last executing test programs: 6.953408223s ago: executing program 1 (id=1982): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=@report={0x4c, 0x20, 0x1, 0x70bd26, 0x25dfdbfe, {0x3c, {@in=@dev={0xac, 0x14, 0x14, 0x1e}, @in=@multicast2, 0x4e22, 0x8, 0x4e23, 0xc7, 0xa, 0x0, 0x20, 0xad}}}, 0x4c}}, 0x804) 6.703459728s ago: executing program 1 (id=1984): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) ioctl$RTC_ALM_SET(r0, 0x40247007, 0x0) 6.425434284s ago: executing program 1 (id=1988): r0 = socket(0x10, 0x3, 0x9) sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000013c0)={{0x14, 0x453, 0x1, 0x0, 0x0, {0x5}}, [], {0x14, 0x3f2}}, 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x40000) 6.232326988s ago: executing program 1 (id=1992): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x7}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xc, 0xc, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xaa9a}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x80000000}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 5.047623011s ago: executing program 1 (id=2006): r0 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffffffffffffb3, &(0x7f0000000040)=[{&(0x7f00000000c0)="1400000017000b63d25a8064000000000124fc60", 0x14}], 0x1}, 0x8c4) 4.953467893s ago: executing program 3 (id=2009): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000002700)=@raw={'raw\x00', 0x8, 0x3, 0x218, 0xc8, 0x8, 0xfa04, 0x0, 0x6c02, 0x180, 0x194, 0x194, 0x180, 0x194, 0x3, 0x0, {[{{@ip={@empty=0x1e00, @broadcast, 0x0, 0x0, 'veth0_to_hsr\x00', 'veth0_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0xa0, 0xc8, 0x0, {0x0, 0x74020000}, [@common=@inet=@tcp={{0x30}, {[], [], 0x0, 0x0, 0x80}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ip={@multicast2, @broadcast, 0x0, 0xffffffff, '\x00', 'tunl0\x00', {}, {0xff}, 0x0, 0x0, 0x23}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x278) 4.737518977s ago: executing program 3 (id=2012): r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x40201, 0x0) pwritev(r0, &(0x7f00000023c0)=[{&(0x7f0000000300)='o', 0x1}], 0x1, 0x6156, 0x5) 4.507905441s ago: executing program 3 (id=2015): syz_mount_image$squashfs(&(0x7f0000000940), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f00000009c0)=ANY=[], 0x1, 0x17d, &(0x7f0000000d80)="$eJzskL9OKkEUxr/ZXbhwi5tLYkUDiUaxUHYXNcZGS+x9AAmsSFz8w5IohGKNMRQWxtIn4DVMfAEtDLG2M6Eg1mbNzJ4dhmdwfsV+e77zzZk/x8FF8AfA93RQxx4EJv7hlTFYAAos9iZGrA+kb6T3seCFcvvk35Dmg17/pOb7Xqe4U0RuZkRiwZfwZCbYvTYwEZ3xdFDnP4cAoiiKuNcAPnMA1Iz5bomNkkzeAhbEJSKZ4QlerAAod9vn5aDXX2u1a02v6Z26bmXL3rDtTbd81PI9O/4yZQu6CriuAuDvlVX6KQC3lPlL/QSmHI36TF2bVt6wtIg5DGTlfzKD4UmuTfYxARxgGRkAlyGbueN4igVxpSoYTCocSzlfnMqIxnr9zG8MwcCSZSNYcobzgZQsXLWobIfJUYekS6RV0pHyjJxCet6wxIQ7qkphcsSOw4NXtW634wDp+M+Vnvs/hDKI7/pozF/u2YBGo9FoNBqNRqPR/HZ+AgAA//9ILXXp") openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) 4.369721595s ago: executing program 3 (id=2017): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp6\x00') lseek(r0, 0x1000000, 0x0) 4.201412808s ago: executing program 3 (id=2019): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x40) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x52, 0x0, 0x0) close(0xffffffffffffffff) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0xb, 0x2) ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r4, 0x40044103, &(0x7f0000000000)=0x1ff) r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x1, 0x50) write$FUSE_INIT(r5, &(0x7f0000004f00)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0x7, 0x1082c0, 0x5, 0x6, 0x8, 0x6, 0x0, 0x0, 0x10, 0x2}}, 0x50) sendmsg$NL80211_CMD_START_SCHED_SCAN(r5, 0x0, 0x0) 2.151875427s ago: executing program 1 (id=2035): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2000082, &(0x7f0000000a00)={[{@utf8no}, {@utf8no}, {@shortname_win95}, {@uni_xlateno}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'cp866'}}, {@utf8}, {@shortname_mixed}, {@fat=@check_strict}, {@uni_xlateno}, {@shortname_lower}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@shortname_mixed}]}, 0x25, 0x36e, &(0x7f0000000b00)="$eJzs3U2IW9UXAPCTvukkLf92svhD0VV0J0hpKyK66lAqFGehleDXxmBTPyaxkGBguphMNkpxpbgRdOWuC112LS5E3LlwawWpihu7G+jgkyQvX5PEmQEzVvz9FuVw7jm596aPeW+GzJ1X27F+5WhcvXv3ThQKuVg6f+F8bOeiGEciib6tmOn95dl5AOA+t52m8Xvat3f1h8cHkXs/APx79e7/r58YJfIHaL7xv0UsCQBYsH1+///szOy1hS0LAFig7f59f3T/f3hiePLH/LmlSCY+DHDsMJYIAPzNnn/p5WdW1yIul0qFiPp7rXKrHE+NxlevxptRi2qciZXYGTwo9J8Wuv8+fWnt4plS18/FKHc7WuWIertV7n96cDXp9efjbKxEMetPh/1Jt/9sr78UEVvt3vxRz7XKR+N4Nv8Px6Ma52Il/j/VH3Fp7eK5UvYC5fqgvx3RicJgE931n46V+O61uBa1uNJ74Bmtf/NsqXQhXZvob93M9+oAAAAAAAAAAAAAAAAAAAAAAGARTpeGisPzb9J6u/Xu5d0FxYnzccr94ex8oE7/fKA0Pzid50ay+3ygyfN5WuWlOPKP7hwAAAAAAAAAAAAAAAAAAADuH82N5ajUatXGINFoblxfr9Rq7UFQbTTf/ubzr45FNcssZZVvJdVhTWTJ6ljXxqBwlLmeRBasV9LCYK40majJgiRiULxVuXlruOLxmvxwF1Pt3SA/NZTL1lSp1U489NMns7r+6AZbvUwSjTmvnAW5bP6xofrJbqIQETvzuuYH5/aouZ2m6bz2zY93Z7KjGNoHXsY+gq/vvPHAY81Tj/cyX2YzPfLoygu3P/rs1/VKLTr9d6ZWW240d9J9vHLkIqaHkrHrJ5e9z7kZV8LsoDPKdBrNjUry/W8vPvjBt7uKk9nXTzqeeWf+XF/sziz3g1xEcfAm/NVSj2YbPLnndl65N7x6D/4fd+rT85Vbmz/+st+usS8SDuoAAAAAAAAAAAAAAAAAAIBDMfql38n8E5Gm7bldTz63+JUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOEZ/f3/saAzldlPcK8d00P5aqM5d/Jjh7pVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+w/4MAAD//y4ydsA=") open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0) 2.122579768s ago: executing program 2 (id=2036): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000000b01020000ffff000000000300000908000240000047"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x88c0) 2.01125278s ago: executing program 3 (id=2037): r0 = socket(0x2, 0x80805, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={'ipvlan0\x00', &(0x7f0000000100)=@ethtool_cmd={0xa, 0x100, 0x4, 0x1, 0x4b, 0x4, 0x4, 0x7, 0x4, 0x7, 0x9, 0x5, 0x40, 0x4, 0xc0, 0x4, [0xfffffffa, 0x3ff]}}) 1.964897621s ago: executing program 2 (id=2039): r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3) connect$bt_rfcomm(r0, &(0x7f0000000100)={0x1f, @none, 0xff}, 0xa) 1.880300663s ago: executing program 2 (id=2040): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x8, 0x5, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "8a95"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0) 1.709526666s ago: executing program 2 (id=2042): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0xffffffff, 0x0, 0x1b8, 0xe8, 0xffffffff, 0xffffffff, 0xe8, 0x288, 0xe8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8) 1.604593838s ago: executing program 2 (id=2043): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x0, 0x0, 0x0, 0x400, 0x7cb}, 0x20) 1.433497811s ago: executing program 2 (id=2045): sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0) creat(&(0x7f0000000240)='./file0\x00', 0x40) seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x52, 0x0, 0x0) close(0xffffffffffffffff) r3 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0xb, 0x2) ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r4, 0x40044103, &(0x7f0000000000)=0x1ff) r5 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x1, 0x50) write$FUSE_INIT(r5, &(0x7f0000004f00)={0x50, 0xfffffffffffffff5, 0x0, {0x7, 0x29, 0x7, 0x1082c0, 0x5, 0x6, 0x8, 0x6, 0x0, 0x0, 0x10, 0x2}}, 0x50) sendmsg$NL80211_CMD_START_SCHED_SCAN(r5, 0x0, 0x0) 738.985505ms ago: executing program 0 (id=2053): setuid(0xee01) fanotify_init(0x255c48896ff5042, 0x80000) 571.659419ms ago: executing program 0 (id=2054): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) r5 = socket$unix(0x1, 0x1, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r8 = socket$unix(0x1, 0x2, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b920, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xfff7}, {0x6, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) 221.526776ms ago: executing program 0 (id=2055): write$binfmt_script(0xffffffffffffffff, &(0x7f0000000b40)={'#! ', '', [{}]}, 0x5) prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x70}}, 0x0) close(r1) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffc}]}) fspick(0xffffffffffffffff, 0x0, 0x1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r2, 0xfffffffc) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) sendmsg$inet(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000006c0)="9e5139ba6f09278b6d148376c3e54c668c07be7b435b67a4ecbff6d40359063bf69bfff351f9ca467035476b8aa460537f97", 0x32}], 0x1}, 0x40c4) r4 = accept(r1, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x801) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0) syz_init_net_socket$rose(0xb, 0x5, 0x0) 150.111547ms ago: executing program 0 (id=2056): r0 = socket$pppoe(0x18, 0x1, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000280)=""/169, &(0x7f0000000340)=0xa9) 88.281128ms ago: executing program 0 (id=2057): ioperm(0x4, 0x8, 0x4005) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0xfffffffffffffffe) 0s ago: executing program 0 (id=2058): ioperm(0x8, 0x9, 0x5a) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) kernel console output (not intermixed with test programs): 24 [ 315.912663][ T7432] EXT4-fs: inline encryption not supported [ 315.919159][ T7432] EXT4-fs: Ignoring removed i_version option [ 316.780620][ T28] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 316.934575][ T7439] befs: (nullb0): No write support. Marking filesystem read-only [ 316.942900][ T7432] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 316.954298][ T7439] befs: (nullb0): invalid magic header [ 317.010925][ T7432] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.361: lblock 2 mapped to illegal pblock 2 (length 1) [ 318.813583][ T28] usb 4-1: Using ep0 maxpacket: 16 [ 318.828106][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.834457][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.842505][ T7432] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 318.850953][ T7432] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.361: lblock 0 mapped to illegal pblock 48 (length 1) [ 318.885799][ T28] usb 4-1: device descriptor read/all, error -71 [ 318.903905][ T7432] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 318.926852][ T7432] EXT4-fs error (device loop1): ext4_acquire_dquot:6940: comm syz.1.361: Failed to acquire dquot type 0 [ 318.969808][ T7432] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 318.987692][ T7432] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.361: mark_inode_dirty error [ 319.018376][ T7432] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 319.036801][ T7432] EXT4-fs (loop1): 1 orphan inode deleted [ 319.044795][ T7432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.071034][ T6772] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 319.084301][ T7449] loop3: detected capacity change from 0 to 256 [ 319.115322][ T6772] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 319.137734][ T7449] exfat: Bad value for 'gid' [ 319.144023][ T6772] EXT4-fs error (device loop1): ext4_release_dquot:6976: comm kworker/u4:13: Failed to release dquot type 0 [ 319.181049][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.268385][ T5791] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 319.409886][ T5791] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 319.467168][ T5791] EXT4-fs error (device loop1): ext4_quota_off:7224: inode #3: comm syz-executor: mark_inode_dirty error [ 321.309333][ T5885] usb 4-1: new full-speed USB device number 6 using dummy_hcd [ 321.716283][ T5885] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 321.752572][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 321.776882][ T5885] usb 4-1: Product: syz [ 321.781202][ T5885] usb 4-1: Manufacturer: syz [ 321.798230][ T5885] usb 4-1: SerialNumber: syz [ 321.805502][ T5885] usb 4-1: config 0 descriptor?? [ 322.252863][ T5885] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 323.175299][ T7473] loop1: detected capacity change from 0 to 2048 [ 323.825900][ T7473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 325.193848][ T5885] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71 [ 325.492314][ T5885] usb 4-1: USB disconnect, device number 6 [ 329.128177][ T5887] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 329.488625][ T5887] usb 1-1: Using ep0 maxpacket: 8 [ 330.072691][ T5887] usb 1-1: config 127 has an invalid interface number: 171 but max is 1 [ 330.110171][ T5887] usb 1-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config [ 330.177268][ T5887] usb 1-1: config 127 has no interface number 1 [ 330.217731][ T5887] usb 1-1: config 127 interface 0 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 330.389774][ T5887] usb 1-1: config 127 interface 171 has no altsetting 0 [ 330.422763][ T5887] usb 1-1: config 127 interface 0 has no altsetting 0 [ 330.433595][ T5887] usb 1-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9 [ 330.500759][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.515848][ T5887] usb 1-1: Product: syz [ 330.520526][ T5887] usb 1-1: Manufacturer: syz [ 330.525295][ T5887] usb 1-1: SerialNumber: syz [ 331.911691][ T5887] xr_serial 1-1:127.171: xr_serial converter detected [ 331.964721][ T5887] xr_serial ttyUSB0: Failed to set reg 0x1a: -71 [ 331.980164][ T5887] xr_serial: probe of ttyUSB0 failed with error -71 [ 332.060117][ T5887] usb 1-1: USB disconnect, device number 5 [ 332.085602][ T5887] xr_serial 1-1:127.171: device disconnected [ 338.187807][ T7558] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7) [ 338.194811][ T7558] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 338.434692][ T7558] vhci_hcd vhci_hcd.0: Device attached [ 338.441380][ T9] vhci_hcd: vhci_device speed not set [ 338.518453][ T9] usb 37-1: new full-speed USB device number 2 using vhci_hcd [ 339.432085][ T7560] vhci_hcd: connection reset by peer [ 339.452311][ T982] vhci_hcd: stop threads [ 339.457307][ T982] vhci_hcd: release socket [ 339.479291][ T7573] loop0: detected capacity change from 0 to 512 [ 339.499066][ T982] vhci_hcd: disconnect device [ 339.553245][ T7573] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 340.095479][ T7573] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 340.455977][ T7573] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 340.513432][ T7573] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 340.533116][ T7573] System zones: 0-2, 18-18, 34-34 [ 340.559159][ T7573] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.389: iget: bad i_size value: 360287970189639680 [ 340.592697][ T7573] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.389: couldn't read orphan inode 15 (err -117) [ 340.660621][ T7573] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 341.526364][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 343.932033][ T7604] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 343.938638][ T7604] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 343.968240][ T7604] vhci_hcd vhci_hcd.0: Device attached [ 343.980919][ T7609] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(9) [ 343.987479][ T7609] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 344.011799][ T7609] vhci_hcd vhci_hcd.0: Device attached [ 344.042617][ T7604] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(8) [ 344.049195][ T7604] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 344.059710][ T7604] vhci_hcd vhci_hcd.0: Device attached [ 344.082752][ T7604] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 344.116545][ T7604] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 344.156612][ T7613] vhci_hcd: connection closed [ 344.156698][ T7610] vhci_hcd: connection closed [ 344.161562][ T1141] vhci_hcd: stop threads [ 