last executing test programs: 23.700091378s ago: executing program 3 (id=770): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x58, &(0x7f00000001c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) shutdown(r1, 0x1) 22.993703256s ago: executing program 3 (id=773): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x755, 0x3f00, 0x5, 0x1000}, &(0x7f0000000340)=0x0, &(0x7f0000000300)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x49, 0x3, 0xffffffffffffffff, 0x0}) io_uring_enter(r0, 0x3516, 0x3e44, 0x8, 0x0, 0x0) 22.5978982s ago: executing program 3 (id=776): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_trace', 0x0, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x40, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 21.243380489s ago: executing program 3 (id=782): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) 20.775102868s ago: executing program 3 (id=783): r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f00000001c0)=[0x0], &(0x7f0000000200)=[0x0], 0x0, 0x0, 0x1, 0x1}) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r2, r1], 0x2, 0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}) 20.123876008s ago: executing program 3 (id=786): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a300000000070000000060a010400000000000000000100000048000480240001800b00010072656a65637400001400028008000140000000000500020000000000200001800700010072740000140002800800014000000009080002400000000008000b40000000000900010073797a3000000000140000001100010000"], 0xf8}}, 0x0) 16.397563159s ago: executing program 2 (id=793): r0 = landlock_create_ruleset(&(0x7f0000000040)={0x400a, 0x3, 0x3}, 0x18, 0x0) landlock_restrict_self(r0, 0x5) r1 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r1, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10) 14.981217234s ago: executing program 2 (id=797): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r0 = getpid() madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 13.568371976s ago: executing program 2 (id=803): r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) r2 = dup3(r0, r1, 0x0) preadv(r2, &(0x7f0000000280)=[{0x0}, {&(0x7f0000000100)=""/24, 0x18}], 0x2, 0x0, 0x0) 13.0332896s ago: executing program 2 (id=805): syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x8802, &(0x7f0000001940), 0x1, 0x1534, &(0x7f0000002d00)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrv4SOwQH4udYpfYLT4Re8SnYq/4TOwTn4v94guRJb4UB8RX4qD4WhwS34jD4ltxRBwVx8R34rj4XpwQJ8UpcVqcET+Is+JHcU54ARKlkFIqGcgYmUPGypwyTl4hc8ngwrN7tYyX18g88lqZV+aT+WUBmSALykJSSyOtJBnKwrKIjMrrZFF5vSwmb5DFZQnpZEmZKG+UpeRNsrS8WZaRt8iy8lZZTpaXFWRFeZusJG+XEPl5H1VlNVld1pB3yWS4W9aS98ja8l5ZR94n68r7ZT35gKwvH5QN5EOyoXxYNpKPyMayiWwqm8nm8lHZQj4mW8pWsrV8XLaRT8i28kmZJJ+S7aS/8BJ5RnaUz8pO8jnZWXaRXeWP8pz0srvsIaEnyF7yRdlb9pF9ZT/ZX74kB8iX5UD5ikyRg+Rg+aocIl+TQ+Xrcph8Qw6Xb8oRcqQcJUfLMXKsTJXj5Hj5lpwg35YT5SQ5WU6RaXKq7HthpZlS/sP8t34nf+BPe98gN8pNcrPcIrfKbXK7/EjukDvkTrlT7pa75R65R+6Ve+U+uU/ul/tllsySB+QBeVAelIfkIXlYHpZH5FF5Wn4nj8vv5Ql5Up6Up+UZeUaevfAcgEIllFRKBSpG5VCxKqeKU1eoXOpKlVtdpSLqahWvrlF51LUqr8qn8qsCKkEVVIWUVkZZRSpUhVURFVXX4YUXjCquSiinSqpEdeO/kq+KqutVMXXDr/Iv1pf8B/U1V81VC9VCtVQtVWvVWrVRbVRb1VYlqSTVTrVT7VV71UF1UB1VR9VJdVKdVWfVVXVV3VQ31V11V8kqWfVSL6reqo/qq/qp/uolNUANUAPVQJWiUtRgNVgNUUPUUDVUDVPD1HA1XI1QI9QoNUqNUWNUqkpV49V4NUFNUBPVRDVZTVZpKk1NU9PUdDVdzVQz1Sw1S81Ws9VcNVelq3Q1X81XGSpDLVQLVaZapBapJWqJWqaWqRVqhVqlVqk1ao1ap9apTLVRbVSb1Wa1VW1V29V2tUPtUDvVTrVb7VZ71B61V+1V+9Q+tV/tV1kqSx1QB9RBdVAdUofUYXVYHVFH1DF1TB1Xx9UJdUKdUqfUGXVGnVVn1Tl17vxpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4Nogb5AvyB8UCBKCgkGhQAcmsIG40PRocF1QNLg+KBbcEBQPSgQuKBkkBjcGpYKbgtLBzUGZ4JagbHBrUC4oH1QIKga3BZWC24PKwR1BleDOoGpQLage1AjuCmoGdwe1gnuC2sG9QZ3gvqBucH9QL3ggqB88GDQIHgoaBg8HjYJHgsZBk6Bp0Cxo/qeu7/2JfI+57rqHTtY9dS/9ou6t++i+up/ur1/SA/TLeqB+RafoQXqwflUP0a/pofp1PUy/oYfrN/UIPVKP0qP1GD1Wp+pxerx+S0/Qb+uJepKerKfoND1VT9Pv6Ol6hp6p39Wz9Ht6tp6j5+p5Ol2/r+frBTpDf6AX6g91pl6kF+sleqleppfrFXqlXqVX6zV6rV6n1+sNeqPepDfrLXqr3qa364/0Dv2x3ql36d36E71Hf6r36s/0Pv253q+/0Fn6S31Af6UP6q/1If2NPqy/1Uf0UX1Mf6eP6+/1CX1Sn9Kn9Rn9gz6rf9TntD9/cn/+690oo0yMiTGxJtbEmTiTy+QyuU1uEzERE2/iTR6Tx+Q1eU1+k98kmARTyBQy55EhU9gUNlETNUVNUVPMFDPFTXHjjDOJJtGUMqVMaVPalDFlTFlT1pQz5UwFU8HcZm4zt5vbzR3mDnOnudNUM9VMDVPD1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NU9PUNDfNTQvTwrQ0LU1r09q0MW1MW9PWJJkk0860M+1Ne9PBdDAdTUfTyXQynU1n09V0Nd1MN9PddDfJJtn0Mr1Mb9Pb9DV9TX/T3wwwA8xAM9CkmBQz2Aw2Q8wQM9QMNcPMG2b4+RNVM9KMMqPNGDPWpJpUM96MNxPMBDPRTDSTzWSTZtLMNDPNTDfTzUwz08wys8xsM9vMNXNNukk38818k2EyzEKz0GSaTLPYLDZLzVKz3Cw3K81Ks9qsNmthrVlv1puNZqPZbDabrWar2W62mx1mh9lpdprdZrfZY/aYvWav2Wf2mf1mv8kyWeaAOWAOmoPmkDlkDpvD5og5Yo6ZY+a4OW5OmBPmlDllzph8F74vvYm1OW2cvcLmslfa3PYq+/dxflvAJtiCtpDVNq/N96vYWGuL2RtscVvCOlvSJtobfxOXs+VtBVvR3mYr2dtt5d/ENe3dtpa9x9a299oa9q5fxXXsfbaufdjWQwSwTWwD28w2tA/bRvYR29g2sU1tM9vGPmHb2idtkn3KtrNP/yaebxfYlXaVXW3X2J12lz1lT9uD9mt7xv5gu9setr99yQ6wL9uB9hWbYgf9Jh5u37Qj7Eg7yo62Y+zY38ST7RSbZqfaafYdO93O+E2cbt+3s2yGnW3n2Ll23k/x+Zoy7Ad2of3QZtoAFtsldqldZpfbFf+/1iV2nV1vN9gd9mO72W6xW+02u/3iibDdZXfbT+we+6k9YL+y++zndr89ZLPslz/F54/vkP3GHrbf2iP2qD1mv7PH7ffqp9yRvQHsD/Y7+6M9Z70FQgKSpCigGMpBsZST4ugKykVXUm66iiJ0NcXTNZSHrqW8lI/yUwFKoIJUiDQZskQUUmEqQlG6ji6WV5xKkKOSlEg3Uim6iUrTzVSGbqGydCuVo/JUgSrSbVSJbqfKdAdVoTupKlWj6lSD7qKadDfVonuoNt1Ldeg+qkv3Uz16gOrTg9SAHqKG9DA1okeoMTWhptSMmtOj1IIeo5bUilrT49SGnqC29CQl0VPUjp6m9vQ36kDPUEd6ljrRc9SZulBXep660QvUnXpQMvWkXvQi9aY+1Jf6UX96iQbQyzSQXqEUGkSD6VUaQq/RUHqdhtEbNJzepBE0kkbRaBpDYymVxtF4eosm0Ns0kSbRZJpCaTSVptE7NJ1m0Ex6l2bRezSb5tBcmkfp9D7NpwWUQR/QQvqQMmkRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lbbRdvqIdtDHtJN20W76hPbQp7SXPqN99Dntpy8oi76kA/QVHaSv6RB943vQt3SEjtIx+o6O0/d0gk7SKTpNZ+gHOks/0jnyBCGGIpShCoMwJswRxoY5w7jwijBXeGWYO7wqjIRXh/HhNWGe8Nowb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGw+vCouH1YbEQw+JhidCFJcPE8MawVHhTWDq8OSwT3hKWDW8Ny4Xlw4fvrRjeFlYKbw8rh3eEVcI7w6phtbB6WCO8K6wZ3h3WCu8Ja4f3hqXD+8K64f1hvfCBsH74YNggfChsGD4cNgofCRuHTcKmYbOwefho2CJ8LGwZtgpbh4+HbcInwrbhk2FS+FTYLnz6p/n7FvzxfHLYM+wVvhi+GHp/j5wbnRdNj74fnR9dEM2IfhBdGP0wmhldFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10f3RD1vkYOcOiEk065wMW4HC7W5XRx7gqXy13pcrurXMRd7eLdNS6Pu9bldflcflfAJbiCrpDTzjjryIWusCviou46V9Rd74q5G1xxV8I5V9IlumauuWvuWrjHXEvXyrV2j7vH3RPuCfeke9I95dq5p1179zfXwT3jOrpn3bPuOdfZdXFd3fOumxuX++f3ZLLr5Xq53q636+v6uv6uvxvgBriBbqBLcSlusBvshrghbqgb6oa5YW64G+5GuBFulBvlxrgxLtWluvFuvJvgJriJbqKb7Ca7NJfmprlpbrqb7irN+Hkvs91sN9fNdeku3c13588ZM9xCt9Bluky32C12S91St9wtdyvdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A6301/186Juj9vr9rp9bp/b775wWe5Ld8B95Q66r90h94077L51R9xRd8x95467790Jd9KdcqfdGfeDO+t+dOecd6mRcZHxkbciEyJvRyZGJkUmR6ZE0iJTI9Mi70SmR2ZEZkbejcyKvBeZHZkTmRuZF0mPvB+ZH1kQyYh8EFkY+TCSGVkUWRxZElkaWRbxvuDm0Bf2RXzUX+eL+ut9MX+DL+5LeOdL+kR/oy/lb/Kl/c2+jL/Fl/W3+nK+vK/gH/GNfRPf1Dfzzf2jvoV/zLf0rXxr/7hv45/wbf2TPsk/5dv5p317/zffwT/jO/pnfSf/nO/su/iu/nnfzb/gu/sePtn39L38i7637+P7+n6+v3/JD/Av+4H+FZ/iB/nB/lU/xL/mh/rX/TD/hh8e86YfcfESGcb6VD/Oj/dv+Qn+bT/RT/KT/RSf5qf6af4dP93P8DP9u36Wf8/P9nP8XD/Pp/v3/Xy/wGf4D/xC/6HP9Isu3lT2y/0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9R36H/9jv9Lv8bv+J3+M/9Xv9Z36f/9zv91/4LP+lP+C/8gf91/6Q/8Yf9t/6I/6oP+a/88f99/6EP+lP+dP+jP/Bn/U/+nP8f9YYY4wxxv4p4y4Nxa9nfr6d3/N3csQvNu4FAFduKZD1y/nzZ5Rr8/487iMS2kQA4KkenR68+KhaNTk5+cK2mRKCInMALv5N0HkxcCleBK3hCUiCVlDqd+vvI7qcoX+wfvQWgLhf5MTCpfjS+p8BYPLvrP/o48Pnlw1Pxf8P688BKFbkUk5OuBQvgtY/3V9pBaX/oP58LX5Zf+xv18/5eSpAy1/k5IJL8aX6E+ExeBqSfrUlY4wxxhhjjDH2sz6iQoeL158X/8Xn712fJ6hLOTngUvyPrs8ZY4wxxhhjjDF2+T3TpeuTjyYlterwrw8q/6+y/ulBI/i/WvkvGdzxn1HGvzDwHuDiTxQA/JsLApwfyL/yKDb9JftKufDW+fuppad9AP8ZrfwzBpf5g4kxxhhjjDH2p7t00v/rn6vLVRBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYN/RW/TuyX++tx+Q6VMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYu2z+XwAAAP//dMcCKA==") mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000300)={0x140, 0x161, 0x8}, 0x18) 11.92888413s ago: executing program 2 (id=811): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x12, r0, 0x0) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) 11.04395495s ago: executing program 2 (id=815): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00', 0x0}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], 0x8) 9.341917056s ago: executing program 32 (id=815): bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00', 0x0}, 0x30) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000040)='cpu.max\x00', 0x2, 0x0) write$cgroup_subtree(r2, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], 0x8) 4.756675415s ago: executing program 0 (id=832): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x3004000, &(0x7f00000001c0)={[{@errors_remount}, {@resuid}, {@block_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x7}}, {@nobarrier}, {@noblock_validity}, {@dioread_nolock}]}, 0x1, 0x790, &(0x7f0000001740)="$eJzs3c9rHFUcAPDvTHaT/k4qClZRAx5aEPPLgj9QaMGjiKCevDQkaSnd/qCJYEOEFrEnjwXBiwiCF2+KF0FKT4p46UX6H0ilSBBaxUNkprPJttlNds1upnU/H5jkvXm7+95k+c6bHy/zAuhbo9mPNOJARFxMIoaL9UlEVPNUJeLI3dfdWV6a+Wt5aSaJlZW3/0jy19xeXpqJhvdkdhdv2xER168l8cjA+nrnLyyemq7V5s4X+fGF0+fG5y8sPn/y9PSJuRNzZ6ampl6eOjz54sRU17b1o6d+/uafy29+/Om+G1d+v/7dviSOxJ6irHE7umU0Rlf/Jo0qEfF6tysryUCxPWnDuqRSYoPoSNrwHT4ewzEQa1/ecFz7ttTGAQA9sZItAECfSfT/ANBn6tcBbi8vzdSXcq9IANvl1tHIb9RncX+nWO6WVOJI/ntHPg5g159JNN7WTepjB7Yo+4yv36t+ni3Ro/vwQHMXL+U3/pv0/0ke/yP5KJ718T8QUewftub+fYj4h+2zlfh/qwv1i38AAAAAAADonqtHI+KlZvf/0tXxP9Hk/t9QREx0of7N7/+lN7tQDdDEraMRrxbP9rl3/N/qE11GBorc3oh4LKrJ8ZO1uSz290XEoagOZfnJ5h+f7zLevTz5Q6v6G8f/ZUtWf30sYNGOm5Whe98zO70wvdXtBiJuXYp4otIs/pPV/j9pMf73WJt1fL/01dOtyjaPf6BXVr6IONi0/197cl2y8fP5xvPjgfH6UcF6i8de+7BV/W3F/9q/KQFdlPX/uzaO/5Gk8Xmd853X8cntic9alf3X4//B5J38qaKDxboPphcWzk9GDCZvrF/fvUeIwkOtHg/1eMni/9Czzc//Nzr+r0bEuTbr/PLH6q+tykbzSHX8D2XI4n+2o/6/88TfvzzZclfRXv9/OO/TDxVrXP+DjbUboGW3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuimNiD2RpGOr6TQdG4vYHRGPxq60dnZ+4bnjZ98/M5uVRYxENT1+sjY3ERHDd/NJlp/M02v5qfvyL0TE/oi4MrQzz4/NnK3Nlr3xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDY3WL+/8xvQ2W3DgDomR1lNwAA2Hb6fwDoP/p/AOg/Hff/P+3tTUMAgG3j/B8A+o/+HwAAAAAAAAAAAAAAAAAAAAAAAAB6av8zV28kEXHxlZ35khksyqqltgzotbTsBgClGSi7AUBpKu28KElWzwmA/w/n+ECySXnrKUJcQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoH8cPNDu/P9tzRQKPETM3gf9y/z/0L8c1UP/Mv8/YP5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY3PyFxVPTtdrceYluJyoPRjMehMRQRDwAzZDoIFH2ngkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfBvwEAAP//snoPXw==") chdir(&(0x7f0000000140)='./file0\x00') syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000180)='./bus\x00', 0x2239c23, 0x0, 0x1, 0x0, &(0x7f0000000080)) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) 3.517855719s ago: executing program 0 (id=835): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005ec0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000005f00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000006000)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000005f40)={0x34, r1, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0x800}, @NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x34}, 0x1, 0x0, 0x0, 0x4048020}, 0x28000) 3.480318781s ago: executing program 4 (id=836): symlink(&(0x7f0000000080)='.\x00', 0x0) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0) r1 = dup(r0) ioctl$GIO_UNISCRNMAP(r1, 0x43403d0e, &(0x7f0000000080)=""/96) 3.400787599s ago: executing program 1 (id=837): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@bridge_dellink={0x2c, 0x11, 0x5, 0x40000000, 0x0, {0x7, 0x0, 0x0, r2, 0x10}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x4, 0x0, 0x1, {0x4, 0x2}}]}]}, 0x2c}}, 0x4000) 2.996089982s ago: executing program 4 (id=838): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={0xffffffffffffffff, 0x7, 0x2}) 2.678709012s ago: executing program 0 (id=839): r0 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000b80)) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000080)) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000001000)) 2.612914089s ago: executing program 1 (id=840): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 2.122986258s ago: executing program 1 (id=841): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 2.046781166s ago: executing program 0 (id=842): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 2.009010518s ago: executing program 4 (id=843): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a00)={0x30, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}, @NL80211_ATTR_MESH_ID={0xa}]}, 0x30}}, 0x0) 1.645332842s ago: executing program 0 (id=844): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./bus\x00', 0x0, &(0x7f0000000080)={[{@errors_remount}, {@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@noblock_validity}]}, 0x3, 0x488, &(0x7f0000001340)="$eJzs3M1vFOUfAPDvTLuF/oBfq+ILL2oVjQ1qSwGVgwc1mnjAxEQPGk9NWwhSqKE1EUIUjMGTMSbejUf/BU96MUYvJl71bkiI6QXw4prZnWl3l90tLbtdYD+fZOB55qXP99uZZ/eZeXYbQN8ay/5JIrZHxB8RMVKt1u8wVv3v2vL5mevL52eSKJff+jup7Hd1+fxMsWtx3La8Mp5GpJ8lsadJu4tnz52cnp+fO5PXJ5dOfTC5ePbcsydOTR+fOz53+uCRI4cPTb3w/MHnmgc+tL48s5iu7v54Ye+u19/96o2jX9Tl35BHh4y12/hkudzh5nprR005GexhIKzLQERkp6tU6f8jMRCrJ28kXvu0p8EBXVUul8vbWm++UG6QNq4A7mBJ1Ndv6PLAXap4o8/uf4ulcRDwUveGHz135eXqDVCW97V8qW4ZjDTfp9Rwf9tJYxHxzoV/vsmW6M5zCACAOj9k459nmo3/0nigZr//53NDoxFxT0TcGxH3RcTOiLg/orLvgxHxUOXIWBk7raVxkuTG8U96+ZYSXEM2/nsxn9sazsZ/pZV2i8LoQF7bUcm/lBw7MT93IP+djEdpS1afatPGj6/+/mWrbbXjv2zJ4ijGgnkclwe31B8zO700vfGM6125GLF7sMi1dvybrMwEJBGxKyJ2b7CNE/u/29tq29r5t9GBeabytxFPVc//hViuz7+QtJ+fnNwa83MHJour4ka//HbpzVbtV/Lfv8H8OyA7///Lr/9rzfMfTWrnaxfX38alPz9veU+z0et/KHm7Ui6mgT+aXlo6MxUxlBytBl27/uDqsUW92D/Lf3xfs/zTymtc8ZvYExHZRfxwRDwSEY/msT8WEY9HxL42+f/8yhPvN92Q3uL13wFZ/rPrOv+rhaFoXNO8MHDyp+/rGh1dLeb5X29//g9XSuP5mpt5/buZuDZ2NQMAAMCdJ42I7ZGkEyvlNJ2YqH5efmdEOr+wuPT0sYUPT89WvyMwGqW0eNI1UvM8dCq/ra/WL0ZE9aMFxfZD+XPjrweGK/WJmYX52V4nD31uW4v+n/lroNfRAV3n+1rQv/R/6F/N+v/WHsQBbD7v/9C/mvT/4V7EAWy+Zu//n7Q/5N9uxQJsrob+b9oP+sj67/9/fa8rgQCbrmX/v5v/8g9Q4fk/9KXF4Vj7S/JtC8VP2uDht0shiYiO/sAo3RZ53XqhnDQ9uZFmhdLtEKFCFwq9fV0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADolP8CAAD//3fv18M=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000e00)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @c}}) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10413, 0x0) 1.277219567s ago: executing program 1 (id=845): mkdirat(0xffffffffffffffff, &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc) getsockopt$inet_buf(r0, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9) 1.132063752s ago: executing program 4 (id=846): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) r1 = landlock_create_ruleset(&(0x7f0000000000)={0xe01, 0x2, 0x1}, 0x18, 0x0) landlock_restrict_self(r1, 0x0) connect$inet(r0, 0x0, 0x0) 608.876866ms ago: executing program 4 (id=847): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "080000000000000000008000"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x801}, 0x0) 564.947684ms ago: executing program 1 (id=848): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x12, {{0x2, 0x3, @multicast2}}}, 0x88) setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000004c0)={0x5, {{0x2, 0x0, @multicast2}}, {{0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @multicast2}}}, 0x108) 468.156128ms ago: executing program 0 (id=849): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x70) 29.148769ms ago: executing program 4 (id=850): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000400)=ANY=[@ANYBLOB='@7\r'], 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000000)={0x2c, &(0x7f0000000f00)=ANY=[@ANYBLOB="221528000000a559"], 0x0, 0x0, 0x0, 0x0}) 0s ago: executing program 1 (id=851): r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x206576, 0x6}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): arms(): no params data found [ 264.903663][ T5803] chnl_net:caif_netlink_parms(): no params data found [ 265.156033][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.164036][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.171903][ T5810] bridge_slave_0: entered allmulticast mode [ 265.182298][ T5810] bridge_slave_0: entered promiscuous mode [ 265.288047][ T5799] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.296029][ T5799] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.305845][ T5799] bridge_slave_0: entered allmulticast mode [ 265.315971][ T5799] bridge_slave_0: entered promiscuous mode [ 265.329708][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.338591][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.346641][ T5810] bridge_slave_1: entered allmulticast mode [ 265.356766][ T5810] bridge_slave_1: entered promiscuous mode [ 265.470871][ T5799] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.479254][ T5799] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.487302][ T5799] bridge_slave_1: entered allmulticast mode [ 265.497622][ T5799] bridge_slave_1: entered promiscuous mode [ 265.806276][ T5804] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.814232][ T5804] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.822034][ T5804] bridge_slave_0: entered allmulticast mode [ 265.832024][ T5804] bridge_slave_0: entered promiscuous mode [ 265.940158][ T5799] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.951648][ T5804] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.959585][ T5804] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.967624][ T5804] bridge_slave_1: entered allmulticast mode [ 265.977466][ T5804] bridge_slave_1: entered promiscuous mode [ 265.997512][ T5799] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.010767][ T5095] Bluetooth: hci0: command tx timeout [ 266.018867][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.073030][ T5095] Bluetooth: hci1: command tx timeout [ 266.164774][ T5095] Bluetooth: hci2: command tx timeout [ 266.165997][ T5808] Bluetooth: hci3: command tx timeout [ 266.186148][ T5809] bridge0: port 1(bridge_slave_0) entered blocking state [ 266.194243][ T5809] bridge0: port 1(bridge_slave_0) entered disabled state [ 266.202249][ T5809] bridge_slave_0: entered allmulticast mode [ 266.212966][ T5809] bridge_slave_0: entered promiscuous mode [ 266.253267][ T5808] Bluetooth: hci4: command tx timeout [ 266.294157][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.345959][ T5809] bridge0: port 2(bridge_slave_1) entered blocking state [ 266.353961][ T5809] bridge0: port 2(bridge_slave_1) entered disabled state [ 266.362358][ T5809] bridge_slave_1: entered allmulticast mode [ 266.373457][ T5809] bridge_slave_1: entered promiscuous mode [ 266.488266][ T5804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.510007][ T5809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 266.587369][ T5799] team0: Port device team_slave_0 added [ 266.629285][ T5809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.651949][ T5804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 266.704007][ T5799] team0: Port device team_slave_1 added [ 266.887529][ T5810] team0: Port device team_slave_0 added [ 266.975935][ T5809] team0: Port device team_slave_0 added [ 267.033937][ T5810] team0: Port device team_slave_1 added [ 267.123601][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.130861][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.157565][ T5799] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.177371][ T5809] team0: Port device team_slave_1 added [ 267.196714][ T5804] team0: Port device team_slave_0 added [ 267.240070][ T5803] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.250209][ T5803] bridge0: port 1(bridge_slave_0) entered disabled state [ 267.258778][ T5803] bridge_slave_0: entered allmulticast mode [ 267.267887][ T5803] bridge_slave_0: entered promiscuous mode [ 267.283565][ T5799] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.290814][ T5799] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.318061][ T5799] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.381551][ T5804] team0: Port device team_slave_1 added [ 267.393714][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.403625][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.435956][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.453295][ T5803] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.463356][ T5803] bridge0: port 2(bridge_slave_1) entered disabled state [ 267.477052][ T5803] bridge_slave_1: entered allmulticast mode [ 267.491305][ T5803] bridge_slave_1: entered promiscuous mode [ 267.613130][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 267.620688][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.648503][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.768475][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 267.775990][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 267.802914][ T5809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 267.944951][ T5803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 267.999920][ T5809] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.007366][ T5809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.034826][ T5809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.066858][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 268.074381][ T5808] Bluetooth: hci0: command tx timeout [ 268.080602][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.107311][ T5804] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 268.153006][ T5808] Bluetooth: hci1: command tx timeout [ 268.169313][ T5803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 268.196553][ T5799] hsr_slave_0: entered promiscuous mode [ 268.207112][ T5799] hsr_slave_1: entered promiscuous mode [ 268.223518][ T5804] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 268.230799][ T5804] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 268.243089][ T5808] Bluetooth: hci3: command tx timeout [ 268.257446][ T5804] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 268.262887][ T5808] Bluetooth: hci2: command tx timeout [ 268.312959][ T5095] Bluetooth: hci4: command tx timeout [ 268.445299][ T5810] hsr_slave_0: entered promiscuous mode [ 268.455769][ T5810] hsr_slave_1: entered promiscuous mode [ 268.465339][ T5810] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 268.473381][ T5810] Cannot create hsr debugfs directory [ 268.620214][ T5809] hsr_slave_0: entered promiscuous mode [ 268.631269][ T5809] hsr_slave_1: entered promiscuous mode [ 268.640734][ T5809] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 268.649557][ T5809] Cannot create hsr debugfs directory [ 268.728119][ T5803] team0: Port device team_slave_0 added [ 268.748899][ T5803] team0: Port device team_slave_1 added [ 269.068511][ T5804] hsr_slave_0: entered promiscuous mode [ 269.079816][ T5804] hsr_slave_1: entered promiscuous mode [ 269.089061][ T5804] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 269.097037][ T5804] Cannot create hsr debugfs directory [ 269.155195][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 269.162551][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.189408][ T5803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 269.348978][ T5803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 269.356864][ T5803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 269.384152][ T5803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 270.152997][ T5095] Bluetooth: hci0: command tx timeout [ 270.168030][ T5803] hsr_slave_0: entered promiscuous mode [ 270.178863][ T5803] hsr_slave_1: entered promiscuous mode [ 270.187811][ T5803] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 270.195874][ T5803] Cannot create hsr debugfs directory [ 270.233064][ T5095] Bluetooth: hci1: command tx timeout [ 270.314110][ T5095] Bluetooth: hci2: command tx timeout [ 270.319905][ T5808] Bluetooth: hci3: command tx timeout [ 270.420534][ T5095] Bluetooth: hci4: command tx timeout [ 270.693882][ T5799] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 270.783357][ T5799] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 270.809060][ T5799] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 270.868973][ T5799] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 271.056441][ T5809] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 271.146886][ T5809] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 271.174211][ T5809] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 271.243386][ T5809] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 271.444115][ T5810] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 271.551958][ T5810] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 271.618830][ T5810] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 271.651276][ T5804] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 271.711671][ T5810] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 271.767196][ T5804] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 271.836357][ T5804] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 272.010400][ T5804] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 272.117361][ T5803] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 272.275916][ T5803] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 272.355839][ T5803] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 272.387225][ T5803] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 272.590718][ T5799] 8021q: adding VLAN 0 to HW filter on device bond0 [ 272.857222][ T5799] 8021q: adding VLAN 0 to HW filter on device team0 [ 272.905369][ T5809] 8021q: adding VLAN 0 to HW filter on device bond0 [ 273.042118][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.050028][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.160206][ T5809] 8021q: adding VLAN 0 to HW filter on device team0 [ 273.222335][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.230866][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.483705][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 273.491863][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 273.515410][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 273.524001][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 273.657740][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 273.806105][ T5804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 274.103284][ T5810] 8021q: adding VLAN 0 to HW filter on device team0 [ 274.166273][ T5804] 8021q: adding VLAN 0 to HW filter on device team0 [ 274.204614][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.213316][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 274.366114][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.373931][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 274.390929][ T5085] bridge0: port 1(bridge_slave_0) entered blocking state [ 274.398722][ T5085] bridge0: port 1(bridge_slave_0) entered forwarding state [ 274.626837][ T5803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 274.708835][ T5085] bridge0: port 2(bridge_slave_1) entered blocking state [ 274.716612][ T5085] bridge0: port 2(bridge_slave_1) entered forwarding state [ 274.851803][ T5804] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 274.862946][ T5804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 274.899429][ T5810] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 275.133671][ T5803] 8021q: adding VLAN 0 to HW filter on device team0 [ 275.288355][ T3947] bridge0: port 1(bridge_slave_0) entered blocking state [ 275.296494][ T3947] bridge0: port 1(bridge_slave_0) entered forwarding state [ 275.457457][ T3947] bridge0: port 2(bridge_slave_1) entered blocking state [ 275.465571][ T3947] bridge0: port 2(bridge_slave_1) entered forwarding state [ 276.470641][ T5799] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 276.649742][ T5809] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 277.140689][ T5799] veth0_vlan: entered promiscuous mode [ 277.241598][ T5799] veth1_vlan: entered promiscuous mode [ 277.339569][ T5809] veth0_vlan: entered promiscuous mode [ 277.460060][ T5804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 277.540078][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 277.575628][ T5809] veth1_vlan: entered promiscuous mode [ 277.771633][ T5799] veth0_macvtap: entered promiscuous mode [ 277.881334][ T5799] veth1_macvtap: entered promiscuous mode [ 278.111963][ T5809] veth0_macvtap: entered promiscuous mode [ 278.150523][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 278.198812][ T5803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 278.306404][ T5804] veth0_vlan: entered promiscuous mode [ 278.324370][ T5799] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 278.373512][ T5809] veth1_macvtap: entered promiscuous mode [ 278.465131][ T5804] veth1_vlan: entered promiscuous mode [ 278.508165][ T5799] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.518063][ T5799] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.529550][ T5799] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.540015][ T5799] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 278.774604][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 278.877792][ T5809] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 279.008868][ T5804] veth0_macvtap: entered promiscuous mode [ 279.030693][ T5809] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.045300][ T5809] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.056075][ T5809] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.066191][ T5809] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.197499][ T5804] veth1_macvtap: entered promiscuous mode [ 279.218268][ T5803] veth0_vlan: entered promiscuous mode [ 279.401620][ T5803] veth1_vlan: entered promiscuous mode [ 279.428583][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 279.546644][ T5804] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 279.718891][ T5804] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.731055][ T5804] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.741208][ T5804] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.750946][ T5804] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 279.909394][ T5803] veth0_macvtap: entered promiscuous mode [ 279.981916][ T5803] veth1_macvtap: entered promiscuous mode [ 280.267668][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 280.413041][ T5803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 280.529559][ T5803] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.540842][ T5803] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.550970][ T5803] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.566676][ T5803] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 281.431871][ T5810] veth0_vlan: entered promiscuous mode [ 281.583092][ T5810] veth1_vlan: entered promiscuous mode [ 282.008373][ T5810] veth0_macvtap: entered promiscuous mode [ 282.109365][ T5810] veth1_macvtap: entered promiscuous mode [ 282.335502][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 282.440166][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 282.559113][ T5810] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.569375][ T5810] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.580248][ T5810] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 282.593077][ T5810] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.029534][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.040279][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.263580][ T3784] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.271842][ T3784] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.754289][ T753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.762539][ T753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.809906][ T5799] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 287.974654][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.983670][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.479605][ T3947] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.488158][ T3947] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.515709][ T5979] loop3: detected capacity change from 0 to 64 [ 288.768568][ T3947] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 288.776896][ T3947] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.250251][ T1821] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.259283][ T1821] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 289.810148][ T1821] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 289.818477][ T1821] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.171953][ T5996] loop0: detected capacity change from 0 to 128 [ 290.180701][ T5994] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2'. [ 290.240850][ T5996] EXT4-fs: Ignoring removed nobh option [ 290.505989][ T5996] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 290.611957][ T5996] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 291.056002][ T753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.066493][ T753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.090280][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 291.098272][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 291.451386][ T6005] warning: `syz.1.9' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 291.596026][ T5809] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 291.688492][ T4076] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.699510][ T4076] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 294.007724][ T2016] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 294.073580][ T5911] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 294.183860][ T5853] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 294.223446][ T2016] usb 5-1: Using ep0 maxpacket: 8 [ 294.248787][ T2016] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 294.259916][ T2016] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.313358][ T5911] usb 3-1: Using ep0 maxpacket: 32 [ 294.374931][ T5853] usb 1-1: Using ep0 maxpacket: 8 [ 294.411215][ T5853] usb 1-1: config 0 has no interfaces? [ 294.413956][ T5911] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 294.417369][ T5853] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 294.426637][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.445100][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 294.501662][ T5853] usb 1-1: config 0 descriptor?? [ 294.509601][ T5911] usb 3-1: config 0 descriptor?? [ 294.542440][ T2016] pvrusb2: Hardware description: Terratec Grabster AV400 [ 294.550887][ T2016] pvrusb2: ********** [ 294.555659][ T2016] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 294.567044][ T2016] pvrusb2: Important functionality might not be entirely working. [ 294.575916][ T2016] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 294.598522][ T2016] pvrusb2: ********** [ 294.869284][ T5911] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 294.923615][ T5911] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 294.940781][ T5911] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 294.949440][ T5911] usb 3-1: media controller created [ 294.994805][ T5853] usb 1-1: USB disconnect, device number 2 [ 295.058523][ T2335] pvrusb2: Invalid write control endpoint [ 295.154193][ T5911] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 295.279306][ T2016] usb 5-1: USB disconnect, device number 2 [ 295.630947][ T5911] az6027: usb out operation failed. (-71) [ 295.674366][ T5911] az6027: usb out operation failed. (-71) [ 295.675749][ T2335] pvrusb2: Invalid write control endpoint [ 295.680820][ T5911] stb0899_attach: Driver disabled by Kconfig [ 295.687035][ T2335] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 295.687111][ T2335] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 295.694944][ T5911] az6027: no front-end attached [ 295.694944][ T5911] [ 295.703418][ T2335] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 295.703517][ T2335] pvrusb2: Device being rendered inoperable [ 295.741272][ T2335] cx25840 2-0044: Unable to detect h/w, assuming cx23887 [ 295.749294][ T2335] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 295.759748][ T2335] pvrusb2: Attached sub-driver cx25840 [ 295.766227][ T2335] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 295.777498][ T2335] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 295.941585][ T5911] az6027: usb out operation failed. (-71) [ 295.947973][ T5911] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 295.961257][ T5911] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5 [ 296.341061][ T5911] dvb-usb: schedule remote query interval to 400 msecs. [ 296.352154][ T5911] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 296.484540][ T5911] usb 3-1: USB disconnect, device number 2 [ 296.887967][ T5911] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 299.959344][ T6084] netlink: 44 bytes leftover after parsing attributes in process `syz.1.42'. [ 300.666024][ T6087] loop2: detected capacity change from 0 to 2048 [ 300.767963][ T6096] ======================================================= [ 300.767963][ T6096] WARNING: The mand mount option has been deprecated and [ 300.767963][ T6096] and is ignored by this kernel. Remove the mand [ 300.767963][ T6096] option from the mount to silence this warning. [ 300.767963][ T6096] ======================================================= [ 300.890374][ T6087] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 300.903029][ T5853] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 301.165029][ T5853] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc [ 301.174788][ T5853] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.183442][ T5853] usb 4-1: Product: syz [ 301.188114][ T5853] usb 4-1: Manufacturer: syz [ 301.194073][ T5853] usb 4-1: SerialNumber: syz [ 301.317676][ T5853] usb 4-1: config 0 descriptor?? [ 301.408476][ T5853] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 002 [ 301.575270][ T6100] loop4: detected capacity change from 0 to 512 [ 301.698038][ T6100] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 301.803691][ T5853] (null): failure reading functionality [ 301.850484][ T5853] i2c i2c-1: connected i2c-tiny-usb device [ 302.114404][ T5911] usb 4-1: USB disconnect, device number 2 [ 304.494772][ T6126] netlink: 'syz.3.61': attribute type 1 has an invalid length. [ 304.504818][ T6126] netlink: 'syz.3.61': attribute type 2 has an invalid length. [ 304.864693][ T6128] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 305.921067][ T6140] Zero length message leads to an empty skb [ 306.175911][ T6148] netlink: 'syz.2.69': attribute type 14 has an invalid length. [ 306.794737][ T5095] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 306.803978][ T5095] Bluetooth: hci3: Injecting HCI hardware error event [ 306.812474][ T5095] Bluetooth: hci3: hardware error 0x00 [ 306.906391][ T6150] process 'syz.1.72' launched './file0' with NULL argv: empty string added [ 307.308327][ T6152] loop3: detected capacity change from 0 to 256 [ 308.897295][ T5095] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 311.000524][ T6191] netlink: 'syz.0.89': attribute type 7 has an invalid length. [ 311.969444][ T6201] loop1: detected capacity change from 0 to 1024 [ 312.194076][ T6201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 312.860231][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.454269][ T6220] bridge0: port 3(syz_tun) entered blocking state [ 313.461340][ T6220] bridge0: port 3(syz_tun) entered disabled state [ 313.468942][ T6220] syz_tun: entered allmulticast mode [ 313.478550][ T6220] syz_tun: entered promiscuous mode [ 313.486624][ T6220] bridge0: port 3(syz_tun) entered blocking state [ 313.493811][ T6220] bridge0: port 3(syz_tun) entered forwarding state [ 314.163954][ T6228] loop3: detected capacity change from 0 to 256 [ 314.273719][ T6228] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 314.609123][ T5853] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 314.823470][ T5853] usb 3-1: Using ep0 maxpacket: 32 [ 314.884833][ T5853] usb 3-1: config 0 has an invalid interface number: 85 but max is 0 [ 314.893606][ T5853] usb 3-1: config 0 has no interface number 0 [ 314.900043][ T5853] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 314.911770][ T5853] usb 3-1: config 0 interface 85 has no altsetting 0 [ 315.093838][ T5853] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72 [ 315.103814][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 315.112163][ T5853] usb 3-1: Product: syz [ 315.117123][ T5853] usb 3-1: Manufacturer: syz [ 315.122088][ T5853] usb 3-1: SerialNumber: syz [ 315.303269][ T6235] loop4: detected capacity change from 0 to 4096 [ 315.368708][ T5853] usb 3-1: config 0 descriptor?? [ 315.397144][ T6235] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 315.707798][ T6235] ntfs3(loop4): ino=1a, mi_enum_attr [ 315.714727][ T6235] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 316.052043][ T6235] ntfs3(loop4): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 316.103372][ T5853] appletouch 3-1:0.85: Geyser mode initialized. [ 316.114652][ T5853] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input6 [ 316.353573][ T5853] usb 3-1: USB disconnect, device number 3 [ 316.440255][ T6247] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 316.457137][ T5853] appletouch 3-1:0.85: input: appletouch disconnected [ 317.801716][ T6258] loop4: detected capacity change from 0 to 1024 [ 319.320253][ T5911] kernel write not supported for file /snd/seq (pid: 5911 comm: kworker/0:5) [ 320.227091][ T6276] syz_tun: entered promiscuous mode [ 320.243816][ T6276] syz_tun: left promiscuous mode [ 320.279171][ T6277] use of bytesused == 0 is deprecated and will be removed in the future, [ 320.288775][ T6277] use the actual size instead. [ 320.885457][ T6284] netlink: 'syz.4.126': attribute type 10 has an invalid length. [ 320.922914][ T6284] batman_adv: batadv0: Adding interface: team0 [ 320.929467][ T6284] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 320.955649][ T6284] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 321.456454][ T6290] netlink: 28 bytes leftover after parsing attributes in process `syz.4.129'. [ 321.466525][ T6290] netem: change failed [ 322.661842][ T6297] loop4: detected capacity change from 0 to 256 [ 322.961207][ T6297] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 323.423425][ T6305] sp0: Synchronizing with TNC [ 323.750887][ T30] audit: type=1326 audit(1749908765.842:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6306 comm="syz.1.137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f171a18e929 code=0x0 [ 325.050781][ T6319] loop0: detected capacity change from 0 to 1024 [ 325.856646][ T6315] loop3: detected capacity change from 0 to 65536 [ 326.004651][ T6315] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 326.323359][ T6326] loop1: detected capacity change from 0 to 32768 [ 326.336725][ T6326] XFS: ikeep mount option is deprecated. [ 326.346921][ T6315] XFS (loop3): Ending clean mount [ 326.379919][ T6315] XFS (loop3): Quotacheck needed: Please wait. [ 326.418858][ T6326] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 326.498110][ T6315] XFS (loop3): Quotacheck: Done. [ 326.630013][ T6326] XFS (loop1): Ending clean mount [ 326.653993][ T5799] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2 [ 326.671824][ T6326] XFS (loop1): Quotacheck needed: Please wait. [ 326.717033][ T6326] XFS (loop1): Quotacheck: Done. [ 326.821606][ T6345] mmap: syz.2.146 (6345) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 327.063081][ T5804] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 328.262240][ T6347] loop0: detected capacity change from 0 to 32768 [ 328.276818][ T6347] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.147 (6347) [ 328.307921][ T6347] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 328.320008][ T6347] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm [ 328.331929][ T6347] BTRFS info (device loop0): using free-space-tree [ 329.248958][ T5809] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 332.228000][ T6389] loop2: detected capacity change from 0 to 2048 [ 332.390231][ T6389] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 332.612985][ T6393] loop1: detected capacity change from 0 to 256 [ 332.837370][ T6393] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 333.061171][ T6393] exFAT-fs (loop1): start_clu is invalid cluster(0x0) [ 333.083355][ T30] audit: type=1800 audit(1749908775.192:3): pid=6393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.161" name="file1" dev="loop1" ino=1048600 res=0 errno=0 [ 333.393049][ T5853] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 333.803139][ T5853] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 333.815521][ T5853] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 333.825311][ T5853] usb 2-1: Product: syz [ 333.829803][ T5853] usb 2-1: Manufacturer: syz [ 333.837138][ T5853] usb 2-1: SerialNumber: syz [ 333.986463][ T5853] usb 2-1: config 0 descriptor?? [ 334.068262][ T5853] ch341 2-1:0.0: ch341-uart converter detected [ 334.223567][ T5853] usb 2-1: failed to receive control message: -71 [ 334.230614][ T5853] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 334.364770][ T5853] usb 2-1: USB disconnect, device number 2 [ 334.376196][ T5853] ch341 2-1:0.0: device disconnected [ 335.330478][ T6415] loop3: detected capacity change from 0 to 2048 [ 335.437290][ T6415] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 337.614229][ T6434] loop2: detected capacity change from 0 to 1024 [ 337.886781][ T6434] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.140372][ T6434] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 338.171593][ T6434] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 338.184993][ T6434] EXT4-fs (loop2): This should not happen!! Data will be lost [ 338.184993][ T6434] [ 338.195318][ T6434] EXT4-fs (loop2): Total free blocks count 0 [ 338.201625][ T6434] EXT4-fs (loop2): Free/Dirty block details [ 338.208043][ T6434] EXT4-fs (loop2): free_blocks=68451041280 [ 338.221811][ T6434] EXT4-fs (loop2): dirty_blocks=80 [ 338.230040][ T6434] EXT4-fs (loop2): Block reservation details [ 338.237000][ T6434] EXT4-fs (loop2): i_reserved_data_blocks=5 [ 338.255349][ T6444] loop0: detected capacity change from 0 to 8 [ 338.575674][ T6444] SQUASHFS error: Failed to read block 0x2fc: -5 [ 338.582450][ T6444] SQUASHFS error: Unable to read metadata cache entry [2fa] [ 338.590594][ T6444] SQUASHFS error: Unable to read directory block [2fa:0] [ 338.786396][ T3947] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 58 with error 28 [ 338.982252][ T6450] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 338.990081][ T6450] IPv6: NLM_F_CREATE should be set when creating new route [ 339.679207][ T5859] IPVS: starting estimator thread 0... [ 339.688895][ T6457] IPVS: rr: SCTP 172.20.20.187:0 - no destination available [ 339.774619][ T6459] IPVS: using max 192 ests per chain, 9600 per kthread [ 340.053519][ T6464] loop4: detected capacity change from 0 to 128 [ 340.242287][ T30] audit: type=1800 audit(1749908782.352:4): pid=6464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.188" name="file2" dev="loop4" ino=1048601 res=0 errno=0 [ 340.283280][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.292512][ T6464] FAT-fs (loop4): Filesystem has been set read-only [ 340.299924][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.309209][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.325701][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.337396][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.344221][ T30] audit: type=1800 audit(1749908782.392:5): pid=6464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.188" name="file2" dev="loop4" ino=1048601 res=0 errno=0 [ 340.346635][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.387775][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.397131][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.406387][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.415764][ T6464] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 550) [ 340.897039][ T6460] loop0: detected capacity change from 0 to 4096 [ 340.907066][ T6471] netlink: 'syz.3.191': attribute