last executing test programs: 57.779706165s ago: executing program 0 (id=1060): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000400, 0x0, 0x1, 0x9}, 0x20) 57.250212361s ago: executing program 0 (id=1065): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="2400000070000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0c000280"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x20040014) 56.657188072s ago: executing program 0 (id=1068): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10) r1 = io_uring_setup(0x2e6d, &(0x7f0000000000)={0x0, 0xf585, 0x0, 0x2, 0xea}) io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f00000006c0)={0x0, 0x0, 0x1}, 0x1) 56.095702133s ago: executing program 0 (id=1072): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000800)={[{@errors_remount}, {@noload}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f}) chdir(&(0x7f0000000040)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0) 55.001051657s ago: executing program 0 (id=1080): prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f00000000c0)='/dev/input/event#\x00') syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x3800813, &(0x7f00000001c0)=ANY=[], 0x1, 0xa5c, &(0x7f0000001240)="$eJzs3c1vXeldB/DvubYT1xmSdBqGIZrGNxmSulPj2A6TEM2iJPZN4uIXZDvSRCya0jgoimGgA9J0hNRUQqw6AgnEAnYjVqxG6oayQLNBsKMrFkho/oWKVVi5OudeO9f2vb6Ox449mc8nur7n5Xee53fuOc95cl+f8MWydmrT3Npaddvj/N1/fgEZc4TdnP7s408+Km8/fpJj6cvbxb8kg0nqSX+S15OBqenFhbkeBT1O7if5NCmSHE/zflfup/jrvPJs/tMU/1jW29Wx3ZZML2t8qR32+QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEdRMTU9Pj5RHMvM/N13601JfZup6cWFImtr29esb9P0s2rU7+Jn3epbH7q7SIrylsHB9aG+Xz/zLOy1JPULeaM590Y1IHkG8+GJ106/87X+2vr23bL5XI7vvtj3f/jh4++trq78oOPaotjHrI6Y5jlyuzE/s7QwM3fjdqM+s7RQv3716vjlO7eW6rdmZhtL95aWG3P1qcXGjeWFxfrI1DfrE9evX6k3xu4t3J2/PT0221hfeO03J8fHr9a/M/Z7jRuLSwvzl78ztjR1Z2Z2dmb+dhVTri5jrpUn4u/OLNeXGzfm6vWHj1ZXrmzJrC9bzt8yaKLX/pRBk72CJscnJycmJicnftwaPXtjwdW3r799bXy8f7zplbQmsi3igE5ajpavdD/MB3Mhhz2oNfv/ZDYzmc/dvJt6x39Tmc5iFjLXZX3Lev9/8XJjx2rT1v+3evn+tvVnyz8Xcq41O9il/++Sy/79K/dmp/Xv54f5MI/zvaxmNSv5wYFndLT+3U4j85nJUhYyk7ncqJbUW0vquZ6ruZrxfDd3Mpyl9OdWZjKbRpZyL0tZTqM6o6aymEZuZDkLWUw9I5nKN1PPRK7neq6knkbGci8LuZv53M50blSlPMyj6nG/skOOG0ETuwma3CFoW2ferf/fsHWTxtb/nPASqu14lA/gKg57s9bq/4/1Dh2ZehEJAQAAAPvu1/8zJ8+8+h//mxT5evW+/K2Z2cb4YacFAAAA7KPq43pvlHcD5dTXU3j+DwAAAC+bovqOXZFkKMPNqfVvQnkRAAAAAF4S1fv/51IMP1vg+T8AAAC8ZHr/xn7PiGI09eYP+9cfNCMftCKac8XQrZnZxtjUwuw7E7lU/cpA9U2DbaX1JcVA9fWDt3K+GXV+qHk/9KzEss7BMmpi7J2JvJULrR0ZebO8e3OkQ+RkM/IbzchvtEf2ZVPklTISAF52F3boj3fb/7+V0WbE6Nmqy+8/u6kP7qt61nE9KwAcFRtj7Px/a0izDv3/ueZvA5zr1v//1vrwPx2e/5cRr+bhcPMjBWP5ft7Lah5kNK1PHAx3KnV9NILmxxBGe7waMNT6yMLPr9Uyuu31gMGNfW2PXclkRju+ItBWbrGew5VmXN9BHQUAeLEu7NgPr/f/1YvkXfv/0Z2f/7f1uT5SCABHwcYI9s87Mbz74MPeRwBgM700AAAAAAAAAAAAAAAAAAAAAAAAAAAA7L9d/YD/f11KVldXkr0OFtBh4uf//q+/0jXmJyeSwefJcOeJWvYn56M/0ZfksGr/dp57q/IYH5WH7mWaKJ5UDfZzlXPIFyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeiCLp67S8lhxPMp7k8ovP6uA8OewE9kt9b5sVT/M0H+TkfqcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBl1/r9/1qa9yeai9JfSy4muZ/k9w87x+cx2GP90xeUx9HzR9Xftt//ryUDWSvSn7W1tbWkGJiaXlyYK0+F4ni5/rOPP/movHUt8kfrE9tHVSgLKGvYNLhEq4a2JQObt/pqtdXQ9Mr7j//svT+pT9+sTsyby7dmp+duL/7Os8DXip82h0BoHwZhPd+/uPhvf9O2+Fir8p+mv9uObK33VlXv9PZ6f63T1l3q3YVHqyuTZU3LjXeX//yPa+2rXs355M2RZGRzTX9Y3sqaiu3Fnd/6eG5W/KL4q+Jk/j73q+NfPhrFWlEeolPV/n/l4aPVlbHvv7f6YCOnHz36oK2A0xlO8mBzK2vPqUOlw+mQaNOJqtaBstbxKqj8c6ZHeTtqK3Hi2eO6aR++Wp0yQ8+1D/Xu+1Dp8bi3MrqyNaO1spH87Z9+LZd2PNLHO5R4qUeNHRW/KP6nuJP/zl+2jf9RK4//xXRsnR2KqCKrM2VbYyo2Lak1I6s9n2xf8d2t23VtlRyAn+QP8tsbx79WXf/b281kl3azcT36dtvCLu1mvWl1aRfHN7fUbe2ipVe72N5S/+nUth5lc605s6VHal19um3TyvNMM6pLnr+abyX9Z5/rivKtHleUXtvvtf3/QzGS/8sT4/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHX5H0dVpeSy4mOZ3kVDlfT9a2xjzZQ321oWIvae6bveT8xVN03dHiaZ7mg5x80RkBAAAAAAAAcDBuTn/28Scflbfq/fi+/Eattaae9Cc5XfzdwNT04sJcj4IGkvvrb+kPdg7psjj3yz+vPJv/tJx7vUd9h/vxAQD4QvtlAAAA///Ynm1o") syz_open_dev$evdev(0x0, 0x9a52, 0x600002) open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000002000000"], 0x8840) 51.548974994s ago: executing program 0 (id=1102): unshare(0x480) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100000051d833483cc75dd6900000000000000004000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319e2e66d0998a61d7da0c86d70000001010"], 0x10b8}, 0x24040050) 49.91601781s ago: executing program 32 (id=1102): unshare(0x480) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) r0 = socket$kcm(0x21, 0x2, 0x2) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[@ANYBLOB="1800000000000000100100000100000051d833483cc75dd6900000000000000004000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319e2e66d0998a61d7da0c86d70000001010"], 0x10b8}, 0x24040050) 5.509382837s ago: executing program 2 (id=1361): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000240)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000005"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x18, &(0x7f0000000300)={0x20, 0x4ad7baf1d1b6e9ee, 0x3, "f40b50"}, 0x0, 0x0, 0x0, 0x0}) socket$key(0xf, 0x3, 0x2) 5.049204745s ago: executing program 4 (id=1364): r0 = socket$inet6(0xa, 0x3, 0x88) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0xffffffff, @mcast1, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff020000000000000000000000000001"], 0x0) 5.043470315s ago: executing program 1 (id=1365): capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb}) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000c80), 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) 4.296553301s ago: executing program 4 (id=1367): syz_mount_image$msdos(&(0x7f0000000740), &(0x7f0000000a80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000840)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f74732c6e6f646f74732c646f74732c6e6f646f74732c6e6f646f74732c71756965742c6e6f646f74732c666c7573682c756d61736b3d30303030303030303030303030303030303030303030302c646f74732c646f74732c756d61736b3d30303030303030303030303030303030303037373737372c6e66732c646f74732c747a3d5554432c646f74732c646f74732c6e6f636173652c7379735f696d6d757461626c652c646f74732c00f8a7354494367fe599abb0e9fee8f6cdbd4415cc7bc52b6352f54afc78e51de6b37ae8efbdfe1689a174697f9528b4217d017a472c4c8e00a5cdd06438f130234c66db3e61a4ea6b90f67ddc19c74c6ac93054e1668cf0ff55fdebea678f16269706271797abeebc6b043e549356dfa4c7e8b4e091a7a6cfc601e4e66e509afea6dcc9d274ab27afd6f183050075b86a3ffc8dfcd249c141fd90a5331224d62867d9b87a8e7d0cf56567584e7adde32f223d2a9bd69b39c51152b3a827f49a0f7e23d51ac4128630c7668a0b38090b5c86636aee6face102356400fbbd"], 0xfd, 0x1c6, &(0x7f0000001280)="$eJzs3TGL02AYB/Cn8bz2nG4TRCHg4nSon+BEThADgtJBJ4XT5U4Eb4ku7cfwA/oBpFMXidSkjY0ItZhEe7/f0if9522fl9K0S5++uvnu7PT9xdsv1z/HaDSI5DiOYz6Iw0hiaRoAwC6ZF0V8LUp99wIAdGODz/9vHbcEALTs+YuXTx5k2cmzNImI2TQf5+PytswfPc5O7qY/HNarZnk+vrLK76XN7w6L/Gpcq/L75fp0Pd+PO7fLfJE9fJo18mGctrt1AAAAAAAAAAAAAAAAAAAAAADoza1ozuaJtfk+R0fpUjX/56DKy6Of5gM15vfsxY296rAeD1RM2t4QAAAAAAAAAAAAAAAAAAAA/IcuPn46e31+/uZDXQwjYv2ePykG1QNvubzrIol/og3FXy3S30WTbl/uLd8F+xHRVmPzoig2Orm+Rgz7ujgBAAAAAAAAAAAAAAAAAMAlU//o99ds1EdDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCD+v//tygmEbHByasnO+h1qwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyw7wEAAP//6S009g==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000)) rename(&(0x7f0000000000)='./bus/file0\x00', &(0x7f0000000080)='./file0\x00') 4.024695975s ago: executing program 1 (id=1370): syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x1014800, &(0x7f0000000c80)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYRES16, @ANYBLOB="0cbd5b5353912a879413ea41a5629122f6276e175b189b44b947b5ed8f34c9675196c7f420a9b4778c892a009b17763f4dbda6a421bf154a20ef7653d70337286d09a41d27fbb619ff647f585a8577dd9c318e307ee0e9c3328c5093134a7c98153b0d68aba22a65e8773fad07b59a0c5437e47d4255e1e8658b9b5a0cf45c27f88d87d58476713ea75cc39cdeb6036614e0b73cfbcd4f9243e2124d8ff5112db88857c7b69007b6ff5355f42dac04033a790725615a827b96542e64ad60984b7626cc74628d2d76b1f32df646d70aa036bc7d42fd", @ANYRESDEC, @ANYRESOCT=0x0, @ANYBLOB="d435d9afbeca2782ae19ed8bd41575ea7d9c9874c548e8a3b6d356a39d4518f41339a72ccd509df9e4d9d79abcc2f6da6768bd4f40d0beffba62fb5009c1e93fd4fe41778354a47dc025c852e30590bfb3cccdb6c83b0fdb27f16f03d72df1eac33d4948589efe30db71a5f7e31a303bf4ed9f3125c0a7aa0008ddaa", @ANYRESDEC], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=") creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) mknod$loop(&(0x7f00000008c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 3.251734371s ago: executing program 2 (id=1372): mkdir(&(0x7f0000000000)='./file0\x00', 0x18b) prctl$PR_SET_SECUREBITS(0x1c, 0x1d) setuid(0xee01) removexattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000240)=@known='system.posix_acl_access\x00') 3.177119642s ago: executing program 3 (id=1374): creat(&(0x7f0000000080)='./file0\x00', 0xecf86c37d53049cc) r0 = getpid() r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)=[0x1], 0x0, 0x0, 0x85, 0x1, r0}}, 0x40) 3.069012804s ago: executing program 4 (id=1375): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0xe7edd000) getrandom(&(0x7f0000000240)=""/278, 0x12c, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19) 2.73337202s ago: executing program 2 (id=1376): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x7}, @TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x5}]}}]}, 0x44}}, 0x0) 2.720617726s ago: executing program 3 (id=1377): openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) io_setup(0x6, &(0x7f0000000540)=0x0) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r1, 0x0}]) 2.659928845s ago: executing program 5 (id=1378): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DIRECTION={0x5, 0x3, 0x1}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x15}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000) syz_emit_ethernet(0x66, &(0x7f00000002c0)={@random="cf702e8cf675", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x30, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev, @dev, [{0x2, 0x1, "703b744dc5c6"}]}}}}}}, 0x0) 2.591392406s ago: executing program 1 (id=1379): mkdir(&(0x7f0000000080)='./file1\x00', 0x0) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) setsockopt(r0, 0x84, 0x83, &(0x7f0000000080)="1a00000002000000", 0x8) 2.221922954s ago: executing program 3 (id=1380): r0 = socket(0x28, 0x801, 0x0) connect$vsock_stream(r0, &(0x7f0000000880), 0x10) shutdown(r0, 0x1) connect$vsock_stream(r0, 0x0, 0x0) 2.205856951s ago: executing program 2 (id=1381): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp6=r1}, @IFLA_GTP_FD1={0x8, 0x2, @udp6}]}}}]}, 0x40}, 0x1, 0xba01}, 0x0) 2.10115471s ago: executing program 5 (id=1382): syz_mount_image$fuse(0x0, &(0x7f0000000100)='./file0\x00', 0x40, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x69d3046c874ef0cb, 0x0, 0x6, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]}) getxattr(&(0x7f0000000000)='./bus/../file0\x00', &(0x7f00000000c0)=@random={'osx.', 'GPL\x00'}, 0x0, 0x0) 1.903590324s ago: executing program 1 (id=1383): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00') read$FUSE(r1, &(0x7f00000007c0)={0x2020}, 0x2020) 1.746690159s ago: executing program 2 (id=1384): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000001000000070000000c"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x18) clock_getres(0xfffffffffffffff5, 0x0) 1.686499503s ago: executing program 4 (id=1385): ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x0, 0x0, 0x0}, 0x94) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x802c550a, &(0x7f0000000000)=ANY=[]) 1.633999807s ago: executing program 3 (id=1386): r0 = socket$inet6_sctp(0xa, 0x801, 0x84) sendmmsg$inet6(r0, &(0x7f0000000d00)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x11}, 0xfffffffc}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000300)="bc", 0x1}], 0x1}}], 0x1, 0x4) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000a80)={0x40, 0x2, 0xa, 0x20, 0x1, 0x1, 0x9, 0x97, 0x3, 0xa2, 0x4, 0xdc, 0x4, 0x8}, 0xe) 1.508100747s ago: executing program 5 (id=1387): mkdir(&(0x7f00000002c0)='./file0\x00', 0x2) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x80101) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0xc8}}, './file0\x00'}) 1.311847383s ago: executing program 2 (id=1388): r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000300)={0x10, &(0x7f0000000140)=ANY=[@ANYBLOB='@\fB'], 0x0, 0x0}) r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402) ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000180)={0x1, 0x2, 0x2, &(0x7f0000000040)={0x10, "c4c1f7b51030c4b7c54b290000003aa80000000000000000fd00707b200500"}}) 1.136635855s ago: executing program 3 (id=1389): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x201, 0xe4340000, 0x0, {0x0, 0x0, 0x8}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x100}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x81}, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x6}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 1.088483921s ago: executing program 1 (id=1390): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ac0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)={0x28, r1, 0x1, 0x70bd24, 0x25dfdbfc, {}, [@IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}, @IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x20004040) 968.931193ms ago: executing program 5 (id=1391): r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000000c0)=0x31) r1 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0x0) ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f00000000c0)=0x31) 923.801616ms ago: executing program 4 (id=1392): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={0x0, @in6={{0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, 0xbdc}}, 0x2, 0x7}, 0x90) 720.021452ms ago: executing program 3 (id=1393): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x4, 0x3032, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2}) 641.42528ms ago: executing program 5 (id=1394): r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x15) setuid(0xee00) pwritev(r0, &(0x7f0000000400)=[{&(0x7f0000000140)="ec", 0x1}], 0x1, 0x9, 0x26d0d5f1) 387.870531ms ago: executing program 1 (id=1395): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@uuid_off}]}) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file3\x00', 0x42, 0x0) 152.360306ms ago: executing program 5 (id=1396): setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000000)={0x2, 0x5, 0x4, 0x20, 0x80, 0x3, 0xd, 0x3, 0x2, 0x31, 0xa2, 0xb, 0x81, 0x84}, 0x8) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) write$cgroup_subtree(r0, &(0x7f0000000000), 0xfe3a) 0s ago: executing program 4 (id=1397): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafbd63e"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={r1}, 0x4) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r2, 0xffffffffffffffff, 0x17, 0x0, @val=@tcx={@void, @value=r2}}, 0x1c) kernel console output (not intermixed with test programs): idge_slave_0) entered disabled state [ 209.204938][ T5827] bridge_slave_0: entered allmulticast mode [ 209.214702][ T5827] bridge_slave_0: entered promiscuous mode [ 209.244171][ T5812] team0: Port device team_slave_1 added [ 209.479879][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 209.487668][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 209.496836][ T5827] bridge_slave_1: entered allmulticast mode [ 209.506245][ T5827] bridge_slave_1: entered promiscuous mode [ 209.539522][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 209.546875][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.573317][ T5812] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 209.822347][ T5812] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 209.831225][ T5812] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 209.858888][ T5812] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 