last executing test programs: 12.868539447s ago: executing program 3 (id=1591): mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='fd/3\x00') r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000240)={0x80000011}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)) 12.866698777s ago: executing program 3 (id=1592): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000a80)=@nat={'nat\x00', 0x1b, 0x7fffffe, 0x490, 0x0, 0x288, 0xffffffff, 0x3a0, 0x3a0, 0x490, 0x490, 0xffffffff, 0x490, 0x490, 0x5, 0x0, {[{{@ipv6={@private1={0xfc, 0x1, '\x00', 0x1}, @mcast1, [0xff000000, 0xffffffff, 0xff000000, 0xffffff00], [0x61aa8485b42e5a7f, 0x0, 0xff, 0xff], 'bridge0\x00', 'ip6_vti0\x00', {0xff}, {}, 0x3c8d687bfd7b6152, 0x3, 0xa9f2b6bdf1bb7dc2, 0x1}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x8d848d6efbeeb10d, @ipv4=@dev={0xac, 0x14, 0x14, 0x23}, @ipv4=@loopback, @icmp_id=0x66, @port=0x4e21}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x4, @ipv4=@loopback, @ipv4=@broadcast, @port=0x4e23, @gre_key=0x800}}}, {{@ipv6={@dev={0xfe, 0x80, '\x00', 0x38}, @loopback, [0xffffff00, 0xff000000, 0xffffffff, 0xffffffff], [0x0, 0x0, 0xff000000], 'veth1_to_team\x00', 'wg1\x00', {0xff}, {0xcfb4c71175a55b3d}, 0x11, 0xa, 0x3, 0x10}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x2, @ipv6=@empty, @ipv4=@rand_addr=0x64010101, @gre_key=0x9, @icmp_id=0x68}}}, {{@ipv6={@loopback, @loopback, [0xffffffff, 0xff, 0xff000000, 0xffffffff], [0x7f800000, 0x0, 0xffffffff, 0xffffffff], '\x00', 'vlan0\x00', {}, {0xff}, 0x6, 0xcc, 0x1, 0x44}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv6=@private0={0xfc, 0x0, '\x00', 0x1}, @ipv6=@empty, @port=0x4e24, @gre_key=0x8}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0) 7.244236131s ago: executing program 0 (id=1645): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7ffffe39}]}) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) syz_clone3(&(0x7f00000002c0)={0x8018400, 0x0, 0x0, 0x0, {0x2e}, 0x0, 0x0, 0x0, 0x0}, 0x58) 7.039443001s ago: executing program 0 (id=1649): syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x2148c5, &(0x7f0000000040)=ANY=[@ANYBLOB="02"], 0x1, 0x2cf, &(0x7f0000000580)="$eJzs3c9r02AYwPFn7dZ2HVt7GIKC+KAXvYSt/gVFNhALyraK8yBkLtXS2I6mViridvPqX+AfMPTmSUG9yy7evIuXXQQvO6iVpYntuojtfjRz+35g5Nn75mneNm/Hk7Akm7eePygVHKNg1iSSUImIrMmWSHo78gx5y4gbx6TTmlwa+/757Pzi7WvZXG5mTnU2u3A5o6oT5949evLy/Ifa2M3XE2/jspG+s/kt82Xj1MbpzV8L/qtXRExdqlRq5pJt6XLRKRmqN2zLdCwtlh2rWtOO/oJdWVlpqFleHk+uVC3HUbPc0JLV0FpFa9WGmvfMYlkNw9DxZPfwj71o3xn5nzGRbCtOHPyAMGijQY3VataMBnbm1wcxKAAAcLSEVf/fLzpadLRc2VHf767/I9JH/S8SVP/jr/Lrc3NmNuxR4HBt1/9J7/u7E/U/AAAAAAAAAAAAAAAAAAAAAAD/gy2RVLPZTG01m+7S/4l7V4T7v4c9ThwOf7+z/0+m+cUh8S7cS4jYz+r5er61bPVnC1IUWyyZGhH54c4HTyuevZqbmVJXWt7bq17+aj0flbif70sH50+38rUzf1VGJNm5/YykZDI4PxOQX8/H5OKFZtzbsiWGpOTTXamILcvuvG7nP51WvXI915U/6q4HAAAAAMBxYOgfu47f3X5D/duGdPW3GtvnByTVPj8wE3R+oOv4eljODIf3vgEAAAAAOEmcxuOSadtW9V9Bot3ysfesAwyi+34d//kHfadHA7r8/4gZ7IfQGSR6XXlYRLyWN+EMdW9BZB8fb7SPvTyyez7HRGRHy+Tg5/yrF318PXsLvj7sfdKG9RcJAAAAwGHxi/4T85BMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOoF5vHuavv5d7j3VsLhrOuwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACOht8BAAD//6dmDZc=") mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x11080, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x1018}, './file0\x00'}) 6.088503241s ago: executing program 0 (id=1654): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x800000000000002, 0x0) socket(0x40000000015, 0x5, 0x0) socket$inet_smc(0x2b, 0x1, 0x0) socket(0x28, 0x5, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000fc0)) socket$inet6_tcp(0xa, 0x1, 