last executing test programs: 5.426055031s ago: executing program 0 (id=919): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x44, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0x3ff, 0xb70c}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x48}, @TCA_NETEM_REORDER={0xc, 0x3, {0xfff, 0x7}}, @TCA_NETEM_LOSS={0x4}]}}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffffc, 0x1}}, {0x6, 0x2, [0x0]}}]}]}, 0x9c}}, 0x0) 5.01023646s ago: executing program 0 (id=922): ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0) r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xcc, 0x2c, 0xdf, 0x40, 0x763, 0x2030, 0x7979, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x5f, 0x65, 0x60, 0x70, [{{0x9, 0x4, 0x1, 0x8, 0x0, 0xff, 0xa2, 0x7d, 0x9}}]}}]}}, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000380)={0x20, 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 4.273361264s ago: executing program 1 (id=929): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) getrusage(0x0, &(0x7f0000000440)) 3.834624104s ago: executing program 2 (id=931): r0 = fsopen(&(0x7f0000000080)='configfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fsmount(r0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 3.810475811s ago: executing program 1 (id=932): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8}, @TCA_CODEL_INTERVAL={0x8}]}}]}, 0x44}}, 0x0) 3.387972502s ago: executing program 2 (id=933): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) timer_create(0x0, 0x0, &(0x7f0000000040)) 3.387736607s ago: executing program 3 (id=934): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="d01000003d00010000000000000000000100000004000080b71001"], 0x10d0}}, 0x0) 3.264319507s ago: executing program 1 (id=935): syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') r1 = socket$inet6_sctp(0xa, 0x1, 0x84) mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 3.021689101s ago: executing program 4 (id=936): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth1_to_bridge\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_BETA={0x8}, @TCA_FQ_PIE_ALPHA={0x8}]}}]}, 0x44}}, 0x0) 2.676822445s ago: executing program 4 (id=937): r0 = socket(0x2, 0x3, 0x6) bind$inet(r0, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f00000000c0)=0x6, 0x4) sendto$inet(r0, 0x0, 0x0, 0x48800, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) 2.591710178s ago: executing program 3 (id=938): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_CONTINUE(r0, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) 2.452215759s ago: executing program 0 (id=939): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@hyper}) ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000000c0)={{@hyper}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000ff6, 0xffffbffffffff801}) 2.195529512s ago: executing program 4 (id=940): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x2, 0x4, 0x1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1, 0xffffffffffffffff}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x5, r2}, 0x38) 2.115157077s ago: executing program 3 (id=941): r0 = socket$phonet_pipe(0x23, 0x5, 0x2) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) bind$phonet(r1, &(0x7f0000000000)={0x23, 0x0, 0x2}, 0x10) bind$phonet(r0, &(0x7f0000000000)={0x23, 0x0, 0x2}, 0x10) 1.972894471s ago: executing program 1 (id=942): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000040000000000080000100850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r1}, 0x10) sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000200)=ANY=[@ANYBLOB="38010000100013070000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000033000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eaffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0002000000000000000000480001006469676573745f6e756c6c00"], 0x138}}, 0x0) 1.965805131s ago: executing program 0 (id=943): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) sendto$inet6(r0, &(0x7f00000001c0)='k', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x24, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}}, &(0x7f0000000000)=0x9c) 1.457733163s ago: executing program 1 (id=944): madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x12) mbind(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3, &(0x7f0000000000)=0x9, 0x6, 0x0) mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000040)=0xffff, 0x403, 0x0) mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) 1.411092428s ago: executing program 4 (id=945): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@mpls_delroute={0x1c, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe}}, 0x1c}}, 0x0) 1.319110577s ago: executing program 2 (id=946): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000400), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000003, 0x12, r0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010026"], 0x0, 0x26, 0x0, 0x2, 0x0, 0x0, @void, @value}, 0x20) 1.315344791s ago: executing program 3 (id=947): syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401) unshare(0x2a020400) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0300"], 0x48) poll(&(0x7f00000004c0)=[{}], 0x20000000000000f3, 0x0) 975.385348ms ago: executing program 2 (id=948): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f000000bdc0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DEL_KEY(r0, &(0x7f000000bf00)={0x0, 0x0, &(0x7f000000bec0)={&(0x7f000000be00)={0x40, r1, 0x1, 0x70bd2d, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_KEY={0x18, 0x50, 0x0, 0x1, [@NL80211_KEY_TYPE={0x8}, @NL80211_KEY_DEFAULT_MGMT={0x4}, @NL80211_KEY_IDX={0x5, 0x2, 0x5}]}]}, 0x40}}, 0x0) 893.285235ms ago: executing program 2 (id=949): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="340000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000e8a43d5c0014001a80100004800c000980"], 0x34}}, 0x0) 886.743587ms ago: executing program 4 (id=950): syz_mount_image$iso9660(&(0x7f00000002c0), &(0x7f0000000000)='./file0\x00', 0x3200488, &(0x7f0000000cc0)=ANY=[], 0x1, 0x656, &(0x7f0000000640)="$eJzs3c9v2+Ydx/EPZdmWvaEYtqEIAjd5mqyAjWWKJDcOjOwwjaJsdpIokHRhAwOKrJELo3K6pRmw+lL4sh9A9w/s1ssO+w92GbDz/osddhhQbLcBu2jgQ8mSrF92rDjt+n4JDh+SXz3Pl6TCxzRFUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQI5bKRSKjmp+Y2/fTOZWwqA+Zf6yrW1RG2m1GzPblZzkR7mcbqSTbny3P/v15J87WkvH1pRLBjmdfOP1bz36TjbTe/+UhF6ELlvhx5+cfPi43W49m3MiXwLKXCBox2v4UeDXyzue8aPAbG9tFe7vViNT9WtedBDFXt24oZeJg9CsuxumuL29abz8QbDX2KmUa15v4sMflAqFLfPOcnfz338nH7m7fq3mN3ZsTDI7iXloPvtpGvKPbmhrc1aSh0ftVvEiQaVZQaVCqVQslkrFrQfbDx4WCtmRCYVzNBIx9w8tvmLmtOcGri6T9P9/d6SacmpoT/syY1+uKgoVqD5hftdGugvfeOu+N7Xdwf6/18vf6M++Kdv/30rHbk3q/4cyaA+O2TeMy9OZMP2FXk4v38dqq62Wnl2hNqdfvj23DF/ya0fKSr4iBfK1orJ25Ml0pxhta0tbKug97aqqSEZV+arJU6QDRYrlqW63SShPZcUKFMpoXa42ZFTUtra1KSNPeR0o0J4a2lFFZf2n0+kc6ujP31TLRkx66VBHduMUByef+/CcBZWm1DSp///Zp+mngP7/6663P7hIDPDKdbrH/5d0++VkAwAAAAAAXgbH/vXdsefu35DUUdWveYVXnRYAAAAAAJgje+Z/LRksJqU35Ew4/u9cf24AAAAAAGA+HHuNnSNp1X6p3+lfCXWRLwEsXEOKAAAAAADgiuz5/1tLUsfeuOe2nEsd/wMAAAAAgK+A36p777815bK9e+x2FiS9u5jOiJrLzl/+taxw0Tlt7n/POS4nU8vH3VP/I98AiKs3nde6N+q1gyVJdsz11pz+gwEc+5NLR744nHWvfyc8l8DSQu/PF7MS2Mp2x/SZ3kxj3uy2++QkIzsnbWW16te8vBvUHhVVLr+Wib39+JdPj34lhWfLeXjUbuXf/6j9xOZymkw6PU7y+HQoncysXJ7b+y3Yay7GLfGKqr0mf9eorzq23UJv+RdUPs4MNnSx5f+17qQxd1bT4epJbwvY5c8ly1/M203WX3p7dwinn0Xx/JKP2xATssjZLO6mMXfX76aDXn7dLL6/IJXyo9sgHMyiNJjF7HXh/HtkXczIIlkXm0kWf00qGs4i08ti83JZjGwRAHhVDvu9kL2J+eg99s/3uy+yl5vdu/9ouJXnf+ikFxwuSNnuuYmpreSU7NHX05gl2R1r9uaYPXqh26/kNKFfKVyhd0va+lP/GUjdtEey+G+n03lUtO3+vlHv/p4l2+7nSenzie1GtdJCsgrvPz/+ub0BfuKD1getp6XS5lbh7ULhQUmLdjG6A/oeAMAYs5+xMzPCefvsqPrJP99KS0M93rd1qJz9SkFe7+sjtfVE93qPELg9vtbVga8h3Bs9ak1iV6TzsUXdm3hUZ/vSgdjSWWyvAz5/BNiP3XzJWwEAgOt1Z0Y/fJH+/17vuHv95tjj7uG+/PwTgifFFq95TQAA8PXhhV84q/FvnDD0m+8Vt7eL5XjXM2Hg/sSEfmXHM34j9kJ3t9zY8UwzDOLADWqmGWrZr3iRifaazSCMTTUITTOI/H375HcTJVXXTeTVy43Yd6NmzStHnnGDRlx2Y1PxI9c0935c86NdL7Rvjpqe61d9txz7QcNEwV7oenljIs8bCPQrXiP2q35SbJhm6NfL4YF5N6jt1T1T8SI39JtxkFZo23LkqFENwrqtNq/OpR90CADA/6OPPzn58HG73Xo2pXCq2THdwtK4CsWpZgAAvlQGeumpeufIK9eRFAAAAAAAAAAAAAAAAAAAAAAAGHKR6/8uVVgcd7GgdDblF737Bk+vx9G8E7tMIfPib//blJiVsykasxJOX8GSKi1k51/zinTxy0bnUPjhYbpGJ8YkM8fOWj7bFtn5/3dICk//OGFWp9PpTH/78vA6XJq2gMOFrKRnS1fYBNe/LwJwvf4XAAD//7nMOZ8=") unshare(0x20000400) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fchmod(r0, 0x0) 840.073933ms ago: executing program 1 (id=951): r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000406a053500000000000001090224000100000000090400fd010300000009210000000122070009058103"], 0x0) syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="002207000000095a800882"], 0x0}, 0x0) 819.604212ms ago: executing program 3 (id=952): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180)={'batadv0\x00', 0x0}) r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000e00)={0x1c, r2, 0x18fe2a01ed25d92f, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}}, 0x0) 555.526844ms ago: executing program 0 (id=953): syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file1\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x3, 0x632, &(0x7f0000001840)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=") creat(&(0x7f0000000100)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) creat(&(0x7f0000000080)='./bus\x00', 0x0) 422.88373ms ago: executing program 2 (id=954): keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 000040'], 0x2a, 0x0) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f0000000240)=""/112, 0x349b7f55) 240.388147ms ago: executing program 3 (id=955): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB="980000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000004c001280110001006272696467655f736c617665000000003400058005001900030000000500090000000000050001"], 0x98}}, 0x0) 214.544564ms ago: executing program 4 (id=956): r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r0, &(0x7f0000000380)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a03760760beeab91e8ff0055e5c0d48bd63ffdb93bd43a847a1597c8ef03da5be42200", 0x37}, 0x60) listen(r0, 0x0) ppoll(&(0x7f00000000c0)=[{r0}], 0x1, &(0x7f0000000240)={0x0, 0x3938700}, 0x0, 0x0) 0s ago: executing program 0 (id=957): syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000b40)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="756d61736b3d303030303030303030303030303030303030342c6e6f626172726965722c63726561746f723dbd3c66f52c6e6c733d6d616363726f617469616e2c756d61736b3d30303030303030303030303030303030303030303033372c666f7263652c0000000000", @ANYRES64], 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") mkdir(&(0x7f0000000640)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000) kernel console output (not intermixed with test programs): 10.128.1.8' (ED25519) to the list of known hosts. [ 174.832336][ T5155] cgroup: Unknown subsys name 'net' [ 174.974611][ T5155] cgroup: Unknown subsys name 'cpuset' [ 174.993213][ T5155] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 224.139395][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.146315][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 229.317718][ T5155] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 233.246213][ T53] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 233.264546][ T53] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 233.286146][ T53] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 233.300006][ T53] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 233.312562][ T53] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 233.321768][ T53] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 233.438832][ T4555] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 233.450633][ T4555] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 233.460837][ T4555] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 233.495730][ T5173] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 233.517014][ T5180] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 233.525754][ T5180] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 233.556966][ T5180] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 233.573063][ T5180] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 233.625965][ T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 233.700409][ T5180] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 233.772086][ T5173] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 233.780123][ T5173] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 233.791160][ T5173] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 233.800387][ T5173] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 233.821486][ T5187] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 233.823676][ T5173] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 233.844159][ T5173] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 233.855093][ T5173] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 233.869680][ T5173] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 233.878604][ T5173] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 233.887594][ T5173] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 233.935886][ T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 233.948276][ T5187] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 233.957998][ T5187] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 234.765485][ T5176] chnl_net:caif_netlink_parms(): no params data found [ 234.968679][ T5171] chnl_net:caif_netlink_parms(): no params data found [ 235.402221][ T5187] Bluetooth: hci0: command tx timeout [ 235.645867][ T5187] Bluetooth: hci1: command tx timeout [ 235.788130][ T5176] bridge0: port 1(bridge_slave_0) entered blocking state [ 235.796003][ T5176] bridge0: port 1(bridge_slave_0) entered disabled state [ 235.804027][ T5176] bridge_slave_0: entered allmulticast mode [ 235.813337][ T5176] bridge_slave_0: entered promiscuous mode [ 235.843452][ T5176] bridge0: port 2(bridge_slave_1) entered blocking state [ 235.851302][ T5176] bridge0: port 2(bridge_slave_1) entered disabled state [ 235.859416][ T5176] bridge_slave_1: entered allmulticast mode [ 235.868605][ T5176] bridge_slave_1: entered promiscuous mode [ 235.879287][ T5174] chnl_net:caif_netlink_parms(): no params data found [ 235.892536][ T5187] Bluetooth: hci2: command tx timeout [ 235.918667][ T5184] chnl_net:caif_netlink_parms(): no params data found [ 236.043463][ T5187] Bluetooth: hci4: command tx timeout [ 236.049139][ T5187] Bluetooth: hci3: command tx timeout [ 236.140992][ T5176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 236.180298][ T5176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 236.226534][ T5182] chnl_net:caif_netlink_parms(): no params data found [ 236.449377][ T5171] bridge0: port 1(bridge_slave_0) entered blocking state [ 236.457336][ T5171] bridge0: port 1(bridge_slave_0) entered disabled state [ 236.466041][ T5171] bridge_slave_0: entered allmulticast mode [ 236.475291][ T5171] bridge_slave_0: entered promiscuous mode [ 236.534505][ T5176] team0: Port device team_slave_0 added [ 236.550028][ T5171] bridge0: port 2(bridge_slave_1) entered blocking state [ 236.559406][ T5171] bridge0: port 2(bridge_slave_1) entered disabled state [ 236.567516][ T5171] bridge_slave_1: entered allmulticast mode [ 236.576741][ T5171] bridge_slave_1: entered promiscuous mode [ 236.597101][ T5176] team0: Port device team_slave_1 added [ 236.896828][ T5176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 236.905507][ T5176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 236.932045][ T5176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 237.030545][ T5171] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 237.044046][ T5176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 237.051251][ T5176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 237.077830][ T5176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 237.097527][ T5174] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.109124][ T5174] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.117090][ T5174] bridge_slave_0: entered allmulticast mode [ 237.126508][ T5174] bridge_slave_0: entered promiscuous mode [ 237.150366][ T5171] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 237.166763][ T5174] bridge0: port 2(bridge_slave_1) entered blocking state [ 237.174738][ T5174] bridge0: port 2(bridge_slave_1) entered disabled state [ 237.182678][ T5174] bridge_slave_1: entered allmulticast mode [ 237.191920][ T5174] bridge_slave_1: entered promiscuous mode [ 237.482199][ T5180] Bluetooth: hci0: command tx timeout [ 237.589392][ T5171] team0: Port device team_slave_0 added [ 237.706095][ T5174] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 237.726204][ T5171] team0: Port device team_slave_1 added [ 237.734495][ T5180] Bluetooth: hci1: command tx timeout [ 237.804435][ T5184] bridge0: port 1(bridge_slave_0) entered blocking state [ 237.814158][ T5184] bridge0: port 1(bridge_slave_0) entered disabled state [ 237.822221][ T5184] bridge_slave_0: entered allmulticast mode [ 237.831273][ T5184] bridge_slave_0: entered promiscuous mode [ 237.891245][ T5176] hsr_slave_0: entered promiscuous mode [ 237.902481][ T5176] hsr_slave_1: entered promiscuous mode [ 237.919481][ T5174] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 237.962370][ T5180] Bluetooth: hci2: command tx timeout [ 237.999293][ T5182] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.007165][ T5182] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.015171][ T5182] bridge_slave_0: entered allmulticast mode [ 238.024506][ T5182] bridge_slave_0: entered promiscuous mode [ 238.038878][ T5171] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.046200][ T5171] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.072696][ T5171] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.090227][ T5184] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.098130][ T5184] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.105971][ T5184] bridge_slave_1: entered allmulticast mode [ 238.115304][ T5184] bridge_slave_1: entered promiscuous mode [ 238.125501][ T5180] Bluetooth: hci3: command tx timeout [ 238.128340][ T5187] Bluetooth: hci4: command tx timeout [ 238.185887][ T5171] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.193226][ T5171] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.219900][ T5171] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.249724][ T5182] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.258485][ T5182] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.266491][ T5182] bridge_slave_1: entered allmulticast mode [ 238.275596][ T5182] bridge_slave_1: entered promiscuous mode [ 238.361420][ T5174] team0: Port device team_slave_0 added [ 238.381385][ T5184] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.403850][ T5174] team0: Port device team_slave_1 added [ 238.503307][ T5184] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.769169][ T5174] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.776602][ T5174] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.803149][ T5174] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.830520][ T5182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.853123][ T5171] hsr_slave_0: entered promiscuous mode [ 238.862939][ T5171] hsr_slave_1: entered promiscuous mode [ 238.871260][ T5171] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 238.879308][ T5171] Cannot create hsr debugfs directory [ 238.918646][ T5174] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.926201][ T5174] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.952770][ T5174] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.989843][ T5182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 239.042938][ T5184] team0: Port device team_slave_0 added [ 239.123862][ T5184] team0: Port device team_slave_1 added [ 239.139212][ T5182] team0: Port device team_slave_0 added [ 239.294225][ T5182] team0: Port device team_slave_1 added [ 239.310401][ T5184] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.317791][ T5184] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.344406][ T5184] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.498008][ T5184] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.505555][ T5184] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.532097][ T5184] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.597930][ T5187] Bluetooth: hci0: command tx timeout [ 239.710745][ T5182] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 239.719445][ T5182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.747174][ T5182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 239.802243][ T5187] Bluetooth: hci1: command tx timeout [ 239.862012][ T5182] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 239.869222][ T5182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 239.895880][ T5182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 239.962792][ T5174] hsr_slave_0: entered promiscuous mode [ 239.974108][ T5174] hsr_slave_1: entered promiscuous mode [ 239.982958][ T5174] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 239.990725][ T5174] Cannot create hsr debugfs directory [ 240.047243][ T5187] Bluetooth: hci2: command tx timeout [ 240.069685][ T5184] hsr_slave_0: entered promiscuous mode [ 240.079205][ T5184] hsr_slave_1: entered promiscuous mode [ 240.087929][ T5184] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 240.096358][ T5184] Cannot create hsr debugfs directory [ 240.222111][ T5187] Bluetooth: hci3: command tx timeout [ 240.227879][ T5187] Bluetooth: hci4: command tx timeout [ 240.347852][ T5182] hsr_slave_0: entered promiscuous mode [ 240.358573][ T5182] hsr_slave_1: entered promiscuous mode [ 240.369224][ T5182] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 240.377234][ T5182] Cannot create hsr debugfs directory [ 240.807677][ T5176] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 240.920591][ T5176] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 240.999043][ T5176] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 241.104657][ T5176] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 241.453767][ T5171] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 241.546510][ T5171] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 241.601526][ T5171] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 241.643453][ T5187] Bluetooth: hci0: command tx timeout [ 241.660735][ T5171] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 241.782644][ T5174] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 241.876804][ T5174] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 241.889568][ T5187] Bluetooth: hci1: command tx timeout [ 241.918623][ T5184] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 241.970137][ T5174] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 242.013110][ T5184] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 242.075529][ T5174] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 242.117405][ T5184] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 242.124731][ T5187] Bluetooth: hci2: command tx timeout [ 242.190750][ T5184] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 242.292339][ T5187] Bluetooth: hci3: command tx timeout [ 242.297333][ T5180] Bluetooth: hci4: command tx timeout [ 242.307854][ T5182] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 242.399677][ T5182] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 242.460898][ T5182] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 242.518006][ T5182] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 242.641251][ T5176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 242.963718][ T5176] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.100961][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.108873][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.215666][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.223476][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.315190][ T5171] 8021q: adding VLAN 0 to HW filter on device bond0 [ 243.638313][ T5171] 8021q: adding VLAN 0 to HW filter on device team0 [ 243.729615][ T34] bridge0: port 1(bridge_slave_0) entered blocking state [ 243.737569][ T34] bridge0: port 1(bridge_slave_0) entered forwarding state [ 243.842693][ T34] bridge0: port 2(bridge_slave_1) entered blocking state [ 243.850615][ T34] bridge0: port 2(bridge_slave_1) entered forwarding state [ 243.945331][ T5174] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.024559][ T5184] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.164867][ T5184] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.238080][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.245944][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.286484][ T5174] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.335989][ T5182] 8021q: adding VLAN 0 to HW filter on device bond0 [ 244.391599][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.399436][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.500163][ T5171] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 244.687062][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 244.694936][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 244.733854][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state [ 244.741613][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 244.814648][ T5182] 8021q: adding VLAN 0 to HW filter on device team0 [ 244.840775][ T5184] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 245.056577][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 245.064457][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 245.089824][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state [ 245.097689][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 245.179860][ T5174] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 245.192327][ T5174] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 245.598686][ T5182] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 245.864886][ T5176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.405722][ T5171] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 246.964774][ T5171] veth0_vlan: entered promiscuous mode [ 247.092488][ T5171] veth1_vlan: entered promiscuous mode [ 247.440026][ T5184] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 247.526783][ T5171] veth0_macvtap: entered promiscuous mode [ 247.589796][ T5171] veth1_macvtap: entered promiscuous mode [ 247.616003][ T5174] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 247.842999][ T5171] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 247.870346][ T5182] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 247.924805][ T5171] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 248.023697][ T5171] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.035916][ T5171] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.045277][ T5171] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.054459][ T5171] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 248.152425][ T5184] veth0_vlan: entered promiscuous mode [ 248.262232][ T5184] veth1_vlan: entered promiscuous mode [ 248.576742][ T5182] veth0_vlan: entered promiscuous mode [ 248.630733][ T5174] veth0_vlan: entered promiscuous mode [ 248.717628][ T5184] veth0_macvtap: entered promiscuous mode [ 248.737398][ T5182] veth1_vlan: entered promiscuous mode [ 248.810378][ T5174] veth1_vlan: entered promiscuous mode [ 248.834439][ T5184] veth1_macvtap: entered promiscuous mode [ 249.047472][ T5184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.058350][ T5184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.073793][ T5184] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.173772][ T5182] veth0_macvtap: entered promiscuous mode [ 249.233400][ T5182] veth1_macvtap: entered promiscuous mode [ 249.258544][ T5184] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 249.269871][ T5184] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.285605][ T5184] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 249.413919][ T5174] veth0_macvtap: entered promiscuous mode [ 249.441138][ T5176] veth0_vlan: entered promiscuous mode [ 249.470452][ T5174] veth1_macvtap: entered promiscuous mode [ 249.519771][ T5184] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.529119][ T5184] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.538448][ T5184] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.549039][ T5184] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 249.634301][ T5182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.647828][ T5182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.658657][ T5182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.669597][ T5182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.685175][ T5182] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 249.726548][ T5176] veth1_vlan: entered promiscuous mode [ 249.910368][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.921350][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.931656][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.942632][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.952906][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 249.965019][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 249.980303][ T5174] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 250.051564][ T5182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.064357][ T5182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.074649][ T5182] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.085445][ T5182] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.100787][ T5182] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.185281][ T5182] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.195291][ T5182] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.207733][ T5182] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.218013][ T5182] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.353778][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.367479][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.377864][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.388726][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.398911][ T5174] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 250.409769][ T5174] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.425291][ T5174] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 250.601623][ T5176] veth0_macvtap: entered promiscuous mode [ 250.657012][ T5176] veth1_macvtap: entered promiscuous mode [ 250.712372][ T5174] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.721514][ T5174] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.732942][ T5174] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.743845][ T5174] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 250.969393][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 250.981735][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 250.992135][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.003064][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.015936][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.026873][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.037119][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 251.047980][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.063848][ T5176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 251.303687][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.314554][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.324818][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.335694][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.346135][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.356945][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.367188][ T5176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 251.378186][ T5176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 251.394082][ T5176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 251.687893][ T5176] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.698022][ T5176] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.707288][ T5176] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.716482][ T5176] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.853993][ T3893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 255.863521][ T3893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.077541][ T3990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 256.085912][ T3990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 256.395881][ T5171] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 256.948512][ T5346] loop0: detected capacity change from 0 to 512 [ 256.994997][ T2517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.003876][ T2517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.095401][ T5346] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 257.195079][ T5346] System zones: 1-12 [ 257.213624][ T3893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.222001][ T3893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.272849][ T5346] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1: corrupted in-inode xattr: e_value size too large [ 257.382738][ T5346] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1: couldn't read orphan inode 15 (err -117) [ 257.442186][ T5346] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 257.466769][ T3893] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.475087][ T3893] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.685025][ T3510] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.693385][ T3510] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 257.847716][ T3510] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 257.856324][ T3510] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.169028][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.177338][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.192912][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 258.765799][ T5362] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6'. [ 259.123808][ T5366] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3'. [ 259.534990][ T5373] capability: warning: `syz.0.9' uses deprecated v2 capabilities in a way that may be insecure [ 259.762757][ T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 259.874435][ T4262] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 259.882970][ T4262] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.085861][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 260.094419][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 260.196623][ T10] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 260.206432][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 260.215051][ T10] usb 4-1: Product: syz [ 260.219471][ T10] usb 4-1: Manufacturer: syz [ 260.224478][ T10] usb 4-1: SerialNumber: syz [ 260.433267][ T10] usb 4-1: config 0 descriptor?? [ 260.932283][ T25] usb 4-1: USB disconnect, device number 2 [ 261.092316][ T5389] loop0: detected capacity change from 0 to 128 [ 261.146214][ T5387] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16'. [ 261.511295][ T5367] udevd[5367]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 262.408267][ T5411] IPVS: sh: SCTP 127.0.0.1:0 - no destination available [ 262.714489][ T10] IPVS: starting estimator thread 0... [ 262.863006][ T5414] IPVS: using max 240 ests per chain, 12000 per kthread [ 263.034666][ T4809] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 263.407658][ T4809] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 263.417582][ T4809] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 263.426111][ T4809] usb 4-1: Product: syz [ 263.430559][ T4809] usb 4-1: Manufacturer: syz [ 263.439036][ T4809] usb 4-1: SerialNumber: syz [ 263.587205][ T4809] usb 4-1: config 0 descriptor?? [ 263.628767][ T5423] loop0: detected capacity change from 0 to 64 [ 264.309796][ T4809] usb 4-1: Firmware: major: 215, minor: 149, hardware type: HULUSB (4) [ 264.534623][ T4809] usb 4-1: failed to fetch extended address, random address set [ 264.704288][ T4809] usb 4-1: USB disconnect, device number 3 [ 265.224381][ T5446] netlink: 'syz.3.37': attribute type 10 has an invalid length. [ 265.292205][ T5446] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 265.307949][ T5446] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 265.862758][ T5454] loop1: detected capacity change from 0 to 128 [ 265.872686][ T5454] EXT4-fs: Ignoring removed nobh option [ 266.032787][ T5454] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 266.150129][ T5454] ext4 filesystem being mounted at /12/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 266.387282][ T5462] ipt_rpfilter: unknown options [ 266.660522][ T5184] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 266.777863][ T5448] infiniband syz1: set active [ 266.783061][ T5448] infiniband syz1: added bond0 [ 266.856070][ T5448] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR [ 266.867078][ T5448] infiniband syz1: Couldn't open port 1 [ 267.057986][ T5448] RDS/IB: syz1: added [ 267.062845][ T5448] smc: adding ib device syz1 with port count 1 [ 267.068714][ T5468] loop1: detected capacity change from 0 to 256 [ 267.069315][ T5448] smc: ib device syz1 port 1 has pnetid [ 267.506831][ T5474] loop4: detected capacity change from 0 to 512 [ 267.570327][ T5474] EXT4-fs: Ignoring removed orlov option [ 267.748806][ T5474] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 267.761637][ T5474] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it [ 267.772637][ T5474] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.47: Corrupt directory, running e2fsck is recommended [ 268.518402][ T5474] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 268.589678][ T5474] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.47: corrupted in-inode xattr: invalid ea_ino [ 268.852792][ T5474] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.47: couldn't read orphan inode 15 (err -117) [ 269.198421][ T5180] Bluetooth: Unknown BR/EDR signaling command 0x10 [ 269.205452][ T5180] Bluetooth: Wrong link type (-22) [ 269.211107][ T5180] Bluetooth: Unknown BR/EDR signaling command 0x0f [ 269.218151][ T5180] Bluetooth: Wrong link type (-22) [ 269.255295][ T5474] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 270.154287][ T5176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.378880][ T5509] pimreg3: entered allmulticast mode [ 273.354195][ T5514] loop1: detected capacity change from 0 to 16 [ 273.464440][ T5514] erofs: (device loop1): mounted with root inode @ nid 36. [ 273.593452][ T5514] erofs: (device loop1): erofs_find_target_block: corrupted dir block 0 @ nid 36 [ 273.664014][ T5504] loop0: detected capacity change from 0 to 32768 [ 273.769981][ T5504] add_index: next_index = 0. Resetting! [ 273.782319][ T5504] find_entry called with index >= next_index [ 273.788540][ T5504] find_entry called with index >= next_index [ 273.796816][ T5504] find_entry called with index >= next_index [ 273.803276][ T5504] find_entry called with index >= next_index [ 273.809480][ T5504] find_entry called with index >= next_index [ 274.583712][ T5521] loop1: detected capacity change from 0 to 4096 [ 274.718124][ T5521] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 274.739548][ T5525] loop4: detected capacity change from 0 to 2048 [ 275.206064][ T5527] loop3: detected capacity change from 0 to 1024 [ 275.365641][ T5525] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 275.434411][ T5531] capability: warning: `syz.0.68' uses 32-bit capabilities (legacy support in use) [ 275.445400][ T5531] program syz.0.68 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 275.504247][ T5525] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 275.595421][ T5527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 275.882783][ T5521] ntfs3: loop1: Inode r=19 is not in use! [ 275.889168][ T5521] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 276.278407][ T5174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 277.178039][ T5542] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 278.299071][ T5538] loop0: detected capacity change from 0 to 32768 [ 278.308212][ T5538] ======================================================= [ 278.308212][ T5538] WARNING: The mand mount option has been deprecated and [ 278.308212][ T5538] and is ignored by this kernel. Remove the mand [ 278.308212][ T5538] option from the mount to silence this warning. [ 278.308212][ T5538] ======================================================= [ 278.953085][ T5560] loop4: detected capacity change from 0 to 2048 [ 279.579844][ T5560] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 279.747479][ T5560] UDF-fs: error (device loop4): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376) [ 280.591724][ T5578] loop1: detected capacity change from 0 to 1024 [ 280.752976][ T5578] hfsplus: catalog searching failed [ 280.887583][ T5583] loop2: detected capacity change from 0 to 512 [ 281.075896][ T5590] sp0: Synchronizing with TNC [ 281.106763][ T5583] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 281.120452][ T5583] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 281.929831][ T5583] overlayfs: failed index dir cleanup (-512) [ 281.936291][ T5583] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 281.983055][ T5603] netlink: 220 bytes leftover after parsing attributes in process `syz.4.99'. [ 282.329755][ T5606] loop3: detected capacity change from 0 to 8 [ 282.498948][ T5606] SQUASHFS error: Unable to read directory block [629:2b] [ 282.677938][ T5182] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 282.702664][ T5610] x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD [ 283.283503][ T5618] tipc: Started in network mode [ 283.288792][ T5618] tipc: Node identity ac1414aa, cluster identity 4711 [ 283.297186][ T5618] tipc: Enabling of bearer rejected, failed to enable media [ 284.229857][ T5629] loop3: detected capacity change from 0 to 1024 [ 284.743182][ T5639] netlink: 12 bytes leftover after parsing attributes in process `syz.4.119'. [ 285.463308][ T3990] hfsplus: b-tree write err: -5, ino 4 [ 285.600723][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.608087][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 285.648479][ T5653] process 'syz.3.124' launched './file0' with NULL argv: empty string added [ 286.299557][ T5663] loop1: detected capacity change from 0 to 64 [ 286.557042][ T5667] tap0: tun_chr_ioctl cmd 1074025677 [ 286.563383][ T5667] tap0: linktype set to 769 [ 287.207039][ T5674] loop0: detected capacity change from 0 to 256 [ 287.955526][ T5674] FAT-fs (loop0): Directory bread(block 64) failed [ 287.962942][ T5674] FAT-fs (loop0): Directory bread(block 65) failed [ 287.969936][ T5674] FAT-fs (loop0): Directory bread(block 66) failed [ 287.976999][ T5674] FAT-fs (loop0): Directory bread(block 67) failed [ 287.984314][ T5674] FAT-fs (loop0): Directory bread(block 68) failed [ 287.991130][ T5674] FAT-fs (loop0): Directory bread(block 69) failed [ 287.998267][ T5674] FAT-fs (loop0): Directory bread(block 70) failed [ 288.005257][ T5674] FAT-fs (loop0): Directory bread(block 71) failed [ 288.018193][ T5674] FAT-fs (loop0): Directory bread(block 72) failed [ 288.027026][ T5674] FAT-fs (loop0): Directory bread(block 73) failed [ 288.617680][ T5694] loop3: detected capacity change from 0 to 1024 [ 288.703855][ T5694] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 288.719563][ T5694] JBD2: no valid journal superblock found [ 288.733753][ T5694] EXT4-fs (loop3): Could not load journal inode [ 288.949309][ T5697] netlink: 12 bytes leftover after parsing attributes in process `syz.4.141'. [ 289.129390][ T5697] netlink: 32 bytes leftover after parsing attributes in process `syz.4.141'. [ 289.144869][ T5697] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 289.884030][ T5705] loop0: detected capacity change from 0 to 512 [ 289.891620][ T5713] Process accounting resumed [ 289.896691][ T5713] kernel write not supported for file /asound/timers (pid: 5713 comm: syz.4.150) [ 289.981698][ T5705] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 289.997092][ T5705] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 290.281615][ T5721] netlink: 8 bytes leftover after parsing attributes in process `syz.1.154'. [ 290.290969][ T5721] sch_tbf: burst 0 is lower than device veth1_to_bridge mtu (1514) ! [ 290.642960][ T5705] EXT4-fs (loop0): 1 truncate cleaned up [ 290.651586][ T5705] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 291.531184][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 292.951151][ T5750] loop0: detected capacity change from 0 to 2048 [ 293.263100][ T5750] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 293.592709][ T4809] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 293.648078][ T25] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 293.721657][ T5758] loop3: detected capacity change from 0 to 128 [ 293.769946][ T4809] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 293.779523][ T4809] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.838297][ T25] usb 2-1: Using ep0 maxpacket: 16 [ 293.881605][ T4809] usb 3-1: config 0 descriptor?? [ 293.907560][ T4809] cp210x 3-1:0.0: cp210x converter detected [ 293.916992][ T25] usb 2-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc [ 293.926883][ T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.935440][ T25] usb 2-1: Product: syz [ 293.941726][ T25] usb 2-1: Manufacturer: syz [ 293.946736][ T25] usb 2-1: SerialNumber: syz [ 293.991231][ T25] usb 2-1: config 0 descriptor?? [ 294.020990][ T25] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 294.341999][ T25] usb 2-1: USB disconnect, device number 2 [ 294.526064][ T4809] usb 3-1: cp210x converter now attached to ttyUSB0 [ 294.663708][ T4809] usb 3-1: USB disconnect, device number 2 [ 294.726081][ T4809] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 294.782547][ T4809] cp210x 