type 1 has an invalid length. [ 340.921138][ T6469] loop2: detected capacity change from 0 to 64 [ 342.651348][ T6482] netlink: 'syz.3.195': attribute type 8 has an invalid length. [ 343.164955][ T5859] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 343.446054][ T5859] usb 5-1: Using ep0 maxpacket: 8 [ 343.476282][ T5859] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 343.486347][ T5859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.581938][ T5859] pvrusb2: Hardware description: Terratec Grabster AV400 [ 343.591193][ T5859] pvrusb2: ********** [ 343.596357][ T5859] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 343.607093][ T5859] pvrusb2: Important functionality might not be entirely working. [ 343.615472][ T5859] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 343.627560][ T5859] pvrusb2: ********** [ 343.910892][ T6488] loop2: detected capacity change from 0 to 4096 [ 344.143587][ T2335] pvrusb2: Invalid write control endpoint [ 344.244281][ T5859] usb 5-1: USB disconnect, device number 3 [ 344.432056][ T6494] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 344.607257][ T6490] loop3: detected capacity change from 0 to 32768 [ 344.819061][ T6490] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 344.914420][ T2335] pvrusb2: Invalid write control endpoint [ 344.920682][ T2335] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 344.930566][ T2335] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 344.938603][ T2335] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 344.949145][ T2335] pvrusb2: Device being rendered inoperable [ 344.955665][ T2335] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 344.963490][ T2335] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 344.976822][ T2335] pvrusb2: Attached sub-driver cx25840 [ 344.983616][ T2335] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 344.994253][ T2335] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 345.747661][ T6490] XFS (loop3): Ending clean mount [ 345.777766][ T6490] XFS (loop3): Quotacheck needed: Please wait. [ 345.866366][ T6490] XFS (loop3): Quotacheck: Done. [ 346.059007][ T5799] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 347.151133][ T6512] loop0: detected capacity change from 0 to 32768 [ 347.310800][ T6512] ERROR: (device loop0): diWrite: ixpxd invalid [ 347.310800][ T6512] [ 347.320943][ T6512] ERROR: (device loop0): remounting filesystem as read-only [ 347.340348][ T6512] ERROR: (device loop0): txAbort: [ 347.340348][ T6512] [ 347.639493][ T6519] netlink: 188 bytes leftover after parsing attributes in process `syz.2.207'. [ 347.649128][ T6519] netlink: 60 bytes leftover after parsing attributes in process `syz.2.207'. [ 349.321184][ T6540] loop0: detected capacity change from 0 to 1024 [ 349.713817][ T6548] Bluetooth: MGMT ver 1.23 [ 350.318371][ T6550] loop3: detected capacity change from 0 to 8 [ 350.530222][ T6550] SQUASHFS error: Failed to read block 0x2fc: -5 [ 350.537706][ T6550] SQUASHFS error: Unable to read metadata cache entry [2fa] [ 350.545798][ T6550] SQUASHFS error: Unable to read directory block [247:26] [ 350.640513][ T6555] loop1: detected capacity change from 0 to 1024 [ 350.694978][ T6559] tap0: tun_chr_ioctl cmd 1074812118 [ 351.479190][ T5085] hfsplus: b-tree write err: -5, ino 4 [ 351.544992][ T6568] loop3: detected capacity change from 0 to 256 [ 351.575847][ T6568] exfat: Deprecated parameter 'utf8' [ 351.907718][ T6572] loop4: detected capacity change from 0 to 512 [ 351.974623][ T6572] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 352.108298][ T6572] EXT4-fs (loop4): 1 orphan inode deleted [ 352.117153][ T6572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.134008][ T12] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 352.152205][ T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1 [ 352.154064][ T6572] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.473443][ T6583] netlink: 'syz.0.232': attribute type 2 has an invalid length. [ 352.534957][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 352.541770][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 352.832205][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 353.596464][ T6591] loop0: detected capacity change from 0 to 2048 [ 354.064360][ T6594] loop1: detected capacity change from 0 to 2048 [ 354.257146][ T6594] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 354.429649][ T6600] loop2: detected capacity change from 0 to 512 [ 354.449298][ T6603] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 354.548405][ T6600] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 354.584336][ T6594] capability: warning: `syz.1.236' uses 32-bit capabilities (legacy support in use) [ 354.850781][ T6609] loop4: detected capacity change from 0 to 512 [ 354.912410][ T6609] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 354.978269][ T6609] EXT4-fs (loop4): invalid journal inode [ 354.984943][ T6609] EXT4-fs (loop4): can't get journal size [ 355.086092][ T6609] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002] [ 355.201739][ T6609] System zones: 1-12, 13-13 [ 355.252022][ T6609] EXT4-fs (loop4): 1 truncate cleaned up [ 355.267235][ T6609] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 355.889951][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.443170][ T6621] loop4: detected capacity change from 0 to 256 [ 356.594268][ T6621] FAT-fs (loop4): error, clusters badly computed (0 != 128) [ 356.602313][ T6621] FAT-fs (loop4): Filesystem has been set read-only [ 356.609552][ T6621] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 357.487388][ T6636] loop1: detected capacity change from 0 to 256 [ 361.556588][ T6664] tun0: tun_chr_ioctl cmd 1074025676 [ 361.569515][ T6664] tun0: owner set to 0 [ 361.937520][ T6669] loop1: detected capacity change from 0 to 256 [ 362.403708][ T6669] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x19066d23, utbl_chksum : 0xe619d30d) [ 362.719874][ T6675] program syz.4.271 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 364.681504][ T6695] program syz.2.280 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 365.514759][ T6701] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 365.521422][ T6701] syzkaller0: linktype set to 769 [ 365.765576][ T6708] program syz.1.288 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 366.422899][ T6704] syz.0.285 (6704) used greatest stack depth: 4936 bytes left [ 367.280739][ T6723] netlink: 'syz.0.293': attribute type 21 has an invalid length. [ 367.289423][ T6723] netlink: 'syz.0.293': attribute type 4 has an invalid length. [ 367.372228][ T6729] loop4: detected capacity change from 0 to 512 [ 368.301415][ T6727] loop1: detected capacity change from 0 to 32768 [ 368.412197][ T6729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 368.428757][ T6729] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 368.702321][ T6729] EXT4-fs error (device loop4): ext4_get_first_dir_block:3525: inode #12: comm syz.4.296: Attempting to read directory block (0) that is past i_size (3) [ 368.813366][ T6729] EXT4-fs (loop4): Remounting filesystem read-only [ 369.427366][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.952974][ T1821] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 369.967350][ T1821] Quota error (device loop4): write_blk: dquota write failed [ 369.976502][ T1821] Quota error (device loop4): free_dqentry: Can't write quota data block 5 [ 370.298639][ T6738] loop3: detected capacity change from 0 to 32768 [ 370.311020][ T6742] loop0: detected capacity change from 0 to 1024 [ 370.357724][ T6738] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 370.374358][ T6738] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 370.429465][ T6742] EXT4-fs: Ignoring removed orlov option [ 370.435927][ T6742] EXT4-fs: Ignoring removed nomblk_io_submit option [ 370.444809][ T6738] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms [ 370.682996][ T6747] loop2: detected capacity change from 0 to 128 [ 370.693414][ T6738] gfs2: fsid=syz:syz.s: first mount done, others may mount [ 370.810461][ T6742] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.941978][ T6747] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 371.006396][ T6747] ext4 filesystem being mounted at /61/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 371.231485][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.117584][ T5803] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 372.921262][ T6763] netlink: 20 bytes leftover after parsing attributes in process `syz.0.309'. [ 375.153573][ T6787] netlink: 8 bytes leftover after parsing attributes in process `syz.1.318'. [ 376.563508][ T6800] loop4: detected capacity change from 0 to 512 [ 376.759169][ T6800] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.4.325: corrupted xattr block 95: invalid header [ 376.819791][ T6808] input: syz1 as /devices/virtual/input/input7 [ 376.875808][ T6800] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 376.970428][ T6800] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.325: bg 0: block 7: invalid block bitmap [ 377.073542][ T6800] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem [ 377.159078][ T6800] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #11: comm syz.4.325: corrupted xattr block 95: invalid header [ 377.242881][ T6800] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117) [ 377.252376][ T6800] EXT4-fs (loop4): 1 orphan inode deleted [ 377.261320][ T6800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 377.677867][ T6815] netlink: 20 bytes leftover after parsing attributes in process `syz.0.330'. [ 378.016530][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.916799][ T6828] loop0: detected capacity change from 0 to 2048 [ 379.118674][ T6828] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 382.186076][ T6868] netlink: 52 bytes leftover after parsing attributes in process `syz.3.352'. [ 382.919538][ T6877] loop0: detected capacity change from 0 to 512 [ 383.056535][ T6877] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 383.391961][ T6877] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 383.405665][ T6877] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 383.660272][ T6872] loop1: detected capacity change from 0 to 40427 [ 383.689793][ T6872] F2FS-fs (loop1): heap/no_heap options were deprecated [ 383.698165][ T6872] F2FS-fs (loop1): heap/no_heap options were deprecated [ 383.716952][ T6872] F2FS-fs (loop1): invalid crc value [ 384.120224][ T6872] F2FS-fs (loop1): Start checkpoint disabled! [ 384.185256][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.227588][ T6872] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6 [ 384.423622][ T30] audit: type=1800 audit(1749908826.472:6): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.354" name="file1" dev="loop1" ino=10 res=0 errno=0 [ 384.563515][ T1821] kworker/u8:10: attempt to access beyond end of device [ 384.563515][ T1821] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 384.578346][ T1821] CPU: 0 UID: 0 PID: 1821 Comm: kworker/u8:10 Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(undef) [ 384.578514][ T1821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 384.578653][ T1821] Workqueue: writeback wb_workfn (flush-7:1) [ 384.578870][ T1821] Call Trace: [ 384.578933][ T1821] [ 384.578988][ T1821] __dump_stack+0x26/0x30 [ 384.579183][ T1821] dump_stack_lvl+0x1df/0x270 [ 384.579395][ T1821] dump_stack+0x1e/0x25 [ 384.579579][ T1821] f2fs_handle_critical_error+0xa6f/0xc20 [ 384.579853][ T1821] f2fs_stop_checkpoint+0x65/0x80 [ 384.580085][ T1821] f2fs_write_end_io+0xb4b/0x1920 [ 384.580267][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.580523][ T1821] ? __pfx_f2fs_write_end_io+0x10/0x10 [ 384.580688][ T1821] bio_endio+0xe24/0xf80 [ 384.580906][ T1821] submit_bio_noacct+0x214/0x2710 [ 384.581176][ T1821] submit_bio+0x5a9/0x5d0 [ 384.581399][ T1821] f2fs_submit_write_bio+0x92/0x250 [ 384.581620][ T1821] __submit_merged_bio+0x16f/0x6a0 [ 384.581835][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.582074][ T1821] __submit_merged_write_cond+0x458/0x9a0 [ 384.582339][ T1821] f2fs_write_data_pages+0x4bb2/0x5480 [ 384.582715][ T1821] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 384.582923][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.583141][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.583379][ T1821] ? __update_load_avg_cfs_rq+0xd7f/0x1010 [ 384.583557][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.583775][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.584010][ T1821] ? __rb_insert_augmented+0x80/0x11b0 [ 384.584190][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.584418][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.584645][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.584863][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.585088][ T1821] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 384.585321][ T1821] ? __pfx_f2fs_write_data_pages+0x10/0x10 [ 384.585559][ T1821] do_writepages+0x3f2/0x860 [ 384.585758][ T1821] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 384.585989][ T1821] ? queue_io+0x711/0x790 [ 384.586165][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.586435][ T1821] __writeback_single_inode+0x101/0x1190 [ 384.586652][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.586900][ T1821] writeback_sb_inodes+0xaa9/0x1c90 [ 384.587217][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.587505][ T1821] wb_writeback+0x4ce/0xc00 [ 384.587724][ T1821] ? queue_io+0x411/0x790 [ 384.587935][ T1821] wb_workfn+0x397/0x1910 [ 384.588114][ T1821] ? kmsan_get_metadata+0xfb/0x160 [ 384.588375][ T1821] ? __pfx_wb_workfn+0x10/0x10 [ 384.588554][ T1821] process_scheduled_works+0xb91/0x1d80 [ 384.588858][ T1821] worker_thread+0xedf/0x1590 [ 384.589132][ T1821] kthread+0xd5c/0xf00 [ 384.589294][ T1821] ? __pfx_worker_thread+0x10/0x10 [ 384.589557][ T1821] ? __pfx_kthread+0x10/0x10 [ 384.589734][ T1821] ret_from_fork+0x1e0/0x310 [ 384.589910][ T1821] ? __pfx_kthread+0x10/0x10 [ 384.590088][ T1821] ret_from_fork_asm+0x1a/0x30 [ 384.590338][ T1821] [ 384.900703][ T1821] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 385.399725][ T5811] Bluetooth: hci1: command 0x0406 tx timeout [ 385.407145][ T5811] Bluetooth: hci4: command 0x0406 tx timeout [ 385.413993][ T5811] Bluetooth: hci0: command 0x0406 tx timeout [ 385.440436][ T5808] Bluetooth: hci2: command 0x0406 tx timeout [ 385.983558][ T6896] loop4: detected capacity change from 0 to 1024 [ 386.061507][ T6896] EXT4-fs: Ignoring removed nobh option [ 386.067959][ T6896] EXT4-fs: Ignoring removed bh option [ 386.269519][ T6896] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 387.184658][ T6899] loop2: detected capacity change from 0 to 40427 [ 387.223874][ T6899] F2FS-fs (loop2): Image doesn't support compression [ 387.231865][ T6899] F2FS-fs (loop2): heap/no_heap options were deprecated [ 387.287905][ T6899] F2FS-fs (loop2): invalid crc value [ 387.737646][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 387.825775][ T6899] F2FS-fs (loop2): checkpoint=disable on readonly fs [ 388.705256][ T6917] netlink: 68 bytes leftover after parsing attributes in process `syz.4.370'. [ 390.633213][ T6933] loop0: detected capacity change from 0 to 164 [ 390.930044][ T6933] rock: directory entry would overflow storage [ 390.936974][ T6933] rock: sig=0x4f50, size=4, remaining=3 [ 390.943319][ T6933] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 393.088933][ T6943] loop0: detected capacity change from 0 to 1024 [ 393.140518][ T6943] EXT4-fs: Ignoring removed nobh option [ 393.177843][ T6943] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 393.274696][ T6943] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.381: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 393.333747][ T6943] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.381: couldn't read orphan inode 11 (err -117) [ 393.425625][ T6943] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 393.645751][ T6943] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.381: Invalid block bitmap block 0 in block_group 0 [ 393.799864][ T6943] Quota error (device loop0): write_blk: dquota write failed [ 393.808115][ T6943] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 393.825732][ T6943] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.381: Failed to acquire dquot type 0 [ 393.912379][ T6943] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.381: Invalid inode bitmap blk 137438953472 in block_group 0 [ 393.987466][ T6943] syz.0.381 (6943) used greatest stack depth: 4792 bytes left [ 394.212095][ T49] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 394.246737][ T1821] EXT4-fs error (device loop0): __ext4_get_inode_loc:4792: comm kworker/u8:10: Invalid inode table block 8589934593 in block_group 0 [ 394.249003][ T49] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 394.301731][ T49] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 394.323525][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 394.338766][ T49] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 394.359060][ T49] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 394.852218][ T6958] syz.4.386 (6958) used greatest stack depth: 4376 bytes left [ 395.184431][ T6969] loop3: detected capacity change from 0 to 128 [ 395.516222][ T6969] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 395.547301][ T6969] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 396.231259][ T6959] chnl_net:caif_netlink_parms(): no params data found [ 396.393586][ T49] Bluetooth: hci2: command tx timeout [ 396.838146][ T5799] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 397.225874][ T6990] netlink: 8 bytes leftover after parsing attributes in process `syz.0.398'. [ 397.331296][ T6990] netlink: 'syz.0.398': attribute type 1 has an invalid length. [ 397.340099][ T6990] netlink: 'syz.0.398': attribute type 2 has an invalid length. [ 398.184068][ T7001] capability: warning: `syz.1.400' uses deprecated v2 capabilities in a way that may be insecure [ 398.325404][ T7001] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 398.338254][ T7001] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 398.387585][ T6959] bridge0: port 1(bridge_slave_0) entered blocking state [ 398.396087][ T6959] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.404570][ T6959] bridge_slave_0: entered allmulticast mode [ 398.414756][ T6959] bridge_slave_0: entered promiscuous mode [ 398.473293][ T49] Bluetooth: hci2: command tx timeout [ 398.504122][ T6959] bridge0: port 2(bridge_slave_1) entered blocking state [ 398.512116][ T6959] bridge0: port 2(bridge_slave_1) entered disabled state [ 398.520405][ T6959] bridge_slave_1: entered allmulticast mode [ 398.621622][ T6959] bridge_slave_1: entered promiscuous mode [ 399.100437][ T6959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 399.196582][ T6959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 399.483968][ T6959] team0: Port device team_slave_0 added [ 399.506670][ T6959] team0: Port device team_slave_1 added [ 400.058586][ T6959] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 400.068169][ T6959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.094324][ C1] vkms_vblank_simulate: vblank timer overrun [ 400.101715][ T6959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 400.364992][ T6959] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 400.374653][ T6959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.403654][ T6959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 400.564811][ T49] Bluetooth: hci2: command tx timeout [ 400.848907][ T7025] loop3: detected capacity change from 0 to 1024 [ 400.860048][ T7025] EXT4-fs: Ignoring removed mblk_io_submit option [ 400.867362][ T7025] EXT4-fs: Ignoring removed mblk_io_submit option [ 400.905803][ T7031] loop4: detected capacity change from 0 to 256 [ 400.963514][ T7031] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 400.974704][ T7031] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 401.000593][ T7025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 401.013744][ T7025] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 401.194151][ T7031] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 401.203809][ T30] audit: type=1326 audit(1749908843.292:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc30b18e929 code=0x7ffc0000 [ 401.219046][ T7025] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.412: bg 0: block 393: padding at end of block bitmap is not set [ 401.274008][ T6959] hsr_slave_0: entered promiscuous mode [ 401.285864][ T6959] hsr_slave_1: entered promiscuous mode [ 401.298456][ T6959] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 401.306534][ T6959] Cannot create hsr debugfs directory [ 401.323717][ T7036] loop0: detected capacity change from 0 to 128 [ 401.431041][ T30] audit: type=1326 audit(1749908843.432:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc30b18e929 code=0x7ffc0000 [ 401.453461][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.460947][ T30] audit: type=1326 audit(1749908843.432:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc30b18e963 code=0x7ffc0000 [ 401.484620][ T30] audit: type=1326 audit(1749908843.432:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc30b18d3df code=0x7ffc0000 [ 401.506763][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.516460][ T30] audit: type=1326 audit(1749908843.432:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc30b18e9b7 code=0x7ffc0000 [ 401.538696][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.545560][ T30] audit: type=1326 audit(1749908843.432:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc30b18d290 code=0x7ffc0000 [ 401.568371][ T30] audit: type=1326 audit(1749908843.432:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc30b18e52b code=0x7ffc0000 [ 401.590587][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.601470][ T30] audit: type=1326 audit(1749908843.442:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc30b18d58a code=0x7ffc0000 [ 401.623761][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.631131][ T30] audit: type=1326 audit(1749908843.442:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc30b18d58a code=0x7ffc0000 [ 401.653396][ C1] vkms_vblank_simulate: vblank timer overrun [ 401.660214][ T30] audit: type=1326 audit(1749908843.462:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7035 comm="syz.0.416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fc30b18d197 code=0x7ffc0000 [ 401.914362][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 402.103067][ T2016] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 402.361539][ T2016] usb 2-1: Using ep0 maxpacket: 8 [ 402.433482][ T2016] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 402.545189][ T2016] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 402.554879][ T2016] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 402.563606][ T2016] usb 2-1: Product: syz [ 402.568060][ T2016] usb 2-1: Manufacturer: syz [ 402.573181][ T2016] usb 2-1: SerialNumber: syz [ 402.633860][ T49] Bluetooth: hci2: command tx timeout [ 403.047630][ T2016] usb 2-1: Invalid connection information received from device [ 403.311217][ T5859] usb 2-1: USB disconnect, device number 3 [ 403.679760][ T6959] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 403.867990][ T2016] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 403.905359][ T6959] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 403.918010][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.424'. [ 404.033427][ T6959] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.080122][ T2016] usb 1-1: config 150 has an invalid interface number: 204 but max is 1 [ 404.090588][ T2016] usb 1-1: config 150 has no interface number 0 [ 404.098363][ T2016] usb 1-1: config 150 interface 204 has no altsetting 0 [ 404.106901][ T2016] usb 1-1: config 150 interface 1 has no altsetting 0 [ 404.149627][ T2016] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 404.165134][ T2016] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 404.175558][ T2016] usb 1-1: Product: syz [ 404.180035][ T2016] usb 1-1: Manufacturer: syz [ 404.185169][ T2016] usb 1-1: SerialNumber: syz [ 404.248302][ T6959] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 404.578325][ T7056] netlink: 28 bytes leftover after parsing attributes in process `syz.1.426'. [ 404.588134][ T7056] netlink: 28 bytes leftover after parsing attributes in process `syz.1.426'. [ 404.605615][ T2016] xr_serial 1-1:150.204: xr_serial converter detected [ 404.632459][ T7057] loop4: detected capacity change from 0 to 256 [ 404.675639][ T7057] exfat: Deprecated parameter 'namecase' [ 404.835283][ T6959] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 404.899866][ T6959] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 404.939672][ T7057] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 405.021876][ T6959] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 405.155889][ T6959] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 405.254860][ T2016] xr_serial ttyUSB0: Failed to set reg 0x0d: -71 [ 405.261852][ T2016] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71 [ 405.303610][ T2016] usb 1-1: USB disconnect, device number 3 [ 405.337490][ T7061] loop1: detected capacity change from 0 to 256 [ 405.396367][ T2016] xr_serial 1-1:150.204: device disconnected [ 406.140744][ T7064] loop3: detected capacity change from 0 to 2048 [ 406.446044][ T7064] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 406.673209][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 406.673295][ T30] audit: type=1800 audit(1749908848.782:27): pid=7064 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.429" name="file1" dev="loop3" ino=1415 res=0 errno=0 [ 406.965990][ T6959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 407.233301][ T6959] 8021q: adding VLAN 0 to HW filter on device team0 [ 407.374452][ T4126] bridge0: port 1(bridge_slave_0) entered blocking state [ 407.382151][ T4126] bridge0: port 1(bridge_slave_0) entered forwarding state [ 407.592785][ T4126] bridge0: port 2(bridge_slave_1) entered blocking state [ 407.600473][ T4126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 407.949910][ T6959] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 407.988359][ T7072] loop0: detected capacity change from 0 to 4096 [ 408.100221][ T7072] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 410.163547][ T2016] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 410.310459][ T6959] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 410.436007][ T2016] usb 1-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08 [ 410.446355][ T2016] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 410.496574][ T2016] usb 1-1: config 0 descriptor?? [ 410.603812][ T2016] gspca_main: cpia1-2.14.0 probing 0813:0001 [ 411.232924][ T6959] veth0_vlan: entered promiscuous mode [ 411.376518][ T2016] gspca_cpia1: usb_control_msg 01, error -71 [ 411.383659][ T2016] cpia1 1-1:0.0: only firmware version 1 is supported (got: 0) [ 411.417022][ T6959] veth1_vlan: entered promiscuous mode [ 411.498702][ T2016] usb 1-1: USB disconnect, device number 4 [ 411.819884][ T6959] veth0_macvtap: entered promiscuous mode [ 411.851825][ T7111] loop4: detected capacity change from 0 to 128 [ 411.958560][ T7111] FAT-fs (loop4): Directory bread(block 162) failed [ 411.965889][ T7111] FAT-fs (loop4): Directory bread(block 163) failed [ 411.973241][ T7111] FAT-fs (loop4): Directory bread(block 164) failed [ 411.980150][ T7111] FAT-fs (loop4): Directory bread(block 165) failed [ 411.989225][ T7111] FAT-fs (loop4): Directory bread(block 166) failed [ 411.989783][ T6959] veth1_macvtap: entered promiscuous mode [ 411.996845][ T7111] FAT-fs (loop4): Directory bread(block 167) failed [ 412.009786][ T7111] FAT-fs (loop4): Directory bread(block 168) failed [ 412.016988][ T7111] FAT-fs (loop4): Directory bread(block 169) failed [ 412.373029][ T6959] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 412.479204][ T6959] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 412.615486][ T6959] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.624804][ T6959] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.634229][ T6959] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.643647][ T6959] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.967108][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 413.974097][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 414.579959][ T7137] loop0: detected capacity change from 0 to 64 [ 414.859557][ T7137] syz.0.457: attempt to access beyond end of device [ 414.859557][ T7137] loop0: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 415.025815][ T7133] loop1: detected capacity change from 0 to 4096 [ 415.665063][ T7133] ntfs3(loop1): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr [ 416.080392][ T7145] loop0: detected capacity change from 0 to 1024 [ 416.158819][ T7145] EXT4-fs: inline encryption not supported [ 416.166472][ T7145] EXT4-fs: Ignoring removed bh option [ 416.444506][ T5853] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 416.459872][ T7145] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 416.623676][ T5853] usb 5-1: Using ep0 maxpacket: 16 [ 416.685720][ T5853] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 416.697466][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 416.709160][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 416.720062][ T5853] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0 [ 416.730390][ T5853] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 416.979166][ T5853] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 416.989491][ T5853] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 416.998270][ T5853] usb 5-1: Manufacturer: syz [ 417.083143][ T5853] usb 5-1: config 0 descriptor?? [ 417.648867][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.875724][ T5853] rc_core: IR keymap rc-hauppauge not found [ 417.884796][ T5853] Registered IR keymap rc-empty [ 417.892252][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 417.973954][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.029231][ T5853] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 418.048190][ T5853] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input8 [ 418.229238][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.344908][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.387470][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.414504][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.446805][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.476402][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.549712][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.593258][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.633693][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.671404][ T5853] mceusb 5-1:0.0: Error: mce write submit urb error = -90 [ 418.707376][ T5853] mceusb 5-1:0.0: Registered with mce emulator interface version 1 [ 418.717641][ T5853] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 418.870134][ T5853] usb 5-1: USB disconnect, device number 4 [ 419.347260][ T7178] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 420.168256][ T7188] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'. [ 420.177761][ T7188] netlink: 24 bytes leftover after parsing attributes in process `syz.0.471'. [ 422.065282][ T1821] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.073576][ T1821] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.471798][ T5085] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 422.480394][ T5085] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.753664][ T3784] bridge_slave_1: left allmulticast mode [ 422.759814][ T3784] bridge_slave_1: left promiscuous mode [ 422.770295][ T3784] bridge0: port 2(bridge_slave_1) entered disabled state [ 422.883326][ T3784] bridge_slave_0: left allmulticast mode [ 422.889516][ T3784] bridge_slave_0: left promiscuous mode [ 422.908083][ T3784] bridge0: port 1(bridge_slave_0) entered disabled state [ 423.549936][ T7222] loop1: detected capacity change from 0 to 256 [ 423.616872][ T30] audit: type=1326 audit(1749908865.722:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e7d3858e7 code=0x7ffc0000 [ 423.640860][ C1] vkms_vblank_simulate: vblank timer overrun [ 423.661624][ T7222] exfat: Deprecated parameter 'utf8' [ 423.668897][ T7222] exfat: Deprecated parameter 'utf8' [ 423.676791][ T7222] exfat: Deprecated parameter 'utf8' [ 423.935189][ T30] audit: type=1326 audit(1749908865.812:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e7d32ab19 code=0x7ffc0000 [ 423.958295][ T30] audit: type=1326 audit(1749908865.812:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e7d3858e7 code=0x7ffc0000 [ 423.984144][ T30] audit: type=1326 audit(1749908865.812:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e7d32ab19 code=0x7ffc0000 [ 424.006393][ C1] vkms_vblank_simulate: vblank timer overrun [ 424.013997][ T30] audit: type=1326 audit(1749908865.812:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e7d3858e7 code=0x7ffc0000 [ 424.036242][ C1] vkms_vblank_simulate: vblank timer overrun [ 424.045543][ T30] audit: type=1326 audit(1749908865.812:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e7d32ab19 code=0x7ffc0000 [ 424.068592][ T30] audit: type=1326 audit(1749908865.812:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e7d3858e7 code=0x7ffc0000 [ 424.092049][ T30] audit: type=1326 audit(1749908865.812:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e7d32ab19 code=0x7ffc0000 [ 424.116045][ T30] audit: type=1326 audit(1749908865.852:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9e7d3858e7 code=0x7ffc0000 [ 424.138472][ C1] vkms_vblank_simulate: vblank timer overrun [ 424.147859][ T30] audit: type=1326 audit(1749908865.852:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7219 comm="syz.4.482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9e7d32ab19 code=0x7ffc0000 [ 424.170358][ C1] vkms_vblank_simulate: vblank timer overrun [ 424.404999][ T3784] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 424.575183][ T3784] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 424.620746][ T3784] bond0 (unregistering): Released all slaves [ 424.817034][ T7222] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d) [ 425.426998][ T7233] loop4: detected capacity change from 0 to 1024 [ 425.670008][ T3784] hsr_slave_0: left promiscuous mode [ 425.710775][ T7236] loop3: detected capacity change from 0 to 16 [ 425.713272][ T3784] hsr_slave_1: left promiscuous mode [ 425.726286][ T3784] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 425.734278][ T3784] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 425.759952][ T3784] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 425.771263][ T3784] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 425.782733][ T7236] erofs (device loop3): mounted with root inode @ nid 36. [ 425.808911][ T7236] syz.3.489: attempt to access beyond end of device [ 425.808911][ T7236] loop3: rw=524288, sector=34359738360, nr_sectors = 32 limit=16 [ 425.825281][ T7236] syz.3.489: attempt to access beyond end of device [ 425.825281][ T7236] loop3: rw=524288, sector=34359738392, nr_sectors = 64 limit=16 [ 425.840663][ T7236] syz.3.489: attempt to access beyond end of device [ 425.840663][ T7236] loop3: rw=0, sector=34359738360, nr_sectors = 32 limit=16 [ 425.891661][ T3784] veth1_macvtap: left promiscuous mode [ 425.898310][ T3784] veth0_macvtap: left promiscuous mode [ 425.904652][ T3784] veth1_vlan: left promiscuous mode [ 425.910358][ T3784] veth0_vlan: left promiscuous mode [ 426.097859][ T12] hfsplus: b-tree write err: -5, ino 4 [ 426.452182][ T7242] loop0: detected capacity change from 0 to 16 [ 426.550661][ T7242] erofs (device loop0): mounted with root inode @ nid 36. [ 426.676517][ T7242] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 426.779567][ T7242] erofs (device loop0): failed to decompress -29 in[58, 4038] out[1851] [ 426.796407][ T7242] erofs (device loop0): read error -117 @ 43 of nid 36 [ 426.948307][ T7245] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 426.958149][ T7245] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36 [ 426.968426][ T7245] erofs (device loop0): readahead error at folio 42 @ nid 36 [ 426.976832][ T7245] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36 [ 426.985852][ T7245] erofs (device loop0): readahead error at folio 41 @ nid 36 [ 427.000146][ T7245] erofs (device loop0): bogus lookback distance 774 @ lcn 40 of nid 36 [ 427.010908][ T7245] erofs (device loop0): readahead error at folio 40 @ nid 36 [ 427.018985][ T7245] erofs (device loop0): readahead error at folio 39 @ nid 36 [ 427.027041][ T7245] erofs (device loop0): readahead error at folio 38 @ nid 36 [ 427.035561][ T7245] erofs (device loop0): readahead error at folio 36 @ nid 36 [ 427.044658][ T7245] erofs (device loop0): bogus lookback distance 1468 @ lcn 31 of nid 36 [ 427.053527][ T7245] erofs (device loop0): readahead error at folio 31 @ nid 36 [ 427.061919][ T7245] erofs (device loop0): readahead error at folio 25 @ nid 36 [ 427.069895][ T7245] erofs (device loop0): readahead error at folio 24 @ nid 36 [ 427.078506][ T7245] erofs (device loop0): readahead error at folio 19 @ nid 36 [ 427.087815][ T7245] syz.0.491: attempt to access beyond end of device [ 427.087815][ T7245] loop0: rw=524288, sector=784, nr_sectors = 64 limit=16 [ 427.109019][ T7245] syz.0.491: attempt to access beyond end of device [ 427.109019][ T7245] loop0: rw=524288, sector=13478624080, nr_sectors = 24 limit=16 [ 427.126811][ T7245] syz.0.491: attempt to access beyond end of device [ 427.126811][ T7245] loop0: rw=524288, sector=13478624032, nr_sectors = 48 limit=16 [ 427.144159][ T7245] erofs (device loop0): failed to decompress -29 in[58, 4038] out[2639] [ 427.153770][ T7245] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 427.162479][ T7245] erofs (device loop0): readahead error at folio 47 @ nid 36 [ 427.170508][ T7245] erofs (device loop0): bogus lookback distance 1586 @ lcn 46 of nid 36 [ 427.179728][ T7245] erofs (device loop0): readahead error at folio 46 @ nid 36 [ 427.188327][ T7245] erofs (device loop0): readahead error at folio 45 @ nid 36 [ 427.204761][ T7245] syz.0.491: attempt to access beyond end of device [ 427.204761][ T7245] loop0: rw=524288, sector=16, nr_sectors = 16 limit=16 [ 427.219775][ T7245] erofs (device loop0): failed to decompress -29 in[58, 4038] out[3537] [ 427.232487][ T3784] team0 (unregistering): Port device team_slave_1 removed [ 427.277444][ T3784] team0 (unregistering): Port device team_slave_0 removed [ 427.393130][ T2016] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 427.633710][ T2016] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 427.643685][ T2016] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 427.764713][ T7249] netlink: 'syz.3.494': attribute type 4 has an invalid length. [ 427.773095][ T7249] netlink: 72 bytes leftover after parsing attributes in process `syz.3.494'. [ 427.785910][ T2016] usb 3-1: config 0 descriptor?? [ 427.936211][ T2016] cp210x 3-1:0.0: cp210x converter detected [ 428.399859][ T2016] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 428.461839][ T2016] usb 3-1: cp210x converter now attached to ttyUSB0 [ 428.548323][ T3784] IPVS: stop unused estimator thread 0... [ 428.646645][ T2016] usb 3-1: USB disconnect, device number 4 [ 428.685243][ T2016] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 428.728273][ T2016] cp210x 3-1:0.0: device disconnected [ 430.197471][ T7275] loop3: detected capacity change from 0 to 2048 [ 430.291653][ T7275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 430.805550][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.463957][ T7303] loop3: detected capacity change from 0 to 2048 [ 432.643470][ T7303] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 432.695156][ T30] kauditd_printk_skb: 25 callbacks suppressed [ 432.695237][ T30] audit: type=1800 audit(1749908874.812:63): pid=7303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.517" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 432.705981][ T7303] EXT4-fs (loop3): shut down requested (2) [ 432.762244][ T7309] loop1: detected capacity change from 0 to 256 [ 432.785142][ T7309] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005) [ 432.796190][ T7309] FAT-fs (loop1): Filesystem has been set read-only [ 433.089876][ T5799] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.126167][ T5804] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005) [ 433.690297][ T7323] loop2: detected capacity change from 0 to 512 [ 433.783205][ T7323] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 433.849028][ T7323] EXT4-fs (loop2): invalid journal inode [ 433.858194][ T7323] EXT4-fs (loop2): can't get journal size [ 434.005114][ T7323] EXT4-fs (loop2): 1 truncate cleaned up [ 434.013948][ T7323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 434.359627][ T7318] loop1: detected capacity change from 0 to 32768 [ 434.415598][ T7318] o2cb: This node has not been configured. [ 434.421776][ T7318] o2cb: Cluster check failed. Fix errors before retrying. [ 434.429582][ T7318] (syz.1.525,7318,0):ocfs2_dlm_init:3354 ERROR: status = -22 [ 434.438406][ T7318] (syz.1.525,7318,0):ocfs2_mount_volume:1735 ERROR: status = -22 [ 434.450887][ T7318] (syz.1.525,7318,0):ocfs2_fill_super:1177 ERROR: status = -22 [ 434.892224][ T6959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.692947][ T7365] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 436.692947][ T7365] The task syz.1.541 (7365) triggered the difference, watch for misbehavior. [ 437.147712][ T7368] netlink: 136 bytes leftover after parsing attributes in process `syz.0.546'. [ 437.157356][ T7368] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 438.756187][ T7389] loop0: detected capacity change from 0 to 1024 [ 439.828341][ T7409] loop3: detected capacity change from 0 to 16 [ 439.854442][ T7409] erofs (device loop3): mounted with root inode @ nid 36. [ 439.908821][ T30] audit: type=1800 audit(1749908882.022:64): pid=7409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.563" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 440.893841][ T2016] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 441.103430][ T2016] usb 1-1: Using ep0 maxpacket: 32 [ 441.147336][ T2016] usb 1-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30 [ 441.159014][ T2016] usb 1-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.170646][ T2016] usb 1-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 441.172223][ T7431] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 441.184167][ T2016] usb 1-1: config 0 interface 0 has no altsetting 0 [ 441.198937][ T2016] usb 1-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 441.208555][ T2016] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.345864][ T2016] usb 1-1: config 0 descriptor?? [ 441.833698][ T2016] zeroplus 0003:0C12:0030.0001: hidraw0: USB HID v0.03 Device [HID 0c12:0030] on usb-dummy_hcd.0-1/input0 [ 441.856990][ T2016] zeroplus 0003:0C12:0030.0001: no inputs found [ 441.965189][ T7440] loop2: detected capacity change from 0 to 256 [ 441.997388][ T2016] usb 1-1: USB disconnect, device number 5 [ 442.099196][ T7440] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 442.333494][ T7443] loop4: detected capacity change from 0 to 256 [ 442.823807][ T7448] loop2: detected capacity change from 0 to 256 [ 442.856037][ T7448] exfat: Unknown parameter 'namecascard' [ 443.232352][ T7452] loop4: detected capacity change from 0 to 1024 [ 443.280201][ T7452] EXT4-fs: Ignoring removed oldalloc option [ 443.404522][ T7452] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.655112][ T7459] loop2: detected capacity change from 0 to 4096 [ 443.896826][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.926755][ T7463] netlink: 12 bytes leftover after parsing attributes in process `syz.1.587'. [ 445.281091][ T7468] loop0: detected capacity change from 0 to 32768 [ 445.412127][ T7468] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 445.412275][ T7468] allowing incompatible features above 0.0: (unknown version) [ 445.412375][ T7468] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 445.460173][ T7468] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0 [ 445.468899][ T7468] bcachefs (loop0): initializing new filesystem [ 445.494041][ T7468] bcachefs (loop0): going read-write [ 445.649254][ T7468] bcachefs (loop0): marking superblocks [ 445.717555][ T7468] bcachefs (loop0): initializing freespace [ 445.761481][ T7468] bcachefs (loop0): done initializing freespace [ 445.785100][ T7468] bcachefs (loop0): reading snapshots table [ 445.791603][ T7468] bcachefs (loop0): reading snapshots done [ 445.965574][ T7468] bcachefs (loop0): done starting filesystem [ 446.219536][ T7468] syz.0.589 (7468) used greatest stack depth: 1280 bytes left [ 446.277582][ T5809] bcachefs (loop0): shutting down [ 446.283721][ T5809] bcachefs (loop0): going read-only [ 446.289524][ T5809] bcachefs (loop0): finished waiting for writes to stop [ 446.374457][ T2016] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 446.396269][ T5809] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3 [ 446.574807][ T2016] usb 2-1: Using ep0 maxpacket: 16 [ 446.603776][ T5809] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3 [ 446.624264][ T2016] usb 2-1: config 0 has an invalid interface number: 251 but max is 0 [ 446.632973][ T2016] usb 2-1: config 0 has no interface number 0 [ 446.639623][ T2016] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 446.650427][ T2016] usb 2-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 446.721399][ T2016] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 446.731373][ T2016] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 446.739898][ T2016] usb 2-1: Product: syz [ 446.744542][ T2016] usb 2-1: Manufacturer: syz [ 446.746630][ T5809] bcachefs (loop0): clean shutdown complete, journal seq 4 [ 446.749329][ T2016] usb 2-1: SerialNumber: syz [ 446.773906][ T2016] usb 2-1: config 0 descriptor?? [ 446.782199][ T7496] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 446.791212][ T7496] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 446.824322][ T5809] bcachefs (loop0): marking filesystem clean [ 446.987418][ T5809] bcachefs (loop0): shutdown complete [ 447.069080][ T7496] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 447.111420][ T7496] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 447.595019][ T2016] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 447.605857][ T2016] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71 [ 447.619211][ T2016] asix 2-1:0.251: probe with driver asix failed with error -71 [ 447.691943][ T2016] usb 2-1: USB disconnect, device number 4 [ 447.718763][ T7507] netlink: 8 bytes leftover after parsing attributes in process `syz.4.604'. [ 448.000542][ T7509] loop6: detected capacity change from 0 to 63 [ 448.254420][ T7513] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check. [ 450.661191][ T7534] loop1: detected capacity change from 0 to 8192 [ 451.000308][ T7546] loop3: detected capacity change from 0 to 64 [ 451.076239][ T7546] hfs: unable to locate alternate MDB [ 451.081929][ T7546] hfs: continuing without an alternate MDB [ 451.203211][ T30] audit: type=1800 audit(1749908893.292:65): pid=7546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.622" name="file1" dev="loop3" ino=18 res=0 errno=0 [ 451.698788][ T7552] loop4: detected capacity change from 0 to 2048 [ 451.743534][ T7552] EXT4-fs: Ignoring removed mblk_io_submit option [ 451.878652][ T7552] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 452.035760][ T30] audit: type=1800 audit(1749908894.142:66): pid=7552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.624" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 