last executing test programs: 34.88930021s ago: executing program 4 (id=685): r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x66, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8) 31.690313556s ago: executing program 4 (id=699): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x4c, &(0x7f000002eff0)={0x133, &(0x7f0000000000)=[{}]}, 0x10) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) connect$unix(r0, &(0x7f0000000240)=@abs={0x1}, 0x6e) 29.774717712s ago: executing program 4 (id=708): syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000f00)='./file0\x00', 0xa0040c, &(0x7f0000000f40), 0x1, 0xed2, &(0x7f0000002200)="$eJzs3U9sHFcZAPA3a6+dxG68bgpNW5qElpI2gBOcHMotlSKQqqrqhXurNG4j3BKRcmjVKC6nIHEoqnop4lDU3pDCAYlWSKhCQuJPD5w5VXABoSBF6oVIsZHt99brlwy7Htuz3t3fT/r27Zs3O9833siZGc++DcDIaqw9njlzuAjh3Y/fOfedq8u/WV12tL3GsbXHIvZaIYRmR7/ItvdZXHD75pvnV9vlrC3C/NpjGg/P3mi/diqEsBSOhU9CKxw90fr82tgzCx++9+nxK5eefnmXdh8AAEbK9T8v/u2Jf/7p67O3rh85Gybby9PxeSv2p+Jx/6l4fJ+O+xthc7/oiE4T2XpjMRrZemPZeuNZnvGSfM1sO82S9Sa65BvrWHa3/QQAAIBBlM5rW6FozG3qNxpzc+vn/as+m5ko5l69uLhwuU+FAgAAAJV9fnXtpluxM7F+A0X/6xBCCLEebx/qfw1CCDHw0XSMK8RQxMpMv69AAAAAAKMmzTvQnh8st5TPLLA97a21est/46nG3V8PO6Duf//yD1b+D97yGwcAgOqG9Wgy7Vc6jk7zGOTzCI5lr9vq8X8j2874Fussm1dwUOYbLKsz/7nuVWX1b/V97Jey+vP5MPeqsvrzeTr3qrL6J2uuo6qy+vfVXEdVZfXvr7mOqsrqP1BzHVWV1T9Vcx1VldU/XXMdVZXVf0/NdVRVVv/Bmuuoqqz+Qbmttqz+Vs11VFVW/2zNdVRVVv+9NddRVVn9h2quo6qy+u+ruY5+eTi26edwJBvvPH/Oz+kG5RwPAAAARt1/zf8nhBBCCCGEEEIMfVzt9wUIAAAAoO/S5wLSp95XojQ+1mV8vMt4s8v4RJfxyS7jAAAAQAi/vbbwwNvFxuf8tzsfXpo3Ks2/tNV5jPL5CLeaf7vznm03/6DMWwYAAMBoKb79yfKJc++/Nnvr+pGzHWe/y/F8N80DOh6vDXwU++m+gOmsX6Rz6LOb8zRK1suvD9xTtr3ntrmjAAAAMMLS+XsrFI25jvPuVmg05uY2zscPh2axcHHxwqnYT9/P8seZ5uTq8m/WXDcAAADQu43z/buf/6fv8T0cJoq5Vy8uLlxe70+3lzcbndcFZjaWF53XBVrZ8vmS5adjP31/58sz+9eWz53//uKLO73zAAAAMCIuv/7G915YXLzwA0888cST9pN+/2YCAAB22of/eOcvPzw9/bv1z/9vzH+XPv9/LPZbcW6/v8YV0n0C6XMAd3xe//nNeWbK1ru0eb1Wtt5YjMms7n0d2wkd8w2m182W5Wtt3s5ESb6pLN90li+fp2A8Wz/lO5gtz+cnTOvNZMvzeRjHsxxFlv+RAAAAAOVOvvbKpZOXX3/jGxdfeeGlCy9dePX0qflvzT85P39m/uTaff0nO+/uBwAAAAbRxk2//a4EAAAAAAAAAAAAAAAAAAAARlcdXyfW730EAACAUfefqyGEJSGEKI+Vov81CCHEFmNl7bt1+1+HEEIIsWdiZSX/pnkAAACA3XX75pvnO9s7LBU7mq+9tdZ6sxzzpvYPj/38sdVIq914avP1kgM7Wg2jru5///IPVv4P3trZ/PvSk55//zU2b+Bstbxf/em/Hu/M/+B4j/nz/X+uWv7jWf7jobf8K+9n+Z+vlv/xLP+BHvPfsf+XquV/IuY/nOp5tNf8m9//ydim/djfY/4T2f6/GHrNn+1/q8eEma/F/AAwihr9LmCXpKOEdBw9Fftpf+PhZsjvftjq8X8j2874tivfvN10HHR/7Kfjpeksb7LV+qey7d1Tsc7coNxVUlb/Tr2Pu62s/mbNdVRVVv9EzXVUVVb/ZM11VFVW/76a66iqrP5ez0P7raz+QbmuXFb/VM11VFVW/3TNdVRVVv9W/x/vl7L6D9ZcR1Vl9c/UXEdVZfVXvKxWu7L6Z2uuo6qy+u+tuY6qyuo/VHMdVZXVf1/NdfTLQ7EtOx9O558zcSz1W1l/8i4/y2G9tgAAAACD5t/m/xNCCCGEEEIIIYY+Vlb6fQWCftrdTzMDsFf5/T/avP+jzfs/2rz//D/pHv4i6ydjXcbHu4w3u4xPZOP5v9fJLuOHsu2uRGn8vi7jX+gyfrDL+P1dxg93GX+gy/iDXcYf6jIOAADAaPhibJ0fAgAAwPC68suPfvLr48/fnL11/cjZMHHHvPOnYn8y/m39Wuzn894nzfg3/x/F/i9i+/vY/j1b3/0nAAAAsPvS98T4+z8AAAAMr/Q9pc7/AQAAYHjNxtb5PwAAAAyve2Pr/B8AAACGWLHv7otjm64LPBLbXuf1AwD2vi/F9uHYHont0dh+ObbpOODR2H6lpvoAgJ3zs+/++Mm3i435/k9n47fj8tTeYWn9SkHR2DyT//7YHojtYz3Wk38fQK/5k4M95tmt/DPbzA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI/G2uOZM4eLEN79+J1zM1fOvbS67Gh7jWNrj0XstUIIzfbr0uhG/1dxxds33zy/2i7HdiW2RZgPRSja4+HZG+1MUyGEpXAsfBJa4eiJ1ufXxp5Z+PC9T49fufT0y7v4IwAAAICh978AAAD//zmSKs4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) lseek(r0, 0x3, 0x0) getdents64(r0, 0x0, 0x30) 24.341786842s ago: executing program 4 (id=730): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000100)={{}, 'syz0\x00', 0x2}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15) ioctl$UI_DEV_CREATE(r0, 0x5501) 22.055825167s ago: executing program 4 (id=740): r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2) ppoll(&(0x7f0000000380)=[{r0, 0xc0}], 0x1, 0x0, 0x0, 0x0) 20.516724055s ago: executing program 4 (id=748): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = syz_io_uring_setup(0x24fc, &(0x7f0000000400)={0x0, 0x0, 0x10100}, &(0x7f00000003c0)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0, 0x40012000}) io_uring_enter(r1, 0x35f, 0x0, 0x0, 0x0, 0x0) 6.653113066s ago: executing program 1 (id=801): bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-512-generic\x00'}, 0x58) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r0, &(0x7f0000000800)=[{{&(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000340)="e9", 0x1}], 0x1}}], 0x2, 0x0) 5.88557397s ago: executing program 3 (id=803): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000080)=0x40000001) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000000)=0x1) ioctl$SNDCTL_DSP_GETBLKSIZE(r0, 0xc0045004, 0x0) 5.824408276s ago: executing program 1 (id=804): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000005, 0x11, r0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x3a) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xa}, 0x1c) 5.057045483s ago: executing program 2 (id=807): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) ptrace(0x10, r0) ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x0, 0x0) 4.973614113s ago: executing program 1 (id=808): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SOUND_PCM_READ_RATE(r0, 0x80045002, 0x0) mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x11, r0, 0x0) readv(r0, &(0x7f0000001300)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1) 4.394207423s ago: executing program 0 (id=809): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4) recvmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000002, 0x0) 4.392008792s ago: executing program 3 (id=810): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0) 4.049241466s ago: executing program 2 (id=811): r0 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x0, 0x1046}) io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f0000000000)=[@ioring_restriction_register_op={0x0, 0x4}], 0x1) io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r0, 0x4, 0x0, 0x1) 3.892695452s ago: executing program 1 (id=812): r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406d04ee200000000000010902"], 0x0) ioctl$EVIOCRMFF(r0, 0x5501, &(0x7f0000000400)) 3.464010286s ago: executing program 0 (id=813): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)) ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'virt_wifi0\x00', @local}) 3.248606846s ago: executing program 3 (id=814): ioprio_set$pid(0x2, 0x0, 0x4007) r0 = eventfd2(0x0, 0x0) io_setup(0x4, &(0x7f00000001c0)=0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 3.166607722s ago: executing program 2 (id=815): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000d0000000000000000000000b7080000000000007b8af8ff00000000b70800007f0000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f00000000c0)='syzkaller\x00', 0xd, 0xff7, &(0x7f0000001e00)=""/4087, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) 2.561657512s ago: executing program 0 (id=816): r0 = socket$inet_dccp(0x2, 0x6, 0x0) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @dev}, 0x10) connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10) shutdown(r0, 0x0) 2.494902469s ago: executing program 2 (id=817): socket$igmp(0x2, 0x3, 0x2) r0 = socket$igmp(0x2, 0x3, 0x2) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='veth1_to_hsr\x00', 0x10) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @timestamp_reply={0x11}}}}}, 0x0) 2.424412392s ago: executing program 3 (id=818): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0x3, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000d00)={'bridge0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000180)="0b031207e0ff64000200475400f6a13bb1000000080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r1}, 0x14) 2.024060844s ago: executing program 0 (id=819): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x18, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@generic={0x8, 0x2}]}}}}}}}}, 0x0) 1.772464642s ago: executing program 2 (id=820): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000006c0)=0x30000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local}) ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000c80)={{@host, 0xa}, {}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fef725253be9e8480cb4f3524932f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336fcfe86c481c8935a48e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba8cd86587ad33743b1c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed08174bb5ea722a98b34d38ac6de995de4ee263c81b2567b3f87e2bcaab9d3c530897857edd5d7f97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a7232dbb0d6de9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2245f46c953048c43f961d7fbd734c60a9695f567aa710ce9d3327568040099dde0266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc22efe0eff248d3a473fe32a5b3643bfad8f182c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745077dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27a0920b02ce0e504c15b0237437200"}, 0x418, 0xfffffffd}) 1.641940276s ago: executing program 3 (id=821): syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@discard}, {@i_version}, {@data_ordered}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@barrier_val={'barrier', 0x3d, 0x7}}]}, 0x1, 0x5de, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSlMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIxQMnPXnw4smQEDXEk4lrZjtTuu1sS0vbqcznkyx9894O70233763r+/NBlBZA+k/tYg9ETGVRPQmcwtl7ZEVDsw/7+5fH51KH0nU66/9kUSS5eXPT7KvPdnJXRHx0w9J9Lctr3d69vK5scnJiUvZ8dDM+amh6dnLB86eHzszcWbiwsgLI0ePHD5ydPjguq7rSkHeiWvvvt/7yeib33z1TzL87a+jSRyLl7MnLr6OjTIQA43vSbK8qOfoRldWkrbs52TxS5y0l9gg1iR//Toi4onojba49+L1xsevlNo4YFPVk4g6UFGJ+IeKyscB+Xv7pe+Da6WMSoCtcOf4/ATA8vhvn58bjK7G3MDOu0ksntZJImJ9M3PNdkXErZuj107fHL0WmzQPBxSbuxoRTxbFf9KI/77oir5G/Nea4j8dF5zMvqb5r66z/qVTxeIfts58/HetGP/RIv7fWhT/b6+z/oF7yXe6m+K/e72XBAAAAAAAAJV143hEPF/09//awvqfKFj/0xMRxzag/oElx8v//l+7vQHVAAXuHI94qXD9by1f/dvXlqUeaawH6EhOn52cOBgRj0b0R3TsSI+HV6jjwKf9X7YqG8jW/+WPtP5b2VrArB2323c0nzM+NjP2oNcNRNy5GvFU4frfZKH/Twr6//T3wdR91tH/7PWTrcpWj39gs9S/jthX2P/fu2tFsvL9OYYa44GhfFSw3NMffvZdq/rXG/9uMQEPLu3/d64c/33J4vv1TK+9jkOz7fVWZesd/3cmrzduOdOZ5X0wNjNzaTiiMznRluY25Y+svc3wMMrjIY+XNP73P7Py/F/R+L87IuaW/N/Jn817inOP/9vzW6v2GP9DedL4H19T/7/2xMj1vu9b1X9//f/hRl+/P8sx/wfzvsjDtLM5vyAc24uKtrq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAwqEXErkhqgwvpWm1wMKInIh6LnbXJi9Mzz52++N6F8bSs8fn/tfyTfnvnj5P88//7Fh2PLDk+FBG7I+Lztu7G8eCpi5PjZV88AAAAAAAAAAAAAAAAAAAAbBM9Bfv///5xvuz3trJbB2y69rIbAJSmIP5/LqMdwNbT/0N1iX+oLvEP1SX+obrEP1SX+IfqEv9QXeIfAAAAAAAeKrv33vgliYi5F7sbj1RnVtZRasuAzVYruwFAadziB6rL0h+oLu/xgWSV8q6WJ6125kqmTj3AyQAAAAAAAAAAAABQOfv22P8PVWX/P1SX/f9QXfn+/70ltwPYet7jA7HKTv7C/f+rngUAAAAAAAAAAAAAbKTp2cvnxiYnJy5JvLE9mrGViXq9fiX9Kdgu7fmfJ/Kl8NulPUsS+V6/+zurvN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//wZJJhA=") chdir(&(0x7f0000000040)='./file0\x00') creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) rename(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1.20867285s ago: executing program 0 (id=822): r0 = socket$kcm(0x10, 0x2, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0xf84}, 0x1c) sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000800)="39000000140081ae00003c000500218311001fa2660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb301000000dbb7d553b4e92155", 0x39}], 0x1}, 0x20000050) 1.160711659s ago: executing program 1 (id=823): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)={0x48, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x1e3}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_FRAME={0x20, 0x33, @action_no_ack={{{}, {}, @device_b, @broadcast, @random="3b8eca1c3e1d"}, @sa_query_req}}]}, 0x48}}, 0x0) 499.709344ms ago: executing program 2 (id=824): r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) ioctl$TIOCSERGETLSR(r0, 0x5459, 0x0) 207.604001ms ago: executing program 0 (id=825): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x14c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0xff}}, @TCA_CHOKE_STAB={0x104, 0x2, "13119f34dae3c090b3da2c64426a1d777a61e2fad4599fb11a71e149072d265bbcf090bd7bbe0e5d2de66213d88d7e773024ba3482c95f5dc6359186172ae22ed9616876e0ec13f573a7c2f0d185109a8457e43c5390e59a84747ee7b311ecc2f8bac84497d72789b0fa4ab2e321de479655bda89963ae5f37684f73a07ca9d223dfe04aae9e1ff7f8441133075f4355c81d80a33e4907edd482cafffa6cf27913b8cf68da47ea06d0d17b9770d10d6978345f4fb5f2b61619e5e3b4b4090c77e654828f41ab371e8c6bef4485fe557e260ff37e8f6a854d0b686963dcfea9a71953940f9d6ec1de1d4e3221adfd549d529a594013b2dcde2d070f6ba92fcbb7"}]}}]}, 0x14c}}, 0x0) 156.170496ms ago: executing program 1 (id=826): openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x20040, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d24070000030769dc000049c40c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05"], 0x0) 0s ago: executing program 3 (id=827): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001bc0)=@bridge_delvlan={0x24, 0x5e, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x2}}]}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): ] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 222.282871][ T5188] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 222.298249][ T5188] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.422568][ T5188] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.433501][ T5188] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.444562][ T5188] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.455510][ T5188] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.691219][ T5187] veth0_vlan: entered promiscuous mode [ 222.865630][ T5187] veth1_vlan: entered promiscuous mode [ 223.212881][ T5187] veth0_macvtap: entered promiscuous mode [ 223.332203][ T5187] veth1_macvtap: entered promiscuous mode [ 223.526786][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.537802][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.549904][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.561118][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.571191][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.582214][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.594246][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 223.605762][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.621203][ T5187] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 223.804193][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.815040][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.826283][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.837884][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.850844][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.861733][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.871847][ T5187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 223.882705][ T5187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 223.897836][ T5187] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 224.128474][ T5187] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.139161][ T5187] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.149353][ T5187] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.158563][ T5187] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.335545][ T2965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.345633][ T2965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.515112][ T2570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.523725][ T2570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.750063][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.759463][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.889920][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.898192][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.981951][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 228.990006][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.025986][ T2570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.038337][ T2570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.168215][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.176530][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.335321][ T2570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.346393][ T2570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.668246][ T5366] loop0: detected capacity change from 0 to 256 [ 229.693031][ T5366] ======================================================= [ 229.693031][ T5366] WARNING: The mand mount option has been deprecated and [ 229.693031][ T5366] and is ignored by this kernel. Remove the mand [ 229.693031][ T5366] option from the mount to silence this warning. [ 229.693031][ T5366] ======================================================= [ 230.666275][ T2570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.678670][ T2570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.783847][ T5239] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 230.886267][ T5376] loop3: detected capacity change from 0 to 1024 [ 230.956042][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.964217][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.983422][ T5239] usb 2-1: Using ep0 maxpacket: 32 [ 230.999022][ T5239] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64 [ 231.068416][ T5239] usb 2-1: New USB device found, idVendor=0123, idProduct=0001, bcdDevice=4a.fe [ 231.078335][ T5239] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.091502][ T5239] usb 2-1: Product: syz [ 231.095904][ T5239] usb 2-1: Manufacturer: syz [ 231.102430][ T5239] usb 2-1: SerialNumber: syz [ 231.167510][ T5239] usb 2-1: config 0 descriptor?? [ 231.504950][ T58] hfsplus: b-tree write err: -5, ino 4 [ 231.509891][ T5382] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 231.555179][ T5239] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -71 [ 231.671956][ T5239] usb 2-1: USB disconnect, device number 2 [ 233.691207][ T5408] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17'. [ 233.754739][ T5410] netlink: 173 bytes leftover after parsing attributes in process `syz.3.17'. [ 234.554326][ T5423] netlink: 40 bytes leftover after parsing attributes in process `syz.1.23'. [ 235.372039][ T5436] netlink: 'syz.1.30': attribute type 16 has an invalid length. [ 235.380085][ T5436] netlink: 'syz.1.30': attribute type 3 has an invalid length. [ 235.394527][ T5436] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.30'. [ 236.214887][ T5443] loop3: detected capacity change from 0 to 1024 [ 236.436290][ T5437] syz.0.31 (5437) used greatest stack depth: 4560 bytes left [ 236.882694][ T13] hfsplus: b-tree write err: -5, ino 4 [ 238.279606][ T5467] loop2: detected capacity change from 0 to 512 [ 238.307234][ T5467] EXT4-fs: Ignoring removed orlov option [ 238.417181][ T5467] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13 [ 238.432126][ T5269] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 238.448373][ T5467] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.45: invalid indirect mapped block 2683928664 (level 1) [ 238.568048][ T5467] EXT4-fs (loop2): 1 truncate cleaned up [ 238.576404][ T5467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.630592][ T5269] usb 1-1: Using ep0 maxpacket: 16 [ 238.667402][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 238.678880][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 238.689021][ T5269] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 238.702411][ T5269] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 238.711919][ T5269] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 238.788746][ T5269] usb 1-1: config 0 descriptor?? [ 238.798300][ T5467] EXT4-fs: user quota file already specified [ 239.039866][ T5475] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 239.253584][ T5188] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0 [ 239.261232][ T5476] loop3: detected capacity change from 0 to 512 [ 239.294720][ T5269] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0 [ 239.302656][ T5269] microsoft 0003:045E:07DA.0001: item 0 0 0 11 parsing failed [ 239.357920][ T5476] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 239.371732][ T5476] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 239.394979][ T5269] microsoft 0003:045E:07DA.0001: parse failed [ 239.395137][ T5188] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz-executor: Invalid block bitmap block 3 in block_group 0 [ 239.401925][ T5269] microsoft 0003:045E:07DA.0001: probe with driver microsoft failed with error -22 [ 239.448197][ T5188] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 239.471475][ T5476] EXT4-fs (loop3): 1 orphan inode deleted [ 239.483114][ T5476] EXT4-fs (loop3): 1 truncate cleaned up [ 239.492559][ T5476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 239.630187][ T44] usb 1-1: USB disconnect, device number 2 [ 240.025729][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.153580][ T5188] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.318311][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.548943][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.756212][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 240.811012][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 240.818761][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 240.827904][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 240.836216][ T10] rtc_cmos 00:00: Alarms can be up to one day in the future [ 240.843856][ T10] rtc rtc0: __rtc_set_alarm: err=-22 [ 240.986007][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 241.327242][ T13] bridge_slave_1: left allmulticast mode [ 241.334954][ T13] bridge_slave_1: left promiscuous mode [ 241.341716][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.374217][ T13] bridge_slave_0: left allmulticast mode [ 241.380110][ T13] bridge_slave_0: left promiscuous mode [ 241.387103][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.933472][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 241.969924][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 242.101364][ T13] bond0 (unregistering): Released all slaves [ 243.150623][ T44] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 243.236722][ T5195] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 243.253856][ T5195] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 243.268921][ T5195] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 243.321406][ T13] hsr_slave_0: left promiscuous mode [ 243.340604][ T5195] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 243.373955][ T13] hsr_slave_1: left promiscuous mode [ 243.380478][ T44] usb 4-1: Using ep0 maxpacket: 16 [ 243.389181][ T5195] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 243.399180][ T5195] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 243.425083][ T44] usb 4-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config [ 243.435902][ T44] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x1D, changing to 0xD [ 243.447827][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 118, changing to 10 [ 243.459330][ T44] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 25956, setting to 1024 [ 243.474181][ T44] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 243.497601][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 243.505653][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 243.525660][ T44] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 243.535250][ T44] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 243.543673][ T44] usb 4-1: Manufacturer: syz [ 243.593226][ T44] usb 4-1: config 0 descriptor?? [ 243.604788][ T5501] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 243.631743][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 243.639525][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 243.745230][ T44] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 243.771705][ T13] veth1_macvtap: left promiscuous mode [ 243.782046][ T13] veth0_macvtap: left promiscuous mode [ 243.787960][ T13] veth1_vlan: left promiscuous mode [ 243.794572][ T13] veth0_vlan: left promiscuous mode [ 244.272278][ T10] usb 4-1: USB disconnect, device number 2 [ 244.679566][ T5518] loop1: detected capacity change from 0 to 1024 [ 244.765656][ T5521] loop4: detected capacity change from 0 to 128 [ 244.811061][ T5518] hfsplus: failed to load root directory [ 244.990988][ T5521] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 245.012153][ T13] team0 (unregistering): Port device team_slave_1 removed [ 245.123001][ T5521] ext4 filesystem being mounted at /14/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 245.246681][ T13] team0 (unregistering): Port device team_slave_0 removed [ 245.435251][ T5195] Bluetooth: hci1: command tx timeout [ 246.265394][ T5187] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 246.707109][ T5539] Bluetooth: MGMT ver 1.23 [ 246.712086][ T5539] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 247.274421][ T5546] syz.1.71 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 247.515416][ T5195] Bluetooth: hci1: command tx timeout [ 247.630648][ T5503] chnl_net:caif_netlink_parms(): no params data found [ 248.510169][ T5560] loop3: detected capacity change from 0 to 1024 [ 249.448278][ T5568] loop1: detected capacity change from 0 to 2048 [ 249.465273][ T5560] EXT4-fs: Ignoring removed orlov option [ 249.475785][ T5560] EXT4-fs (loop3): Test dummy encryption mode enabled [ 249.493456][ T5573] loop0: detected capacity change from 0 to 1024 [ 249.500978][ T5560] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 249.503036][ T5503] bridge0: port 1(bridge_slave_0) entered blocking state [ 249.525586][ T5503] bridge0: port 1(bridge_slave_0) entered disabled state [ 249.533505][ T5503] bridge_slave_0: entered allmulticast mode [ 249.542757][ T5503] bridge_slave_0: entered promiscuous mode [ 249.592137][ T5195] Bluetooth: hci1: command tx timeout [ 249.602555][ T5578] netlink: 4 bytes leftover after parsing attributes in process `syz.4.81'. [ 249.608338][ T5503] bridge0: port 2(bridge_slave_1) entered blocking state [ 249.625261][ T5503] bridge0: port 2(bridge_slave_1) entered disabled state [ 249.633266][ T5503] bridge_slave_1: entered allmulticast mode [ 249.695149][ T5578] netlink: 104 bytes leftover after parsing attributes in process `syz.4.81'. [ 249.704618][ T5578] netlink: 104 bytes leftover after parsing attributes in process `syz.4.81'. [ 249.745326][ T5560] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 249.767826][ T5568] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 249.769173][ T5503] bridge_slave_1: entered promiscuous mode [ 249.868741][ T5573] syz.0.80: attempt to access beyond end of device [ 249.868741][ T5573] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 249.955832][ T5584] process 'syz.0.80' launched './file1' with NULL argv: empty string added [ 249.975202][ T5584] syz.0.80: attempt to access beyond end of device [ 249.975202][ T5584] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 249.988911][ T5584] Buffer I/O error on dev loop0, logical block 2889, async page read [ 250.099588][ T5503] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 250.119991][ T5584] syz.0.80: attempt to access beyond end of device [ 250.119991][ T5584] loop0: rw=0, sector=5778, nr_sectors = 2 limit=1024 [ 250.182010][ T5503] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 250.265481][ T5183] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.418932][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 250.584273][ T5503] team0: Port device team_slave_0 added [ 250.700117][ T5503] team0: Port device team_slave_1 added [ 251.027912][ T5503] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 251.043099][ T5503] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.073299][ T5503] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 251.116141][ T5595] loop4: detected capacity change from 0 to 164 [ 251.167389][ T5503] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 251.174952][ T5503] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 251.203799][ T5503] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 251.451743][ T5595] rock: directory entry would overflow storage [ 251.462159][ T5595] rock: sig=0x4f50, size=4, remaining=3 [ 251.472097][ T5595] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 251.676169][ T5195] Bluetooth: hci1: command tx timeout [ 251.705211][ T5503] hsr_slave_0: entered promiscuous mode [ 251.807786][ T5503] hsr_slave_1: entered promiscuous mode [ 251.880688][ T5503] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 251.888482][ T5503] Cannot create hsr debugfs directory [ 251.937044][ T5603] loop3: detected capacity change from 0 to 512 [ 251.998545][ T5599] loop0: detected capacity change from 0 to 2048 [ 252.086393][ T5599] UDF-fs: error (device loop0): udf_process_sequence: Primary Volume Descriptor not found! [ 252.192391][ T5603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 252.206403][ T5603] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 252.255483][ T5599] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 252.296003][ T5608] netlink: 'syz.1.88': attribute type 7 has an invalid length. [ 252.304165][ T5608] netlink: 15 bytes leftover after parsing attributes in process `syz.1.88'. [ 252.315712][ T5608] netlink: 40 bytes leftover after parsing attributes in process `syz.1.88'. [ 252.326369][ T5608] netlink: 872 bytes leftover after parsing attributes in process `syz.1.88'. [ 252.384400][ T5608] netlink: 'syz.1.88': attribute type 7 has an invalid length. [ 252.392449][ T5608] netlink: 15 bytes leftover after parsing attributes in process `syz.1.88'. [ 252.653444][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 252.717322][ T5610] netlink: 68 bytes leftover after parsing attributes in process `syz.4.89'. [ 254.040784][ T5622] loop3: detected capacity change from 0 to 256 [ 254.277687][ T5622] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d) [ 254.727417][ T5503] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 254.936265][ T5503] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 255.096951][ T5503] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 255.331964][ T5503] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 255.564441][ T5639] dvmrp5: entered allmulticast mode [ 255.588827][ T5640] dvmrp5: left allmulticast mode [ 255.683600][ T44] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 255.792039][ T5637] pimreg: entered allmulticast mode [ 255.982027][ T44] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32 [ 255.992547][ T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 256.008711][ T5642] loop3: detected capacity change from 0 to 1024 [ 