344.168671][ T7606] vhci_hcd: connection closed [ 344.171006][ T1141] vhci_hcd: release socket [ 344.180366][ T1141] vhci_hcd: disconnect device [ 344.185656][ T1141] vhci_hcd: stop threads [ 344.213343][ T1141] vhci_hcd: release socket [ 344.217947][ T1141] vhci_hcd: disconnect device [ 344.233083][ T1141] vhci_hcd: stop threads [ 344.237615][ T1141] vhci_hcd: release socket [ 344.251480][ T1141] vhci_hcd: disconnect device [ 344.258874][ T23] usb 35-1: new low-speed USB device number 2 using vhci_hcd [ 344.266345][ T23] usb 35-1: enqueue for inactive port 0 [ 344.288530][ T9] vhci_hcd: vhci_device speed not set [ 344.368301][ T23] vhci_hcd: vhci_device speed not set [ 345.937463][ T7625] loop0: detected capacity change from 0 to 764 [ 346.003960][ T7625] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 347.184347][ T7636] loop0: detected capacity change from 0 to 4096 [ 348.355301][ T7644] ptrace attach of "./syz-executor exec"[5786] was attempted by ""[7644] [ 348.569533][ T7643] loop2: detected capacity change from 0 to 2048 [ 348.767780][ T7643] EXT4-fs (loop2): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.127922][ T7649] loop1: detected capacity change from 0 to 40427 [ 349.178522][ T7649] F2FS-fs (loop1): invalid crc value [ 349.202077][ T7649] F2FS-fs (loop1): Found nat_bits in checkpoint [ 349.236158][ T7649] F2FS-fs (loop1): Start checkpoint disabled! [ 349.251896][ T7649] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 349.288580][ T7650] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 349.352769][ T27] audit: type=1800 audit(1758332032.897:9): pid=7653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.405" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 349.494530][ T7653] syz.1.405: attempt to access beyond end of device [ 349.494530][ T7653] loop1: rw=2049, sector=77824, nr_sectors = 984 limit=40427 [ 350.109382][ T6765] kworker/u4:10: attempt to access beyond end of device [ 350.109382][ T6765] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 350.139364][ T6789] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 354 with error 28 [ 350.165525][ T6789] EXT4-fs (loop2): This should not happen!! Data will be lost [ 350.165525][ T6789] [ 350.168962][ T6765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 350.205814][ T6789] EXT4-fs (loop2): Total free blocks count 0 [ 350.274257][ T6765] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 350.355984][ T6789] EXT4-fs (loop2): Free/Dirty block details [ 350.465937][ T6789] EXT4-fs (loop2): free_blocks=2415919104 [ 350.530884][ T6789] EXT4-fs (loop2): dirty_blocks=368 [ 350.576704][ T6789] EXT4-fs (loop2): Block reservation details [ 350.675873][ T6789] EXT4-fs (loop2): i_reserved_data_blocks=23 [ 350.880544][ T5792] EXT4-fs (loop2): unmounting filesystem 00000800-0000-0000-0000-000000000000. [ 350.987414][ T7664] loop0: detected capacity change from 0 to 1024 [ 351.247401][ T7669] loop3: detected capacity change from 0 to 2048 [ 351.457441][ T7669] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 352.493047][ T7667] hfsplus: request for non-existent node 16777216 in B*Tree [ 352.504380][ T7667] hfsplus: request for non-existent node 16777216 in B*Tree [ 352.531300][ T7667] hfsplus: request for non-existent node 16777216 in B*Tree [ 352.542746][ T7667] hfsplus: request for non-existent node 16777216 in B*Tree [ 352.862969][ T7674] loop2: detected capacity change from 0 to 512 [ 352.973716][ T7674] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 353.571764][ T7674] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.412: casefold flag without casefold feature [ 353.592709][ T7674] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.412: couldn't read orphan inode 15 (err -117) [ 353.630922][ T7674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 354.654236][ T7677] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 354.675711][ T6772] hfsplus: request for non-existent node 16777216 in B*Tree [ 354.715948][ T6772] hfsplus: request for non-existent node 16777216 in B*Tree [ 354.883196][ T43] libceph: connect (1)[c::]:6789 error -101 [ 354.964959][ T5792] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 354.997192][ T43] libceph: mon0 (1)[c::]:6789 connect error [ 355.158647][ T43] libceph: connect (1)[c::]:6789 error -101 [ 355.164744][ T43] libceph: mon0 (1)[c::]:6789 connect error [ 355.297453][ T7682] ceph: No mds server is up or the cluster is laggy [ 355.481752][ T9] libceph: connect (1)[c::]:6789 error -101 [ 356.059415][ T9] libceph: mon0 (1)[c::]:6789 connect error [ 356.807696][ T7708] loop3: detected capacity change from 0 to 2048 [ 358.698390][ T7721] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 358.704975][ T7721] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 358.818664][ T7721] vhci_hcd vhci_hcd.0: Device attached [ 358.858803][ T7724] vhci_hcd: connection closed [ 358.861711][ T6789] vhci_hcd: stop threads [ 358.885352][ T6789] vhci_hcd: release socket [ 358.890815][ T6789] vhci_hcd: disconnect device [ 361.611433][ T7743] loop3: detected capacity change from 0 to 32768 [ 361.636654][ T7743] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.423 (7743) [ 361.679504][ T7743] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 361.694544][ T7743] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 361.703802][ T7743] BTRFS info (device loop3): using free space tree [ 361.799226][ T7743] BTRFS info (device loop3): enabling ssd optimizations [ 361.806303][ T7743] BTRFS info (device loop3): auto enabling async discard [ 362.582902][ T5790] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 367.575864][ T7782] loop3: detected capacity change from 0 to 8 [ 369.805353][ T5800] Bluetooth: hci1: unexpected event for opcode 0x0407 [ 370.154021][ T7789] loop1: detected capacity change from 0 to 512 [ 370.301596][ T7789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 370.349199][ T7789] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 370.363144][ T7799] loop0: detected capacity change from 0 to 128 [ 372.023818][ T7812] batman_adv: batadv0: Adding interface: dummy0 [ 372.030423][ T7812] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 372.056519][ T7812] batman_adv: batadv0: Interface activated: dummy0 [ 372.086097][ T7812] batadv0: mtu less than device minimum [ 372.100405][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.113497][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.125263][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.136957][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.148776][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.160550][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.172295][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.183980][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.195660][ T7812] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 372.567125][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.701235][ T7818] loop0: detected capacity change from 0 to 512 [ 372.730352][ T7818] EXT4-fs: Ignoring removed orlov option [ 372.779558][ T7818] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 373.019889][ T7818] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c129, mo2=0002] [ 373.667514][ T7818] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2244: inode #15: comm syz.0.440: corrupted in-inode xattr: e_value size too large [ 373.683206][ T7818] EXT4-fs (loop0): Remounting filesystem read-only [ 373.738919][ T7818] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.976233][ T7833] tipc: Enabled bearer , priority 0 [ 374.031969][ T7834] syzkaller0: entered promiscuous mode [ 374.051741][ T7834] syzkaller0: entered allmulticast mode [ 374.113023][ T7836] tipc: Enabled bearer , priority 0 [ 374.122292][ T7836] syzkaller0: entered promiscuous mode [ 374.127925][ T7836] syzkaller0: entered allmulticast mode [ 374.157508][ T7833] tipc: Resetting bearer [ 374.182485][ T7832] tipc: Resetting bearer [ 374.214762][ T7832] tipc: Disabling bearer [ 374.265054][ T7836] tipc: Resetting bearer [ 374.348726][ T7835] tipc: Resetting bearer [ 374.416495][ T7835] tipc: Disabling bearer [ 374.934474][ T7848] tipc: Enabled bearer , priority 0 [ 375.009015][ T7850] syzkaller0: entered promiscuous mode [ 375.022598][ T7850] syzkaller0: entered allmulticast mode [ 375.299577][ T7848] tipc: Resetting bearer [ 375.332871][ T7846] tipc: Resetting bearer [ 375.685490][ T7846] tipc: Disabling bearer [ 376.047045][ T7859] netlink: 12 bytes leftover after parsing attributes in process `syz.0.451'. [ 376.174266][ T7862] bridge1: port 1(veth3) entered blocking state [ 376.180935][ T7862] bridge1: port 1(veth3) entered disabled state [ 376.203781][ T7862] veth3: entered allmulticast mode [ 376.242108][ T7862] veth3: entered promiscuous mode [ 376.313057][ T7859] bridge1: port 2(veth0_to_bond) entered blocking state [ 376.531343][ T7859] bridge1: port 2(veth0_to_bond) entered disabled state [ 378.200016][ T7859] veth0_to_bond: entered allmulticast mode [ 378.553109][ T7859] veth0_to_bond: entered promiscuous mode [ 378.701399][ T7859] vlan2: entered allmulticast mode [ 378.715915][ T7859] bridge1: port 3(vlan2) entered blocking state [ 378.724209][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.732117][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.754533][ T7859] bridge1: port 3(vlan2) entered disabled state [ 378.772662][ T7859] vlan2: entered promiscuous mode [ 380.477842][ T7881] tipc: Enabled bearer , priority 0 [ 380.500807][ T7881] syzkaller0: entered promiscuous mode [ 380.515128][ T7881] syzkaller0: entered allmulticast mode [ 380.597509][ T7881] tipc: Resetting bearer [ 380.618629][ T7879] tipc: Resetting bearer [ 380.652206][ T7889] loop3: detected capacity change from 0 to 512 [ 380.723166][ T7889] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 380.760340][ T7879] tipc: Disabling bearer [ 380.821527][ T7889] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.460: casefold flag without casefold feature [ 380.848441][ T7889] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.460: couldn't read orphan inode 15 (err -117) [ 380.870408][ T7889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 382.855179][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 392.515576][ T5778] libceph: connect (1)[c::]:6789 error -101 [ 392.598610][ T5778] libceph: mon0 (1)[c::]:6789 connect error [ 392.897116][ T5778] libceph: connect (1)[c::]:6789 error -101 [ 392.908283][ T5778] libceph: mon0 (1)[c::]:6789 connect error [ 393.153936][ T7949] ceph: No mds server is up or the cluster is laggy [ 394.740395][ T7974] loop3: detected capacity change from 0 to 128 [ 398.303337][ T7986] netlink: 344 bytes leftover after parsing attributes in process `syz.1.482'. [ 398.312537][ T7986] netlink: 8 bytes leftover after parsing attributes in process `syz.1.482'. [ 399.623793][ T7990] loop2: detected capacity change from 0 to 8 [ 399.790464][ T7992] loop1: detected capacity change from 0 to 64 [ 399.819428][ T7992] BFS-fs: bfs_fill_super(): loop1 is unclean, continuing [ 400.397330][ T7982] loop3: detected capacity change from 0 to 40427 [ 400.632013][ T5800] Bluetooth: hci2: unexpected event for opcode 0x0407 [ 400.636847][ T7982] F2FS-fs (loop3): Small segment_count (9 < 1 * 24) [ 400.772310][ T7982] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 401.138385][ T7982] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-4) [ 401.884915][ T8004] loop3: detected capacity change from 0 to 256 [ 405.443457][ T8015] loop1: detected capacity change from 0 to 128 [ 405.504334][ T8020] tipc: Started in network mode [ 405.509445][ T8020] tipc: Node identity 3ad08d174729, cluster identity 4711 [ 405.516855][ T8020] tipc: Enabled bearer , priority 0 [ 405.527246][ T8020] syzkaller0: entered promiscuous mode [ 405.547628][ T8020] syzkaller0: entered allmulticast mode [ 405.811710][ T8020] tipc: Resetting bearer [ 405.988693][ T8018] tipc: Resetting bearer [ 406.272177][ T8018] tipc: Disabling bearer [ 407.085448][ T8027] loop1: detected capacity change from 0 to 512 [ 407.138995][ T8027] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.494: casefold flag without casefold feature [ 407.155326][ T8027] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.494: couldn't read orphan inode 15 (err -117) [ 407.189352][ T8027] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 409.148857][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 410.351065][ T8061] loop3: detected capacity change from 0 to 512 [ 410.373653][ T8061] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 410.385203][ T8061] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem [ 410.421201][ T8061] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended [ 410.721887][ T8061] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 411.379307][ T8070] syz.2.502[8070] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 411.379464][ T8070] syz.2.502[8070] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 411.434837][ T8070] loop2: detected capacity change from 0 to 128 [ 411.554878][ T8061] System zones: 0-2, 18-18, 34-34 [ 412.317563][ T8061] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.500: iget: bad i_size value: 360287970189639680 [ 412.384520][ T8061] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.500: couldn't read orphan inode 15 (err -117) [ 412.469091][ T8061] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 414.357254][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.807091][ T8090] loop3: detected capacity change from 0 to 764 [ 415.849727][ T8090] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 416.173548][ T8093] Symlink component flag not implemented [ 416.180093][ T8093] Symlink component flag not implemented (7) [ 418.515003][ T8117] netlink: 12 bytes leftover after parsing attributes in process `syz.1.513'. [ 418.674402][ T8117] bridge1: port 1(veth3) entered blocking state [ 418.704895][ T8117] bridge1: port 1(veth3) entered disabled state [ 418.735241][ T8117] veth3: entered allmulticast mode [ 418.759257][ T8117] veth3: entered promiscuous mode [ 418.815680][ T8118] bridge1: port 2(veth0_to_bond) entered blocking state [ 418.857997][ T8118] bridge1: port 2(veth0_to_bond) entered disabled state [ 418.868926][ T8118] veth0_to_bond: entered allmulticast mode [ 418.889114][ T8118] veth0_to_bond: entered promiscuous mode [ 418.904797][ T8120] vlan2: entered allmulticast mode [ 419.011930][ T8120] bridge1: port 3(vlan2) entered blocking state [ 419.127494][ T8120] bridge1: port 3(vlan2) entered disabled state [ 419.318488][ T8120] vlan2: entered promiscuous mode [ 420.840012][ T8131] loop2: detected capacity change from 0 to 512 [ 420.877653][ T8131] EXT4-fs: Ignoring removed orlov option [ 421.088420][ T8131] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 421.530005][ T8131] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c129, mo2=0002] [ 421.608615][ T8131] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2244: inode #15: comm syz.2.517: corrupted in-inode xattr: e_value size too large [ 421.656822][ T8131] EXT4-fs (loop2): Remounting filesystem read-only [ 421.697053][ T8131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 424.328466][ T23] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 424.828456][ T23] usb 3-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55 [ 424.998638][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 425.006836][ T23] usb 3-1: Product: syz [ 425.054071][ T23] usb 3-1: Manufacturer: syz [ 425.083128][ T23] usb 3-1: SerialNumber: syz [ 425.119338][ T23] usb 3-1: config 0 descriptor?? [ 425.141369][ T23] gspca_main: sonixb-2.14.0 probing 0c45:60a8 [ 425.371587][ T8170] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 425.389690][ T8156] netlink: 4 bytes leftover after parsing attributes in process `syz.2.523'. [ 425.505763][ T8170] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 425.508669][ T8156] batadv0: entered promiscuous mode [ 425.521686][ T8156] macsec1: entered allmulticast mode [ 425.527349][ T8156] batadv0: entered allmulticast mode [ 425.669066][ T23] sonixb 3-1:0.0: Error reading register 00: -110 [ 425.772722][ T8156] batadv0: left allmulticast mode [ 425.968216][ T8156] batadv0: left promiscuous mode [ 426.722599][ T23] usb 3-1: USB disconnect, device number 3 [ 426.913794][ T8175] loop1: detected capacity change from 0 to 32768 [ 426.947293][ T8175] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.528 (8175) [ 426.966378][ T8175] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 426.977235][ T8175] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 426.986095][ T8175] BTRFS info (device loop1): using free space tree [ 427.082484][ T8175] BTRFS info (device loop1): enabling ssd optimizations [ 427.089848][ T8175] BTRFS info (device loop1): auto enabling async discard [ 427.239486][ T8199] loop3: detected capacity change from 0 to 256 [ 427.247418][ T8199] exfat: Deprecated parameter 'utf8' [ 427.264593][ T8199] exfat: Deprecated parameter 'namecase' [ 427.270837][ T8199] exfat: Deprecated parameter 'namecase' [ 427.276678][ T8199] exfat: Deprecated parameter 'utf8' [ 427.442452][ T8199] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d) [ 429.043088][ T8206] process 'syz.3.531' launched '/dev/fd/-1' with NULL argv: empty string added [ 430.390715][ T5791] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 430.431078][ T8212] kernel profiling enabled (shift: 6) [ 430.615803][ T8216] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 430.698216][ T8216] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 430.723081][ T8216] bond0: (slave ipvlan2): Error -95 calling set_mac_address [ 434.187541][ T8245] tipc: Enabled bearer , priority 0 [ 434.233605][ T8245] syzkaller0: entered promiscuous mode [ 434.264515][ T8245] syzkaller0: entered allmulticast mode [ 435.278351][ T8257] loop1: detected capacity change from 0 to 4096 [ 435.650782][ T8257] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512). [ 435.880960][ T8257] ntfs3: loop1: Failed to initialize $Secure::$SDH (-22). [ 435.888348][ T8257] ntfs3: loop1: Failed to initialize $Secure (-22). [ 435.890065][ T8255] tipc: Resetting bearer [ 435.983201][ T8243] tipc: Resetting bearer [ 436.056329][ T8243] tipc: Disabling bearer [ 437.254265][ T8270] bridge0: port 4(netdevsim0) entered blocking state [ 437.279372][ T8270] bridge0: port 4(netdevsim0) entered disabled state [ 437.286707][ T8270] netdevsim netdevsim2 netdevsim0: entered allmulticast mode [ 437.315373][ T8270] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 437.334861][ T8270] bridge0: port 4(netdevsim0) entered blocking state [ 437.342294][ T8270] bridge0: port 4(netdevsim0) entered forwarding state [ 437.612966][ T8277] netlink: 24 bytes leftover after parsing attributes in process `syz.3.547'. [ 438.938265][ T8284] capability: warning: `syz.3.549' uses deprecated v2 capabilities in a way that may be insecure [ 440.262407][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.269058][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.563797][ T8289] loop1: detected capacity change from 0 to 40427 [ 441.118603][ T8289] F2FS-fs (loop1): invalid crc value [ 441.564961][ T8294] netlink: 344 bytes leftover after parsing attributes in process `syz.3.552'. [ 441.574013][ T8294] netlink: 8 bytes leftover after parsing attributes in process `syz.3.552'. [ 441.797657][ T8289] F2FS-fs (loop1): Found nat_bits in checkpoint [ 441.974901][ T8289] F2FS-fs (loop1): Start checkpoint disabled! [ 441.992796][ T8289] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 442.184179][ T27] audit: type=1800 audit(1758332125.727:10): pid=8292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.551" name="bus" dev="loop1" ino=10 res=0 errno=0 [ 442.256771][ T8292] syz.1.551: attempt to access beyond end of device [ 442.256771][ T8292] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 442.271662][ T8292] syz.1.551: attempt to access beyond end of device [ 442.271662][ T8292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.286852][ T8292] syz.1.551: attempt to access beyond end of device [ 442.286852][ T8292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.302136][ T8292] syz.1.551: attempt to access beyond end of device [ 442.302136][ T8292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.317320][ T8292] syz.1.551: attempt to access beyond end of device [ 442.317320][ T8292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.334555][ T8292] syz.1.551: attempt to access beyond end of device [ 442.334555][ T8292] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 442.349513][ T8292] syz.1.551: attempt to access beyond end of device [ 442.349513][ T8292] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 442.368581][ T8292] syz.1.551: attempt to access beyond end of device [ 442.368581][ T8292] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 442.383986][ T8292] syz.1.551: attempt to access beyond end of device [ 442.383986][ T8292] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 442.402252][ T8292] syz.1.551: attempt to access beyond end of device [ 442.402252][ T8292] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 444.526635][ T982] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 444.534902][ T982] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 444.542575][ T982] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 444.903587][ T8308] loop3: detected capacity change from 0 to 40427 [ 444.944634][ T8308] F2FS-fs (loop3): invalid crc value [ 444.980022][ T8308] F2FS-fs (loop3): Found nat_bits in checkpoint [ 445.290882][ T8308] F2FS-fs (loop3): Start checkpoint disabled! [ 446.205237][ T8308] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 447.200768][ T8324] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 447.479546][ T8328] netlink: 12 bytes leftover after parsing attributes in process `syz.0.561'. [ 447.660601][ T6765] bio_check_eod: 182 callbacks suppressed [ 447.660619][ T6765] kworker/u4:10: attempt to access beyond end of device [ 447.660619][ T6765] loop3: rw=1, sector=77824, nr_sectors = 2344 limit=40427 [ 447.693009][ T6765] kworker/u4:10: attempt to access beyond end of device [ 447.693009][ T6765] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 447.707647][ T6765] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 447.715475][ T6765] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 448.293595][ T8336] loop3: detected capacity change from 0 to 32768 [ 448.301552][ T8336] XFS: ikeep mount option is deprecated. [ 448.338934][ T8336] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 448.682685][ T8336] XFS (loop3): Ending clean mount [ 448.691146][ T8336] XFS (loop3): Quotacheck needed: Please wait. [ 449.040712][ T8336] XFS (loop3): Quotacheck: Done. [ 449.369092][ T8355] warning: `syz.1.565' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 454.420921][ T5790] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 463.958311][ T27] audit: type=1800 audit(1758332147.117:11): pid=8462 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.581" name="bus" dev="overlay" ino=813 res=0 errno=0 [ 465.076985][ T8470] netlink: 12 bytes leftover after parsing attributes in process `syz.3.583'. [ 466.264361][ T8482] netlink: 12 bytes leftover after parsing attributes in process `syz.0.587'. [ 466.273621][ T8482] netlink: 8 bytes leftover after parsing attributes in process `syz.0.587'. [ 466.312246][ T8482] vlan3: entered promiscuous mode [ 466.317466][ T8482] batadv0: entered promiscuous mode [ 466.764384][ T8487] loop3: detected capacity change from 0 to 128 [ 468.769456][ T8494] tipc: Enabled bearer , priority 0 [ 468.814136][ T8494] syzkaller0: entered promiscuous mode [ 468.832980][ T11] kworker/u4:0: attempt to access beyond end of device [ 468.832980][ T11] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 468.871931][ T8494] syzkaller0: entered allmulticast mode [ 469.018852][ T8494] tipc: Resetting bearer [ 469.069497][ T8493] tipc: Resetting bearer [ 469.344128][ T8493] tipc: Disabling bearer [ 470.334434][ T8501] tipc: New replicast peer: 255.255.255.255 [ 470.373411][ T8501] tipc: Enabled bearer , priority 10 [ 470.775961][ T8503] tipc: Enabled bearer , priority 0 [ 470.810875][ T8503] syzkaller0: entered promiscuous mode [ 470.822178][ T8503] syzkaller0: entered allmulticast mode [ 471.221369][ T8510] netlink: 344 bytes leftover after parsing attributes in process `syz.0.593'. [ 471.231457][ T8510] netlink: 8 bytes leftover after parsing attributes in process `syz.0.593'. [ 471.499307][ T8512] loop3: detected capacity change from 0 to 8 [ 472.084680][ T43] tipc: Node number set to 4009863114 [ 472.495937][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.503813][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.510651][ T27] audit: type=1800 audit(1758332156.057:12): pid=8509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.595" name="file1" dev="loop3" ino=5 res=0 errno=0 [ 472.529981][ C0] vkms_vblank_simulate: vblank timer overrun [ 472.545415][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.553160][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.560472][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.567952][ T8509] SQUASHFS error: Failed to read block 0x4de: -5 [ 472.635798][ T8515] tipc: Resetting bearer [ 472.879170][ T8502] tipc: Resetting bearer [ 472.981182][ T8502] tipc: Disabling bearer [ 473.269750][ T8523] QAT: Invalid ioctl 21531 [ 474.233414][ T8531] loop3: detected capacity change from 0 to 764 [ 474.250421][ T8531] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 475.136261][ T5800] Bluetooth: hci0: unexpected event for opcode 0x0407 [ 475.951743][ T8538] loop1: detected capacity change from 0 to 512 [ 476.149492][ T8538] ext4: Unknown parameter 'rootcontext' [ 479.375599][ T8553] tipc: New replicast peer: 255.255.255.255 [ 479.401083][ T8553] tipc: Enabled bearer , priority 10 [ 479.566646][ T8553] loop3: detected capacity change from 0 to 512 [ 479.769605][ T8553] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 482.334912][ T8566] tipc: Enabled bearer , priority 0 [ 482.367485][ T8566] syzkaller0: entered promiscuous mode [ 482.391064][ T8566] syzkaller0: entered allmulticast mode [ 482.482595][ T8565] tipc: Resetting bearer [ 482.635296][ T8565] tipc: Disabling bearer [ 483.872298][ T8578] loop3: detected capacity change from 0 to 764 [ 483.915038][ T8578] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 486.619205][ T8589] loop3: detected capacity change from 0 to 32768 [ 486.626583][ T8589] XFS: noikeep mount option is deprecated. [ 486.667525][ T8589] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 486.783173][ T8589] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 486.817309][ T8589] XFS (loop3): Starting recovery (logdev: internal) [ 486.852162][ T8589] XFS (loop3): Ending recovery (logdev: internal) [ 489.432103][ T5790] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 490.009109][ T8609] netlink: 416 bytes leftover after parsing attributes in process `syz.2.618'. [ 491.448707][ T8617] loop3: detected capacity change from 0 to 1024 [ 491.658504][ T8617] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 496.315722][ T8617] EXT4-fs warning (device loop3): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop3. [ 498.160970][ T8634] block device autoloading is deprecated and will be removed. [ 499.490789][ T8644] tipc: Enabled bearer , priority 0 [ 499.616739][ T8644] syzkaller0: entered promiscuous mode [ 499.649979][ T8644] syzkaller0: entered allmulticast mode [ 499.828256][ T8642] tipc: Resetting bearer [ 499.973007][ T8642] tipc: Disabling bearer [ 501.564291][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.574023][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.061592][ T8661] netlink: 416 bytes leftover after parsing attributes in process `syz.1.633'. [ 503.429397][ T8668] netlink: 132 bytes leftover after parsing attributes in process `syz.0.634'. [ 503.506185][ T8668] loop7: detected capacity change from 0 to 3 [ 503.598207][ T8668] Dev loop7: unable to read RDB block 3 [ 503.603851][ T8668] loop7: unable to read partition table [ 503.614780][ T8668] loop7: partition table beyond EOD, truncated [ 503.665419][ T8668] loop_reread_partitions: partition scan of loop7 ((õÉêä¾A«ÒÚi½åŒ×¯@ý pªÁ.½[ºvcÄ5¯ùG“Ýתà~ó_¿“;Ûo×ìÝ‘µœ¨Õ) failed (rc=-5) [ 509.004450][ T8708] netlink: 132 bytes leftover after parsing attributes in process `syz.3.646'. [ 509.094810][ T5157] Dev loop7: unable to read RDB block 3 [ 509.100592][ T5157] loop7: unable to read partition table [ 509.106531][ T5157] loop7: partition table beyond EOD, truncated [ 509.283261][ T8717] loop3: detected capacity change from 0 to 64 [ 509.513499][ T8715] loop1: detected capacity change from 0 to 32768 [ 509.547432][ T8715] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 509.573631][ T27] audit: type=1800 audit(1758332193.117:13): pid=8715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.643" name="file1" dev="loop1" ino=17058 res=0 errno=0 [ 509.902920][ T27] audit: type=1800 audit(1758332193.417:14): pid=8723 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.649" name="file1" dev="loop3" ino=21 res=0 errno=0 [ 510.583307][ T5791] ocfs2: Unmounting device (7,1) on (node local) [ 510.809200][ T8729] tipc: Enabled bearer , priority 0 [ 510.967189][ T8729] syzkaller0: entered promiscuous mode [ 510.997099][ T8729] syzkaller0: entered allmulticast mode [ 511.078147][ T5796] Bluetooth: hci1: command 0x0406 tx timeout [ 511.108353][ T5778] usb 2-1: new full-speed USB device number 5 using dummy_hcd [ 511.274334][ T8735] tipc: Resetting bearer [ 511.453744][ T5778] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 511.483303][ T5778] usb 2-1: config 0 has no interfaces? [ 511.505569][ T5778] usb 2-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.00 [ 511.535791][ T5778] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 511.538549][ T8728] tipc: Resetting bearer [ 511.587097][ T5778] usb 2-1: config 0 descriptor?? [ 511.933477][ T5828] tipc: Node number set to 2113506583 [ 512.426416][ T8728] tipc: Disabling bearer [ 512.560888][ T5885] usb 2-1: USB disconnect, device number 5 [ 514.957309][ T8754] tipc: Enabled bearer , priority 0 [ 514.965764][ T8754] syzkaller0: entered promiscuous mode [ 514.972120][ T8754] syzkaller0: entered allmulticast mode [ 514.986146][ T8755] loop1: detected capacity change from 0 to 128 [ 515.105926][ T8752] tipc: Resetting bearer [ 515.790140][ T49] kworker/u4:3: attempt to access beyond end of device [ 515.790140][ T49] loop1: rw=1048577, sector=145, nr_sectors = 896 limit=128 [ 516.100068][ T8752] tipc: Disabling bearer [ 516.134004][ T8758] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem [ 517.182301][ T8712] Bluetooth: hci0: command 0x0406 tx timeout [ 517.188498][ T5796] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 522.828264][ T5885] usb 4-1: new full-speed USB device number 7 using dummy_hcd [ 523.113364][ T5885] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 523.182416][ T5885] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 