209.920645][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state [ 209.930616][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.938877][ T5819] bridge_slave_0: entered allmulticast mode [ 209.948364][ T5819] bridge_slave_0: entered promiscuous mode [ 209.966237][ T49] Bluetooth: hci2: command tx timeout [ 209.971879][ T49] Bluetooth: hci0: command tx timeout [ 209.979142][ T49] Bluetooth: hci1: command tx timeout [ 210.008123][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.018011][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.026161][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.033872][ T5819] bridge_slave_1: entered allmulticast mode [ 210.043853][ T5819] bridge_slave_1: entered promiscuous mode [ 210.135792][ T5814] Bluetooth: hci3: command tx timeout [ 210.135873][ T49] Bluetooth: hci4: command tx timeout [ 210.197185][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.423689][ T5819] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.529189][ T5812] hsr_slave_0: entered promiscuous mode [ 210.539712][ T5812] hsr_slave_1: entered promiscuous mode [ 210.559373][ T5819] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 210.654104][ T5827] team0: Port device team_slave_0 added [ 210.744035][ T5813] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.751900][ T5813] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.759798][ T5813] bridge_slave_0: entered allmulticast mode [ 210.769632][ T5813] bridge_slave_0: entered promiscuous mode [ 210.830343][ T5827] team0: Port device team_slave_1 added [ 210.883095][ T5819] team0: Port device team_slave_0 added [ 210.891339][ T5813] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.898991][ T5813] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.906774][ T5813] bridge_slave_1: entered allmulticast mode [ 210.916737][ T5813] bridge_slave_1: entered promiscuous mode [ 210.967937][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.975888][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.983547][ T5824] bridge_slave_0: entered allmulticast mode [ 210.993022][ T5824] bridge_slave_0: entered promiscuous mode [ 211.073443][ T5819] team0: Port device team_slave_1 added [ 211.124036][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 211.131731][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.139723][ T5824] bridge_slave_1: entered allmulticast mode [ 211.149848][ T5824] bridge_slave_1: entered promiscuous mode [ 211.336248][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.343430][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.369838][ T5819] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.438649][ T5813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.491866][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 211.499251][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.525939][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 211.558394][ T5819] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.565830][ T5819] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.592672][ T5819] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.625079][ T5813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.646425][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 211.658596][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 211.666091][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 211.692409][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 211.811940][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.986403][ T5813] team0: Port device team_slave_0 added [ 212.055793][ T5814] Bluetooth: hci1: command tx timeout [ 212.061463][ T5814] Bluetooth: hci0: command tx timeout [ 212.067243][ T5814] Bluetooth: hci2: command tx timeout [ 212.098709][ T5824] team0: Port device team_slave_0 added [ 212.116186][ T5813] team0: Port device team_slave_1 added [ 212.134713][ T5824] team0: Port device team_slave_1 added [ 212.205640][ T49] Bluetooth: hci3: command tx timeout [ 212.211482][ T49] Bluetooth: hci4: command tx timeout [ 212.496420][ T5819] hsr_slave_0: entered promiscuous mode [ 212.507203][ T5819] hsr_slave_1: entered promiscuous mode [ 212.516259][ T5819] debugfs: 'hsr0' already exists in 'hsr' [ 212.522220][ T5819] Cannot create hsr debugfs directory [ 212.581078][ T5827] hsr_slave_0: entered promiscuous mode [ 212.591526][ T5827] hsr_slave_1: entered promiscuous mode [ 212.600999][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 212.607098][ T5827] Cannot create hsr debugfs directory [ 212.666473][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.673607][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.700141][ T5813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.718569][ T5813] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.727450][ T5813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.755101][ T5813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 212.809291][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 212.816650][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.842916][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 212.859930][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 212.867346][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 212.893779][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 213.551526][ T5824] hsr_slave_0: entered promiscuous mode [ 213.562137][ T5824] hsr_slave_1: entered promiscuous mode [ 213.571311][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 213.577455][ T5824] Cannot create hsr debugfs directory [ 213.623837][ T5813] hsr_slave_0: entered promiscuous mode [ 213.634389][ T5813] hsr_slave_1: entered promiscuous mode [ 213.643503][ T5813] debugfs: 'hsr0' already exists in 'hsr' [ 213.649763][ T5813] Cannot create hsr debugfs directory [ 213.873758][ T5812] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 214.001014][ T5812] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 214.125679][ T5814] Bluetooth: hci2: command tx timeout [ 214.131405][ T5814] Bluetooth: hci0: command tx timeout [ 214.137221][ T5814] Bluetooth: hci1: command tx timeout [ 214.162527][ T5812] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 214.202433][ T5812] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 214.290403][ T5814] Bluetooth: hci4: command tx timeout [ 214.304157][ T5820] Bluetooth: hci3: command tx timeout [ 214.961272][ T5819] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 215.061646][ T5819] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 215.125026][ T5819] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 215.190779][ T5819] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 215.320660][ T5827] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 215.361290][ T5827] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 215.534558][ T5813] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 215.558681][ T5827] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 215.591055][ T5827] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 215.676801][ T5813] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 215.730524][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 215.802585][ T5813] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 215.841200][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 215.867260][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 215.894599][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 215.948659][ T5813] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 216.308167][ T5812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.629436][ T5812] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.714451][ T3981] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.722186][ T3981] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.828041][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.849807][ T3981] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.857473][ T3981] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.129445][ T5819] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.291114][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.317477][ T3617] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.325171][ T3617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 217.457714][ T5812] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 217.514771][ T3617] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.522533][ T3617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.554270][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.762220][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.848054][ T5813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 217.882256][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 217.928596][ T3617] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.936270][ T3617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.054548][ T5819] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 218.065846][ T5819] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 218.109084][ T3617] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.116738][ T3617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.133260][ T3617] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.140949][ T3617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.254570][ T5813] 8021q: adding VLAN 0 to HW filter on device team0 [ 218.376842][ T3617] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.384408][ T3617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 218.674475][ T5824] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 218.686370][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 218.724584][ T5827] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 218.735908][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 218.771700][ T3617] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.779381][ T3617] bridge0: port 1(bridge_slave_0) entered forwarding state [ 218.823257][ T3617] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.830942][ T3617] bridge0: port 2(bridge_slave_1) entered forwarding state [ 219.014100][ T5813] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 219.024832][ T5813] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 220.098932][ T5812] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.523065][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.860706][ T5812] veth0_vlan: entered promiscuous mode [ 221.018258][ T5812] veth1_vlan: entered promiscuous mode [ 221.302588][ T5819] veth0_vlan: entered promiscuous mode [ 221.434080][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.502568][ T5813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.519314][ T5819] veth1_vlan: entered promiscuous mode [ 221.584396][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.614842][ T5812] veth0_macvtap: entered promiscuous mode [ 221.700828][ T5812] veth1_macvtap: entered promiscuous mode [ 221.994772][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.026573][ T5819] veth0_macvtap: entered promiscuous mode [ 222.149695][ T5812] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.165609][ T5819] veth1_macvtap: entered promiscuous mode [ 222.319274][ T3713] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.343905][ T5813] veth0_vlan: entered promiscuous mode [ 222.373241][ T5824] veth0_vlan: entered promiscuous mode [ 222.405151][ T3713] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.470252][ T3713] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.546300][ T5813] veth1_vlan: entered promiscuous mode [ 222.579497][ T5824] veth1_vlan: entered promiscuous mode [ 222.604909][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 222.646048][ T3713] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.734715][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 222.903970][ T4150] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.958711][ T4150] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.040439][ T5824] veth0_macvtap: entered promiscuous mode [ 223.054963][ T4150] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.081350][ T5813] veth0_macvtap: entered promiscuous mode [ 223.116054][ T1155] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.141114][ T5824] veth1_macvtap: entered promiscuous mode [ 223.164743][ T5813] veth1_macvtap: entered promiscuous mode [ 223.391486][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 223.434080][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 223.534834][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 223.551332][ T5813] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 223.663594][ T3713] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.752619][ T3713] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.782442][ T3713] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.831624][ T3713] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.873851][ T3713] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 223.957150][ T3713] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.024219][ T3713] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.086862][ T3713] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 224.934009][ T5827] veth0_vlan: entered promiscuous mode [ 225.101685][ T5827] veth1_vlan: entered promiscuous mode [ 225.492080][ T5827] veth0_macvtap: entered promiscuous mode [ 225.584504][ T5827] veth1_macvtap: entered promiscuous mode [ 225.799535][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 225.988891][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.138627][ T3981] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.182375][ T3981] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.272324][ T3981] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.330736][ T3981] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 230.700953][ T3877] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.710413][ T3877] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.751056][ T5103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.759283][ T5103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 230.974172][ T3617] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.984539][ T3617] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.202425][ T3617] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.211168][ T3617] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.446274][ T4209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.457575][ T4209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 231.559942][ T5819] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 231.583433][ T3617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 231.583546][ T3617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.010355][ T5103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.020101][ T5103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.039876][ T4209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 232.049303][ T4209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 232.923890][ T6006] netem: invalid attributes len -3 [ 232.929493][ T6006] netem: change failed [ 232.973872][ T6003] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'. [ 233.872578][ T5103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 233.880861][ T5103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.280617][ T3877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.289250][ T3877] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.792482][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 234.799600][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 237.346438][ T6056] loop0: detected capacity change from 0 to 2048 [ 237.533018][ T6056] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 237.566851][ T6064] process 'syz.3.29' launched './file1' with NULL argv: empty string added [ 238.927773][ T30] audit: type=1326 audit(1756845942.537:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 239.075431][ T30] audit: type=1326 audit(1756845942.597:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 239.098158][ T30] audit: type=1326 audit(1756845942.597:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 239.120492][ T30] audit: type=1326 audit(1756845942.597:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 239.142739][ T30] audit: type=1326 audit(1756845942.607:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=345 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 239.167695][ T30] audit: type=1326 audit(1756845942.607:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.1.37" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e539 code=0x7ffc0000 [ 240.392359][ T6098] netlink: 8 bytes leftover after parsing attributes in process `syz.3.44'. [ 240.621610][ T6101] loop4: detected capacity change from 0 to 8 [ 240.749071][ T6101] SQUASHFS error: lzo decompression failed, data probably corrupt [ 240.757511][ T6101] SQUASHFS error: Failed to read block 0x91: -5 [ 240.763954][ T6101] SQUASHFS error: Unable to read metadata cache entry [8f] [ 240.772588][ T6101] SQUASHFS error: Unable to read inode 0x11f [ 241.044153][ T6101] capability: warning: `syz.4.46' uses deprecated v2 capabilities in a way that may be insecure [ 241.794563][ T6107] loop3: detected capacity change from 0 to 4096 [ 241.994424][ T6107] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 242.698419][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 242.722581][ T6122] sctp: [Deprecated]: syz.4.54 (pid 6122) Use of int in maxseg socket option. [ 242.722581][ T6122] Use struct sctp_assoc_value instead [ 242.925869][ T6127] Zero length message leads to an empty skb [ 242.983226][ T1614] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 243.010197][ T6128] loop0: detected capacity change from 0 to 512 [ 243.192946][ T6128] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 243.206543][ T6128] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 243.252872][ T1614] usb 3-1: Using ep0 maxpacket: 32 [ 243.306107][ T1614] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 243.315645][ T1614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.377449][ T6128] EXT4-fs (loop0): 1 truncate cleaned up [ 243.387725][ T6128] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 243.410448][ T1614] usb 3-1: config 0 descriptor?? [ 243.486692][ T1614] gspca_main: sunplus-2.14.0 probing 041e:400b [ 243.612491][ T6128] EXT4-fs error (device loop0): ext4_empty_dir:3120: inode #2: block 13: comm syz.0.57: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 244.287610][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 244.325930][ T1614] gspca_sunplus: reg_w_riv err -71 [ 244.331712][ T1614] sunplus 3-1:0.0: probe with driver sunplus failed with error -71 [ 244.457081][ T1614] usb 3-1: USB disconnect, device number 2 [ 245.200606][ T6149] netlink: 80 bytes leftover after parsing attributes in process `syz.0.66'. [ 245.210439][ T6149] netlink: 80 bytes leftover after parsing attributes in process `syz.0.66'. [ 245.476062][ T5872] kernel write not supported for file /input/mouse0 (pid: 5872 comm: kworker/1:5) [ 245.589530][ T6157] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 246.160588][ T6167] netem: incorrect gi model size [ 246.166081][ T6167] netem: change failed [ 246.773587][ T6172] loop1: detected capacity change from 0 to 512 [ 246.931139][ T6175] mkiss: ax0: crc mode is auto. [ 247.089552][ T6172] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 247.176449][ T6172] System zones: 1-12 [ 247.181755][ T6172] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.74: Directory hole found for htree index block 0 [ 247.198224][ T6177] Falling back ldisc for ttyS3. [ 247.268101][ T6172] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 247.276979][ T6172] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.74: Directory hole found for htree index block 0 [ 247.396277][ T6172] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 247.408212][ T6172] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 247.617426][ T6172] EXT4-fs (loop1): shut down requested (1) [ 247.942508][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 248.120507][ T6188] netlink: 4 bytes leftover after parsing attributes in process `syz.0.81'. [ 249.402034][ T6207] netlink: 'syz.0.89': attribute type 1 has an invalid length. [ 250.325108][ T6217] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 250.485210][ T6217] team0: Port device batadv1 added [ 250.566581][ T6221] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 251.522315][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.100'. [ 251.556889][ T6235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.101'. [ 251.610822][ T6235] netlink: 72 bytes leftover after parsing attributes in process `syz.3.101'. [ 251.852772][ T6238] overlayfs: failed lookup in lower (/, name='file0', err=-66): unsupported object type [ 253.634903][ T6262] loop4: detected capacity change from 0 to 256 [ 253.957003][ T6262] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d) [ 256.529449][ T6299] loop2: detected capacity change from 0 to 2048 [ 256.535119][ T6302] loop0: detected capacity change from 0 to 164 [ 256.595784][ T6302] Unable to read rock-ridge attributes [ 256.619224][ T6299] ======================================================= [ 256.619224][ T6299] WARNING: The mand mount option has been deprecated and [ 256.619224][ T6299] and is ignored by this kernel. Remove the mand [ 256.619224][ T6299] option from the mount to silence this warning. [ 256.619224][ T6299] ======================================================= [ 256.737221][ T6302] Unable to read rock-ridge attributes [ 256.822889][ T6299] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 256.939803][ T6299] syz.2.130: attempt to access beyond end of device [ 256.939803][ T6299] loop2: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 256.947119][ T6307] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 257.957845][ T6316] loop3: detected capacity change from 0 to 736 [ 258.531893][ T6325] mmap: syz.1.143 (6325) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 259.260984][ T6336] netlink: 4 bytes leftover after parsing attributes in process `syz.0.148'. [ 259.863920][ T6341] loop1: detected capacity change from 0 to 256 [ 259.963382][ T6341] exfat: Deprecated parameter 'namecase' [ 260.112842][ T6341] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 261.662386][ T6361] loop3: detected capacity change from 0 to 2048 [ 261.837579][ T6361] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=4096, location=4096 [ 261.848279][ T6361] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 261.858943][ T6361] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 261.869384][ T6361] UDF-fs: Scanning with blocksize 512 failed [ 262.146996][ T6361] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 262.155007][ T6361] UDF-fs: Scanning with blocksize 1024 failed [ 262.287202][ T6361] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 262.305775][ T6361] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 262.313695][ T6361] UDF-fs: Scanning with blocksize 2048 failed [ 262.349333][ T6359] loop1: detected capacity change from 0 to 8192 [ 262.448039][ T6361] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 262.557163][ T6361] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 262.567174][ T6361] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 262.575025][ T6361] UDF-fs: Scanning with blocksize 4096 failed [ 262.581519][ T6361] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 263.380978][ T6374] loop0: detected capacity change from 0 to 1024 [ 263.398690][ T6378] syz.4.167 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 263.569521][ T6374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 263.583433][ T6374] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 263.805997][ T30] audit: type=1800 audit(1756845967.417:8): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.166" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 263.832610][ T30] audit: type=1804 audit(1756845967.417:9): pid=6374 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.166" name="/newroot/35/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 264.410365][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 265.707677][ T6409] raw_sendmsg: syz.3.180 forgot to set AF_INET. Fix it! [ 266.326643][ T6417] netlink: 16 bytes leftover after parsing attributes in process `syz.0.184'. [ 266.509350][ T6421] loop2: detected capacity change from 0 to 512 [ 266.619394][ T6421] EXT4-fs: inline encryption not supported [ 266.626218][ T6421] EXT4-fs: Ignoring removed mblk_io_submit option [ 266.734053][ T6421] EXT4-fs (loop2): Test dummy encryption mode enabled [ 266.777203][ T6421] EXT4-fs (loop2): orphan cleanup on readonly fs [ 266.783832][ T6421] EXT4-fs error (device loop2): ext4_orphan_get:1392: comm syz.2.185: inode #13: comm syz.2.185: iget: illegal inode # [ 266.856749][ T6421] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.185: couldn't read orphan inode 13 (err -117) [ 266.928681][ T6421] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 267.096333][ T6421] EXT4-fs: inline encryption not supported [ 267.105847][ T6421] EXT4-fs: Ignoring removed mblk_io_submit option [ 267.233456][ T6421] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 267.260237][ T6421] EXT4-fs error (device loop2): __ext4_remount:6740: comm syz.2.185: Abort forced by user [ 267.355648][ T6421] EXT4-fs (loop2): Remounting filesystem read-only [ 267.362409][ T6421] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 267.754432][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 267.797474][ T6432] Bluetooth: MGMT ver 1.23 [ 268.181259][ T6440] netlink: 28 bytes leftover after parsing attributes in process `syz.2.194'. [ 268.190815][ T6440] netlink: 8 bytes leftover after parsing attributes in process `syz.2.194'. [ 269.019907][ T6450] tipc: Started in network mode [ 269.029694][ T6450] tipc: Node identity ac14140f, cluster identity 4711 [ 269.037715][ T6450] tipc: New replicast peer: 255.255.255.255 [ 269.055538][ T6450] tipc: Enabled bearer , priority 10 [ 269.160992][ T6450] netlink: 12 bytes leftover after parsing attributes in process `syz.2.200'. [ 269.497850][ T6457] dvmrp1: tun_chr_ioctl cmd 2148553947 [ 270.145860][ T5872] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 270.156036][ T1614] tipc: Node number set to 2886997007 [ 270.183486][ T6456] loop3: detected capacity change from 0 to 4096 [ 270.342429][ T6466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.207'. [ 270.352474][ T6466] netlink: 12 bytes leftover after parsing attributes in process `syz.1.207'. [ 270.362211][ T6466] netlink: 'syz.1.207': attribute type 13 has an invalid length. [ 270.400925][ T5872] usb 1-1: Using ep0 maxpacket: 16 [ 270.437598][ T5872] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 270.449572][ T5872] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 270.463054][ T5872] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00 [ 270.472521][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.658712][ T5872] usb 1-1: config 0 descriptor?? [ 271.120237][ T6468] loop4: detected capacity change from 0 to 2048 [ 271.272816][ T5872] playstation 0003:054C:0DF2.0001: hidraw0: USB HID v0.09 Device [HID 054c:0df2] on usb-dummy_hcd.0-1/input0 [ 271.352580][ T6456] ntfs3(loop3): ino=9, attr_set_size [ 271.388609][ T5872] playstation 0003:054C:0DF2.0001: Invalid reportID received, expected 9 got 0 [ 271.399132][ T5872] playstation 0003:054C:0DF2.0001: Failed to retrieve DualSense pairing info: -22 [ 271.413974][ T5872] playstation 0003:054C:0DF2.0001: Failed to get MAC address from DualSense [ 271.424469][ T5872] playstation 0003:054C:0DF2.0001: Failed to create dualsense. [ 271.518686][ T6468] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 271.534639][ T5872] playstation 0003:054C:0DF2.0001: probe with driver playstation failed with error -22 [ 271.688261][ T5872] usb 1-1: USB disconnect, device number 2 [ 272.443965][ T6474] fido_id[6474]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 272.618004][ T30] audit: type=1326 audit(1756845976.227:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 272.646606][ T30] audit: type=1326 audit(1756845976.227:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 272.936780][ T30] audit: type=1326 audit(1756845976.397:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 272.958804][ C0] vkms_vblank_simulate: vblank timer overrun [ 272.973399][ T30] audit: type=1326 audit(1756845976.407:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 272.995888][ T30] audit: type=1326 audit(1756845976.407:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 273.018491][ T30] audit: type=1326 audit(1756845976.407:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fe1567 code=0x7ffc0000 [ 273.040510][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.057112][ T30] audit: type=1326 audit(1756845976.407:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 273.080184][ T30] audit: type=1326 audit(1756845976.407:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 273.102475][ T30] audit: type=1326 audit(1756845976.407:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=173 compat=1 ip=0xf7fe1567 code=0x7ffc0000 [ 273.124501][ C0] vkms_vblank_simulate: vblank timer overrun [ 273.131750][ T30] audit: type=1326 audit(1756845976.417:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6480 comm="syz.3.212" exe="/root/syz-executor" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 273.489329][ T6493] sp0: Synchronizing with TNC [ 274.410293][ T6505] netlink: 'syz.0.223': attribute type 7 has an invalid length. [ 276.948664][ T6545] loop3: detected capacity change from 0 to 1764 [ 277.741073][ T6557] netlink: 16 bytes leftover after parsing attributes in process `syz.3.248'. [ 277.796897][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.249'. [ 277.807811][ T6561] netlink: 34 bytes leftover after parsing attributes in process `syz.1.249'. [ 277.992261][ T6565] input: syz0 as /devices/virtual/input/input5 [ 278.314036][ T6569] loop1: detected capacity change from 0 to 128 [ 278.423145][ T6569] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 278.999757][ T4150] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 279.530447][ T6589] loop4: detected capacity change from 0 to 512 [ 279.659483][ T6589] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 279.684125][ T6589] EXT4-fs (loop4): orphan cleanup on readonly fs [ 279.708093][ T6589] __quota_error: 37 callbacks suppressed [ 279.708184][ T6589] Quota error (device loop4): find_block_dqentry: Quota for id 0 referenced but not present [ 279.725749][ T6589] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 279.735634][ T6589] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.264: Failed to acquire dquot type 1 [ 279.773895][ T6589] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.264: bg 0: block 40: padding at end of block bitmap is not set [ 279.865601][ T6589] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 279.887450][ T6589] EXT4-fs (loop4): 1 truncate cleaned up [ 279.896531][ T6589] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 280.101728][ T6601] netlink: 24 bytes leftover after parsing attributes in process `syz.1.268'. [ 280.408303][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 282.636379][ T6639] loop2: detected capacity change from 0 to 1024 [ 282.686004][ T6639] EXT4-fs: Ignoring removed orlov option [ 282.860220][ T6639] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 