred={{0x1c}}], 0x20}, 0x0) 921.91763ms ago: executing program 6 (id=7297): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x56) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="240000001a00010000000000000000001c0000000000000000000000080001"], 0x24}}, 0x0) 762.781929ms ago: executing program 8 (id=7298): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)={0x38, 0x1403, 0x1, 0x0, 0x25dfdbfe, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0) 561.067273ms ago: executing program 3 (id=7299): syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x2810880, &(0x7f0000000000)=ANY=[], 0x8b, 0x2a7, &(0x7f0000000180)="$eJzs3U9P1EAYx/HftMuyCGIVjInxYFCiJwN4MV5IDPE1eNGo7JoQNxAVE/Ui8Wx8Ad69+AJ8EZ6MiWc9efIFcKuZ2Vl2yrZbWEIr8ftJFsp2/jzTdtt5miwVgP/WnbWfn27+ti8jxYol3ZYiu+qyGpLO60Lr5eb2xna30x7VUCy15F5GcjXNUJn1zU5eVVvP1fAS+1dDM+F7OB5pmqa/6g4CdWr533Heykia9J/OOCx8ku3E0k7dQdTM7GpXrzRbdxwAgHqZ3vU98tf5GT9/jyJp0V/2w+v/j9M1x3s017Rbdwg1C67/LstKjd2/Z9yqQb7nUji7PupniYftx04em+odWZkJpslmlcPJooslmnqy0e3cWN/qtiO906oXFJuXtKq2z1m9kmgXcrrLaurgrY0w7cYwYcewUhD/XF6n4/dYznw138wDk+ij2nvzv0ZqbPcugmRvT92dGMS/VNTc1rP7rlavVMEoz7pOLmY37MhRxkUZifyWSmNlbxAk2TibubWa2lerN7rlop58O3O5tVZKas3bWp+DWoOjubjmcTMfzD2zoD/6orVg/h/Zrb2o4U9mfiOupD8y+uPJzQ0brmQSvrVzKbfNaLzxYCzv9Vi3NPvi9Zunj7rdzvOqF2wMlXfKQm+hfxD8K/GMt2DPsftXNarpvXnkTdfSoQoPjzRc6J86D9Bg/yRd2mktZyVUbLDTi8u8rTIgVM2ePEwv/wvylSWXItkfyYh5elo2bQtaXM7JDSb3Cp4KWjL+/nxxBjRdnMEdNOe6cl26GrxZknMlOidNjRzrSWLW9F0Puf8PAAAAAAAAAAAAAAAAAABw0lTxbY2gO/6jDwAAAAAAAAAAAAAAAAAAAAAAYyh+/m9Lx/j838z3AHj+L1CPvwEAAP//pAVz+Q==") creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) sync() rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 351.252506ms ago: executing program 1 (id=7300): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0) write$cgroup_int(r1, &(0x7f0000000040)=0x1c8, 0x12) 252.803137ms ago: executing program 5 (id=7301): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000001c0)={0x2, 0x0, [{0x0, 0x1000, &(0x7f0000001600)=""/4096}, {0x0, 0xffffffffffffffac, &(0x7f0000002600)=""/4096}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1) 0s ago: executing program 1 (id=7302): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x24, &(0x7f0000000340)=0x7e, 0x4) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1}, 0x8) setsockopt$inet6_tcp_int(r0, 0x6, 0x9, 0x0, 0x0) kernel console output (not intermixed with test programs): vice loop3 [ 1375.755846][T20216] sysv_free_block: trying to free block not in datazone [ 1375.920444][ T5804] Bluetooth: hci1: command tx timeout [ 1375.954737][T20139] team0: Port device team_slave_0 added [ 1375.977337][T20139] team0: Port device team_slave_1 added [ 1376.183127][T20220] loop6: detected capacity change from 0 to 256 [ 1376.190013][ T5809] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1376.263514][T20139] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1376.276203][T20139] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1376.307702][T20139] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1376.314704][T15824] em28xx 9-1:0.0: chip ID is em2884 [ 1376.395354][T16181] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 1376.431382][T20139] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1376.438581][T20139] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1376.472732][T20139] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1376.585724][T16181] usb 3-1: Using ep0 maxpacket: 16 [ 1376.603473][T16181] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 1376.614651][T16181] usb 3-1: config 0 has no interface number 0 [ 1376.623777][T16181] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1376.635866][T15824] em28xx 9-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 1376.635914][T16181] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1376.636135][T16181] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00 [ 1376.647586][T15824] em28xx 9-1:0.0: board has no eeprom [ 1376.660147][T16181] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1376.795137][T16181] usb 3-1: config 0 descriptor?? [ 1376.836937][T15824] em28xx 9-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 1376.848603][T15824] em28xx 9-1:0.0: dvb set to bulk mode. [ 1376.859263][ T8] em28xx 9-1:0.0: Binding DVB extension [ 1376.921738][T20139] hsr_slave_0: entered promiscuous mode [ 1376.925659][T15824] usb 9-1: USB disconnect, device number 4 [ 1376.943463][T15824] em28xx 9-1:0.0: Disconnecting em28xx [ 1376.984380][T20139] hsr_slave_1: entered promiscuous mode [ 1377.029577][T20139] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1377.038161][T20139] Cannot create hsr debugfs directory [ 1377.325299][ T8] em28xx 9-1:0.0: Registering input extension [ 1377.519124][T16181] input: HID 28bd:0071 Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0071.002A/input/input46 [ 1377.606039][T20229] netlink: 144 bytes leftover after parsing attributes in process `syz.6.5896'. [ 1377.653368][T16181] input: HID 28bd:0071 Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/0003:28BD:0071.002A/input/input47 [ 1377.785525][T16181] uclogic 0003:28BD:0071.002A: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.2-1/input1 [ 1377.837829][ T8] rc_core: IR keymap rc-pinnacle-pctv-hd not found [ 1377.848799][ T8] Registered IR keymap rc-empty [ 1377.858429][ T8] rc rc0: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0 [ 1377.871207][T16181] usb 3-1: USB disconnect, device number 34 [ 1377.885297][ T8] input: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input45 [ 1378.024038][ T8] em28xx 9-1:0.0: Input extension successfully initialized [ 1378.106623][T15824] em28xx 9-1:0.0: Closing input extension [ 1378.157553][T20231] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5888'. [ 1378.484683][T20237] netlink: 20 bytes leftover after parsing attributes in process `syz.8.5891'. [ 1378.618127][T20139] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1378.644959][T15824] em28xx 9-1:0.0: Freeing device [ 1378.742988][T20139] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1378.824048][T20139] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1378.858728][T20139] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1379.228317][T20240] loop6: detected capacity change from 0 to 256 [ 1379.419549][T20240] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d) [ 1379.885502][T20139] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1379.966431][T20139] 8021q: adding VLAN 0 to HW filter on device team0 [ 1380.005972][ T4197] bridge0: port 1(bridge_slave_0) entered blocking state [ 1380.013751][ T4197] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1380.148701][ T4197] bridge0: port 2(bridge_slave_1) entered blocking state [ 1380.156481][ T4197] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1380.589622][T20139] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1381.497526][T20268] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 1382.360678][T20139] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1382.899066][T20283] loop3: detected capacity change from 0 to 1024 [ 1383.006032][T20283] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1383.066032][T20288] loop8: detected capacity change from 0 to 64 [ 1383.289282][T20291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5912'. [ 1383.376308][T20288] hfs: keylen 1794 too large [ 1383.406180][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1383.757056][T17589] hfs: node 4:3 still has 1 user(s)! [ 1384.787466][T20139] veth0_vlan: entered promiscuous mode [ 1384.947761][T20139] veth1_vlan: entered promiscuous mode [ 1385.164070][T20311] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5920'. [ 1385.331217][T20139] veth0_macvtap: entered promiscuous mode [ 1385.415993][T20139] veth1_macvtap: entered promiscuous mode [ 1385.495188][T20301] loop8: detected capacity change from 0 to 4096 [ 1385.557329][T20301] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1385.650705][T20139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1385.661556][T20139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1385.679555][T20139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1385.691127][T20139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1385.711848][T20139] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1385.826871][T20139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1385.838718][T20139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1385.858074][T20139] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1385.868953][T20139] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1385.887138][T20139] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1385.968803][T20139] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1385.986984][T20139] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1385.996896][T20139] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1386.009149][T20139] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1386.325175][T20301] ntfs3(loop8): failed to convert "c46c" to maccenteuro [ 1386.457064][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1387.614757][T20335] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5930'. [ 1388.747241][T20346] program syz.6.5934 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1390.073598][T20371] bond_slave_0: entered promiscuous mode [ 1390.079623][T20371] bond_slave_1: entered promiscuous mode [ 1390.085807][T20371] bridge0: entered promiscuous mode [ 1390.091494][T20371] dummy0: entered promiscuous mode [ 1390.104576][T20371] 8021q: adding VLAN 0 to HW filter on device macvlan4 [ 1390.134665][T20371] bond_slave_0: left promiscuous mode [ 1390.140465][T20371] bond_slave_1: left promiscuous mode [ 1390.146208][T20371] bridge0: left promiscuous mode [ 1390.151603][T20371] dummy0: left promiscuous mode [ 1391.082901][T20379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5945'. [ 1392.176049][T20394] loop2: detected capacity change from 0 to 64 [ 1393.445793][T20405] netlink: 76 bytes leftover after parsing attributes in process `syz.8.5954'. [ 1394.052037][T14397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1394.060262][T14397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1394.135305][ T29] audit: type=1326 audit(1729844526.828:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.138352][ T9623] bridge0: port 3(syz_tun) entered disabled state [ 1394.158754][ T29] audit: type=1326 audit(1729844526.828:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.199192][ T29] audit: type=1326 audit(1729844526.838:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.226748][ T29] audit: type=1326 audit(1729844526.838:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.250083][ T29] audit: type=1326 audit(1729844526.848:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.280487][ T29] audit: type=1326 audit(1729844526.848:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.367981][ T9623] syz_tun (unregistering): left allmulticast mode [ 1394.379215][ T9623] syz_tun (unregistering): left promiscuous mode [ 1394.389666][ T9623] bridge0: port 3(syz_tun) entered disabled state [ 1394.644095][ T29] audit: type=1326 audit(1729844527.058:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=427 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.659331][ T3891] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1394.666302][ C0] vkms_vblank_simulate: vblank timer overrun [ 1394.671384][ T29] audit: type=1326 audit(1729844527.058:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20409 comm="syz.3.5958" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3579 code=0x7ffc0000 [ 1394.679902][ T3891] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1394.979428][ T4197] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1394.997067][ T4197] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1395.316712][ T4197] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1395.332804][ T4197] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1395.588289][ T4197] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1395.600535][ T4197] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1395.794870][ T4197] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1395.815490][ T4197] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1396.413332][ T4197] bridge0: port 2(bridge_slave_1) entered disabled state [ 1396.435138][ T4197] bridge_slave_0: left allmulticast mode [ 1396.444888][ T4197] bridge_slave_0: left promiscuous mode [ 1396.455084][ T4197] bridge0: port 1(bridge_slave_0) entered disabled state [ 1396.457945][T20426] loop9: detected capacity change from 0 to 164 [ 1396.515973][T17592] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1396.563245][T17592] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1396.583821][T17592] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1396.960516][T17592] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1397.022959][T17592] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1397.044968][T17592] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1397.764336][ T4197] bond0 (unregistering): (slave bridge0): Releasing backup interface [ 1398.087733][ T4197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1398.137089][ T4197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1398.166072][ T4197] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 1398.187247][ T4197] bond0 (unregistering): Released all slaves [ 1399.657367][T17592] Bluetooth: hci3: command tx timeout [ 1399.866887][T20446] loop3: detected capacity change from 0 to 512 [ 1399.965250][T20446] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 1400.265594][T20446] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1400.284371][T20446] ext4 filesystem being mounted at /1194/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1400.500704][ T5859] usb 7-1: new high-speed USB device number 23 using dummy_hcd [ 1400.514078][ T4197] hsr_slave_0: left promiscuous mode [ 1400.546860][ T4197] hsr_slave_1: left promiscuous mode [ 1400.597950][ T4197] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1400.606028][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1400.686275][ T5859] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16 [ 1400.696683][ T5859] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64 [ 1400.825610][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1400.873191][ T5859] usb 7-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32 [ 1400.885473][ T5859] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1400.896440][ T5859] usb 7-1: Product: syz [ 1400.900956][ T5859] usb 7-1: Manufacturer: syz [ 1400.905794][ T5859] usb 7-1: SerialNumber: syz [ 1400.974516][ T4197] veth1_macvtap: left promiscuous mode [ 1400.983785][ T4197] veth0_macvtap: left promiscuous mode [ 1400.989675][ T4197] veth1_vlan: left promiscuous mode [ 1400.998994][ T4197] veth0_vlan: left promiscuous mode [ 1401.014456][ T5859] usb 7-1: config 0 descriptor?? [ 1401.025966][T20456] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1401.045567][T20456] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1401.379526][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1401.392534][T20456] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1401.408076][T20456] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1401.693597][T17592] Bluetooth: hci3: command tx timeout [ 1402.086394][ T5859] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00 [ 1402.930369][ T5859] dm9601 7-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID [ 1402.976900][ T5859] usb 7-1: USB disconnect, device number 23 [ 1403.281622][T20473] loop9: detected capacity change from 0 to 512 [ 1403.447192][T20430] chnl_net:caif_netlink_parms(): no params data found [ 1403.635494][T20473] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.5981: invalid indirect mapped block 256 (level 2) [ 1403.644401][ T4197] IPVS: stop unused estimator thread 0... [ 1403.765048][T17592] Bluetooth: hci3: command tx timeout [ 1403.817840][T20473] EXT4-fs (loop9): 2 truncates cleaned up [ 1403.831053][T20473] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1403.864974][T20473] EXT4-fs error (device loop9): ext4_validate_block_bitmap:432: comm syz.9.5981: bg 0: block 5: invalid block bitmap [ 1404.462001][T20139] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1404.913060][T20430] bridge0: port 1(bridge_slave_0) entered blocking state [ 1404.921570][T20430] bridge0: port 1(bridge_slave_0) entered disabled state [ 1404.940084][T20430] bridge_slave_0: entered allmulticast mode [ 1404.949135][T20430] bridge_slave_0: entered promiscuous mode [ 1405.106204][T20430] bridge0: port 2(bridge_slave_1) entered blocking state [ 1405.120392][T20430] bridge0: port 2(bridge_slave_1) entered disabled state [ 1405.133972][T20430] bridge_slave_1: entered allmulticast mode [ 1405.148410][T20430] bridge_slave_1: entered promiscuous mode [ 1405.548864][T20430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1405.672692][T20430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1405.852076][T17592] Bluetooth: hci3: command tx timeout [ 1406.028443][T20430] team0: Port device team_slave_0 added [ 1406.037170][T20492] loop3: detected capacity change from 0 to 4096 [ 1406.075099][ T5859] usb 7-1: new high-speed USB device number 24 using dummy_hcd [ 1406.106775][T20492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1406.163141][T20430] team0: Port device team_slave_1 added [ 1406.381836][ T5859] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1406.382784][T20507] loop9: detected capacity change from 0 to 512 [ 1406.398559][ T5859] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1406.410199][ T5859] usb 7-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00 [ 1406.413490][T20430] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1406.419435][ T5859] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1406.430424][T20430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1406.430581][T20430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1406.454890][T20430] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1406.498809][T20430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1406.511860][T20507] EXT4-fs (loop9): couldn't mount as ext2 due to feature incompatibilities [ 1406.528453][T20430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1406.663124][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1406.683795][ T5859] usb 7-1: config 0 descriptor?? [ 1407.022901][T20430] hsr_slave_0: entered promiscuous mode [ 1407.120946][T20430] hsr_slave_1: entered promiscuous mode [ 1407.151756][ T5859] holtek 0003:1241:5015.002B: collection stack underflow [ 1407.155622][T20510] loop3: detected capacity change from 0 to 512 [ 1407.159174][ T5859] holtek 0003:1241:5015.002B: item 0 4 0 12 parsing failed [ 1407.174637][T20510] EXT4-fs: Ignoring removed mblk_io_submit option [ 1407.195085][T20430] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1407.206958][T20430] Cannot create hsr debugfs directory [ 1407.248034][ T5859] holtek 0003:1241:5015.002B: parse failed [ 1407.257084][ T5859] holtek 0003:1241:5015.002B: probe with driver holtek failed with error -22 [ 1407.277176][T20510] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1407.354483][T20510] EXT4-fs (loop3): 1 truncate cleaned up [ 1407.358208][ T5859] usb 7-1: USB disconnect, device number 24 [ 1407.363468][T20510] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1407.648292][T20514] sctp: [Deprecated]: syz.9.5998 (pid 20514) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1407.648292][T20514] Use struct sctp_sack_info instead [ 1407.674017][T20514] sctp: [Deprecated]: syz.9.5998 (pid 20514) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1407.674017][T20514] Use struct sctp_sack_info instead [ 1408.008465][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1408.439516][T20520] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6003'. [ 1408.454492][T20520] netlink: 32 bytes leftover after parsing attributes in process `syz.8.6003'. [ 1408.883429][T19857] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 1409.168642][T19857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1409.183942][T19857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1409.198020][T19857] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00 [ 1409.210919][T19857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1409.239553][T19857] usb 4-1: config 0 descriptor?? [ 1409.885151][T19857] zydacron 0003:13EC:0006.002C: unknown main item tag 0x0 [ 1409.898274][T19857] zydacron 0003:13EC:0006.002C: unknown main item tag 0x0 [ 1409.911494][T19857] zydacron 0003:13EC:0006.002C: unknown main item tag 0x0 [ 1409.918996][T19857] zydacron 0003:13EC:0006.002C: unknown main item tag 0x0 [ 1409.932949][T19857] zydacron 0003:13EC:0006.002C: item fetching failed at offset 4/5 [ 1409.948040][T19857] zydacron 0003:13EC:0006.002C: parse failed [ 1409.963565][T19857] zydacron 0003:13EC:0006.002C: probe with driver zydacron failed with error -22 [ 1409.988267][T19857] usb 4-1: USB disconnect, device number 39 [ 1410.165642][T20430] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1410.205891][T20430] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1410.253727][T20430] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1410.375476][T20430] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1410.403387][T20544] loop9: detected capacity change from 0 to 128 [ 1410.448127][T20544] VFS: Found a Xenix FS (block size = 512) on device loop9 [ 1410.638927][T20544] sysv_free_block: trying to free block not in datazone [ 1410.696294][T20544] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1411.157144][T20549] loop8: detected capacity change from 0 to 2048 [ 1411.418755][T20549] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1411.538918][T20549] EXT4-fs (loop8): shut down requested (2) [ 1411.657413][T20430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1411.930929][T17589] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1411.961290][T20430] 8021q: adding VLAN 0 to HW filter on device team0 [ 1412.017915][T20563] netlink: 'syz.9.6012': attribute type 63 has an invalid length. [ 1412.033131][T20563] netlink: 5 bytes leftover after parsing attributes in process `syz.9.6012'. [ 1412.079562][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 1412.087345][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1412.219386][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 1412.227182][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1413.987432][T20585] tap0: tun_chr_ioctl cmd 1074025677 [ 1413.993651][T20585] tap0: linktype set to 825 [ 1414.618094][T20430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1415.181683][T20601] loop3: detected capacity change from 0 to 512 [ 1415.248344][T20601] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1415.409578][T20601] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.6024: invalid indirect mapped block 512 (level 0) [ 1415.435865][T20430] veth0_vlan: entered promiscuous mode [ 1415.438036][T20601] EXT4-fs (loop3): Remounting filesystem read-only [ 1415.499451][T20601] EXT4-fs (loop3): 1 orphan inode deleted [ 1415.509091][T20601] EXT4-fs (loop3): 1 truncate cleaned up [ 1415.523856][T20601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1415.638787][T20430] veth1_vlan: entered promiscuous mode [ 1416.006400][T20430] veth0_macvtap: entered promiscuous mode [ 1416.038459][T20430] veth1_macvtap: entered promiscuous mode [ 1416.119263][T20430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1416.133583][T20430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1416.148157][T20430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1416.164558][T20430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1416.185593][T20430] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1416.236658][T20430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1416.250924][T20430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1416.265378][T20430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1416.280222][T20430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1416.293687][T20430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1416.307729][T20430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1416.326351][T20430] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1416.326929][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1416.489272][T20430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1416.504675][T20430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1416.517257][T20430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1416.529117][T20430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1416.687361][T20617] loop9: detected capacity change from 0 to 8 [ 1417.536271][T20628] loop8: detected capacity change from 0 to 512 [ 1418.005441][T20628] EXT4-fs: Ignoring removed mblk_io_submit option [ 1418.116633][T20628] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1418.443855][T20628] EXT4-fs (loop8): 1 truncate cleaned up [ 1418.457926][T20628] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1419.041107][T17589] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1420.586422][T20675] loop3: detected capacity change from 0 to 1024 [ 1421.397613][T20689] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6049'. [ 1421.640544][T20694] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 1421.649335][T20694] mac80211_hwsim hwsim3 wlan1: left allmulticast mode [ 1421.944234][T20414] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1422.173722][T20414] usb 10-1: Using ep0 maxpacket: 16 [ 1422.223396][T20414] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1422.238309][T20414] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1422.252701][T20414] usb 10-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00 [ 1422.266071][T20414] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1422.406361][T20414] usb 10-1: config 0 descriptor?? [ 1423.305790][T20414] corsair 0003:1B1C:1B02.002D: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.9-1/input0 [ 1423.649614][T20721] loop6: detected capacity change from 0 to 256 [ 1423.724964][T20721] exfat: Deprecated parameter 'namecase' [ 1423.731188][T20721] exfat: Deprecated parameter 'utf8' [ 1423.737505][T20721] exfat: Deprecated parameter 'namecase' [ 1423.747273][T20721] exfat: Deprecated parameter 'utf8' [ 1424.036431][T16181] usb 10-1: USB disconnect, device number 2 [ 1424.241650][T20730] loop3: detected capacity change from 0 to 256 [ 1424.255753][ T5859] usb 9-1: new high-speed USB device number 5 using dummy_hcd [ 1424.439602][T20730] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 1424.460633][T20730] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 1424.550535][T20721] exFAT-fs (loop6): failed to load upcase table (idx : 0x00012153, chksum : 0x555ffa9e, utbl_chksum : 0xe619d30d) [ 1424.607011][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1424.615346][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1424.721777][ T4197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1424.730123][ T4197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1424.759584][ T5859] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1424.775522][ T5859] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1424.963703][ T5859] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1424.974236][ T5859] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1424.987957][ T5859] usb 9-1: SerialNumber: syz [ 1425.613423][T20738] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5964'. [ 1425.667315][ T5859] usb 9-1: 0:2 : does not exist [ 1426.236563][ T5859] usb 9-1: USB disconnect, device number 5 [ 1426.378317][T20749] loop9: detected capacity change from 0 to 256 [ 1426.567297][T20749] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 1426.586887][T20749] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 1426.690171][T16181] usb 4-1: new high-speed USB device number 40 using dummy_hcd [ 1427.028956][T16181] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1427.050599][T16181] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1427.062436][T16181] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1427.078131][T16181] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1427.127561][T20751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 1427.172193][T16181] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 1427.451728][T20139] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000006) [ 1427.464601][T20139] exFAT-fs (loop9): Filesystem has been set read-only [ 1427.476159][T20139] exFAT-fs (loop9): error, invalid access to FAT free cluster (entry 0x00000006) [ 1427.707097][T16181] usb 4-1: USB disconnect, device number 40 [ 1428.334791][T20776] loop6: detected capacity change from 0 to 512 [ 1428.924945][T20787] loop3: detected capacity change from 0 to 128 [ 1429.002924][T20787] VFS: Found a Xenix FS (block size = 512) on device loop3 [ 1429.015865][T20776] EXT4-fs error (device loop6): ext4_orphan_get:1388: inode #15: comm syz.6.6072: casefold flag without casefold feature [ 1429.084403][T20776] EXT4-fs error (device loop6): ext4_orphan_get:1393: comm syz.6.6072: couldn't read orphan inode 15 (err -117) [ 1429.134850][T20787] sysv_free_block: trying to free block not in datazone [ 1429.137093][T20776] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1429.155903][T20787] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 1429.643478][T16181] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1429.925922][T16181] usb 10-1: Using ep0 maxpacket: 8 [ 1430.058068][T16181] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1430.069610][T16181] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1430.090085][T16181] usb 10-1: New USB device found, idVendor=056a, idProduct=0333, bcdDevice= 0.00 [ 1430.099537][T16181] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1430.187055][T20801] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6080'. [ 1430.234819][T20802] netlink: 88 bytes leftover after parsing attributes in process `syz.8.6078'. [ 1430.244449][T20802] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6078'. [ 1430.303267][T20801] netlink: 173 bytes leftover after parsing attributes in process `syz.3.6080'. [ 1430.373748][T16181] usb 10-1: config 0 descriptor?? [ 1430.398349][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1431.296992][T20816] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6086'. [ 1431.491236][T16181] wacom 0003:056A:0333.002E: hidraw0: USB HID v0.00 Device [HID 056a:0333] on usb-dummy_hcd.9-1/input0 [ 1431.587603][T15071] usb 10-1: USB disconnect, device number 3 [ 1432.095536][T20822] loop0: detected capacity change from 0 to 4096 [ 1432.135516][T20814] loop6: detected capacity change from 0 to 2048 [ 1432.504460][T20830] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 1432.666772][T20832] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1433.056670][T20814] NILFS error (device loop6): nilfs_readdir: bad page in #12 [ 1433.234672][T20814] Remounting filesystem read-only [ 1434.434763][T20855] loop0: detected capacity change from 0 to 8 [ 1435.278896][T20862] loop6: detected capacity change from 0 to 64 [ 1435.313211][T20862] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 1436.054602][T20872] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1436.067148][T20872] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1436.083406][T20872] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1436.095935][T20872] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1436.108488][T20872] vxlan0: entered promiscuous mode [ 1436.117322][T20872] vxlan0: entered allmulticast mode [ 1436.403160][T20872] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1436.415939][T20872] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1436.428618][T20872] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1436.442200][T20872] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 1436.488786][T20880] misc userio: No port type given on /dev/userio [ 1438.806066][T20903] sctp: [Deprecated]: syz.8.6107 (pid 20903) Use of int in maxseg socket option. [ 1438.806066][T20903] Use struct sctp_assoc_value instead [ 1438.844895][T20912] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1440.155371][ T29] audit: type=1326 audit(1729844572.788:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.181557][ T29] audit: type=1326 audit(1729844572.788:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.207492][ T29] audit: type=1326 audit(1729844572.798:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.233865][ T29] audit: type=1326 audit(1729844572.798:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.262372][ T29] audit: type=1326 audit(1729844572.798:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.284966][ T29] audit: type=1326 audit(1729844572.808:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.310954][ T29] audit: type=1326 audit(1729844572.808:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.337334][ T29] audit: type=1326 audit(1729844572.808:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.363357][ T29] audit: type=1326 audit(1729844572.818:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=307 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.389116][ T29] audit: type=1326 audit(1729844572.818:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20928 comm="syz.0.6121" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x7ffc0000 [ 1440.588894][T20926] vlan4: entered promiscuous mode [ 1440.600286][T20926] vlan4: entered allmulticast mode [ 1440.644221][T20926] team0: Port device vlan4 added [ 1441.833939][T20414] usb 7-1: new high-speed USB device number 25 using dummy_hcd [ 1442.068176][T20414] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1442.086824][T20414] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 1442.101602][T20414] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1442.114441][T20414] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1442.148327][T20945] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22 [ 1442.242799][T20414] usb 7-1: Quirk or no altset; falling back to MIDI 1.0 [ 1442.967917][T19857] usb 7-1: USB disconnect, device number 25 [ 1443.043808][T20414] usb 9-1: new high-speed USB device number 6 using dummy_hcd [ 1443.299624][T20414] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 1443.316022][T20414] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1443.327938][T20414] usb 9-1: Product: syz [ 1443.335696][T20414] usb 9-1: Manufacturer: syz [ 1443.344028][T20414] usb 9-1: SerialNumber: syz [ 1443.446781][T20414] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 1443.613621][T19857] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 1443.781712][T20966] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6135'. [ 1443.815473][T20967] netlink: 'syz.0.6136': attribute type 1 has an invalid length. [ 1443.831830][T20967] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6136'. [ 1444.737187][T19857] ath9k_htc 9-1:1.0: ath9k_htc: Target is unresponsive [ 1444.753454][T19857] ath9k_htc: Failed to initialize the device [ 1444.767684][T20974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1444.798737][T20974] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1445.037817][T19857] usb 9-1: ath9k_htc: USB layer deinitialized [ 1445.177600][T20414] usb 9-1: USB disconnect, device number 6 [ 1445.423712][T20978] loop3: detected capacity change from 0 to 8 [ 1445.451179][T20978] squashfs: Unknown parameter '18446744073709551615' [ 1445.627881][T20982] loop9: detected capacity change from 0 to 256 [ 1445.685278][T20982] exfat: Deprecated parameter 'utf8' [ 1446.027380][T20982] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xc61f63e4, utbl_chksum : 0xe619d30d) [ 1446.415942][T20983] loop0: detected capacity change from 0 to 4096 [ 1446.617518][T20994] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 1446.641972][T15071] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 1446.859999][T15071] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1446.876800][T15071] usb 9-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1446.890943][T15071] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 1446.906188][T15071] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1447.126011][T21003] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1447.187804][T15071] usb 9-1: Quirk or no altset; falling back to MIDI 1.0 [ 1447.197943][T21004] netpci0: tun_chr_ioctl cmd 1074025677 [ 1447.198371][T21004] netpci0: linktype set to 0 [ 1447.226667][T15071] usb 9-1: invalid MIDI out EP 0 [ 1447.401992][T15071] snd-usb-audio 9-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 1447.458698][T15071] usb 9-1: USB disconnect, device number 7 [ 1447.866251][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1450.460785][T21027] bridge0: port 2(bridge_slave_1) entered disabled state [ 1450.470940][T21027] bridge0: port 1(bridge_slave_0) entered disabled state [ 1450.569588][T21043] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6162'. [ 1450.613413][T20414] usb 4-1: new high-speed USB device number 41 using dummy_hcd [ 1450.636893][T21036] loop6: detected capacity change from 0 to 1024 [ 1450.807963][T20414] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1450.821014][T20414] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1450.845442][ T5084] hfsplus: b-tree write err: -5, ino 4 [ 1450.927237][T20414] usb 4-1: config 0 descriptor?? [ 1450.994127][T20414] cp210x 4-1:0.0: cp210x converter detected [ 1451.259296][T21027] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1451.655136][T20414] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1451.704461][T20414] usb 4-1: cp210x converter now attached to ttyUSB0 [ 1451.923684][ T4197] hfsplus: b-tree write err: -5, ino 4 [ 1452.252636][T20414] usb 4-1: USB disconnect, device number 41 [ 1452.404839][T20414] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1452.545898][T21059] bridge0: port 3(syz_tun) entered blocking state [ 1452.563316][T21059] bridge0: port 3(syz_tun) entered disabled state [ 1452.570859][T21059] syz_tun: entered allmulticast mode [ 1452.579177][T21059] syz_tun: entered promiscuous mode [ 1452.744184][T20414] cp210x 4-1:0.0: device disconnected [ 1453.033091][T21062] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 1453.592209][T21072] netlink: 16 bytes leftover after parsing attributes in process `syz.9.6171'. [ 1453.683163][T21049] loop8: detected capacity change from 0 to 4096 [ 1453.979618][T21075] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1455.602223][T21095] loop8: detected capacity change from 0 to 4096 [ 1455.638996][T21095] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512). [ 1456.610961][T21108] loop9: detected capacity change from 0 to 128 [ 1458.862532][T15071] usb 7-1: new high-speed USB device number 26 using dummy_hcd [ 1459.107529][T15071] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1459.126865][T15071] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1459.137270][T15071] usb 7-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 1459.146749][T15071] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1459.248025][T21141] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6195'. [ 1459.325230][T21143] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6197'. [ 1459.374925][T15071] usb 7-1: config 0 descriptor?? [ 1459.963043][T15071] cm6533_jd 0003:0D8C:0022.002F: unknown main item tag 0x0 [ 1459.971059][T15071] cm6533_jd 0003:0D8C:0022.002F: unknown main item tag 0x0 [ 1459.978647][T15071] cm6533_jd 0003:0D8C:0022.002F: item fetching failed at offset 2/5 [ 1460.090666][T15071] cm6533_jd 0003:0D8C:0022.002F: parse failed [ 1460.097399][T15071] cm6533_jd 0003:0D8C:0022.002F: probe with driver cm6533_jd failed with error -22 [ 1460.368662][T20413] usb 7-1: USB disconnect, device number 26 [ 1462.668415][T21184] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6211'. [ 1462.866195][T21188] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6212'. [ 1463.573917][T21177] loop8: detected capacity change from 0 to 4096 [ 1464.535388][T21207] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1465.457324][T21217] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1466.104709][T21225] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6225'. [ 1467.582251][T21247] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6231'. [ 1467.683791][T20414] usb 4-1: new high-speed USB device number 42 using dummy_hcd [ 1467.867871][T20414] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1467.882792][T20414] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1467.966820][T20414] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1467.984080][T20414] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1467.996019][T20414] usb 4-1: SerialNumber: syz [ 1468.306462][T20414] usb 4-1: 0:2 : does not exist [ 1468.576989][T20414] usb 4-1: USB disconnect, device number 42 [ 1470.119447][T15071] usb 10-1: new high-speed USB device number 4 using dummy_hcd [ 1470.485995][T17592] Bluetooth: hci0: command 0x0406 tx timeout [ 1470.523267][T15071] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1470.538779][T15071] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1470.625158][T15071] usb 10-1: config 0 descriptor?? [ 1470.728475][T15071] cp210x 10-1:0.0: cp210x converter detected [ 1471.119301][T15071] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1471.228637][T15071] usb 10-1: cp210x converter now attached to ttyUSB0 [ 1471.376920][T15071] usb 10-1: USB disconnect, device number 4 [ 1471.446883][T15071] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1471.536167][T15071] cp210x 10-1:0.0: device disconnected [ 1471.993432][T21295] loop0: detected capacity change from 0 to 512 [ 1472.115668][T21295] EXT4-fs: Ignoring removed mblk_io_submit option [ 1472.178646][T21295] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1472.493990][T21291] loop3: detected capacity change from 0 to 4096 [ 1473.005423][T21316] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1473.186324][T21295] EXT4-fs (loop0): 1 truncate cleaned up [ 1473.194248][T21295] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1473.318903][T21322] loop6: detected capacity change from 0 to 256 [ 1473.725564][T17592] Bluetooth: hci3: command tx timeout [ 1473.975342][T20430] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1475.285313][T21345] loop8: detected capacity change from 0 to 1024 [ 1475.536785][T21345] hfsplus: extend alloc file! (8192,65536,366) [ 1475.908247][T21353] netlink: 16 bytes leftover after parsing attributes in process `syz.9.6267'. [ 1476.528967][T21361] Process accounting resumed [ 1476.537445][T21361] kernel write not supported for file /asound/timers (pid: 21361 comm: syz.3.6270) [ 1476.657008][T21363] netlink: 8 bytes leftover after parsing attributes in process `syz.8.6271'. [ 1477.577300][T21368] loop9: detected capacity change from 0 to 2048 [ 1477.707470][T21368] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1478.284377][T20139] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1479.553431][T20414] usb 4-1: new high-speed USB device number 43 using dummy_hcd [ 1479.733406][T20414] usb 4-1: Using ep0 maxpacket: 16 [ 