256.049301][ T44] usb 1-1: config 0 descriptor?? [ 256.124964][ T44] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state. [ 256.422492][ T44] gp8psk: usb in 128 operation failed. [ 256.646473][ T44] gp8psk: FW Version = 241.01.130 (0xf10182) Build 2088/100/55 [ 256.756713][ T3026] hfsplus: b-tree write err: -5, ino 4 [ 256.763906][ T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 256.833696][ T5647] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 256.955281][ T44] gp8psk: usb in 149 operation failed. [ 256.961155][ T44] gp8psk: failed to get FPGA version [ 257.000536][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 257.017253][ T44] gp8psk: usb in 138 operation failed. [ 257.023093][ T44] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter) [ 257.036553][ T44] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19) [ 257.093749][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 257.106417][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 257.116774][ T25] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00 [ 257.126291][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 257.171698][ T44] usb 1-1: USB disconnect, device number 3 [ 257.205390][ T25] usb 5-1: config 0 descriptor?? [ 257.251633][ T5503] 8021q: adding VLAN 0 to HW filter on device bond0 [ 257.533295][ T5503] 8021q: adding VLAN 0 to HW filter on device team0 [ 257.566104][ T5652] loop3: detected capacity change from 0 to 256 [ 257.672742][ T2570] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.680966][ T2570] bridge0: port 1(bridge_slave_0) entered forwarding state [ 257.790703][ T25] waterforce 0003:1044:7A4D.0002: unknown main item tag 0x0 [ 257.798355][ T25] waterforce 0003:1044:7A4D.0002: unknown main item tag 0x0 [ 257.811609][ T25] waterforce 0003:1044:7A4D.0002: unknown main item tag 0x0 [ 257.819231][ T25] waterforce 0003:1044:7A4D.0002: unknown main item tag 0x0 [ 257.851190][ T2570] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.858958][ T2570] bridge0: port 2(bridge_slave_1) entered forwarding state [ 258.035386][ T25] waterforce 0003:1044:7A4D.0002: hidraw0: USB HID v0.00 Device [HID 1044:7a4d] on usb-dummy_hcd.4-1/input0 [ 258.190162][ T25] waterforce 0003:1044:7A4D.0002: fw version request failed with -38 [ 258.325653][ T25] usb 5-1: USB disconnect, device number 2 [ 258.925968][ T5662] loop1: detected capacity change from 0 to 256 [ 259.113716][ T5662] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 259.127110][ T5662] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 259.363456][ T29] audit: type=1800 audit(1726049419.069:2): pid=5662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.108" name="file2" dev="loop1" ino=1048596 res=0 errno=0 [ 259.502706][ T5671] loop4: detected capacity change from 0 to 256 [ 259.514679][ T5671] vfat: Unknown parameter 'shortnnonumtail' [ 259.794914][ T5671] loop4: detected capacity change from 0 to 256 [ 259.866309][ T5671] exfat: Deprecated parameter 'utf8' [ 259.873356][ T5671] exfat: Unexpected value for 'utf8' [ 260.455572][ T5679] warning: `syz.1.112' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 260.590547][ T5503] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.339288][ T5503] veth0_vlan: entered promiscuous mode [ 261.471016][ T5503] veth1_vlan: entered promiscuous mode [ 261.873043][ T5503] veth0_macvtap: entered promiscuous mode [ 261.957844][ T5695] loop0: detected capacity change from 0 to 1024 [ 261.959686][ T5503] veth1_macvtap: entered promiscuous mode [ 262.028609][ T5695] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 262.199994][ T5695] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 262.219117][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.230061][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.240192][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.251105][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.261210][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.271984][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.282552][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.293308][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.308503][ T5503] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.477182][ T29] audit: type=1326 audit(1726049422.069:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5700 comm="syz.3.122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 262.499692][ T29] audit: type=1326 audit(1726049422.089:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5700 comm="syz.3.122" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34579 code=0x7ffc0000 [ 262.565068][ T25] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 262.589223][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.600320][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.610522][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.625420][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.637853][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.648616][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.659097][ T5503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.669844][ T5503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.685093][ T5503] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.852216][ T5193] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 262.931882][ T5503] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.933354][ T25] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af [ 262.943097][ T5503] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.953084][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.959809][ T5503] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.977562][ T5503] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.103554][ T25] usb 2-1: config 0 descriptor?? [ 263.169148][ T25] gspca_main: sonixj-2.14.0 probing 0c45:614a [ 263.178089][ T5710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.124'. [ 264.046516][ T25] gspca_sonixj: reg_r err -71 [ 264.051862][ T25] sonixj 2-1:0.0: probe with driver sonixj failed with error -71 [ 264.131730][ T25] usb 2-1: USB disconnect, device number 3 [ 264.279607][ T5720] loop3: detected capacity change from 0 to 1024 [ 266.906258][ T5762] loop3: detected capacity change from 0 to 256 [ 267.048500][ T5762] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 267.219299][ T5762] exFAT-fs (loop3): error, tried to truncate zeroed cluster. [ 267.231260][ T5762] exFAT-fs (loop3): Filesystem has been set read-only [ 267.347889][ T5762] exFAT-fs (loop3): hint_cluster is invalid (1), rewind to the first cluster [ 267.357294][ T5762] exFAT-fs (loop3): error, invalid access to exfat cache (entry 0x00000000) [ 267.366555][ T5762] exFAT-fs (loop3): error, failed to bmap (inode : ffff88803b614e00 iblock : 9, err : -5) [ 267.405596][ T5762] exFAT-fs (loop3): error, tried to truncate zeroed cluster. [ 267.511939][ T5769] netlink: 4 bytes leftover after parsing attributes in process `syz.1.142'. [ 267.596034][ T5771] netlink: 20 bytes leftover after parsing attributes in process `syz.1.142'. [ 268.752736][ T5785] netlink: 260 bytes leftover after parsing attributes in process `syz.1.147'. [ 270.551591][ T5821] loop4: detected capacity change from 0 to 64 [ 271.556178][ T2570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.564538][ T2570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.831733][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.843191][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.019663][ T5834] netlink: 'syz.4.159': attribute type 10 has an invalid length. [ 272.028103][ T5834] netlink: 2 bytes leftover after parsing attributes in process `syz.4.159'. [ 272.037320][ T5834] lo: entered promiscuous mode [ 272.049900][ T5834] team0: Device lo is loopback device. Loopback devices can't be added as a team port [ 272.829477][ T5838] loop0: detected capacity change from 0 to 2048 [ 272.916477][ T5838] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024) [ 273.070878][ T5846] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 273.218234][ T5838] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 147 [ 273.226782][ T5838] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=15) [ 273.328752][ T5838] Remounting filesystem read-only [ 273.334550][ T5838] NILFS (loop0): error -5 truncating bmap (ino=15) [ 273.426703][ T5851] loop4: detected capacity change from 0 to 128 [ 273.646072][ T5851] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 273.693372][ T5193] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer [ 273.702974][ T5193] NILFS (loop0): discard dirty page: offset=0, ino=2 [ 273.709892][ T5193] NILFS (loop0): discard dirty block: blocknr=18, size=1024 [ 273.717717][ T5193] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 273.727044][ T5193] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 273.736263][ T5193] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024 [ 273.756550][ T5193] NILFS (loop0): discard dirty page: offset=0, ino=6 [ 273.763635][ T5193] NILFS (loop0): discard dirty block: blocknr=35, size=1024 [ 273.771894][ T5193] NILFS (loop0): discard dirty block: blocknr=36, size=1024 [ 273.779420][ T5193] NILFS (loop0): discard dirty block: blocknr=37, size=1024 [ 273.793007][ T5193] NILFS (loop0): discard dirty block: blocknr=38, size=1024 [ 273.802956][ T5851] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 274.289554][ T5187] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 275.252184][ T5871] loop0: detected capacity change from 0 to 256 [ 275.280880][ T5254] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 275.541125][ T5254] usb 4-1: Using ep0 maxpacket: 16 [ 275.591370][ T5254] usb 4-1: config 0 has an invalid interface number: 251 but max is 0 [ 275.600015][ T5254] usb 4-1: config 0 has no interface number 0 [ 275.606650][ T5254] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16 [ 275.617219][ T5254] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64 [ 275.692298][ T5254] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4 [ 275.701934][ T5254] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 275.710178][ T5254] usb 4-1: Product: syz [ 275.714798][ T5254] usb 4-1: Manufacturer: syz [ 275.719617][ T5254] usb 4-1: SerialNumber: syz [ 275.779774][ T5254] usb 4-1: config 0 descriptor?? [ 275.789214][ T5867] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 275.825556][ T5867] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 276.186705][ T5867] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 276.218669][ T5867] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 276.878133][ T5884] netlink: 576 bytes leftover after parsing attributes in process `syz.0.179'. [ 276.915808][ T5254] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 276.926674][ T5254] asix 4-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 276.938175][ T5254] asix 4-1:0.251: probe with driver asix failed with error -71 [ 276.996195][ T5254] usb 4-1: USB disconnect, device number 3 [ 277.030616][ T5887] netlink: 'syz.4.181': attribute type 7 has an invalid length. [ 277.640980][ T5891] netlink: 28 bytes leftover after parsing attributes in process `syz.4.183'. [ 278.265353][ T5900] loop4: detected capacity change from 0 to 8 [ 278.521251][ T5902] capability: warning: `syz.0.188' uses 32-bit capabilities (legacy support in use) [ 279.096660][ T5907] loop4: detected capacity change from 0 to 1024 [ 279.185363][ T5907] EXT4-fs: Ignoring removed orlov option [ 279.261245][ T5907] EXT4-fs (loop4): Test dummy encryption mode enabled [ 279.268832][ T5907] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal [ 279.376061][ T5907] 9p: Unknown access argument 18446744073709551615ÿÿÿÿ: -22 [ 280.553218][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.559891][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 281.781660][ T5194] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 281.803178][ T5194] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 281.816792][ T5194] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 281.842099][ T5194] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 281.854165][ T5194] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 281.868027][ T5194] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 281.879506][ T5928] netlink: 72 bytes leftover after parsing attributes in process `syz.3.200'. [ 283.876597][ T5925] chnl_net:caif_netlink_parms(): no params data found [ 283.950884][ T44] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 283.990657][ T5194] Bluetooth: hci5: command tx timeout [ 284.164227][ T44] usb 4-1: Using ep0 maxpacket: 8 [ 284.203179][ T44] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 284.212746][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 284.221221][ T44] usb 4-1: Product: syz [ 284.230612][ T44] usb 4-1: Manufacturer: syz [ 284.235451][ T44] usb 4-1: SerialNumber: syz [ 284.283393][ T44] usb 4-1: config 0 descriptor?? [ 284.308534][ T44] gspca_main: sq930x-2.14.0 probing 2770:930c [ 285.296472][ T44] gspca_sq930x: ucbus_write failed -71 [ 285.600696][ T44] gspca_sq930x: Sensor ov9630 not yet treated [ 285.607397][ T44] sq930x 4-1:0.0: probe with driver sq930x failed with error -22 [ 285.657979][ T44] usb 4-1: USB disconnect, device number 4 [ 286.045723][ T5925] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.053587][ T5925] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.061796][ T5925] bridge_slave_0: entered allmulticast mode [ 286.078517][ T5925] bridge_slave_0: entered promiscuous mode [ 286.111163][ T5194] Bluetooth: hci5: command tx timeout [ 286.249558][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.257809][ T5925] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.265852][ T5925] bridge_slave_1: entered allmulticast mode [ 286.281928][ T5925] bridge_slave_1: entered promiscuous mode [ 286.696463][ T5925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.773030][ T5965] loop3: detected capacity change from 0 to 1024 [ 286.777728][ T5925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 286.847323][ T5965] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 286.860185][ T5968] loop0: detected capacity change from 0 to 1024 [ 286.883267][ T5968] EXT4-fs: Ignoring removed oldalloc option [ 286.950589][ T5968] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled [ 287.004272][ T5965] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #11: comm syz.3.215: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 287.058999][ T5968] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.074555][ T5965] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.215: couldn't read orphan inode 11 (err -117) [ 287.189346][ T5965] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.227082][ T5925] team0: Port device team_slave_0 added [ 287.316043][ T5925] team0: Port device team_slave_1 added [ 287.368342][ T5965] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.215: Invalid block bitmap block 0 in block_group 0 [ 287.409757][ T5965] Quota error (device loop3): write_blk: dquota write failed [ 287.418474][ T5965] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 287.432010][ T5965] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.215: Failed to acquire