283.321064][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.484179][ T6653] loop1: detected capacity change from 0 to 4096 [ 283.576230][ T6653] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512). [ 283.763850][ T6660] loop3: detected capacity change from 0 to 512 [ 285.908784][ T6689] netlink: 'syz.4.303': attribute type 4 has an invalid length. [ 285.957293][ T6687] pimreg: tun_chr_ioctl cmd 1074812117 [ 286.128715][ T6691] netlink: 20 bytes leftover after parsing attributes in process `syz.3.304'. [ 286.972685][ T6707] loop0: detected capacity change from 0 to 512 [ 287.001048][ T6707] EXT4-fs: Ignoring removed nobh option [ 287.020666][ T6707] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 287.120180][ T6707] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.311: iget: bad i_size value: 38620345925642 [ 287.145426][ T6707] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.311: couldn't read orphan inode 15 (err -117) [ 287.169142][ T6707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 287.433856][ T6717] loop2: detected capacity change from 0 to 512 [ 287.466554][ T6717] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 287.561906][ T6717] EXT4-fs (loop2): 1 truncate cleaned up [ 287.570298][ T6717] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 287.660855][ T30] audit: type=1800 audit(1756845991.277:57): pid=6717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.314" name="file3" dev="loop2" ino=16 res=0 errno=0 [ 287.682188][ T30] audit: type=1804 audit(1756845991.287:58): pid=6717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.314" name="/newroot/61/file1/file2" dev="loop2" ino=16 res=1 errno=0 [ 287.703943][ C0] vkms_vblank_simulate: vblank timer overrun [ 287.965065][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.038817][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 288.491270][ T6734] loop4: detected capacity change from 0 to 64 [ 288.675780][ T6734] hfs: request for non-existent node 24 in B*Tree [ 288.682417][ T6734] hfs: request for non-existent node 24 in B*Tree [ 288.750719][ T30] audit: type=1326 audit(1756845992.377:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.772722][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.782721][ T30] audit: type=1326 audit(1756845992.407:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.804750][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.817438][ T30] audit: type=1326 audit(1756845992.417:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.839426][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.848042][ T30] audit: type=1326 audit(1756845992.417:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.870191][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.877552][ T30] audit: type=1326 audit(1756845992.417:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.899922][ T30] audit: type=1326 audit(1756845992.427:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.921789][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.933915][ T30] audit: type=1326 audit(1756845992.427:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.955927][ C0] vkms_vblank_simulate: vblank timer overrun [ 288.964512][ T30] audit: type=1326 audit(1756845992.427:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6735 comm="syz.3.324" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe1539 code=0x7ffc0000 [ 288.986569][ C0] vkms_vblank_simulate: vblank timer overrun [ 289.352415][ T6745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.328'. [ 289.554081][ T6748] loop4: detected capacity change from 0 to 512 [ 289.749229][ T5872] kernel write not supported for file /adsp1 (pid: 5872 comm: kworker/1:5) [ 290.007932][ T6757] loop1: detected capacity change from 0 to 22 [ 290.060241][ T6757] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 291.017442][ T5872] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 291.220024][ T5872] usb 5-1: config index 0 descriptor too short (expected 65248, got 72) [ 291.283340][ T5872] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 291.293017][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.301599][ T5872] usb 5-1: Product: syz [ 291.306219][ T5872] usb 5-1: Manufacturer: syz [ 291.311055][ T5872] usb 5-1: SerialNumber: syz [ 291.437860][ T5872] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 291.658935][ T6779] loop2: detected capacity change from 0 to 512 [ 291.705468][ T24] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 291.947930][ T6781] tun0: tun_chr_ioctl cmd 2147767520 [ 292.082266][ T6785] netlink: 8 bytes leftover after parsing attributes in process `syz.0.346'. [ 292.099352][ T6785] netlink: 'syz.0.346': attribute type 5 has an invalid length. [ 292.434903][ T1614] usb 5-1: USB disconnect, device number 2 [ 293.095682][ T24] usb 5-1: Service connection timeout for: 256 [ 293.102261][ T24] ath9k_htc 5-1:1.0: ath9k_htc: Unable to initialize HTC services [ 293.118504][ T24] ath9k_htc: Failed to initialize the device [ 293.182333][ T1614] usb 5-1: ath9k_htc: USB layer deinitialized [ 293.877765][ T6810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.360'. [ 293.937790][ T6810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.360'. [ 295.082296][ T6833] netlink: 5 bytes leftover after parsing attributes in process `syz.2.368'. [ 295.097130][ T6833] 0ªî{X¹¦: renamed from gretap0 (while UP) [ 295.360376][ T6833] 0ªî{X¹¦: entered allmulticast mode [ 295.372179][ T6833] A link change request failed with some changes committed already. Interface 30ªî{X¹¦ may have been left with an inconsistent configuration, please check. [ 296.222105][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 296.229175][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 296.360249][ T6851] warning: `syz.0.378' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 296.874028][ T6862] loop3: detected capacity change from 0 to 128 [ 296.924393][ T6863] loop1: detected capacity change from 0 to 256 [ 296.940673][ T6861] loop0: detected capacity change from 0 to 128 [ 296.983176][ T6863] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 296.994774][ T6863] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 297.134869][ T6863] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 298.212258][ T6884] loop1: detected capacity change from 0 to 128 [ 298.386596][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 298.386684][ T30] audit: type=1800 audit(1756846001.937:70): pid=6884 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.392" name="file2" dev="loop1" ino=1048610 res=0 errno=0 [ 298.422355][ T6884] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 298.430951][ T6884] FAT-fs (loop1): Filesystem has been set read-only [ 298.440755][ T6884] syz.1.392: attempt to access beyond end of device [ 298.440755][ T6884] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 298.455735][ T6884] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 298.463804][ T6884] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 298.516981][ T6884] syz.1.392: attempt to access beyond end of device [ 298.516981][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.532132][ T6884] syz.1.392: attempt to access beyond end of device [ 298.532132][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.657878][ T6884] syz.1.392: attempt to access beyond end of device [ 298.657878][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.709348][ T6884] syz.1.392: attempt to access beyond end of device [ 298.709348][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.806041][ T6884] syz.1.392: attempt to access beyond end of device [ 298.806041][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.896012][ T6884] syz.1.392: attempt to access beyond end of device [ 298.896012][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.910201][ T6884] syz.1.392: attempt to access beyond end of device [ 298.910201][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 298.963266][ T6896] loop3: detected capacity change from 0 to 128 [ 299.048118][ T6884] syz.1.392: attempt to access beyond end of device [ 299.048118][ T6884] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 299.122435][ T6896] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 299.149841][ T6896] ext4 filesystem being mounted at /80/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 299.480028][ T5824] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 299.718956][ T6910] netlink: 8 bytes leftover after parsing attributes in process `syz.1.402'. [ 299.748084][ T6910] macvlan2: entered allmulticast mode [ 299.753786][ T6910] veth1_vlan: entered allmulticast mode [ 299.794736][ T6908] loop2: detected capacity change from 0 to 1024 [ 299.993362][ T6914] overlayfs: workdir and upperdir must be separate subtrees [ 300.307381][ T6916] netlink: 8 bytes leftover after parsing attributes in process `syz.4.405'. [ 300.317639][ T6916] netlink: 4 bytes leftover after parsing attributes in process `syz.4.405'. [ 300.605978][ T6921] loop1: detected capacity change from 0 to 512 [ 300.666364][ T6921] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 300.717071][ T6924] tap0: tun_chr_ioctl cmd 2148553947 [ 300.867832][ T6921] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 300.881362][ T6921] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 301.241811][ T6937] EXT4-fs error (device loop1): __ext4_new_inode:1279: comm syz.1.407: failed to insert inode 16: doubly allocated? [ 301.572249][ T6942] netlink: 4 bytes leftover after parsing attributes in process `syz.4.415'. [ 301.633044][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 303.393652][ T6953] sctp: failed to load transform for md5: -2 [ 303.618615][ T6939] syz.0.413 (6939): drop_caches: 2 [ 304.064045][ T6968] netlink: 84 bytes leftover after parsing attributes in process `syz.2.425'. [ 305.538620][ T6994] IPVS: dh: FWM 3 0x00000003 - no destination available [ 305.552202][ T1614] IPVS: starting estimator thread 0... [ 305.666393][ T6995] IPVS: using max 192 ests per chain, 9600 per kthread [ 306.500818][ T7005] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 306.510686][ T7005] FAT-fs (loop1): unable to read boot sector [ 306.569333][ T7007] loop3: detected capacity change from 0 to 256 [ 306.621209][ T7007] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 306.644091][ T7007] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 306.861291][ T7007] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 307.095016][ T7007] exFAT-fs (loop3): error, invalid access to FAT (entry 0xffffffff) [ 307.108136][ T7007] exFAT-fs (loop3): Filesystem has been set read-only [ 307.171044][ T7007] exFAT-fs (loop3): error, invalid access to FAT (entry 0xffffffff) [ 307.216002][ T7007] exFAT-fs (loop3): error, invalid access to FAT (entry 0xffffffff) [ 307.418684][ T7019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.448'. [ 307.944033][ T7029] loop3: detected capacity change from 0 to 64 [ 307.970395][ T7030] serio: Serial port ttyS3 [ 309.186672][ T7048] ALSA: mixer_oss: invalid OSS volume '' [ 309.988553][ T7064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.470'. [ 310.002239][ T7057] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.067642][ T7067] netlink: 2 bytes leftover after parsing attributes in process `syz.4.471'. [ 310.567156][ T7075] netlink: 32 bytes leftover after parsing attributes in process `syz.2.475'. [ 310.578754][ T7075] bridge0: port 1(bridge_slave_0) entered disabled state [ 310.987823][ T7081] loop1: detected capacity change from 0 to 128 [ 311.051984][ T7081] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 311.089896][ T7081] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 311.104089][ T7085] loop2: detected capacity change from 0 to 256 [ 311.146835][ T7085] exfat: Deprecated parameter 'utf8' [ 311.152659][ T7085] exfat: Deprecated parameter 'namecase' [ 311.191249][ T7081] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only [ 311.201671][ T7081] overlayfs: failed to get uuid (/file0, err=-95); falling back to uuid=null. [ 311.273347][ T7085] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xc465a08c, utbl_chksum : 0xe619d30d) [ 312.296431][ T7103] Mount JFS Failure: -22 [ 312.303201][ T7103] jfs_mount failed w/return code = -22 [ 312.709013][ T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 312.807525][ T7108] loop3: detected capacity change from 0 to 512 [ 312.925692][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 312.960952][ T24] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 312.970863][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.988195][ T7108] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 313.001607][ T7108] ext4 filesystem being mounted at /98/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 313.008676][ T24] usb 1-1: config 0 descriptor?? [ 313.287028][ T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 313.307327][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 313.359316][ T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 313.367509][ T24] usb 1-1: media controller created [ 313.458041][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 313.537890][ T7105] az6027: more than 2 i2c messages at a time is not handled yet. TODO. [ 313.619710][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.730653][ T24] az6027: usb out operation failed. (-71) [ 313.744848][ T24] az6027: usb out operation failed. (-71) [ 313.751381][ T24] stb0899_attach: Driver disabled by Kconfig [ 313.763586][ T24] az6027: no front-end attached [ 313.763586][ T24] [ 313.791827][ T24] az6027: usb out operation failed. (-71) [ 313.800803][ T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 313.811619][ T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6 [ 313.963033][ T24] dvb-usb: schedule remote query interval to 400 msecs. [ 313.970618][ T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 314.037241][ T24] usb 1-1: USB disconnect, device number 3 [ 314.526742][ T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 316.702491][ T7163] loop2: detected capacity change from 0 to 512 [ 316.910973][ T7163] Quota error (device loop2): v2_read_file_info: Free block number 4294967294 out of range (1, 6). [ 316.922580][ T7163] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 316.943757][ T7163] EXT4-fs (loop2): mount failed [ 317.342681][ T7159] loop0: detected capacity change from 0 to 8192 [ 317.405110][ T7159] msdos: Unknown parameter 'dk' [ 317.786620][ T7181] netlink: 12 bytes leftover after parsing attributes in process `syz.4.519'. [ 318.082245][ T7183] loop3: detected capacity change from 0 to 512 [ 318.150591][ T7183] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 318.285672][ T7183] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.520: invalid indirect mapped block 4294967295 (level 0) [ 318.390444][ T7183] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.520: invalid indirect mapped block 4294967295 (level 1) [ 318.457219][ T7183] EXT4-fs (loop3): 1 orphan inode deleted [ 318.463206][ T7183] EXT4-fs (loop3): 1 truncate cleaned up [ 318.471869][ T7183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 318.764872][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 319.241035][ T7202] netlink: 132 bytes leftover after parsing attributes in process `syz.0.528'. [ 319.993488][ T7216] loop2: detected capacity change from 0 to 512 [ 319.995749][ T7222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.534'. [ 320.062974][ T7216] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 320.180770][ T7216] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 320.220537][ T7216] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 320.275643][ T7216] EXT4-fs (loop2): 1 truncate cleaned up [ 320.283695][ T7216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 