last executing test programs: 3m19.048289364s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 2m31.020899799s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 1m51.827344351s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 1m16.915271228s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 53.290958287s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 43.461474889s ago: executing program 2 (id=610): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x50}}, 0x0) getsockname$packet(r0, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x0, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {r1, 0x0, 0x0, 0x0, {@in6_addr=@mcast2, 0x86dd}}}]}, 0x38}}, 0x0) 42.301575832s ago: executing program 2 (id=612): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000007440)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)="e9", 0x1}], 0x1, 0x0, 0x0, 0x4}}], 0x1, 0x2000c015) sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x280000c0}, 0xc00d) 41.909448233s ago: executing program 2 (id=614): openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x20002) r1 = dup(r0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) 41.310643037s ago: executing program 2 (id=618): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) sendfile(r0, r1, 0x0, 0xffffffff000) 39.816103641s ago: executing program 2 (id=625): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) getdents64(r0, &(0x7f0000000800)=""/4096, 0x1000) 38.953001936s ago: executing program 2 (id=627): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x0) r2 = syz_open_dev$evdev(&(0x7f00000001c0), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r2, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xf773, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"}) 24.179793766s ago: executing program 0 (id=215): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000140)={0x0, 0x6, 0x200}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000300)={0x4, 0x7, 0x200}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=@framed={{0x18, 0x6}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @alu={0x0, 0x0, 0x4}, @exit={0x95, 0x0, 0x7b00}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 22.716735107s ago: executing program 1 (id=663): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) dup3(r0, r1, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0x2}, @val={0x8}, @val={0xc, 0x99, {0x0, 0x50}}}}}, 0x30}}, 0x0) 22.215416584s ago: executing program 1 (id=666): r0 = timerfd_create(0x9, 0x0) r1 = timerfd_create(0x9, 0x0) timerfd_settime(r1, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0) timerfd_settime(r0, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0) readv(r0, &(0x7f0000001540)=[{&(0x7f00000000c0)=""/181, 0xb5}], 0x1) 21.631823947s ago: executing program 1 (id=669): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044081}, 0x40810) 21.279402834s ago: executing program 1 (id=670): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x230) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x230) 20.930139756s ago: executing program 1 (id=672): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000580)='cgroup2\x00', 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) lseek(r0, 0x5bcf4d33, 0x0) getdents64(r0, 0x0, 0x4b) 20.202586796s ago: executing program 1 (id=674): r0 = syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x0) ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000280)={0x0, 0x8, 0x0, &(0x7f0000001d40), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x0, 0x0}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19) write$binfmt_aout(r1, &(0x7f0000002140)=ANY=[], 0xff2e) 4.57573148s ago: executing program 4 (id=720): r0 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) r1 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r1, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101}) setsockopt$inet6_group_source_req(r0, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108) 3.83308964s ago: executing program 4 (id=721): mlockall(0x7) r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) munlockall() madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x4) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000140), 0x0, 0x4) 2.892429602s ago: executing program 3 (id=722): bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x38, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x38}}, 0x0) 2.619856505s ago: executing program 4 (id=723): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[], 0x0) 2.204050366s ago: executing program 3 (id=724): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10) rt_sigprocmask(0x0, 0x0, 0x0, 0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000700), 0x8, 0x0) fchmod(r1, 0x0) 1.817583967s ago: executing program 3 (id=725): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r1, 0x0, 0x0) 1.607509493s ago: executing program 4 (id=726): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x24}}, 0x0) 1.229422472s ago: executing program 3 (id=727): setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000000c0)=0x7a, 0x4) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x17, 0x0, "d86ac46a073843d9f8060941f3d77262614c3cd1ba8b023fc00414f10c2b7974289520ce79fef70f5a2483620aef97999c7e0f07caa2360fa1374ae1dea4978f54b437d900"}, 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000003640)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0xf, 0x0, "55c03a88cd9efb99f0c17f9c4c74dcd723feb91a01ba2010116a8f4b6ee6f91b3075b06618b54643483981f2b9a46786fa1ba67bc97a02d6b0b4d20c606a80f0ab44c1c34686f5515a56b38147f0a9da"}, 0xd8) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36) 975.027772ms ago: executing program 4 (id=728): syz_open_dev$usbmon(&(0x7f00000000c0), 0x7, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0]) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) 715.660522ms ago: executing program 3 (id=729): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822941) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/3\x00') io_submit(0x0, 0x1, &(0x7f0000000440)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x10000}]) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2778) read$char_usb(r1, 0x0, 0x0) 42.862921ms ago: executing program 3 (id=730): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000180)=0x4000000, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090011006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f", 0x48, 0x0, 0x0, 0x0) 0s ago: executing program 4 (id=731): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000001700)={'batadv0\x00', 0x0}) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl1\x00', r2, 0x0, 0x0, 0x0, 0x800, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1}}) kernel console output (not intermixed with test programs): _slave_0): Releasing backup interface [ 338.447730][ T3968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.507137][ T3968] bond0 (unregistering): Released all slaves [ 339.128766][ T25] usb 4-1: USB disconnect, device number 3 [ 339.468690][ T5188] Bluetooth: hci5: command 0x0c1a tx timeout [ 339.832526][ T3968] hsr_slave_0: left promiscuous mode [ 339.862306][ T5188] Bluetooth: hci1: command 0x0c1a tx timeout [ 339.868973][ T3968] hsr_slave_1: left promiscuous mode [ 339.963939][ T3968] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 339.974697][ T3968] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 340.038269][ T3968] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 340.046360][ T3968] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 340.110852][ T5188] Bluetooth: hci3: command 0x0c1a tx timeout [ 340.118418][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 340.133995][ T3968] veth1_macvtap: left promiscuous mode [ 340.140023][ T3968] veth0_macvtap: left promiscuous mode [ 340.146149][ T3968] veth1_vlan: left promiscuous mode [ 340.152135][ T3968] veth0_vlan: left promiscuous mode [ 340.837901][ T6480] loop3: detected capacity change from 0 to 256 [ 341.565516][ T3968] team0 (unregistering): Port device team_slave_1 removed [ 341.618047][ T5190] Bluetooth: hci5: command 0x0c1a tx timeout [ 341.728776][ T3968] team0 (unregistering): Port device team_slave_0 removed [ 341.970445][ T5190] Bluetooth: hci1: command 0x0c1a tx timeout [ 342.030826][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.040370][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.182802][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 342.189099][ T5190] Bluetooth: hci3: command 0x0c1a tx timeout [ 342.638217][ T6497] loop3: detected capacity change from 0 to 256 [ 343.022814][ T6430] chnl_net:caif_netlink_parms(): no params data found [ 343.228350][ T6503] loop4: detected capacity change from 0 to 2048 [ 343.505504][ T6497] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 343.687938][ T6507] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 343.736001][ T5190] Bluetooth: hci5: command 0x0c1a tx timeout [ 344.022624][ T5190] Bluetooth: hci1: command 0x0c1a tx timeout [ 344.273055][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 344.679871][ T6430] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.691483][ T6430] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.703032][ T6430] bridge_slave_0: entered allmulticast mode [ 344.712251][ T6430] bridge_slave_0: entered promiscuous mode [ 344.815697][ T6430] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.823823][ T6430] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.831830][ T6430] bridge_slave_1: entered allmulticast mode [ 344.841022][ T6430] bridge_slave_1: entered promiscuous mode [ 345.237037][ T6430] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 345.379684][ T6430] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 345.510664][ T6536] loop1: detected capacity change from 0 to 128 [ 345.709725][ T6536] VFS: Found a Xenix FS (block size = 512) on device loop1 [ 345.877442][ T6541] loop3: detected capacity change from 0 to 1024 [ 346.008659][ T5196] sysv_free_block: trying to free block not in datazone [ 346.020037][ T5196] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 346.418093][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 346.468067][ T6552] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 346.490969][ T6430] team0: Port device team_slave_0 added [ 346.516224][ T6430] team0: Port device team_slave_1 added [ 346.657808][ T34] hfsplus: b-tree write err: -5, ino 8 [ 346.944656][ T6430] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 346.957923][ T6430] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 346.984522][ C0] vkms_vblank_simulate: vblank timer overrun [ 347.002819][ T6430] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 347.020804][ T6430] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 347.028566][ T6430] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 347.055284][ C0] vkms_vblank_simulate: vblank timer overrun [ 347.082490][ T6430] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 347.289935][ T6550] loop2: detected capacity change from 0 to 2048 [ 347.688699][ T6430] hsr_slave_0: entered promiscuous mode [ 347.855629][ T6430] hsr_slave_1: entered promiscuous mode [ 348.039326][ T6550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 348.054116][ T6550] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 348.271509][ T6550] fs-verity: sha512 using implementation "sha512-generic" [ 348.458203][ T6550] fs-verity (loop2, inode 13): Error -4 reading file data [ 348.466134][ T6550] fs-verity (loop2, inode 13): Error -4 building Merkle tree [ 348.503234][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 348.562623][ T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 348.755491][ T10] usb 4-1: Using ep0 maxpacket: 32 [ 348.777636][ T6578] loop4: detected capacity change from 0 to 16 [ 348.784769][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 348.804261][ T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 348.817844][ T10] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 348.828203][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 348.847623][ T6578] erofs: (device loop4): mounted with root inode @ nid 36. [ 349.004524][ T10] usb 4-1: config 0 descriptor?? [ 349.010227][ T6087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 349.563818][ T10] koneplus 0003:1E7D:2D51.0003: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.3-1/input0 [ 349.784000][ T44] usb 4-1: USB disconnect, device number 4 [ 350.618104][ T5190] Bluetooth: hci0: command 0x041b tx timeout [ 350.769117][ T6430] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 350.898727][ T6430] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 351.084923][ T6597] netlink: 12 bytes leftover after parsing attributes in process `syz.1.354'. [ 351.104828][ T6430] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 351.178604][ T6430] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 351.253665][ T6595] syzkaller1: entered promiscuous mode [ 351.261352][ T6595] syzkaller1: entered allmulticast mode [ 351.612461][ T6601] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22 [ 351.621213][ T6601] netdevsim netdevsim2: Direct firmware load for . failed with error -22 [ 351.632327][ T6601] netdevsim netdevsim2: Falling back to sysfs fallback for: . [ 351.746055][ T6603] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 351.759487][ T6603] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 352.081755][ T6430] 8021q: adding VLAN 0 to HW filter on device bond0 [ 352.135725][ T6430] 8021q: adding VLAN 0 to HW filter on device team0 [ 352.244812][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 352.252671][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 352.268718][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 352.276561][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 352.386890][ T6430] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 352.397825][ T6430] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 353.266382][ T6619] loop1: detected capacity change from 0 to 4096 [ 353.378174][ T6627] bridge0: port 3(macvlan2) entered blocking state [ 353.386503][ T6627] bridge0: port 3(macvlan2) entered disabled state [ 353.394323][ T6627] macvlan2: entered allmulticast mode [ 353.417542][ T6627] macvlan2: entered promiscuous mode [ 353.701489][ T6631] loop3: detected capacity change from 0 to 512 [ 353.723774][ T6619] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512). [ 353.755129][ T6631] EXT4-fs: Ignoring removed orlov option [ 353.761206][ T6631] EXT4-fs: Ignoring removed i_version option [ 353.767808][ T6631] EXT4-fs: Ignoring removed nomblk_io_submit option [ 354.071933][ T6631] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 354.083623][ T6631] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002] [ 354.130354][ T6631] EXT4-fs (loop3): orphan cleanup on readonly fs [ 354.138928][ T6631] __quota_error: 4 callbacks suppressed [ 354.139010][ T6631] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0 [ 354.156451][ T6631] EXT4-fs warning (device loop3): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 354.173470][ T6631] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 354.249383][ T6619] ntfs3: loop1: Failed to load $Extend (-22). [ 354.256533][ T6619] ntfs3: loop1: Failed to initialize $Extend. [ 354.403071][ T6631] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.365: bg 0: block 40: padding at end of block bitmap is not set [ 354.443492][ T6631] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 354.465092][ T6631] EXT4-fs (loop3): 1 truncate cleaned up [ 354.474435][ T6631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 354.509689][ T6631] EXT4-fs error (device loop3): ext4_encrypted_get_link:46: inode #16: comm syz.3.365: bad symlink. [ 354.845063][ T6642] loop2: detected capacity change from 0 to 64 [ 355.830644][ T6430] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 355.920043][ T1275] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.121552][ T6061] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.145941][ T1275] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.365927][ T1275] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 356.446716][ T6652] loop2: detected capacity change from 0 to 7 [ 356.506898][ T6652] Dev loop2: unable to read RDB block 7 [ 356.513321][ T6652] loop2: unable to read partition table [ 356.535424][ T6652] loop2: partition table beyond EOD, truncated [ 356.543012][ T6652] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5) [ 356.578053][ T1275] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 357.133975][ T1275] macvlan2: left allmulticast mode [ 357.139499][ T1275] macvlan2: left promiscuous mode [ 357.147080][ T1275] bridge0: port 3(macvlan2) entered disabled state [ 357.209369][ T1275] bridge_slave_1: left allmulticast mode [ 357.215871][ T1275] bridge_slave_1: left promiscuous mode [ 357.222978][ T1275] bridge0: port 2(bridge_slave_1) entered disabled state [ 357.265899][ T1275] bridge_slave_0: left allmulticast mode [ 357.273191][ T1275] bridge_slave_0: left promiscuous mode [ 357.280391][ T1275] bridge0: port 1(bridge_slave_0) entered disabled state [ 357.913429][ T1275] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 357.994300][ T1275] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 358.061505][ T1275] bond0 (unregistering): Released all slaves [ 358.285635][ T6430] veth0_vlan: entered promiscuous mode [ 358.392772][ T6430] veth1_vlan: entered promiscuous mode [ 358.485206][ T5182] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 358.566278][ T5182] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 358.583881][ T5182] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 358.611799][ T5182] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 358.650796][ T5182] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 358.706303][ T5182] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 359.144284][ T6671] capability: warning: `syz.2.379' uses 32-bit capabilities (legacy support in use) [ 359.392308][ T6430] veth0_macvtap: entered promiscuous mode [ 359.514237][ T1275] hsr_slave_0: left promiscuous mode [ 359.670980][ T1275] hsr_slave_1: left promiscuous mode [ 359.783505][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 359.791368][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 359.842729][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 359.852956][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 360.083059][ T1275] veth1_macvtap: left promiscuous mode [ 360.088981][ T1275] veth0_macvtap: left promiscuous mode [ 360.095364][ T1275] veth1_vlan: left promiscuous mode [ 360.101116][ T1275] veth0_vlan: left promiscuous mode [ 360.543417][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 360.823138][ T10] usb 2-1: Using ep0 maxpacket: 32 [ 360.830045][ T5190] Bluetooth: hci2: command tx timeout [ 360.840266][ T10] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be [ 360.850088][ T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.988722][ T10] usb 2-1: config 0 descriptor?? [ 361.049059][ T10] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 361.445653][ T1275] team0 (unregistering): Port device team_slave_1 removed [ 361.628045][ T1275] team0 (unregistering): Port device team_slave_0 removed [ 362.032330][ T6430] veth1_macvtap: entered promiscuous mode [ 362.046641][ T44] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 362.187122][ T10] gspca_vc032x: reg_w err -71 [ 362.192420][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.198312][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.205803][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.211477][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.223530][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.228424][ T44] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 362.229418][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.229479][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.240590][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 362.240791][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 362.240953][ T44] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 362.291670][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.297680][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.303428][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.314213][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.321581][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.327696][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.329309][ T44] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 362.333395][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.333454][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.333507][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.333561][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.333614][ T10] gspca_vc032x: I2c Bus Busy Wait 00 [ 362.333671][ T10] gspca_vc032x: Unknown sensor... [ 362.333955][ T10] vc032x 2-1:0.0: probe with driver vc032x failed with error -22 [ 362.344201][ T44] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 362.371209][ T10] usb 2-1: USB disconnect, device number 4 [ 362.404312][ T44] usb 3-1: Manufacturer: syz [ 362.540247][ T44] usb 3-1: config 0 descriptor?? [ 362.909733][ T5190] Bluetooth: hci2: command tx timeout [ 363.135856][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.148922][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.160647][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.171644][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.182290][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 363.193238][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.209232][ T6430] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.237068][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.248962][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.259532][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.271144][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.281869][ T6430] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 363.292983][ T6430] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 363.303704][ T44] appleir 0003:05AC:8243.0004: unknown main item tag 0x0 [ 363.307960][ T6430] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.340627][ T6430] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.349940][ T6430] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.359342][ T6430] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.368596][ T6430] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.406061][ T44] appleir 0003:05AC:8243.0004: No inputs registered, leaving [ 363.546940][ T44] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 363.666248][ T44] usb 3-1: USB disconnect, device number 3 [ 363.827255][ T6664] chnl_net:caif_netlink_parms(): no params data found [ 364.836444][ T6723] netlink: 'syz.1.392': attribute type 34 has an invalid length. [ 364.997938][ T5190] Bluetooth: hci2: command tx timeout [ 365.153850][ T6711] loop4: detected capacity change from 0 to 4096 [ 365.308971][ T6711] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512). [ 365.428235][ T6664] bridge0: port 1(bridge_slave_0) entered blocking state [ 365.438171][ T6664] bridge0: port 1(bridge_slave_0) entered disabled state [ 365.447505][ T6664] bridge_slave_0: entered allmulticast mode [ 365.460356][ T6664] bridge_slave_0: entered promiscuous mode [ 365.556729][ T6664] bridge0: port 2(bridge_slave_1) entered blocking state [ 365.564928][ T6664] bridge0: port 2(bridge_slave_1) entered disabled state [ 365.575716][ T6664] bridge_slave_1: entered allmulticast mode [ 365.599799][ T6664] bridge_slave_1: entered promiscuous mode [ 365.882903][ T6711] ntfs3: loop4: Failed to load $Extend (-22). [ 365.889390][ T6711] ntfs3: loop4: Failed to initialize $Extend. [ 366.036648][ T6740] input: syz1 as /devices/virtual/input/input6 [ 366.040730][ T6664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 366.137618][ T6664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 366.589842][ T6664] team0: Port device team_slave_0 added [ 366.660657][ T6664] team0: Port device team_slave_1 added [ 366.774463][ T6747] loop1: detected capacity change from 0 to 512 [ 366.893754][ T6747] EXT4-fs: Ignoring removed mblk_io_submit option [ 366.928797][ T6747] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 367.016060][ T6664] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 367.025475][ T6664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.052887][ T6664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 367.061323][ T6749] loop2: detected capacity change from 0 to 1024 [ 367.071825][ T5190] Bluetooth: hci2: command tx timeout [ 367.081687][ T6664] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 367.089271][ T6664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 367.097266][ T6747] EXT4-fs (loop1): 1 truncate cleaned up [ 367.116109][ T6664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 367.142538][ T6747] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 367.583052][ T6664] hsr_slave_0: entered promiscuous mode [ 367.681015][ T6664] hsr_slave_1: entered promiscuous mode [ 367.717010][ T6664] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 367.725677][ T6664] Cannot create hsr debugfs directory [ 367.756145][ T6749] EXT4-fs: Ignoring removed orlov option [ 367.780819][ T5196] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.803838][ T6749] EXT4-fs (loop2): Test dummy encryption mode enabled [ 367.876825][ T6749] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 367.978468][ T6749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.962195][ T6749] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 369.469677][ T6087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.926803][ T6787] loop2: detected capacity change from 0 to 256 [ 369.996718][ T6664] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 370.015321][ T6787] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 370.143456][ T6664] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 370.166326][ T6790] could not open pipe file descriptor [ 370.297221][ T6664] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 370.374762][ T6664] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 370.654175][ T6794] loop1: detected capacity change from 0 to 256 [ 370.804478][ T6794] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 371.060269][ T6800] loop2: detected capacity change from 0 to 47 [ 371.751605][ T6804] loop1: detected capacity change from 0 to 64 [ 371.756409][ T6664] 8021q: adding VLAN 0 to HW filter on device bond0 [ 371.810692][ T6664] 8021q: adding VLAN 0 to HW filter on device team0 [ 371.857495][ T1275] bridge0: port 1(bridge_slave_0) entered blocking state [ 371.865318][ T1275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 371.880910][ T1275] bridge0: port 2(bridge_slave_1) entered blocking state [ 371.888838][ T1275] bridge0: port 2(bridge_slave_1) entered forwarding state [ 372.119769][ T3841] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.128009][ T3841] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.590461][ T2959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 372.599261][ T2959] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 372.648229][ T6810] loop2: detected capacity change from 0 to 512 [ 372.895015][ T6810] EXT4-fs: Ignoring removed mblk_io_submit option [ 373.145350][ T6810] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b856c118, mo2=0002] [ 373.172899][ T6810] System zones: 1-12 [ 373.373246][ T6810] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.410: corrupted in-inode xattr: e_value size too large [ 373.608063][ T6810] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.410: couldn't read orphan inode 15 (err -117) [ 373.769627][ T6810] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 373.852749][ T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.227840][ T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.249211][ T6807] loop4: detected capacity change from 0 to 32768 [ 374.574129][ T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 374.621412][ T6087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.839465][ T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 375.350507][ T59] bridge_slave_1: left allmulticast mode [ 375.356791][ T59] bridge_slave_1: left promiscuous mode [ 375.363789][ T59] bridge0: port 2(bridge_slave_1) entered disabled state [ 375.379821][ T59] bridge_slave_0: left allmulticast mode [ 375.387571][ T59] bridge_slave_0: left promiscuous mode [ 375.394349][ T59] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.127718][ T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 376.179414][ T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 376.220827][ T59] bond0 (unregistering): Released all slaves [ 376.493357][ T6664] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 377.242849][ T6664] veth0_vlan: entered promiscuous mode [ 377.283126][ T5182] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 377.301724][ T5182] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 377.311121][ T5182] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 377.488062][ T6664] veth1_vlan: entered promiscuous mode [ 377.537800][ T5182] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 377.615915][ T6664] veth0_macvtap: entered promiscuous mode [ 377.644355][ T6664] veth1_macvtap: entered promiscuous mode [ 377.651110][ T5182] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 377.663649][ T5182] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 377.704931][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.715788][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.726022][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.737559][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.748047][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.759251][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.774509][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 377.788757][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 377.805345][ T6664] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 377.998215][ T6835] loop4: detected capacity change from 0 to 4096 [ 377.999492][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.010931][ T6847] loop2: detected capacity change from 0 to 64 [ 378.019606][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.019709][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.019799][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.019878][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.069905][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.083908][ T6664] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 378.095820][ T6664] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 378.110603][ T6664] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 378.497723][ T44] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 378.604702][ T6664] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.613989][ T6664] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.623199][ T6664] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.632598][ T6664] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 378.710951][ T44] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 378.721750][ T44] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 378.771235][ T44] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 378.781394][ T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 378.789960][ T44] usb 2-1: SerialNumber: syz [ 378.997681][ T59] hsr_slave_0: left promiscuous mode [ 379.020731][ T59] hsr_slave_1: left promiscuous mode [ 379.030313][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 379.039805][ T59] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 379.087680][ T44] usb 2-1: 0:2 : does not exist [ 379.147178][ T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 379.155247][ T59] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 379.243370][ T44] usb 2-1: USB disconnect, device number 5 [ 379.370970][ T59] veth1_macvtap: left promiscuous mode [ 379.377025][ T59] veth0_macvtap: left promiscuous mode [ 379.383235][ T59] veth1_vlan: left promiscuous mode [ 379.388894][ T59] veth0_vlan: left promiscuous mode [ 379.664619][ T5355] udevd[5355]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 379.862313][ T5190] Bluetooth: hci0: command tx timeout [ 380.102671][ T6862] netlink: 4 bytes leftover after parsing attributes in process `syz.2.421'. [ 380.278784][ T6860] loop4: detected capacity change from 0 to 2048 [ 380.424441][ T6860] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 380.878145][ T6869] loop1: detected capacity change from 0 to 64 [ 380.999394][ T6869] Trying to free block not in datazone [ 381.381074][ T59] team0 (unregistering): Port device team_slave_1 removed [ 381.495000][ T59] team0 (unregistering): Port device team_slave_0 removed [ 381.707894][ T6873] loop4: detected capacity change from 0 to 1024 [ 381.738278][ T6873] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 381.772755][ T6873] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 381.805396][ T6873] EXT4-fs (loop4): orphan cleanup on readonly fs [ 381.860266][ T6873] EXT4-fs error (device loop4): __ext4_get_inode_loc:4403: comm syz.4.424: Invalid inode table block 0 in block_group 0 [ 381.958017][ T5190] Bluetooth: hci0: command tx timeout [ 381.964627][ T6873] EXT4-fs (loop4): Remounting filesystem read-only [ 381.976884][ T6873] Quota error (device loop4): write_blk: dquota write failed [ 381.987292][ T6873] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 382.000103][ T6873] EXT4-fs (loop4): 1 truncate cleaned up [ 382.162395][ T6873] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 382.664697][ T5758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 383.184697][ T6892] netlink: 32 bytes leftover after parsing attributes in process `syz.4.427'. [ 383.447575][ T6837] chnl_net:caif_netlink_parms(): no params data found [ 383.527631][ T6899] loop4: detected capacity change from 0 to 1024 [ 383.766809][ T6899] hfsplus: bad catalog entry type [ 383.864731][ T2959] hfsplus: b-tree write err: -5, ino 4 [ 384.033796][ T5190] Bluetooth: hci0: command tx timeout [ 385.695083][ T6837] bridge0: port 1(bridge_slave_0) entered blocking state [ 385.707247][ T6837] bridge0: port 1(bridge_slave_0) entered disabled state [ 385.715597][ T6837] bridge_slave_0: entered allmulticast mode [ 385.724911][ T6837] bridge_slave_0: entered promiscuous mode [ 385.848504][ T6837] bridge0: port 2(bridge_slave_1) entered blocking state [ 385.857534][ T6837] bridge0: port 2(bridge_slave_1) entered disabled state [ 385.868362][ T6837] bridge_slave_1: entered allmulticast mode [ 385.877738][ T6837] bridge_slave_1: entered promiscuous mode [ 386.158060][ T5190] Bluetooth: hci0: command tx timeout [ 386.396501][ T6837] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 386.549740][ T6837] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 387.206373][ T6837] team0: Port device team_slave_0 added [ 387.263843][ T6837] team0: Port device team_slave_1 added [ 387.990350][ T6837] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 387.999115][ T6837] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.034149][ T6837] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 388.429066][ T6837] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 388.436951][ T6837] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 388.464323][ T6837] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 388.672638][ T6942] capability: warning: `syz.4.438' uses deprecated v2 capabilities in a way that may be insecure [ 389.104066][ T6837] hsr_slave_0: entered promiscuous mode [ 389.204661][ T6837] hsr_slave_1: entered promiscuous mode [ 389.211180][ T6949] loop2: detected capacity change from 0 to 64 [ 390.177029][ T6960] loop2: detected capacity change from 0 to 256 [ 390.723055][ T6960] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72685a33, utbl_chksum : 0xe619d30d) [ 390.952276][ T3968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 390.960857][ T3968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.466051][ T3841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 391.475742][ T3841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 391.783707][ T6837] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 391.935662][ T6837] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 392.064179][ T6837] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 392.203920][ T6837] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 392.660546][ T29] audit: type=1326 audit(1727306848.891:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb721f7def9 code=0x7ffc0000 [ 392.685259][ T29] audit: type=1326 audit(1727306848.891:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb721f7def9 code=0x7ffc0000 [ 392.714048][ T29] audit: type=1326 audit(1727306848.901:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fb721f7def9 code=0x7ffc0000 [ 392.735185][ T6837] 8021q: adding VLAN 0 to HW filter on device bond0 [ 392.738803][ T29] audit: type=1326 audit(1727306848.901:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb721f7def9 code=0x7ffc0000 [ 392.767524][ T29] audit: type=1326 audit(1727306848.901:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6974 comm="syz.3.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb721f7def9 code=0x7ffc0000 [ 392.994117][ T6837] 8021q: adding VLAN 0 to HW filter on device team0 [ 393.025264][ T5182] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 393.050409][ T4029] bridge0: port 1(bridge_slave_0) entered blocking state [ 393.058197][ T4029] bridge0: port 1(bridge_slave_0) entered forwarding state [ 393.074136][ T4029] bridge0: port 2(bridge_slave_1) entered blocking state [ 393.082055][ T4029] bridge0: port 2(bridge_slave_1) entered forwarding state [ 393.266252][ T6837] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 393.277050][ T6837] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 393.314118][ T5182] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 393.324686][ T5182] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 393.341450][ T5182] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 393.354033][ T5182] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 393.363644][ T5182] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 393.587232][ T6983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.449'. [ 393.715202][ T6977] loop4: detected capacity change from 0 to 2048 [ 394.408302][ T2959] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.526298][ T6977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 394.661204][ T2959] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.885921][ T2959] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 395.135532][ T5758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.199511][ T7009] Bluetooth: MGMT ver 1.23 [ 395.205700][ T7009] Bluetooth: hci3: unsupported parameter 64512 [ 395.212533][ T7009] Bluetooth: hci3: unsupported parameter 268 [ 395.218745][ T7009] Bluetooth: hci3: unsupported parameter 64512 [ 395.225237][ T7009] Bluetooth: hci3: unsupported parameter 268 [ 395.246563][ T2959] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 395.453078][ T6837] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 395.623297][ T5182] Bluetooth: hci5: command tx timeout [ 395.649296][ T7014] loop4: detected capacity change from 0 to 256 [ 395.973968][ T2959] bridge_slave_1: left allmulticast mode [ 395.980012][ T2959] bridge_slave_1: left promiscuous mode [ 395.988307][ T2959] bridge0: port 2(bridge_slave_1) entered disabled state [ 396.056448][ T2959] bridge_slave_0: left allmulticast mode [ 396.063174][ T2959] bridge_slave_0: left promiscuous mode [ 396.069841][ T2959] bridge0: port 1(bridge_slave_0) entered disabled state [ 396.700662][ T2959] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 396.739394][ T2959] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 396.777068][ T7024] loop4: detected capacity change from 0 to 16 [ 396.795675][ T2959] bond0 (unregistering): Released all slaves [ 396.818829][ T7024] erofs: (device loop4): erofs_read_superblock: dirblkbits 14 isn't supported [ 397.033067][ T6980] chnl_net:caif_netlink_parms(): no params data found [ 397.052864][ T2959] tipc: Disabling bearer [ 397.058686][ T2959] tipc: Left network mode [ 397.355717][ T7027] loop3: detected capacity change from 0 to 1024 [ 397.531722][ T7027] hfsplus: request for non-existent node 2048 in B*Tree [ 397.541174][ T7027] hfsplus: request for non-existent node 2048 in B*Tree [ 397.705201][ T5182] Bluetooth: hci5: command tx timeout [ 397.866837][ T6837] veth0_vlan: entered promiscuous mode [ 398.028009][ T2959] hsr_slave_0: left promiscuous mode [ 398.036848][ T2959] hsr_slave_1: left promiscuous mode [ 398.054938][ T2959] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 398.062878][ T2959] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 398.127043][ T2959] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 398.135200][ T2959] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 398.196037][ T2959] veth1_macvtap: left promiscuous mode [ 398.202249][ T2959] veth0_macvtap: left promiscuous mode [ 398.208275][ T2959] veth1_vlan: left promiscuous mode [ 398.214111][ T2959] veth0_vlan: left promiscuous mode [ 399.440455][ T6837] veth1_vlan: entered promiscuous mode [ 399.784020][ T5182] Bluetooth: hci5: command tx timeout [ 400.289133][ T6980] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.297471][ T6980] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.306807][ T6980] bridge_slave_0: entered allmulticast mode [ 400.316072][ T6980] bridge_slave_0: entered promiscuous mode [ 400.342561][ T6837] veth0_macvtap: entered promiscuous mode [ 400.406732][ T6837] veth1_macvtap: entered promiscuous mode [ 400.434854][ T6980] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.443029][ T6980] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.450822][ T6980] bridge_slave_1: entered allmulticast mode [ 400.460937][ T6980] bridge_slave_1: entered promiscuous mode [ 400.578239][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 400.590301][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.600613][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 400.612446][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.622954][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 400.633850][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 400.648718][ T6837] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 400.982619][ T6980] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 400.993858][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.004836][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.016880][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.028168][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.038522][ T6837] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 401.049292][ T6837] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 401.064205][ T6837] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 401.086650][ T6837] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.096909][ T6837] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.106129][ T6837] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.115403][ T6837] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 401.166631][ T6980] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 401.234645][ T7060] netlink: 20 bytes leftover after parsing attributes in process `syz.4.475'. [ 401.412204][ T6980] team0: Port device team_slave_0 added [ 401.446842][ T6980] team0: Port device team_slave_1 added [ 401.641634][ T6980] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 401.649155][ T6980] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.682229][ T6980] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 401.856352][ T6980] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 401.863864][ T6980] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.891729][ T6980] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 401.910062][ T5182] Bluetooth: hci5: command tx timeout [ 402.073522][ T6980] hsr_slave_0: entered promiscuous mode [ 402.173712][ T6980] hsr_slave_1: entered promiscuous mode [ 402.218622][ T6980] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 402.226599][ T6980] Cannot create hsr debugfs directory [ 402.455247][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 402.486269][ T7076] loop4: detected capacity change from 0 to 1024 [ 402.669446][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 402.681775][ T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.692145][ T8] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 402.705563][ T8] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 402.715120][ T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.742575][ T8] usb 3-1: config 0 descriptor?? [ 402.801248][ T7076] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 403.193524][ T5758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.248547][ T8] acrux 0003:1A34:0802.0005: unknown main item tag 0x0 [ 403.257615][ T8] acrux 0003:1A34:0802.0005: item fetching failed at offset 1/5 [ 403.306958][ T8] acrux 0003:1A34:0802.0005: parse failed [ 403.313467][ T8] acrux 0003:1A34:0802.0005: probe with driver acrux failed with error -22 [ 403.411689][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.418638][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.463313][ T25] usb 3-1: USB disconnect, device number 4 [ 403.958169][ T6980] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 404.014521][ T6980] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 404.053810][ T6980] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 404.074934][ T7079] loop3: detected capacity change from 0 to 4096 [ 404.146990][ T6980] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 404.811471][ T6980] 8021q: adding VLAN 0 to HW filter on device bond0 [ 404.946281][ T6980] 8021q: adding VLAN 0 to HW filter on device team0 [ 405.015016][ T3841] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.022825][ T3841] bridge0: port 1(bridge_slave_0) entered forwarding state [ 405.141272][ T3841] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.149482][ T3841] bridge0: port 2(bridge_slave_1) entered forwarding state [ 406.430936][ T7115] loop3: detected capacity change from 0 to 256 [ 406.562388][ T7115] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 406.573538][ T7115] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 406.806562][ T7115] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 406.997616][ T7115] netlink: 16 bytes leftover after parsing attributes in process `syz.3.490'. [ 407.138473][ T6980] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.750866][ T6980] veth0_vlan: entered promiscuous mode [ 407.833838][ T7127] netlink: 4 bytes leftover after parsing attributes in process `syz.2.494'. [ 407.965894][ T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 407.974657][ T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 407.993282][ T3841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 408.001425][ T3841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 408.079840][ T6980] veth1_vlan: entered promiscuous mode [ 408.369306][ T6980] veth0_macvtap: entered promiscuous mode [ 408.443790][ T6980] veth1_macvtap: entered promiscuous mode [ 408.803991][ T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.891310][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.909833][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.922234][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.933244][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.943816][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.954755][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.964938][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.975721][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.991611][ T6980] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 409.128483][ T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.261309][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.272850][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.283104][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.293977][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.304229][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.321612][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.333837][ T6980] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.344670][ T6980] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.359635][ T6980] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.467721][ T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.535921][ T6980] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.545453][ T6980] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.554710][ T6980] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.563905][ T6980] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.669047][ T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 409.967492][ T34] bridge_slave_1: left allmulticast mode [ 409.973807][ T34] bridge_slave_1: left promiscuous mode [ 409.980457][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 410.123274][ T34] bridge_slave_0: left allmulticast mode [ 410.136962][ T34] bridge_slave_0: left promiscuous mode [ 410.144378][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 410.662354][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 410.679713][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 410.701863][ T34] bond0 (unregistering): Released all slaves [ 411.026985][ T7150] loop4: detected capacity change from 0 to 1024 [ 411.049710][ T7150] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 411.098165][ T7150] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 411.344488][ T5190] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 411.381094][ T5190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 411.392498][ T7158] netlink: 'syz.3.500': attribute type 4 has an invalid length. [ 411.399306][ T5190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 411.451495][ T5190] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 411.464982][ T5190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 411.475700][ T5190] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 411.745167][ T5758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.967409][ T7165] loop3: detected capacity change from 0 to 64 [ 412.224438][ T7168] loop2: detected capacity change from 0 to 256 [ 412.246695][ T34] hsr_slave_0: left promiscuous mode [ 412.312457][ T34] hsr_slave_1: left promiscuous mode [ 412.350486][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 412.358529][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 412.398256][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 412.406148][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 412.482973][ T34] veth1_macvtap: left promiscuous mode [ 412.494460][ T34] veth0_macvtap: left promiscuous mode [ 412.500411][ T34] veth1_vlan: left promiscuous mode [ 412.506175][ T34] veth0_vlan: left promiscuous mode [ 412.658321][ T7169] loop4: detected capacity change from 0 to 2048 [ 412.705951][ T7169] hpfs: filesystem error: improperly stopped; already mounted read-only [ 412.715183][ T7169] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 412.723984][ T7169] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==00000001 [ 413.508909][ T34] team0 (unregistering): Port device team_slave_1 removed [ 413.639141][ T34] team0 (unregistering): Port device team_slave_0 removed [ 413.653569][ T5190] Bluetooth: hci0: command tx timeout [ 413.770592][ T7181] loop2: detected capacity change from 0 to 256 [ 413.892338][ T7181] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 414.796462][ T7157] chnl_net:caif_netlink_parms(): no params data found [ 415.133071][ T5238] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 415.197040][ T7199] loop3: detected capacity change from 0 to 64 [ 415.348020][ T5238] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 415.362728][ T5238] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 415.376244][ T5238] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 415.390625][ T5238] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 415.401305][ T5238] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.714242][ T5182] Bluetooth: hci0: command tx timeout [ 415.727863][ T5238] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 415.736552][ T5238] usb 5-1: invalid MIDI out EP 0 [ 415.889654][ T7206] loop3: detected capacity change from 0 to 128 [ 415.934600][ T7206] EXT4-fs: Ignoring removed nobh option [ 415.948284][ T7157] bridge0: port 1(bridge_slave_0) entered blocking state [ 415.956303][ T7157] bridge0: port 1(bridge_slave_0) entered disabled state [ 415.964745][ T7157] bridge_slave_0: entered allmulticast mode [ 415.975207][ T7157] bridge_slave_0: entered promiscuous mode [ 416.079826][ T7157] bridge0: port 2(bridge_slave_1) entered blocking state [ 416.087753][ T7157] bridge0: port 2(bridge_slave_1) entered disabled state [ 416.095748][ T7157] bridge_slave_1: entered allmulticast mode [ 416.101366][ T7206] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 416.106043][ T7157] bridge_slave_1: entered promiscuous mode [ 416.182297][ T7206] ext4 filesystem being mounted at /21/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 416.271640][ T29] audit: type=1800 audit(1727306872.501:31): pid=7206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.517" name="file2" dev="loop3" ino=12 res=0 errno=0 [ 416.445004][ T5238] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 416.507337][ T5359] udevd[5359]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 416.584021][ T7157] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 416.606801][ T7157] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 416.623904][ T5238] usb 5-1: USB disconnect, device number 4 [ 416.776798][ T6664] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 417.094864][ T7157] team0: Port device team_slave_0 added [ 417.171040][ T7157] team0: Port device team_slave_1 added [ 417.371288][ T7219] loop4: detected capacity change from 0 to 512 [ 417.506664][ T7219] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 417.670383][ T7219] EXT4-fs (loop4): 1 orphan inode deleted [ 417.676539][ T7219] EXT4-fs (loop4): 1 truncate cleaned up [ 417.684504][ T7219] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 417.801924][ T7157] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 417.813827][ T7157] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 417.842474][ T7157] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.842579][ T7219] EXT4-fs error (device loop4): ext4_lookup:1813: inode #15: comm syz.4.521: iget: bad extra_isize 46 (inode size 256) [ 417.866894][ T5182] Bluetooth: hci0: command tx timeout [ 417.877781][ T7157] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 417.886026][ T7157] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 417.915721][ T7157] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.929714][ T7219] EXT4-fs (loop4): Remounting filesystem read-only [ 418.112263][ T7157] hsr_slave_0: entered promiscuous mode [ 418.196503][ T7157] hsr_slave_1: entered promiscuous mode [ 418.450264][ T5758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 418.478596][ T2959] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.486989][ T2959] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.599753][ T7240] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 418.705208][ T2959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.713955][ T2959] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.212518][ T7249] loop1: detected capacity change from 0 to 256 [ 419.708454][ T7157] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 419.810394][ T7258] loop1: detected capacity change from 0 to 256 [ 419.814008][ T7157] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 419.840484][ T7258] exfat: Deprecated parameter 'utf8' [ 419.846773][ T7258] exfat: Deprecated parameter 'namecase' [ 419.853340][ T7258] exfat: Deprecated parameter 'namecase' [ 419.863928][ T7258] exfat: Deprecated parameter 'utf8' [ 419.864175][ T7157] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 419.947429][ T5182] Bluetooth: hci0: command tx timeout [ 419.955973][ T7157] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 419.986141][ T7263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.533'. [ 419.990372][ T7258] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 420.253991][ T7262] loop3: detected capacity change from 0 to 2048 [ 420.342918][ T7262] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 420.413471][ T7157] 8021q: adding VLAN 0 to HW filter on device bond0 [ 420.459367][ T7157] 8021q: adding VLAN 0 to HW filter on device team0 [ 420.540587][ T2920] bridge0: port 1(bridge_slave_0) entered blocking state [ 420.548408][ T2920] bridge0: port 1(bridge_slave_0) entered forwarding state [ 420.564629][ T2920] bridge0: port 2(bridge_slave_1) entered blocking state [ 420.572417][ T2920] bridge0: port 2(bridge_slave_1) entered forwarding state [ 420.714170][ T7262] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 421.116995][ T7256] loop4: detected capacity change from 0 to 4096 [ 421.171554][ T7256] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512). [ 421.407843][ T7256] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 421.440503][ T7256] ntfs3: loop4: Failed to load $Extend (-22). [ 421.448119][ T7256] ntfs3: loop4: Failed to initialize $Extend. [ 421.527754][ T29] audit: type=1800 audit(1727306877.771:32): pid=7256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.531" name="bus" dev="loop4" ino=33 res=0 errno=0 [ 422.432632][ T7157] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 422.601341][ T7157] veth0_vlan: entered promiscuous mode [ 422.638516][ T7157] veth1_vlan: entered promiscuous mode [ 422.767774][ T7157] veth0_macvtap: entered promiscuous mode [ 422.820327][ T7157] veth1_macvtap: entered promiscuous mode [ 422.881508][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.892879][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.903127][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.913939][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.925311][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.939840][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.951805][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.963156][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.978328][ T7157] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 422.996687][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.007599][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.017879][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.028730][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.041770][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.053474][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.061503][ T7292] loop3: detected capacity change from 0 to 2048 [ 423.063638][ T7157] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.081543][ T7157] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.096610][ T7157] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 423.116475][ T7157] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.125751][ T7157] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.138930][ T7157] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.148429][ T7157] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.373049][ T7292] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 423.384538][ T7297] loop1: detected capacity change from 0 to 512 [ 423.415000][ T7297] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 423.465329][ T7297] EXT4-fs (loop1): invalid journal inode [ 423.471508][ T7297] EXT4-fs (loop1): can't get journal size [ 423.524494][ T7300] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 423.595329][ T7297] EXT4-fs (loop1): 1 truncate cleaned up [ 423.604905][ T7297] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.876869][ T7306] loop0: detected capacity change from 0 to 7 [ 423.993960][ T7306] Dev loop0: unable to read RDB block 7 [ 423.999831][ T7306] loop0: AHDI p2 [ 424.005232][ T7306] loop0: partition table partially beyond EOD, truncated [ 424.160928][ T6980] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 425.999885][ T7327] loop2: detected capacity change from 0 to 4096 [ 426.197275][ T7343] loop3: detected capacity change from 0 to 256 [ 426.217477][ T7343] exfat: Unknown parameter 'er\ors' [ 426.491690][ T25] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 426.732371][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 426.744733][ T25] usb 4-1: config 135 has an invalid interface number: 230 but max is 0 [ 426.753658][ T25] usb 4-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config [ 426.764607][ T25] usb 4-1: config 135 has no interface number 0 [ 426.771161][ T25] usb 4-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 426.790326][ T7352] nullb0: AHDI p1 p2 [ 426.795412][ T7352] nullb0: p1 start 3743862698 is beyond EOD, truncated [ 426.857490][ T25] usb 4-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a [ 426.867108][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 426.875578][ T25] usb 4-1: Product: syz [ 426.880010][ T25] usb 4-1: Manufacturer: syz [ 426.885419][ T25] usb 4-1: SerialNumber: syz [ 427.011554][ T25] usb 4-1: Found UVC 0.00 device syz (18ec:3288) [ 427.018488][ T25] usb 4-1: No valid video chain found. [ 427.107315][ T34] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 427.214165][ T25] usb 4-1: USB disconnect, device number 5 [ 427.416620][ T34] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 427.621251][ T34] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 427.817913][ T34] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 427.821633][ T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 427.862346][ T7355] loop2: detected capacity change from 0 to 2048 [ 428.006298][ T7355] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 428.051668][ T25] usb 2-1: Using ep0 maxpacket: 32 [ 428.084523][ T25] usb 2-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae [ 428.095298][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 428.104524][ T25] usb 2-1: Product: syz [ 428.108944][ T25] usb 2-1: Manufacturer: syz [ 428.113992][ T25] usb 2-1: SerialNumber: syz [ 428.177955][ T7355] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 428.212503][ T25] usb 2-1: config 0 descriptor?? [ 428.221107][ T7355] UDF-fs: error (device loop2): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 428.251352][ T25] ums_eneub6250 2-1:0.0: USB Mass Storage device detected [ 428.292656][ T5190] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 428.308761][ T5190] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 428.318122][ T5190] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 428.330273][ T34] bridge_slave_1: left allmulticast mode [ 428.336426][ T34] bridge_slave_1: left promiscuous mode [ 428.345201][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.375437][ T34] bridge_slave_0: left allmulticast mode [ 428.381415][ T34] bridge_slave_0: left promiscuous mode [ 428.388204][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.403031][ T5190] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 428.434019][ T5190] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 428.479336][ T7370] loop3: detected capacity change from 0 to 512 [ 428.538373][ T5190] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 428.658206][ T7370] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 428.722260][ T44] usb 2-1: USB disconnect, device number 6 [ 428.731542][ T7370] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #15: comm syz.3.568: iget: bad i_size value: -67835469387268086 [ 428.829638][ T7370] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.568: couldn't read orphan inode 15 (err -117) [ 428.896748][ T7370] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.909831][ T7370] ext2 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 429.016592][ T7370] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.568: Directory hole found for htree leaf block 0 [ 429.078646][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 429.095766][ T7370] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.568: Directory hole found for htree leaf block 0 [ 429.119471][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 429.145936][ T34] bond0 (unregistering): Released all slaves [ 429.342884][ T6664] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 429.465368][ T2920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 429.473842][ T2920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 429.715995][ T7377] dvmrp0: entered allmulticast mode [ 429.918962][ T7386] dvmrp0: left allmulticast mode [ 430.021916][ T7377] dvmrp1: entered allmulticast mode [ 430.036149][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.044437][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.083193][ T7390] loop2: detected capacity change from 0 to 64 [ 430.292776][ T44] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 430.346243][ T7393] loop3: detected capacity change from 0 to 8 [ 430.425129][ T34] hsr_slave_0: left promiscuous mode [ 430.464164][ T34] hsr_slave_1: left promiscuous mode [ 430.472372][ T44] usb 2-1: Using ep0 maxpacket: 32 [ 430.480716][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 430.489348][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 430.528475][ T44] usb 2-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae [ 430.538399][ T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.546925][ T44] usb 2-1: Product: syz [ 430.551333][ T44] usb 2-1: Manufacturer: syz [ 430.556340][ T44] usb 2-1: SerialNumber: syz [ 430.560722][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 430.569103][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 430.605108][ T44] usb 2-1: config 0 descriptor?? [ 430.611709][ T5190] Bluetooth: hci3: command tx timeout [ 430.650385][ T34] veth1_macvtap: left promiscuous mode [ 430.661100][ T34] veth0_macvtap: left promiscuous mode [ 430.667484][ T34] veth1_vlan: left promiscuous mode [ 430.673316][ T34] veth0_vlan: left promiscuous mode [ 430.696761][ T44] ums_eneub6250 2-1:0.0: USB Mass Storage device detected [ 430.998763][ T7397] netlink: 'syz.2.576': attribute type 142 has an invalid length. [ 431.029738][ T7399] Bluetooth: hci0: Frame reassembly failed (-84) [ 431.047679][ T2920] Bluetooth: hci0: Frame reassembly failed (-84) [ 431.081299][ T44] usb 2-1: USB disconnect, device number 7 [ 431.348493][ T7401] loop2: detected capacity change from 0 to 64 [ 431.398723][ T34] team0 (unregistering): Port device team_slave_1 removed [ 431.467740][ T34] team0 (unregistering): Port device team_slave_0 removed [ 431.727580][ T7365] chnl_net:caif_netlink_parms(): no params data found [ 432.666102][ T5182] Bluetooth: hci3: command tx timeout [ 432.678520][ T34] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 432.900435][ T34] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.013878][ T34] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.062514][ T5190] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 433.162404][ T34] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 433.188394][ T7365] bridge0: port 1(bridge_slave_0) entered blocking state [ 433.198202][ T7365] bridge0: port 1(bridge_slave_0) entered disabled state [ 433.207226][ T7365] bridge_slave_0: entered allmulticast mode [ 433.216361][ T7365] bridge_slave_0: entered promiscuous mode [ 433.228726][ T7365] bridge0: port 2(bridge_slave_1) entered blocking state [ 433.236755][ T7365] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.247139][ T7365] bridge_slave_1: entered allmulticast mode [ 433.257697][ T7365] bridge_slave_1: entered promiscuous mode [ 433.348163][ T7365] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 433.368875][ T7365] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 433.450708][ T7365] team0: Port device team_slave_0 added [ 433.701775][ T7365] team0: Port device team_slave_1 added [ 433.941849][ T34] bridge_slave_1: left allmulticast mode [ 433.949742][ T34] bridge_slave_1: left promiscuous mode [ 433.956546][ T34] bridge0: port 2(bridge_slave_1) entered disabled state [ 434.019304][ T34] bridge_slave_0: left allmulticast mode [ 434.025603][ T34] bridge_slave_0: left promiscuous mode [ 434.032397][ T34] bridge0: port 1(bridge_slave_0) entered disabled state [ 434.045316][ T7429] loop1: detected capacity change from 0 to 256 [ 434.096724][ T5190] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 434.252963][ T5190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 434.263178][ T5190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 434.285466][ T5190] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 434.301176][ T5190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 434.311003][ T5190] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 434.653664][ T34] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 434.714591][ T34] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 434.740316][ T7436] loop1: detected capacity change from 0 to 512 [ 434.756692][ T5182] Bluetooth: hci3: command tx timeout [ 434.767961][ T34] bond0 (unregistering): Released all slaves [ 434.866500][ T7436] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.590: invalid block [ 434.879942][ T7439] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 434.886278][ T7365] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 434.886672][ T7439] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 434.893834][ T7365] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 434.901888][ T7439] vhci_hcd vhci_hcd.0: Device attached [ 434.927007][ C0] vkms_vblank_simulate: vblank timer overrun [ 434.933239][ T7365] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 434.960245][ T7365] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 434.967644][ T7365] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 434.994511][ T7365] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 435.038128][ T7443] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 435.144360][ T7436] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.590: invalid indirect mapped block 4294967295 (level 1) [ 435.168172][ T7443] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(5) [ 435.175013][ T7443] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 435.183465][ T7443] vhci_hcd vhci_hcd.0: Device attached [ 435.189515][ T7436] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.590: invalid indirect mapped block 4294967295 (level 1) [ 435.215553][ T7436] EXT4-fs (loop1): 2 truncates cleaned up [ 435.221327][ T7439] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(10) [ 435.225330][ T7436] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 435.228123][ T7439] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 435.228827][ T7439] vhci_hcd vhci_hcd.0: Device attached [ 435.281945][ T5238] vhci_hcd: vhci_device speed not set [ 435.283868][ T7365] hsr_slave_0: entered promiscuous mode [ 435.310617][ T7365] hsr_slave_1: entered promiscuous mode [ 435.333586][ T7443] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(9) [ 435.340418][ T7443] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 435.349383][ T7443] vhci_hcd vhci_hcd.0: Device attached [ 435.362310][ T7365] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 435.370109][ T7365] Cannot create hsr debugfs directory [ 435.392307][ T7446] vhci_hcd: connection closed [ 435.403397][ T7444] vhci_hcd: connection closed [ 435.437045][ T7448] vhci_hcd: connection closed [ 435.440275][ T7441] vhci_hcd: connection closed [ 435.452736][ T5238] usb 15-1: new full-speed USB device number 2 using vhci_hcd [ 435.468734][ T7442] vhci_hcd: sendmsg failed!, ret=-32 for 48 [ 435.482359][ T1275] vhci_hcd: stop threads [ 435.486841][ T1275] vhci_hcd: release socket [ 435.491530][ T1275] vhci_hcd: disconnect device [ 435.561803][ T1275] vhci_hcd: stop threads [ 435.567176][ T1275] vhci_hcd: release socket [ 435.571867][ T1275] vhci_hcd: disconnect device [ 435.577680][ T1275] vhci_hcd: stop threads [ 435.582405][ T1275] vhci_hcd: release socket [ 435.587079][ T1275] vhci_hcd: disconnect device [ 435.592814][ T1275] vhci_hcd: stop threads [ 435.597270][ T1275] vhci_hcd: release socket [ 435.601884][ T1275] vhci_hcd: disconnect device [ 435.693141][ T6980] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.216187][ T34] hsr_slave_0: left promiscuous mode [ 436.271089][ T34] hsr_slave_1: left promiscuous mode [ 436.295125][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 436.303371][ T34] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 436.351584][ T34] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 436.359678][ T34] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 436.431396][ T5190] Bluetooth: hci0: command tx timeout [ 436.465981][ T34] veth1_macvtap: left promiscuous mode [ 436.472100][ T34] veth0_macvtap: left promiscuous mode [ 436.478300][ T34] veth1_vlan: left promiscuous mode [ 436.484105][ T34] veth0_vlan: left promiscuous mode [ 436.787105][ T7461] loop3: detected capacity change from 0 to 512 [ 436.808008][ T7455] block nbd2: shutting down sockets [ 436.901319][ T5182] Bluetooth: hci3: command tx timeout [ 437.207399][ T7461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.223545][ T7461] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 437.568947][ T7461] EXT4-fs error (device loop3): ext4_get_first_dir_block:3543: inode #12: comm syz.3.596: directory missing '.' [ 438.002398][ T7459] loop1: detected capacity change from 0 to 32768 [ 438.012125][ T34] team0 (unregistering): Port device team_slave_1 removed [ 438.051470][ T34] team0 (unregistering): Port device team_slave_0 removed [ 438.111763][ T6664] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.580656][ T5190] Bluetooth: hci0: command tx timeout [ 438.905936][ T7470] loop2: detected capacity change from 0 to 1024 [ 438.980161][ T7470] hfsplus: filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. leaving read-only. [ 439.694238][ T7425] chnl_net:caif_netlink_parms(): no params data found [ 439.754833][ T7365] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 439.793881][ T7365] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 439.907734][ T7365] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 439.926431][ T7481] loop3: detected capacity change from 0 to 2048 [ 439.954508][ T7365] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 440.004701][ T7481] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 440.104334][ T7478] loop2: detected capacity change from 0 to 4096 [ 440.124573][ T7481] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 440.211803][ T7481] EXT4-fs error (device loop3): ext4_search_dir:1505: inode #12: block 9: comm syz.3.603: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0 [ 440.288332][ T7481] EXT4-fs (loop3): Remounting filesystem read-only [ 440.558885][ T6664] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.584305][ T5238] vhci_hcd: vhci_device speed not set [ 440.665157][ T5190] Bluetooth: hci0: command tx timeout [ 440.865801][ T7425] bridge0: port 1(bridge_slave_0) entered blocking state [ 440.873886][ T7425] bridge0: port 1(bridge_slave_0) entered disabled state [ 440.881726][ T7425] bridge_slave_0: entered allmulticast mode [ 440.891079][ T7425] bridge_slave_0: entered promiscuous mode [ 440.937520][ T7478] syz.2.601 (7478) used greatest stack depth: 5000 bytes left [ 440.947965][ T7425] bridge0: port 2(bridge_slave_1) entered blocking state [ 440.958368][ T7425] bridge0: port 2(bridge_slave_1) entered disabled state [ 440.966689][ T7425] bridge_slave_1: entered allmulticast mode [ 440.976263][ T7425] bridge_slave_1: entered promiscuous mode [ 441.082597][ T7365] 8021q: adding VLAN 0 to HW filter on device bond0 [ 441.125435][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 441.163232][ T7425] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 441.184281][ T7425] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 441.292898][ T8] usb 4-1: Using ep0 maxpacket: 8 [ 441.309906][ T8] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 441.318765][ T8] usb 4-1: config 179 has no interface number 0 [ 441.326281][ T8] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 441.328159][ T7365] 8021q: adding VLAN 0 to HW filter on device team0 [ 441.337758][ T8] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 441.356477][ T8] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 441.356883][ T7425] team0: Port device team_slave_0 added [ 441.369942][ T8] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024 [ 441.370131][ T8] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 441.370366][ T8] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 441.415533][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.438687][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 