523.318765][ T5885] usb 4-1: Product: syz [ 523.409978][ T5885] usb 4-1: Manufacturer: syz [ 523.526291][ T5885] usb 4-1: SerialNumber: syz [ 523.679754][ T5885] usb 4-1: config 0 descriptor?? [ 523.918761][ T5885] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 524.860637][ T8804] trusted_key: encrypted_key: insufficient parameters specified [ 525.921727][ T8813] tipc: Enabled bearer , priority 0 [ 525.934571][ T8813] syzkaller0: entered promiscuous mode [ 525.940584][ T8813] syzkaller0: entered allmulticast mode [ 526.076771][ T8812] tipc: Resetting bearer [ 526.205331][ T8812] tipc: Disabling bearer [ 526.231837][ T5885] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71 [ 526.273838][ T5885] usb 4-1: USB disconnect, device number 7 [ 528.070337][ T8827] loop3: detected capacity change from 0 to 128 [ 528.899807][ T49] kworker/u4:3: attempt to access beyond end of device [ 528.899807][ T49] loop3: rw=1, sector=145, nr_sectors = 896 limit=128 [ 530.439085][ T8712] Bluetooth: hci0: command 0x0406 tx timeout [ 530.445361][ T5796] Bluetooth: hci0: Opcode 0x1407 failed: -110 [ 534.718160][ T5885] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 536.050125][ T5885] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 536.154641][ T8872] ipt_REJECT: TCP_RESET invalid for non-tcp [ 536.851401][ T5885] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 536.860594][ T5885] usb 2-1: Product: syz [ 536.865891][ T5885] usb 2-1: Manufacturer: syz [ 536.870611][ T5885] usb 2-1: SerialNumber: syz [ 536.877810][ T5885] usb 2-1: config 0 descriptor?? [ 537.137929][ T5885] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 539.975499][ T5885] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71 [ 540.178313][ T5885] usb 2-1: USB disconnect, device number 6 [ 540.211841][ T8905] tipc: Enabled bearer , priority 0 [ 540.219389][ T8905] mac80211_hwsim hwsim3 syzkaller0: entered promiscuous mode [ 540.227219][ T8905] mac80211_hwsim hwsim3 syzkaller0: entered allmulticast mode [ 540.342554][ T8908] tipc: Resetting bearer [ 543.216396][ T8924] loop1: detected capacity change from 0 to 64 [ 543.230989][ T8924] hfs: unable to parse mount options [ 545.731665][ T8936] loop3: detected capacity change from 0 to 32768 [ 545.816988][ T8936] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 545.934650][ T8936] XFS (loop3): Ending clean mount [ 545.946462][ T8936] XFS (loop3): Quotacheck needed: Please wait. [ 546.066762][ T8936] XFS (loop3): Quotacheck: Done. [ 550.516912][ T5790] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 550.943575][ T8964] loop1: detected capacity change from 0 to 256 [ 551.140214][ T8964] trusted_key: encrypted_key: insufficient parameters specified [ 558.867337][ T5796] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 558.877581][ T5796] CPU: 0 PID: 5796 Comm: kworker/u5:4 Not tainted syzkaller #0 [ 558.885177][ T5796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 558.895269][ T5796] Workqueue: hci2 hci_rx_work [ 558.900041][ T5796] Call Trace: [ 558.903354][ T5796] [ 558.906297][ T5796] dump_stack_lvl+0x16c/0x230 [ 558.911024][ T5796] ? show_regs_print_info+0x20/0x20 [ 558.916243][ T5796] ? load_image+0x3b0/0x3b0 [ 558.920772][ T5796] sysfs_create_dir_ns+0x256/0x280 [ 558.925903][ T5796] ? hci_rx_work+0x43a/0xd80 [ 558.930513][ T5796] ? sysfs_warn_dup+0xa0/0xa0 [ 558.935219][ T5796] ? do_raw_spin_unlock+0x121/0x230 [ 558.940444][ T5796] kobject_add_internal+0x6b8/0xc70 [ 558.945677][ T5796] kobject_add+0x156/0x220 [ 558.950120][ T5796] ? __rwlock_init+0x150/0x150 [ 558.954905][ T5796] ? kobject_init+0x1e0/0x1e0 [ 558.959614][ T5796] ? _raw_spin_unlock+0x28/0x40 [ 558.964508][ T5796] ? get_device_parent+0x366/0x390 [ 558.969656][ T5796] device_add+0x408/0xc20 [ 558.974028][ T5796] hci_conn_add_sysfs+0xd5/0x1e0 [ 558.979009][ T5796] le_conn_complete_evt+0xc37/0x1220 [ 558.984328][ T5796] ? hci_event_packet+0x4a7/0x1210 [ 558.989476][ T5796] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 558.995738][ T5796] ? __copy_skb_header+0xa7/0x550 [ 559.000789][ T5796] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 559.006450][ T5796] ? skb_pull_data+0xfb/0x200 [ 559.011156][ T5796] hci_le_conn_complete_evt+0x187/0x440 [ 559.016789][ T5796] ? hci_remote_host_features_evt+0x160/0x160 [ 559.022876][ T5796] hci_event_packet+0x795/0x1210 [ 559.027850][ T5796] ? bis_list+0x290/0x290 [ 559.032208][ T5796] ? lockdep_hardirqs_on+0x98/0x150 [ 559.037440][ T5796] ? hci_send_to_monitor+0xd7/0x4f0 [ 559.042665][ T5796] hci_rx_work+0x43a/0xd80 [ 559.047109][ T5796] ? process_scheduled_works+0x957/0x15b0 [ 559.052936][ T5796] process_scheduled_works+0xa45/0x15b0 [ 559.058523][ T5796] ? assign_work+0x400/0x400 [ 559.063228][ T5796] ? assign_work+0x39e/0x400 [ 559.067836][ T5796] worker_thread+0xa55/0xfc0 [ 559.072469][ T5796] kthread+0x2fa/0x390 [ 559.076550][ T5796] ? pr_cont_work+0x560/0x560 [ 559.081245][ T5796] ? kthread_blkcg+0xd0/0xd0 [ 559.085853][ T5796] ret_from_fork+0x48/0x80 [ 559.090290][ T5796] ? kthread_blkcg+0xd0/0xd0 [ 559.094895][ T5796] ret_from_fork_asm+0x11/0x20 [ 559.099697][ T5796] [ 559.119265][ T5796] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 559.133959][ T5796] Bluetooth: hci2: failed to register connection device [ 563.269430][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.275933][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.031802][ T9042] loop3: detected capacity change from 0 to 512 [ 564.059217][ T9042] EXT4-fs: Ignoring removed mblk_io_submit option [ 564.093390][ T9042] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 564.185523][ T9042] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002] [ 564.195830][ T9042] System zones: 1-12 [ 564.220037][ T9042] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2244: inode #15: comm syz.3.728: corrupted in-inode xattr: e_value size too large [ 564.237141][ T9042] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.728: couldn't read orphan inode 15 (err -117) [ 564.251107][ T9042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 565.558219][ T5796] Bluetooth: hci2: command 0x0406 tx timeout [ 568.121066][ T9061] loop1: detected capacity change from 0 to 256 [ 568.270014][ T9061] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb5f96684, utbl_chksum : 0xe619d30d) [ 570.177187][ T9054] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.332161][ T9085] veth1_vlan: left promiscuous mode [ 571.790728][ T9096] netlink: 'syz.1.738': attribute type 10 has an invalid length. [ 571.815072][ T9096] bridge0: port 2(bridge_slave_1) entered disabled state [ 571.822577][ T9096] bridge0: port 1(bridge_slave_0) entered disabled state [ 571.844080][ T9096] bridge0: port 2(bridge_slave_1) entered blocking state [ 571.851344][ T9096] bridge0: port 2(bridge_slave_1) entered forwarding state [ 571.858977][ T9096] bridge0: port 1(bridge_slave_0) entered blocking state [ 571.866171][ T9096] bridge0: port 1(bridge_slave_0) entered forwarding state [ 571.894756][ T9096] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 572.365278][ T9097] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 582.324074][ T9151] tipc: Enabling of bearer rejected, failed to enable media [ 588.538812][ T9188] loop1: detected capacity change from 0 to 32768 [ 588.559982][ T9187] fuse: Bad value for 'fd' [ 588.620567][ T9188] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 588.717498][ T9188] XFS (loop1): Ending clean mount [ 588.728517][ T9188] XFS (loop1): Quotacheck needed: Please wait. [ 588.823908][ T9188] XFS (loop1): Quotacheck: Done. [ 588.919027][ T8712] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 588.930802][ T8712] CPU: 0 PID: 8712 Comm: kworker/u5:0 Not tainted syzkaller #0 [ 588.938421][ T8712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 588.948521][ T8712] Workqueue: hci1 hci_rx_work [ 588.953272][ T8712] Call Trace: [ 588.956593][ T8712] [ 588.959635][ T8712] dump_stack_lvl+0x16c/0x230 [ 588.964348][ T8712] ? show_regs_print_info+0x20/0x20 [ 588.969582][ T8712] ? load_image+0x3b0/0x3b0 [ 588.974169][ T8712] sysfs_create_dir_ns+0x256/0x280 [ 588.979355][ T8712] ? hci_rx_work+0x43a/0xd80 [ 588.983973][ T8712] ? sysfs_warn_dup+0xa0/0xa0 [ 588.988694][ T8712] ? do_raw_spin_unlock+0x121/0x230 [ 588.993940][ T8712] kobject_add_internal+0x6b8/0xc70 [ 588.999175][ T8712] kobject_add+0x156/0x220 [ 589.003620][ T8712] ? __rwlock_init+0x150/0x150 [ 589.008411][ T8712] ? kobject_init+0x1e0/0x1e0 [ 589.013132][ T8712] ? _raw_spin_unlock+0x28/0x40 [ 589.018010][ T8712] ? get_device_parent+0x366/0x390 [ 589.023153][ T8712] device_add+0x408/0xc20 [ 589.027513][ T8712] hci_conn_add_sysfs+0xd5/0x1e0 [ 589.032487][ T8712] le_conn_complete_evt+0xc37/0x1220 [ 589.037799][ T8712] ? hci_event_packet+0x4a7/0x1210 [ 589.042956][ T8712] ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0 [ 589.049224][ T8712] ? __copy_skb_header+0xa7/0x550 [ 589.054286][ T8712] ? __mutex_unlock_slowpath+0x1a2/0x6a0 [ 589.059960][ T8712] ? skb_pull_data+0xfb/0x200 [ 589.064672][ T8712] hci_le_conn_complete_evt+0x187/0x440 [ 589.070251][ T8712] ? hci_remote_host_features_evt+0x160/0x160 [ 589.076344][ T8712] hci_event_packet+0x795/0x1210 [ 589.081333][ T8712] ? bis_list+0x290/0x290 [ 589.085698][ T8712] ? lockdep_hardirqs_on+0x98/0x150 [ 589.090936][ T8712] ? hci_send_to_monitor+0xd7/0x4f0 [ 589.096170][ T8712] hci_rx_work+0x43a/0xd80 [ 589.100636][ T8712] ? process_scheduled_works+0x957/0x15b0 [ 589.106382][ T8712] process_scheduled_works+0xa45/0x15b0 [ 589.111983][ T8712] ? assign_work+0x400/0x400 [ 589.116599][ T8712] ? assign_work+0x39e/0x400 [ 589.121215][ T8712] worker_thread+0xa55/0xfc0 [ 589.125849][ T8712] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 589.131852][ T8712] ? _raw_spin_unlock+0x40/0x40 [ 589.136717][ T8712] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 589.142649][ T8712] kthread+0x2fa/0x390 [ 589.146757][ T8712] ? pr_cont_work+0x560/0x560 [ 589.151523][ T8712] ? kthread_blkcg+0xd0/0xd0 [ 589.156137][ T8712] ret_from_fork+0x48/0x80 [ 589.160594][ T8712] ? kthread_blkcg+0xd0/0xd0 [ 589.165211][ T8712] ret_from_fork_asm+0x11/0x20 [ 589.170020][ T8712] [ 589.229014][ T8712] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 589.316727][ T8712] Bluetooth: hci1: failed to register connection device [ 590.586419][ T9210] tipc: Enabling of bearer rejected, failed to enable media [ 590.587338][ T5791] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 595.492748][ T9275] loop1: detected capacity change from 0 to 512 [ 596.102280][ T9275] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.774: corrupted in-inode xattr: invalid ea_ino [ 596.160640][ T9275] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.774: couldn't read orphan inode 15 (err -117) [ 596.214718][ T9275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 596.383091][ T9275] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000. [ 596.441308][ T9280] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 597.636743][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.224545][ T9302] netlink: 12 bytes leftover after parsing attributes in process `syz.0.781'. [ 608.195307][ T9367] overlayfs: failed to clone lowerpath [ 608.214374][ T9367] overlayfs: failed to clone upperpath [ 609.092691][ T9369] 9pnet_virtio: no channels available for device syz [ 611.658520][ T9391] tipc: Enabling of bearer rejected, failed to enable media [ 614.193336][ T9418] tipc: Enabling of bearer rejected, failed to enable media [ 615.328119][ T5828] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 615.369959][ T9435] tipc: Enabling of bearer rejected, failed to enable media [ 616.041359][ T9442] @: renamed from vlan0 (while UP) [ 616.550454][ T5828] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 616.590188][ T5828] usb 2-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 616.667769][ T5828] usb 2-1: config 0 interface 0 has no altsetting 0 [ 616.719686][ T5828] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 616.755859][ T5828] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 616.782625][ T5828] usb 2-1: Product: syz [ 616.795343][ T5828] usb 2-1: Manufacturer: syz [ 616.805970][ T5828] usb 2-1: SerialNumber: syz [ 616.982200][ T9447] overlayfs: failed to clone upperpath [ 616.999333][ T5828] usb 2-1: config 0 descriptor?? [ 617.895570][ T5828] snd-usb-audio: probe of 2-1:0.0 failed with error -22 [ 617.915266][ T9455] overlayfs: failed to resolve './file1': -2 [ 617.990406][ T5828] usb 2-1: USB disconnect, device number 7 [ 618.029716][ T9269] udevd[9269]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 618.056680][ T9462] loop1: detected capacity change from 0 to 764 [ 618.093994][ T9461] tipc: Enabled bearer , priority 0 [ 618.121359][ T9461] syzkaller0: entered promiscuous mode [ 618.126894][ T9461] syzkaller0: entered allmulticast mode [ 618.142394][ T9462] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 618.172379][ T9461] tipc: Resetting bearer [ 618.192126][ T9460] tipc: Resetting bearer [ 618.255196][ T9460] tipc: Disabling bearer [ 619.246975][ T9472] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode [ 619.384790][ T9472] batman_adv: batadv0: Interface deactivated: dummy0 [ 619.408295][ T9472] batman_adv: batadv0: Removing interface: dummy0 [ 619.433855][ T9472] bridge_slave_0: left allmulticast mode [ 619.453970][ T9472] bridge_slave_0: left promiscuous mode [ 619.498744][ T9472] bridge0: port 1(bridge_slave_0) entered disabled state [ 619.617648][ T9472] bridge_slave_1: left allmulticast mode [ 619.740835][ T9472] bridge_slave_1: left promiscuous mode [ 619.772816][ T9472] bridge0: port 2(bridge_slave_1) entered disabled state [ 620.216526][ T9472] bond0: (slave bond_slave_0): Releasing backup interface [ 620.474778][ T9472] bond0: (slave bond_slave_1): Releasing backup interface [ 620.607341][ T9472] team0: Port device team_slave_0 removed [ 620.704336][ T9472] team0: Port device team_slave_1 removed [ 620.711449][ T9472] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 620.728141][ T9472] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 620.750040][ T9472] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 620.757511][ T9472] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 620.815803][ T9472] bond1: (slave gretap1): Releasing active interface [ 620.838047][ T9472] gretap1: left allmulticast mode [ 621.039931][ T9475] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 621.049502][ T9475] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 621.058150][ T9473] netlink: 'syz.3.827': attribute type 10 has an invalid length. [ 621.059147][ T9475] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 621.066929][ T9473] mac80211_hwsim hwsim9 wlan1: left allmulticast mode [ 621.142485][ T9473] 8021q: adding VLAN 0 to HW filter on device bond0 [ 621.180989][ T9473] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 624.693333][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.699845][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.525405][ T9505] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 629.847768][ T9547] netlink: 48 bytes leftover after parsing attributes in process `syz.0.844'. [ 631.477722][ T9558] loop1: detected capacity change from 0 to 2048 [ 632.371140][ T9558] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 639.454040][ T28] IPVS: starting estimator thread 0... [ 639.783618][ T9600] IPVS: using max 26 ests per chain, 62400 per kthread [ 647.936985][ T9666] tipc: Enabling of bearer rejected, failed to enable media [ 648.050589][ T9668] picdev_read: 77 