320.781955][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 320.795152][ T7231] loop1: detected capacity change from 0 to 1024 [ 320.831759][ T7231] EXT4-fs: Ignoring removed nomblk_io_submit option [ 320.917494][ T7231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 321.439010][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 321.580049][ T7247] geneve2: entered promiscuous mode [ 321.586961][ T7247] geneve2: entered allmulticast mode [ 321.848681][ T7252] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 321.854760][ T7252] syzkaller1: group set to 778 [ 322.470855][ T7261] loop3: detected capacity change from 0 to 512 [ 322.568635][ T7261] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.554: corrupted in-inode xattr: invalid ea_ino [ 322.639462][ T7261] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.554: couldn't read orphan inode 15 (err -117) [ 322.661951][ T7261] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 323.064703][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.482015][ T7278] loop0: detected capacity change from 0 to 8 [ 323.632336][ T7278] SQUASHFS error: Failed to read block 0x4e8: -5 [ 323.639861][ T7278] SQUASHFS error: Failed to read block 0x4de: -5 [ 323.647350][ T7278] SQUASHFS error: Failed to read block 0x4de: -5 [ 323.654506][ T7278] SQUASHFS error: Failed to read block 0x4de: -5 [ 323.697331][ T30] audit: type=1800 audit(1756846027.297:71): pid=7278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.562" name="file1" dev="loop0" ino=5 res=0 errno=0 [ 324.076777][ T7284] loop1: detected capacity change from 0 to 1024 [ 324.153455][ T7286] loop3: detected capacity change from 0 to 256 [ 324.304676][ T7286] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x46ae1815, utbl_chksum : 0xe619d30d) [ 324.318768][ T7286] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186) [ 324.388105][ T7284] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 324.497645][ T7294] netlink: 8 bytes leftover after parsing attributes in process `syz.2.569'. [ 324.507487][ T7294] netlink: 43 bytes leftover after parsing attributes in process `syz.2.569'. [ 324.540021][ T7284] EXT4-fs (loop1): shut down requested (1) [ 324.666747][ T7296] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 324.724767][ T30] audit: type=1326 audit(1756846028.347:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7295 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 324.750431][ T30] audit: type=1326 audit(1756846028.347:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7295 comm="syz.4.570" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x7ffc0000 [ 324.868959][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 325.101804][ T7302] loop3: detected capacity change from 0 to 128 [ 325.233854][ T7302] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 325.241868][ T7302] FAT-fs (loop3): Filesystem has been set read-only [ 325.323739][ T7302] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 325.729954][ T7313] program syz.0.577 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 325.971397][ T7319] netlink: 12 bytes leftover after parsing attributes in process `syz.3.590'. [ 326.147333][ T7322] geneve2: entered promiscuous mode [ 326.152782][ T7322] geneve2: entered allmulticast mode [ 327.256887][ T7332] loop0: detected capacity change from 0 to 4096 [ 327.276419][ T7332] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 327.439314][ T7332] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 327.446476][ T7332] ntfs3(loop0): Failed to initialize $Extend/$Reparse. [ 327.579194][ T4150] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 327.617236][ T7332] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 327.630868][ T7332] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 327.650555][ T7332] ntfs3(loop0): ino=3, ntfs_set_state failed, -22. [ 327.658901][ T4209] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22. [ 327.930459][ T7352] Bluetooth: hci5: Frame reassembly failed (-84) [ 327.937343][ T4209] Bluetooth: hci5: Frame reassembly failed (-84) [ 328.363488][ T7357] loop2: detected capacity change from 0 to 1024 [ 328.677769][ T7364] netlink: 8 bytes leftover after parsing attributes in process `syz.3.599'. [ 328.882169][ T1155] hfsplus: b-tree write err: -5, ino 4 [ 329.007692][ T5822] Bluetooth: hci1: command 0x0406 tx timeout [ 329.010211][ T5113] Bluetooth: hci3: command 0x0406 tx timeout [ 329.014543][ T5822] Bluetooth: hci2: command 0x0406 tx timeout [ 329.021638][ T5113] Bluetooth: hci0: command 0x0406 tx timeout [ 329.409309][ T1155] wlan1: Trigger new scan to find an IBSS to join [ 329.966168][ T7335] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 330.518208][ T7398] loop4: detected capacity change from 0 to 256 [ 330.566176][ T7398] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 330.577867][ T7398] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 330.752050][ T7398] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d) [ 330.759609][ T7405] loop3: detected capacity change from 0 to 512 [ 331.004626][ T7405] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 331.018385][ T7405] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 331.054580][ T7405] EXT4-fs (loop3): shut down requested (1) [ 331.370313][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.153840][ T7428] loop2: detected capacity change from 0 to 512 [ 332.186334][ T7430] netlink: 4 bytes leftover after parsing attributes in process `syz.0.628'. [ 332.218370][ T7428] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 332.251645][ T7430] netlink: 72 bytes leftover after parsing attributes in process `syz.0.628'. [ 332.457850][ T5103] wlan1: Trigger new scan to find an IBSS to join [ 332.671954][ T7434] loop3: detected capacity change from 0 to 256 [ 332.724247][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 332.889446][ T7438] loop0: detected capacity change from 0 to 256 [ 333.037623][ T7438] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a371bfb, utbl_chksum : 0xe619d30d) [ 333.157200][ T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 333.350566][ T24] usb 2-1: Using ep0 maxpacket: 32 [ 333.401518][ T24] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 333.411697][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 333.489681][ T24] usb 2-1: config 0 descriptor?? [ 333.821375][ T24] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 333.865723][ T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 333.888550][ T24] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 333.896210][ T24] usb 2-1: media controller created [ 333.994558][ T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 334.195229][ T24] az6027: usb out operation failed. (-71) [ 334.220260][ T24] az6027: usb out operation failed. (-71) [ 334.226312][ T24] stb0899_attach: Driver disabled by Kconfig [ 334.232717][ T24] az6027: no front-end attached [ 334.232717][ T24] [ 334.329134][ T24] az6027: usb out operation failed. (-71) [ 334.335664][ T24] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat' [ 334.349039][ T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8 [ 334.393315][ T24] dvb-usb: schedule remote query interval to 400 msecs. [ 334.400978][ T24] dvb-usb: Elgato EyeTV Sat successfully initialized and connected. [ 334.474446][ T24] usb 2-1: USB disconnect, device number 2 [ 334.571751][ T5872] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 334.794687][ T5872] usb 1-1: Using ep0 maxpacket: 32 [ 334.869043][ T5872] usb 1-1: config index 0 descriptor too short (expected 35577, got 27) [ 334.877691][ T5872] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 334.886846][ T5872] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 334.898277][ T5872] usb 1-1: config 1 has no interface number 0 [ 334.905475][ T5872] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 334.916847][ T5872] usb 1-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17 [ 334.930920][ T5872] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 334.940480][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.977844][ T24] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected. [ 335.038301][ T5872] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found [ 335.266428][ T5872] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now attached [ 335.360352][ T1614] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 335.557941][ T3948] wlan1: Creating new IBSS network, BSSID 9e:a7:bd:97:e6:49 [ 335.585911][ T1614] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 335.596677][ T1614] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 335.702209][ T1614] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 335.711560][ T1614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 335.720179][ T1614] usb 5-1: SerialNumber: syz [ 335.828562][ T5869] usb 1-1: USB disconnect, device number 4 [ 335.837646][ T5869] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected [ 336.075865][ T1614] usb 5-1: 0:2 : does not exist [ 336.081452][ T1614] usb 5-1: unit 48 not found! [ 336.184203][ T1614] usb 5-1: USB disconnect, device number 3 [ 338.224401][ T7512] loop4: detected capacity change from 0 to 256 [ 338.301540][ T7512] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 338.356341][ T7512] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 338.366555][ T7512] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 338.374811][ T7512] UDF-fs: Scanning with blocksize 512 failed [ 338.458073][ T7512] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 338.500769][ T7512] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 338.676663][ T7522] loop1: detected capacity change from 0 to 512 [ 338.701793][ T7522] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 338.730099][ T7512] loop4: detected capacity change from 0 to 1024 [ 338.813985][ T7522] EXT4-fs (loop1): 1 truncate cleaned up [ 338.822136][ T7522] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.922260][ T7522] fscrypt (loop1, inode 18): Unsupported encryption flags (0x26) [ 339.158291][ T7528] loop0: detected capacity change from 0 to 1024 [ 339.258882][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.059991][ T7539] 8021q: adding VLAN 0 to HW filter on device bond1 [ 340.076785][ T7539] bond0: (slave bond1): Enslaving as an active interface with an up link [ 340.991608][ T7554] netlink: 'syz.1.683': attribute type 3 has an invalid length. [ 341.449709][ T7562] netlink: 88 bytes leftover after parsing attributes in process `syz.2.687'. [ 341.986991][ T7574] netlink: 4 bytes leftover after parsing attributes in process `syz.1.692'. [ 342.089313][ T7574] netlink: 277 bytes leftover after parsing attributes in process `syz.1.692'. [ 342.098824][ T7574] netlink: 277 bytes leftover after parsing attributes in process `syz.1.692'. [ 342.286298][ T7579] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 342.708254][ T7587] loop3: detected capacity change from 0 to 256 [ 342.768628][ T1614] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 343.025369][ T1614] usb 5-1: Using ep0 maxpacket: 16 [ 343.123595][ T1614] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3 [ 343.133503][ T1614] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 343.141755][ T1614] usb 5-1: Product: syz [ 343.146522][ T1614] usb 5-1: Manufacturer: syz [ 343.151324][ T1614] usb 5-1: SerialNumber: syz [ 343.173818][ T1614] usb 5-1: config 0 descriptor?? [ 343.203310][ T7591] loop0: detected capacity change from 0 to 512 [ 343.269254][ T7591] EXT4-fs: Ignoring removed orlov option [ 343.312964][ T7591] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 343.358946][ T7591] EXT4-fs (loop0): orphan cleanup on readonly fs [ 343.413606][ T7591] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.699: bg 0: block 248: padding at end of block bitmap is not set [ 343.491687][ T7591] Quota error (device loop0): write_blk: dquota write failed [ 343.500440][ T7591] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 343.515502][ T7591] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.699: Failed to acquire dquot type 1 [ 343.563141][ T7591] EXT4-fs (loop0): 1 truncate cleaned up [ 343.629839][ T7591] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 343.639410][ T1614] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state. [ 343.699338][ T1614] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 343.725074][ T1614] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T) [ 343.733673][ T1614] usb 5-1: media controller created [ 343.774602][ T7591] EXT4-fs (loop0): shut down requested (2) [ 343.854629][ T1614] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 344.086585][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 344.107384][ T1614] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T' [ 344.116829][ T1614] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected. [ 344.356304][ T5872] usb 5-1: USB disconnect, device number 4 [ 344.715381][ T5872] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected. [ 345.213065][ T7617] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 345.219865][ T7617] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 345.263303][ T7617] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 345.269736][ T7617] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 345.316998][ T7617] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 345.324070][ T7617] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 345.351521][ T7617] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 345.358269][ T7617] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 345.468584][ T7617] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 345.476256][ T7617] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 345.547586][ T7617] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 346.817902][ T7636] loop0: detected capacity change from 0 to 64 [ 347.124667][ T7636] hfs: hfs: Invalid key length: 94 [ 347.409141][ T7335] Bluetooth: hci0: command 0x0406 tx timeout [ 347.441822][ T7335] Bluetooth: hci1: command 0x0406 tx timeout [ 347.526024][ T7335] Bluetooth: hci3: command 0x0406 tx timeout [ 347.532453][ T7335] Bluetooth: hci2: command 0x0406 tx timeout [ 347.673397][ T7335] Bluetooth: hci4: command 0x0c1a tx timeout [ 348.489437][ T7644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.726'. [ 348.913264][ T7649] loop2: detected capacity change from 0 to 512 [ 348.949217][ T7649] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 349.639552][ T7335] Bluetooth: hci0: command 0x0406 tx timeout [ 349.701299][ T7335] Bluetooth: hci1: command 0x0406 tx timeout [ 349.752582][ T7335] Bluetooth: hci2: command 0x0406 tx timeout [ 349.758853][ T7335] Bluetooth: hci3: command 0x0406 tx timeout [ 349.858128][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout [ 350.051835][ T7658] loop0: detected capacity change from 0 to 64 [ 350.136630][ T7658] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing [ 351.571756][ T7669] netlink: 'syz.0.732': attribute type 1 has an invalid length. [ 351.579896][ T7669] netlink: 'syz.0.732': attribute type 2 has an invalid length. [ 351.610008][ T7628] Set syz1 is full, maxelem 65536 reached [ 352.059304][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout [ 354.787196][ T7718] block nbd0: server does not support multiple connections per device. [ 354.797413][ T7718] block nbd0: shutting down sockets [ 355.409891][ T7731] netlink: 'syz.2.759': attribute type 64 has an invalid length. [ 355.418270][ T7731] netlink: 164 bytes leftover after parsing attributes in process `syz.2.759'. [ 355.610000][ T7737] loop1: detected capacity change from 0 to 1024 [ 355.847598][ T7737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.231601][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.926004][ T7757] binder: 7756:7757 ioctl 541b 0 returned -22 [ 357.278376][ T7761] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 358.282927][ T7781] netlink: 'syz.2.781': attribute type 83 has an invalid length. [ 359.043764][ T7799] loop1: detected capacity change from 0 to 512 [ 359.077022][ T7799] ext4: Unknown parameter 'fscontext' [ 359.361925][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 359.368754][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 359.541150][ T7802] loop0: detected capacity change from 0 to 1024 [ 359.602380][ T7802] EXT4-fs: Ignoring removed mblk_io_submit option [ 359.705164][ T7802] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.791564][ T7802] EXT4-fs error (device loop0): __ext4_iget:5464: inode #12: block 13: comm syz.0.789: invalid block [ 359.889887][ T7802] EXT4-fs (loop0): Remounting filesystem read-only [ 360.161102][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 360.971098][ T7830] loop3: detected capacity change from 0 to 1764 [ 361.419297][ T7827] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 361.426797][ T7827] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 361.437838][ T7827] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 361.444001][ T7827] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 361.454746][ T7827] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 361.461668][ T7827] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 361.475670][ T7827] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 361.482021][ T7827] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 361.492799][ T7827] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 361.509400][ T7827] Bluetooth: hci4: Error when powering off device on rfkill (-4) [ 361.683971][ T7843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.804'. [ 363.858736][ T7874] netlink: 12 bytes leftover after parsing attributes in process `syz.2.818'. [ 363.956847][ T7875] loop0: detected capacity change from 0 to 1024 [ 364.033392][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.821'. [ 364.042596][ T7879] netlink: 4 bytes leftover after parsing attributes in process `syz.4.821'. [ 364.049787][ T7875] EXT4-fs: Ignoring removed nomblk_io_submit option [ 364.271573][ T7875] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 364.483216][ T7887] syzkaller1: tun_chr_ioctl cmd 1074025678 [ 364.489479][ T7887] syzkaller1: group set to 778 [ 364.500316][ T7891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.824'. [ 364.777737][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.178606][ T7896] netlink: 12 bytes leftover after parsing attributes in process `syz.3.828'. [ 365.624266][ T7901] loop0: detected capacity change from 0 to 2048 [ 365.797461][ T7901] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 366.246117][ T5813] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 366.665651][ T30] audit: type=1326 audit(1756846068.140:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7927 comm="syz.0.840" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f57539 code=0x0 [ 367.270830][ T7935] virtiofs: Unknown parameter 'always 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 18 nlmon0 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 20 batadv0 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 21 vxcan0 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 22 vxcan1 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 23 veth0 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 24 veth1 : 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 25 veth0_to_bridge: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 26 bridge_slave_0: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 27 veth1_to_bridge: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 28 bridge_slave_1: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 29 veth0_to_bond: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 30 bond_slave_0: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 31 veth1_to_bond: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 32 bond_slave_1: 1 V3 [ 367.270830][ T7935] 010000E0 1 0:00000000 0 [ 367.270830][ T7935] 33 veth0_to_team: 1 V3 [ 367.270830][ T7935] 010000E0 [ 367.762540][ T7945] loop1: detected capacity change from 0 to 64 [ 368.065179][ T7952] syz.1.850: attempt to access beyond end of device [ 368.065179][ T7952] loop1: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 368.079133][ T7952] Buffer I/O error on dev loop1, logical block 512, async page read [ 368.089206][ T7952] syz.1.850: attempt to access beyond end of device [ 368.089206][ T7952] loop1: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 368.103514][ T7952] Buffer I/O error on dev loop1, logical block 56576, async page read [ 368.193346][ T7953] syz.1.850: attempt to access beyond end of device [ 368.193346][ T7953] loop1: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 368.210854][ T7953] Buffer I/O error on dev loop1, logical block 512, async page read [ 368.219572][ T7953] syz.1.850: attempt to access beyond end of device [ 368.219572][ T7953] loop1: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 368.233643][ T7953] Buffer I/O error on dev loop1, logical block 56576, async page read [ 369.169332][ T7969] netlink: 16 bytes leftover after parsing attributes in process `syz.0.857'. [ 369.183016][ T7970] loop3: detected capacity change from 0 to 512 [ 369.205156][ T7970] EXT4-fs: Ignoring removed orlov option [ 369.215142][ T7970] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 369.232781][ T7970] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002] [ 369.271905][ T7970] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.859: corrupted in-inode xattr: e_value size too large [ 369.330842][ T7970] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.859: couldn't read orphan inode 15 (err -117) [ 369.392283][ T7970] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.731469][ T7977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.862'. [ 369.789677][ T5824] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.727228][ T7994] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2 [ 370.730062][ T30] audit: type=1326 audit(1756846071.938:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.736674][ T7994] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0 [ 370.882654][ T30] audit: type=1326 audit(1756846071.985:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.906341][ T30] audit: type=1326 audit(1756846071.985:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.928828][ T30] audit: type=1326 audit(1756846071.985:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.951275][ T30] audit: type=1326 audit(1756846071.985:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.973715][ T30] audit: type=1326 audit(1756846071.985:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=181 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 370.996606][ T30] audit: type=1326 audit(1756846071.994:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7995 comm="syz.0.870" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 371.686833][ T8009] loop1: detected capacity change from 0 to 256 [ 372.201270][ T8009] FAT-fs (loop1): Directory bread(block 64) failed [ 372.208091][ T8009] FAT-fs (loop1): Directory bread(block 65) failed [ 372.215464][ T8009] FAT-fs (loop1): Directory bread(block 66) failed [ 372.222532][ T8009] FAT-fs (loop1): Directory bread(block 67) failed [ 372.229438][ T8009] FAT-fs (loop1): Directory bread(block 68) failed [ 372.236304][ T8009] FAT-fs (loop1): Directory bread(block 69) failed [ 372.244193][ T8009] FAT-fs (loop1): Directory bread(block 70) failed [ 372.250941][ T8009] FAT-fs (loop1): Directory bread(block 71) failed [ 372.257985][ T8009] FAT-fs (loop1): Directory bread(block 72) failed [ 372.264861][ T8009] FAT-fs (loop1): Directory bread(block 73) failed [ 373.562720][ T8019] tap0: tun_chr_ioctl cmd 1074025677 [ 373.569338][ T8019] tap0: linktype set to 787 [ 375.324188][ T8030] netlink: 92 bytes leftover after parsing attributes in process `syz.2.886'. [ 377.700367][ T8006] Set syz1 is full, maxelem 65536 reached [ 378.334381][ T30] audit: type=1326 audit(1756846079.047:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8055 comm="syz.0.898" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x0 [ 378.924635][ T8066] loop1: detected capacity change from 0 to 512 [ 379.684287][ T8079] netlink: 260 bytes leftover after parsing attributes in process `syz.0.908'. [ 379.756039][ T3617] tipc: Subscription rejected, illegal request [ 383.106483][ T8150] smc: net device bond0 applied user defined pnetid SYZ0 [ 383.133352][ T8150] smc: net device bond0 erased user defined pnetid SYZ0 [ 383.319412][ T5874] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 383.530294][ T5874] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 383.541581][ T5874] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 383.572336][ T5874] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 383.582549][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 383.591205][ T5874] usb 1-1: SerialNumber: syz [ 383.855188][ T5874] usb 1-1: 0:2 : does not exist [ 383.860383][ T5874] usb 1-1: unit 48 not found! [ 383.976301][ T5874] usb 1-1: USB disconnect, device number 5 [ 384.444659][ T8166] loop2: detected capacity change from 0 to 1024 [ 384.458146][ T8166] EXT4-fs: Ignoring removed mblk_io_submit option [ 384.566526][ T8166] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.741350][ T8166] EXT4-fs error (device loop2): __ext4_iget:5464: inode #12: block 13: comm syz.2.947: invalid block [ 384.805056][ T8166] EXT4-fs (loop2): Remounting filesystem read-only [ 385.137139][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.299435][ T8183] veth0_to_team: entered promiscuous mode [ 385.407163][ T5874] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 385.534659][ T8188] loop1: detected capacity change from 0 to 512 [ 385.660186][ T5874] usb 5-1: Using ep0 maxpacket: 16 [ 385.697626][ T5874] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 385.706931][ T5874] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 385.717577][ T5874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 385.795721][ T5874] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 385.805405][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 385.814027][ T5874] usb 5-1: Product: syz [ 385.818415][ T5874] usb 5-1: Manufacturer: syz [ 385.823333][ T5874] usb 5-1: SerialNumber: syz [ 386.335786][ T5874] usb 5-1: 0:2 : does not exist [ 386.809293][ T5874] usb 5-1: 1:0: cannot get min/max values for control 4 (id 1) [ 386.968935][ T5874] usb 5-1: USB disconnect, device number 5 [ 387.398911][ T8212] netlink: 4 bytes leftover after parsing attributes in process `syz.0.969'. [ 387.604085][ T8207] loop3: detected capacity change from 0 to 8192 [ 387.723118][ T30] audit: type=1800 audit(1756846087.831:83): pid=8207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.966" name="file1" dev="loop3" ino=1048628 res=0 errno=0 [ 387.796489][ T8217] netlink: 6 bytes leftover after parsing attributes in process `syz.4.971'. [ 389.212192][ T8236] netlink: 32 bytes leftover after parsing attributes in process `syz.1.979'. [ 389.958397][ T8253] bridge0: port 3(syz_tun) entered blocking state [ 389.965351][ T8253] bridge0: port 3(syz_tun) entered disabled state [ 389.972954][ T8253] syz_tun: entered allmulticast mode [ 389.982199][ T8253] syz_tun: entered promiscuous mode [ 390.693463][ T8265] netlink: 36 bytes leftover after parsing attributes in process `syz.1.991'. [ 390.967737][ T8270] loop0: detected capacity change from 0 to 128 [ 391.272286][ T30] audit: type=1326 audit(1756846090.740:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.294852][ T30] audit: type=1326 audit(1756846090.749:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.317476][ T30] audit: type=1326 audit(1756846090.768:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.339672][ T30] audit: type=1326 audit(1756846090.768:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.362028][ T30] audit: type=1326 audit(1756846090.833:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.384195][ T30] audit: type=1326 audit(1756846090.852:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.409167][ T30] audit: type=1326 audit(1756846090.861:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.431874][ T30] audit: type=1326 audit(1756846090.871:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 391.454430][ T30] audit: type=1326 audit(1756846090.964:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8268 comm="syz.0.994" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f57539 code=0x7ffc0000 [ 392.523420][ T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 392.551834][ T8288] loop0: detected capacity change from 0 to 4096 [ 392.720898][ T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 392.732173][ T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 392.782148][ T24] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 392.792037][ T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 392.800599][ T24] usb 4-1: SerialNumber: syz [ 393.077917][ T24] usb 4-1: 0:2 : does not exist [ 393.083278][ T24] usb 4-1: unit 48 not found! [ 393.296896][ T24] usb 4-1: USB disconnect, device number 2 [ 393.572358][ T8303] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1005'. [ 394.225324][ T8316] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1014'. [ 394.319066][ T8318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1012'. [ 394.577547][ T8322] bridge0: port 3(syz_tun) entered blocking state [ 394.584500][ T8322] bridge0: port 3(syz_tun) entered disabled state [ 394.592154][ T8322] syz_tun: entered allmulticast mode [ 394.602665][ T8322] syz_tun: entered promiscuous mode [ 394.609728][ T8322] bridge0: adding interface syz_tun with same address as a received packet (addr:aa:aa:aa:aa:aa:aa, vlan:1) [ 394.623194][ T8322] bridge0: port 3(syz_tun) entered blocking state [ 394.630371][ T8322] bridge0: port 3(syz_tun) entered forwarding state [ 394.783180][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1018'. [ 394.873863][ T8329] loop0: detected capacity change from 0 to 128 [ 394.932332][ T8329] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 395.053031][ T8329] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 395.213388][ T8329] overlayfs: upper fs needs to support d_type. [ 395.467245][ T5813] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 395.758091][ T8343] loop4: detected capacity change from 0 to 512 [ 395.803097][ T8343] EXT4-fs: Ignoring removed nobh option [ 395.924446][ T8343] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 395.938206][ T8343] ext4 filesystem being mounted at /207/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 396.148219][ T118] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 396.331574][ T8348] loop0: detected capacity change from 0 to 4096 [ 396.355784][ T118] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 396.366521][ T118] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 396.415860][ T8348] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 396.482814][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 396.520131][ T118] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 396.529853][ T118] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67 [ 396.538537][ T118] usb 3-1: SerialNumber: syz [ 396.875284][ T118] usb 3-1: 0:2 : does not exist [ 396.880555][ T118] usb 3-1: unit 48 not found! [ 397.033064][ T118] usb 3-1: USB disconnect, device number 3 [ 398.007903][ T5874] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 