dquot type 0 [ 287.727546][ T5925] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.734927][ T5925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.762622][ T5925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.766073][ T5965] syz.3.215 (5965) used greatest stack depth: 4312 bytes left [ 287.875598][ T5193] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 287.897307][ T5925] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 287.904708][ T5925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.930889][ C0] vkms_vblank_simulate: vblank timer overrun [ 287.950358][ T5925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 287.996599][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.069946][ T5977] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 288.160554][ T5194] Bluetooth: hci5: command tx timeout [ 288.521910][ T5925] hsr_slave_0: entered promiscuous mode [ 288.599508][ T5925] hsr_slave_1: entered promiscuous mode [ 288.670500][ T5925] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 288.678315][ T5925] Cannot create hsr debugfs directory [ 290.232385][ T5194] Bluetooth: hci5: command tx timeout [ 290.296670][ T5925] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.546908][ T5925] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.904092][ T5925] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.158597][ T5925] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.867736][ T5925] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 291.957955][ T5925] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 292.083266][ T5925] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 292.232007][ T5925] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 293.537356][ T6020] loop4: detected capacity change from 0 to 2048 [ 293.590673][ T6024] loop2: detected capacity change from 0 to 256 [ 293.639423][ T6020] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 293.712234][ T6024] MINIX-fs: mounting file system with errors, running fsck is recommended [ 293.775010][ T5925] 8021q: adding VLAN 0 to HW filter on device bond0 [ 293.829784][ T6020] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 294.044183][ T5925] 8021q: adding VLAN 0 to HW filter on device team0 [ 294.199807][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.207695][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.355404][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.363189][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state [ 294.929054][ T6034] loop0: detected capacity change from 0 to 128 [ 296.183367][ T29] audit: type=1326 audit(1726049455.789:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6043 comm="syz.2.245" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x0 [ 297.168631][ T5925] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 297.767682][ T6064] loop0: detected capacity change from 0 to 64 [ 297.857265][ T5925] veth0_vlan: entered promiscuous mode [ 298.072569][ T5925] veth1_vlan: entered promiscuous mode [ 298.590896][ T5925] veth0_macvtap: entered promiscuous mode [ 298.652792][ T6059] loop2: detected capacity change from 0 to 4096 [ 298.721695][ T6059] ntfs3: loop2: Different NTFS sector size (2048) and media sector size (512). [ 298.763962][ T5925] veth1_macvtap: entered promiscuous mode [ 299.012188][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.023040][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.035546][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.046706][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.056918][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.067786][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.083285][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.095517][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.105789][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 299.116680][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.131957][ T5925] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 299.318283][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.329596][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.339719][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.352754][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.363385][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.374114][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.389532][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.402311][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.412670][ T5925] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 299.423468][ T5925] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 299.442359][ T5925] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 299.731081][ T5925] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.740163][ T5925] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.749577][ T5925] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.758804][ T5925] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 299.871004][ T6078] team0: entered promiscuous mode [ 299.876290][ T6078] team_slave_0: entered promiscuous mode [ 299.885027][ T6078] team_slave_1: entered promiscuous mode [ 299.897552][ T6080] mmap: syz.0.258 (6080) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 299.990875][ T6076] team0: left promiscuous mode [ 300.000495][ T6076] team_slave_0: left promiscuous mode [ 300.008323][ T6076] team_slave_1: left promiscuous mode [ 302.051279][ T44] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 302.310748][ T44] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4 [ 302.320114][ T44] usb 1-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0 [ 302.329235][ T44] usb 1-1: Manufacturer: syz [ 302.424574][ T44] usb 1-1: config 0 descriptor?? [ 302.944117][ T44] gs_usb 1-1:0.0: Configuring for 1 interfaces [ 303.009114][ T6113] loop3: detected capacity change from 0 to 512 [ 303.060840][ T6113] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 303.073547][ T6113] UDF-fs: Scanning with blocksize 512 failed [ 303.181660][ T44] gs_usb 1-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO) [ 303.191897][ T6113] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 303.191993][ T6113] UDF-fs: Scanning with blocksize 1024 failed [ 303.193996][ T6113] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found [ 303.201496][ T44] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -71 [ 303.207113][ T6113] UDF-fs: Scanning with blocksize 2048 failed [ 303.285096][ T6113] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 303.339544][ T44] usb 1-1: USB disconnect, device number 4 [ 303.503226][ T6113] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 306.400795][ T25] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 306.633047][ T25] usb 4-1: Using ep0 maxpacket: 32 [ 306.661941][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0 [ 306.672203][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 306.682388][ T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0 [ 306.738433][ T25] usb 4-1: New USB device found, idVendor=0451, idProduct=5152, bcdDevice=c0.b9 [ 306.748871][ T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 306.761039][ T25] usb 4-1: Product: syz [ 306.765449][ T25] usb 4-1: Manufacturer: syz [ 306.771451][ T25] usb 4-1: SerialNumber: syz [ 306.794856][ T6156] loop0: detected capacity change from 0 to 64 [ 306.830609][ T25] usb 4-1: config 0 descriptor?? [ 306.853302][ T25] ti_usb_3410_5052 4-1:0.0: TI USB 5052 2 port adapter converter detected [ 306.869911][ T25] ti_usb_3410_5052 4-1:0.0: missing endpoints [ 307.221590][ T5269] usb 4-1: USB disconnect, device number 5 [ 307.321936][ T6159] netlink: 16 bytes leftover after parsing attributes in process `syz.4.289'. [ 308.316488][ T2965] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 308.324764][ T2965] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 308.528541][ T6164] loop0: detected capacity change from 0 to 2048 [ 308.650805][ T6171] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 308.672137][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 308.680412][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 309.823301][ T6178] loop4: detected capacity change from 0 to 1024 [ 311.128285][ T6187] sctp: [Deprecated]: syz.0.300 (pid 6187) Use of int in max_burst socket option. [ 311.128285][ T6187] Use struct sctp_assoc_value instead [ 312.570602][ T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 312.771367][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 312.810613][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 312.885629][ T25] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 312.895440][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 312.907596][ T25] usb 1-1: Product: syz [ 312.913161][ T25] usb 1-1: Manufacturer: syz [ 312.918072][ T25] usb 1-1: SerialNumber: syz [ 312.940438][ T25] usb 1-1: config 0 descriptor?? [ 312.967865][ T6194] loop4: detected capacity change from 0 to 4096 [ 312.980692][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 313.016624][ T8] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 313.026321][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 313.026979][ T25] gspca_main: sq930x-2.14.0 probing 2770:930c [ 313.086265][ T8] usb 4-1: config 0 descriptor?? [ 313.141289][ T8] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 313.453101][ C1] hrtimer: interrupt took 241350 ns [ 313.802038][ T8] gspca_nw80x: reg_w err -71 [ 313.807119][ T8] nw80x 4-1:0.0: probe with driver nw80x failed with error -71 [ 313.900634][ T8] usb 4-1: USB disconnect, device number 6 [ 313.987654][ T25] gspca_sq930x: ucbus_write failed -71 [ 313.994196][ T25] sq930x 1-1:0.0: probe with driver sq930x failed with error -71 [ 314.088618][ T25] usb 1-1: USB disconnect, device number 5 [ 314.243952][ T6209] @: renamed from vlan0 (while UP) [ 315.364220][ T6222] netlink: 'syz.2.314': attribute type 5 has an invalid length. [ 316.036390][ T6231] loop2: detected capacity change from 0 to 64 [ 316.835400][ T6242] loop0: detected capacity change from 0 to 64 [ 317.751882][ T6250] tap0: tun_chr_ioctl cmd 1074025677 [ 317.757787][ T6250] tap0: linktype set to 6 [ 318.556834][ T6260] loop2: detected capacity change from 0 to 64 [ 318.563639][ T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 318.811579][ T8] usb 1-1: Using ep0 maxpacket: 32 [ 318.891354][ T8] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b [ 318.900867][ T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 318.909123][ T8] usb 1-1: Product: syz [ 318.913660][ T8] usb 1-1: Manufacturer: syz [ 318.918481][ T8] usb 1-1: SerialNumber: syz [ 318.945633][ T8] usb 1-1: config 0 descriptor?? [ 319.062254][ T6264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.331'. [ 319.071606][ T6264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.331'. [ 319.672994][ T8] peak_usb 1-1:0.0: PEAK-System PCAN-USB Pro hwrev 0 serial 00000000.00000000 (2 channels) [ 319.683692][ T8] peak_usb 1-1:0.0 can0: sending command failure: -22 [ 319.691117][ T8] peak_usb 1-1:0.0 can0: sending command failure: -22 [ 319.842539][ T8] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -22 [ 320.073590][ T8] usb 1-1: USB disconnect, device number 6 [ 320.997785][ T6278] loop4: detected capacity change from 0 to 1024 [ 321.136506][ T6278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.149359][ T6278] ext4 filesystem being mounted at /83/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 321.608821][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.927478][ T6296] netlink: 8 bytes leftover after parsing attributes in process `syz.3.342'. [ 322.309946][ T6297] loop2: detected capacity change from 0 to 2048 [ 322.501234][ T6297] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.143601][ T5503] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.292429][ T6312] Bluetooth: MGMT ver 1.23 [ 324.592592][ T6329] loop1: detected capacity change from 0 to 64 [ 324.697243][ T6326] loop2: detected capacity change from 0 to 2048 [ 324.773972][ T6329] hfs: keylen 94 too large [ 324.784222][ T6329] hfs: inconsistency in B*Tree (1,0,1,0,3) [ 324.816022][ T6332] ax25_connect(): syz.2.356 uses autobind, please contact jreuter@yaina.de [ 324.871950][ T6331] loop3: detected capacity change from 0 to 1024 [ 324.893066][ T6326] loop2: p4 < > [ 325.359632][ T2570] hfsplus: b-tree write err: -5, ino 4 [ 325.675117][ T6336] loop0: detected capacity change from 0 to 1024 [ 325.784471][ T6336] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 327.780717][ T25] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 327.791172][ T5269] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 327.941845][ T6366] netlink: 16 bytes leftover after parsing attributes in process `syz.4.375'. [ 328.011094][ T25] usb 1-1: Using ep0 maxpacket: 8 [ 328.021012][ T5269] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config [ 328.031903][ T25] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 328.032034][ T25] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 328.032160][ T25] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 328.070423][ T5269] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 328.079477][ T25] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 328.081810][ T5269] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 328.090935][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 328.091069][ T25] usb 1-1: Product: syz [ 328.100910][ T5269] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 328.101144][ T5269] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 328.101295][ T5269] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.145062][ T25] usb 1-1: Manufacturer: syz [ 328.149897][ T25] usb 1-1: SerialNumber: syz [ 328.291474][ T5269] usb 3-1: Quirk or no altset; falling back to MIDI 1.0 [ 328.300002][ T5269] usb 3-1: invalid MIDI out EP 0 [ 328.854885][ T5269] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22 [ 328.984238][ T5269] usb 3-1: USB disconnect, device number 2 [ 329.000503][ T5481] udevd[5481]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 329.128777][ T25] usb 1-1: 0:2 : does not exist [ 329.457523][ T6375] veth1_to_team: mtu greater than device maximum [ 329.513059][ T5269] usb 1-1: USB disconnect, device number 7 [ 329.636820][ T5378] udevd[5378]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 329.729498][ T6377] loop4: detected capacity change from 0 to 512 [ 329.773001][ T6377] EXT4-fs: Ignoring removed nobh option [ 329.909644][ T6377] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 329.995428][ T6377] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 330.012487][ T6377] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #13: comm syz.4.381: casefold flag without casefold feature [ 330.059553][ T6377] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.381: couldn't read orphan inode 13 (err -117) [ 330.109484][ T6377] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 330.477723][ T6377] EXT4-fs error (device loop4): __ext4_remount:6491: comm syz.4.381: Abort forced by user [ 330.535881][ T6377] EXT4-fs (loop4): Remounting filesystem read-only [ 330.556569][ T6377] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 330.637985][ T6377] fscrypt (loop4, inode 2): Error -5 getting encryption context [ 330.914721][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 331.407404][ T6396] netlink: 'syz.3.389': attribute type 1 has an invalid length. [ 333.146295][ T6422] loop0: detected capacity change from 0 to 8 [ 333.355937][ T6422] SQUASHFS error: Unable to read directory block [629:46] [ 333.725545][ T6424] Process accounting resumed [ 333.753201][ T5185] Bluetooth: hci0: command 0x0406 tx timeout [ 333.759494][ T5185] Bluetooth: hci3: command 0x0406 tx timeout [ 333.768847][ T5194] Bluetooth: hci2: command 0x0406 tx timeout [ 333.777478][ T5195] Bluetooth: hci4: command 0x0406 tx timeout [ 333.897578][ T6427] netlink: 'syz.4.403': attribute type 9 has an invalid length. [ 334.701206][ T6437] loop2: detected capacity change from 0 to 256 [ 334.749161][ T6437] vfat: Bad value for 'time_offset' [ 335.201745][ T5190] Bluetooth: hci5: command tx timeout [ 335.431069][ T6445] loop4: detected capacity change from 0 to 1024 [ 335.667192][ T6445] hfsplus: bad catalog entry type [ 336.012599][ T2570] hfsplus: b-tree write err: -5, ino 4 [ 337.824002][ T6475] loop4: detected capacity change from 0 to 8 [ 338.492092][ T6470] loop3: detected capacity change from 0 to 4096 [ 338.609931][ T6470] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 338.931569][ T6470] ntfs3: loop3: Mark volume as dirty due to NTFS errors [ 338.960676][ T6470] ntfs3: loop3: Failed to load $Extend (-22). [ 338.967204][ T6470] ntfs3: loop3: Failed to initialize $Extend. [ 339.646390][ T6491] netlink: 12 bytes leftover after parsing attributes in process `syz.0.429'. [ 340.091296][ T6495] loop3: detected capacity change from 0 to 164 [ 340.402862][ T6499] loop2: detected capacity change from 0 to 128 [ 340.672581][ T6499] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 340.771228][ T6499] ext4 filesystem being mounted at /66/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 341.325996][ T5503] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 341.953885][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 341.960785][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 343.393704][ T6530] loop2: detected capacity change from 0 to 256 [ 343.982424][ T2950] bridge_slave_1: left allmulticast mode [ 343.988319][ T2950] bridge_slave_1: left promiscuous mode [ 343.995259][ T2950] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.084649][ T2950] bridge_slave_0: left allmulticast mode [ 344.090895][ T2950] bridge_slave_0: left promiscuous mode [ 344.097458][ T2950] bridge0: port 1(bridge_slave_0) entered disabled state [ 344.204374][ T6520] loop1: detected capacity change from 0 to 4096 [ 344.430702][ T6520] NILFS (loop1): invalid segment: Checksum error in segment payload [ 344.443446][ T6520] NILFS (loop1): trying rollback from an earlier position [ 344.536200][ T6520] NILFS (loop1): recovery complete [ 344.605932][ T6539] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 344.840778][ T6542] loop0: detected capacity change from 0 to 512 [ 344.898826][ T2950] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 344.919912][ T6542] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 344.998194][ T2950] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 345.028887][ T2950] bond0 (unregistering): Released all slaves [ 345.063626][ T6542] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 345.131560][ T6542] System zones: 1-12 [ 345.228555][ T6542] EXT4-fs (loop0): 1 truncate cleaned up [ 345.236979][ T6542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 345.915086][ T6555] loop2: detected capacity change from 0 to 256 [ 346.012642][ T6555] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 346.090483][ T5193] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.346557][ T2950] hsr_slave_0: left promiscuous mode [ 346.369846][ T2950] hsr_slave_1: left promiscuous mode [ 346.438719][ T2950] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 346.446762][ T2950] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 346.543218][ T2950] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 346.551085][ T2950] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 346.619432][ T2950] veth1_macvtap: left promiscuous mode [ 346.625649][ T2950] veth0_macvtap: left promiscuous mode [ 346.631801][ T2950] veth1_vlan: left promiscuous mode [ 346.637363][ T2950] veth0_vlan: left promiscuous mode [ 347.130324][ T2950] pimreg (unregistering): left allmulticast mode [ 347.826292][ T2950] team0 (unregistering): Port device team_slave_1 removed [ 347.954978][ T2950] team0 (unregistering): Port device team_slave_0 removed [ 349.159232][ T6583] loop3: detected capacity change from 0 to 1024 [ 349.196174][ T6583] EXT4-fs: Ignoring removed orlov option [ 349.254006][ T6583] EXT4-fs (loop3): Test dummy encryption mode enabled [ 349.281051][ T6583] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal [ 349.535118][ T6583] 9p: Unknown access argument 18446744073709551615ÿÿÿÿ: -22 [ 350.105733][ T6601] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 350.120915][ T6601] overlayfs: workdir and upperdir must be separate subtrees [ 350.667736][ T6608] netlink: 72 bytes leftover after parsing attributes in process `syz.4.477'. [ 351.385252][ T6619] mkiss: ax0: crc mode is auto. [ 352.057497][ T6628] vxcan0: tx drop: invalid da for name 0x0000000002000000 [ 352.590858][ T6630] loop4: detected capacity change from 0 to 512 [ 352.759981][ T6630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 352.773899][ T6630] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 352.794680][ T6634] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 352.880404][ T6633] netlink: 16 bytes leftover after parsing attributes in process `syz.1.488'. [ 353.281229][ T6630] EXT4-fs error (device loop4): ext4_empty_dir:3085: inode #12: comm syz.4.486: invalid size [ 353.720692][ T5187] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.045714][ T29] audit: type=1326 audit(1726049514.702:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6663 comm="syz.0.500" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ad579 code=0x0 [ 356.256731][ T29] audit: type=1326 audit(1726049515.912:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6679 comm="syz.2.508" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f15579 code=0x0 [ 356.928046][ T6691] loop3: detected capacity change from 0 to 512 [ 357.060962][ T6691] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.512: invalid block [ 357.154665][ T6691] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.512: invalid indirect mapped block 4294967295 (level 1) [ 357.209364][ T6691] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.512: invalid indirect mapped block 4294967295 (level 1) [ 357.261402][ T6691] EXT4-fs (loop3): 2 truncates cleaned up [ 357.269026][ T6691] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 357.776704][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.990928][ T44] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 358.200511][ T44] usb 3-1: Using ep0 maxpacket: 16 [ 358.231880][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 358.243296][ T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 358.253593][ T44] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 358.269001][ T44] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 358.279017][ T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 358.333168][ T44] usb 3-1: config 0 descriptor?? [ 358.488046][ T6713] loop3: detected capacity change from 0 to 256 [ 358.707284][ T6713] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d) [ 358.721290][ T6713] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 358.842276][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.849842][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.857872][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.870531][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.881671][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.890330][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 358.897864][ T44] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0 [ 359.164550][ T44] microsoft 0003:045E:07DA.0003: No inputs registered, leaving [ 359.242992][ T44] microsoft 0003:045E:07DA.0003: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 359.254935][ T44] microsoft 0003:045E:07DA.0003: no inputs found [ 359.261672][ T44] microsoft 0003:045E:07DA.0003: could not initialize ff, continuing anyway [ 359.431252][ T44] usb 3-1: USB disconnect, device number 3 [ 360.160496][ T5254] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 360.425044][ T5254] usb 4-1: Using ep0 maxpacket: 16 [ 360.485162][ T5254] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 360.496720][ T5254] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 360.507058][ T5254] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 360.522456][ T5254] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 360.532887][ T5254] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 360.662669][ T5254] usb 4-1: config 0 descriptor?? [ 360.771293][ T6735] loop4: detected capacity change from 0 to 128 [ 360.804317][ T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 360.866262][ T6735] syz.4.542: attempt to access beyond end of device [ 360.866262][ T6735] loop4: rw=0, sector=6491536, nr_sectors = 2 limit=128 [ 360.880328][ T6735] Buffer I/O error on dev loop4, logical block 3245768, async page read [ 360.889025][ T6735] syz.4.542: attempt to access beyond end of device [ 360.889025][ T6735] loop4: rw=0, sector=17666806, nr_sectors = 2 limit=128 [ 360.903213][ T6735] Buffer I/O error on dev loop4, logical block 8833403, async page read [ 360.911986][ T6735] syz.4.542: attempt to access beyond end of device [ 360.911986][ T6735] loop4: rw=0, sector=26539618, nr_sectors = 2 limit=128 [ 360.931646][ T6735] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 360.942306][ T6735] syz.4.542: attempt to access beyond end of device [ 360.942306][ T6735] loop4: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 360.956238][ T6735] Buffer I/O error on dev loop4, logical block 8073606, async page read [ 360.965157][ T6735] syz.4.542: attempt to access beyond end of device [ 360.965157][ T6735] loop4: rw=0, sector=6491542, nr_sectors = 2 limit=128 [ 360.978939][ T6735] Buffer I/O error on dev loop4, logical block 3245771, async page read [ 360.987640][ T6735] syz.4.542: attempt to access beyond end of device [ 360.987640][ T6735] loop4: rw=0, sector=17668342, nr_sectors = 2 limit=128 [ 361.001988][ T6735] Buffer I/O error on dev loop4, logical block 8834171, async page read [ 361.013142][ T6735] syz.4.542: attempt to access beyond end of device [ 361.013142][ T6735] loop4: rw=0, sector=26932834, nr_sectors = 2 limit=128 [ 361.032787][ T6735] Buffer I/O error on dev loop4, logical block 13466417, async page read [ 361.043533][ T6735] syz.4.542: attempt to access beyond end of device [ 361.043533][ T6735] loop4: rw=0, sector=16147212, nr_sectors = 2 limit=128 [ 361.057657][ T6735] Buffer I/O error on dev loop4, logical block 8073606, async page read [ 361.067130][ T6735] syz.4.542: attempt to access beyond end of device [ 361.067130][ T6735] loop4: rw=0, sector=6491548, nr_sectors = 2 limit=128 [ 361.080907][ T6735] Buffer I/O error on dev loop4, logical block 3245774, async page read [ 361.089509][ T6735] syz.4.542: attempt to access beyond end of device [ 361.089509][ T6735] loop4: rw=0, sector=17669878, nr_sectors = 2 limit=128 [ 361.103846][ T6735] Buffer I/O error on dev loop4, logical block 8834939, async page read [ 361.414212][ T5254] microsoft 0003:045E:07DA.0004: unknown main item tag 0x0 [ 361.422492][ T5254] microsoft 0003:045E:07DA.0004: item 0 0 0 11 parsing failed [ 361.548345][ T5254] microsoft 0003:045E:07DA.0004: parse failed [ 361.555653][ T5254] microsoft 0003:045E:07DA.0004: probe with driver microsoft failed with error -22 [ 361.736550][ T5254] usb 4-1: USB disconnect, device number 7 [ 362.222492][ T6741] loop0: detected capacity change from 0 to 256 [ 362.408136][ T6741] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d) [ 362.421408][ T6741] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 363.472889][ T29] audit: type=1800 audit(1726049522.232:8): pid=6741 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.534" name="file2" dev="loop0" ino=1048616 res=0 errno=0 [ 364.118841][ T6746] netlink: 'syz.2.536': attribute type 12 has an invalid length. [ 364.127046][ T6746] netlink: 'syz.2.536': attribute type 29 has an invalid length. [ 364.135470][ T6746] netlink: 'syz.2.536': attribute type 2 has an invalid length. [ 364.143413][ T6746] netlink: 128 bytes leftover after parsing attributes in process `syz.2.536'. [ 364.912039][ T6749] netlink: 4 bytes leftover after parsing attributes in process `syz.3.538'. [ 365.059186][ T6753] loop2: detected capacity change from 0 to 128 [ 365.152683][ T6751] loop0: detected capacity change from 0 to 256 [ 365.319970][ T6753] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 365.443904][ T6753] ext4 filesystem being mounted at /86/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 366.422496][ T5503] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 369.501253][ T6778] netlink: 12 bytes leftover after parsing attributes in process `syz.0.551'. [ 369.595918][ T5185] Bluetooth: hci1: command 0x0406 tx timeout [ 370.586210][ T6784] loop0: detected capacity change from 0 to 1024 [ 370.887031][ T6784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 371.623335][ T5193] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.136425][ T6794] netlink: 830 bytes leftover after parsing attributes in process `syz.1.558'. [ 372.499771][ T5190] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 372.522151][ T5190] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 372.549599][ T5190] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 372.570579][ T5190] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 372.586673][ T5190] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 372.599257][ T5190] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 373.274851][ T6800] netlink: 8 bytes leftover after parsing attributes in process `syz.1.560'. [ 373.284092][ T6800] netlink: 28 bytes leftover after parsing attributes in process `syz.1.560'. [ 374.601575][ T44] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 374.639875][ T6796] chnl_net:caif_netlink_parms(): no params data found [ 374.710954][ T5190] Bluetooth: hci0: command tx timeout [ 374.819661][ T44] usb 4-1: Using ep0 maxpacket: 8 [ 374.927937][ T44] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13 [ 375.041351][ T44] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58 [ 375.051001][ T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.061491][ T44] usb 4-1: Product: syz [ 375.065888][ T44] usb 4-1: Manufacturer: syz [ 375.071550][ T44] usb 4-1: SerialNumber: syz [ 375.153859][ T44] usb 4-1: config 0 descriptor?? [ 375.249572][ T44] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae [ 375.951403][ T44] gspca_zc3xx: reg_w_i err -71 [ 376.629963][ T44] gspca_zc3xx: Unknown sensor - set to TAS5130C [ 376.637089][ T44] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71 [ 376.781555][ T44] usb 4-1: USB disconnect, device number 8 [ 376.794251][ T5190] Bluetooth: hci0: command tx timeout [ 376.927652][ T6796] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.935939][ T6796] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.943886][ T6796] bridge_slave_0: entered allmulticast mode [ 376.953419][ T6796] bridge_slave_0: entered promiscuous mode [ 377.174873][ T6796] bridge0: port 2(bridge_slave_1) entered blocking state [ 377.182839][ T6796] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.190856][ T6796] bridge_slave_1: entered allmulticast mode [ 377.200010][ T6796] bridge_slave_1: entered promiscuous mode [ 377.840577][ T6796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 378.060740][ T6822] loop1: detected capacity change from 0 to 512 [ 378.082717][ T6796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 378.153761][ T6822] EXT4-fs: Ignoring removed oldalloc option [ 378.305693][ T6822] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=9842e02d, mo2=0002] [ 378.443159][ T6822] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.567: invalid indirect mapped block 1 (level 1) [ 378.571021][ T6822] EXT4-fs (loop1): Remounting filesystem read-only [ 378.578178][ T6822] EXT4-fs (loop1): 1 truncate cleaned up [ 378.586456][ T6822] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.612044][ T6796] team0: Port device team_slave_0 added [ 378.772050][ T6796] team0: Port device team_slave_1 added [ 378.876237][ T5190] Bluetooth: hci0: command tx timeout [ 379.183028][ T6796] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 379.190397][ T6796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.217115][ T6796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 379.359884][ T5925] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 379.424670][ T5185] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 379.437266][ T5185] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 379.449039][ T5185] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 379.467348][ T5185] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 379.491163][ T5185] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 379.500430][ T5185] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 379.625229][ T6796] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 379.632683][ T6796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 379.659175][ T6796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 380.273365][ T6832] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 380.490990][ T6796] hsr_slave_0: entered promiscuous mode [ 380.544545][ T6796] hsr_slave_1: entered promiscuous mode [ 380.601612][ T6796] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 380.609542][ T6796] Cannot create hsr debugfs directory [ 380.990612][ T5185] Bluetooth: hci0: command tx timeout [ 381.597179][ T5190] Bluetooth: hci6: command tx timeout [ 381.667937][ T6828] chnl_net:caif_netlink_parms(): no params data found [ 382.419486][ T6796] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 382.745109][ T6796] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.055758][ T6796] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.149051][ T6842] delete_channel: no stack [ 383.397635][ T6796] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 383.682187][ T5190] Bluetooth: hci6: command tx timeout [ 384.001993][ T5185] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 384.060451][ T5185] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 384.141005][ T5185] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 384.189794][ T5185] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 384.218010][ T5185] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 384.227980][ T5185] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 384.341957][ T6796] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 384.673416][ T6828] bridge0: port 1(bridge_slave_0) entered blocking state [ 384.688889][ T6828] bridge0: port 1(bridge_slave_0) entered disabled state [ 384.697087][ T6828] bridge_slave_0: entered allmulticast mode [ 384.706623][ T6828] bridge_slave_0: entered promiscuous mode [ 384.747443][ T6796] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 384.888179][ T6828] bridge0: port 2(bridge_slave_1) entered blocking state [ 384.896021][ T6828] bridge0: port 2(bridge_slave_1) entered disabled state [ 384.904111][ T6828] bridge_slave_1: entered allmulticast mode [ 384.913575][ T6828] bridge_slave_1: entered promiscuous mode [ 384.928924][ T6796] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 385.081898][ T6796] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 385.389104][ T6828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 385.521859][ T6828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 385.752644][ T5185] Bluetooth: hci6: command tx timeout [ 385.988056][ T6828] team0: Port device team_slave_0 added [ 386.104728][ T6828] team0: Port device team_slave_1 added [ 386.340988][ T5185] Bluetooth: hci7: command tx timeout [ 386.628899][ T6828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 386.637334][ T6828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 386.664081][ T6828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 386.967343][ T6828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 386.974826][ T6828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 387.001591][ T6828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 387.226501][ T6828] hsr_slave_0: entered promiscuous mode [ 387.291919][ T6828] hsr_slave_1: entered promiscuous mode [ 387.353045][ T6828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 387.361197][ T6828] Cannot create hsr debugfs directory [ 387.845187][ T5185] Bluetooth: hci6: command tx timeout [ 388.035723][ T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.336056][ T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.391100][ T5185] Bluetooth: hci7: command tx timeout [ 388.433710][ T6845] chnl_net:caif_netlink_parms(): no params data found [ 388.541169][ T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 388.826118][ T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.236234][ T6796] 8021q: adding VLAN 0 to HW filter on device bond0 [ 389.399917][ T13] bridge_slave_1: left allmulticast mode [ 389.406069][ T13] bridge_slave_1: left promiscuous mode [ 389.413838][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 389.513027][ T13] bridge_slave_0: left allmulticast mode [ 389.519020][ T13] bridge_slave_0: left promiscuous mode [ 389.526590][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.352946][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 390.432853][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 390.472920][ T5185] Bluetooth: hci7: command tx timeout [ 390.475493][ T13] bond0 (unregistering): Released all slaves [ 390.766988][ T6796] 8021q: adding VLAN 0 to HW filter on device team0 [ 390.852298][ T6884] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0. [ 390.903668][ T2570] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.911447][ T2570] bridge0: port 1(bridge_slave_0) entered forwarding state [ 390.951388][ T5239] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 391.083530][ T2570] bridge0: port 2(bridge_slave_1) entered blocking state [ 391.091351][ T2570] bridge0: port 2(bridge_slave_1) entered forwarding state [ 391.179728][ T5239] usb 4-1: config 0 has an invalid interface number: 204 but max is 1 [ 391.189546][ T5239] usb 4-1: config 0 has no interface number 1 [ 391.264185][ T5239] usb 4-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=b9.bf [ 391.274848][ T5239] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.284251][ T5239] usb 4-1: Product: syz [ 391.288636][ T5239] usb 4-1: Manufacturer: syz [ 391.293609][ T5239] usb 4-1: SerialNumber: syz [ 391.342584][ T5239] usb 4-1: config 0 descriptor?? [ 391.609367][ T5239] snd-usb-audio 4-1:0.204: probe with driver snd-usb-audio failed with error -22 [ 391.765007][ T6889] loop1: detected capacity change from 0 to 128 [ 391.896869][ T5245] usb 4-1: USB disconnect, device number 9 [ 392.012119][ T29] audit: type=1800 audit(1726049551.692:9): pid=6889 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.590" name="file0" dev="loop1" ino=1048618 res=0 errno=0 [ 392.204449][ T5491] udevd[5491]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.204/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 392.413852][ T13] hsr_slave_0: left promiscuous mode [ 392.455213][ T13] hsr_slave_1: left promiscuous mode [ 392.501689][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 392.509445][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 392.551478][ T5185] Bluetooth: hci7: command tx timeout [ 392.562065][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 392.575375][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 392.625896][ T13] veth1_macvtap: left promiscuous mode [ 392.631892][ T13] veth0_macvtap: left promiscuous mode [ 392.637795][ T13] veth1_vlan: left promiscuous mode [ 392.643524][ T13] veth0_vlan: left promiscuous mode [ 393.757054][ T13] team0 (unregistering): Port device team_slave_1 removed [ 393.839084][ T13] team0 (unregistering): Port device team_slave_0 removed [ 394.071093][ T6902] loop3: detected capacity change from 0 to 512 [ 394.179562][ T6902] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 394.347302][ T6845] bridge0: port 1(bridge_slave_0) entered blocking state [ 394.355244][ T6845] bridge0: port 1(bridge_slave_0) entered disabled state [ 394.363384][ T6845] bridge_slave_0: entered allmulticast mode [ 394.372712][ T6845] bridge_slave_0: entered promiscuous mode [ 394.389628][ T6902] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 394.404054][ T6902] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 394.653590][ T6845] bridge0: port 2(bridge_slave_1) entered blocking state [ 394.661541][ T6845] bridge0: port 2(bridge_slave_1) entered disabled state [ 394.669382][ T6845] bridge_slave_1: entered allmulticast mode [ 394.679277][ T6845] bridge_slave_1: entered promiscuous mode [ 394.899035][ T6828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 395.005033][ T6845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 395.027375][ T6828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 395.153530][ T6845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 395.190564][ T6828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 395.256606][ T6828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 395.317194][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 395.657567][ T6845] team0: Port device team_slave_0 added [ 395.743854][ T6845] team0: Port device team_slave_1 added [ 395.865682][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.144466][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.298976][ T6845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 396.306345][ T6845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 396.333047][ T6845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 396.527119][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 396.645117][ T6845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 396.652976][ T6845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 396.684569][ T6845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 396.772607][ T6920] 9pnet_fd: Insufficient options for proto=fd [ 396.805878][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 397.543101][ T13] bridge_slave_1: left allmulticast mode [ 397.549003][ T13] bridge_slave_1: left promiscuous mode [ 397.556235][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 397.635959][ T13] bridge_slave_0: left allmulticast mode [ 397.642025][ T13] bridge_slave_0: left promiscuous mode [ 397.648567][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.351315][ T5254] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 398.430949][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 398.453278][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 398.486975][ T13] bond0 (unregistering): Released all slaves [ 398.672975][ T5254] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 398.683898][ T5254] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.729727][ T6845] hsr_slave_0: entered promiscuous mode [ 398.777450][ T6845] hsr_slave_1: entered promiscuous mode [ 398.819895][ T5254] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 398.829699][ T5254] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.838217][ T5254] usb 4-1: Product: syz [ 398.842709][ T5254] usb 4-1: Manufacturer: syz [ 398.847546][ T5254] usb 4-1: SerialNumber: syz [ 398.875707][ T6845] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 398.883760][ T6845] Cannot create hsr debugfs directory [ 399.293369][ T6796] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 399.544522][ T5245] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 399.618024][ T13] hsr_slave_0: left promiscuous mode [ 399.661746][ T13] hsr_slave_1: left promiscuous mode [ 399.678834][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 399.686859][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 399.702195][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 399.709894][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 399.759639][ T13] veth1_macvtap: left promiscuous mode [ 399.766317][ T13] veth0_macvtap: left promiscuous mode [ 399.772477][ T13] veth1_vlan: left promiscuous mode [ 399.778028][ T13] veth0_vlan: left promiscuous mode [ 399.874984][ T5254] cdc_ncm 4-1:1.0: SET_CRC_MODE failed [ 399.952157][ T5254] cdc_ncm 4-1:1.0: bind() failure [ 399.969859][ T5254] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found [ 399.977242][ T5254] cdc_ncm 4-1:1.1: bind() failure [ 400.021593][ T5245] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 400.034731][ T5245] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 400.049925][ T5245] usb 2-1: New USB device found, idVendor=056a, idProduct=0325, bcdDevice= 0.00 [ 400.067133][ T5245] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 400.156359][ T5245] usb 2-1: config 0 descriptor?? [ 400.207064][ T5254] usb 4-1: USB disconnect, device number 10 [ 400.694170][ T5245] wacom 0003:056A:0325.0005: unknown main item tag 0x0 [ 400.909665][ T5245] wacom 0003:056A:0325.0005: hidraw0: USB HID v0.00 Device [HID 056a:0325] on usb-dummy_hcd.1-1/input0 [ 400.970537][ T13] team0 (unregistering): Port device team_slave_1 removed [ 400.992569][ T5245] usb 2-1: USB disconnect, device number 4 [ 401.044177][ T13] team0 (unregistering): Port device team_slave_0 removed [ 402.575102][ T6828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 403.021636][ T6828] 8021q: adding VLAN 0 to HW filter on device team0 [ 403.158825][ T3026] bridge0: port 1(bridge_slave_0) entered blocking state [ 403.166612][ T3026] bridge0: port 1(bridge_slave_0) entered forwarding state [ 403.383105][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.389789][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.516681][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state [ 403.524495][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state [ 403.595786][ T6845] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 