callbacks suppressed [ 648.050603][ T9668] kvm: pic: non byte read [ 648.081586][ T9668] kvm: pic: non byte read [ 648.088445][ T9668] kvm: pic: non byte read [ 648.093303][ T9668] kvm: pic: non byte read [ 648.100455][ T9668] kvm: pic: non byte read [ 648.126218][ T9668] kvm: pic: non byte read [ 648.143231][ T9668] kvm: pic: non byte read [ 648.152768][ T9668] kvm: pic: non byte read [ 648.161649][ T9668] kvm: pic: non byte read [ 648.167802][ T27] audit: type=1326 audit(1758332331.707:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9673 comm="syz.3.873" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x0 [ 648.184480][ T9668] kvm: pic: non byte read [ 648.194825][ T9671] loop1: detected capacity change from 0 to 512 [ 648.205445][ T9671] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 648.224045][ T9671] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 648.315270][ T9671] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 648.413267][ T9671] EXT4-fs (loop1): 1 truncate cleaned up [ 648.447093][ T9671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 651.420212][ T9695] netlink: 12 bytes leftover after parsing attributes in process `syz.3.880'. [ 651.436110][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 654.634781][ T9708] loop1: detected capacity change from 0 to 32768 [ 654.904722][ T9708] ocfs2: Slot 0 on device (7,1) was already allocated to this node! [ 655.000440][ T9726] overlayfs: failed to clone upperpath [ 655.080095][ T9708] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 656.400910][ T27] audit: type=1800 audit(1758332339.947:16): pid=9733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.885" name="file1" dev="loop1" ino=17059 res=0 errno=0 [ 656.637184][ T5791] ocfs2: Unmounting device (7,1) on (node local) [ 659.196319][ T9747] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 660.456805][ T9761] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 662.062579][ T9772] tipc: Enabled bearer , priority 0 [ 665.116178][ T9792] ceph: No mds server is up or the cluster is laggy [ 665.123410][ T28] libceph: connect (1)[c::]:6789 error -101 [ 665.150785][ T28] libceph: mon0 (1)[c::]:6789 connect error [ 665.698153][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.908'. [ 665.707237][ T9800] netlink: 4 bytes leftover after parsing attributes in process `syz.1.908'. [ 665.729832][ T9800] netlink: 'syz.1.908': attribute type 2 has an invalid length. [ 665.737782][ T9800] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.908'. [ 668.011580][ T9815] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '' [ 672.370377][ T9848] tipc: Enabling of bearer rejected, already enabled [ 674.075563][ T9855] fuse: Unknown parameter '184467440737095516150xffffffffffffffff' [ 678.258660][ T9881] loop1: detected capacity change from 0 to 512 [ 678.309818][ T9884] tipc: Enabling of bearer rejected, failed to enable media [ 678.482218][ T9881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 678.533144][ T9881] ext4 filesystem being mounted at /216/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 681.332783][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 683.549120][ T9923] 9pnet_fd: Insufficient options for proto=fd [ 684.543436][ T9940] tipc: Enabling of bearer rejected, already enabled [ 686.337701][ T9958] random: crng reseeded on system resumption [ 687.184811][ T9961] overlayfs: failed to clone upperpath [ 687.281263][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 687.741930][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 690.596596][ T9985] tipc: Enabling of bearer rejected, failed to enable media [ 693.451120][T10018] loop1: detected capacity change from 0 to 16 [ 693.535620][T10018] erofs: (device loop1): mounted with root inode @ nid 36. [ 697.739449][T10040] tipc: Enabling of bearer rejected, already enabled [ 698.450225][T10050] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 700.469302][T10063] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 700.480975][T10063] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 701.266770][T10071] program syz.1.984 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 701.816568][T10071] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 703.975289][T10087] tipc: Enabling of bearer rejected, already enabled [ 704.454456][T10092] netlink: 24 bytes leftover after parsing attributes in process `syz.1.980'. [ 705.477015][T10102] loop1: detected capacity change from 0 to 64 [ 710.841351][T10138] tipc: Enabling of bearer rejected, already enabled [ 711.180487][T10148] loop1: detected capacity change from 0 to 1024 [ 711.774225][T10148] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 712.025846][T10148] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 713.126898][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 714.880923][T10179] xt_TCPMSS: Only works on TCP SYN packets [ 714.915791][T10141] bridge0: port 2(bridge_slave_1) entered disabled state [ 714.923267][T10141] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.824670][T10182] loop1: detected capacity change from 0 to 256 [ 718.441838][T10141] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 718.545905][T10141] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 719.416336][T10212] loop1: detected capacity change from 0 to 764 [ 719.448384][T10212] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 719.611536][ T8712] Bluetooth: hci3: command 0x0406 tx timeout [ 719.954484][T10141] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 719.963446][T10141] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 719.972484][T10141] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 719.983658][T10141] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.285483][T10193] syzkaller0: entered promiscuous mode [ 720.291401][T10193] syzkaller0: entered allmulticast mode [ 720.862345][ T43] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 720.907253][T10227] loop1: detected capacity change from 0 to 128 [ 720.935278][T10227] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 720.953862][T10227] ext4 filesystem being mounted at /239/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 721.196044][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 721.207382][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 721.217794][ T43] usb 3-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 721.227190][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 721.238768][ T43] usb 3-1: config 0 descriptor?? [ 722.007377][ T5791] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 724.543046][ T43] usbhid 3-1:0.0: can't add hid device: -71 [ 724.551412][ T43] usbhid: probe of 3-1:0.0 failed with error -71 [ 724.563264][T10173] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 724.573680][ T43] usb 3-1: USB disconnect, device number 4 [ 724.871340][T10173] usb 2-1: Using ep0 maxpacket: 8 [ 724.943820][T10173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0 [ 725.025831][T10173] usb 2-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b [ 725.189987][T10173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 725.492543][T10173] usb 2-1: config 0 descriptor?? [ 725.498303][T10173] usb 2-1: can't set config #0, error -71 [ 725.506160][T10173] usb 2-1: USB disconnect, device number 8 [ 725.587416][ C0] EXT4-fs (loop2): error count since last fsck: 1 [ 725.594647][ C0] EXT4-fs (loop2): initial error at time 1758332105: ext4_xattr_ibody_find:2244: inode 15 [ 725.604679][ C0] EXT4-fs (loop2): last error at time 1758332105: ext4_xattr_ibody_find:2244: inode 15 [ 728.081427][T10284] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1025'. [ 729.735357][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 731.007625][T10173] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 731.875720][T10173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 731.902925][T10173] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 731.928006][T10173] usb 2-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 731.945485][T10173] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 731.976043][T10173] usb 2-1: config 0 descriptor?? [ 732.352620][T10332] tipc: Enabled bearer , priority 0 [ 732.398932][T10332] tipc: Resetting bearer [ 732.465693][T10331] tipc: Disabling bearer [ 733.863138][T10173] usbhid 2-1:0.0: can't add hid device: -71 [ 733.886541][T10173] usbhid: probe of 2-1:0.0 failed with error -71 [ 733.939204][T10173] usb 2-1: USB disconnect, device number 9 [ 736.209506][ T8712] Bluetooth: Wrong link type (-71) [ 737.775016][T10372] net_ratelimit: 10 callbacks suppressed [ 737.780883][T10372] netlink: get zone limit has 8 unknown bytes [ 738.979403][T10378] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 742.836755][T10405] loop1: detected capacity change from 0 to 4096 [ 742.897208][T10408] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 743.015151][T10409] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 745.343101][T10433] sg_write: data in/out 91/10 bytes for SCSI command 0xc0-- guessing data in; [ 745.343101][T10433] program syz.2.1061 not setting count and/or reply_len properly [ 752.559813][T10476] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nullb0": -EINTR [ 752.560969][T10480] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 753.073565][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 753.079941][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 759.816686][T10541] loop1: detected capacity change from 0 to 512 [ 759.881297][T10541] EXT4-fs warning (device loop1): ext4_enable_quotas:7175: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 760.264418][T10546] tipc: Enabling of bearer rejected, already enabled [ 760.373833][T10541] EXT4-fs (loop1): mount failed [ 762.394423][T10555] syzkaller0: entered promiscuous mode [ 762.546473][T10555] syzkaller0: entered allmulticast mode [ 763.871781][T10570] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1095'. [ 766.739595][T10594] netlink: 'syz.2.1099': attribute type 10 has an invalid length. [ 767.772142][ T27] audit: type=1326 audit(1758332444.713:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10601 comm="syz.0.1104" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x0 [ 773.054508][T10633] trusted_key: syz.3.1110 sent an empty control message without MSG_MORE. [ 782.899821][ T27] audit: type=1326 audit(1758332458.838:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 782.927927][T10713] tipc: Enabling of bearer rejected, already enabled [ 783.840654][ T27] audit: type=1326 audit(1758332458.838:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 783.981081][ T27] audit: type=1326 audit(1758332458.838:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 784.799680][ T27] audit: type=1326 audit(1758332458.838:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 784.920706][ T27] audit: type=1326 audit(1758332458.838:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 784.956916][ T27] audit: type=1326 audit(1758332458.838:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 784.981208][ T27] audit: type=1326 audit(1758332458.838:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 785.004211][ T27] audit: type=1326 audit(1758332458.838:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 785.050550][ T27] audit: type=1326 audit(1758332458.838:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 785.077574][ T27] audit: type=1326 audit(1758332458.838:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10705 comm="syz.0.1130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 785.650148][T10734] netlink: get zone limit has 8 unknown bytes [ 789.051048][T10747] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR [ 791.739438][T10761] tipc: Enabling of bearer rejected, failed to enable media [ 791.909296][T10763] tipc: Enabled bearer , priority 0 [ 791.983409][T10763] tipc: Resetting bearer [ 792.035726][T10760] tipc: Disabling bearer [ 793.575232][T10787] loop1: detected capacity change from 0 to 1024 [ 793.589489][T10787] hfsplus: unable to parse mount options [ 794.218324][T10789] 8021q: adding VLAN 0 to HW filter on device bond0 [ 794.227630][T10789] 8021q: adding VLAN 0 to HW filter on device team0 [ 794.248114][T10789] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 794.278940][T10794] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1157'. [ 795.815067][T10805] netlink: 'syz.0.1152': attribute type 21 has an invalid length. [ 799.193060][T10827] tipc: Enabling of bearer rejected, failed to enable media [ 799.216631][T10825] tipc: Enabling of bearer rejected, failed to enable media [ 803.498231][T10876] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 804.647233][T10881] team0: left allmulticast mode [ 804.652125][T10881] team_slave_0: left allmulticast mode [ 804.690883][T10881] team_slave_1: left allmulticast mode [ 804.710017][T10881] team0: left promiscuous mode [ 804.725664][T10881] team_slave_0: left promiscuous mode [ 804.752261][T10881] team_slave_1: left promiscuous mode [ 804.765149][T10881] bridge0: port 3(team0) entered disabled state [ 804.821091][T10881] bridge_slave_0: left allmulticast mode [ 804.917770][T10881] bridge_slave_0: left promiscuous mode [ 804.959424][T10881] bridge0: port 1(bridge_slave_0) entered disabled state [ 804.975072][T10881] bridge_slave_1: left allmulticast mode [ 804.981105][T10881] bridge_slave_1: left promiscuous mode [ 804.989101][T10881] bridge0: port 2(bridge_slave_1) entered disabled state [ 805.042428][T10881] bond0: (slave bond_slave_0): Releasing backup interface [ 805.151223][T10881] bond0: (slave bond_slave_1): Releasing backup interface [ 805.270772][T10881] team0: Port device team_slave_0 removed [ 805.351658][T10881] team0: Port device team_slave_1 removed [ 805.372302][T10881] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 805.379743][T10881] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 805.393609][T10881] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 805.402312][T10881] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 805.426397][T10881] netdevsim netdevsim2 netdevsim0: left allmulticast mode [ 805.437695][T10881] netdevsim netdevsim2 netdevsim0: left promiscuous mode [ 805.445111][T10881] bridge0: port 4(netdevsim0) entered disabled state [ 805.469973][T10883] vlan0: entered promiscuous mode [ 805.666178][T10883] team0: Port device vlan0 added [ 805.675265][T10884] tipc: Enabled bearer , priority 0 [ 805.701024][T10888] tipc: Enabling of bearer rejected, already enabled [ 808.197668][T10902] atomic_op ffff88802d562998 conn xmit_atomic 0000000000000000 [ 812.753452][T10948] tipc: Enabling of bearer rejected, already enabled [ 812.842359][T10951] tmpfs: Bad value for 'mpol' [ 818.637103][T10982] tipc: Enabling of bearer rejected, already enabled [ 818.738795][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 818.745158][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 819.266314][T10985] tipc: Enabling of bearer rejected, already enabled [ 820.117192][T10998] SET target dimension over the limit! [ 820.403086][T11000] loop1: detected capacity change from 0 to 1024 [ 820.410843][T11000] hfsplus: unable to parse mount options [ 820.718247][T10979] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 822.427531][T11020] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1198'. [ 822.922586][T11026] tipc: Enabling of bearer rejected, failed to enable media [ 823.269507][T11038] tipc: Enabling of bearer rejected, already enabled [ 823.572092][T11042] netlink: 'syz.0.1200': attribute type 3 has an invalid length. [ 