3-1:0.0: device disconnected [ 295.445303][ T5775] loop4: detected capacity change from 0 to 512 [ 295.499769][ T5775] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 295.516271][ T5772] netlink: 'syz.1.176': attribute type 1 has an invalid length. [ 295.525886][ T5772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.176'. [ 295.778012][ T5775] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 295.984335][ T5775] EXT4-fs (loop4): 1 truncate cleaned up [ 295.986167][ T5775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 296.013739][ T5784] loop0: detected capacity change from 0 to 1024 [ 296.059085][ T5786] loop2: detected capacity change from 0 to 256 [ 296.255413][ T5784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 296.431250][ T5786] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 296.456076][ T5176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 296.810006][ T5789] loop4: detected capacity change from 0 to 128 [ 296.992594][ T5789] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 297.023506][ T5789] ext4 filesystem being mounted at /36/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 297.082932][ T5785] loop1: detected capacity change from 0 to 4096 [ 297.403148][ T5795] netlink: 28 bytes leftover after parsing attributes in process `syz.0.184'. [ 297.413275][ T5795] netlink: 28 bytes leftover after parsing attributes in process `syz.0.184'. [ 297.509049][ T5796] loop2: detected capacity change from 0 to 512 [ 297.525762][ T5176] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 297.765156][ T5796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.779617][ T5796] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 298.355743][ T5182] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 298.915944][ T5812] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.194'. [ 298.917217][ T5811] loop2: detected capacity change from 0 to 1024 [ 299.137358][ T5811] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 300.107387][ T5828] loop1: detected capacity change from 0 to 512 [ 300.213769][ T5828] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 300.841383][ T5828] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 300.870496][ T5845] sctp: [Deprecated]: syz.3.202 (pid 5845) Use of int in maxseg socket option. [ 300.870496][ T5845] Use struct sctp_assoc_value instead [ 300.987579][ T5828] System zones: 1-12 [ 301.054259][ T5840] warning: `syz.4.201' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 301.132963][ T5828] EXT4-fs (loop1): 1 truncate cleaned up [ 301.140969][ T5828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 301.156809][ T5843] kernel read not supported for file /$] (pid: 5843 comm: syz.0.206) [ 301.195707][ T29] audit: type=1800 audit(1727040236.591:2): pid=5843 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.206" name="$]" dev="mqueue" ino=7997 res=0 errno=0 [ 301.361288][ T5850] program syz.2.207 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.813195][ T5184] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 302.052288][ T5857] loop0: detected capacity change from 0 to 512 [ 302.066537][ T5857] EXT4-fs: Ignoring removed nobh option [ 302.079615][ T5857] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 302.132570][ T5857] EXT4-fs (loop0): 1 truncate cleaned up [ 302.144530][ T5857] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 302.426650][ T5858] loop2: detected capacity change from 0 to 2048 [ 302.506065][ T5180] Bluetooth: hci4: link tx timeout [ 302.511586][ T5180] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa [ 302.538445][ T5858] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 302.706733][ T5858] Process accounting resumed [ 302.939156][ T5867] netlink: 16 bytes leftover after parsing attributes in process `syz.1.215'. [ 302.948498][ T5867] netlink: 24 bytes leftover after parsing attributes in process `syz.1.215'. [ 302.962058][ T5867] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on [ 303.040305][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.146621][ T5867] bond1: entered allmulticast mode [ 303.153979][ T5871] loop4: detected capacity change from 0 to 64 [ 303.161719][ T5867] 8021q: adding VLAN 0 to HW filter on device bond1 [ 303.689353][ T5881] loop3: detected capacity change from 0 to 164 [ 304.039377][ T5883] nbd: device at index 2 is going down [ 304.382701][ T1710] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 304.419160][ T5887] loop2: detected capacity change from 0 to 128 [ 304.603210][ T5180] Bluetooth: hci4: command 0x0406 tx timeout [ 304.693816][ T1710] usb 1-1: Using ep0 maxpacket: 32 [ 304.734126][ T1710] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 304.745743][ T1710] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 304.756233][ T1710] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 304.773683][ T1710] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 304.946555][ T1710] usb 1-1: config 0 descriptor?? [ 304.984351][ T5887] EXT4-fs (loop2): Test dummy encryption mode enabled [ 305.026676][ T1710] hub 1-1:0.0: USB hub found [ 305.050664][ T4617] udevd[4617]: worker [5367] terminated by signal 33 (Unknown signal 33) [ 305.082327][ T4617] udevd[4617]: worker [5367] failed while handling '/devices/virtual/block/loop2' [ 305.119005][ T4617] udevd[4617]: worker [5399] terminated by signal 33 (Unknown signal 33) [ 305.154076][ T4617] udevd[4617]: worker [5399] failed while handling '/devices/virtual/block/loop4' [ 305.244819][ T1710] hub 1-1:0.0: config failed, can't read hub descriptor (err -90) [ 305.408160][ T5901] netlink: 'syz.3.229': attribute type 1 has an invalid length. [ 305.421045][ T5901] netlink: 'syz.3.229': attribute type 3 has an invalid length. [ 305.430321][ T5901] netlink: 216 bytes leftover after parsing attributes in process `syz.3.229'. [ 305.439747][ T5901] NCSI netlink: No device for ifindex 813332851 [ 305.545420][ T5896] loop4: detected capacity change from 0 to 1024 [ 305.590050][ T1710] usbhid 1-1:0.0: can't add hid device: -71 [ 305.598098][ T1710] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 305.627825][ T5887] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 305.654033][ T1710] usb 1-1: USB disconnect, device number 2 [ 305.700865][ T5887] ext4 filesystem being mounted at /46/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 306.419473][ T4262] hfsplus: b-tree write err: -5, ino 4 [ 307.218816][ T5913] netlink: 'syz.0.233': attribute type 29 has an invalid length. [ 307.341741][ T5913] netlink: 'syz.0.233': attribute type 29 has an invalid length. [ 307.413784][ T5887] fscrypt (loop2): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))") [ 307.479825][ T5918] netlink: 'syz.0.233': attribute type 29 has an invalid length. [ 308.027166][ T5905] loop3: detected capacity change from 0 to 32768 [ 308.044679][ T5905] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section replicas_v0: no devices in entry need_discard: 1/0 [] [ 308.044679][ T5905] replicas_v0 (size 40): [ 308.044679][ T5905] need_discard: 0 [] [ 308.044679][ T5905] [ 308.069605][ T5905] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 308.264971][ T5182] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 308.924831][ T5926] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 309.266767][ T5936] Bluetooth: MGMT ver 1.23 [ 309.431002][ T5938] loop3: detected capacity change from 0 to 16 [ 309.454727][ T5938] erofs: Unknown parameter '18446744073709551615)|' [ 309.762191][ T4809] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 310.193184][ T4809] usb 4-1: Using ep0 maxpacket: 16 [ 310.209528][ T4809] usb 4-1: config 0 has an invalid interface number: 107 but max is 0 [ 310.218403][ T4809] usb 4-1: config 0 has no interface number 0 [ 310.225570][ T4809] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 36, changing to 9 [ 310.243421][ T4809] usb 4-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid maxpacket 16826, setting to 1024 [ 310.386090][ T4809] usb 4-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60 [ 310.395971][ T4809] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3 [ 310.404622][ T4809] usb 4-1: Product: syz [ 310.409062][ T4809] usb 4-1: Manufacturer: syz [ 310.414159][ T4809] usb 4-1: SerialNumber: syz [ 310.468968][ T4809] usb 4-1: config 0 descriptor?? [ 310.547044][ T4809] keyspan 4-1:0.107: Keyspan 4 port adapter converter detected [ 310.557625][ T4809] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 81 [ 310.571100][ T4809] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 1 [ 310.597342][ T4809] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB0 [ 310.613946][ T4809] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 2 [ 310.629182][ T4809] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB1 [ 310.656177][ T4809] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 4 [ 310.671237][ T4809] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB2 [ 310.687499][ T4809] keyspan 4-1:0.107: found no endpoint descriptor for endpoint 6 [ 310.708472][ T4809] usb 4-1: Keyspan 4 port adapter converter now attached to ttyUSB3 [ 310.858517][ T4809] usb 4-1: USB disconnect, device number 4 [ 310.885053][ T4809] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0 [ 310.977309][ T4809] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1 [ 311.129895][ T4809] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2 [ 311.295406][ T4809] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3 [ 311.309435][ T4809] keyspan 4-1:0.107: device disconnected [ 312.100768][ T5957] netlink: 4 bytes leftover after parsing attributes in process `syz.3.251'. [ 312.173685][ T5957] ipvlan2: entered allmulticast mode [ 312.185521][ T5957] veth0_vlan: entered allmulticast mode [ 312.360306][ T5963] loop0: detected capacity change from 0 to 128 [ 312.361638][ T5961] can0: slcan on ttyS3. [ 312.425029][ T5964] skbuff: bad partial csum: csum=65489/0 headroom=64 headlen=65491 [ 312.566238][ T5963] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 312.607517][ T5961] can0 (unregistered): slcan off ttyS3. [ 312.680639][ T5962] loop4: detected capacity change from 0 to 512 [ 312.693695][ T5963] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 312.751150][ T5962] EXT4-fs: Ignoring removed bh option [ 312.757280][ T5962] EXT4-fs: Ignoring removed mblk_io_submit option [ 312.952921][ T5962] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 313.021280][ T5962] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 313.040899][ T5171] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 313.080072][ T5962] EXT4-fs (loop4): orphan cleanup on readonly fs [ 313.185344][ T5962] Quota error (device loop4): v2_read_file_info: Free block number 1 out of range (1, 6). [ 313.196340][ T5962] EXT4-fs warning (device loop4): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 313.270427][ T5962] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 313.285743][ T5962] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.254: Invalid block bitmap block 0 in block_group 0 [ 313.421648][ T5962] EXT4-fs (loop4): Remounting filesystem read-only [ 313.428836][ T5962] EXT4-fs (loop4): 1 orphan inode deleted [ 313.438060][ T5962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 314.039827][ T5176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 314.130377][ T5979] loop2: detected capacity change from 0 to 4096 [ 314.279560][ T5979] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 316.011119][ T4617] udevd[4617]: worker [5394] terminated by signal 33 (Unknown signal 33) [ 316.229358][ T4617] udevd[4617]: worker [5394] failed while handling '/devices/virtual/block/loop4' [ 316.318402][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'. [ 316.328468][ T6001] netlink: 8 bytes leftover after parsing attributes in process `syz.0.269'. [ 316.702529][ T5979] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 316.942230][ T4809] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 317.169077][ T4809] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 317.179921][ T4809] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 317.189521][ T4809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.250492][ T5182] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 317.331090][ T4809] usb 1-1: config 0 descriptor?? [ 317.561589][ T4809] usb 1-1: string descriptor 0 read error: -71 [ 317.570718][ T4809] usb 1-1: Found UVC 0.00 device (046d:08c1) [ 317.578191][ T4809] usb 1-1: No valid video chain found. [ 317.683817][ T4809] usb 1-1: USB disconnect, device number 3 [ 317.953397][ T6018] netlink: 8 bytes leftover after parsing attributes in process `syz.2.274'. [ 318.256601][ T6022] loop3: detected capacity change from 0 to 512 [ 318.348789][ T6022] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 318.470231][ T6022] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0102] [ 318.533580][ T6022] System zones: 1-12 [ 318.617988][ T6022] EXT4-fs (loop3): 1 truncate cleaned up [ 318.633927][ T6022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 319.191695][ T5174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.426748][ T6040] loop2: detected capacity change from 0 to 256 [ 319.626335][ T6040] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 320.438931][ T6056] loop1: detected capacity change from 0 to 256 [ 320.460783][ T6056] exfat: Deprecated parameter 'namecase' [ 320.467301][ T6056] exfat: Deprecated parameter 'utf8' [ 321.226778][ T6056] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d) [ 322.017330][ T6076] loop3: detected capacity change from 0 to 256 [ 322.297883][ T6076] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 322.657864][ T4108] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 322.890032][ T6089] Bluetooth: MGMT ver 1.23 [ 323.112404][ T4108] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.540116][ T4108] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 323.982847][ T4108] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.132356][ T1710] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 324.350083][ T1710] usb 4-1: Using ep0 maxpacket: 8 [ 324.432456][ T1710] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 324.441519][ T1710] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 324.452222][ T1710] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 324.490080][ T4108] bridge_slave_1: left allmulticast mode [ 324.498014][ T4108] bridge_slave_1: left promiscuous mode [ 324.505794][ T4108] bridge0: port 2(bridge_slave_1) entered disabled state [ 324.531029][ T1710] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 324.540678][ T1710] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.549131][ T1710] usb 4-1: Product: syz [ 324.554126][ T1710] usb 4-1: Manufacturer: syz [ 324.559019][ T1710] usb 4-1: SerialNumber: syz [ 324.582991][ T5187] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 324.593295][ T5187] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 324.603209][ T5187] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 324.616733][ T5187] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 324.628877][ T5187] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 324.642257][ T5187] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 324.658991][ T4108] bridge_slave_0: left