1479.766911][T20414] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1479.782096][T20414] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1479.795717][T20414] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1479.812464][T20414] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 1479.825360][T20414] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1479.865015][T20414] usb 4-1: config 0 descriptor?? [ 1480.346734][T20414] microsoft 0003:045E:07DA.0030: report is too long [ 1480.357459][T20414] microsoft 0003:045E:07DA.0030: item 0 4 0 8 parsing failed [ 1480.409466][T20414] microsoft 0003:045E:07DA.0030: parse failed [ 1480.423149][T20414] microsoft 0003:045E:07DA.0030: probe with driver microsoft failed with error -22 [ 1480.432750][T21406] loop9: detected capacity change from 0 to 16 [ 1480.544797][T21406] erofs: (device loop9): mounted with root inode @ nid 36. [ 1480.585252][T20414] usb 4-1: USB disconnect, device number 43 [ 1480.846567][T21406] erofs: (device loop9): erofs_fill_dentries: bogus dirent @ nid 46 [ 1481.906548][T20139] syz_tun (unregistering): left allmulticast mode [ 1481.918742][T20139] syz_tun (unregistering): left promiscuous mode [ 1481.936874][T20139] bridge0: port 3(syz_tun) entered disabled state [ 1482.129161][ T4197] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1482.307771][T16181] usb 4-1: new high-speed USB device number 44 using dummy_hcd [ 1482.318076][ T4197] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1482.526770][ T4197] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1482.533449][T16181] usb 4-1: config index 0 descriptor too short (expected 65323, got 119) [ 1482.558993][T16181] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1482.571197][T16181] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1482.588244][T16181] usb 4-1: config 1 has no interface number 1 [ 1482.594878][T16181] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1482.608151][T16181] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1482.735404][ T4197] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1482.859443][T16181] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1482.868957][T16181] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1482.886255][T16181] usb 4-1: Product: syz [ 1482.891734][T16181] usb 4-1: Manufacturer: syz [ 1482.897600][T16181] usb 4-1: SerialNumber: syz [ 1483.244440][ T4197] bridge_slave_1: left allmulticast mode [ 1483.250920][ T4197] bridge_slave_1: left promiscuous mode [ 1483.258264][ T4197] bridge0: port 2(bridge_slave_1) entered disabled state [ 1483.329445][ T4197] bridge_slave_0: left allmulticast mode [ 1483.343717][ T4197] bridge_slave_0: left promiscuous mode [ 1483.350878][ T4197] bridge0: port 1(bridge_slave_0) entered disabled state [ 1483.496577][T16181] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found [ 1483.934078][T16181] usb 4-1: USB disconnect, device number 44 [ 1484.318976][ T4197] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1484.364608][ T4197] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1484.408667][ T4197] bond0 (unregistering): Released all slaves [ 1484.976148][T21257] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1485.025393][T21257] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1485.246003][T21257] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1485.414521][T21257] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1485.563711][T21257] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1485.581070][T21257] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1485.676029][T21457] loop8: detected capacity change from 0 to 256 [ 1485.828854][T21457] exfat: Deprecated parameter 'namecase' [ 1485.836171][T21457] exfat: Deprecated parameter 'utf8' [ 1486.328577][T21457] exFAT-fs (loop8): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 1486.639045][ T4197] hsr_slave_0: left promiscuous mode [ 1486.674848][ T4197] hsr_slave_1: left promiscuous mode [ 1486.698588][ T4197] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1486.712095][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1486.727669][ T4197] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1486.744061][ T4197] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1486.854172][ T4197] veth1_macvtap: left promiscuous mode [ 1486.863474][ T4197] veth0_macvtap: left promiscuous mode [ 1486.869606][ T4197] veth1_vlan: left promiscuous mode [ 1486.878778][ T4197] veth0_vlan: left promiscuous mode [ 1487.306595][T21468] loop6: detected capacity change from 0 to 2048 [ 1487.367861][T15071] usb 4-1: new high-speed USB device number 45 using dummy_hcd [ 1487.407396][T21468] EXT4-fs warning (device loop6): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 1487.699310][T15071] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1487.712783][T15071] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1487.772304][T15071] usb 4-1: config 0 descriptor?? [ 1488.010315][ T5859] usb 7-1: new high-speed USB device number 27 using dummy_hcd [ 1488.101305][T21481] Bluetooth: MGMT ver 1.23 [ 1488.142671][ T4197] team0 (unregistering): Port device team_slave_1 removed [ 1488.166169][T21257] Bluetooth: hci1: command tx timeout [ 1488.261117][ T5859] usb 7-1: Using ep0 maxpacket: 8 [ 1488.286119][ T5859] usb 7-1: config 135 has an invalid interface number: 230 but max is 0 [ 1488.295251][ T5859] usb 7-1: config 135 has an invalid descriptor of length 196, skipping remainder of the config [ 1488.314104][ T5859] usb 7-1: config 135 has no interface number 0 [ 1488.320872][ T5859] usb 7-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 1488.351663][T15071] [drm:udl_init] *ERROR* Selecting channel failed [ 1488.384427][ T4197] team0 (unregistering): Port device team_slave_0 removed [ 1488.394327][T15071] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 1488.409748][T15071] [drm] Initialized udl on minor 2 [ 1488.451314][T15071] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1488.469189][T15071] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1488.479161][T16181] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1488.504574][T16181] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1488.513705][T16181] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 1488.648203][ T5859] usb 7-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 1488.658199][ T5859] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1488.666628][ T5859] usb 7-1: Product: syz [ 1488.678789][ T5859] usb 7-1: Manufacturer: syz [ 1488.684321][ T5859] usb 7-1: SerialNumber: syz [ 1488.803353][T15071] usb 4-1: USB disconnect, device number 45 [ 1489.198912][ T5859] usb 7-1: Found UVC 0.00 device syz (18ec:3288) [ 1489.212598][ T5859] usb 7-1: No valid video chain found. [ 1489.261734][ T5859] usb 7-1: USB disconnect, device number 27 [ 1490.024569][T21492] loop0: detected capacity change from 0 to 64 [ 1490.241471][T21257] Bluetooth: hci1: command tx timeout [ 1490.634023][T21444] chnl_net:caif_netlink_parms(): no params data found [ 1490.819536][T21499] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6313'. [ 1492.339382][T21517] loop0: detected capacity change from 0 to 1024 [ 1492.353302][T21257] Bluetooth: hci1: command tx timeout [ 1492.974016][T21517] hfsplus: extend alloc file! (8192,65536,366) [ 1493.365623][T21444] bridge0: port 1(bridge_slave_0) entered blocking state [ 1493.374144][T21444] bridge0: port 1(bridge_slave_0) entered disabled state [ 1493.390062][T21444] bridge_slave_0: entered allmulticast mode [ 1493.405201][T21444] bridge_slave_0: entered promiscuous mode [ 1493.514480][T21444] bridge0: port 2(bridge_slave_1) entered blocking state [ 1493.522422][T21444] bridge0: port 2(bridge_slave_1) entered disabled state [ 1493.535710][T21444] bridge_slave_1: entered allmulticast mode [ 1493.551657][T21444] bridge_slave_1: entered promiscuous mode [ 1493.847583][T21444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1493.986740][T21444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1494.476003][T21444] team0: Port device team_slave_0 added [ 1494.487577][T21257] Bluetooth: hci1: command tx timeout [ 1494.513388][T21444] team0: Port device team_slave_1 added [ 1494.623508][T21444] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1494.630895][T21444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1494.661639][T21444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1495.254472][T21444] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1495.261917][T21444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1495.291752][T21444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1495.861221][T21444] hsr_slave_0: entered promiscuous mode [ 1495.954254][T21444] hsr_slave_1: entered promiscuous mode [ 1496.033774][T21444] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1496.044562][T21444] Cannot create hsr debugfs directory [ 1496.605593][T21577] loop8: detected capacity change from 0 to 1024 [ 1497.737361][T21589] loop3: detected capacity change from 0 to 1024 [ 1497.957026][T21589] hfsplus: extend alloc file! (8192,65536,366) [ 1498.725548][T21444] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1498.855112][T21444] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1498.974937][T21444] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1499.086420][T21444] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1499.193654][T21609] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6344'. [ 1499.226133][T21609] xfrm1: entered promiscuous mode [ 1499.234975][T21609] xfrm1: entered allmulticast mode [ 1499.757875][T21618] netlink: 'syz.3.6346': attribute type 8 has an invalid length. [ 1501.358418][T21444] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1501.753205][T21444] 8021q: adding VLAN 0 to HW filter on device team0 [ 1501.870999][ T3891] bridge0: port 1(bridge_slave_0) entered blocking state [ 1501.878684][ T3891] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1501.979297][T21642] loop3: detected capacity change from 0 to 1024 [ 1502.027673][ T3891] bridge0: port 2(bridge_slave_1) entered blocking state [ 1502.035424][ T3891] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1502.135542][T21642] EXT4-fs: Ignoring removed oldalloc option [ 1502.198704][T21642] EXT4-fs (loop3): VFS: Can't find ext4 filesystem [ 1502.753390][T20414] usb 7-1: new high-speed USB device number 28 using dummy_hcd [ 1503.449195][T21647] loop8: detected capacity change from 0 to 4096 [ 1503.474694][T20414] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1503.487497][T20414] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1503.507712][T21647] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1503.737077][T20414] usb 7-1: config 0 descriptor?? [ 1503.856047][T20414] cp210x 7-1:0.0: cp210x converter detected [ 1504.487026][T20414] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1504.567243][T20414] usb 7-1: cp210x converter now attached to ttyUSB0 [ 1504.703173][T21647] ntfs3(loop8): failed to convert "c46c" to cp865 [ 1504.796797][T20414] usb 7-1: USB disconnect, device number 28 [ 1504.902592][T20414] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1504.996548][T20414] cp210x 7-1:0.0: device disconnected [ 1505.118764][T21444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1506.065319][T21675] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6362'. [ 1506.860174][T21686] loop3: detected capacity change from 0 to 256 [ 1507.091809][T21686] MINIX-fs: mounting file system with errors, running fsck is recommended [ 1507.186732][T21694] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6365'. [ 1507.880810][T21444] veth0_vlan: entered promiscuous mode [ 1507.980322][T21444] veth1_vlan: entered promiscuous mode [ 1508.582143][T21444] veth0_macvtap: entered promiscuous mode [ 1508.640838][T21444] veth1_macvtap: entered promiscuous mode [ 1508.814677][T21701] loop0: detected capacity change from 0 to 2048 [ 1508.888112][T21701] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only [ 1509.053914][T21444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1509.077393][T21444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1509.090901][T21444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1509.109454][T21444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1509.129604][T21444] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1509.237326][T21444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1509.248740][T21444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1509.266753][T21444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1509.282222][T21444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1509.301416][T21444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1509.312262][T21444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1509.336613][T21444] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1509.369075][T21444] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1509.390393][T21444] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1509.399471][T21444] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1509.416370][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1509.425012][T21444] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1509.653595][T21708] tun0: tun_chr_ioctl cmd 35108 [ 1514.603030][T21770] netlink: 'syz.3.6388': attribute type 11 has an invalid length. [ 1514.611314][T21770] netlink: 60 bytes leftover after parsing attributes in process `syz.3.6388'. [ 1515.262618][T21775] loop6: detected capacity change from 0 to 512 [ 1515.359510][T21779] netdevsim netdevsim3 netdevsim0: entered promiscuous mode [ 1515.379421][T21779] macvtap1: entered promiscuous mode [ 1515.385980][T21779] macvtap1: entered allmulticast mode [ 1515.391860][T21779] netdevsim netdevsim3 netdevsim0: entered allmulticast mode [ 1515.465433][T21775] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 1515.526232][T21775] EXT4-fs (loop6): Errors on filesystem, clearing orphan list. [ 1515.540193][T21775] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1515.917633][T21775] EXT4-fs error (device loop6): ext4_add_entry:2437: inode #2: comm syz.6.6387: Directory hole found for htree leaf block 0 [ 1516.197544][T21789] loop8: detected capacity change from 0 to 128 [ 1516.329245][T21789] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 1516.820893][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1518.277988][T21811] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6398'. [ 1518.573906][T19857] usb 4-1: new high-speed USB device number 46 using dummy_hcd [ 1518.956993][T19857] usb 4-1: Using ep0 