398.239620][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.251451][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 398.261801][ T5874] usb 5-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00 [ 398.271219][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.350452][ T8376] bridge0: port 3(syz_tun) entered blocking state [ 398.357817][ T8376] bridge0: port 3(syz_tun) entered disabled state [ 398.366253][ T8376] syz_tun: entered allmulticast mode [ 398.375291][ T8376] syz_tun: entered promiscuous mode [ 398.382054][ T5874] usb 5-1: config 0 descriptor?? [ 398.383313][ T8376] bridge0: port 3(syz_tun) entered blocking state [ 398.394141][ T8376] bridge0: port 3(syz_tun) entered forwarding state [ 398.497259][ T8379] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 398.968207][ T5874] playstation 0003:054C:0BA0.0002: unknown main item tag 0x0 [ 399.034053][ T5874] playstation 0003:054C:0BA0.0002: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.4-1/input0 [ 399.172906][ T5874] playstation 0003:054C:0BA0.0002: Invalid byte count transferred, expected 16 got 0 [ 399.188765][ T5874] playstation 0003:054C:0BA0.0002: Failed to retrieve DualShock4 pairing info: -22 [ 399.199085][ T5874] playstation 0003:054C:0BA0.0002: Failed to get MAC address from DualShock4 [ 399.208385][ T5874] playstation 0003:054C:0BA0.0002: Failed to create dualshock4. [ 399.262029][ T5874] playstation 0003:054C:0BA0.0002: probe with driver playstation failed with error -22 [ 399.398289][ T118] usb 5-1: USB disconnect, device number 6 [ 400.311396][ T8400] netlink: 168 bytes leftover after parsing attributes in process `syz.1.1049'. [ 401.117301][ T8411] loop4: detected capacity change from 0 to 2048 [ 401.206190][ T8411] UDF-fs: warning (device loop4): udf_load_logicalvol: Damaged or missing LVID, forcing readonly mount [ 401.505001][ T8422] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1058'. [ 401.543241][ T8411] loop4: detected capacity change from 0 to 1024 [ 401.626753][ T8411] hfsplus: request for non-existent node 211 in B*Tree [ 401.634104][ T8411] hfsplus: request for non-existent node 211 in B*Tree [ 402.414098][ T118] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 402.463776][ T8428] loop3: detected capacity change from 0 to 4096 [ 402.479221][ T8436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1065'. [ 402.613252][ T118] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 402.623981][ T118] usb 2-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00 [ 402.633848][ T118] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 402.736563][ T118] usb 2-1: config 0 descriptor?? [ 403.002240][ T8428] ntfs3(loop3): failed to convert "0080" to cp775 [ 403.275310][ T118] logitech-djreceiver 0003:046D:C71F.0003: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.1-1/input0 [ 403.474864][ T118] usb 2-1: USB disconnect, device number 3 [ 403.729008][ T8452] loop0: detected capacity change from 0 to 512 [ 403.756293][ T8452] EXT4-fs: Ignoring removed nomblk_io_submit option [ 403.823177][ T8452] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 403.831767][ T8452] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002] [ 403.845027][ T8452] EXT4-fs (loop0): orphan cleanup on readonly fs [ 403.851864][ T8452] __quota_error: 15 callbacks suppressed [ 403.851950][ T8452] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 403.868127][ T8452] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 403.883095][ T8452] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 403.930044][ T8452] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1072: bg 0: block 40: padding at end of block bitmap is not set [ 403.952635][ T8452] EXT4-fs (loop0): Remounting filesystem read-only [ 403.959869][ T8452] EXT4-fs (loop0): 1 truncate cleaned up [ 403.968115][ T8452] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 404.935956][ T8475] loop2: detected capacity change from 0 to 16 [ 404.965643][ T8475] erofs (device loop2): negative i_size @ nid 36 [ 404.987476][ T8476] @: renamed from vlan0 (while UP) [ 405.865728][ T8487] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1088'. [ 405.899554][ T8490] capability: warning: `syz.1.1089' uses 32-bit capabilities (legacy support in use) [ 406.066331][ T8493] loop4: detected capacity change from 0 to 256 [ 407.212141][ T8504] loop1: detected capacity change from 0 to 2048 [ 407.353753][ T8508] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 407.442739][ T30] audit: type=1800 audit(1756846106.277:108): pid=8504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1096" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 408.087059][ T3909] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.131346][ T24] kernel write not supported for file /sg0 (pid: 24 comm: kworker/1:0) [ 408.316319][ T3909] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.457658][ T3909] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.620330][ T3909] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 408.872357][ T3909] bridge_slave_1: left allmulticast mode [ 408.878255][ T3909] bridge_slave_1: left promiscuous mode [ 408.885532][ T3909] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.919124][ T3909] bridge_slave_0: left allmulticast mode [ 408.925608][ T3909] bridge_slave_0: left promiscuous mode [ 408.932349][ T3909] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.406298][ T3909] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 409.456569][ T3909] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 409.476850][ T3909] bond0 (unregistering): (slave bond1): Releasing backup interface [ 409.487888][ T3909] bond0 (unregistering): Released all slaves [ 409.514287][ T3909] bond1 (unregistering): Released all slaves [ 410.024410][ T8528] netlink: 564 bytes leftover after parsing attributes in process `syz.3.1106'. [ 410.050534][ T3909] hsr_slave_0: left promiscuous mode [ 410.093407][ T3909] hsr_slave_1: left promiscuous mode [ 410.101992][ T3909] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 410.109754][ T3909] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 410.184098][ T3909] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 410.192022][ T3909] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 410.362465][ T3909] veth1_macvtap: left promiscuous mode [ 410.368567][ T3909] veth0_macvtap: left promiscuous mode [ 410.374513][ T3909] veth1_vlan: left promiscuous mode [ 410.380276][ T3909] veth0_vlan: left promiscuous mode [ 410.998375][ T7335] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 411.015101][ T7335] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 411.098050][ T7335] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 411.140015][ T7335] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 411.157197][ T7335] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 411.198598][ T5820] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 411.213081][ T5820] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 411.223100][ T5820] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 411.249953][ T5820] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 411.262423][ T5820] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 411.306863][ T3909] team0 (unregistering): Port device team_slave_1 removed [ 411.334934][ T3909] team0 (unregistering): Port device team_slave_0 removed [ 412.914775][ T8538] chnl_net:caif_netlink_parms(): no params data found [ 413.380674][ T8557] veth0_macvtap: left promiscuous mode [ 413.435917][ T8557] macvtap0: refused to change device tx_queue_len [ 413.476730][ T5820] Bluetooth: hci1: command tx timeout [ 413.884269][ T8565] bridge0: port 3(syz_tun) entered blocking state [ 413.891429][ T8565] bridge0: port 3(syz_tun) entered disabled state [ 413.899247][ T8565] syz_tun: entered allmulticast mode [ 413.908287][ T8565] syz_tun: entered promiscuous mode [ 413.916203][ T8565] bridge0: port 3(syz_tun) entered blocking state [ 413.923115][ T8565] bridge0: port 3(syz_tun) entered forwarding state [ 414.068696][ T8565] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 414.699027][ T8538] bridge0: port 1(bridge_slave_0) entered blocking state [ 414.707656][ T8538] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.715412][ T8538] bridge_slave_0: entered allmulticast mode [ 414.725662][ T8538] bridge_slave_0: entered promiscuous mode [ 414.786333][ T8538] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.794279][ T8538] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.803016][ T8538] bridge_slave_1: entered allmulticast mode [ 414.813542][ T8538] bridge_slave_1: entered promiscuous mode [ 415.122795][ T8538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 415.168644][ T8538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 415.183208][ T8587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1131'. [ 415.226043][ T8584] loop4: detected capacity change from 0 to 1024 [ 415.263764][ T8587] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1131'. [ 415.273540][ T8587] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1131'. [ 415.331586][ T8538] team0: Port device team_slave_0 added [ 415.366857][ T8538] team0: Port device team_slave_1 added [ 415.639959][ T8538] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 415.647871][ T8538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 415.675562][ T8538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 415.705610][ T5820] Bluetooth: hci1: command tx timeout [ 415.773038][ T8538] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 415.780634][ T8538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 415.807185][ T8538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 415.819888][ T5874] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 416.040276][ T5874] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 416.049887][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 416.098018][ T5874] usb 4-1: config 0 descriptor?? [ 416.153295][ T5874] cp210x 4-1:0.0: cp210x converter detected [ 416.211902][ T8538] hsr_slave_0: entered promiscuous mode [ 416.226354][ T8538] hsr_slave_1: entered promiscuous mode [ 416.238111][ T8538] debugfs: 'hsr0' already exists in 'hsr' [ 416.244206][ T8538] Cannot create hsr debugfs directory [ 416.265593][ T8595] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1135'. [ 416.275543][ T8595] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1135'. [ 416.285100][ T8595] netlink: 'syz.2.1135': attribute type 5 has an invalid length. [ 416.294575][ T8595] netlink: 43 bytes leftover after parsing attributes in process `syz.2.1135'. [ 416.596228][ T5874] cp210x 4-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 416.657437][ T5874] usb 4-1: cp210x converter now attached to ttyUSB0 [ 416.868133][ T118] usb 4-1: USB disconnect, device number 3 [ 416.928595][ T118] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 416.983152][ T118] cp210x 4-1:0.0: device disconnected [ 417.369402][ T8603] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1139'. [ 417.581623][ T8538] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 417.628546][ T8538] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 417.707538][ T8538] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 417.828282][ T8538] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 417.914065][ T5820] Bluetooth: hci1: command tx timeout [ 419.185878][ T8618] loop4: detected capacity change from 0 to 4096 [ 419.252365][ T8626] cifs: Unknown parameter 'f,' [ 419.271688][ T8538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.390167][ T8538] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.450288][ T4150] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.457980][ T4150] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.533298][ T4150] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.541050][ T4150] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.803515][ T30] audit: type=1326 audit(1756846117.819:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.3.1151" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fe1539 code=0x0 [ 419.878524][ T8618] ntfs3(loop4): failed to convert "0080" to cp775 [ 420.107572][ T8636] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1153'. [ 420.147925][ T5820] Bluetooth: hci1: command tx timeout [ 420.708887][ T8641] loop1: detected capacity change from 0 to 512 [ 420.838995][ T8641] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.1155: dx entry: limit 0 != root limit 125 [ 420.851399][ T8641] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.1155: Corrupt directory, running e2fsck is recommended [ 420.940097][ T5874] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 420.991238][ T8641] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 421.054372][ T8641] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1155: corrupted in-inode xattr: invalid ea_ino [ 421.132266][ T5874] usb 3-1: Using ep0 maxpacket: 16 [ 421.143184][ T8641] EXT4-fs (loop1): Remounting filesystem read-only [ 421.152797][ T8641] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 421.189025][ T5874] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 421.200708][ T5874] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 421.214203][ T5874] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 421.223740][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 421.266031][ T8538] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 421.317357][ T8641] EXT4-fs warning (device loop1): dx_probe:861: inode #2: comm syz.1.1155: dx entry: limit 0 != root limit 125 [ 421.328539][ T5874] usb 3-1: config 0 descriptor?? [ 421.330178][ T8641] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.1155: Corrupt directory, running e2fsck is recommended [ 421.636322][ T8655] syz.3.1159 uses obsolete (PF_INET,SOCK_PACKET) [ 421.758084][ T8641] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 421.957150][ T5874] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0004/input/input10 [ 422.244349][ T5874] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 422.444437][ T24] usb 3-1: USB disconnect, device number 4 [ 423.545621][ T8538] veth0_vlan: entered promiscuous mode [ 423.631609][ T8538] veth1_vlan: entered promiscuous mode [ 423.998167][ T8538] veth0_macvtap: entered promiscuous mode [ 424.021614][ T8680] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1168'. [ 424.050073][ T8680] batadv0: entered promiscuous mode [ 424.051562][ T8672] loop2: detected capacity change from 0 to 4096 [ 424.131519][ T8680] batadv0: left promiscuous mode [ 424.211307][ T8538] veth1_macvtap: entered promiscuous mode [ 424.394881][ T8538] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 424.483263][ T8683] loop3: detected capacity change from 0 to 2048 [ 424.488447][ T8538] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 424.539109][ T8681] loop1: detected capacity change from 0 to 4096 [ 424.567252][ T8683] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 424.606188][ T3909] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.655769][ T3877] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.718769][ T3877] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.749250][ T3877] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 424.800175][ T8672] ntfs3(loop2): failed to convert "0080" to cp775 [ 425.031041][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 425.038005][ T1291] ieee802154 phy1 wpan1: encryption failed: -22 [ 426.879401][ T8716] loop1: detected capacity change from 0 to 512 [ 427.008542][ T8716] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 427.022170][ T8716] ext4 filesystem being mounted at /250/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 427.287518][ T8726] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1185'. [ 427.321004][ T8726] bridge0: port 4(vlan2) entered blocking state [ 427.327817][ T8726] bridge0: port 4(vlan2) entered disabled state [ 427.336518][ T8726] vlan2: entered allmulticast mode [ 427.342174][ T8726] bridge0: entered allmulticast mode [ 427.363044][ T8726] vlan2: left allmulticast mode [ 427.368596][ T8726] bridge0: left allmulticast mode [ 427.394318][ T8722] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 427.403859][ T8722] syzkaller1: linktype set to 774 [ 428.045878][ T8735] loop4: detected capacity change from 0 to 512 [ 428.081697][ T8734] netlink: 'syz.2.1187': attribute type 14 has an invalid length. [ 428.094334][ T8735] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 428.201883][ T8735] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 428.215398][ T8735] ext4 filesystem being mounted at /242/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 428.283982][ T8735] EXT4-fs (loop4): shut down requested (1) [ 428.544815][ T8741] loop3: detected capacity change from 0 to 1024 [ 428.598458][ T5827] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.792237][ T8746] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1191'. [ 430.224253][ T4209] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.233493][ T4209] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.234885][ T8755] loop4: detected capacity change from 0 to 8192 [ 430.350222][ T8755] msdos: Unknown parameter 'A' [ 430.418885][ T8719] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 145: padding at end of block bitmap is not set [ 430.493860][ T4150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 430.502318][ T4150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 430.585442][ T8762] loop3: detected capacity change from 0 to 256 [ 430.667503][ T8762] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 430.678818][ T8762] exFAT-fs (loop3): Medium has reported failures. Some data may be lost. [ 430.798925][ T8762] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62dd34a, utbl_chksum : 0xe619d30d) [ 431.166208][ T8752] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 431.665001][ T8772] sctp: [Deprecated]: syz.5.1200 (pid 8772) Use of struct sctp_assoc_value in delayed_ack socket option. [ 431.665001][ T8772] Use struct sctp_sack_info instead [ 431.880420][ T8778] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1201'. [ 432.740907][ T5812] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.897984][ T8791] loop4: detected capacity change from 0 to 1024 [ 433.375052][ T3877] hfsplus: b-tree write err: -5, ino 4 [ 434.081434][ T8804] loop2: detected capacity change from 0 to 1024 [ 434.343001][ T8804] hfsplus: request for non-existent node 16777216 in B*Tree [ 434.351412][ T8804] hfsplus: request for non-existent node 16777216 in B*Tree [ 434.451817][ T8804] hfsplus: request for non-existent node 16777216 in B*Tree [ 434.459351][ T8804] hfsplus: request for non-existent node 16777216 in B*Tree [ 434.657031][ T8817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1219'. [ 434.802433][ T4209] hfsplus: request for non-existent node 16777216 in B*Tree [ 434.802527][ T4209] hfsplus: request for non-existent node 16777216 in B*Tree [ 437.127934][ T8856] macsec1: entered promiscuous mode [ 437.133447][ T8856] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode [ 437.145520][ T8856] macsec1: entered allmulticast mode [ 437.151085][ T8856] mac80211_hwsim hwsim6 wlan0: entered allmulticast mode [ 437.733811][ T8866] netlink: 'syz.5.1242': attribute type 6 has an invalid length. [ 438.214018][ T8877] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1249'. [ 438.811704][ T8888] loop5: detected capacity change from 0 to 1024 [ 439.445430][ T8890] loop1: detected capacity change from 0 to 4096 [ 439.489764][ T8890] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 439.588353][ T3909] hfsplus: b-tree write err: -5, ino 4 [ 439.990191][ T8901] loop4: detected capacity change from 0 to 128 [ 440.237692][ T8901] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 440.328295][ T8907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1259'. [ 440.346417][ T8901] ext4 filesystem being mounted at /257/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 440.599101][ T8901] fscrypt (loop4, inode 12): Direct key flag not allowed with different contents and filenames modes [ 441.074604][ T5827] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 441.366506][ T8921] loop2: detected capacity change from 0 to 256 [ 441.413945][ T8921] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 441.425354][ T8921] exFAT-fs (loop2): Medium has reported failures. Some data may be lost. [ 441.659256][ T8921] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 442.686965][ T8939] loop2: detected capacity change from 0 to 512 [ 442.706546][ T8941] loop5: detected capacity change from 0 to 164 [ 442.814818][ T8939] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1274: bg 0: block 248: padding at end of block bitmap is not set [ 442.880557][ T8948] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1278'. [ 442.908722][ T8939] Quota error (device loop2): write_blk: dquota write failed [ 442.916952][ T8939] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 442.927485][ T8939] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.1274: Failed to acquire dquot type 1 [ 442.961558][ T8939] EXT4-fs (loop2): 1 truncate cleaned up [ 442.969691][ T8939] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 442.984577][ T8939] ext4 filesystem being mounted at /267/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 443.331389][ T5819] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 443.521784][ T8955] loop3: detected capacity change from 0 to 16 [ 443.654862][ T8955] erofs (device loop3): mounted with root inode @ nid 36. [ 443.775277][ T30] audit: type=1800 audit(1756846140.250:110): pid=8955 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1282" name="file1" dev="loop3" ino=86 res=0 errno=0 [ 444.387711][ T8971] loop3: detected capacity change from 0 to 1024 [ 445.091473][ T8982] loop5: detected capacity change from 0 to 1024 [ 446.302888][ T8995] loop5: detected capacity change from 0 to 4096 [ 446.322842][ T8995] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512). [ 446.502442][ T8995] ntfs3(loop5): ino=1a, mi_enum_attr [ 446.508040][ T8995] ntfs3(loop5): Mark volume as dirty due to NTFS errors [ 446.554243][ T8995] ntfs3(loop5): ino=1a, mi_enum_attr [ 446.559912][ T8995] ntfs3(loop5): Failed to initialize $Extend/$Reparse. [ 446.613365][ T9001] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 446.624039][ T9001] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 447.005840][ T9007] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1306'. [ 447.373578][ T9012] loop3: detected capacity change from 0 to 16 [ 447.878061][ T9019] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1322'. [ 447.886098][ T9023] loop3: detected capacity change from 0 to 256 [ 447.888209][ T9019] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1322'. [ 448.538626][ T9032] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1317'. [ 449.056098][ T9040] loop5: detected capacity change from 0 to 256 [ 449.065965][ T9040] exfat: Deprecated parameter 'utf8' [ 449.071566][ T9040] exfat: Deprecated parameter 'utf8' [ 449.197057][ T9040] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36d2a6b4, utbl_chksum : 0xe619d30d) [ 449.356259][ T9046] mkiss: ax0: crc mode is auto. [ 451.754989][ T9087] loop5: detected capacity change from 0 to 1024 [ 451.816315][ T9087] EXT4-fs: Ignoring removed nobh option [ 451.822176][ T9087] EXT4-fs: Ignoring removed bh option [ 451.850614][ C1] Illegal XDP return value 16128 on prog (id 141) dev bond_slave_0, expect packet loss! [ 452.024912][ T9087] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 452.510102][ T8538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.929651][ T9108] ALSA: mixer_oss: invalid OSS volume '' [ 453.128281][ T5874] kernel write not supported for file /vcsu (pid: 5874 comm: kworker/0:5) [ 454.443463][ T5871] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 454.609214][ T9131] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1363'. [ 454.644236][ T5871] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 454.654080][ T5871] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 454.723281][ T5871] usb 3-1: config 0 descriptor?? [ 454.745467][ T5871] cp210x 3-1:0.0: cp210x converter detected [ 454.746816][ T9127] loop3: detected capacity change from 0 to 4096 [ 454.822157][ T9127] ntfs3: Invalid value for dmask. [ 455.444351][ T5871] cp210x 3-1:0.0: failed to get vendor val 0x3711 size 2: -71 [ 455.452312][ T5871] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 455.492032][ T5871] usb 3-1: cp210x converter now attached to ttyUSB0 [ 455.519125][ T5871] usb 3-1: USB disconnect, device number 5 [ 455.565393][ T5871] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 455.566717][ T5871] cp210x 3-1:0.0: device disconnected [ 455.779625][ T9143] loop4: detected capacity change from 0 to 256 [ 456.147187][ T9145] loop1: detected capacity change from 0 to 4096 [ 456.283072][ T9145] NILFS (loop1): invalid segment: Checksum error in segment payload [ 456.291381][ T9145] NILFS (loop1): trying rollback from an earlier position [ 456.393992][ T9145] NILFS (loop1): recovery complete [ 456.421811][ T9148] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 458.390475][ T9179] usb usb8: usbfs: process 9179 (syz.4.1385) did not claim interface 0 before use [ 458.655418][ T5874] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 458.860350][ T5874] usb 3-1: Using ep0 maxpacket: 32 [ 458.908541][ T5874] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40 [ 458.918758][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 458.968564][ T5874] usb 3-1: config 0 descriptor?? [ 459.284432][ T5874] dvb-usb: found a 'Elgato EyeTV Sat' in warm state. [ 459.310608][ T5874] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 459.324199][ T5874] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat) [ 459.331892][ T5874] usb 3-1: media controller created [ 459.422489][ T9197] loop1: detected capacity change from 0 to 1024 [ 459.433873][ T5874] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 459.475269][ T9197] EXT4-fs: Ignoring removed bh option [ 459.498582][ T9183] ===================================================== [ 459.506085][ T9183] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 [ 459.513859][ T9183] _copy_to_user+0xcc/0x120 [ 459.518577][ T9183] i2cdev_ioctl_smbus+0x586/0x660 [ 459.524023][ T9183] compat_i2cdev_ioctl+0x48f/0xb40 [ 459.529376][ T9183] __ia32_compat_sys_ioctl+0x7f6/0x1270 [ 459.535512][ T9183] ia32_sys_call+0x2d5f/0x4310 [ 459.540572][ T9183] __do_fast_syscall_32+0xb0/0x150 [ 459.546225][ T9183] do_fast_syscall_32+0x38/0x80 [ 459.551430][ T9183] do_SYSENTER_32+0x1f/0x30 [ 459.556507][ T9183] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.563092][ T9183] [ 459.565855][ T9183] Uninit was stored to memory at: [ 459.571137][ T9183] __i2c_smbus_xfer+0x2561/0x2f60 [ 459.577137][ T9183] i2c_smbus_xfer+0x31d/0x4d0 [ 459.582079][ T9183] i2cdev_ioctl_smbus+0x4a1/0x660 [ 459.587763][ T9183] compat_i2cdev_ioctl+0x48f/0xb40 [ 459.593293][ T9183] __ia32_compat_sys_ioctl+0x7f6/0x1270 [ 459.599405][ T9183] ia32_sys_call+0x2d5f/0x4310 [ 459.604357][ T9183] __do_fast_syscall_32+0xb0/0x150 [ 459.609944][ T9183] do_fast_syscall_32+0x38/0x80 [ 459.615039][ T9183] do_SYSENTER_32+0x1f/0x30 [ 459.619967][ T9183] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.626705][ T9183] [ 459.629276][ T9183] Local variable msgbuf1.i created at: [ 459.634891][ T9183] __i2c_smbus_xfer+0x86a/0x2f60 [ 459.640256][ T9183] i2c_smbus_xfer+0x31d/0x4d0 [ 459.645268][ T9183] [ 459.647713][ T9183] Byte 0 of 1 is uninitialized [ 459.652843][ T9183] Memory access of size 1 starts at ffff888033ac7c86 [ 459.659964][ T9183] Data copied to user address 0000000080000040 [ 459.666268][ T9183] [ 459.668739][ T9183] CPU: 1 UID: 0 PID: 9183 Comm: syz.2.1388 Not tainted syzkaller #0 PREEMPT(none) [ 459.678452][ T9183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 459.688883][ T9183] ===================================================== [ 459.696139][ T9183] Disabling lock debugging due to kernel taint [ 459.702716][ T9183] Kernel panic - not syncing: kmsan.panic set ... [ 459.709371][ T9183] CPU: 1 UID: 0 PID: 9183 Comm: syz.2.1388 Tainted: G B syzkaller #0 PREEMPT(none) [ 459.720479][ T9183] Tainted: [B]=BAD_PAGE [ 459.724760][ T9183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 459.734996][ T9183] Call Trace: [ 459.738425][ T9183] [ 459.741479][ T9183] __dump_stack+0x26/0x30 [ 459.746049][ T9183] dump_stack_lvl+0x53/0x270 [ 459.750886][ T9183] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 459.757025][ T9183] dump_stack+0x1e/0x25 [ 459.761410][ T9183] vpanic+0x361/0xc50 [ 459.765632][ T9183] panic+0x15d/0x160 [ 459.769806][ T9183] kmsan_report+0x31c/0x320 [ 459.774538][ T9183] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 459.781082][ T9183] ? kmsan_internal_check_memory+0x1e1/0x230 [ 459.787284][ T9183] ? kmsan_copy_to_user+0xf1/0x190 [ 459.792613][ T9183] ? _copy_to_user+0xcc/0x120 [ 459.797493][ T9183] ? i2cdev_ioctl_smbus+0x586/0x660 [ 459.802962][ T9183] ? compat_i2cdev_ioctl+0x48f/0xb40 [ 459.808570][ T9183] ? __ia32_compat_sys_ioctl+0x7f6/0x1270 [ 459.814518][ T9183] ? ia32_sys_call+0x2d5f/0x4310 [ 459.819651][ T9183] ? __do_fast_syscall_32+0xb0/0x150 [ 459.825212][ T9183] ? do_fast_syscall_32+0x38/0x80 [ 459.830493][ T9183] ? do_SYSENTER_32+0x1f/0x30 [ 459.835414][ T9183] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.842183][ T9183] ? __pfx_az6027_i2c_xfer+0x10/0x10 [ 459.847732][ T9183] ? __i2c_transfer+0x11cd/0x3110 [ 459.853073][ T9183] ? kmsan_get_metadata+0xfb/0x160 [ 459.858429][ T9183] ? kmsan_internal_set_shadow_origin+0x79/0x110 [ 459.864976][ T9183] ? kmsan_get_metadata+0xfb/0x160 [ 459.870322][ T9183] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 459.876417][ T9183] ? __i2c_smbus_xfer+0x1e93/0x2f60 [ 459.881815][ T9183] ? kmsan_get_metadata+0xfb/0x160 [ 459.887154][ T9183] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 459.893174][ T9183] kmsan_internal_check_memory+0x1e1/0x230 [ 459.899186][ T9183] kmsan_copy_to_user+0xf1/0x190 [ 459.904323][ T9183] _copy_to_user+0xcc/0x120 [ 459.909017][ T9183] i2cdev_ioctl_smbus+0x586/0x660 [ 459.914323][ T9183] compat_i2cdev_ioctl+0x48f/0xb40 [ 459.919671][ T9183] ? __pfx_compat_i2cdev_ioctl+0x10/0x10 [ 459.925513][ T9183] __ia32_compat_sys_ioctl+0x7f6/0x1270 [ 459.931261][ T9183] ? kmsan_get_metadata+0xfb/0x160 [ 459.936595][ T9183] ? kmsan_get_metadata+0xfb/0x160 [ 459.941909][ T9183] ia32_sys_call+0x2d5f/0x4310 [ 459.946863][ T9183] __do_fast_syscall_32+0xb0/0x150 [ 459.952220][ T9183] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 459.958164][ T9183] do_fast_syscall_32+0x38/0x80 [ 459.963236][ T9183] do_SYSENTER_32+0x1f/0x30 [ 459.967949][ T9183] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 459.974487][ T9183] RIP: 0023:0xf7fd8539 [ 459.978678][ T9183] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 459.998487][ T9183] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036 [ 460.007078][ T9183] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000720 [ 460.015195][ T9183] RDX: 0000000080000180 RSI: 0000000000000000 RDI: 0000000000000000 [ 460.023310][ T9183] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 460.031419][ T9183] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 460.039514][ T9183] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 460.047647][ T9183] [ 460.051070][ T9183] Kernel Offset: disabled [ 460.055493][ T9183] Rebooting in 86400 seconds..