allmulticast mode [ 324.665308][ T4108] bridge_slave_0: left promiscuous mode [ 324.676833][ T4108] bridge0: port 1(bridge_slave_0) entered disabled state [ 325.548594][ T1710] usb 4-1: 0:2 : does not exist [ 325.629970][ T4108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 325.781000][ T4108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 325.833740][ T25] usb 4-1: USB disconnect, device number 5 [ 325.863484][ T4108] bond0 (unregistering): Released all slaves [ 325.886335][ T4108] bond1 (unregistering): Released all slaves [ 326.028007][ T5333] udevd[5333]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 326.044364][ T6105] netlink: 72 bytes leftover after parsing attributes in process `syz.2.312'. [ 326.778638][ T5187] Bluetooth: hci4: command tx timeout [ 326.907760][ T1710] hid-generic 000D:0000:0000.0001: unknown main item tag 0x0 [ 326.915816][ T1710] hid-generic 000D:0000:0000.0001: unknown main item tag 0x0 [ 327.106712][ T1710] hid-generic 000D:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz1 [ 327.272178][ T25] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 327.475269][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 327.522176][ T25] usb 1-1: config 1 has an invalid interface number: 29 but max is 1 [ 327.530616][ T25] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 327.545636][ T25] usb 1-1: config 1 has 3 interfaces, different from the descriptor's value: 2 [ 327.556748][ T25] usb 1-1: config 1 has no interface number 2 [ 327.563482][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 327.574890][ T25] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.117066][ T25] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 328.127162][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.135713][ T25] usb 1-1: Product: syz [ 328.140144][ T25] usb 1-1: Manufacturer: syz [ 328.146003][ T25] usb 1-1: SerialNumber: syz [ 328.552221][ T25] usb 1-1: selecting invalid altsetting 1 [ 328.580258][ T29] audit: type=1326 audit(1727040263.991:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6149 comm="syz.3.328" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x0 [ 328.855357][ T5187] Bluetooth: hci4: command tx timeout [ 329.034105][ T25] cdc_ncm 1-1:1.0: failed GET_NTB_PARAMETERS [ 329.040749][ T25] cdc_ncm 1-1:1.0: bind() failure [ 329.666257][ T25] cdc_ncm 1-1:1.29: CDC Union missing and no IAD found [ 329.673706][ T25] cdc_ncm 1-1:1.29: bind() failure [ 329.767886][ T4108] hsr_slave_0: left promiscuous mode [ 329.775100][ T25] usb 1-1: USB disconnect, device number 4 [ 329.882408][ T4108] hsr_slave_1: left promiscuous mode [ 330.002222][ T4108] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 330.010017][ T4108] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 330.114200][ T4108] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 330.122439][ T4108] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 330.193715][ T4108] veth1_macvtap: left promiscuous mode [ 330.205955][ T4108] veth0_macvtap: left promiscuous mode [ 330.212128][ T4108] veth1_vlan: left promiscuous mode [ 330.217826][ T4108] veth0_vlan: left promiscuous mode [ 330.987914][ T5187] Bluetooth: hci4: command tx timeout [ 331.563449][ T4108] pimreg3 (unregistering): left allmulticast mode [ 332.478261][ T6164] loop3: detected capacity change from 0 to 32768 [ 332.638931][ T29] audit: type=1326 audit(1727040268.051:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6177 comm="syz.2.337" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd8957def9 code=0x0 [ 332.883428][ T6181] loop0: detected capacity change from 0 to 512 [ 333.002426][ T5187] Bluetooth: hci4: command tx timeout [ 333.015713][ T6181] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.338: invalid indirect mapped block 256 (level 2) [ 333.032489][ T4108] team0 (unregistering): Port device team_slave_1 removed [ 333.085075][ T6181] EXT4-fs (loop0): 2 truncates cleaned up [ 333.094156][ T6181] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 333.178824][ T4108] team0 (unregistering): Port device team_slave_0 removed [ 333.323576][ T6181] EXT4-fs (loop0): shut down requested (2) [ 334.096390][ T6104] chnl_net:caif_netlink_parms(): no params data found [ 334.258269][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 335.608255][ T6217] unsupported nlmsg_type 40 [ 335.953307][ T6208] netlink: 40 bytes leftover after parsing attributes in process `syz.4.345'. [ 336.152090][ T6227] loop4: detected capacity change from 0 to 128 [ 336.417529][ T6227] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 336.463386][ T6227] syz.4.353: attempt to access beyond end of device [ 336.463386][ T6227] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 336.477887][ T6227] Buffer I/O error on dev loop4, logical block 8767744, async page read [ 336.486878][ T6227] syz.4.353: attempt to access beyond end of device [ 336.486878][ T6227] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 336.500868][ T6227] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 336.509942][ T6227] syz.4.353: attempt to access beyond end of device [ 336.509942][ T6227] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 336.523703][ T6227] Buffer I/O error on dev loop4, logical block 1157, async page read [ 336.532351][ T6227] syz.4.353: attempt to access beyond end of device [ 336.532351][ T6227] loop4: rw=0, sector=3211264, nr_sectors = 1 limit=128 [ 336.550389][ T6227] Buffer I/O error on dev loop4, logical block 3211264, async page read [ 336.560330][ T6227] syz.4.353: attempt to access beyond end of device [ 336.560330][ T6227] loop4: rw=0, sector=8768635, nr_sectors = 1 limit=128 [ 336.574308][ T6227] Buffer I/O error on dev loop4, logical block 8768635, async page read [ 336.583240][ T6227] syz.4.353: attempt to access beyond end of device [ 336.583240][ T6227] loop4: rw=0, sector=13466417, nr_sectors = 1 limit=128 [ 336.597270][ T6227] Buffer I/O error on dev loop4, logical block 13466417, async page read [ 336.606273][ T6227] syz.4.353: attempt to access beyond end of device [ 336.606273][ T6227] loop4: rw=0, sector=209285, nr_sectors = 1 limit=128 [ 336.620144][ T6227] Buffer I/O error on dev loop4, logical block 209285, async page read [ 336.630571][ T6227] syz.4.353: attempt to access beyond end of device [ 336.630571][ T6227] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 336.644648][ T6227] Buffer I/O error on dev loop4, logical block 8767744, async page read [ 336.657689][ T6227] syz.4.353: attempt to access beyond end of device [ 336.657689][ T6227] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 336.672784][ T6227] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 336.681563][ T6227] syz.4.353: attempt to access beyond end of device [ 336.681563][ T6227] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 336.695390][ T6227] Buffer I/O error on dev loop4, logical block 1157, async page read [ 336.731985][ T29] audit: type=1800 audit(1727040272.131:5): pid=6227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.353" name="/" dev="loop4" ino=2 res=0 errno=0 [ 336.946914][ T6239] loop2: detected capacity change from 0 to 512 [ 337.016946][ T5176] sysv_free_block: trying to free block not in datazone [ 337.077499][ T5176] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 337.113692][ T6239] EXT4-fs (loop2): filesystem is read-only [ 337.127072][ T6104] bridge0: port 1(bridge_slave_0) entered blocking state [ 337.135102][ T6104] bridge0: port 1(bridge_slave_0) entered disabled state [ 337.136582][ T6239] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 337.142995][ T6104] bridge_slave_0: entered allmulticast mode [ 337.168452][ T6104] bridge_slave_0: entered promiscuous mode [ 337.181225][ T6239] EXT4-fs (loop2): filesystem is read-only [ 337.187617][ T6239] EXT4-fs (loop2): orphan cleanup on readonly fs [ 337.208671][ T6104] bridge0: port 2(bridge_slave_1) entered blocking state [ 337.216857][ T6104] bridge0: port 2(bridge_slave_1) entered disabled state [ 337.224923][ T6104] bridge_slave_1: entered allmulticast mode [ 337.234375][ T6104] bridge_slave_1: entered promiscuous mode [ 337.256788][ T6239] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.356: bg 0: block 64: padding at end of block bitmap is not set [ 337.400126][ T6239] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 337.444317][ T6239] EXT4-fs (loop2): 1 orphan inode deleted [ 337.452217][ T6239] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 337.820747][ T6104] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 337.832367][ T6250] netlink: 'syz.3.359': attribute type 1 has an invalid length. [ 337.940779][ T6104] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 338.134854][ T6104] team0: Port device team_slave_0 added [ 338.149088][ T4809] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 338.204404][ T5182] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.234056][ T6104] team0: Port device team_slave_1 added [ 338.374168][ T4809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 338.385902][ T4809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 338.399528][ T4809] usb 1-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00 [ 338.409913][ T4809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 338.551411][ T4809] usb 1-1: config 0 descriptor?? [ 338.736141][ T6259] usb usb8: check_ctrlrecip: process 6259 (syz.2.362) requesting ep 01 but needs 81 [ 338.746430][ T6259] usb usb8: usbfs: process 6259 (syz.2.362) did not claim interface 0 before use [ 338.820471][ T6104] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 338.828300][ T6104] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 338.855567][ T6104] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 338.969598][ T6104] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 338.977158][ T6104] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 339.009880][ T6104] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 339.169626][ T4809] vrc2 0003:07C0:1125.0002: fixing up VRC-2 report descriptor [ 339.255193][ T4809] input: HID 07c0:1125 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:07C0:1125.0002/input/input5 [ 339.486409][ T6104] hsr_slave_0: entered promiscuous mode [ 339.541472][ T6104] hsr_slave_1: entered promiscuous mode [ 339.575428][ T4809] vrc2 0003:07C0:1125.0002: input,hidraw0: USB HID v0.00 Joystick [HID 07c0:1125] on usb-dummy_hcd.0-1/input0 [ 339.636309][ T6104] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 339.646570][ T6104] Cannot create hsr debugfs directory [ 339.743057][ T4809] usb 1-1: USB disconnect, device number 5 [ 340.770435][ T5187] Bluetooth: hci1: Dropping invalid advertising data [ 340.777836][ T5187] Bluetooth: hci1: unknown advertising packet type: 0x0a [ 340.777965][ T5187] Bluetooth: hci1: unknown advertising packet type: 0x80 [ 340.785494][ T5187] Bluetooth: hci1: unknown advertising packet type: 0x61 [ 340.792879][ T5187] Bluetooth: hci1: unknown advertising packet type: 0x80 [ 340.800189][ T5187] Bluetooth: hci1: Malformed LE Event: 0x02 [ 341.114686][ T6285] loop3: detected capacity change from 0 to 512 [ 341.183422][ T6285] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 341.291288][ T6285] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e11c, mo2=0102] [ 341.311571][ T6285] EXT4-fs (loop3): orphan cleanup on readonly fs [ 341.473134][ T6285] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.372: attempt to clear invalid blocks 1024 len 1 [ 341.729985][ T6285] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.372: bg 0: block 361: padding at end of block bitmap is not set [ 341.780610][ T6285] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 341.812120][ T4809] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 341.835176][ T6285] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.372: invalid indirect mapped block 1811939328 (level 0) [ 341.868411][ T6285] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.372: invalid indirect mapped block 2185560079 (level 1) [ 341.901355][ T6285] EXT4-fs (loop3): 1 truncate cleaned up [ 341.919339][ T6285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 342.033355][ T4809] usb 1-1: config 0 has no interfaces? [ 342.039300][ T4809] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 342.049376][ T4809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.093686][ T4809] usb 1-1: config 0 descriptor?? [ 342.187982][ T1710] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 342.498681][ T5174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 342.553855][ T1710] usb 3-1: Using ep0 maxpacket: 8 [ 342.557833][ T4809] usb 1-1: USB disconnect, device number 6 [ 342.572125][ T6301] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 342.672255][ T1710] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 342.681975][ T1710] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 342.709078][ T1710] usb 3-1: config 0 descriptor?? [ 343.853794][ T1710] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 343.864481][ T1710] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x00b0: ffffffb9 [ 343.892799][ T1710] asix 3-1:0.0: probe with driver asix failed with error -71 [ 343.964299][ T6104] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 343.975788][ T1710] usb 3-1: USB disconnect, device number 3 [ 344.015161][ T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 344.062156][ T6104] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 344.204782][ T6104] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 344.256721][ T6104] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 344.274244][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 344.356011][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 344.368283][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 344.378655][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 344.392104][ T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 344.401481][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 344.603643][ T25] usb 5-1: config 0 descriptor?? [ 344.837946][ T6314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 344.914926][ T6314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 345.323502][ T25] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 345.331156][ T25] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 345.339619][ T25] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 345.347501][ T25] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 345.674239][ T25] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0003/input/input6 [ 345.677417][ T6104] 8021q: adding VLAN 0 to HW filter on device bond0 [ 345.753775][ T6104] 8021q: adding VLAN 0 to HW filter on device team0 [ 345.926741][ T2517] bridge0: port 1(bridge_slave_0) entered blocking state [ 345.934576][ T2517] bridge0: port 1(bridge_slave_0) entered forwarding state [ 345.955723][ T2517] bridge0: port 2(bridge_slave_1) entered blocking state [ 345.963577][ T2517] bridge0: port 2(bridge_slave_1) entered forwarding state [ 346.161705][ T6104] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 346.170608][ T25] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0 [ 346.176393][ T6104] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 346.618694][ T25] usb 5-1: USB disconnect, device number 2 [ 