403.741804][ T6845] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 403.852538][ T6845] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 403.964412][ T6845] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 404.614791][ T6796] veth0_vlan: entered promiscuous mode [ 404.784750][ T6796] veth1_vlan: entered promiscuous mode [ 405.339970][ T6796] veth0_macvtap: entered promiscuous mode [ 405.379744][ T6796] veth1_macvtap: entered promiscuous mode [ 405.509915][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.521597][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.531816][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.542608][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.552936][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 405.563707][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.580979][ T6796] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 405.892072][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.902898][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.914633][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.926335][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.936526][ T6796] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 405.947622][ T6796] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 405.962853][ T6796] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 406.110955][ T6845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 406.301088][ T6845] 8021q: adding VLAN 0 to HW filter on device team0 [ 406.425197][ T6977] loop1: detected capacity change from 0 to 64 [ 406.459876][ T2965] bridge0: port 1(bridge_slave_0) entered blocking state [ 406.467669][ T2965] bridge0: port 1(bridge_slave_0) entered forwarding state [ 406.503327][ T6796] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.512590][ T6796] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.521851][ T6796] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.530936][ T6796] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 406.648558][ T2965] bridge0: port 2(bridge_slave_1) entered blocking state [ 406.656293][ T2965] bridge0: port 2(bridge_slave_1) entered forwarding state [ 406.842203][ T6828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 407.770622][ T6828] veth0_vlan: entered promiscuous mode [ 407.894471][ T6828] veth1_vlan: entered promiscuous mode [ 408.486407][ T6828] veth0_macvtap: entered promiscuous mode [ 408.594472][ T6828] veth1_macvtap: entered promiscuous mode [ 408.800631][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.811369][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.821502][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.832292][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.842451][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.856600][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.867608][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 408.880063][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 408.898390][ T6828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 409.379800][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.392025][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.403158][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.413900][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.424442][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.436302][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.446410][ T6828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 409.457143][ T6828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 409.476333][ T6828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.842923][ T6845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 409.861841][ T6828] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.874388][ T6828] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.884564][ T6828] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.893702][ T6828] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.623343][ T6845] veth0_vlan: entered promiscuous mode [ 410.821485][ T6845] veth1_vlan: entered promiscuous mode [ 411.359810][ T6845] veth0_macvtap: entered promiscuous mode [ 411.556232][ T6845] veth1_macvtap: entered promiscuous mode [ 411.812795][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.826956][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.838755][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.849921][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.860318][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.871103][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.881246][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.892071][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.902278][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 411.914602][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 411.934829][ T6845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 412.265504][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 412.277519][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 412.287855][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 412.299504][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 412.309769][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 412.320637][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 412.332543][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 412.344883][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 412.355766][ T6845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 412.366597][ T6845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 412.381996][ T6845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 412.893808][ T6845] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.904273][ T6845] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.913962][ T6845] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 412.923109][ T6845] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 413.153446][ T7039] loop3: detected capacity change from 0 to 1024 [ 413.800812][ T2570] hfsplus: b-tree write err: -5, ino 4 [ 416.413932][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.422108][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 416.501492][ T29] audit: type=1326 audit(1726049576.102:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 416.523715][ T29] audit: type=1326 audit(1726049576.102:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 416.547249][ T29] audit: type=1326 audit(1726049576.142:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=40000003 syscall=105 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 416.570652][ T29] audit: type=1326 audit(1726049576.142:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.1.629" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf746d579 code=0x7ffc0000 [ 416.882878][ T2965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 416.891087][ T2965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 418.966036][ T2950] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 418.974596][ T2950] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 419.322447][ T2570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 419.331091][ T2570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.555153][ T7127] netlink: 24 bytes leftover after parsing attributes in process `syz.1.638'. [ 421.566311][ T1053] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.574571][ T1053] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 421.856231][ T3026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 421.864527][ T3026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 422.204252][ T7146] input: syz0 as /devices/virtual/input/input10 [ 422.926897][ T7150] loop0: detected capacity change from 0 to 1024 [ 423.138594][ T7150] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.728351][ T6845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.655107][ T7167] loop2: detected capacity change from 0 to 128 [ 425.718400][ T7181] loop1: detected capacity change from 0 to 512 [ 425.825656][ T7181] EXT4-fs (loop1): 1 truncate cleaned up [ 425.833610][ T7181] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 426.493442][ T5925] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.060625][ T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 428.334203][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 428.346209][ T25] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 428.356457][ T25] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c0c, bcdDevice= 0.00 [ 428.366009][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.443516][ T25] usb 4-1: config 0 descriptor?? [ 429.013114][ T7206] loop2: detected capacity change from 0 to 4096 [ 429.028456][ T25] corsair-psu 0003:1B1C:1C0C.0006: unknown main item tag 0x4 [ 429.036512][ T25] corsair-psu 0003:1B1C:1C0C.0006: item fetching failed at offset 5/7 [ 429.101196][ T25] corsair-psu 0003:1B1C:1C0C.0006: probe with driver corsair-psu failed with error -22 [ 429.416659][ T7217] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 429.442467][ T7209] loop1: detected capacity change from 0 to 4096 [ 429.507900][ T10] usb 4-1: USB disconnect, device number 11 [ 429.771850][ T7218] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 429.796267][ T7206] NILFS error (device loop2): nilfs_find_entry: dir 2 size 34359742464 exceeds block count 1 [ 429.812908][ T7206] Remounting filesystem read-only [ 430.181031][ T6828] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 430.190419][ T6828] NILFS (loop2): discard dirty page: offset=0, ino=2 [ 430.197418][ T6828] NILFS (loop2): discard dirty block: blocknr=14, size=4096 [ 430.257153][ T6828] NILFS (loop2): discard dirty page: offset=0, ino=6 [ 430.264361][ T6828] NILFS (loop2): discard dirty block: blocknr=23, size=4096 [ 430.272920][ T6828] NILFS (loop2): discard dirty page: offset=4096, ino=6 [ 430.280112][ T6828] NILFS (loop2): discard dirty block: blocknr=24, size=4096 [ 430.287782][ T6828] NILFS (loop2): discard dirty page: offset=8192, ino=6 [ 430.295663][ T6828] NILFS (loop2): discard dirty block: blocknr=25, size=4096 [ 431.202731][ T7232] loop0: detected capacity change from 0 to 64 [ 432.105067][ T7242] syz.0.683 uses obsolete (PF_INET,SOCK_PACKET) [ 432.226036][ T7240] loop1: detected capacity change from 0 to 1024 [ 432.732113][ T3026] hfsplus: b-tree write err: -5, ino 4 [ 432.853085][ T7246] netlink: 12 bytes leftover after parsing attributes in process `syz.2.686'. [ 433.571206][ T7258] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 433.893748][ T7265] netlink: 96 bytes leftover after parsing attributes in process `syz.3.692'. [ 433.903270][ T7265] netlink: 96 bytes leftover after parsing attributes in process `syz.3.692'. [ 434.668498][ T7274] loop2: detected capacity change from 0 to 512 [ 434.773520][ T7274] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 434.892606][ T29] audit: type=1326 audit(1726049594.462:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 434.915161][ T29] audit: type=1326 audit(1726049594.462:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 434.938154][ T29] audit: type=1326 audit(1726049594.472:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 434.963699][ T29] audit: type=1326 audit(1726049594.482:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 434.987354][ T29] audit: type=1326 audit(1726049594.482:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 435.009694][ T29] audit: type=1326 audit(1726049594.532:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=307 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 435.032178][ T29] audit: type=1326 audit(1726049594.532:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 435.054588][ T29] audit: type=1326 audit(1726049594.532:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7275 comm="syz.0.694" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73cd579 code=0x7ffc0000 [ 435.122343][ T7274] EXT4-fs (loop2): 1 truncate cleaned up [ 435.129832][ T7274] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 435.362634][ T7274] EXT4-fs error (device loop2): ext4_generic_delete_entry:2678: inode #2: block 13: comm syz.2.695: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 435.461173][ T7274] EXT4-fs (loop2): Remounting filesystem read-only [ 435.789503][ T6828] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.241731][ T7287] loop3: detected capacity change from 0 to 4096 [ 440.155409][ T7335] loop1: detected capacity change from 0 to 256 [ 440.200556][ T25] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 440.233436][ T7335] exfat: Deprecated parameter 'namecase' [ 440.304622][ T7335] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 440.432084][ T7335] syz.1.720: attempt to access beyond end of device [ 440.432084][ T7335] loop1: rw=524288, sector=34359738488, nr_sectors = 1 limit=256 [ 440.446963][ T7335] syz.1.720: attempt to access beyond end of device [ 440.446963][ T7335] loop1: rw=0, sector=34359738488, nr_sectors = 1 limit=256 [ 440.462248][ T25] usb 3-1: Using ep0 maxpacket: 16 [ 440.469854][ T7338] exFAT-fs (loop1): error, tried to truncate zeroed cluster. [ 440.536384][ T29] audit: type=1800 audit(1726049600.172:22): pid=7335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.720" name="file1" dev="loop1" ino=1048634 res=0 errno=0 [ 440.541050][ T25] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 440.566140][ T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.574554][ T25] usb 3-1: Product: syz [ 440.578968][ T25] usb 3-1: Manufacturer: syz [ 440.584052][ T25] usb 3-1: SerialNumber: syz [ 440.685337][ T25] r8152-cfgselector 3-1: Unknown version 0x0000 [ 440.692351][ T25] r8152-cfgselector 3-1: config 0 descriptor?? [ 440.910973][ T7342] loop0: detected capacity change from 0 to 512 [ 440.966517][ T7342] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 441.073422][ T7342] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.722: corrupted in-inode xattr: e_name out of bounds [ 441.209970][ T7342] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 441.286729][ T7342] EXT4-fs (loop0): 1 truncate cleaned up [ 441.295728][ T7342] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 441.401158][ T10] r8152-cfgselector 3-1: USB disconnect, device number 5 [ 441.522308][ T7342] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.715292][ T7349] bond0: option lp_interval: invalid value (0) [ 441.729217][ T7349] bond0: option lp_interval: allowed values 1 - 2147483647 [ 442.722718][ T7357] loop0: detected capacity change from 0 to 256 [ 442.768099][ T7354] loop1: detected capacity change from 0 to 1024 [ 442.789096][ T7357] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 442.830520][ T7354] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 442.925766][ T7357] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512 [ 442.936058][ T7357] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 442.944080][ T7357] UDF-fs: Scanning with blocksize 512 failed [ 442.968959][ T7357] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 442.987299][ T7357] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 443.006071][ T7354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 443.422480][ T5925] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.993612][ T7366] input: syz0 as /devices/virtual/input/input11 [ 444.257651][ T7375] loop2: detected capacity change from 0 to 256 [ 445.884232][ T7387] loop0: detected capacity change from 0 to 1024 [ 446.079194][ T7387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 446.092304][ T7387] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 446.672295][ T6845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 447.749974][ T7406] loop3: detected capacity change from 0 to 1764 [ 447.788260][ T7412] loop1: detected capacity change from 0 to 1024 [ 447.886726][ T7412] EXT4-fs: Ignoring removed orlov option [ 447.960963][ T7412] EXT4-fs (loop1): Test dummy encryption mode enabled [ 448.128465][ T7412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 448.948092][ T7429] loop2: detected capacity change from 0 to 256 [ 449.029170][ T7429] exfat: Deprecated parameter 'utf8' [ 449.035206][ T7429] exfat: Deprecated parameter 'namecase' [ 449.041340][ T7429] exfat: Deprecated parameter 'utf8' [ 449.148073][ T7412] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 449.186528][ T7429] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d) [ 449.338691][ T7429] exFAT-fs (loop2): error, tried to truncate zeroed cluster. [ 449.420887][ T7429] exFAT-fs (loop2): error, tried to truncate zeroed cluster. [ 449.471686][ T29] audit: type=1800 audit(1726049609.092:23): pid=7429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.758" name="file1" dev="loop2" ino=1048635 res=0 errno=0 [ 449.495421][ T7412] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 449.953190][ T5925] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 450.543544][ T7447] Attempt to restore checkpoint with obsolete wellknown handles [ 450.572009][ T7448] netlink: 16 bytes leftover after parsing attributes in process `syz.3.764'. [ 450.581468][ T7448] netlink: 52 bytes leftover after parsing attributes in process `syz.3.764'. [ 450.590761][ T7448] netlink: 24 bytes leftover after parsing attributes in process `syz.3.764'. [ 450.599953][ T7448] vlan0: entered allmulticast mode [ 450.605581][ T7448] veth0_vlan: entered allmulticast mode [ 450.649319][ T7450] netlink: 72 bytes leftover after parsing attributes in process `syz.1.763'. [ 450.658894][ T7450] netlink: 40 bytes leftover after parsing attributes in process `syz.1.763'. [ 450.668159][ T7450] netem: change failed [ 451.710454][ T25] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 451.922550][ T25] usb 1-1: Using ep0 maxpacket: 16 [ 451.945845][ T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 452.110944][ T25] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 452.120861][ T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 452.129119][ T25] usb 1-1: Product: syz [ 452.133830][ T25] usb 1-1: Manufacturer: syz [ 452.138654][ T25] usb 1-1: SerialNumber: syz [ 452.197270][ T25] usb 1-1: config 0 descriptor?? [ 452.377683][ T25] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 452.388438][ T25] em28xx 1-1:0.0: DVB interface 0 found: bulk [ 452.915569][ T25] em28xx 1-1:0.0: chip ID is em2860 [ 453.333815][ T25] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 453.342641][ T25] em28xx 1-1:0.0: board has no eeprom [ 453.524805][ T25] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 453.533566][ T25] em28xx 1-1:0.0: dvb set to bulk mode. [ 453.558965][ T5239] em28xx 1-1:0.0: Binding DVB extension [ 453.662321][ T25] usb 1-1: USB disconnect, device number 8 [ 453.669709][ T25] em28xx 1-1:0.0: Disconnecting em28xx [ 453.710762][ T7475] loop3: detected capacity change from 0 to 512 [ 453.728635][ T7477] loop1: detected capacity change from 0 to 8 [ 453.879147][ T7475] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 453.945704][ T7475] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002] [ 453.976540][ T7475] System zones: 1-12 [ 454.025613][ T5239] em28xx 1-1:0.0: Registering input extension [ 454.056850][ T7475] EXT4-fs (loop3): 1 truncate cleaned up [ 454.064553][ T7475] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 454.531706][ T5239] rc_core: IR keymap rc-pinnacle-pctv-hd not found [ 454.538453][ T5239] Registered IR keymap rc-empty [ 454.545482][ T5239] rc rc0: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 454.568650][ T5239] input: PCTV tripleStick (292e) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input12 [ 454.609500][ T7485] loop0: detected capacity change from 0 to 512 [ 454.613013][ T5239] em28xx 1-1:0.0: Input extension successfully initialized [ 454.742282][ T7485] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 454.755537][ T7485] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 454.772332][ T25] em28xx 1-1:0.0: Closing input extension [ 454.943125][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.955656][ T7485] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.779: bg 0: block 18: invalid block bitmap [ 454.997364][ T25] em28xx 1-1:0.0: Freeing device [ 455.102684][ T7485] Quota error (device loop0): write_blk: dquota write failed [ 455.111142][ T7485] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 455.127360][ T7485] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.779: Failed to acquire dquot type 1 [ 455.147211][ T7491] Quota error (device loop0): write_blk: dquota write failed [ 455.155461][ T7491] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 455.166409][ T7491] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.779: Failed to acquire dquot type 1 [ 455.789821][ T7485] syz.0.779 (7485) used greatest stack depth: 3224 bytes left [ 455.886031][ T6845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.924733][ T7500] loop1: detected capacity change from 0 to 256 [ 456.246497][ T7500] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 456.614866][ T7503] loop0: detected capacity change from 0 to 128 [ 456.711671][ T5185] Bluetooth: hci5: command 0x0406 tx timeout [ 456.722922][ T7503] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1) [ 457.561945][ T5190] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 457.587367][ T5190] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 457.611343][ T5190] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 457.729026][ T5190] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 457.754367][ T5190] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 457.774884][ T5190] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 459.771885][ T7512] chnl_net:caif_netlink_parms(): no params data found [ 460.021167][ T5185] Bluetooth: hci1: command tx timeout [ 460.893490][ T7551] netlink: 4 bytes leftover after parsing attributes in process `syz.0.800'. [ 461.430027][ T7557] netlink: 72 bytes leftover after parsing attributes in process `syz.2.802'. [ 461.560866][ T7561] capability: warning: `syz.0.805' uses deprecated v2 capabilities in a way that may be insecure [ 461.935302][ T7512] bridge0: port 1(bridge_slave_0) entered blocking state [ 461.943172][ T7512] bridge0: port 1(bridge_slave_0) entered disabled state [ 461.951526][ T7512] bridge_slave_0: entered allmulticast mode [ 461.960916][ T7512] bridge_slave_0: entered promiscuous mode [ 462.110479][ T5185] Bluetooth: hci1: command tx timeout [ 462.157942][ T7512] bridge0: port 2(bridge_slave_1) entered blocking state [ 462.166096][ T7512] bridge0: port 2(bridge_slave_1) entered disabled state [ 462.174073][ T7512] bridge_slave_1: entered allmulticast mode [ 462.306569][ T7512] bridge_slave_1: entered promiscuous mode [ 462.639779][ T7512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 462.772750][ T7512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 463.198926][ T7512] team0: Port device team_slave_0 added [ 463.289090][ T7512] team0: Port device team_slave_1 added [ 463.592500][ T7512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 463.599676][ T7512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.626206][ T7512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 463.811749][ T7512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 463.818923][ T7512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 463.848993][ T7512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 464.140995][ T25] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 464.192023][ T5185] Bluetooth: hci1: command tx timeout [ 464.306926][ T7512] hsr_slave_0: entered promiscuous mode [ 464.389653][ T7512] hsr_slave_1: entered promiscuous mode [ 464.398967][ T25] usb 2-1: config 0 has no interfaces? [ 464.405774][ T25] usb 2-1: New USB device found, idVendor=046d, idProduct=20ee, bcdDevice= 0.00 [ 464.415886][ T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 464.510378][ T7512] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 464.518277][ T7512] Cannot create hsr debugfs directory [ 464.528524][ T25] usb 2-1: config 0 descriptor?? [ 464.806869][ T1248] ieee802154 phy0 wpan0: encryption failed: -22 [ 464.813776][ T1248] ieee802154 phy1 wpan1: encryption failed: -22 [ 464.870672][ T5269] usb 2-1: USB disconnect, device number 5 [ 465.363407][ T7598] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 465.762228][ T7512] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 465.935899][ T7601] loop3: detected capacity change from 0 to 1024 [ 466.033674][ T7601] EXT4-fs: Ignoring removed i_version option [ 466.077553][ T7512] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 466.105111][ T7601] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 466.232085][ T5185] Bluetooth: hci1: command tx timeout [ 466.245898][ T7601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.342273][ T7512] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 466.493675][ T7512] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 466.966899][ T5197] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 467.141098][ T2950] ===================================================== [ 467.148422][ T2950] BUG: KMSAN: uninit-value in n_tty_receive_buf_closing+0x539/0xb40 [ 467.158374][ T2950] n_tty_receive_buf_closing+0x539/0xb40 [ 467.165540][ T2950] n_tty_receive_buf_common+0x196b/0x2490 [ 467.172236][ T2950] n_tty_receive_buf2+0x4c/0x60 [ 467.177260][ T2950] tty_ldisc_receive_buf+0xd0/0x290 [ 467.182800][ T2950] tty_port_default_receive_buf+0xdf/0x190 [ 467.188820][ T2950] flush_to_ldisc+0x473/0xdb0 [ 467.193912][ T2950] process_scheduled_works+0xae0/0x1c40 [ 467.199658][ T2950] worker_thread+0xea7/0x14d0 [ 467.204662][ T2950] kthread+0x3e2/0x540 [ 467.208926][ T2950] ret_from_fork+0x6d/0x90 [ 467.217776][ T2950] ret_from_fork_asm+0x1a/0x30 [ 467.223696][ T2950] [ 467.226116][ T2950] Uninit was created at: [ 467.231170][ T2950] __kmalloc_noprof+0x661/0xf30 [ 467.236207][ T2950] __tty_buffer_request_room+0x36e/0x6d0 [ 467.242182][ T2950] __tty_insert_flip_string_flags+0x140/0x570 [ 467.248470][ T2950] uart_insert_char+0x39e/0xa10 [ 467.253664][ T2950] serial8250_read_char+0x1a7/0x5d0 [ 467.259050][ T2950] serial8250_handle_irq+0x77a/0xb80 [ 467.264790][ T2950] serial8250_default_handle_irq+0x120/0x2b0 [ 467.271273][ T2950] serial8250_interrupt+0xc5/0x360 [ 467.276552][ T2950] __handle_irq_event_percpu+0x118/0xca0 [ 467.282585][ T2950] handle_irq_event+0xef/0x2c0 [ 467.287514][ T2950] handle_edge_irq+0x340/0xfb0 [ 467.292616][ T2950] __common_interrupt+0x97/0x1f0 [ 467.297760][ T2950] common_interrupt+0x8f/0xa0 [ 467.302720][ T2950] asm_common_interrupt+0x2b/0x40 [ 467.307951][ T2950] [ 467.310630][ T2950] CPU: 1 UID: 0 PID: 2950 Comm: kworker/u8:9 Not tainted 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 467.325160][ T2950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 467.336405][ T2950] Workqueue: events_unbound flush_to_ldisc [ 467.342562][ T2950] ===================================================== [ 467.349604][ T2950] Disabling lock debugging due to kernel taint [ 467.359311][ T2950] Kernel panic - not syncing: kmsan.panic set ... [ 467.365876][ T2950] CPU: 1 UID: 0 PID: 2950 Comm: kworker/u8:9 Tainted: G B 6.11.0-rc7-syzkaller-00020-g8d8d276ba2fb #0 [ 467.378434][ T2950] Tainted: [B]=BAD_PAGE [ 467.382700][ T2950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 467.392917][ T2950] Workqueue: events_unbound flush_to_ldisc [ 467.398961][ T2950] Call Trace: [ 467.402341][ T2950] [ 467.405363][ T2950] dump_stack_lvl+0x216/0x2d0 [ 467.410253][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.416312][ T2950] dump_stack+0x1e/0x30 [ 467.420662][ T2950] panic+0x4e2/0xcd0 [ 467.424749][ T2950] ? kmsan_get_metadata+0xd1/0x1c0 [ 467.430076][ T2950] kmsan_report+0x2c7/0x2d0 [ 467.434771][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.440178][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.446187][ T2950] ? __msan_warning+0x95/0x120 [ 467.451137][ T2950] ? n_tty_receive_buf_closing+0x539/0xb40 [ 467.457112][ T2950] ? n_tty_receive_buf_common+0x196b/0x2490 [ 467.463180][ T2950] ? n_tty_receive_buf2+0x4c/0x60 [ 467.468443][ T2950] ? tty_ldisc_receive_buf+0xd0/0x290 [ 467.474002][ T2950] ? tty_port_default_receive_buf+0xdf/0x190 [ 467.480195][ T2950] ? flush_to_ldisc+0x473/0xdb0 [ 467.485228][ T2950] ? process_scheduled_works+0xae0/0x1c40 [ 467.491134][ T2950] ? worker_thread+0xea7/0x14d0 [ 467.496252][ T2950] ? kthread+0x3e2/0x540 [ 467.500671][ T2950] ? ret_from_fork+0x6d/0x90 [ 467.505409][ T2950] ? ret_from_fork_asm+0x1a/0x30 [ 467.510535][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.515924][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.521934][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.527332][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.532721][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.538746][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.544171][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.550194][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.555582][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.561591][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.567150][ T2950] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 467.573157][ T2950] __msan_warning+0x95/0x120 [ 467.577920][ T2950] n_tty_receive_buf_closing+0x539/0xb40 [ 467.583750][ T2950] n_tty_receive_buf_common+0x196b/0x2490 [ 467.589658][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.595055][ T2950] ? kmsan_get_metadata+0x13e/0x1c0 [ 467.600455][ T2950] n_tty_receive_buf2+0x4c/0x60 [ 467.605628][ T2950] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 467.611415][ T2950] tty_ldisc_receive_buf+0xd0/0x290 [ 467.616814][ T2950] tty_port_default_receive_buf+0xdf/0x190 [ 467.622830][ T2950] flush_to_ldisc+0x473/0xdb0 [ 467.627712][ T2950] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 467.634441][ T2950] ? __pfx_flush_to_ldisc+0x10/0x10 [ 467.639916][ T2950] process_scheduled_works+0xae0/0x1c40 [ 467.645682][ T2950] worker_thread+0xea7/0x14d0 [ 467.650562][ T2950] kthread+0x3e2/0x540 [ 467.654809][ T2950] ? __pfx_worker_thread+0x10/0x10 [ 467.660109][ T2950] ? __pfx_kthread+0x10/0x10 [ 467.664887][ T2950] ret_from_fork+0x6d/0x90 [ 467.669449][ T2950] ? __pfx_kthread+0x10/0x10 [ 467.674224][ T2950] ret_from_fork_asm+0x1a/0x30 [ 467.679185][ T2950] [ 467.682423][ T2950] Kernel Offset: disabled [ 467.686800][ T2950] Rebooting in 86400 seconds..