826.117628][T11061] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1207'. [ 826.127071][T11061] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1207'. [ 826.220748][T11061] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 826.230220][T11061] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 826.238986][T11061] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 826.247790][T11061] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 827.331580][T11065] loop1: detected capacity change from 0 to 764 [ 827.395897][T11065] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 827.694128][T11071] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1209'. [ 827.703487][T11071] netlink: zone id is out of range [ 827.711870][T11071] netlink: set zone limit has 8 unknown bytes [ 828.635512][T11076] tipc: Enabling of bearer rejected, failed to enable media [ 829.080655][T11089] tmpfs: Bad value for 'mpol' [ 831.632407][T11098] tipc: Enabling of bearer rejected, failed to enable media [ 837.048048][T11143] tipc: Enabling of bearer rejected, failed to enable media [ 837.356422][T11151] overlayfs: failed to clone upperpath [ 838.492111][T11161] tipc: Enabling of bearer rejected, already enabled [ 838.794319][T11164] loop1: detected capacity change from 0 to 1024 [ 838.915925][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 838.915942][ T27] audit: type=1800 audit(1758332511.267:38): pid=11164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1225" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 839.796960][ T6805] hfsplus: b-tree write err: -5, ino 4 [ 839.949861][T11173] tipc: Enabling of bearer rejected, failed to enable media [ 841.850192][T11192] mmap: syz.1.1231 (11192) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 843.958433][T11202] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 844.388691][T11209] netlink: 4280 bytes leftover after parsing attributes in process `syz.0.1236'. [ 847.033274][T11223] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 848.234119][T11228] tipc: Enabling of bearer rejected, already enabled [ 848.663714][T11232] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1240'. [ 848.673012][T11232] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1240'. [ 849.011779][T11232] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 849.020681][T11232] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 849.029448][T11232] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 849.038290][T11232] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 850.282716][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 854.861387][T11269] tipc: Enabling of bearer rejected, already enabled [ 855.057301][T11272] tipc: Enabling of bearer rejected, already enabled [ 855.632889][T11276] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1253'. [ 855.642170][T11276] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1253'. [ 855.681196][T11276] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 855.690988][T11276] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 855.699820][T11276] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 855.708618][T11276] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 856.626334][T11282] loop1: detected capacity change from 0 to 128 [ 857.429843][T11282] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 857.442738][T11282] ext4 filesystem being mounted at /290/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 858.551450][ T5791] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 859.124196][T11295] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1257'. [ 860.480766][T11299] tipc: Enabling of bearer rejected, already enabled [ 861.525181][T11310] netlink: 'syz.2.1261': attribute type 16 has an invalid length. [ 861.536620][T11310] netlink: 'syz.2.1261': attribute type 17 has an invalid length. [ 862.526683][T11310] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 867.830299][T11327] team0: Mode changed to "random" [ 867.884064][T11327] team0: Port device vlan0 added [ 867.912694][T11327] tipc: Enabled bearer , priority 0 [ 869.890505][T11351] overlayfs: failed to clone lowerpath [ 876.508742][T11396] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10) [ 876.515444][T11396] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 876.551050][T11396] vhci_hcd vhci_hcd.0: Device attached [ 876.621360][T11401] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13) [ 876.628028][T11401] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 876.648699][T11401] vhci_hcd vhci_hcd.0: Device attached [ 876.654910][T11396] vhci_hcd vhci_hcd.0: pdev(2) rhport(2) sockfd(15) [ 876.661533][T11396] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 876.669498][T11396] vhci_hcd vhci_hcd.0: Device attached [ 877.469744][T11401] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 877.501637][T10173] usb 37-1: new low-speed USB device number 3 using vhci_hcd [ 877.515682][T11396] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(17) [ 877.522354][T11396] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 877.564606][T11401] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(21) [ 877.571263][T11401] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 877.597909][T11401] vhci_hcd vhci_hcd.0: Device attached [ 877.635156][T11401] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 877.647298][T11396] vhci_hcd vhci_hcd.0: Device attached [ 877.770339][T11401] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 877.860943][T11396] vhci_hcd vhci_hcd.0: pdev(2) rhport(6) sockfd(20) [ 877.867695][T11396] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 877.876749][T11396] vhci_hcd vhci_hcd.0: Device attached [ 878.754397][T11396] vhci_hcd vhci_hcd.0: port 0 already used [ 878.797410][T11406] vhci_hcd: connection closed [ 878.797642][T11404] vhci_hcd: connection closed [ 878.806558][T11421] vhci_hcd: connection closed [ 878.811488][T11415] vhci_hcd: connection closed [ 878.826769][T11413] vhci_hcd: connection closed [ 878.835191][ T12] vhci_hcd: stop threads [ 878.846991][T11397] vhci_hcd: connection reset by peer [ 879.028529][ T12] vhci_hcd: release socket [ 879.812242][ T12] vhci_hcd: disconnect device [ 879.819525][ T12] vhci_hcd: stop threads [ 879.824417][ T12] vhci_hcd: release socket [ 879.829022][ T12] vhci_hcd: disconnect device [ 879.928020][ T12] vhci_hcd: stop threads [ 880.120175][ T12] vhci_hcd: release socket [ 880.135808][ T12] vhci_hcd: disconnect device [ 880.745509][ T12] vhci_hcd: stop threads [ 880.749791][ T12] vhci_hcd: release socket [ 880.783961][T11441] pimreg: entered allmulticast mode [ 880.799428][ T12] vhci_hcd: disconnect device [ 880.809177][ T12] vhci_hcd: stop threads [ 880.813494][ T12] vhci_hcd: release socket [ 880.986628][ T12] vhci_hcd: disconnect device [ 880.991770][ T12] vhci_hcd: stop threads [ 880.996358][ T12] vhci_hcd: release socket [ 881.001984][ T12] vhci_hcd: disconnect device [ 881.020355][T11433] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1287'. [ 881.038343][T11441] pimreg: left allmulticast mode [ 881.947320][T11448] erspan0: entered promiscuous mode [ 881.970945][T11448] batman_adv: batadv0: Adding interface: macvlan2 [ 881.977409][T11448] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1450) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 882.134917][T11448] batman_adv: batadv0: Interface activated: macvlan2 [ 883.070387][T10173] vhci_hcd: vhci_device speed not set [ 884.604955][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 884.617178][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 885.665792][ T23] usb usb38-port1: attempt power cycle [ 885.972358][T11473] overlayfs: failed to resolve './bus': -2 [ 886.996068][ T23] usb usb38-port1: unable to enumerate USB device [ 887.838026][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1298'. [ 887.875976][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1298'. [ 888.146010][T11490] pimreg: entered allmulticast mode [ 888.472794][T11493] "syz.0.1309" (11493) uses obsolete ecb(arc4) skcipher [ 889.145422][T11490] pimreg: left allmulticast mode [ 892.569192][T11512] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1302'. [ 893.809791][T11525] : renamed from bond0 (while UP) [ 895.482893][ T23] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 895.667625][ T23] usb 3-1: device descriptor read/64, error -71 [ 896.181669][ T23] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 896.637976][ T23] usb 3-1: device descriptor read/64, error -71 [ 896.903653][ T23] usb usb3-port1: attempt power cycle [ 898.989935][T11556] 9pnet_fd: Insufficient options for proto=fd [ 899.024059][T11560] tipc: Enabling of bearer rejected, failed to enable media [ 901.711893][T11585] loop1: detected capacity change from 0 to 512 [ 901.788594][T11585] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 901.827206][T11585] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 903.176759][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 903.882277][T11597] loop1: detected capacity change from 0 to 2048 [ 904.300111][T11597] loop1: p3 p4 [ 904.360081][T11597] loop1: p4 size 589824 extends beyond EOD, truncated [ 904.717532][T11597] geneve1: entered promiscuous mode [ 905.482622][T11608] (null): rxe_set_mtu: Set mtu to 256 [ 905.490594][T11608] lo speed is unknown, defaulting to 1000 [ 905.499004][T11608] lo speed is unknown, defaulting to 1000 [ 905.505682][T11608] lo speed is unknown, defaulting to 1000 [ 906.954457][T11608] infiniband sz1: set active [ 906.960725][T11608] infiniband sz1: added lo [ 906.967483][T11608] sz1: rxe_create_cq: returned err = -12 [ 906.973803][T11608] infiniband sz1: Couldn't create ib_mad CQ [ 906.980218][T11608] infiniband sz1: Couldn't open port 1 [ 907.019146][ T9] lo speed is unknown, defaulting to 1000 [ 907.037609][T11608] RDS/IB: sz1: added [ 907.042493][T11608] smc: adding ib device sz1 with port count 1 [ 907.048925][T11608] smc: ib device sz1 port 1 has pnetid [ 907.059552][T11608] lo speed is unknown, defaulting to 1000 [ 907.140802][ T9] lo speed is unknown, defaulting to 1000 [ 907.271391][T11608] lo speed is unknown, defaulting to 1000 [ 907.388359][T11608] lo speed is unknown, defaulting to 1000 [ 907.507578][T11608] lo speed is unknown, defaulting to 1000 [ 907.903659][T10595] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 907.923368][T10595] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 909.520891][T11630] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1330'. [ 916.790931][T11665] netlink: 'syz.2.1338': attribute type 10 has an invalid length. [ 917.246289][T11665] team0: Port device wlan1 added [ 917.465084][T11668] netlink: 'syz.1.1339': attribute type 10 has an invalid length. [ 917.583202][T11668] team0: Port device wlan1 added [ 918.873624][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 930.110707][ T5800] Bluetooth: hci4: command 0x1003 tx timeout [ 930.120165][ T8712] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 930.320014][T11719] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1351'. [ 935.287015][T11755] rdma_op ffff88801df1f9f0 conn xmit_rdma 0000000000000000 [ 937.774238][T11759] loop1: detected capacity change from 0 to 32768 [ 937.791533][T11759] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1362 (11759) [ 937.834511][T11759] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 937.893527][T11759] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 937.928814][T11759] BTRFS error (device loop1): superblock checksum mismatch [ 937.943819][T11554] udevd[11554]: incorrect btrfs checksum on /dev/loop1 [ 937.952933][T11759] BTRFS error (device loop1): open_ctree failed: -22 [ 940.265633][T11774] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 940.275072][T11774] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 940.284766][T11774] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 943.548194][ T27] audit: type=1326 audit(1758332608.848:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 944.157359][ T27] audit: type=1326 audit(1758332608.848:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 944.219085][ T27] audit: type=1326 audit(1758332608.848:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 944.260440][ T27] audit: type=1326 audit(1758332608.848:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 944.306115][ T27] audit: type=1326 audit(1758332608.848:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 944.360007][ T27] audit: type=1326 audit(1758332608.848:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 945.320332][ T27] audit: type=1326 audit(1758332608.857:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 945.365877][ T27] audit: type=1326 audit(1758332608.857:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 945.429288][ T27] audit: type=1326 audit(1758332608.857:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 945.518028][ T27] audit: type=1326 audit(1758332608.857:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11788 comm="syz.0.1369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 945.629066][T11800] trusted_key: encrypted_key: insufficient parameters specified [ 948.282047][T11815] loop1: detected capacity change from 0 to 32768 [ 949.088204][T11815] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 949.567001][ T5791] ocfs2: Unmounting device (7,1) on (node local) [ 949.938544][T11832] block device autoloading is deprecated and will be removed. [ 950.039154][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 950.045722][ T1283] ieee802154 phy1 wpan1: encryption failed: -22 [ 950.534102][T11835] loop1: detected capacity change from 0 to 1024 [ 950.615222][T11835] ext4: Unknown parameter 'euid<00000000000000000000' [ 951.273752][T11843] binder: 11831:11843 ioctl 4018620d 0 returned -22 [ 951.763338][T11821] geneve1: entered promiscuous mode [ 951.876917][T11845] loop1: detected capacity change from 0 to 512 [ 951.899051][T11845] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 951.983679][T11845] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 952.234143][T11845] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 952.298214][T11845] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 952.357844][T11845] System zones: 0-2, 18-18, 34-35 [ 952.364778][T11845] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 954.811094][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 955.080570][T11845] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.1383: bg 0: block 353: padding at end of block bitmap is not set [ 955.373418][T11861] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1386'. [ 956.000847][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 956.344482][ T8712] Bluetooth: hci3: unexpected event for opcode 0x2023 [ 959.875162][T11886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1392'. [ 961.273039][ T43] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 961.589018][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 961.614122][ T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 961.642317][ T43] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 961.753764][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 961.776081][ T43] usb 3-1: config 0 descriptor?? [ 962.512419][ T43] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 962.592453][ T43] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0 [ 962.618693][ T43] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0006/input/input10 [ 962.855501][ T43] cm6533_jd 0003:0D8C:0022.0006: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 964.128036][ T43] usb 