347.077718][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.084659][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.233549][ T6345] loop3: detected capacity change from 0 to 1024 [ 349.032862][ T6366] loop2: detected capacity change from 0 to 512 [ 349.250267][ T6369] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 349.254451][ T6366] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 349.298693][ T6366] System zones: 1-12 [ 349.310753][ T6104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.595367][ T6104] veth0_vlan: entered promiscuous mode [ 349.629765][ T6104] veth1_vlan: entered promiscuous mode [ 349.675979][ T6366] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.397: corrupted in-inode xattr: e_value size too large [ 349.725770][ T6104] veth0_macvtap: entered promiscuous mode [ 349.772880][ T6366] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.397: couldn't read orphan inode 15 (err -117) [ 349.823431][ T6104] veth1_macvtap: entered promiscuous mode [ 349.884713][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.895653][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.905979][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.916808][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.927080][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.937934][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.948224][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.959109][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.983410][ T6104] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 350.002864][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.014985][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.025285][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.036125][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.049413][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.060767][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.074794][ T6104] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 350.086853][ T6104] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 350.102253][ T6104] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 350.162870][ T6104] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.163383][ T6366] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 350.176486][ T6104] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.196881][ T6104] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.207434][ T6104] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.791240][ T6381] netlink: 32 bytes leftover after parsing attributes in process `syz.4.401'. [ 350.954875][ T5182] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.333415][ T6394] veth0_to_batadv: entered promiscuous mode [ 352.338273][ T6390] loop4: detected capacity change from 0 to 1024 [ 352.414011][ T6394] veth0_to_batadv: left promiscuous mode [ 352.489205][ T6390] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 354.084885][ T6290] udevd[6290]: failed to send result of seq 11245 to main daemon: Connection refused [ 354.638599][ T6431] loop2: detected capacity change from 0 to 1024 [ 354.658127][ T6431] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 354.695188][ T6431] JBD2: no valid journal superblock found [ 354.701251][ T6431] EXT4-fs (loop2): Could not load journal inode [ 354.720264][ T6433] loop3: detected capacity change from 0 to 128 [ 354.971165][ T6439] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 355.070078][ T6433] EXT4-fs (loop3): Test dummy encryption mode enabled [ 355.232639][ T6433] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 355.328716][ T6433] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 355.680320][ T6450] loop2: detected capacity change from 0 to 256 [ 355.813571][ T6433] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 356.579904][ T5174] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 357.001106][ T6475] netlink: 830 bytes leftover after parsing attributes in process `syz.3.427'. [ 357.212011][ T2517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.220134][ T2517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 357.598623][ T3893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 357.607552][ T3893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 358.266208][ T6501] loop1: detected capacity change from 0 to 256 [ 358.372395][ T6501] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 358.453552][ T6507] netlink: 40 bytes leftover after parsing attributes in process `syz.2.436'. [ 359.428733][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 359.438310][ T5180] Bluetooth: hci2: command 0x0406 tx timeout [ 359.447697][ T5187] Bluetooth: hci3: command 0x0406 tx timeout [ 359.543638][ T6529] netlink: 'syz.0.442': attribute type 11 has an invalid length. [ 360.173497][ T6537] loop1: detected capacity change from 0 to 1024 [ 361.097158][ T6556] loop0: detected capacity change from 0 to 1024 [ 361.323543][ T6559] loop1: detected capacity change from 0 to 2048 [ 361.350371][ T6556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.424804][ T6559] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 361.573955][ T6566] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 362.306427][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.126407][ T6588] loop2: detected capacity change from 0 to 256 [ 363.149018][ T6591] loop1: detected capacity change from 0 to 256 [ 363.279948][ T6588] exFAT-fs (loop2): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 363.318765][ T6591] FAT-fs (loop1): Directory bread(block 552) failed [ 363.326446][ T6591] FAT-fs (loop1): Directory bread(block 553) failed [ 363.333823][ T6591] FAT-fs (loop1): Directory bread(block 554) failed [ 363.340862][ T6591] FAT-fs (loop1): Directory bread(block 548) failed [ 363.349094][ T6591] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 363.358944][ T6588] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 363.369412][ T6588] exFAT-fs (loop2): Filesystem has been set read-only [ 363.381439][ T6588] exFAT-fs (loop2): error, failed to bmap (inode : ffff88812040ce00 iblock : 8, err : -5) [ 363.394341][ T6588] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 363.409038][ T6588] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 363.419128][ T6588] exFAT-fs (loop2): error, failed to bmap (inode : ffff88812040ce00 iblock : 8, err : -5) [ 363.433422][ T6588] exFAT-fs (loop2): error, invalid access to FAT free cluster (entry 0x00000008) [ 363.468712][ T6591] FAT-fs (loop1): Directory bread(block 552) failed [ 363.475904][ T6591] FAT-fs (loop1): Directory bread(block 553) failed [ 363.489421][ T6591] FAT-fs (loop1): Directory bread(block 554) failed [ 363.499020][ T6591] FAT-fs (loop1): Directory bread(block 548) failed [ 363.506555][ T6591] FAT-fs (loop1): Directory bread(block 552) failed [ 363.513627][ T6591] FAT-fs (loop1): Directory bread(block 553) failed [ 363.596413][ T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 363.779784][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 363.795859][ T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=027a, bcdDevice= 0.00 [ 363.807046][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 363.949734][ T10] usb 5-1: config 0 descriptor?? [ 364.000409][ T6605] netlink: 'syz.2.467': attribute type 2 has an invalid length. [ 364.523522][ T10] apple 0003:05AC:027A.0004: hidraw0: USB HID v0.00 Device [HID 05ac:027a] on usb-dummy_hcd.4-1/input0 [ 364.691166][ T10] usb 5-1: USB disconnect, device number 3 [ 365.104039][ T6619] loop1: detected capacity change from 0 to 128 [ 366.207227][ T29] audit: type=1326 audit(1727040301.621:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6635 comm="syz.1.477" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fed91f7def9 code=0x0 [ 366.650204][ T29] audit: type=1326 audit(1727040302.061:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.675935][ T29] audit: type=1326 audit(1727040302.061:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.818711][ T29] audit: type=1326 audit(1727040302.151:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.841518][ T29] audit: type=1326 audit(1727040302.161:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.868439][ T29] audit: type=1326 audit(1727040302.161:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.892713][ T29] audit: type=1326 audit(1727040302.161:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.918479][ T29] audit: type=1326 audit(1727040302.171:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 366.941433][ T29] audit: type=1326 audit(1727040302.171:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6645 comm="syz.3.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 367.356988][ T6654] loop0: detected capacity change from 0 to 1024 [ 367.629271][ T29] audit: type=1326 audit(1727040302.941:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.4.487" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe8f097def9 code=0x7ffc0000 [ 367.894622][ T6654] bio_check_eod: 4 callbacks suppressed [ 367.894709][ T6654] syz.0.484: attempt to access beyond end of device [ 367.894709][ T6654] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 370.076671][ T6712] netlink: 8 bytes leftover after parsing attributes in process `syz.1.502'. [ 370.192068][ T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 370.216339][ T6716] loop3: detected capacity change from 0 to 1024 [ 370.446584][ T10] usb 1-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=3a.45 [ 370.456865][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 370.465350][ T10] usb 1-1: Product: syz [ 370.469799][ T10] usb 1-1: Manufacturer: syz [ 370.474861][ T10] usb 1-1: SerialNumber: syz [ 370.539140][ T3990] hfsplus: b-tree write err: -5, ino 4 [ 370.565562][ T10] usb 1-1: config 0 descriptor?? [ 370.621237][ T10] usb 1-1: Found UVC 0.00 device syz (8086:0b03) [ 370.628520][ T10] usb 1-1: No valid video chain found. [ 370.823945][ T5225] usb 1-1: USB disconnect, device number 7 [ 371.409473][ T6738] netlink: 'syz.3.517': attribute type 5 has an invalid length. [ 371.742605][ T29] kauditd_printk_skb: 7 callbacks suppressed [ 371.742691][ T29] audit: type=1326 audit(1727040307.141:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6740 comm="syz.3.518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x0 [ 372.480658][ T6759] loop1: detected capacity change from 0 to 2048 [ 372.573903][ T6761] netlink: 48 bytes leftover after parsing attributes in process `syz.0.526'. [ 372.585108][ T6759] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 373.401146][ T6773] loop1: detected capacity change from 0 to 512 [ 373.482485][ T6773] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 373.549141][ T6777] loop0: detected capacity change from 0 to 128 [ 373.559188][ T6773] EXT4-fs (loop1): 1 truncate cleaned up [ 373.567043][ T6773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 373.634457][ T6773] EXT4-fs error (device loop1): ext4_generic_delete_entry:2680: inode #2: block 13: comm syz.1.532: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 373.661060][ T6773] EXT4-fs (loop1): Remounting filesystem read-only [ 373.916358][ T6104] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 374.835270][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.546'. [ 376.025987][ T6821] loop1: detected capacity change from 0 to 512 [ 376.204030][ T6821] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 376.217663][ T6821] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 376.266742][ T6832] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 376.669569][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 376.679563][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 376.741713][ T6835] loop4: detected capacity change from 0 to 1024 [ 376.776933][ T6104] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.901196][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 376.911121][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 376.980741][ T6835] hfsplus: xattr searching failed [ 377.336238][ T3990] hfsplus: bad catalog file entry [ 377.341700][ T3990] hfsplus: b-tree write err: -5, ino 3 [ 377.840893][ T6852] vivid-000: disconnect [ 377.857902][ T6852] vivid-000: reconnect [ 377.911265][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 377.926366][ T6839] netlink: 58 bytes leftover after parsing attributes in process `syz.0.557'. [ 378.497825][ T6862] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 378.871894][ T6868] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 378.892503][ T6868] batman_adv: batadv0: Adding interface: gretap1 [ 378.899110][ T6868] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 378.927436][ T6868] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 379.650539][ T6876] loop3: detected capacity change from 0 to 4096 [ 379.702603][ T6876] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 380.230639][ T6876] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 380.371953][ T6892] netlink: 8 bytes leftover after parsing attributes in process `syz.0.581'. [ 380.403757][ T6891] tun1: tun_chr_ioctl cmd 1074025677 [ 380.409698][ T6891] tun1: linktype set to 774 [ 380.787972][ T6899] netlink: 112 bytes leftover after parsing attributes in process `syz.3.584'. [ 381.948268][ T6924] loop4: detected capacity change from 0 to 1024 [ 383.053746][ T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 383.382974][ T10] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 383.432819][ T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 383.442521][ T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 383.455207][ T10] usb 4-1: SerialNumber: syz [ 383.499810][ T10] usb 4-1: bad CDC descriptors [ 383.584483][ T6955] loop0: detected capacity change from 0 to 1024 [ 383.780708][ T6944] netlink: 'syz.3.603': attribute type 3 has an invalid length. [ 383.789172][ T6944] netlink: 666 bytes leftover after parsing attributes in process `syz.3.603'. [ 383.829859][ T4809] usb 4-1: USB disconnect, device number 6 [ 383.845850][ T6955] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 384.547514][ T6973] netlink: 277 bytes leftover after parsing attributes in process `syz.2.618'. [ 384.997113][ T6984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.624'. [ 385.030940][ T6982] loop0: detected capacity change from 0 to 128 [ 385.054718][ T6986] loop2: detected capacity change from 0 to 256 [ 385.350481][ T6991] netlink: 10 bytes leftover after parsing attributes in process `syz.3.626'. [ 385.375197][ T6982] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 385.455014][ T6982] ext4 filesystem being mounted at /123/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 385.615453][ T6998] mac80211_hwsim hwsim12 wlan0: entered promiscuous mode [ 385.623991][ T6998] macvlan2: entered allmulticast mode [ 385.629677][ T6998] mac80211_hwsim hwsim12 wlan0: entered allmulticast mode [ 385.673462][ T6998] mac80211_hwsim hwsim12 wlan0: left promiscuous mode [ 385.747537][ T6982] fscrypt (loop0, inode 12): Direct key flag not allowed with different contents and filenames modes [ 385.939550][ T7004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.633'. [ 385.950136][ T7004] netlink: 12 bytes leftover after parsing attributes in process `syz.3.633'. [ 386.390599][ T5171] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 388.730407][ T7060] sctp: [Deprecated]: syz.4.656 (pid 7060) Use of int in max_burst socket option. [ 388.730407][ T7060] Use struct sctp_assoc_value instead [ 391.554919][ T7115] loop2: detected capacity change from 0 to 16 [ 391.611434][ T7115] erofs: (device loop2): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 391.624381][ T7115] erofs: (device loop2): mounted with root inode @ nid 36. [ 391.704289][ T7115] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36 [ 391.714620][ T7115] syz.2.680: attempt to access beyond end of device [ 391.714620][ T7115] loop2: rw=0, sector=131072, nr_sectors = 1 limit=16 [ 391.730738][ T7115] erofs: (device loop2): z_erofs_read_folio: read error -5 @ 0 of nid 36 [ 392.383159][ T53] Bluetooth: hci4: command tx timeout [ 392.708584][ T7134] loop1: detected capacity change from 0 to 8 [ 393.882802][ T3893] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 393.979325][ T3893] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.169511][ T3893] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.321697][ T3893] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 394.502120][ T3893] bridge_slave_1: left allmulticast mode [ 394.512281][ T3893] bridge_slave_1: left promiscuous mode [ 394.519087][ T3893] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.540495][ T3893] bridge_slave_0: left allmulticast mode [ 394.546802][ T3893] bridge_slave_0: left promiscuous mode [ 394.553771][ T3893] bridge0: port 1(bridge_slave_0) entered disabled state [ 395.067654][ T3893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 395.110312][ T3893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 395.153438][ T3893] bond0 (unregistering): Released all slaves [ 395.729539][ T5187] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 395.745135][ T5187] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 395.764872][ T5187] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 395.944218][ T5187] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 395.994041][ T5187] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 396.014314][ T5187] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 396.560919][ T3893] hsr_slave_0: left promiscuous mode [ 396.613964][ T3893] hsr_slave_1: left promiscuous mode [ 396.672606][ T3893] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.680467][ T3893] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 396.773871][ T3893] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.782168][ T3893] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.883130][ T3893] veth1_macvtap: left promiscuous mode [ 396.889075][ T3893] veth0_macvtap: left promiscuous mode [ 396.895194][ T3893] veth1_vlan: left promiscuous mode [ 396.900785][ T3893] veth0_vlan: left promiscuous mode [ 398.073800][ T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 398.120591][ T3893] team0 (unregistering): Port device team_slave_1 removed [ 398.122409][ T5187] Bluetooth: hci4: command tx timeout [ 398.253025][ T25] usb 5-1: Using ep0 maxpacket: 32 [ 398.255063][ T3893] team0 (unregistering): Port device team_slave_0 removed [ 398.269115][ T25] usb 5-1: config 0 has an invalid interface number: 8 but max is 0 [ 398.278205][ T25] usb 5-1: config 0 has no interface number 0 [ 398.284859][ T25] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0 [ 398.297892][ T25] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 398.338543][ T25] usb 5-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68 [ 398.348269][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.356755][ T25] usb 5-1: Product: syz [ 398.361158][ T25] usb 5-1: Manufacturer: syz [ 398.366420][ T25] usb 5-1: SerialNumber: syz [ 398.406218][ T25] usb 5-1: config 0 descriptor?? [ 398.572529][ T7208] netlink: 16 bytes leftover after parsing attributes in process `syz.2.722'. [ 398.665445][ T25] usb 5-1: USB disconnect, device number 4 [ 399.360405][ T7214] loop3: detected capacity change from 0 to 128 [ 399.528690][ T7214] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 399.564724][ T7214] ext4 filesystem being mounted at /151/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 399.679698][ T7176] chnl_net:caif_netlink_parms(): no params data found [ 400.095456][ T5174] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 400.203201][ T5187] Bluetooth: hci4: command tx timeout [ 400.324357][ T7232] netlink: 4 bytes leftover after parsing attributes in process `syz.0.729'. [ 400.560886][ T7176] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.570615][ T7176] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.578773][ T7176] bridge_slave_0: entered allmulticast mode [ 400.588454][ T7176] bridge_slave_0: entered promiscuous mode [ 400.666106][ T7176] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.676577][ T7176] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.685166][ T7176] bridge_slave_1: entered allmulticast mode [ 400.694548][ T7176] bridge_slave_1: entered promiscuous mode [ 400.979560][ T7176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 401.076911][ T7176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 401.329813][ T7252] loop2: detected capacity change from 0 to 16 [ 401.368420][ T7253] netlink: 8 bytes leftover after parsing attributes in process `syz.3.738'. [ 401.384053][ T7252] erofs: (device loop2): mounted with root inode @ nid 36. [ 401.399113][ T7176] team0: Port device team_slave_0 added [ 401.460972][ T7176] team0: Port device team_slave_1 added [ 401.797219][ T7257] loop0: detected capacity change from 0 to 128 [ 401.808941][ T7176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 401.816964][ T7176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.843435][ T7176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 401.870212][ T7257] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 401.905056][ T7257] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 401.917766][ T7259] unknown channel width for channel at 925000KHz? [ 401.926411][ T7176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 401.933907][ T7176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 401.965360][ T7176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 402.046287][ T7261] netlink: 16 bytes leftover after parsing attributes in process `syz.2.743'. [ 402.282376][ T5187] Bluetooth: hci4: command tx timeout [ 402.359686][ T7176] hsr_slave_0: entered promiscuous mode [ 402.443258][ T7176] hsr_slave_1: entered promiscuous mode [ 402.482309][ T7176] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 402.490137][ T7176] Cannot create hsr debugfs directory [ 402.502940][ T7265] raw_sendmsg: syz.3.745 forgot to set AF_INET. Fix it! [ 402.862358][ T7270] loop4: detected capacity change from 0 to 2048 [ 403.030018][ T7270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 403.043200][ T7270] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 403.255682][ T7270] fs-verity: sha512 using implementation "sha512-generic" [ 403.276171][ T7270] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.748: bg 0: block 288: padding at end of block bitmap is not set [ 403.306629][ T7270] fs-verity (loop4, inode 13): ext4_end_enable_verity() failed with err -117 [ 403.329974][ T7283] loop3: detected capacity change from 0 to 256 [ 403.385159][ T7283] exfat: Deprecated parameter 'utf8' [ 403.484214][ T7283] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x0ec8ca35, utbl_chksum : 0xe619d30d) [ 403.512515][ T5176] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 403.877300][ T7176] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 403.932228][ T7176] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 403.961004][ T7176] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 403.986585][ T7176] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 404.144414][ T7289] IPv6: NLM_F_CREATE should be specified when creating new route [ 404.329469][ T7294] loop4: detected capacity change from 0 to 512 [ 404.362559][ T5187] Bluetooth: hci4: command tx timeout [ 404.489053][ T7294] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.757: corrupted in-inode xattr: invalid ea_ino [ 404.627084][ T7294] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.757: couldn't read orphan inode 15 (err -117) [ 404.676129][ T7294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 404.710525][ T7299] mmap: syz.3.758 (7299) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 404.753545][ T7294] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 405.096644][ T7176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 405.246868][ T7176] 8021q: adding VLAN 0 to HW filter on device team0 [ 405.330667][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.338506][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state [ 405.403471][ T3510] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.411238][ T3510] bridge0: port 2(bridge_slave_1) entered forwarding state [ 406.020133][ T7309] loop3: detected capacity change from 0 to 128 [ 406.568692][ T7319] loop2: detected capacity change from 0 to 256 [ 406.796870][ T7319] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 406.926642][ T7176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.135210][ T7176] veth0_vlan: entered promiscuous mode [ 407.170026][ T7176] veth1_vlan: entered promiscuous mode [ 407.319686][ T7176] veth0_macvtap: entered promiscuous mode [ 407.350506][ T7176] veth1_macvtap: entered promiscuous mode [ 407.416468][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.427399][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.437693][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.448608][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.458878][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.469692][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.479982][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 407.490829][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.515788][ T7176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 407.594691][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 407.606144][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.620131][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 407.632096][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.642433][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 407.653424][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.663615][ T7176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 407.674682][ T7176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 407.689938][ T7176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 407.710590][ T7176] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.724813][ T7176] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.734976][ T7176] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 407.744169][ T7176] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 408.454438][ T1240] ieee802154 phy0 wpan0: encryption failed: -22 [ 408.461475][ T1240] ieee802154 phy1 wpan1: encryption failed: -22 [ 409.387484][ T7356] netlink: 'syz.2.782': attribute type 5 has an invalid length. [ 411.036379][ T7391] loop3: detected capacity change from 0 to 512 [ 411.037641][ T7390] netlink: 'syz.4.792': attribute type 3 has an invalid length. [ 411.051143][ T7390] netlink: 468 bytes leftover after parsing attributes in process `syz.4.792'. [ 411.076580][ T7391] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 411.185929][ T7391] EXT4-fs (loop3): 1 truncate cleaned up [ 411.193927][ T7391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 411.357850][ T7398] can0: slcan on ttyS3. [ 411.413804][ T29] audit: type=1326 audit(1727040346.821:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 411.422654][ T7398] can0 (unregistered): slcan off ttyS3. [ 411.484897][ T29] audit: type=1326 audit(1727040346.861:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 411.510303][ T29] audit: type=1326 audit(1727040346.861:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7389 comm="syz.3.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9afd37def9 code=0x7ffc0000 [ 411.706488][ T5174] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 411.855694][ T7401] loop2: detected capacity change from 0 to 128 [ 411.903643][ T7401] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 411.993714][ T7405] input: syz1 as /devices/virtual/input/input9 [ 412.299556][ T7401] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 413.234134][ T2517] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.243150][ T2517] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.436409][ T3990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 413.445366][ T3990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 413.853571][ T7440] netlink: 'syz.4.812': attribute type 29 has an invalid length. [ 413.907127][ T7442] netlink: 'syz.4.812': attribute type 29 has an invalid length. [ 413.921676][ T7440] netlink: 'syz.4.812': attribute type 29 has an invalid length. [ 414.074874][ T7444] netlink: 88 bytes leftover after parsing attributes in process `syz.3.813'. [ 416.888755][ T7471] loop0: detected capacity change from 0 to 16 [ 416.984545][ T7459] loop2: detected capacity change from 0 to 32768 [ 417.046755][ T7471] erofs: (device loop0): mounted with root inode @ nid 36. [ 417.210388][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 205 @ nid 36 [ 417.220234][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 204 @ nid 36 [ 417.232436][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 197 @ nid 36 [ 417.245633][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 196 @ nid 36 [ 417.256481][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 192 @ nid 36 [ 417.267230][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 180 @ nid 36 [ 417.277595][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 172 @ nid 36 [ 417.287420][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 168 @ nid 36 [ 417.297722][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 160 @ nid 36 [ 417.307716][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 149 @ nid 36 [ 417.317457][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 148 @ nid 36 [ 417.327262][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 144 @ nid 36 [ 417.337373][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 140 @ nid 36 [ 417.351269][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 92 @ nid 36 [ 417.362299][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 77 @ nid 36 [ 417.371957][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 76 @ nid 36 [ 417.382046][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 69 @ nid 36 [ 417.391499][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 68 @ nid 36 [ 417.401688][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 64 @ nid 36 [ 417.415203][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 60 @ nid 36 [ 417.425581][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 40 @ nid 36 [ 417.435266][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 36 @ nid 36 [ 417.435297][ T2621] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 417.457818][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 32 @ nid 36 [ 417.468129][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 