441.446559][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 441.478720][ T7495] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 441.516144][ T7425] team0: Port device team_slave_1 added [ 441.616682][ T7497] loop2: detected capacity change from 0 to 512 [ 441.637043][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 441.646869][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 441.671593][ T7497] EXT4-fs (loop2): filesystem is read-only [ 441.746720][ T7497] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 441.792942][ T7497] EXT4-fs (loop2): filesystem is read-only [ 441.799846][ T7497] EXT4-fs (loop2): orphan cleanup on readonly fs [ 441.815443][ T7497] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.608: bg 0: block 64: padding at end of block bitmap is not set [ 441.863287][ T7497] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 441.889974][ T8] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input7 [ 441.903337][ T7497] EXT4-fs (loop2): 1 orphan inode deleted [ 441.915006][ T7497] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 442.107049][ T7365] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 442.117846][ T7365] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 442.280149][ T7501] bridge0: entered allmulticast mode [ 442.371664][ T7425] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 442.379101][ T7425] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 442.409201][ T7425] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 442.430077][ T7425] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 442.437538][ T7425] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 442.464205][ T7425] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 442.606172][ T6087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.781159][ T5190] Bluetooth: hci0: command tx timeout [ 442.976190][ T44] usb 4-1: USB disconnect, device number 6 [ 442.976207][ C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19 [ 442.976412][ C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19 [ 443.007199][ T44] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19 [ 443.133226][ T7425] hsr_slave_0: entered promiscuous mode [ 443.149229][ T7425] hsr_slave_1: entered promiscuous mode [ 443.881294][ T7365] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 444.014547][ T7517] loop1: detected capacity change from 0 to 64 [ 444.281772][ T7521] netlink: 12 bytes leftover after parsing attributes in process `syz.3.616'. [ 444.583217][ T7425] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 444.721696][ T7425] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 444.753505][ T7527] loop2: detected capacity change from 0 to 512 [ 444.779545][ T7425] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 444.821661][ T7425] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 444.886364][ T7527] EXT4-fs error (device loop2): ext4_orphan_get:1388: inode #15: comm syz.2.618: casefold flag without casefold feature [ 444.961658][ T7527] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.618: couldn't read orphan inode 15 (err -117) [ 445.014609][ T7527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 445.906092][ T6087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 446.041558][ T7425] 8021q: adding VLAN 0 to HW filter on device bond0 [ 446.212862][ T7365] veth0_vlan: entered promiscuous mode [ 446.242715][ T7425] 8021q: adding VLAN 0 to HW filter on device team0 [ 446.287251][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 446.295075][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 446.389801][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 446.397695][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 446.421474][ T7365] veth1_vlan: entered promiscuous mode [ 446.787150][ T44] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 446.853266][ T7365] veth0_macvtap: entered promiscuous mode [ 446.929985][ T7365] veth1_macvtap: entered promiscuous mode [ 447.018262][ T44] usb 4-1: config index 0 descriptor too short (expected 45, got 36) [ 447.028133][ T44] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 447.040995][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 447.052381][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 447.064041][ T44] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 447.077668][ T44] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 447.087197][ T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 447.128582][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.140638][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.152385][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.165401][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.175672][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 447.186456][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.204446][ T7365] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 447.253005][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 447.263905][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.274122][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 447.284919][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.295426][ T7365] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 447.309428][ T7365] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 447.325635][ T7365] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 447.365885][ T44] usb 4-1: config 0 descriptor?? [ 447.380019][ T7552] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 447.783986][ T7365] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.794192][ T7365] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.803769][ T7365] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.816805][ T7365] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.880204][ T44] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xd [ 447.954851][ T44] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 447.999566][ T44] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 448.227620][ T44] usb 4-1: USB disconnect, device number 7 [ 448.478158][ T7425] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 448.560430][ T5239] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 448.786938][ T5239] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 448.798690][ T5239] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 448.809009][ T5239] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice= 0.00 [ 448.818443][ T5239] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 448.997969][ T7425] veth0_vlan: entered promiscuous mode [ 449.028836][ T5239] usb 2-1: config 0 descriptor?? [ 449.148891][ T7425] veth1_vlan: entered promiscuous mode [ 449.425486][ T7425] veth0_macvtap: entered promiscuous mode [ 449.493117][ T7425] veth1_macvtap: entered promiscuous mode [ 449.564673][ T5239] appleir 0003:05AC:8243.0007: report_id 0 is invalid [ 449.571876][ T5239] appleir 0003:05AC:8243.0007: item 0 0 1 8 parsing failed [ 449.598212][ T5239] appleir 0003:05AC:8243.0007: parse failed [ 449.604941][ T5239] appleir 0003:05AC:8243.0007: probe with driver appleir failed with error -22 [ 449.671773][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 449.682906][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.693150][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 449.704003][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.714267][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 449.725104][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.735392][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 449.746649][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.764954][ T7425] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 449.813541][ T1821] usb 2-1: USB disconnect, device number 8 [ 449.925889][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 449.937938][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.948451][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 449.959555][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.971663][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 449.983205][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.993439][ T7425] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 450.004344][ T7425] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 450.007281][ T7572] loop3: detected capacity change from 0 to 256 [ 450.019212][ T7425] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 450.089747][ T7572] FAT-fs (loop3): bogus sectors per cluster 30 [ 450.096566][ T7572] FAT-fs (loop3): Can't find a valid FAT filesystem [ 450.161868][ T7425] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.176099][ T7425] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.186945][ T7425] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 450.196221][ T7425] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 451.258599][ T7584] tun0: tun_chr_ioctl cmd 1074025675 [ 451.265261][ T7584] tun0: persist enabled [ 451.487741][ T7584] tun0: tun_chr_ioctl cmd 1074025675 [ 451.494620][ T7584] tun0: persist enabled [ 454.378447][ T7609] loop1: detected capacity change from 0 to 128 [ 455.413698][ T2920] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.421787][ T2920] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 455.534135][ T2959] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 455.543048][ T2959] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 458.324103][ T5182] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 458.337664][ T5182] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 458.351892][ T5182] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 458.407277][ T5182] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 458.431601][ T5182] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 458.441522][ T5182] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 458.826663][ T7635] loop1: detected capacity change from 0 to 4096 [ 458.861875][ T7635] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 458.939950][ T29] audit: type=1326 audit(1727306915.181:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7645 comm="syz.3.651" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb721f7def9 code=0x0 [ 459.143297][ T1275] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.382381][ T1275] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.609552][ T3968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 459.617892][ T3968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 459.809762][ T1275] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 459.877565][ T7643] chnl_net:caif_netlink_parms(): no params data found [ 459.937339][ T1275] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 460.025339][ T1104] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 460.033832][ T1104] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 460.260368][ T1275] bridge_slave_1: left allmulticast mode [ 460.266549][ T1275] bridge_slave_1: left promiscuous mode [ 460.274057][ T1275] bridge0: port 2(bridge_slave_1) entered disabled state [ 460.405614][ T1275] bridge_slave_0: left allmulticast mode [ 460.417221][ T1275] bridge_slave_0: left promiscuous mode [ 460.424162][ T1275] bridge0: port 1(bridge_slave_0) entered disabled state [ 460.674092][ T5182] Bluetooth: hci4: command tx timeout [ 461.037161][ T1275] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 461.186918][ T1275] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 461.203843][ T1275] bond0 (unregistering): Released all slaves [ 461.207605][ T7679] loop1: detected capacity change from 0 to 128 [ 461.236467][ T7679] befs: (loop1): cannot parse mount options [ 461.359052][ T7680] netlink: 'syz.4.660': attribute type 4 has an invalid length. [ 462.001283][ T1275] hsr_slave_0: left promiscuous mode [ 462.017236][ T1275] hsr_slave_1: left promiscuous mode [ 462.032640][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 462.040522][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 462.059892][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 462.067771][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 462.085920][ T1275] veth1_macvtap: left promiscuous mode [ 462.091732][ T1275] veth0_macvtap: left promiscuous mode [ 462.098527][ T1275] veth1_vlan: left promiscuous mode [ 462.104601][ T1275] veth0_vlan: left promiscuous mode [ 462.678595][ T1275] team0 (unregistering): Port device team_slave_1 removed [ 462.727982][ T1275] team0 (unregistering): Port device team_slave_0 removed [ 462.742420][ T5182] Bluetooth: hci4: command tx timeout [ 463.356799][ T7643] bridge0: port 1(bridge_slave_0) entered blocking state [ 463.364867][ T7643] bridge0: port 1(bridge_slave_0) entered disabled state [ 463.372878][ T7643] bridge_slave_0: entered allmulticast mode [ 463.391289][ T7643] bridge_slave_0: entered promiscuous mode [ 463.416868][ T7689] loop4: detected capacity change from 0 to 128 [ 463.436097][ T7643] bridge0: port 2(bridge_slave_1) entered blocking state [ 463.444163][ T7643] bridge0: port 2(bridge_slave_1) entered disabled state [ 463.452907][ T7643] bridge_slave_1: entered allmulticast mode [ 463.462126][ T7643] bridge_slave_1: entered promiscuous mode [ 463.522492][ T7689] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978) [ 463.570046][ T7689] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none. [ 463.653525][ T7689] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #2: comm syz.4.664: No space for directory leaf checksum. Please run e2fsck -D. [ 463.669410][ T7689] EXT4-fs error (device loop4): __ext4_find_entry:1652: inode #2: comm syz.4.664: checksumming directory block 0 [ 463.751212][ T7643] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 463.765194][ T5190] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 463.775617][ T5190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 463.775815][ T7643] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 463.785229][ T5190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 463.796467][ T5190] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 463.821045][ T5190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 463.835080][ T5190] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 464.041598][ T7365] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 464.153965][ T7643] team0: Port device team_slave_0 added [ 464.170842][ T7643] team0: Port device team_slave_1 added [ 464.324532][ T1275] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 464.445710][ T5239] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 464.493197][ T1275] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 464.555684][ T7643] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 464.563129][ T7643] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 464.590304][ T7643] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 464.613351][ T7643] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 464.620540][ T7643] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 464.647083][ T7643] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 464.656716][ T5239] usb 4-1: Using ep0 maxpacket: 16 [ 464.669553][ T5239] usb 4-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 464.680097][ T5239] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.712183][ T5239] usb 4-1: config 0 descriptor?? [ 464.782898][ T5239] usb 4-1: invalid MIDI EP [ 464.787633][ T5239] usb 4-1: snd-bcd2000: error during probing [ 464.795830][ T5239] snd-bcd2000 4-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 