3-1: reset high-speed USB device number 8 using dummy_hcd [ 964.252957][T11914] syz_tun: entered allmulticast mode [ 964.737715][T11917] dvmrp8: entered allmulticast mode [ 965.310336][T10173] usb 3-1: USB disconnect, device number 8 [ 965.450860][T11922] sctp: [Deprecated]: syz.3.1401 (pid 11922) Use of struct sctp_assoc_value in delayed_ack socket option. [ 965.450860][T11922] Use struct sctp_sack_info instead [ 966.165764][T11926] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1402'. [ 967.250242][ T8712] Bluetooth: hci2: command 0x0406 tx timeout [ 968.243585][T11930] befs: (nullb0): No write support. Marking filesystem read-only [ 968.251577][T11930] befs: (nullb0): invalid magic header [ 970.319925][T11943] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1404'. [ 971.988591][T11957] loop1: detected capacity change from 0 to 4096 [ 972.096145][T11959] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 973.727489][ T28] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 974.011900][ T28] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 974.069361][ T28] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 974.088385][ T28] usb 3-1: Product: syz [ 974.101510][ T28] usb 3-1: Manufacturer: syz [ 974.112224][ T28] usb 3-1: SerialNumber: syz [ 974.124569][ T28] usb 3-1: config 0 descriptor?? [ 974.124690][ T43] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 974.338737][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 974.368806][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 974.378655][ T43] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 974.437561][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 974.451438][ T43] usb 2-1: config 0 descriptor?? [ 974.567109][ T28] usb 3-1: Firmware version (0.0) predates our first public release. [ 974.581601][ T28] usb 3-1: Please update to version 0.2 or newer [ 974.671879][ T28] usb 3-1: USB disconnect, device number 9 [ 975.640355][ T43] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 975.678207][ T43] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0 [ 976.341347][ T43] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0007/input/input11 [ 976.367550][ T43] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0 [ 978.829936][ T43] usb 2-1: USB disconnect, device number 10 [ 981.338176][T12012] ceph: No mds server is up or the cluster is laggy [ 981.350145][ T28] libceph: connect (1)[c::]:6789 error -101 [ 981.356189][ T28] libceph: mon0 (1)[c::]:6789 connect error [ 983.453904][T12036] trusted_key: encrypted_key: insufficient parameters specified [ 985.991998][T12052] netlink: 356 bytes leftover after parsing attributes in process `syz.3.1428'. [ 994.034729][T12118] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1441'. [ 995.780709][T12123] overlayfs: failed to clone upperpath [ 998.959984][T12139] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1446'. [ 1008.101199][T12201] overlayfs: failed to resolve './file0': -2 [ 1008.574513][T12205] loop1: detected capacity change from 0 to 764 [ 1008.619463][T12202] random: crng reseeded on system resumption [ 1009.707212][T12203] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1459'. [ 1010.290206][T10595] IPVS: starting estimator thread 0... [ 1010.388894][T12205] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1010.449456][T12209] IPVS: using max 18 ests per chain, 43200 per kthread [ 1016.047987][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1016.162512][T12236] lo speed is unknown, defaulting to 1000 [ 1016.168430][T12236] lo speed is unknown, defaulting to 1000 [ 1016.175249][T12236] lo speed is unknown, defaulting to 1000 [ 1016.192764][T12236] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 1016.586608][T12236] lo speed is unknown, defaulting to 1000 [ 1016.596018][T12236] lo speed is unknown, defaulting to 1000 [ 1016.604527][T12236] lo speed is unknown, defaulting to 1000 [ 1016.611970][T12236] lo speed is unknown, defaulting to 1000 [ 1018.418053][T12252] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1469'. [ 1018.476261][T12254] 9pnet_fd: Insufficient options for proto=fd [ 1018.532413][T12252] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1469'. [ 1019.591438][T12260] overlayfs: failed to clone upperpath [ 1023.712170][T12297] netlink: 356 bytes leftover after parsing attributes in process `syz.0.1485'. [ 1024.671517][T12301] netlink: 'syz.1.1481': attribute type 4 has an invalid length. [ 1025.971849][T12315] siw: device registration error -23 [ 1026.884466][T12311] netlink: 'syz.1.1481': attribute type 4 has an invalid length. [ 1032.738948][T12349] netlink: 'syz.0.1495': attribute type 39 has an invalid length. [ 1045.155239][T12430] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1503'. [ 1045.750419][T12435] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1045.766430][ T28] lo speed is unknown, defaulting to 1000 [ 1045.813716][T12433] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1515'. [ 1045.866262][T12433] 0ªî{X¹¦: renamed from gretap0 (while UP) [ 1045.934994][T12433] 0ªî{X¹¦: entered allmulticast mode [ 1045.945304][T12433] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 1046.236220][T12442] loop1: detected capacity change from 0 to 16 [ 1046.432452][T12442] erofs: (device loop1): mounted with root inode @ nid 36. [ 1050.134966][T12472] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter' [ 1054.754346][T12493] syzkaller0: entered promiscuous mode [ 1054.760019][T12493] syzkaller0: entered allmulticast mode [ 1056.023484][T12494] loop1: detected capacity change from 0 to 32768 [ 1056.499160][T12494] [ 1056.499160][T12494] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1056.499160][T12494] [ 1056.595542][T12494] find_entry called with index = 0 [ 1056.604301][T12494] read_mapping_page failed! [ 1056.609548][T12494] ERROR: (device loop1): txCommit: [ 1056.609548][T12494] [ 1056.847650][T12499] ERROR: (device loop1): diWrite: ixpxd invalid [ 1056.847650][T12499] [ 1056.856836][T12499] ERROR: (device loop1): txCommit: [ 1056.856836][T12499] [ 1058.860770][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 1058.860790][ T27] audit: type=1107 audit(1758332717.005:65): pid=12500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='‰¤Œá:ËšœS&HŸÌHÌQ9ÆÙBc8’obRQµ,Ì©îJ9C¹—™öVM\ÜáïLø®úC&S««fµ^Ò¤[™µ5ŸÆ©á¯ãËŽi¿ÜfÙËkeÎwEtÉ•²è—á:ˆJ‡°×ÇÖc¥ŒN6}¦)ù½ÿÌ[¬Wï’z§_w´p:'ä3Ý' [ 1059.007438][ T5791] [ 1059.007438][ T5791] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1059.007438][ T5791] [ 1059.074457][ T5791] [ 1059.074457][ T5791] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 1059.074457][ T5791] [ 1059.141830][T12504] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1533'. [ 1062.763038][T12533] loop1: detected capacity change from 0 to 2048 [ 1062.765334][T12533] UDF-fs: bad mount option "18446744073709551615" or missing value [ 1064.128575][T12438] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 1064.950452][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1069.267217][T12561] syzkaller0: entered promiscuous mode [ 1069.273683][T12561] syzkaller0: entered allmulticast mode [ 1072.645205][T12597] lo speed is unknown, defaulting to 1000 [ 1072.821041][T12597] lo speed is unknown, defaulting to 1000 [ 1072.907775][T12593] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 1075.569909][T12622] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1551'. [ 1075.883128][T12629] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1553'. [ 1077.406084][T12644] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1555'. [ 1078.304852][T12644] loop1: detected capacity change from 0 to 40427 [ 1078.356139][T12644] F2FS-fs (loop1): Invalid log sectorsize (131081) [ 1078.362747][T12644] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 1078.372763][T12644] F2FS-fs (loop1): Invalid gid value -1 [ 1081.375728][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1082.238429][T12669] loop1: detected capacity change from 0 to 4096 [ 1084.231493][T12676] netlink: 84 bytes leftover after parsing attributes in process `syz.0.1563'. [ 1090.727616][T12717] netlink: 'syz.3.1571': attribute type 4 has an invalid length. [ 1090.768992][T10595] lo speed is unknown, defaulting to 1000 [ 1090.777425][T12717] netlink: 'syz.3.1571': attribute type 4 has an invalid length. [ 1092.101009][ T5857] lo speed is unknown, defaulting to 1000 [ 1095.675347][T12749] netlink: 'syz.2.1579': attribute type 3 has an invalid length. [ 1095.684016][T12749] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1579'. [ 1096.527102][T12753] tipc: Bearer : already 2 bearers with priority 0 [ 1096.542525][T12753] tipc: Enabling of bearer rejected, cannot adjust to lower [ 1096.825130][T12756] No such timeout policy "syz1" [ 1101.123067][T12783] tipc: Enabling of bearer rejected, failed to enable media [ 1101.742177][T12789] pim6reg: entered allmulticast mode [ 1101.848824][T12787] netlink: 'syz.1.1588': attribute type 3 has an invalid length. [ 1101.857196][T12787] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1588'. [ 1106.068930][T12819] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1596'. [ 1108.943261][T12835] tipc: Enabling of bearer rejected, failed to enable media [ 1109.006048][T12837] syz.3.1594 (12837): attempted to duplicate a private mapping with mremap. This is not supported. [ 1111.454929][T12856] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.1602'. [ 1113.831182][T12865] siw: device registration error -23 [ 1113.855196][T12871] tipc: Enabling of bearer rejected, failed to enable media [ 1115.838651][T12899] pim6reg: entered allmulticast mode [ 1116.992308][ T8712] Bluetooth: hci3: SCO packet for unknown connection handle 0 [ 1117.719133][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 1121.878717][T12923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1616'. [ 1122.548023][T12925] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1617'. [ 1123.073429][T12930] tipc: Enabling of bearer rejected, failed to enable media [ 1125.850340][T12949] overlayfs: failed to clone upperpath [ 1129.048875][ T27] audit: type=1326 audit(1758332782.651:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.071643][ T27] audit: type=1326 audit(1758332782.651:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.107982][ T27] audit: type=1326 audit(1758332782.651:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.168569][ T27] audit: type=1326 audit(1758332782.651:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.210155][ T27] audit: type=1326 audit(1758332782.651:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.338360][ T27] audit: type=1326 audit(1758332782.651:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.393837][T12971] fuse: Bad value for 'fd' [ 1129.400269][T12970] batadv_slave_0: entered promiscuous mode [ 1129.434507][ T27] audit: type=1326 audit(1758332782.651:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.495147][ T27] audit: type=1326 audit(1758332782.651:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.548179][ T27] audit: type=1326 audit(1758332782.651:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1129.609943][ T27] audit: type=1326 audit(1758332782.651:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12954 comm="syz.0.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1130.351805][T12978] tipc: Bearer : already 2 bearers with priority 0 [ 1130.359955][T12978] tipc: Enabling of bearer rejected, cannot adjust to lower [ 1131.427707][T12990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1634'. [ 1131.437283][T12990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1634'. [ 1131.447002][T12990] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1634'. [ 1131.476274][T12990] 9pnet_fd: Insufficient options for proto=fd [ 1132.208007][T12992] netlink: 188 bytes leftover after parsing attributes in process `syz.0.1636'. [ 1133.618146][T13001] serio: Serial port ptm0 [ 1133.702270][T13002] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1639'. [ 1133.711582][T13002] 0ªî{X¹¦: renamed from gretap0 (while UP) [ 1135.790431][T13002] 0ªî{X¹¦: entered allmulticast mode [ 1135.803307][T13002] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 1137.443104][ T43] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 1138.557448][ T43] usb 3-1: unable to get BOS descriptor or descriptor too short [ 1138.566861][ T43] usb 3-1: config 0 has an invalid interface number: 158 but max is 0 [ 1138.575095][ T43] usb 3-1: config 0 has no interface number 0 [ 1138.584355][ T43] usb 3-1: New USB device found, idVendor=0b48, idProduct=300d, bcdDevice=70.01 [ 1138.595426][ T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1138.605175][ T43] usb 3-1: Product: syz [ 1138.609659][ T43] usb 3-1: Manufacturer: syz [ 1138.614293][ T43] usb 3-1: SerialNumber: syz [ 1138.623382][ T43] usb 3-1: config 0 descriptor?? [ 1138.632184][ T43] dvb-usb: found a 'Technotrend TT-connect CT-3650' in warm state. [ 1138.653000][ T43] dvb-usb: bulk message failed: -22 (4/0) [ 1138.659612][ T43] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 1138.670820][ T43] dvb-usb: bulk message failed: -22 (5/0) [ 1138.679456][ T43] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 1138.699701][ T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1138.710013][ T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 1138.722191][ T43] dvbdev: DVB: registering new adapter (Technotrend TT-connect CT-3650) [ 1138.735118][ T43] usb 3-1: media controller created [ 1138.746398][T13030] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1649'. [ 1138.755462][T13030] 1ªî{X¹¦: renamed from 30ªî{X¹¦ (while UP) [ 1138.768303][T13030] A link change request failed with some changes committed already. Interface 31ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 1138.821864][ T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 1138.868534][ T43] ttusb2: set interface to alts=3 failed [ 1139.150654][ T43] DVB: Unable to find symbol tda10023_attach() [ 1139.156982][ T43] dvb-usb: no frontend was attached by 'Technotrend TT-connect CT-3650' [ 1140.794236][ T8712] Bluetooth: hci1: command 0x0406 tx timeout [ 1141.277773][ T43] rc_core: IR keymap rc-tt-1500 not found [ 1141.284946][ T43] Registered IR keymap rc-empty [ 1141.295516][ T43] rc rc0: Technotrend TT-connect CT-3650 as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0 [ 1141.312618][ T43] input: Technotrend TT-connect CT-3650 as /devices/platform/dummy_hcd.2/usb3/3-1/rc/rc0/input12 [ 1141.332811][ T43] dvb-usb: schedule remote query interval to 150 msecs. [ 1141.393389][ T43] dvb-usb: bulk message failed: -22 (4/0) [ 1141.412830][ T43] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 1141.442445][ T43] dvb-usb: bulk message failed: -22 (5/0) [ 1141.448860][ T43] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0) [ 1141.465500][ T43] dvb-usb: Technotrend TT-connect CT-3650 successfully initialized and connected. [ 1141.481932][ T43] usb 3-1: USB disconnect, device number 10 [ 1142.182070][ T43] dvb-usb: Technotrend TT-connect CT-3650 successfully deinitialized and disconnected. [ 1144.179585][T13081] tipc: Enabling of bearer rejected, failed to enable media [ 1144.530039][T13090] loop1: detected capacity change from 0 to 512 [ 1145.032036][ T8712] Bluetooth: hci1: unexpected event for opcode 0x080b [ 1145.751016][T13090] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1146.363844][ T5791] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1146.379232][T13118] syzkaller0: entered promiscuous mode [ 1146.385184][T13118] syzkaller0: entered