maxpacket: 32 [ 1519.036478][T19857] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30 [ 1519.051491][T19857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1519.066232][T19857] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1519.080213][T19857] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255 [ 1519.097109][T19857] usb 4-1: New USB device found, idVendor=056a, idProduct=00b3, bcdDevice= 0.00 [ 1519.110047][T19857] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1519.193143][T19857] usb 4-1: config 0 descriptor?? [ 1519.241631][ T4985] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1519.249899][ T4985] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1519.582654][ T5084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1519.591046][ T5084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1519.888608][T19857] wacom 0003:056A:00B3.0031: unknown main item tag 0x0 [ 1519.901160][T19857] wacom 0003:056A:00B3.0031: Unknown device_type for 'HID 056a:00b3'. Assuming pen. [ 1519.994655][T19857] wacom 0003:056A:00B3.0031: hidraw0: USB HID v0.00 Device [HID 056a:00b3] on usb-dummy_hcd.3-1/input0 [ 1520.015536][T19857] input: Wacom Intuos3 12x12 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:00B3.0031/input/input51 [ 1520.288149][T19857] usb 4-1: USB disconnect, device number 46 [ 1521.612443][T21838] loop8: detected capacity change from 0 to 256 [ 1522.248762][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.266206][T21838] FAT-fs (loop8): Filesystem has been set read-only [ 1522.279989][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.289009][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.307373][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.316859][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.326012][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.343032][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.352326][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.363957][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.384974][T21838] FAT-fs (loop8): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 1522.527060][ T29] audit: type=1800 audit(1729844911.246:219): pid=21838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.6408" name="file1" dev="loop8" ino=1048893 res=0 errno=0 [ 1523.735013][T21862] loop8: detected capacity change from 0 to 1024 [ 1524.284695][ T4985] hfsplus: b-tree write err: -5, ino 4 [ 1525.609001][T21884] loop0: detected capacity change from 0 to 64 [ 1526.348399][T21895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6431'. [ 1526.366535][T21895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6431'. [ 1526.805358][T21902] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6434'. [ 1527.421953][T21904] loop5: detected capacity change from 0 to 1024 [ 1527.452840][T21909] netlink: 900 bytes leftover after parsing attributes in process `syz.8.6438'. [ 1530.196870][ T4985] Bluetooth: hci5: Frame reassembly failed (-84) [ 1530.323903][T21933] Bluetooth: hci5: Frame reassembly failed (-84) [ 1530.682061][T21939] VFS: unable to find oldfs superblock on device nullb0 [ 1531.585353][T21947] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6455'. [ 1531.751427][T21946] loop8: detected capacity change from 0 to 512 [ 1531.834473][T21946] ext4: Bad value for 'max_batch_time' [ 1532.243390][T17592] Bluetooth: hci5: command 0x1003 tx timeout [ 1532.246805][T21257] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1534.406079][T21978] loop3: detected capacity change from 0 to 256 [ 1534.435490][T21978] msdos: Unknown parameter '0xffffffffffffffff' [ 1534.525327][T20414] kernel write not supported for file bpf-prog (pid: 20414 comm: kworker/0:5) [ 1535.319358][T21991] vxcan0: tx drop: invalid da for name 0x0000000002000000 [ 1535.396892][T21992] loop0: detected capacity change from 0 to 128 [ 1535.505279][T21992] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 1536.088976][T21995] loop6: detected capacity change from 0 to 16 [ 1536.253653][T21995] erofs: (device loop6): mounted with root inode @ nid 36. [ 1536.423003][T21995] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1536.654153][T21995] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -11 in[46, 4050] out[1851] [ 1536.669020][T21995] erofs: (device loop6): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 1536.695909][T21995] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 1536.707921][T21995] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -11 in[46, 4050] out[1851] [ 1536.731982][T21995] erofs: (device loop6): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 1537.091486][T21998] loop8: detected capacity change from 0 to 4096 [ 1537.113391][T21998] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1539.137366][T20414] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 1539.365636][T20414] usb 9-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1539.380016][T20414] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1539.388321][T20414] usb 9-1: Product: syz [ 1539.396498][T20414] usb 9-1: Manufacturer: syz [ 1539.404889][T20414] usb 9-1: SerialNumber: syz [ 1539.417937][T20414] usb 9-1: config 0 descriptor?? [ 1539.437063][T20414] ch341 9-1:0.0: ch341-uart converter detected [ 1539.754089][T22031] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6494'. [ 1540.445698][T20414] usb 9-1: failed to send control message: -71 [ 1540.455008][T20414] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 1540.479295][T20414] usb 9-1: USB disconnect, device number 8 [ 1540.491813][T20414] ch341 9-1:0.0: device disconnected [ 1541.105887][T22042] loop0: detected capacity change from 0 to 8 [ 1541.952991][T16181] usb 4-1: new high-speed USB device number 47 using dummy_hcd [ 1542.227599][T16181] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 1542.237813][T16181] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1542.257849][T16181] usb 4-1: Product: syz [ 1542.263543][T16181] usb 4-1: Manufacturer: syz [ 1542.268400][T16181] usb 4-1: SerialNumber: syz [ 1542.418581][T16181] usb 4-1: config 0 descriptor?? [ 1542.516431][T16181] ch341 4-1:0.0: ch341-uart converter detected [ 1542.695747][T16181] usb 4-1: failed to receive control message: -71 [ 1542.703039][T16181] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 1543.055338][T16181] usb 4-1: USB disconnect, device number 47 [ 1543.071810][T16181] ch341 4-1:0.0: device disconnected [ 1543.498483][T22059] loop0: detected capacity change from 0 to 2048 [ 1543.896368][T22059] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 1543.907887][T22059] UDF-fs: Scanning with blocksize 512 failed [ 1544.004817][T22059] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1545.896494][T22095] netlink: 12 bytes leftover after parsing attributes in process `syz.8.6519'. [ 1549.908082][T22162] loop0: detected capacity change from 0 to 256 [ 1550.465218][T22166] loop5: detected capacity change from 0 to 64 [ 1550.917162][T22171] Trying to free block not in datazone [ 1550.931941][T22171] Trying to free block not in datazone [ 1550.937639][T22171] Trying to free block not in datazone [ 1550.944141][T22171] Trying to free block not in datazone [ 1550.959365][T22171] Trying to free block not in datazone [ 1550.968703][T22171] minix_free_block (loop5:6): bit already cleared [ 1550.975550][T22171] Trying to free block not in datazone [ 1550.986652][T22171] Trying to free block not in datazone [ 1552.966945][T22200] ALSA: mixer_oss: invalid index -1404626105 [ 1552.987334][T22199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6566'. [ 1553.651881][T22210] loop8: detected capacity change from 0 to 256 [ 1553.749431][T22210] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 1555.949186][T22238] loop8: detected capacity change from 0 to 4096 [ 1555.959483][T22240] vcan0: tx drop: invalid da for name 0x000000000000c700 [ 1556.017503][T22238] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512). [ 1556.193986][T22238] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 1556.454258][T22238] ntfs3(loop8): Failed to initialize $Extend/$ObjId. [ 1556.625343][T22248] loop6: detected capacity change from 0 to 256 [ 1557.934559][T22263] loop0: detected capacity change from 0 to 64 [ 1558.271522][T22263] syz.0.6597: attempt to access beyond end of device [ 1558.271522][T22263] loop0: rw=34817, sector=39, nr_sectors = 125 limit=64 [ 1558.293864][T22263] syz.0.6597: attempt to access beyond end of device [ 1558.293864][T22263] loop0: rw=34817, sector=167, nr_sectors = 1 limit=64 [ 1558.308019][T22263] syz.0.6597: attempt to access beyond end of device [ 1558.308019][T22263] loop0: rw=34817, sector=169, nr_sectors = 1 limit=64 [ 1558.336137][T22263] syz.0.6597: attempt to access beyond end of device [ 1558.336137][T22263] loop0: rw=34817, sector=171, nr_sectors = 7 limit=64 [ 1558.365938][T22263] syz.0.6597: attempt to access beyond end of device [ 1558.365938][T22263] loop0: rw=34817, sector=179, nr_sectors = 140 limit=64 [ 1559.851801][T22286] net veth1_virt_wifi virt_wifi0: (WE) : Wireless Event (cmd=0x8B1A) too big (33) [ 1560.078036][T22291] qrtr: Invalid version 0 [ 1560.307901][T22295] netlink: 'syz.0.6611': attribute type 21 has an invalid length. [ 1561.207924][T22303] loop6: detected capacity change from 0 to 512 [ 1561.764408][T22303] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1561.906047][T22303] EXT4-fs (loop6): orphan cleanup on readonly fs [ 1561.928995][T22303] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6614: bg 0: block 248: padding at end of block bitmap is not set [ 1562.158436][T22303] Quota error (device loop6): write_blk: dquota write failed [ 1562.169984][T22303] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 1562.187200][T22303] EXT4-fs error (device loop6): ext4_acquire_dquot:6879: comm syz.6.6614: Failed to acquire dquot type 1 [ 1562.568087][T22303] EXT4-fs (loop6): 1 truncate cleaned up [ 1562.698590][T22303] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1562.889274][T22303] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1563.896956][T22323] loop6: detected capacity change from 0 to 512 [ 1564.139025][T22323] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6621: bg 0: block 393: padding at end of block bitmap is not set [ 1564.308636][T22323] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 1564.582833][T22323] EXT4-fs (loop6): 2 truncates cleaned up [ 1564.598163][T22323] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1565.383155][T22331] loop0: detected capacity change from 0 to 512 [ 1565.386926][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1565.428291][T22331] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1565.877084][T22338] loop3: detected capacity change from 0 to 512 [ 1565.935892][T22331] EXT4-fs (loop0): 1 truncate cleaned up [ 1565.946301][T22331] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1565.985965][T22335] netlink: 830 bytes leftover after parsing attributes in process `syz.8.6625'. [ 1566.056387][T22338] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.6628: corrupted in-inode xattr: invalid ea_ino [ 1566.197687][T22338] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.6628: couldn't read orphan inode 15 (err -117) [ 1566.210458][T22331] EXT4-fs error (device loop0): ext4_ext_precache:631: inode #15: comm syz.0.6624: pblk 0 bad header/extent: invalid magic - magic 7973, entries 27514, max 27745(0), depth 25964(25964) [ 1566.236702][ T29] audit: type=1800 audit(1729844954.916:220): pid=22331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.6624" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 1566.305358][T22338] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1566.518570][T22341] loop6: detected capacity change from 0 to 1024 [ 1566.573942][T20430] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1566.795043][T22341] hfsplus: bad catalog entry type [ 1566.806804][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1567.264761][ T3891] hfsplus: b-tree write err: -5, ino 4 [ 1569.744829][T22393] loop0: detected capacity change from 0 to 64 [ 1569.969199][T22395] input: syz0 as /devices/virtual/input/input54 [ 1570.566638][T22399] loop6: detected capacity change from 0 to 1024 [ 1570.825686][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1570.890318][T22407] netlink: 'syz.0.6656': attribute type 9 has an invalid length. [ 1570.928177][T22407] bond_slave_0: entered promiscuous mode [ 1570.934339][T22407] bond_slave_1: entered promiscuous mode [ 1570.948427][T22407] macvlan2: entered promiscuous mode [ 1570.954095][T22407] bond0: entered promiscuous mode [ 1570.964953][T22407] macvlan2: entered allmulticast mode [ 1570.978421][T22407] bond0: entered allmulticast mode [ 1570.984011][T22407] bond_slave_0: entered allmulticast mode [ 1570.990112][T22407] bond_slave_1: entered allmulticast mode [ 1571.009833][T22407] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 1571.296992][T22399] hfsplus: request for non-existent node 3 in B*Tree [ 1571.307556][T22399] hfsplus: request for non-existent node 3 in B*Tree [ 1571.789122][T22414] netlink: 'syz.3.6661': attribute type 3 has an invalid length. [ 1571.859396][T22416] loop6: detected capacity change from 0 to 128 [ 1572.968287][T22429] netlink: 36 bytes leftover after parsing attributes in process `syz.6.6664'. [ 1574.536891][T22452] netlink: 88 bytes leftover after parsing attributes in process `syz.6.6673'. [ 1574.550112][T22452] netlink: 48 bytes leftover after parsing attributes in process `syz.6.6673'. [ 1575.690517][T21257] Bluetooth: hci1: command tx timeout [ 1576.015817][T22468] loop8: detected capacity change from 0 to 1024 [ 1576.554416][T22468] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1576.864283][T22482] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6683'. [ 1577.274648][T17589] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1578.804630][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1579.169103][T22509] loop0: detected capacity change from 0 to 4096 [ 1579.210536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1579.219020][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1579.236275][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 1579.334557][T22509] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 1579.520710][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1579.620069][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 1579.629992][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 