24 @ nid 36 [ 417.477901][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 19 @ nid 36 [ 417.487534][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 18 @ nid 36 [ 417.497122][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 17 @ nid 36 [ 417.506690][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 16 @ nid 36 [ 417.516557][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 12 @ nid 36 [ 417.526227][ T7471] erofs: (device loop0): z_erofs_readahead: readahead error at folio 8 @ nid 36 [ 417.534965][ C0] hrtimer: interrupt took 351181 ns [ 417.536968][ T7471] syz.0.823: attempt to access beyond end of device [ 417.536968][ T7471] loop0: rw=524288, sector=1049264, nr_sectors = 16 limit=16 [ 417.558530][ T7471] syz.0.823: attempt to access beyond end of device [ 417.558530][ T7471] loop0: rw=524288, sector=1049272, nr_sectors = 16 limit=16 [ 417.574047][ T7471] syz.0.823: attempt to access beyond end of device [ 417.574047][ T7471] loop0: rw=524288, sector=376, nr_sectors = 16 limit=16 [ 417.588310][ T7471] syz.0.823: attempt to access beyond end of device [ 417.588310][ T7471] loop0: rw=524288, sector=384, nr_sectors = 16 limit=16 [ 417.602476][ T7471] syz.0.823: attempt to access beyond end of device [ 417.602476][ T7471] loop0: rw=524288, sector=720, nr_sectors = 16 limit=16 [ 417.616761][ T7471] syz.0.823: attempt to access beyond end of device [ 417.616761][ T7471] loop0: rw=524288, sector=728, nr_sectors = 16 limit=16 [ 417.631038][ T7471] syz.0.823: attempt to access beyond end of device [ 417.631038][ T7471] loop0: rw=524288, sector=525144, nr_sectors = 16 limit=16 [ 417.645896][ T7471] syz.0.823: attempt to access beyond end of device [ 417.645896][ T7471] loop0: rw=524288, sector=525152, nr_sectors = 16 limit=16 [ 417.659550][ T7470] loop3: detected capacity change from 0 to 2048 [ 417.663790][ T7471] syz.0.823: attempt to access beyond end of device [ 417.663790][ T7471] loop0: rw=524288, sector=13478624032, nr_sectors = 16 limit=16 [ 417.682299][ T7471] syz.0.823: attempt to access beyond end of device [ 417.682299][ T7471] loop0: rw=524288, sector=13478624040, nr_sectors = 16 limit=16 [ 417.743421][ T7470] UDF-fs: warning (device loop3): udf_fill_super: No partition found (2) [ 418.186103][ T2621] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 418.197321][ T2621] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 418.207427][ T2621] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 418.253338][ T2621] usb 5-1: config 0 descriptor?? [ 418.548052][ T2621] usb 5-1: USB disconnect, device number 5 [ 418.916187][ T7489] tipc: Started in network mode [ 418.924016][ T7489] tipc: Node identity 5f00000000004c3a0000400000000001, cluster identity 4711 [ 418.937445][ T7489] tipc: Enabling of bearer rejected, failed to enable media [ 419.658097][ T7496] loop0: detected capacity change from 0 to 1024 [ 419.703517][ T7498] bridge_slave_1: left allmulticast mode [ 419.709634][ T7498] bridge_slave_1: left promiscuous mode [ 419.716839][ T7498] bridge0: port 2(bridge_slave_1) entered disabled state [ 419.825903][ T7496] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 419.853497][ T7498] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 420.354114][ T5171] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 420.384254][ T7506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.837'. [ 420.670865][ T7507] loop4: detected capacity change from 0 to 1024 [ 420.989208][ T7516] loop0: detected capacity change from 0 to 1024 [ 421.117650][ T7507] hfsplus: found bad thread record in catalog [ 421.124260][ T7507] hfsplus: catalog searching failed [ 421.494152][ T2517] hfsplus: found bad thread record in catalog [ 421.500772][ T2517] hfsplus: found bad thread record in catalog [ 421.524046][ T34] hfsplus: b-tree write err: -5, ino 4 [ 421.630820][ T7528] Zero length message leads to an empty skb [ 421.739212][ T7530] loop2: detected capacity change from 0 to 1024 [ 422.034238][ T7537] loop0: detected capacity change from 0 to 64 [ 422.095178][ T2517] hfsplus: b-tree write err: -5, ino 4 [ 422.832650][ T7551] loop3: detected capacity change from 0 to 64 [ 423.005140][ T4809] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 423.300649][ T4809] usb 1-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0 [ 423.315293][ T4809] usb 1-1: config 0 interface 0 has no altsetting 0 [ 423.323616][ T4809] usb 1-1: New USB device found, idVendor=056a, idProduct=032b, bcdDevice= 0.00 [ 423.334082][ T4809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 423.370764][ T4809] usb 1-1: config 0 descriptor?? [ 423.406811][ T7560] loop2: detected capacity change from 0 to 512 [ 423.461459][ T7560] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 423.613700][ T5187] Bluetooth: hci2: command 0x0406 tx timeout [ 423.714322][ T7560] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 423.744603][ T7560] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002] [ 423.759706][ T7560] System zones: 0-2, 18-18, 34-34 [ 423.855038][ T7560] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.865: bad orphan inode 15 [ 423.907933][ T7560] ext4_test_bit(bit=14, block=18) = 1 [ 423.913942][ T7560] is_bad_inode(inode)=0 [ 423.918674][ T7560] NEXT_ORPHAN(inode)=2264924160 [ 423.924149][ T7560] max_ino=32 [ 423.927718][ T7560] i_nlink=0 [ 423.931406][ T7560] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1138: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 423.962024][ T7571] input: syz1 as /devices/virtual/input/input10 [ 424.049466][ T7560] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.865: bg 0: block 80: padding at end of block bitmap is not set [ 424.193992][ T4809] wacom 0003:056A:032B.0005: unknown main item tag 0x0 [ 424.283238][ T4809] wacom 0003:056A:032B.0005: hidraw0: USB HID v0.00 Device [HID 056a:032b] on usb-dummy_hcd.0-1/input0 [ 424.377132][ T7560] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 424.474384][ T1710] usb 1-1: USB disconnect, device number 8 [ 424.535297][ T7560] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 424.859091][ T7560] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.886547][ T7580] loop1: detected capacity change from 0 to 16 [ 425.642410][ T53] Bluetooth: hci2: command 0x0406 tx timeout [ 426.162857][ T7603] loop1: detected capacity change from 0 to 512 [ 426.240247][ T7607] netlink: 36 bytes leftover after parsing attributes in process `syz.2.883'. [ 426.309807][ T7603] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 426.397303][ T7603] EXT4-fs (loop1): 1 truncate cleaned up [ 426.405340][ T7603] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 426.599899][ T7615] netlink: 8 bytes leftover after parsing attributes in process `syz.2.887'. [ 426.718572][ T7603] fscrypt (loop1, inode 18): Reserved bits set in encryption policy [ 427.175075][ T7176] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.539963][ T7631] loop1: detected capacity change from 0 to 64 [ 428.575262][ T7653] loop4: detected capacity change from 0 to 64 [ 429.505371][ T7671] Process accounting resumed [ 430.392367][ T4809] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 430.607384][ T4809] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 430.616978][ T4809] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 430.628373][ T4809] usb 5-1: Product: syz [ 430.633030][ T4809] usb 5-1: Manufacturer: syz [ 430.637905][ T4809] usb 5-1: SerialNumber: syz [ 430.709672][ T4809] usb 5-1: config 0 descriptor?? [ 430.733432][ T2621] usb 1-1: new full-speed USB device number 9 using dummy_hcd [ 430.866431][ T7691] tipc: Enabled bearer , priority 10 [ 430.936640][ T2621] usb 1-1: not running at top speed; connect to a high speed hub [ 430.950954][ T4809] hso 5-1:0.0: Can't find BULK IN endpoint [ 430.965628][ T4809] usb-storage 5-1:0.0: USB Mass Storage device detected [ 431.075979][ T2621] usb 1-1: config 95 has an invalid interface number: 1 but max is 0 [ 431.085748][ T2621] usb 1-1: config 95 has no interface number 0 [ 431.092505][ T2621] usb 1-1: config 95 interface 1 has no altsetting 0 [ 431.295447][ T2621] usb 1-1: string descriptor 0 read error: -22 [ 431.303461][ T2621] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79 [ 431.314080][ T2621] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 431.393386][ T4809] usb 5-1: USB disconnect, device number 6 [ 431.969127][ T1710] usb 1-1: USB disconnect, device number 9 [ 431.982097][ T25] tipc: Node number set to 1593838651 [ 432.445969][ T7722] netlink: set zone limit has 4 unknown bytes [ 433.102641][ T7728] Context (ID=0x0) not attached to queue pair (handle=0x0:0x0) [ 434.533040][ T7751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.949'. [ 434.671460][ T7753] loop4: detected capacity change from 0 to 164 [ 434.757529][ T7753] rock: corrupted directory entry. extent=41, offset=65536, size=8 [ 435.042085][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 435.112952][ T7759] loop0: detected capacity change from 0 to 1024 [ 435.255179][ T25] usb 2-1: config 0 interface 0 altsetting 253 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 435.269840][ T5171] hfsplus: bad catalog entry type [ 435.276126][ T25] usb 2-1: config 0 interface 0 altsetting 253 endpoint 0x81 has invalid wMaxPacketSize 0 [ 435.286660][ T25] usb 2-1: config 0 interface 0 has no altsetting 0 [ 435.293729][ T25] usb 2-1: New USB device found, idVendor=056a, idProduct=0035, bcdDevice= 0.00 [ 435.303228][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 435.351209][ T5171] ===================================================== [ 435.358652][ T5171] BUG: KMSAN: uninit-value in hfsplus_uni2asc+0x821/0x2350 [ 435.371122][ T5171] hfsplus_uni2asc+0x821/0x2350 [ 435.383569][ T5171] hfsplus_readdir+0xbd7/0x18d0 [ 435.388645][ T5171] iterate_dir+0x5b3/0x9e0 [ 435.393535][ T5171] __se_sys_getdents64+0x169/0x530 [ 435.394545][ T25] usb 2-1: config 0 descriptor?? [ 435.398899][ T5171] __x64_sys_getdents64+0x96/0xe0 [ 435.409733][ T5171] x64_sys_call+0x3430/0x3ba0 [ 435.420527][ T5171] do_syscall_64+0xcd/0x1e0 [ 435.425392][ T5171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.431536][ T5171] [ 435.434113][ T5171] Uninit was created at: [ 435.438642][ T5171] __kmalloc_noprof+0x661/0xf30 [ 435.449560][ T5171] hfsplus_find_init+0x95/0x1d0 [ 435.456316][ T5171] hfsplus_readdir+0x1da/0x18d0 [ 435.461382][ T5171] iterate_dir+0x5b3/0x9e0 [ 435.470821][ T5171] __se_sys_getdents64+0x169/0x530 [ 435.483543][ T5171] __x64_sys_getdents64+0x96/0xe0 [ 435.488809][ T5171] x64_sys_call+0x3430/0x3ba0 [ 435.489041][ T7766] netlink: 44 bytes leftover after parsing attributes in process `syz.3.955'. [ 435.493847][ T5171] do_syscall_64+0xcd/0x1e0 [ 435.493963][ T5171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.494113][ T5171] [ 435.494161][ T5171] CPU: 0 UID: 0 PID: 5171 Comm: syz-executor Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 [ 435.494292][ T5171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 435.494362][ T5171] ===================================================== [ 435.494402][ T5171] Disabling lock debugging due to kernel taint [ 435.494446][ T5171] Kernel panic - not syncing: kmsan.panic set ... [ 435.494516][ T5171] CPU: 0 UID: 0 PID: 5171 Comm: syz-executor Tainted: G B 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 [ 435.494674][ T5171] Tainted: [B]=BAD_PAGE [ 435.494714][ T5171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 435.494776][ T5171] Call Trace: [ 435.494840][ T5171] [ 435.494881][ T5171] dump_stack_lvl+0x216/0x2d0 [ 435.495022][ T5171] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 435.495217][ T5171] dump_stack+0x1e/0x30 [ 435.495327][ T5171] panic+0x4e2/0xcf0 [ 435.495517][ T5171] ? kmsan_get_metadata+0xc1/0x1c0 [ 435.495719][ T5171] kmsan_report+0x2c7/0x2d0 [ 435.495894][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.496079][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.496259][ T5171] ? __msan_warning+0x95/0x120 [ 435.496418][ T5171] ? hfsplus_uni2asc+0x821/0x2350 [ 435.496575][ T5171] ? hfsplus_readdir+0xbd7/0x18d0 [ 435.496710][ T5171] ? iterate_dir+0x5b3/0x9e0 [ 435.496838][ T5171] ? __se_sys_getdents64+0x169/0x530 [ 435.496982][ T5171] ? __x64_sys_getdents64+0x96/0xe0 [ 435.497126][ T5171] ? x64_sys_call+0x3430/0x3ba0 [ 435.497282][ T5171] ? do_syscall_64+0xcd/0x1e0 [ 435.497407][ T5171] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.497562][ T5171] ? filter_irq_stacks+0x60/0x1a0 [ 435.497777][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.497946][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.498118][ T5171] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 435.498318][ T5171] ? hfsplus_bnode_read_u16+0x3e/0x2b0 [ 435.498468][ T5171] ? filter_irq_stacks+0x60/0x1a0 [ 435.498641][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.498825][ T5171] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 435.499030][ T5171] ? utf32_to_utf8+0x4b1/0x4e0 [ 435.499192][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.499387][ T5171] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 435.499578][ T5171] __msan_warning+0x95/0x120 [ 435.499742][ T5171] hfsplus_uni2asc+0x821/0x2350 [ 435.499897][ T5171] ? __msan_memcpy+0x108/0x1c0 [ 435.500062][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.500250][ T5171] ? __msan_memcpy+0x108/0x1c0 [ 435.500422][ T5171] hfsplus_readdir+0xbd7/0x18d0 [ 435.500582][ T5171] ? __rcu_read_unlock+0x7b/0xe0 [ 435.500750][ T5171] ? aa_file_perm+0x3de/0x1780 [ 435.500868][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.501049][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.501227][ T5171] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 435.501396][ T5171] ? kmsan_get_metadata+0x13e/0x1c0 [ 435.501575][ T5171] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 435.501809][ T5171] ? __pfx_hfsplus_readdir+0x10/0x10 [ 435.501944][ T5171] iterate_dir+0x5b3/0x9e0 [ 435.502074][ T5171] ? __pfx_hfsplus_readdir+0x10/0x10 [ 435.502206][ T5171] ? mutex_lock+0x38/0x60 [ 435.502382][ T5171] __se_sys_getdents64+0x169/0x530 [ 435.502532][ T5171] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 435.502711][ T5171] ? __pfx_filldir64+0x10/0x10 [ 435.502866][ T5171] __x64_sys_getdents64+0x96/0xe0 [ 435.503020][ T5171] x64_sys_call+0x3430/0x3ba0 [ 435.503183][ T5171] do_syscall_64+0xcd/0x1e0 [ 435.503302][ T5171] ? clear_bhb_loop+0x25/0x80 [ 435.503471][ T5171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.503637][ T5171] RIP: 0033:0x7f15425b0093 [ 435.503726][ T5171] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 62 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8 [ 435.503838][ T5171] RSP: 002b:00007ffe1893cb58 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9 [ 435.895606][ T5171] RAX: ffffffffffffffda RBX: 000055557ba2b600 RCX: 00007f15425b0093 [ 435.903766][ T5171] RDX: 0000000000008000 RSI: 000055557ba2b600 RDI: 0000000000000005 [ 435.911907][ T5171] RBP: 000055557ba2b5d4 R08: 0000000000000000 R09: 0000000000000000 [ 435.920067][ T5171] R10: 0000000000000100 R11: 0000000000000293 R12: ffffffffffffffa8 [ 435.928196][ T5171] R13: 0000000000000016 R14: 000055557ba2b5d0 R15: 00007ffe1893ee00 [ 435.936350][ T5171] [ 435.939798][ T5171] Kernel Offset: disabled [ 435.944226][ T5171] Rebooting in 86400 seconds..