allmulticast mode [ 1147.162543][ T1283] ieee802154 phy0 wpan0: encryption failed: -22 [ 1148.513363][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 1148.520127][ T27] audit: type=1326 audit(1758332800.864:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13133 comm="syz.3.1682" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x0 [ 1149.600193][ T8712] Bluetooth: hci1: unexpected event for opcode 0x0c6d [ 1149.848343][T13156] dccp_invalid_packet: P.Data Offset(10) too large [ 1149.910119][ T8712] Bluetooth: hci1: unexpected event for opcode 0x2042 [ 1150.056715][ T8712] Bluetooth: hci2: unexpected event for opcode 0x041c [ 1150.259000][ T8712] Bluetooth: hci1: unexpected event for opcode 0x2012 [ 1150.429526][ T8712] Bluetooth: hci2: unexpected event for opcode 0x203b [ 1153.052371][ T8712] Bluetooth: hci2: command 0x0406 tx timeout [ 1153.137529][T10173] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 1153.357856][T10173] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 1153.369413][T10173] usb 3-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 1153.383932][T10173] usb 3-1: config 220 interface 0 has no altsetting 0 [ 1153.396288][T10173] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1153.417213][T10173] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1153.429736][T10173] usb 3-1: Product: syz [ 1153.433972][T10173] usb 3-1: Manufacturer: syz [ 1153.442707][T10173] usb 3-1: SerialNumber: syz [ 1153.710109][T10173] usb 3-1: Found UVC 0.00 device syz (8086:0b07) [ 1153.718100][T10173] usb 3-1: No valid video chain found. [ 1153.738646][T10173] usb 3-1: USB disconnect, device number 11 [ 1156.146776][T13276] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 1156.330117][T13280] loop1: detected capacity change from 0 to 2048 [ 1156.593564][T13280] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1156.943646][ T5854] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 1157.149754][ T5854] usb 3-1: config 0 has an invalid interface number: 50 but max is 0 [ 1157.158946][ T5854] usb 3-1: config 0 has no interface number 0 [ 1157.171483][ T5854] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc [ 1157.184378][ T5854] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1157.192697][ T5854] usb 3-1: Product: syz [ 1157.196986][ T5854] usb 3-1: Manufacturer: syz [ 1157.202510][ T5854] usb 3-1: SerialNumber: syz [ 1158.170332][ T5854] usb 3-1: config 0 descriptor?? [ 1158.210371][ T5854] yurex 3-1:0.50: Could not find endpoints [ 1158.350564][ T5796] Bluetooth: hci3: unexpected event for opcode 0x1407 [ 1158.433627][ T5854] usb 3-1: USB disconnect, device number 12 [ 1161.851065][T13366] syzkaller0: entered promiscuous mode [ 1161.856623][T13366] syzkaller0: entered allmulticast mode [ 1162.393377][ T5796] Bluetooth: hci2: unexpected event for opcode 0x0419 [ 1163.439844][ T5796] Bluetooth: hci3: unexpected event for opcode 0x2007 [ 1163.652999][ T5796] Bluetooth: hci1: unexpected event for opcode 0x0428 [ 1169.645440][T13495] tipc: Enabling of bearer rejected, failed to enable media [ 1170.071639][T13512] loop1: detected capacity change from 0 to 764 [ 1170.193758][T13512] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 1171.168461][ T27] audit: type=1326 audit(1758332822.060:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13527 comm="syz.2.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef878ec29 code=0x7ffc0000 [ 1171.208063][ T27] audit: type=1326 audit(1758332822.078:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13527 comm="syz.2.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef878ec29 code=0x7ffc0000 [ 1171.231664][ T27] audit: type=1326 audit(1758332822.097:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13527 comm="syz.2.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f6ef878ec29 code=0x7ffc0000 [ 1171.265560][ T27] audit: type=1326 audit(1758332822.097:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13527 comm="syz.2.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef878ec29 code=0x7ffc0000 [ 1171.307578][T13530] netlink: 'syz.3.1834': attribute type 21 has an invalid length. [ 1171.315861][ T27] audit: type=1326 audit(1758332822.097:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13527 comm="syz.2.1836" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ef878ec29 code=0x7ffc0000 [ 1171.592375][ T27] audit: type=1326 audit(1758332822.453:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1171.647858][ T27] audit: type=1326 audit(1758332822.453:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13539 comm="syz.0.1843" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1171.710657][T13543] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1845'. [ 1173.048079][T13559] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1850'. [ 1175.029841][T13596] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1868'. [ 1175.337734][T13606] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 1175.349929][T13606] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 1176.239822][T13617] SET target dimension over the limit! [ 1176.524714][T13629] tipc: Enabled bearer , priority 0 [ 1176.560735][T13629] syzkaller0: entered promiscuous mode [ 1176.566288][T13629] syzkaller0: entered allmulticast mode [ 1176.632729][T13628] tipc: Resetting bearer [ 1176.701050][T13628] tipc: Disabling bearer [ 1177.050161][T13642] netlink: 'syz.1.1885': attribute type 10 has an invalid length. [ 1177.339313][T13642] team0: Device ipvlan1 failed to register rx_handler [ 1182.369501][T13663] tipc: Enabled bearer , priority 0 [ 1182.944377][T13673] tipc: Disabling bearer [ 1184.112752][T13720] tipc: Enabled bearer , priority 0 [ 1184.172207][T13720] tipc: Resetting bearer [ 1184.328649][T13719] tipc: Disabling bearer [ 1185.665994][T13754] tipc: Enabling of bearer rejected, failed to enable media [ 1187.594063][T13794] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1942'. [ 1187.691831][T13797] tipc: Enabling of bearer rejected, failed to enable media [ 1188.559841][T13832] netlink: 'syz.1.1958': attribute type 8 has an invalid length. [ 1189.289177][ T27] audit: type=1326 audit(1758332839.009:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13860 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x7ffc0000 [ 1189.313492][ T27] audit: type=1326 audit(1758332839.009:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13860 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x7ffc0000 [ 1189.336396][ T27] audit: type=1326 audit(1758332839.028:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13860 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f17cbb8ec29 code=0x7ffc0000 [ 1189.387254][ T27] audit: type=1326 audit(1758332839.028:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13860 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x7ffc0000 [ 1189.414052][ T27] audit: type=1326 audit(1758332839.028:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13860 comm="syz.3.1970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f17cbb8ec29 code=0x7ffc0000 [ 1189.538797][ T23] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1189.734526][ T23] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1189.745028][ T23] usb 3-1: config 0 has no interfaces? [ 1189.754399][ T23] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 1189.763620][ T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1189.771650][ T23] usb 3-1: Product: syz [ 1189.789903][ T23] usb 3-1: Manufacturer: syz [ 1189.794575][ T23] usb 3-1: SerialNumber: syz [ 1189.817672][ T23] usb 3-1: config 0 descriptor?? [ 1190.076160][ T5854] usb 3-1: USB disconnect, device number 13 [ 1190.534598][ T27] audit: type=1107 audit(1758332840.178:111): pid=13900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1191.663758][T13929] tipc: Enabling of bearer rejected, already enabled [ 1191.926517][T13935] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2007'. [ 1192.010689][T13939] xt_TCPMSS: Only works on TCP SYN packets [ 1192.268868][T13947] tipc: Enabling of bearer rejected, failed to enable media [ 1194.223469][ T27] audit: type=1326 audit(1758332843.621:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13986 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1194.260696][ T27] audit: type=1326 audit(1758332843.658:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13986 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1194.337526][T13989] tipc: Enabled bearer , priority 0 [ 1194.345863][T13989] syzkaller0: entered promiscuous mode [ 1194.368883][T13989] syzkaller0: entered allmulticast mode [ 1194.381336][ T27] audit: type=1326 audit(1758332843.658:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13986 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1194.399913][T13989] tipc: Resetting bearer [ 1194.428329][ T27] audit: type=1326 audit(1758332843.658:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13986 comm="syz.0.2028" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe5e398ec29 code=0x7ffc0000 [ 1194.454574][T13988] tipc: Resetting bearer [ 1194.639350][T13988] tipc: Disabling bearer [ 1195.045450][T14008] loop1: detected capacity change from 0 to 256 [ 1195.076774][T14011] tipc: Enabling of bearer rejected, failed to enable media [ 1195.214523][T14016] x_tables: unsorted underflow at hook 3 [ 1195.346149][T14019] tipc: Enabling of bearer rejected, failed to enable media [ 1195.976883][T14041] tipc: Enabling of bearer rejected, failed to enable media [ 1196.429455][T14050] tipc: Enabling of bearer rejected, failed to enable media [ 1283.896064][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1309.208961][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1309.215983][ C0] rcu: (detected by 0, t=10502 jiffies, g=65505, q=241 ncpus=2) [ 1309.223834][ C0] rcu: All QSes seen, last rcu_preempt kthread activity 10490 (4295063872-4295053382), jiffies_till_next_fqs=1, root ->qsmask 0x0 [ 1309.237491][ C0] rcu: rcu_preempt kthread starved for 10490 jiffies! g65505 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 1309.248740][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1309.258751][ C0] rcu: RCU grace-period kthread stack dump: [ 1309.264694][ C0] task:rcu_preempt state:R running task stack:26776 pid:17 ppid:2 flags:0x00004000 [ 1309.275540][ C0] Call Trace: [ 1309.278878][ C0] [ 1309.281855][ C0] __schedule+0x14d2/0x44d0 [ 1309.286446][ C0] ? asan.module_dtor+0x20/0x20 [ 1309.291411][ C0] ? enqueue_timer+0x225/0x530 [ 1309.296251][ C0] ? __mod_timer+0x984/0xdb0 [ 1309.300934][ C0] schedule+0xbd/0x170 [ 1309.305073][ C0] schedule_timeout+0x160/0x280 [ 1309.309990][ C0] ? console_conditional_schedule+0x40/0x40 [ 1309.315951][ C0] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 1309.321882][ C0] ? update_process_times+0x1b0/0x1b0 [ 1309.327355][ C0] ? prepare_to_swait_event+0x339/0x360 [ 1309.332991][ C0] rcu_gp_fqs_loop+0x302/0x1560 [ 1309.337902][ C0] ? rcu_gp_init+0x110e/0x1510 [ 1309.342899][ C0] ? dyntick_save_progress_counter+0x2b0/0x2b0 [ 1309.349122][ C0] ? lockdep_hardirqs_on+0x98/0x150 [ 1309.354376][ C0] ? rcu_gp_init+0x1510/0x1510 [ 1309.359214][ C0] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 1309.365163][ C0] ? finish_swait+0xc7/0x1d0 [ 1309.369993][ C0] rcu_gp_kthread+0x99/0x380 [ 1309.374643][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 1309.379818][ C0] ? __kthread_parkme+0x7a/0x1c0 [ 1309.384817][ C0] ? __kthread_parkme+0x162/0x1c0 [ 1309.389897][ C0] kthread+0x2fa/0x390 [ 1309.394052][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 1309.399259][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1309.403892][ C0] ret_from_fork+0x48/0x80 [ 1309.408368][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1309.413039][ C0] ret_from_fork_asm+0x11/0x20 [ 1309.417975][ C0] [ 1309.421032][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 1309.427398][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1309.432710][ C1] NMI backtrace for cpu 1 [ 1309.432724][ C1] CPU: 1 PID: 8439 Comm: kworker/u4:23 Not tainted syzkaller #0 [ 1309.432746][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1309.432758][ C1] Workqueue: events_unbound nsim_dev_trap_report_work [ 1309.432782][ C1] RIP: 0010:debug_object_deactivate+0x6c/0x350 [ 1309.432808][ C1] Code: 48 0f af c8 48 c1 e9 2f 83 e1 f8 4c 8d ac c9 20 a3 05 97 48 8d bc c9 28 a3 05 97 48 89 7c 24 18 e8 69 02 52 06 48 89 44 24 10 <4c> 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 2e f6 b6 fd [ 1309.432823][ C1] RSP: 0018:ffffc900001f0cc0 EFLAGS: 00000046 [ 1309.432836][ C1] RAX: 0000000000000806 RBX: ffff88807af8e340 RCX: dffffc0000000000 [ 1309.432848][ C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffc900001f0ba0 [ 1309.432859][ C1] RBP: ffffc900001f0e90 R08: 0000000000000003 R09: 0000000000000004 [ 1309.432870][ C1] R10: dffffc0000000000 R11: fffff5200003e174 R12: dffffc0000000000 [ 1309.432882][ C1] R13: ffffffff97119d08 R14: 186abcf468000000 R15: ffff88807af8e340 [ 1309.432895][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 1309.432909][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1309.432921][ C1] CR2: 000055557c986808 CR3: 000000007d7ab000 CR4: 00000000003506e0 [ 1309.432936][ C1] Call Trace: [ 1309.432944][ C1] [ 1309.432956][ C1] debug_deactivate+0x1d/0x1d0 [ 1309.432986][ C1] __hrtimer_run_queues+0x2bf/0xc40 [ 1309.433018][ C1] ? taprio_dequeue_from_txq+0x8f0/0x8f0 [ 1309.433045][ C1] ? hrtimer_interrupt+0x9c0/0x9c0 [ 1309.433062][ C1] ? ktime_get_update_offsets_now+0x3d2/0x3f0 [ 1309.433087][ C1] hrtimer_interrupt+0x3c9/0x9c0 [ 1309.433120][ C1] __sysvec_apic_timer_interrupt+0xfb/0x3b0 [ 1309.433142][ C1] sysvec_apic_timer_interrupt+0x9f/0xc0 [ 1309.433170][ C1] [ 1309.433175][ C1] [ 1309.433181][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1309.433199][ C1] RIP: 0010:crng_make_state+0x403/0x700 [ 1309.433223][ C1] Code: 4c 8d e8 50 ca d8 05 e9 56 fe ff ff e8 e6 70 e6 fc e8 d1 22 cf 05 4d 85 f6 74 8c e8 d7 70 e6 fc fb 48 c7 44 24 40 0e 36 e0 45 <48> 8b 44 24 38 4a c7 04 20 00 00 00 00 66 42 c7 44 20 09 00 00 42 [ 1309.433237][ C1] RSP: 0018:ffffc9000baf7880 EFLAGS: 00000293 [ 1309.433250][ C1] RAX: ffffffff849f26c9 RBX: 0000000000000000 RCX: ffff88802bba9e00 [ 1309.433262][ C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1309.433276][ C1] RBP: ffffc9000baf7970 R08: ffffffff90da75ef R09: 1ffffffff21b4ebd [ 1309.433288][ C1] R10: dffffc0000000000 R11: fffffbfff21b4ebe R12: dffffc0000000000 [ 1309.433301][ C1] R13: ffff8880b8f38fd0 R14: 0000000000000200 R15: ffff8880b8f39020 [ 1309.433318][ C1] ? crng_make_state+0x3f9/0x700 [ 1309.433346][ C1] ? crng_make_state+0x13b/0x700 [ 1309.433370][ C1] ? urandom_read_iter+0x150/0x150 [ 1309.433400][ C1] _get_random_bytes+0xd6/0x210 [ 1309.433422][ C1] ? get_random_bytes+0x20/0x20 [ 1309.433458][ C1] nsim_dev_trap_report_work+0x646/0xb00 [ 1309.433488][ C1] ? process_scheduled_works+0x957/0x15b0 [ 1309.433511][ C1] process_scheduled_works+0xa45/0x15b0 [ 1309.433553][ C1] ? assign_work+0x400/0x400 [ 1309.433577][ C1] ? assign_work+0x39e/0x400 [ 1309.433599][ C1] worker_thread+0xa55/0xfc0 [ 1309.433619][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 1309.433637][ C1] ? _raw_spin_unlock+0x40/0x40 [ 1309.433651][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 1309.433679][ C1] kthread+0x2fa/0x390 [ 1309.433693][ C1] ? pr_cont_work+0x560/0x560 [ 1309.433713][ C1] ? kthread_blkcg+0xd0/0xd0 [ 1309.433728][ C1] ret_from_fork+0x48/0x80 [ 1309.433753][ C1] ? kthread_blkcg+0xd0/0xd0 [ 1309.433769][ C1] ret_from_fork_asm+0x11/0x20 [ 1309.433800][ C1]