464.839380][ T5190] Bluetooth: hci4: command tx timeout [ 464.898311][ T1275] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 464.925747][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.932744][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 465.210090][ T1275] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.336135][ T5238] usb 4-1: USB disconnect, device number 8 [ 465.371072][ T7643] hsr_slave_0: entered promiscuous mode [ 465.380833][ T7643] hsr_slave_1: entered promiscuous mode [ 465.389549][ T7643] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 465.397506][ T7643] Cannot create hsr debugfs directory [ 465.864543][ T5190] Bluetooth: hci0: command tx timeout [ 466.018277][ T1275] bridge_slave_1: left allmulticast mode [ 466.024459][ T1275] bridge_slave_1: left promiscuous mode [ 466.031057][ T1275] bridge0: port 2(bridge_slave_1) entered disabled state [ 466.062887][ T1275] bridge_slave_0: left allmulticast mode [ 466.068797][ T1275] bridge_slave_0: left promiscuous mode [ 466.075650][ T1275] bridge0: port 1(bridge_slave_0) entered disabled state [ 466.556313][ T1275] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 466.648511][ T1275] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 466.694699][ T1275] bond0 (unregistering): Released all slaves [ 466.822668][ T7697] chnl_net:caif_netlink_parms(): no params data found [ 466.906827][ T5190] Bluetooth: hci4: command tx timeout [ 467.068787][ T5182] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 467.084074][ T5182] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 467.098887][ T5182] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 467.113033][ T5182] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 467.148078][ T5182] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 467.161774][ T5182] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 467.524129][ T7730] Bluetooth: MGMT ver 1.23 [ 467.528853][ T7730] Bluetooth: hci3: service_discovery: too big uuid_count value 65535 [ 467.935147][ T1275] hsr_slave_0: left promiscuous mode [ 467.948101][ T5182] Bluetooth: hci0: command tx timeout [ 467.976421][ T1275] hsr_slave_1: left promiscuous mode [ 468.041903][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 468.043993][ T7738] loop4: detected capacity change from 0 to 2048 [ 468.050537][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 468.075829][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 468.083935][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 468.128559][ T1275] veth1_macvtap: left promiscuous mode [ 468.134650][ T1275] veth0_macvtap: left promiscuous mode [ 468.140558][ T1275] veth1_vlan: left promiscuous mode [ 468.146772][ T1275] veth0_vlan: left promiscuous mode [ 468.429864][ T7743] loop3: detected capacity change from 0 to 16 [ 468.523045][ T7743] erofs: (device loop3): mounted with root inode @ nid 36. [ 468.585786][ T7738] UDF-fs: warning (device loop4): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 16384 lbcount: 19968 extent 65+15872 [ 468.602428][ T7738] UDF-fs: error (device loop4): udf_truncate_tail_extent: Extent after EOF in inode 1367 [ 468.989595][ T1275] team0 (unregistering): Port device team_slave_1 removed [ 469.027169][ T1275] team0 (unregistering): Port device team_slave_0 removed [ 469.243830][ T5182] Bluetooth: hci1: command tx timeout [ 469.450809][ T44] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 469.549442][ T7643] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 469.652454][ T44] usb 5-1: Using ep0 maxpacket: 8 [ 469.683843][ T7643] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 469.689913][ T44] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 469.703184][ T44] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 469.712972][ T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 469.734277][ T44] usb 5-1: config 0 descriptor?? [ 469.812295][ T7752] netlink: 'syz.3.687': attribute type 1 has an invalid length. [ 469.820859][ T7697] bridge0: port 1(bridge_slave_0) entered blocking state [ 469.830186][ T7697] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.838144][ T7697] bridge_slave_0: entered allmulticast mode [ 469.852619][ T44] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 469.866165][ T7697] bridge_slave_0: entered promiscuous mode [ 469.929663][ T7643] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 470.027277][ T5182] Bluetooth: hci0: command tx timeout [ 470.027292][ T7697] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.027770][ T7697] bridge0: port 2(bridge_slave_1) entered disabled state [ 470.050126][ T7697] bridge_slave_1: entered allmulticast mode [ 470.059259][ T7697] bridge_slave_1: entered promiscuous mode [ 470.241306][ T7697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 470.251044][ T7643] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 470.313148][ T7725] chnl_net:caif_netlink_parms(): no params data found [ 470.348405][ T7697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 470.626408][ T1275] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.670739][ T7759] loop3: detected capacity change from 0 to 64 [ 470.714019][ T7697] team0: Port device team_slave_0 added [ 470.730592][ T7697] team0: Port device team_slave_1 added [ 470.834116][ T1275] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 470.971292][ T1275] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.033614][ T44] gspca_vc032x: reg_r err -71 [ 471.036471][ T7697] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 471.038781][ T44] vc032x 5-1:0.0: probe with driver vc032x failed with error -71 [ 471.045627][ T7697] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 471.067081][ T44] usb 5-1: USB disconnect, device number 5 [ 471.079561][ C0] vkms_vblank_simulate: vblank timer overrun [ 471.080807][ T7697] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 471.190817][ T1275] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 471.219930][ T7697] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 471.232956][ T7697] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 471.262682][ T7697] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 471.308239][ T5182] Bluetooth: hci1: command tx timeout [ 471.560348][ T7697] hsr_slave_0: entered promiscuous mode [ 471.581834][ T7697] hsr_slave_1: entered promiscuous mode [ 471.889290][ T7768] loop3: detected capacity change from 0 to 512 [ 471.893120][ T1275] bridge_slave_1: left allmulticast mode [ 471.901574][ T1275] bridge_slave_1: left promiscuous mode [ 471.908600][ T1275] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.941367][ T1275] bridge_slave_0: left allmulticast mode [ 471.942649][ T7768] EXT4-fs: journaled quota format not specified [ 471.947461][ T1275] bridge_slave_0: left promiscuous mode [ 471.960480][ T1275] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.964892][ T7770] loop4: detected capacity change from 0 to 256 [ 471.990331][ T7770] exfat: Deprecated parameter 'namecase' [ 471.996785][ T7770] exfat: Deprecated parameter 'utf8' [ 472.104383][ T5182] Bluetooth: hci0: command tx timeout [ 472.117964][ T7770] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 472.431495][ T1275] bridge0 (unregistering): left allmulticast mode [ 472.590661][ T1275] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 472.714705][ T1275] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 472.745590][ T1275] bond0 (unregistering): Released all slaves [ 473.036092][ T7725] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.046020][ T7725] bridge0: port 1(bridge_slave_0) entered disabled state [ 473.054123][ T7725] bridge_slave_0: entered allmulticast mode [ 473.063574][ T7725] bridge_slave_0: entered promiscuous mode [ 473.090853][ T7725] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.099238][ T7725] bridge0: port 2(bridge_slave_1) entered disabled state [ 473.112429][ T7725] bridge_slave_1: entered allmulticast mode [ 473.121512][ T7725] bridge_slave_1: entered promiscuous mode [ 473.390786][ T5182] Bluetooth: hci1: command tx timeout [ 473.491479][ T7725] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 473.543280][ T7725] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 473.607704][ T7792] netlink: 16 bytes leftover after parsing attributes in process `syz.4.702'. [ 473.713141][ T7792] netlink: 16 bytes leftover after parsing attributes in process `syz.4.702'. [ 473.800793][ T7643] 8021q: adding VLAN 0 to HW filter on device bond0 [ 473.857253][ T1275] hsr_slave_0: left promiscuous mode [ 473.884099][ T1275] hsr_slave_1: left promiscuous mode [ 473.893861][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 473.901655][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 473.930629][ T1275] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 473.938507][ T1275] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 473.996995][ T1275] veth1_macvtap: left promiscuous mode [ 474.003641][ T1275] veth0_macvtap: left promiscuous mode [ 474.009550][ T1275] veth1_vlan: left promiscuous mode [ 474.015656][ T1275] veth0_vlan: left promiscuous mode [ 474.276867][ T7795] loop4: detected capacity change from 0 to 2048 [ 474.299131][ T7795] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 474.347059][ T7795] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 474.797767][ T1275] team0 (unregistering): Port device team_slave_1 removed [ 474.843973][ T1275] team0 (unregistering): Port device team_slave_0 removed [ 475.242305][ T7643] 8021q: adding VLAN 0 to HW filter on device team0 [ 475.312675][ T2920] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.320356][ T2920] bridge0: port 1(bridge_slave_0) entered forwarding state [ 475.341213][ T7725] team0: Port device team_slave_0 added [ 475.401205][ T7725] team0: Port device team_slave_1 added [ 475.420308][ T2959] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.428111][ T2959] bridge0: port 2(bridge_slave_1) entered forwarding state [ 475.484920][ T5182] Bluetooth: hci1: command tx timeout [ 475.611824][ T7808] netlink: 'syz.3.710': attribute type 2 has an invalid length. [ 475.620015][ T7808] netlink: 'syz.3.710': attribute type 1 has an invalid length. [ 475.841859][ T7725] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 475.850922][ T7725] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 475.877150][ C0] vkms_vblank_simulate: vblank timer overrun [ 475.885202][ T7725] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 476.298348][ T7725] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 476.305899][ T7725] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 476.332008][ C0] vkms_vblank_simulate: vblank timer overrun [ 476.338513][ T7725] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 477.180562][ T7697] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 477.259830][ T7725] hsr_slave_0: entered promiscuous mode [ 477.319486][ T7725] hsr_slave_1: entered promiscuous mode [ 477.360878][ T7725] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 477.369008][ T7725] Cannot create hsr debugfs directory [ 477.384218][ T7697] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 477.511052][ T7697] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 477.706012][ T7697] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 477.960855][ T7814] loop3: detected capacity change from 0 to 32768 [ 478.828501][ T7643] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 479.076407][ T7725] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 479.144241][ T7725] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 479.198283][ T7725] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 479.305084][ T7697] 8021q: adding VLAN 0 to HW filter on device bond0 [ 479.317120][ T7725] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 479.512951][ T7697] 8021q: adding VLAN 0 to HW filter on device team0 [ 479.528851][ T7643] veth0_vlan: entered promiscuous mode [ 479.582604][ T2959] bridge0: port 1(bridge_slave_0) entered blocking state [ 479.590387][ T2959] bridge0: port 1(bridge_slave_0) entered forwarding state [ 479.669732][ T7643] veth1_vlan: entered promiscuous mode [ 479.722310][ T2959] bridge0: port 2(bridge_slave_1) entered blocking state [ 479.730075][ T2959] bridge0: port 2(bridge_slave_1) entered forwarding state [ 480.275705][ T7643] veth0_macvtap: entered promiscuous mode [ 480.363352][ T7643] veth1_macvtap: entered promiscuous mode [ 480.492556][ T7643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.504675][ T7643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.515305][ T7643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 480.526179][ T7643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.541542][ T7643] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 480.628125][ T7643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.639405][ T7643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.650256][ T7643] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 480.661121][ T7643] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 480.673198][ T5262] usb 4-1: new full-speed USB device number 9 using dummy_hcd [ 480.676365][ T7643] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 480.820509][ T7643] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.830063][ T7643] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.840280][ T7643] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.852687][ T7643] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 480.895522][ T7725] 8021q: adding VLAN 0 to HW filter on device bond0 [ 480.978626][ T5262] usb 4-1: config 0 has no interfaces? [ 481.013437][ T5262] usb 4-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d [ 481.023320][ T5262] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.031620][ T5262] usb 4-1: Product: syz [ 481.036510][ T5262] usb 4-1: Manufacturer: syz [ 481.041365][ T5262] usb 4-1: SerialNumber: syz [ 481.127458][ T7725] 8021q: adding VLAN 0 to HW filter on device team0 [ 481.174696][ T5262] usb 4-1: config 0 descriptor?? [ 481.227391][ T2920] bridge0: port 1(bridge_slave_0) entered blocking state [ 481.235195][ T2920] bridge0: port 1(bridge_slave_0) entered forwarding state [ 481.343707][ T2920] bridge0: port 2(bridge_slave_1) entered blocking state [ 481.351378][ T2920] bridge0: port 2(bridge_slave_1) entered forwarding state [ 481.655708][ T7837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 481.713892][ T7837] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 481.748190][ T5262] usb 4-1: USB disconnect, device number 9 [ 481.872539][ T7697] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 482.061252][ T7697] veth0_vlan: entered promiscuous mode [ 482.111318][ T7697] veth1_vlan: entered promiscuous mode [ 482.283804][ T7697] veth0_macvtap: entered promiscuous mode [ 482.334104][ T7697] veth1_macvtap: entered promiscuous mode [ 482.352882][ T5190] Bluetooth: hci2: command 0x0406 tx timeout [ 482.386025][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 482.397190][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.407413][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 482.418274][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.429599][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 482.440977][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.456576][ T7697] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 