1579.893496][ T29] audit: type=1326 audit(1729844968.536:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22514 comm="syz.5.6697" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x0 [ 1579.945818][T22509] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 1579.995080][T22509] ntfs3(loop0): Failed to load $Extend (-22). [ 1580.001999][T22509] ntfs3(loop0): Failed to initialize $Extend. [ 1580.847340][T22527] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 1580.857404][T22527] syzkaller0: linktype set to 65535 [ 1581.236807][T22535] loop8: detected capacity change from 0 to 64 [ 1581.349154][ T29] audit: type=1804 audit(1729844970.066:222): pid=22535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.6703" name="/newroot/401/file0/file1" dev="loop8" ino=5 res=1 errno=0 [ 1581.370724][ C0] vkms_vblank_simulate: vblank timer overrun [ 1582.542838][T22548] sg_write: process 2107 (syz.6.6712) changed security contexts after opening file descriptor, this is not allowed. [ 1582.562258][T22548] program syz.6.6712 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1583.894157][ T5859] usb 4-1: new high-speed USB device number 48 using dummy_hcd [ 1584.453438][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1584.467497][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1584.483254][ T5859] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00 [ 1584.495313][ T5859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1584.624038][ T5859] usb 4-1: config 0 descriptor?? [ 1585.142238][ T5859] logitech 0003:046D:C294.0032: hidraw0: USB HID v0.00 Device [HID 046d:c294] on usb-dummy_hcd.3-1/input0 [ 1585.159983][ T5859] logitech 0003:046D:C294.0032: no inputs found [ 1585.689160][ T5859] usb 4-1: USB disconnect, device number 48 [ 1586.768537][T22602] loop8: detected capacity change from 0 to 128 [ 1587.471995][T22602] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1587.615201][T22602] ext4 filesystem being mounted at /407/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1587.799342][T21257] Bluetooth: hci1: link tx timeout [ 1587.816538][T21257] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa [ 1588.295327][T17589] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1589.921756][T21257] Bluetooth: hci1: command 0x0406 tx timeout [ 1591.275568][T22651] input: syz0 as /devices/virtual/input/input56 [ 1591.930537][T22660] loop5: detected capacity change from 0 to 256 [ 1591.975183][T22660] exfat: Unknown parameter '18446744073709551615~W:$wN~ЖlU7ynXmݢ)LrkHE4G&N' [ 1592.173685][T20413] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 1592.195112][T21257] Bluetooth: hci2: unexpected event for opcode 0x2010 [ 1592.363387][T20413] usb 9-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 1592.376567][T20413] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1592.405263][T20413] usb 9-1: config 0 descriptor?? [ 1592.486542][T22673] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6763'. [ 1592.577337][T22673] bridge0: port 1(bridge_slave_0) entered disabled state [ 1593.456578][T20413] [drm:udl_init] *ERROR* Selecting channel failed [ 1593.494781][T20413] [drm] Initialized udl 0.0.1 for 9-1:0.0 on minor 2 [ 1593.504366][T20413] [drm] Initialized udl on minor 2 [ 1593.512710][T20413] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1593.522649][T20413] udl 9-1:0.0: [drm] Cannot find any crtc or sizes [ 1593.536844][T20414] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1593.553697][T20414] udl 9-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 1593.565674][T20414] udl 9-1:0.0: [drm] Cannot find any crtc or sizes [ 1593.577969][T20413] usb 9-1: USB disconnect, device number 9 [ 1594.131176][T22688] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6770'. [ 1594.408264][T22690] loop5: detected capacity change from 0 to 2048 [ 1595.544548][T22705] loop5: detected capacity change from 0 to 1024 [ 1596.240829][T21257] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 1596.249749][T21257] Bluetooth: hci2: Injecting HCI hardware error event [ 1596.257708][T21257] Bluetooth: hci2: hardware error 0x00 [ 1597.521398][ T29] audit: type=1326 audit(1729844994.126:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22724 comm="syz.0.6787" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741d579 code=0x0 [ 1598.109912][T22739] netlink: 'syz.5.6791': attribute type 5 has an invalid length. [ 1598.117936][T22739] netlink: 'syz.5.6791': attribute type 11 has an invalid length. [ 1598.354443][T21257] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1598.509397][T22743] loop0: detected capacity change from 0 to 512 [ 1598.734765][T22743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1598.739463][T17592] Bluetooth: hci3: command 0x0406 tx timeout [ 1598.752090][T22743] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1599.018039][T22743] EXT4-fs error (device loop0): __ext4_remount:6522: comm syz.0.6793: Abort forced by user [ 1599.223543][T22743] EXT4-fs (loop0): Remounting filesystem read-only [ 1600.546075][T20430] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1600.670248][ T1815] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1600.943507][T22772] loop5: detected capacity change from 0 to 1024 [ 1601.014506][T22767] netlink: 32 bytes leftover after parsing attributes in process `syz.3.6803'. [ 1601.027295][T22767] netem: unknown loss type 13 [ 1601.034861][T22773] use of bytesused == 0 is deprecated and will be removed in the future, [ 1601.035639][T22767] netem: change failed [ 1601.051656][T22773] use the actual size instead. [ 1601.565940][ T1815] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1602.056088][ T1815] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1602.555432][ T1815] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1602.898604][T21257] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1602.928343][T21257] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1602.993629][T21257] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1603.205006][T21257] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1603.219586][T21257] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1603.235801][T21257] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1603.938202][ T1815] bridge_slave_1: left allmulticast mode [ 1603.944513][ T1815] bridge_slave_1: left promiscuous mode [ 1603.951245][ T1815] bridge0: port 2(bridge_slave_1) entered disabled state [ 1604.097905][ T1815] bridge_slave_0: left allmulticast mode [ 1604.104053][ T1815] bridge_slave_0: left promiscuous mode [ 1604.115862][ T1815] bridge0: port 1(bridge_slave_0) entered disabled state [ 1604.248409][T22812] ax25_connect(): syz.8.6823 uses autobind, please contact jreuter@yaina.de [ 1605.039424][ T29] audit: type=1326 audit(1729845001.756:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22818 comm="syz.8.6826" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 1605.194407][ T1815] bond0 (unregistering): left allmulticast mode [ 1605.204643][ T1815] bond_slave_0: left allmulticast mode [ 1605.213974][ T1815] bond_slave_1: left allmulticast mode [ 1605.223100][ T1815] bond0 (unregistering): left promiscuous mode [ 1605.229500][ T1815] bond_slave_0: left promiscuous mode [ 1605.239510][ T1815] bond_slave_1: left promiscuous mode [ 1605.437023][ T1815] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1605.488156][ T1815] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1605.524164][T17592] Bluetooth: hci3: command tx timeout [ 1605.534863][ T1815] bond0 (unregistering): Released all slaves [ 1606.548020][ T1815] hsr_slave_0: left promiscuous mode [ 1606.613809][ T1815] hsr_slave_1: left promiscuous mode [ 1606.669367][ T1815] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1606.686059][ T1815] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1606.757191][ T1815] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1606.765195][ T1815] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1606.833110][ T1815] veth1_macvtap: left promiscuous mode [ 1606.838901][ T1815] veth0_macvtap: left promiscuous mode [ 1606.853688][ T1815] veth1_vlan: left promiscuous mode [ 1606.861829][ T1815] veth0_vlan: left promiscuous mode [ 1607.608939][T17592] Bluetooth: hci3: command tx timeout [ 1608.117464][ T1815] team0 (unregistering): Port device team_slave_1 removed [ 1608.254048][ T1815] team0 (unregistering): Port device team_slave_0 removed [ 1608.615458][T22855] loop5: detected capacity change from 0 to 256 [ 1608.624489][T22838] netlink: 'syz.3.6832': attribute type 4 has an invalid length. [ 1609.390405][T22792] chnl_net:caif_netlink_parms(): no params data found [ 1609.425093][T22862] bridge0: port 1(bridge_slave_0) entered disabled state [ 1609.687645][T17592] Bluetooth: hci3: command tx timeout [ 1610.276699][T22874] loop6: detected capacity change from 0 to 512 [ 1610.352476][T22874] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1610.513820][T22874] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1610.530581][T22874] ext4 filesystem being mounted at /976/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1610.665975][T22792] bridge0: port 1(bridge_slave_0) entered blocking state [ 1610.677184][T22792] bridge0: port 1(bridge_slave_0) entered disabled state [ 1610.688462][T22792] bridge_slave_0: entered allmulticast mode [ 1610.704423][T22792] bridge_slave_0: entered promiscuous mode [ 1610.728331][T22792] bridge0: port 2(bridge_slave_1) entered blocking state [ 1610.743867][T22792] bridge0: port 2(bridge_slave_1) entered disabled state [ 1610.755159][T22792] bridge_slave_1: entered allmulticast mode [ 1610.767606][T22792] bridge_slave_1: entered promiscuous mode [ 1611.077533][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1611.140727][T22792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1611.236610][T22792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1611.576253][T22890] loop6: detected capacity change from 0 to 1024 [ 1611.767849][T17592] Bluetooth: hci3: command tx timeout [ 1611.869301][T22792] team0: Port device team_slave_0 added [ 1611.922830][T22792] team0: Port device team_slave_1 added [ 1612.450402][T22792] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1612.457655][T22792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1612.492370][T22792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1612.566610][T22792] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1612.579063][T22792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1612.605286][ C1] vkms_vblank_simulate: vblank timer overrun [ 1612.621198][T22792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1612.663479][ T5859] usb 4-1: new high-speed USB device number 49 using dummy_hcd [ 1612.907354][ T5859] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 1612.922911][ T5859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1612.946678][ T5859] usb 4-1: config 0 descriptor?? [ 1612.968044][ T5859] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 1613.086817][T22910] netlink: 16 bytes leftover after parsing attributes in process `syz.8.6862'. [ 1613.194337][T22792] hsr_slave_0: entered promiscuous mode [ 1613.231204][T22792] hsr_slave_1: entered promiscuous mode [ 1613.237091][T22912] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6863'. [ 1613.257342][T22792] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1613.265424][T22792] Cannot create hsr debugfs directory [ 1613.395851][ T5859] cpia1 4-1:0.0: unexpected state after lo power cmd: d0 [ 1613.994999][ T5859] gspca_cpia1: usb_control_msg 02, error -71 [ 1614.002593][ T5859] gspca_cpia1: usb_control_msg 05, error -71 [ 1614.008804][ T5859] cpia1 4-1:0.0: unexpected systemstate: d0 [ 1614.073840][ T5859] usb 4-1: USB disconnect, device number 49 [ 1614.269807][T22922] loop8: detected capacity change from 0 to 1024 [ 1614.750856][T22925] tmpfs: Unknown parameter 'Xcv:Q"Co}'ή_0-%'k;/|%T9i(>' [ 1615.128766][T22792] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1615.218891][T22792] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1615.317878][T22792] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1615.399239][T22792] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1616.418847][T22947] loop5: detected capacity change from 0 to 64 [ 1616.537559][T22792] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1616.601592][T22792] 8021q: adding VLAN 0 to HW filter on device team0 [ 1616.647595][ T1815] bridge0: port 1(bridge_slave_0) entered blocking state [ 1616.655384][ T1815] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1616.878874][ T1815] bridge0: port 2(bridge_slave_1) entered blocking state [ 1616.886675][ T1815] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1618.278577][T22968] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6885'. [ 1618.288944][T22968] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 1618.328342][T22792] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1619.054599][T22792] veth0_vlan: entered promiscuous mode [ 1619.101702][T22792] veth1_vlan: entered promiscuous mode [ 1619.575996][T22977] loop6: detected capacity change from 0 to 4096 [ 1619.647622][T22792] veth0_macvtap: entered promiscuous mode [ 1619.749247][T22792] veth1_macvtap: entered promiscuous mode [ 1620.128804][T22792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1620.145106][T22792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1620.155340][T22792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1620.167782][T22792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1620.191625][T22792] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1620.379097][T22792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1620.396701][T22792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1620.407053][T22792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1620.417840][T22792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1620.433450][T22792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1620.438624][T22992] fuse: Bad value for 'fd' [ 1620.444171][T22792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1620.449226][T22792] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1620.549523][T22792] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1620.564567][T22792] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1620.574417][T22792] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1620.591658][T22792] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1622.536112][T23020] syz_tun: left allmulticast