452.056574][ T7565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.628'. [ 452.401935][ T7567] loop3: detected capacity change from 0 to 256 [ 452.425967][ T7567] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 452.437553][ T7567] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 452.556842][ T5810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.593570][ T7567] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d) [ 452.710410][ T7572] loop0: detected capacity change from 0 to 256 [ 452.891711][ T7572] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 453.047639][ C0] hrtimer: interrupt took 94215 ns [ 453.106930][ T7577] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff) [ 453.115588][ T7577] exFAT-fs (loop0): valid_size(150994954) is greater than size(10) [ 454.681201][ T7588] loop4: detected capacity change from 0 to 32768 [ 454.733681][ T7588] JBD2: Ignoring recovery information on journal [ 454.903169][ T7588] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 455.025953][ T7587] loop0: detected capacity change from 0 to 4096 [ 455.090379][ T7587] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 455.114032][ T7598] loop1: detected capacity change from 0 to 512 [ 455.134755][ T5810] ocfs2: Unmounting device (7,4) on (node local) [ 455.148416][ T7598] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 455.286111][ T7598] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #17: comm syz.1.641: corrupted in-inode xattr: invalid ea_ino [ 455.353330][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.644'. [ 455.363309][ T7598] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.641: couldn't read orphan inode 17 (err -117) [ 455.383154][ T7598] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 455.492955][ T7587] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 455.544830][ T7587] ntfs3(loop0): Failed to initialize $Extend/$ObjId. [ 455.552221][ T7587] ntfs3(loop0): ino=5, mi_enum_attr [ 455.558234][ T7587] ntfs3(loop0): Failed to load root (-22). [ 455.845775][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.990088][ T7608] loop3: detected capacity change from 0 to 32768 [ 457.023344][ T7608] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.648 (7608) [ 457.048652][ T7608] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 457.059560][ T7608] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm [ 457.069066][ T7608] BTRFS info (device loop3): using free-space-tree [ 457.330733][ T7608] BTRFS info (device loop3): checking UUID tree [ 457.349382][ T7630] tipc: Started in network mode [ 457.355598][ T7630] tipc: Node identity _.......@:, cluster identity 4711 [ 457.394652][ T7608] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 458.016228][ T7612] loop2: detected capacity change from 0 to 4096 [ 458.120010][ T7612] NILFS (loop2): invalid segment: Checksum error in segment payload [ 458.131792][ T7612] NILFS (loop2): trying rollback from an earlier position [ 458.258860][ T7637] loop4: detected capacity change from 0 to 1024 [ 458.283282][ T7612] NILFS (loop2): recovery complete [ 458.344636][ T7642] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 458.378866][ T7641] netlink: 4 bytes leftover after parsing attributes in process `syz.1.654'. [ 458.487828][ T7644] netlink: 12 bytes leftover after parsing attributes in process `syz.1.654'. [ 458.546542][ T7645] @: renamed from vlan0 (while UP) [ 459.203170][ T7651] loop1: detected capacity change from 0 to 1024 [ 459.288622][ T7651] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 459.892338][ T5804] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 460.645143][ T7680] netlink: 52 bytes leftover after parsing attributes in process `syz.2.668'. [ 460.655096][ T7680] netlink: 32 bytes leftover after parsing attributes in process `syz.2.668'. [ 461.766187][ T7684] loop4: detected capacity change from 0 to 4096 [ 461.874351][ T7684] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 462.147212][ T7688] loop2: detected capacity change from 0 to 32768 [ 462.163733][ T7688] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.672 (7688) [ 462.215536][ T7688] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 462.234566][ T7688] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm [ 462.246250][ T7688] BTRFS info (device loop2): using free-space-tree [ 462.323048][ T5853] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 462.557586][ T5853] usb 1-1: Using ep0 maxpacket: 32 [ 462.701073][ T6959] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 463.424146][ T7715] loop1: detected capacity change from 0 to 32768 [ 463.454188][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 463.467153][ T5853] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 463.477883][ T5853] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 463.491331][ T5853] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00 [ 463.503999][ T5853] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.643572][ T7715] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 463.643737][ T7715] allowing incompatible features above 0.0: (unknown version) [ 463.643838][ T7715] features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes [ 463.691164][ T7715] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0 [ 463.700844][ T7715] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 463.710846][ T7715] bcachefs (loop1): Version upgrade required: [ 463.710846][ T7715] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 463.710846][ T7715] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive [ 463.710846][ T7715] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance [ 463.784658][ C1] vkms_vblank_simulate: vblank timer overrun [ 463.796322][ T7715] bcachefs (loop1): dropping and reconstructing all alloc info [ 463.826056][ T5853] usb 1-1: config 0 descriptor?? [ 463.926985][ T7715] bcachefs (loop1): accounting_read... done [ 463.941981][ T7715] bcachefs (loop1): alloc_read... done [ 463.952707][ T7715] bcachefs (loop1): snapshots_read... done [ 463.971421][ T7715] bcachefs (loop1): done starting filesystem [ 464.279699][ T5804] bcachefs (loop1): shutting down [ 464.520969][ T5804] bcachefs (loop1): shutdown complete [ 464.604294][ T5853] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0002/input/input9 [ 464.684527][ T5853] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.0002/input/input10 [ 464.842283][ T5853] kye 0003:0458:5011.0002: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0 [ 465.075856][ T5853] usb 1-1: USB disconnect, device number 6 [ 465.945512][ T7738] loop3: detected capacity change from 0 to 1024 [ 466.535833][ T7734] loop2: detected capacity change from 0 to 32768 [ 466.580416][ T7734] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.686 (7734) [ 466.606158][ T7734] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 466.617425][ T7734] BTRFS info (device loop2): using crc32c (crc32c-x86_64) checksum algorithm [ 466.635576][ T7734] BTRFS info (device loop2): disk space caching is enabled [ 466.643374][ T7734] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 466.786403][ T7734] BTRFS info (device loop2): rebuilding free space tree [ 466.845233][ T7734] BTRFS info (device loop2): disabling free space tree [ 466.854913][ T7734] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 466.865162][ T7734] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 466.983647][ T5853] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 467.108858][ T6959] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 467.210987][ T5853] usb 5-1: Using ep0 maxpacket: 32 [ 467.293695][ T5853] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 467.305955][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11 [ 467.318178][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 467.329952][ T5853] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 467.341398][ T5853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.535868][ T5853] usb 5-1: config 0 descriptor?? [ 467.547478][ T7756] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 467.597602][ T5853] hub 5-1:0.0: USB hub found [ 467.914592][ T5853] hub 5-1:0.0: config failed, hub has too many ports! (err -19) [ 468.165727][ T5853] usbhid 5-1:0.0: can't add hid device: -71 [ 468.172805][ T5853] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 468.262851][ T5853] usb 5-1: USB disconnect, device number 5 [ 468.528623][ T7772] mkiss: ax0: crc mode is auto. [ 469.031894][ T7776] netlink: 'syz.3.699': attribute type 14 has an invalid length. [ 469.411922][ T7784] bridge0: entered promiscuous mode [ 469.417887][ T7784] macvlan2: entered promiscuous mode [ 469.892898][ T2016] usb 4-1: new full-speed USB device number 3 using dummy_hcd [ 470.091648][ T2016] usb 4-1: config 0 has an invalid interface number: 30 but max is 0 [ 470.107023][ T2016] usb 4-1: config 0 has no interface number 0 [ 470.116230][ T2016] usb 4-1: New USB device found, idVendor=0572, idProduct=d811, bcdDevice=94.e2 [ 470.125925][ T2016] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 470.178582][ T2016] usb 4-1: config 0 descriptor?? [ 470.237640][ T2016] dvb-usb: found a 'Mygica D689 DMB-TH' in warm state. [ 470.246788][ T2016] usb 4-1: setting power ON [ 470.251650][ T2016] dvb-usb: bulk message failed: -22 (2/0) [ 470.429448][ T2016] dvb-usb: bulk message failed: -22 (1/0) [ 470.580079][ T2016] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 470.647425][ T2016] dvb-usb: Mygica D689 DMB-TH error while loading driver (-19) [ 470.655982][ T2016] dvb_usb_cxusb 4-1:0.30: probe with driver dvb_usb_cxusb failed with error -22 [ 470.708673][ T2016] usb 4-1: USB disconnect, device number 3 [ 471.886785][ T7817] loop0: detected capacity change from 0 to 1024 [ 472.929735][ T7812] loop3: detected capacity change from 0 to 32768 [ 472.943394][ T7817] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 472.957369][ T7817] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 472.998525][ T7812] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 473.010618][ T7812] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 473.029224][ T7812] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms [ 473.041555][ T2016] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 473.048941][ T2016] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 473.309834][ T2016] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 260ms [ 473.318517][ T2016] gfs2: fsid=syz:syz.0: jid=0: Done [ 473.324709][ T7812] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 473.338883][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 474.339369][ T7843] netlink: 52 bytes leftover after parsing attributes in process `syz.1.726'. [ 474.349001][ T7843] netlink: 26 bytes leftover after parsing attributes in process `syz.1.726'. [ 474.358483][ T7843] netlink: 26 bytes leftover after parsing attributes in process `syz.1.726'. [ 474.788139][ T7851] loop0: detected capacity change from 0 to 256 [ 474.850196][ T7851] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 474.861497][ T7851] exFAT-fs (loop0): Medium has reported failures. Some data may be lost. [ 475.002886][ T7851] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 475.319211][ T7859] netlink: 8 bytes leftover after parsing attributes in process `syz.4.733'. [ 475.395260][ T1287] ieee802154 phy0 wpan0: encryption failed: -22 [ 475.402298][ T1287] ieee802154 phy1 wpan1: encryption failed: -22 [ 476.321069][ T7872] netlink: 16 bytes leftover after parsing attributes in process `syz.3.739'. [ 477.039025][ T7884] netlink: 48 bytes leftover after parsing attributes in process `syz.1.745'. [ 477.448318][ T7890] netlink: 132 bytes leftover after parsing attributes in process `syz.0.747'. [ 478.011466][ T7887] loop2: detected capacity change from 0 to 32768 [ 478.263341][ T5853] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 478.503282][ T5853] usb 5-1: Using ep0 maxpacket: 32 [ 478.540599][ T5853] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 478.550877][ T5853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 478.567503][ T5853] usb 5-1: config 0 descriptor?? [ 478.859549][ T5853] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 478.915908][ T5853] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 478.986013][ T5853] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 478.993765][ T5853] usb 5-1: media controller created [ 479.164736][ T5853] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 479.690349][ T5853] az6027: usb out operation failed. (-71) [ 479.698295][ T5853] stb0899_attach: Driver disabled by Kconfig [ 479.704862][ T5853] az6027: no front-end attached [ 479.704862][ T5853] [ 479.803915][ T5853] az6027: usb out operation failed. (-71) [ 479.810195][ T5853] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 479.821116][ T5853] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11 [ 479.925488][ T5853] dvb-usb: schedule remote query interval to 400 msecs. [ 479.936601][ T5853] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 480.069986][ T5853] usb 5-1: USB disconnect, device number 6 [ 480.183130][ T7912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.757'. [ 480.615039][ T5853] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 480.937801][ T7922] loop4: detected capacity change from 0 to 16 [ 481.089815][ T7923] tap0: tun_chr_ioctl cmd 1074025677 [ 481.098176][ T7923] tap0: linktype set to 774 [ 481.873134][ T5853] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 482.098271][ T5853] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 482.107998][ T5853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 482.155741][ T5853] usb 5-1: config 0 descriptor?? [ 482.214695][ T5853] cp210x 5-1:0.0: cp210x converter detected [ 482.595747][ T7941] loop1: detected capacity change from 0 to 2048 [ 482.752448][ T7941] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 482.862115][ T5853] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71 [ 482.870731][ T5853] cp210x 5-1:0.0: GPIO initialisation failed: -71 [ 482.897031][ T5853] usb 5-1: cp210x converter now attached to ttyUSB0 [ 482.961192][ T5853] usb 5-1: USB disconnect, device number 7 [ 482.986107][ T5853] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 482.996131][ T5853] cp210x 5-1:0.0: device disconnected [ 484.505285][ T7962] loop4: detected capacity change from 0 to 4096 [ 484.681012][ T7962] ntfs3(loop4): ino=19, mi_enum_attr [ 484.686955][ T7962] ntfs3(loop4): Mark volume as dirty due to NTFS errors [ 485.811806][ T753] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.054898][ T753] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.259037][ T753] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 486.450474][ T753] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 487.054268][ T753] bridge_slave_1: left allmulticast mode [ 487.060282][ T753] bridge_slave_1: left promiscuous mode [ 487.067542][ T753] bridge0: port 2(bridge_slave_1) entered disabled state [ 487.157641][ T753] bridge_slave_0: left allmulticast mode [ 487.169428][ T753] bridge_slave_0: left promiscuous mode [ 487.176558][ T753] bridge0: port 1(bridge_slave_0) entered disabled state [ 487.854775][ T753] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 487.874422][ T753] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 487.898380][ T753] bond0 (unregistering): Released all slaves [ 488.633152][ T753] hsr_slave_0: left promiscuous mode [ 488.657204][ T753] hsr_slave_1: left promiscuous mode [ 488.666021][ T753] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 488.676701][ T753] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 488.755956][ T753] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 488.764156][ T753] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 488.909046][ T753] veth1_macvtap: left promiscuous mode [ 488.915385][ T753] veth0_macvtap: left promiscuous mode [ 488.921605][ T753] veth1_vlan: left promiscuous mode [ 488.927596][ T753] veth0_vlan: left promiscuous mode [ 488.981007][ T7989] loop4: detected capacity change from 0 to 64 [ 489.125714][ T7988] loop1: detected capacity change from 0 to 512 [ 489.206870][ T7984] loop0: detected capacity change from 0 to 1024 [ 489.426239][ T7988] EXT4-fs (loop1): too many log groups per flexible block group [ 489.435464][ T7988] EXT4-fs (loop1): failed to initialize mballoc (-12) [ 489.449197][ T7988] EXT4-fs (loop1): mount failed [ 490.017121][ T49] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 490.066596][ T753] team0 (unregistering): Port device team_slave_1 removed [ 490.067013][ T49] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 490.116651][ T49] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 490.127496][ T753] team0 (unregistering): Port device team_slave_0 removed [ 490.255168][ T49] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 490.267561][ T49] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 490.596731][ T4126] hfsplus: b-tree write err: -5, ino 4 [ 492.388615][ T7993] chnl_net:caif_netlink_parms(): no params data found [ 492.473174][ T49] Bluetooth: hci0: command tx timeout [ 493.194390][ T8028] loop2: detected capacity change from 0 to 256 [ 493.391193][ T8028] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 493.772144][ T7993] bridge0: port 1(bridge_slave_0) entered blocking state [ 493.780243][ T7993] bridge0: port 1(bridge_slave_0) entered disabled state [ 493.788610][ T7993] bridge_slave_0: entered allmulticast mode [ 493.805601][ T7993] bridge_slave_0: entered promiscuous mode [ 493.870173][ T7993] bridge0: port 2(bridge_slave_1) entered blocking state [ 493.878453][ T7993] bridge0: port 2(bridge_slave_1) entered disabled state [ 493.886911][ T7993] bridge_slave_1: entered allmulticast mode [ 493.897257][ T7993] bridge_slave_1: entered promiscuous mode [ 494.100570][ T7993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 494.176293][ T7993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 494.560561][ T49] Bluetooth: hci0: command tx timeout [ 494.634436][ T7993] team0: Port device team_slave_0 added [ 494.792937][ T5085] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 494.911556][ T7993] team0: Port device team_slave_1 added [ 495.210695][ T5085] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.421381][ T7993] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 495.428879][ T7993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 495.455199][ C1] vkms_vblank_simulate: vblank timer overrun [ 495.462196][ T7993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 495.525685][ T5085] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 495.586908][ T7993] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 495.594540][ T7993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 495.620814][ C1] vkms_vblank_simulate: vblank timer overrun [ 495.629360][ T7993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 495.782856][ T5085] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 496.050542][ T7993] hsr_slave_0: entered promiscuous mode [ 496.061574][ T7993] hsr_slave_1: entered promiscuous mode [ 496.190387][ T5085] bridge_slave_1: left allmulticast mode [ 496.196962][ T5085] bridge_slave_1: left promiscuous mode [ 496.203966][ T5085] bridge0: port 2(bridge_slave_1) entered disabled state [ 496.239341][ T5085] bridge_slave_0: left allmulticast mode [ 496.245861][ T5085] bridge_slave_0: left promiscuous mode [ 496.253375][ T5085] bridge0: port 1(bridge_slave_0) entered disabled state [ 496.637057][ T49] Bluetooth: hci0: command tx timeout [ 496.821540][ T5085] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 496.875427][ T5085] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 496.898823][ T5085] bond0 (unregistering): Released all slaves [ 497.265931][ T5859] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 497.452422][ T5859] usb 2-1: config 0 has an invalid interface number: 98 but max is 0 [ 497.465655][ T5859] usb 2-1: config 0 has no interface number 0 [ 497.472095][ T5859] usb 2-1: config 0 interface 98 has no altsetting 0 [ 497.555946][ T5859] usb 2-1: New USB device found, idVendor=1110, idProduct=9024, bcdDevice=db.24 [ 497.566028][ T5859] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 497.576967][ T5859] usb 2-1: Product: syz [ 497.581613][ T5859] usb 2-1: Manufacturer: syz [ 497.586807][ T5859] usb 2-1: SerialNumber: syz [ 497.685312][ T5859] usb 2-1: config 0 descriptor?? [ 497.706155][ T5085] hsr_slave_0: left promiscuous mode [ 497.727990][ T5085] hsr_slave_1: left promiscuous mode [ 497.739749][ T5085] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 497.748598][ T5085] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 497.777716][ T5085] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 497.786409][ T5085] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 497.881711][ T5805] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 497.896786][ T5805] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 497.927641][ T5085] veth1_macvtap: left promiscuous mode [ 497.933764][ T5085] veth0_macvtap: left promiscuous mode [ 497.939853][ T5085] veth1_vlan: left promiscuous mode [ 497.945926][ T5085] veth0_vlan: left promiscuous mode [ 497.951970][ T5859] usb 2-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9024) Rev (0XDB24): Eagle II [ 497.959055][ T5805] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 498.038853][ T5805] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 498.055732][ T5805] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 498.733339][ T5805] Bluetooth: hci0: command tx timeout [ 498.969437][ T5085] team0 (unregistering): Port device team_slave_1 removed [ 499.206122][ T5085] team0 (unregistering): Port device team_slave_0 removed [ 499.364013][ T5859] usb 2-1: reset high-speed USB device number 5 using dummy_hcd [ 499.927258][ T5859] usb 2-1: [ueagle-atm] pre-firmware device, uploading firmware [ 499.935789][ T5859] usb 2-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw [ 499.974334][ T5853] usb 2-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2 [ 499.984231][ T5853] usb 2-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw [ 500.147945][ T5911] usb 2-1: USB disconnect, device number 5 [ 500.238386][ T5805] Bluetooth: hci2: command tx timeout [ 500.845307][ T8083] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 501.147529][ T7993] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 501.224575][ T7993] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 501.290616][ T7993] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 501.389350][ T7993] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 501.460546][ T8062] chnl_net:caif_netlink_parms(): no params data found [ 501.600602][ T8089] loop0: detected capacity change from 0 to 2048 [ 501.778008][ T8089] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.938962][ T8089] EXT4-fs error (device loop0): ext4_find_dest_de:2052: inode #12: block 9: comm syz.0.832: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0 [ 502.003780][ T8089] EXT4-fs (loop0): Remounting filesystem read-only [ 502.313651][ T5805] Bluetooth: hci2: command tx timeout [ 502.414839][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 502.552980][ T7993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 502.902237][ T8062] bridge0: port 1(bridge_slave_0) entered blocking state [ 502.910376][ T8062] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.918795][ T8062] bridge_slave_0: entered allmulticast mode [ 502.929110][ T8062] bridge_slave_0: entered promiscuous mode [ 502.965043][ T7993] 8021q: adding VLAN 0 to HW filter on device team0 [ 503.046532][ T4033] bridge0: port 1(bridge_slave_0) entered blocking state [ 503.054565][ T4033] bridge0: port 1(bridge_slave_0) entered forwarding state [ 503.111209][ T8062] bridge0: port 2(bridge_slave_1) entered blocking state [ 503.119138][ T8062] bridge0: port 2(bridge_slave_1) entered disabled state [ 503.127593][ T8062] bridge_slave_1: entered allmulticast mode [ 503.137726][ T8062] bridge_slave_1: entered promiscuous mode [ 503.170776][ T4033] bridge0: port 2(bridge_slave_1) entered blocking state [ 503.178736][ T4033] bridge0: port 2(bridge_slave_1) entered forwarding state [ 503.471415][ T8062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 503.617968][ T8062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 504.067180][ T8062] team0: Port device team_slave_0 added [ 504.118881][ T8062] team0: Port device team_slave_1 added [ 504.400022][ T5805] Bluetooth: hci2: command tx timeout [ 504.414647][ T8062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 504.421966][ T8062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 504.448292][ C1] vkms_vblank_simulate: vblank timer overrun [ 504.455436][ T8062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 504.474060][ T8062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 504.481529][ T8062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 504.509517][ T8062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 504.551624][ T8123] loop0: detected capacity change from 0 to 512 [ 504.694473][ T8123] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 504.884457][ T8123] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.844: bg 0: block 384: padding at end of block bitmap is not set [ 504.953407][ T8123] EXT4-fs (loop0): Remounting filesystem read-only [ 504.960882][ T8123] EXT4-fs (loop0): 1 truncate cleaned up [ 504.970029][ T8123] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 505.021898][ T8062] hsr_slave_0: entered promiscuous mode [ 505.036082][ T8062] hsr_slave_1: entered promiscuous mode [ 505.045909][ T8062] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 505.054103][ T8062] Cannot create hsr debugfs directory [ 505.063013][ T8123] EXT4-fs (loop0): shut down requested (2) [ 505.485910][ T5809] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 506.158886][ T8140] ===================================================== [ 506.166572][ T8140] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xf0e/0x33f0 [ 506.175177][ T8140] _copy_to_iter+0xf0e/0x33f0 [ 506.180121][ T8140] __skb_datagram_iter+0x196/0x12c0 [ 506.185840][ T8140] skb_copy_datagram_iter+0x5b/0x1e0 [ 506.191398][ T8140] tun_do_read+0x26d8/0x30f0 [ 506.196558][ T8140] tun_chr_read_iter+0x393/0x6b0 [ 506.201791][ T8140] vfs_read+0x857/0xf00 [ 506.206493][ T8140] __x64_sys_read+0x1fb/0x4d0 [ 506.211494][ T8140] x64_sys_call+0x39db/0x3db0 [ 506.216682][ T8140] do_syscall_64+0xd9/0x210 [ 506.221467][ T8140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.227955][ T8140] [ 506.230540][ T8140] Uninit was created at: [ 506.236361][ T8140] __kmalloc_node_track_caller_noprof+0x96d/0x12f0 [ 506.243393][ T8140] kmalloc_reserve+0x22f/0x4b0 [ 506.251729][ T8140] __alloc_skb+0x347/0x7d0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 506.257767][ T8140] igmpv3_newpack+0x142/0x1540 [ 506.264079][ T8140] add_grec+0xed2/0x1fe0 [ 506.268650][ T8140] igmp_ifc_timer_expire+0x1d8/0x1cc0 [ 506.274593][ T8140] call_timer_fn+0x4c/0x520 [ 506.279373][ T8140] __run_timer_base+0x80f/0xd90 [ 506.284875][ T8140] run_timer_softirq+0x3a/0x80 [ 506.289914][ T8140] handle_softirqs+0x166/0x6e0 [ 506.295160][ T8140] __irq_exit_rcu+0x66/0x180 [ 506.300009][ T8140] irq_exit_rcu+0x12/0x20 [ 506.304749][ T8140] sysvec_apic_timer_interrupt+0x84/0x90 [ 506.310851][ T8140] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 506.318088][ T8140] [ 506.320572][ T8140] Bytes 38-41 of 108 are uninitialized [ 506.326423][ T8140] Memory access of size 108 starts at ffff88804e977880 [ 506.333687][ T8140] Data copied to user address 00007ffefde257e0 [ 506.340044][ T8140] [ 506.342718][ T8140] CPU: 0 UID: 0 PID: 8140 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(undef) [ 506.358505][ T8140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 506.370172][ T8140] ===================================================== [ 506.378080][ T8140] Disabling lock debugging due to kernel taint [ 506.384582][ T8140] Kernel panic - not syncing: kmsan.panic set ... [ 506.391274][ T8140] CPU: 0 UID: 0 PID: 8140 Comm: syz-executor Tainted: G B 6.16.0-rc1-syzkaller-00203-g4774cfe3543a #0 PREEMPT(undef) [ 506.405428][ T8140] Tainted: [B]=BAD_PAGE [ 506.409764][ T8140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 506.420064][ T8140] Call Trace: [ 506.423527][ T8140] [ 506.426638][ T8140] __dump_stack+0x26/0x30 [ 506.431255][ T8140] dump_stack_lvl+0x53/0x270 [ 506.436132][ T8140] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 506.442271][ T8140] dump_stack+0x1e/0x25 [ 506.446706][ T8140] panic+0x4bd/0xd50 [ 506.450939][ T8140] kmsan_report+0x31c/0x320 [ 506.455756][ T8140] ? kmsan_internal_check_memory+0x16c/0x230 [ 506.462311][ T8140] ? kmsan_copy_to_user+0xf1/0x190 [ 506.467845][ T8140] ? _copy_to_iter+0xf0e/0x33f0 [ 506.473307][ T8140] ? __skb_datagram_iter+0x196/0x12c0 [ 506.479119][ T8140] ? skb_copy_datagram_iter+0x5b/0x1e0 [ 506.484939][ T8140] ? tun_do_read+0x26d8/0x30f0 [ 506.490064][ T8140] ? tun_chr_read_iter+0x393/0x6b0 [ 506.495440][ T8140] ? vfs_read+0x857/0xf00 [ 506.500525][ T8140] ? __x64_sys_read+0x1fb/0x4d0 [ 506.505693][ T8140] ? x64_sys_call+0x39db/0x3db0 [ 506.510822][ T8140] ? do_syscall_64+0xd9/0x210 [ 506.515732][ T8140] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.522095][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.527511][ T8140] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 506.534136][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.539515][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.544930][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.550352][ T8140] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 506.556532][ T8140] kmsan_internal_check_memory+0x16c/0x230 [ 506.562713][ T8140] kmsan_copy_to_user+0xf1/0x190 [ 506.567943][ T8140] _copy_to_iter+0xf0e/0x33f0 [ 506.572886][ T8140] ? kernel_text_address+0x10e/0x1a0 [ 506.578461][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.583896][ T8140] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 506.590038][ T8140] ? do_syscall_64+0x1/0x210 [ 506.594889][ T8140] ? kmsan_get_metadata+0xfb/0x160 [ 506.600315][ T8140] __skb_datagram_iter+0x196/0x12c0 [ 506.605774][ T8140] ? filter_irq_stacks+0x49/0x190 [ 506.611024][ T8140] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 506.616938][ T8140] ? stack_depot_save_flags+0x35/0x7b0 [ 506.622700][ T8140] skb_copy_datagram_iter+0x5b/0x1e0 [ 506.628238][ T8140] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 506.634358][ T8140] tun_do_read+0x26d8/0x30f0 [ 506.639232][ T8140] ? __pfx_default_wake_function+0x10/0x10 [ 506.645391][ T8140] tun_chr_read_iter+0x393/0x6b0 [ 506.650705][ T8140] vfs_read+0x857/0xf00 [ 506.655146][ T8140] ? __pfx_tun_chr_read_iter+0x10/0x10 [ 506.660888][ T8140] __x64_sys_read+0x1fb/0x4d0 [ 506.665865][ T8140] x64_sys_call+0x39db/0x3db0 [ 506.670825][ T8140] do_syscall_64+0xd9/0x210 [ 506.675568][ T8140] ? irqentry_exit+0x16/0x60 [ 506.680386][ T8140] ? clear_bhb_loop+0x40/0x90 [ 506.685309][ T8140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 506.691441][ T8140] RIP: 0033:0x7f171a18d33c [ 506.696045][ T8140] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 506.715994][ T8140] RSP: 002b:00007ffefde257b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 506.724664][ T8140] RAX: ffffffffffffffda RBX: 00007ffefde257e0 RCX: 00007f171a18d33c [ 506.732944][ T8140] RDX: 00000000000003e8 RSI: 00007ffefde257e0 RDI: 00000000000000c8 [ 506.741154][ T8140] RBP: 00007ffefde25c1c R08: 0000000000000000 R09: 0000000000000000 [ 506.749348][ T8140] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000000ac [ 506.757531][ T8140] R13: 00000000000927c0 R14: 000000000007b757 R15: 00007ffefde25c70 [ 506.765748][ T8140] [ 506.769376][ T8140] Kernel Offset: disabled [ 506.773888][ T8140] Rebooting in 86400 seconds..