482.526638][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.538626][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.549450][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.564135][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.574319][ T7697] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 482.585457][ T7697] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 482.604262][ T7697] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 482.625253][ T7697] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.636533][ T7697] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.649517][ T7697] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 482.665552][ T7697] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 483.787330][ T7725] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 484.406945][ T7725] veth0_vlan: entered promiscuous mode [ 484.550244][ T7725] veth1_vlan: entered promiscuous mode [ 484.876341][ T7725] veth0_macvtap: entered promiscuous mode [ 484.941023][ T7725] veth1_macvtap: entered promiscuous mode [ 485.024696][ T5262] kernel read not supported for file /usbmon7 (pid: 5262 comm: kworker/1:5) [ 485.109292][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.121829][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.135750][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.148681][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.162195][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.173080][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.185125][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 485.197993][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.214101][ T7725] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 485.353836][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.365980][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.377646][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.388503][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.400232][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.413244][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.431716][ T7725] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 485.442989][ T7725] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 485.458265][ T7725] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 485.570643][ T7725] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.582202][ T7725] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.592343][ T7725] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.603252][ T7725] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 485.895489][ C0] ===================================================== [ 485.902994][ C0] BUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 485.911191][ C0] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 485.917109][ C0] nf_send_reset6+0xd84/0x15b0 [ 485.922161][ C0] nft_reject_inet_eval+0x3c1/0x880 [ 485.927645][ C0] nft_do_chain+0x426/0x2290 [ 485.932695][ C0] nft_do_chain_inet+0x41a/0x4f0 [ 485.937934][ C0] nf_hook_slow+0xf4/0x400 [ 485.942698][ C0] ipv6_rcv+0x29b/0x390 [ 485.947118][ C0] __netif_receive_skb+0x1da/0xa00 [ 485.952528][ C0] process_backlog+0x4ad/0xa50 [ 485.957516][ C0] __napi_poll+0xe7/0x980 [ 485.962136][ C0] net_rx_action+0xa5a/0x19b0 [ 485.967002][ C0] handle_softirqs+0x1a0/0x7c0 [ 485.972066][ C0] __do_softirq+0x14/0x1a [ 485.976653][ C0] do_softirq+0x9a/0x100 [ 485.981107][ C0] __local_bh_enable_ip+0x9f/0xb0 [ 485.986429][ C0] __dev_queue_xmit+0x26f8/0x55e0 [ 485.991750][ C0] neigh_resolve_output+0x9ca/0xae0 [ 485.997645][ C0] ip6_finish_output2+0x2347/0x2ba0 [ 486.003124][ C0] ip6_finish_output+0xbb8/0x14b0 [ 486.008390][ C0] ip6_output+0x356/0x620 [ 486.012998][ C0] ip6_xmit+0x1ba6/0x25d0 [ 486.017523][ C0] inet6_csk_xmit+0x442/0x530 [ 486.022449][ C0] __tcp_transmit_skb+0x3b07/0x4880 [ 486.027926][ C0] tcp_connect+0x5b37/0x7200 [ 486.032789][ C0] tcp_v6_connect+0x1bcc/0x1e40 [ 486.038261][ C0] __inet_stream_connect+0x2ef/0x1730 [ 486.044169][ C0] tcp_sendmsg_fastopen+0x76f/0x950 [ 486.049573][ C0] tcp_sendmsg_locked+0x863/0x6eb0 [ 486.054953][ C0] tcp_sendmsg+0x49/0x90 [ 486.059505][ C0] inet6_sendmsg+0x142/0x280 [ 486.064346][ C0] __sock_sendmsg+0x143/0x380 [ 486.069216][ C0] __sys_sendto+0x645/0x7f0 [ 486.074019][ C0] __x64_sys_sendto+0x125/0x1d0 [ 486.079505][ C0] x64_sys_call+0x3373/0x3ba0 [ 486.084486][ C0] do_syscall_64+0xcd/0x1e0 [ 486.089160][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.095387][ C0] [ 486.097813][ C0] Uninit was stored to memory at: [ 486.103168][ C0] nf_reject_ip6_tcphdr_put+0x60c/0x6c0 [ 486.108983][ C0] nf_send_reset6+0xd84/0x15b0 [ 486.114020][ C0] nft_reject_inet_eval+0x3c1/0x880 [ 486.119473][ C0] nft_do_chain+0x426/0x2290 [ 486.124376][ C0] nft_do_chain_inet+0x41a/0x4f0 [ 486.129616][ C0] nf_hook_slow+0xf4/0x400 [ 486.134397][ C0] ipv6_rcv+0x29b/0x390 [ 486.138826][ C0] __netif_receive_skb+0x1da/0xa00 [ 486.144264][ C0] process_backlog+0x4ad/0xa50 [ 486.149219][ C0] __napi_poll+0xe7/0x980 [ 486.153897][ C0] net_rx_action+0xa5a/0x19b0 [ 486.158794][ C0] handle_softirqs+0x1a0/0x7c0 [ 486.163882][ C0] __do_softirq+0x14/0x1a [ 486.168421][ C0] [ 486.170841][ C0] Uninit was stored to memory at: [ 486.176266][ C0] nf_reject_ip6_tcphdr_put+0x2ca/0x6c0 [ 486.182188][ C0] nf_send_reset6+0xd84/0x15b0 [ 486.187172][ C0] nft_reject_inet_eval+0x3c1/0x880 [ 486.192701][ C0] nft_do_chain+0x426/0x2290 [ 486.197500][ C0] nft_do_chain_inet+0x41a/0x4f0 [ 486.202730][ C0] nf_hook_slow+0xf4/0x400 [ 486.207473][ C0] ipv6_rcv+0x29b/0x390 [ 486.211825][ C0] __netif_receive_skb+0x1da/0xa00 [ 486.217231][ C0] process_backlog+0x4ad/0xa50 [ 486.222239][ C0] __napi_poll+0xe7/0x980 [ 486.226841][ C0] net_rx_action+0xa5a/0x19b0 [ 486.231683][ C0] handle_softirqs+0x1a0/0x7c0 [ 486.236741][ C0] __do_softirq+0x14/0x1a [ 486.241314][ C0] [ 486.243814][ C0] Uninit was created at: [ 486.248334][ C0] kmem_cache_alloc_node_noprof+0x6bf/0xb80 [ 486.254558][ C0] kmalloc_reserve+0x13d/0x4a0 [ 486.259595][ C0] __alloc_skb+0x363/0x7b0 [ 486.264271][ C0] nf_send_reset6+0x98d/0x15b0 [ 486.269240][ C0] nft_reject_inet_eval+0x3c1/0x880 [ 486.274771][ C0] nft_do_chain+0x426/0x2290 [ 486.279668][ C0] nft_do_chain_inet+0x41a/0x4f0 [ 486.284905][ C0] nf_hook_slow+0xf4/0x400 [ 486.289614][ C0] ipv6_rcv+0x29b/0x390 [ 486.294044][ C0] __netif_receive_skb+0x1da/0xa00 [ 486.299405][ C0] process_backlog+0x4ad/0xa50 [ 486.304452][ C0] __napi_poll+0xe7/0x980 [ 486.309397][ C0] net_rx_action+0xa5a/0x19b0 [ 486.314442][ C0] handle_softirqs+0x1a0/0x7c0 [ 486.319437][ C0] __do_softirq+0x14/0x1a [ 486.324172][ C0] [ 486.326609][ C0] CPU: 0 UID: 0 PID: 7899 Comm: syz.3.730 Not tainted 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 486.337156][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 486.348372][ C0] ===================================================== [ 486.355530][ C0] Disabling lock debugging due to kernel taint [ 486.361889][ C0] Kernel panic - not syncing: kmsan.panic set ... [ 486.368473][ C0] CPU: 0 UID: 0 PID: 7899 Comm: syz.3.730 Tainted: G B 6.11.0-syzkaller-10622-gaa486552a110 #0 [ 486.381486][ C0] Tainted: [B]=BAD_PAGE [ 486.385857][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 486.396171][ C0] Call Trace: [ 486.399592][ C0] [ 486.402553][ C0] dump_stack_lvl+0x216/0x2d0 [ 486.407465][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.413541][ C0] dump_stack+0x1e/0x30 [ 486.417881][ C0] panic+0x4e2/0xcf0 [ 486.422020][ C0] ? kmsan_get_metadata+0xd1/0x1c0 [ 486.427395][ C0] kmsan_report+0x2c7/0x2d0 [ 486.432133][ C0] ? kmsan_internal_chain_origin+0x20/0xd0 [ 486.438355][ C0] ? x64_sys_call+0x3373/0x3ba0 [ 486.443606][ C0] ? __msan_warning+0x95/0x120 [ 486.448873][ C0] ? nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 486.455276][ C0] ? nf_send_reset6+0xd84/0x15b0 [ 486.460456][ C0] ? nft_reject_inet_eval+0x3c1/0x880 [ 486.466232][ C0] ? nft_do_chain+0x426/0x2290 [ 486.471212][ C0] ? nft_do_chain_inet+0x41a/0x4f0 [ 486.476560][ C0] ? nf_hook_slow+0xf4/0x400 [ 486.481563][ C0] ? ipv6_rcv+0x29b/0x390 [ 486.486131][ C0] ? __netif_receive_skb+0x1da/0xa00 [ 486.491663][ C0] ? process_backlog+0x4ad/0xa50 [ 486.496776][ C0] ? __napi_poll+0xe7/0x980 [ 486.501500][ C0] ? net_rx_action+0xa5a/0x19b0 [ 486.506541][ C0] ? handle_softirqs+0x1a0/0x7c0 [ 486.511703][ C0] ? __do_softirq+0x14/0x1a [ 486.516422][ C0] ? do_softirq+0x9a/0x100 [ 486.521056][ C0] ? __local_bh_enable_ip+0x9f/0xb0 [ 486.526470][ C0] ? __dev_queue_xmit+0x26f8/0x55e0 [ 486.531907][ C0] ? neigh_resolve_output+0x9ca/0xae0 [ 486.537514][ C0] ? ip6_finish_output2+0x2347/0x2ba0 [ 486.543110][ C0] ? ip6_finish_output+0xbb8/0x14b0 [ 486.548502][ C0] ? ip6_output+0x356/0x620 [ 486.553193][ C0] ? ip6_xmit+0x1ba6/0x25d0 [ 486.557880][ C0] ? inet6_csk_xmit+0x442/0x530 [ 486.562908][ C0] ? __tcp_transmit_skb+0x3b07/0x4880 [ 486.568506][ C0] ? tcp_connect+0x5b37/0x7200 [ 486.573478][ C0] ? tcp_v6_connect+0x1bcc/0x1e40 [ 486.578792][ C0] ? __inet_stream_connect+0x2ef/0x1730 [ 486.584560][ C0] ? tcp_sendmsg_fastopen+0x76f/0x950 [ 486.590130][ C0] ? tcp_sendmsg_locked+0x863/0x6eb0 [ 486.595602][ C0] ? tcp_sendmsg+0x49/0x90 [ 486.600373][ C0] ? inet6_sendmsg+0x142/0x280 [ 486.605328][ C0] ? __sock_sendmsg+0x143/0x380 [ 486.611340][ C0] ? __sys_sendto+0x645/0x7f0 [ 486.616261][ C0] ? __x64_sys_sendto+0x125/0x1d0 [ 486.621517][ C0] ? x64_sys_call+0x3373/0x3ba0 [ 486.626601][ C0] ? do_syscall_64+0xcd/0x1e0 [ 486.631740][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.638049][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.644357][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.650157][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.655599][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.661674][ C0] ? csum_partial+0x45e/0x4b0 [ 486.666609][ C0] __msan_warning+0x95/0x120 [ 486.671428][ C0] nf_reject_ip6_tcphdr_put+0x688/0x6c0 [ 486.677243][ C0] nf_send_reset6+0xd84/0x15b0 [ 486.682271][ C0] nft_reject_inet_eval+0x3c1/0x880 [ 486.687700][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.693142][ C0] ? __pfx_nft_reject_inet_eval+0x10/0x10 [ 486.699099][ C0] nft_do_chain+0x426/0x2290 [ 486.703911][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.709359][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.714826][ C0] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 486.721400][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.727020][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.733079][ C0] nft_do_chain_inet+0x41a/0x4f0 [ 486.738251][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 486.743977][ C0] nf_hook_slow+0xf4/0x400 [ 486.748714][ C0] ipv6_rcv+0x29b/0x390 [ 486.753093][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 486.758531][ C0] __netif_receive_skb+0x1da/0xa00 [ 486.763885][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.769408][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.775490][ C0] process_backlog+0x4ad/0xa50 [ 486.780473][ C0] ? __pfx_process_backlog+0x10/0x10 [ 486.785962][ C0] __napi_poll+0xe7/0x980 [ 486.790616][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.796088][ C0] net_rx_action+0xa5a/0x19b0 [ 486.800969][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.806555][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.812012][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.818192][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 486.823510][ C0] handle_softirqs+0x1a0/0x7c0 [ 486.828557][ C0] __do_softirq+0x14/0x1a [ 486.833156][ C0] do_softirq+0x9a/0x100 [ 486.837651][ C0] [ 486.840720][ C0] [ 486.843780][ C0] __local_bh_enable_ip+0x9f/0xb0 [ 486.849123][ C0] __dev_queue_xmit+0x26f8/0x55e0 [ 486.854396][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.860806][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.866256][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.872353][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 486.877880][ C0] ? __dev_queue_xmit+0x352/0x55e0 [ 486.883407][ C0] ? kmsan_internal_memmove_metadata+0x91/0x230 [ 486.889924][ C0] neigh_resolve_output+0x9ca/0xae0 [ 486.895566][ C0] ? __pfx_eth_header+0x10/0x10 [ 486.900638][ C0] ? __pfx_neigh_resolve_output+0x10/0x10 [ 486.906667][ C0] ip6_finish_output2+0x2347/0x2ba0 [ 486.912516][ C0] ip6_finish_output+0xbb8/0x14b0 [ 486.917887][ C0] ip6_output+0x356/0x620 [ 486.922455][ C0] ? __pfx_ip6_finish_output+0x10/0x10 [ 486.928132][ C0] ? __pfx_ip6_output+0x10/0x10 [ 486.933389][ C0] ? __pfx_ip6_output+0x10/0x10 [ 486.938427][ C0] ip6_xmit+0x1ba6/0x25d0 [ 486.942965][ C0] ? __pfx_dst_output+0x10/0x10 [ 486.948037][ C0] inet6_csk_xmit+0x442/0x530 [ 486.952934][ C0] ? __pfx_inet6_csk_xmit+0x10/0x10 [ 486.958320][ C0] __tcp_transmit_skb+0x3b07/0x4880 [ 486.963765][ C0] ? __rcu_read_unlock+0x7b/0xe0 [ 486.969048][ C0] tcp_connect+0x5b37/0x7200 [ 486.973868][ C0] ? tcp_fastopen_defer_connect+0x65/0x430 [ 486.980008][ C0] tcp_v6_connect+0x1bcc/0x1e40 [ 486.985107][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 486.991180][ C0] ? __kmalloc_cache_noprof+0x45/0xb00 [ 486.996900][ C0] ? __pfx_tcp_v6_connect+0x10/0x10 [ 487.002315][ C0] __inet_stream_connect+0x2ef/0x1730 [ 487.007915][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 487.013980][ C0] ? __kmalloc_cache_noprof+0x543/0xb00 [ 487.019798][ C0] tcp_sendmsg_fastopen+0x76f/0x950 [ 487.025266][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 487.030741][ C0] tcp_sendmsg_locked+0x863/0x6eb0 [ 487.036065][ C0] ? __schedule+0x21b9/0x69c0 [ 487.040949][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 487.046387][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 487.052462][ C0] ? aa_label_sk_perm+0x677/0x7b0 [ 487.057697][ C0] ? filter_irq_stacks+0x60/0x1a0 [ 487.063038][ C0] ? tcp_sendmsg_locked+0x291/0x6eb0 [ 487.068523][ C0] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 487.075176][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 487.080630][ C0] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 487.087192][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 487.093274][ C0] ? _raw_spin_unlock_bh+0x2d/0x40 [ 487.098617][ C0] ? lock_sock_nested+0x1de/0x200 [ 487.103865][ C0] ? __pfx_tcp_sendmsg+0x10/0x10 [ 487.109002][ C0] tcp_sendmsg+0x49/0x90 [ 487.113434][ C0] ? __pfx_tcp_sendmsg+0x10/0x10 [ 487.118551][ C0] ? __pfx_tcp_sendmsg+0x10/0x10 [ 487.123692][ C0] inet6_sendmsg+0x142/0x280 [ 487.128486][ C0] ? __pfx_inet6_sendmsg+0x10/0x10 [ 487.134002][ C0] __sock_sendmsg+0x143/0x380 [ 487.138919][ C0] __sys_sendto+0x645/0x7f0 [ 487.143756][ C0] ? do_futex+0x341/0x4a0 [ 487.148484][ C0] ? kmsan_get_metadata+0x13e/0x1c0 [ 487.154071][ C0] __x64_sys_sendto+0x125/0x1d0 [ 487.159218][ C0] x64_sys_call+0x3373/0x3ba0 [ 487.164229][ C0] do_syscall_64+0xcd/0x1e0 [ 487.168929][ C0] ? clear_bhb_loop+0x25/0x80 [ 487.173931][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 487.180055][ C0] RIP: 0033:0x7fb721f7def9 [ 487.184633][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 487.204465][ C0] RSP: 002b:00007fb722cc4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 487.213096][ C0] RAX: ffffffffffffffda RBX: 00007fb722135f80 RCX: 00007fb721f7def9 [ 487.221246][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 487.229383][ C0] RBP: 00007fb721ff0b76 R08: 0000000020b63fe4 R09: 000000000000001c [ 487.237616][ C0] R10: 000000002200c851 R11: 0000000000000246 R12: 0000000000000000 [ 487.245759][ C0] R13: 0000000000000000 R14: 00007fb722135f80 R15: 00007ffdfda1ef58 [ 487.253930][ C0] [ 487.257220][ C0] Kernel Offset: disabled [ 487.261778][ C0] Rebooting in 86400 seconds..