mode [ 1622.541647][T23020] syz_tun: left promiscuous mode [ 1622.693634][T23019] loop5: detected capacity change from 0 to 1024 [ 1622.704386][T23019] EXT4-fs: Ignoring removed orlov option [ 1622.746313][T23019] EXT4-fs (loop5): Test dummy encryption mode enabled [ 1622.781304][T23019] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal [ 1622.882001][T23020] team0: Port device vlan0 removed [ 1623.000693][T23023] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6903'. [ 1623.025189][T23019] 9p: Unknown access argument 18446744073709551615: -22 [ 1624.435204][T23047] TCP: request_sock_TCPv6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 1624.687117][T23045] loop3: detected capacity change from 0 to 4096 [ 1624.716412][T23045] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512). [ 1625.430393][T23045] ntfs3(loop3): Failed to load $Extend (-22). [ 1625.436934][T23045] ntfs3(loop3): Failed to initialize $Extend. [ 1625.763673][T23060] loop5: detected capacity change from 0 to 2048 [ 1626.020547][T23060] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1626.299503][ T5084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1626.308337][ T5084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1626.395061][ T1815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1626.406540][ T1815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1626.564998][T23071] Context (ID=0x0) not attached to queue pair (handle=0x4d9:0x0) [ 1627.044445][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1627.785508][T23086] loop6: detected capacity change from 0 to 512 [ 1628.088938][T23086] EXT4-fs (loop6): 1 orphan inode deleted [ 1628.100607][T23086] EXT4-fs (loop6): 1 truncate cleaned up [ 1628.108250][T23086] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1628.213548][T23096] loop3: detected capacity change from 0 to 1024 [ 1628.313780][T23093] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap [ 1628.483487][T23093] EXT4-fs (loop6): Remounting filesystem read-only [ 1628.746970][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1629.025066][ T4985] hfsplus: b-tree write err: -5, ino 4 [ 1630.357228][T23122] netlink: 20 bytes leftover after parsing attributes in process `syz.5.6945'. [ 1631.994346][T19857] usb 2-1: new high-speed USB device number 21 using dummy_hcd [ 1632.193450][ T1279] ieee802154 phy0 wpan0: encryption failed: -22 [ 1632.243644][T19857] usb 2-1: config 0 has an invalid interface number: 1 but max is 0 [ 1632.257173][T19857] usb 2-1: config 0 has no interface number 0 [ 1632.267176][T19857] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1632.281786][T19857] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1632.295284][T19857] usb 2-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1632.311890][T19857] usb 2-1: New USB device found, idVendor=04d9, idProduct=a0c2, bcdDevice= 0.00 [ 1632.325355][T19857] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1632.403724][T19857] usb 2-1: config 0 descriptor?? [ 1632.909308][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.921166][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.929033][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.940558][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.949411][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.963660][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.975495][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.986808][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1632.998117][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1633.008068][T23159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6959'. [ 1633.021968][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1633.033212][T19857] holtek_mouse 0003:04D9:A0C2.0033: unknown main item tag 0x0 [ 1633.045458][T19857] holtek_mouse 0003:04D9:A0C2.0033: item fetching failed at offset 14/41 [ 1633.058366][T20530] usb 9-1: new high-speed USB device number 10 using dummy_hcd [ 1633.097696][T19857] holtek_mouse 0003:04D9:A0C2.0033: hid parse failed: -22 [ 1633.109317][T19857] holtek_mouse 0003:04D9:A0C2.0033: probe with driver holtek_mouse failed with error -22 [ 1633.190871][T19857] usb 2-1: USB disconnect, device number 21 [ 1633.243297][T20530] usb 9-1: Using ep0 maxpacket: 32 [ 1633.267458][T20530] usb 9-1: config 0 has an invalid interface number: 67 but max is 0 [ 1633.279487][T20530] usb 9-1: config 0 has no interface number 0 [ 1633.327759][T20530] usb 9-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 1633.340852][T20530] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1633.349913][T20530] usb 9-1: Product: syz [ 1633.354341][T20530] usb 9-1: Manufacturer: syz [ 1633.359200][T20530] usb 9-1: SerialNumber: syz [ 1633.379194][T20530] usb 9-1: config 0 descriptor?? [ 1633.398822][T20530] smsc95xx v2.0.0 [ 1633.867256][T23165] input: syz0 as /devices/virtual/input/input57 [ 1633.903773][T20530] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 1633.918364][T20530] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 1634.145962][T20530] smsc95xx 9-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71 [ 1634.157828][T20530] smsc95xx 9-1:0.67: probe with driver smsc95xx failed with error -71 [ 1634.224082][T20530] usb 9-1: USB disconnect, device number 10 [ 1634.580772][T23177] netlink: 292 bytes leftover after parsing attributes in process `syz.3.6966'. [ 1635.996479][T23198] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6976'. [ 1636.024054][T23200] dvmrp0: entered allmulticast mode [ 1636.048874][T23202] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6976'. [ 1636.095290][T23200] dvmrp0: left allmulticast mode [ 1636.173645][T20530] usb 2-1: new high-speed USB device number 22 using dummy_hcd [ 1636.393580][T20530] usb 2-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 1636.406582][T20530] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1636.496800][T20530] usb 2-1: config 0 descriptor?? [ 1636.554255][T20530] gspca_main: sunplus-2.14.0 probing 055f:c420 [ 1637.047962][T23211] loop6: detected capacity change from 0 to 512 [ 1637.087586][T23211] EXT4-fs: Ignoring removed i_version option [ 1637.148852][T23211] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 1637.457414][T20530] gspca_sunplus: reg_w_riv err -71 [ 1637.466576][T20530] sunplus 2-1:0.0: probe with driver sunplus failed with error -71 [ 1637.539912][T23211] EXT4-fs (loop6): 1 truncate cleaned up [ 1637.547538][T23211] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1637.580568][T20530] usb 2-1: USB disconnect, device number 22 [ 1637.751914][T23211] fscrypt (loop6, inode 18): Direct key flag not allowed with different contents and filenames modes [ 1637.971790][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1639.046994][T23240] loop5: detected capacity change from 0 to 64 [ 1640.238509][T23252] loop8: detected capacity change from 0 to 24 [ 1640.269151][T23254] loop1: detected capacity change from 0 to 256 [ 1640.295956][T23254] vfat: Unknown parameter '0x0000000000000000' [ 1640.445344][T23252] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 1641.398067][T23261] loop6: detected capacity change from 0 to 2048 [ 1641.639410][T23261] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 1641.655024][T23261] UDF-fs: Scanning with blocksize 512 failed [ 1641.748959][T23261] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1642.722504][T11104] UDF-fs: warning (device loop6): udf_evict_inode: Inode 830 (mode 100000) has inode size 4102 different from extent length 5120. Filesystem need not be standards compliant. [ 1642.843435][T23280] delete_channel: no stack [ 1642.867353][T23281] loop8: detected capacity change from 0 to 128 [ 1642.877953][T23278] delete_channel: no stack [ 1644.004826][T23298] loop6: detected capacity change from 0 to 128 [ 1644.151736][T23298] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1644.294043][T23298] ext4 filesystem being mounted at /1011/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1644.756907][T23311] loop5: detected capacity change from 0 to 64 [ 1644.845542][T11104] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1644.968948][T23311] hfs: walked past end of dir [ 1646.016501][T23330] loop5: detected capacity change from 0 to 256 [ 1646.475285][T23328] loop3: detected capacity change from 0 to 2048 [ 1646.497819][T23337] loop6: detected capacity change from 0 to 512 [ 1646.743375][T23337] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1646.762012][T23337] ext4 filesystem being mounted at /1013/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1646.835241][T23343] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1647.043701][T23348] loop5: detected capacity change from 0 to 47 [ 1647.119454][T23350] loop8: detected capacity change from 0 to 256 [ 1647.137476][T23337] Quota error (device loop6): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 1647.152471][T23337] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 1647.166761][T23337] EXT4-fs error (device loop6): ext4_acquire_dquot:6879: comm syz.6.7034: Failed to acquire dquot type 0 [ 1647.182522][ T29] audit: type=1800 audit(1729845043.826:225): pid=23348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7037" name="bus" dev="loop5" ino=8 res=0 errno=0 [ 1647.206829][ T29] audit: type=1800 audit(1729845043.836:226): pid=23348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7037" name="bus" dev="loop5" ino=8 res=0 errno=0 [ 1647.438434][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1648.055473][T23356] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 1648.234859][T23358] netlink: 'syz.8.7043': attribute type 11 has an invalid length. [ 1648.985706][T23364] netlink: 11 bytes leftover after parsing attributes in process `syz.6.7044'. [ 1649.161461][T23372] block nbd5: shutting down sockets [ 1649.416912][T23379] netlink: 140 bytes leftover after parsing attributes in process `syz.3.7051'. [ 1649.431631][T23379] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7051'. [ 1650.025340][T23386] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7054'. [ 1650.372769][T23392] loop3: detected capacity change from 0 to 512 [ 1651.604364][T23414] netlink: 'syz.6.7064': attribute type 18 has an invalid length. [ 1651.758793][T23416] netlink: 12 bytes leftover after parsing attributes in process `syz.8.7069'. [ 1653.384428][T23440] loop6: detected capacity change from 0 to 4096 [ 1653.419335][T23440] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512). [ 1653.648678][T23440] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 1653.946014][ T29] audit: type=1326 audit(1729845050.656:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1653.952467][T23440] ntfs3(loop6): ino=5, "/" ntfs3_write_inode failed, -22. [ 1653.972008][ T29] audit: type=1326 audit(1729845050.656:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.083548][ T29] audit: type=1326 audit(1729845050.756:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.110324][ T29] audit: type=1326 audit(1729845050.756:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.136493][ T29] audit: type=1326 audit(1729845050.756:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.159482][ T29] audit: type=1326 audit(1729845050.796:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.184907][ T29] audit: type=1326 audit(1729845050.826:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.210857][ T29] audit: type=1326 audit(1729845050.826:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.236772][ T29] audit: type=1326 audit(1729845050.886:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=439 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1654.263180][ T29] audit: type=1326 audit(1729845050.886:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23448 comm="syz.5.7082" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x7ffc0000 [ 1656.443718][T23474] loop8: detected capacity change from 0 to 64 [ 1657.053438][T23484] loop3: detected capacity change from 0 to 1764 [ 1657.063105][T23484] iso9660: Bad value for 'gid' [ 1657.068111][T23484] iso9660: Bad value for 'gid' [ 1657.449881][ T5859] usb 4-1: new high-speed USB device number 50 using dummy_hcd [ 1657.641547][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1657.660470][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1657.671252][ T5859] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 1657.685947][ T5859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1657.887320][ T5859] usb 4-1: config 0 descriptor?? [ 1658.116079][T23495] loop8: detected capacity change from 0 to 512 [ 1658.180468][T23490] nbd: couldn't find a device at index 1 [ 1658.315772][T23495] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1658.333137][T23495] ext4 filesystem being mounted at /489/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1658.352902][ T5859] itetech 0003:06CB:73F5.0034: unknown main item tag 0x0 [ 1658.372525][ T5859] itetech 0003:06CB:73F5.0034: unbalanced collection at end of report description [ 1658.388425][ T5859] itetech 0003:06CB:73F5.0034: probe with driver itetech failed with error -22 [ 1658.451927][T23495] EXT4-fs error (device loop8): ext4_readdir:261: inode #2: block 12: comm syz.8.7104: path /489/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0 [ 1658.468399][T23499] loop6: detected capacity change from 0 to 512 [ 1658.530430][T23495] EXT4-fs error (device loop8): ext4_readdir:261: inode #2: block 13: comm syz.8.7104: path /489/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0 [ 1658.630899][T23495] EXT4-fs error (device loop8): ext4_readdir:261: inode #2: block 14: comm syz.8.7104: path /489/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0 [ 1658.686195][T23499] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1658.691675][ T5859] usb 4-1: USB disconnect, device number 50 [ 1658.733681][T23495] EXT4-fs error (device loop8): ext4_readdir:261: inode #2: block 15: comm syz.8.7104: path /489/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0 [ 1658.808958][T23495] EXT4-fs error (device loop8): ext4_readdir:261: inode #2: block 16: comm syz.8.7104: path /489/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0 [ 1659.025371][T11104] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1659.073992][T17589] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1662.097263][T23551] vivid-000: disconnect [ 1662.107560][T23549] vivid-000: reconnect [ 1662.408278][T23555] loop3: detected capacity change from 0 to 2048 [ 1662.542159][T23553] netlink: 'syz.1.7130': attribute type 6 has an invalid length. [ 1662.709381][T23555] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1665.153600][T23600] input: syz0 as /devices/virtual/input/input58 [ 1665.165149][T23602] tmpfs: Unknown parameter 'Xcv:Q"Co}'ή_0-%'k;/|%T9i(>' [ 1665.838434][T23609] loop5: detected capacity change from 0 to 256 [ 1665.914670][T23613] loop3: detected capacity change from 0 to 164 [ 1665.997918][T23609] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 1666.049415][T23613] isofs_fill_super: root inode is not a directory. Corrupted media? [ 1666.576967][T23624] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7160'. [ 1666.837943][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 1666.838022][ T29] audit: type=1326 audit(1729845063.536:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23625 comm="syz.1.7163" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f04579 code=0x0 [ 1667.215603][T23635] netlink: 16 bytes leftover after parsing attributes in process `syz.3.7164'. [ 1667.305354][T23637] bridge0: port 3(veth1_to_team) entered blocking state [ 1667.316967][T23637] bridge0: port 3(veth1_to_team) entered disabled state [ 1667.329565][T23637] veth1_to_team: entered allmulticast mode [ 1667.342924][T23637] veth1_to_team: entered promiscuous mode [ 1667.352188][T23637] bridge0: port 3(veth1_to_team) entered blocking state [ 1667.359975][T23637] bridge0: port 3(veth1_to_team) entered forwarding state [ 1667.372427][T23637] A link change request failed with some changes committed already. Interface veth1_to_team may have been left with an inconsistent configuration, please check. [ 1667.816015][T23640] netlink: 12 bytes leftover after parsing attributes in process `syz.6.7166'. [ 1668.192354][T23642] loop1: detected capacity change from 0 to 256 [ 1668.249477][T23642] exfat: Bad value for 'uid' [ 1668.254801][T23642] exfat: Bad value for 'uid' [ 1668.302271][T23644] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7169'. [ 1668.315267][T23644] netlink: 80 bytes leftover after parsing attributes in process `syz.5.7169'. [ 1668.542734][T23651] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7170'. [ 1669.253590][T19857] IPVS: starting estimator thread 0... [ 1669.275994][T23661] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 1669.349924][T23657] loop8: detected capacity change from 0 to 2048 [ 1669.384304][T23663] IPVS: using max 240 ests per chain, 12000 per kthread [ 1669.495349][T23657] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1670.787693][T23674] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7181'. [ 1671.728785][T23690] netlink: 'syz.1.7188': attribute type 7 has an invalid length. [ 1672.028490][T23692] loop3: detected capacity change from 0 to 512 [ 1672.143923][T23692] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 1672.336427][T23692] EXT4-fs (loop3): 1 orphan inode deleted [ 1672.342653][T23692] EXT4-fs (loop3): 1 truncate cleaned up [ 1672.350644][T23692] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1672.755771][T19857] IPVS: starting estimator thread 0... [ 1672.874938][ T5809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1672.935900][T23706] IPVS: using max 240 ests per chain, 12000 per kthread [ 1674.145362][T23728] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7204'. [ 1674.227856][T23729] loop8: detected capacity change from 0 to 512 [ 1674.437297][T23729] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1674.453411][T23729] ext4 filesystem being mounted at /510/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1675.018809][T17589] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1675.409113][T23749] program syz.3.7213 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1675.516083][T15071] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 1675.804397][T15071] usb 6-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 1675.814191][T15071] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1675.835172][T15071] usb 6-1: config 0 descriptor?? [ 1675.858733][T15071] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 1676.033323][T23754] 9pnet_fd: Insufficient options for proto=fd [ 1676.828149][T15071] gspca_sonixj: reg_r err -71 [ 1676.838652][T15071] sonixj 6-1:0.0: probe with driver sonixj failed with error -71 [ 1676.876966][T15071] usb 6-1: USB disconnect, device number 11 [ 1677.160006][T23771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7223'. [ 1677.224458][ T29] audit: type=1326 audit(1729845073.916:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23772 comm="syz.6.7222" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f82579 code=0x0 [ 1678.783252][T23790] loop3: detected capacity change from 0 to 1024 [ 1679.564259][T23802] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7235'. [ 1679.647109][T23802] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7235'. [ 1680.329184][T23815] loop6: detected capacity change from 0 to 256 [ 1680.416389][T23815] FAT-fs (loop6): unable to read block(1023) for building NFS inode [ 1680.524309][T15071] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 1680.733477][T15071] usb 2-1: config 0 has an invalid interface number: 204 but max is 1 [ 1680.742476][T15071] usb 2-1: config 0 has no interface number 1 [ 1680.824853][T15071] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=b9.bf [ 1680.834647][T15071] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1680.843157][T15071] usb 2-1: Product: syz [ 1680.847578][T15071] usb 2-1: Manufacturer: syz [ 1680.857442][T15071] usb 2-1: SerialNumber: syz [ 1680.874201][T15071] usb 2-1: config 0 descriptor?? [ 1681.003453][T15071] snd-usb-audio 2-1:0.204: probe with driver snd-usb-audio failed with error -22 [ 1681.187352][T19857] usb 2-1: USB disconnect, device number 23 [ 1681.598924][T23828] dvmrp0: entered allmulticast mode [ 1681.722118][T23828] dvmrp0: left allmulticast mode [ 1682.345653][T23840] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7251'. [ 1682.711839][T23845] input: syz0 as /devices/virtual/input/input59 [ 1683.431085][T23848] loop1: detected capacity change from 0 to 1024 [ 1683.475474][T23848] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1683.511470][T23848] EXT4-fs (loop1): stripe (2048) is not aligned with cluster size (4096), stripe is disabled [ 1683.597245][T23848] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 1683.605589][T23848] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840e018, mo2=0000] [ 1683.654489][T23848] System zones: 0-1, 3-12 [ 1683.683525][T23848] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1683.888069][T23848] EXT4-fs error (device loop1): ext4_free_blocks:6589: comm syz.1.7253: Freeing blocks not in datazone - block = 0, count = 4096 [ 1683.973706][T23848] EXT4-fs (loop1): 1 orphan inode deleted [ 1683.985109][T23848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 1684.274739][T22792] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1684.798200][T23862] loop1: detected capacity change from 0 to 128 [ 1684.848433][T23862] EXT4-fs: Ignoring removed nobh option [ 1684.911397][T23862] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1684.933082][T23862] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1685.059345][T23862] fscrypt (loop1, inode 12): Can't use IV_INO_LBLK_64 policy on filesystem 'loop1' because it doesn't have stable inode numbers [ 1685.287910][T23868] netlink: 52 bytes leftover after parsing attributes in process `syz.3.7262'. [ 1686.035967][T22792] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1686.289282][T23874] netlink: 20 bytes leftover after parsing attributes in process `syz.8.7266'. [ 1686.337147][T23873] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1686.458084][T19857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1686.469270][T19857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1686.480663][T19857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1686.488429][T19857] rtc_cmos 00:00: Alarms can be up to one day in the future [ 1686.500030][T19857] rtc rtc0: __rtc_set_alarm: err=-22 [ 1687.223571][T23894] netlink: 24 bytes leftover after parsing attributes in process `syz.5.7268'. [ 1687.484410][T23898] loop8: detected capacity change from 0 to 128 [ 1687.556628][T23896] atomic_op ffff88801fe3cd28 conn xmit_atomic 0000000000000000 [ 1687.680700][T23903] netlink: 'syz.1.7275': attribute type 3 has an invalid length. [ 1687.688704][T23903] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.7275'. [ 1687.936541][T23905] loop3: detected capacity change from 0 to 64 [ 1688.415372][T23909] sch_fq: defrate 0 ignored. [ 1688.640460][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1688.873477][ T29] audit: type=1326 audit(1729845085.576:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23912 comm="syz.5.7284" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7ff0579 code=0x0 [ 1689.721948][T23926] netlink: 16 bytes leftover after parsing attributes in process `syz.6.7289'. [ 1689.736883][T23926] netlink: 24 bytes leftover after parsing attributes in process `syz.6.7289'. [ 1690.409346][T23937] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7293'. [ 1690.527537][T23938] netlink: 12 bytes leftover after parsing attributes in process `syz.5.7292'. [ 1691.026787][T23944] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 1691.047757][T23947] loop3: detected capacity change from 0 to 64 [ 1691.080591][T23944] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 1691.248177][T23950] block device autoloading is deprecated and will be removed. [ 1691.404865][T23952] hfs: keylen 94 too large [ 1691.410230][T23952] hfs: request for non-existent node 1818584064 in B*Tree [ 1691.421851][T23952] hfs: request for non-existent node 1818584064 in B*Tree [ 1691.486604][T23947] hfs: keylen 94 too large [ 1691.491520][T23947] ===================================================== [ 1691.498800][T23947] BUG: KMSAN: uninit-value in hfs_brec_find+0x65e/0x980 [ 1691.506264][T23947] hfs_brec_find+0x65e/0x980 [ 1691.516702][T23947] hfs_cat_create+0x444/0xbc0 [ 1691.521728][T23947] hfs_create+0xcf/0x250 [ 1691.528160][T23947] path_openat+0x2e9e/0x6200 [ 1691.534794][T23947] do_filp_open+0x20e/0x590 [ 1691.543145][T23947] do_sys_openat2+0x1bf/0x2f0 [ 1691.548005][T23947] __ia32_sys_creat+0xe4/0x140 [ 1691.559129][T23947] ia32_sys_call+0x37a3/0x40d0 [ 1691.564275][T23947] __do_fast_syscall_32+0xb0/0x110 [ 1691.569757][T23947] do_fast_syscall_32+0x38/0x80 [ 1691.574819][T23947] do_SYSENTER_32+0x1f/0x30 [ 1691.579528][T23947] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1691.592921][T23947] [ 1691.595355][T23947] Local variable fd created at: [ 1691.603033][T23947] hfs_cat_create+0x4b/0xbc0 [ 1691.613414][T23947] hfs_create+0xcf/0x250 [ 1691.617842][T23947] [ 1691.626249][T23947] CPU: 1 UID: 0 PID: 23947 Comm: syz.3.7299 Not tainted 6.12.0-rc4-syzkaller-00161-gae90f6a6170d #0 [ 1691.639741][T23947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1691.658996][T23947] ===================================================== [ 1691.666730][T23947] Disabling lock debugging due to kernel taint [ 1691.673503][T23947] Kernel panic - not syncing: kmsan.panic set ... [ 1691.680073][T23947] CPU: 1 UID: 0 PID: 23947 Comm: syz.3.7299 Tainted: G B 6.12.0-rc4-syzkaller-00161-gae90f6a6170d #0 [ 1691.692536][T23947] Tainted: [B]=BAD_PAGE [ 1691.696807][T23947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 1691.707007][T23947] Call Trace: [ 1691.710412][T23947] [ 1691.713462][T23947] dump_stack_lvl+0x216/0x2d0 [ 1691.718364][T23947] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1691.724376][T23947] dump_stack+0x1e/0x30 [ 1691.728742][T23947] panic+0x4e2/0xcf0 [ 1691.732847][T23947] ? kmsan_get_metadata+0x121/0x1c0 [ 1691.738250][T23947] kmsan_report+0x2c7/0x2d0 [ 1691.742997][T23947] ? vprintk_default+0x3e/0x50 [ 1691.747963][T23947] ? __msan_warning+0x95/0x120 [ 1691.752949][T23947] ? hfs_brec_find+0x65e/0x980 [ 1691.757890][T23947] ? hfs_cat_create+0x444/0xbc0 [ 1691.762933][T23947] ? hfs_create+0xcf/0x250 [ 1691.767536][T23947] ? path_openat+0x2e9e/0x6200 [ 1691.772490][T23947] ? do_filp_open+0x20e/0x590 [ 1691.777368][T23947] ? do_sys_openat2+0x1bf/0x2f0 [ 1691.782399][T23947] ? __ia32_sys_creat+0xe4/0x140 [ 1691.787523][T23947] ? ia32_sys_call+0x37a3/0x40d0 [ 1691.792702][T23947] ? __do_fast_syscall_32+0xb0/0x110 [ 1691.798211][T23947] ? do_fast_syscall_32+0x38/0x80 [ 1691.803450][T23947] ? do_SYSENTER_32+0x1f/0x30 [ 1691.808345][T23947] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1691.815080][T23947] ? kmsan_get_metadata+0x13e/0x1c0 [ 1691.820460][T23947] ? hfs_brec_keylen+0x398/0x610 [ 1691.825596][T23947] ? hfs_brec_keylen+0x58f/0x610 [ 1691.830744][T23947] ? __hfs_brec_find+0x426/0x830 [ 1691.835861][T23947] ? __pfx_hfs_cat_keycmp+0x10/0x10 [ 1691.841262][T23947] ? kmsan_get_metadata+0x13e/0x1c0 [ 1691.846648][T23947] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 1691.852661][T23947] __msan_warning+0x95/0x120 [ 1691.857476][T23947] hfs_brec_find+0x65e/0x980 [ 1691.862272][T23947] hfs_cat_create+0x444/0xbc0 [ 1691.867157][T23947] ? hfs_mark_mdb_dirty+0x135/0x2a0 [ 1691.872613][T23947] hfs_create+0xcf/0x250 [ 1691.877056][T23947] ? __pfx_hfs_create+0x10/0x10 [ 1691.882099][T23947] path_openat+0x2e9e/0x6200 [ 1691.886945][T23947] do_filp_open+0x20e/0x590 [ 1691.891682][T23947] do_sys_openat2+0x1bf/0x2f0 [ 1691.896554][T23947] __ia32_sys_creat+0xe4/0x140 [ 1691.901528][T23947] ia32_sys_call+0x37a3/0x40d0 [ 1691.906539][T23947] __do_fast_syscall_32+0xb0/0x110 [ 1691.911892][T23947] ? irqentry_exit+0x16/0x60 [ 1691.916690][T23947] do_fast_syscall_32+0x38/0x80 [ 1691.921761][T23947] do_SYSENTER_32+0x1f/0x30 [ 1691.926483][T23947] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 1691.933044][T23947] RIP: 0023:0xf7fc3579 [ 1691.937265][T23947] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 1691.957084][T23947] RSP: 002b:00000000f574655c EFLAGS: 00000206 ORIG_RAX: 0000000000000008 [ 1691.965703][T23947] RAX: ffffffffffffffda RBX: 0000000020000580 RCX: 0000000000000000 [ 1691.973843][T23947] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1691.981969][T23947] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 1691.990093][T23947] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1691.998219][T23947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1692.006367][T23947] [ 1692.009812][T23947] Kernel Offset: disabled [ 1692.014208][T23947] Rebooting in 86400 seconds..