0x0) pselect6(0x40, &(0x7f0000001000)={0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0xa, 0x4000000000002}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x8, 0x400000f, 0x4, 0x0, 0x7fffffff}, 0x0, 0x0) 5.704266471s ago: executing program 0 (id=1658): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x21081e, &(0x7f0000000380)={[{@grpquota}, {@nogrpid}, {@quota}, {@nobh}]}, 0xfe, 0x51b, &(0x7f0000001000)="$eJzs3c9vI1cdAPDveOPEyaZNWnoABO3SFha0WufHtqtqD1BOCKFKiB5B2obEG0Wx4yh2ShP2sD1zRaISJzjyB3DuiTsXBDcu5YDEjwjUICExaMbj1Ju1s9FmY2fjz0cazXvzHH+/L9bMi1/seQGMrWsR8SAiJiPivYiYK44nxRZvd7bscZ8e3F89PLi/mkSavvuPJG/PjkXPz2SuFs9ZiYgffCfix8mjcVt7+5sr9Xptp6gvtBvbC629/ZsbjZX12nptK/vh24tv3Xpz+an19ZXGZFH68ie/f/CNn2ZpzRZHevvxJJJOl/sdj4jyUZzMRER87yzBLpArRX8mR50IT6QUES9GxKv5+T8XV/JXEwC4zNJ0LtK53joAcNmV8jmwpFQt5gJmo1SqVjtzeC/FTKnebLVv3Gvubq11/kyYj3Lp3ka9tljMFc5HOcnqS3n5s/pypz7Vrd+KiBci4udT03m9utqsr43yDx8AGGNXj43//57qjP8AwCVXGXUCAMDQGf8BYPwY/wFg/Bj/AWD8dMb/6VGnAQAM0Ynv/90PCAAuJfP/ADBWvv/OO9mWHhb3v157f293s/n+zbVaa7Pa2F2trjZ3tqvrzeZ6fs+exuOer95sbi+9EbsfzH9zu9VeaO3t3200d7fad/P7et+tlfNH9b1VNgAwJC+88vGfkmxEvjOdb9GzlkN5pJkB56006gSAkbky6gSAkTnTp3sqPhsEz7IzvMc3PQCXRJ8leh9S6fcFoTRN007pf+k55QWcn+tfMP8P46pn/t+ngGHMmP+H8WUGH8ZXmianXfM/TvtAAOBiM8cPDPj//4vF/jfFPwd+tHb8ER+dZ1YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXXX/60Wa4HPRqlUrUY8FxHzUU7ubdRrixHxfET8cao8ldWXRpwzAHBWpb8mxfpf1+den32o6eWrR8XJiPjJL9/9xQcr7fbOHyImk39OdY+3PyqOLw8/ewDgZNl7/e44ne973sh/enB/tbsNM6e/fTsiKp34hweTcXgUfyIm8n0lyhEx86+kqHckPXMXZ/Hgw4j4fL/+JzGbz4F0Vj49Hj+L/dxQ45ceil/K2zr77HfxuaeQC4ybj7Prz9v9zr9SXMv3/c//Sn6FOrvi+pc91ephfg38LH73+ndlwPXv2mljvPG773ZK04+2fRjxxYmIbuzDnutPN34yIP7rp4z/5y+9/OqgtvRXEdfjTt/4vbEW2o3thdbe/s2Nxsp6bb22tbx8e+n24lu33lxeyOeoFwaPBn+/c+P5QW1Z/2eif/8rj+n/V0/Z/1//970ffuWE+F9/rV/8Urx0QvxsTPzaKeOvzPy2Mqgti782oP+Pe/1vnDL+J3/Zf2TZcABgdFp7+5sr9Xpt51kvzJY7Hboo+SicRyF7hS9AGn0L3xpWrMno3/Sz1zqnwLGmNH2iWIOuGE9j1g24CI5O+oj4z6iTAQAAAAAAAAAAAAAA+hrGN5ZG3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAur/8HAAD//5enzt4=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x4c142, 0x0) truncate(&(0x7f0000000080)='./file1/file0\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40, 0xa3) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r2 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x74, 0x0, 0x0) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f00000002c0)={r3, 0x0, 0x9}) ptrace(0x10, r3) ptrace$ARCH_SET_GS(0x1e, r3, 0x0, 0x1001) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(r4, 0x0, 0x0) setsockopt$sock_linger(r4, 0x1, 0x3d, 0x0, 0x0) sendmmsg$sock(r4, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000680)="8ca10e91", 0x4}], 0x1, &(0x7f0000000200)}}], 0x1, 0x84) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0600000004000000080000000800000000000000", @ANYBLOB="ee56a7032e534221ac153141d6134266ecbfec9be9eb08c1169d4214e6cb6d01e52171225916ea4ff6cfe8791d5ebb067ebca4604bf2de250b57dda67341bed8b898e16fa1a0b2578f3008796caff590eb2a3b1dfab4c3d5a8deb82ac666f4cd437e4164d5f4f8f1dd93b4daed38c3ce9c4e375837c8a15590b2bbe55397e0ab00"/139, @ANYRESOCT=r4, @ANYRES32=r0, @ANYRES32, @ANYRESDEC=r4], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r6 = socket$inet(0x2, 0x3, 0xd) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x7, 0x0, 0x0, 0xfffffffb}]}) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) getsockopt$inet_mreqsrc(r6, 0x0, 0x53, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) sendto$inet(r1, 0x0, 0x0, 0x40000010, 0x0, 0x0) ftruncate(r4, 0x1) setreuid(0xffffffffffffffff, 0xee00) listen(r0, 0xffffff00) sendfile(r0, r0, 0x0, 0xe3aa6ea) 5.017215907s ago: executing program 0 (id=1660): sched_setaffinity(0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000340)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) r0 = fsopen(&(0x7f0000000080)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x8) r2 = openat$cgroup(r1, &(0x7f00000000c0)='syz0\x00', 0x200002, 0x0) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cgroup.kill\x00', 0x275a, 0x0) write$cgroup_int(r3, &(0x7f0000000200)=0x1, 0x12) r4 = socket$can_bcm(0x1d, 0x2, 0x2) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000000)=0x4011, 0x4) connect$can_bcm(r4, &(0x7f00000005c0), 0x10) setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f00000001c0)=0x7f, 0x4) recvmmsg(r4, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x4251}], 0x1, 0x10002, 0x0) sendmsg$can_bcm(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0) 4.453991557s ago: executing program 0 (id=1663): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r0 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x20402) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) read(r0, &(0x7f0000001400)=""/4076, 0xfffffeea) 4.223962959s ago: executing program 32 (id=1663): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r0 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x20402) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1) read(r0, &(0x7f0000001400)=""/4076, 0xfffffeea) 3.402858422s ago: executing program 4 (id=1681): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200b3e8179f731700a226c704147fd243da8a5c9d484c713415e05a1c19699658c951e243854646bd"], 0x50) r0 = socket$qrtr(0x2a, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() r2 = io_uring_setup(0x66a5, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, 0x0, 0x1) sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7) socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_vhci(0x0, 0x0) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) close(r5) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) 2.769881515s ago: executing program 4 (id=1686): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x3, 0x0, 0x7fff0006}]}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r1, 0x25, &(0x7f00000000c0)) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) preadv(r2, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x44) close_range(r0, 0xffffffffffffffff, 0x0) 2.721851547s ago: executing program 4 (id=1687): r0 = socket(0xa, 0x5, 0x0) sendmsg$inet_sctp(r0, &(0x7f0000001640)={&(0x7f0000000080)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000040)=')', 0x1}], 0x1, &(0x7f00000007c0)=[@init={0x18, 0x84, 0x0, {0x8000, 0xf, 0x5, 0x700}}], 0x18, 0x4008000}, 0x28008841) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000001c0)=0x8001, 0x4) 2.644458961s ago: executing program 4 (id=1688): r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@delneigh={0x1c, 0x1d, 0x1, 0x0, 0x4000000, {0x7, 0x0, 0x0, 0x0, 0x0, 0x96, 0x4}}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000100)=ANY=[], 0x18) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @loopback}, 0x1c) 2.581361114s ago: executing program 2 (id=1689): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000500)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x2}]}}}]}, 0x3c}}, 0x0) 2.392337544s ago: executing program 2 (id=1691): fsopen(&(0x7f0000000040)='sysfs\x00', 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x2}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00007cf000/0x4000)=nil, &(0x7f00006fe000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0x5000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f000062c000/0x3000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r1 = io_uring_setup(0x2ddf, &(0x7f0000000040)={0x0, 0x100aeb9, 0xd000, 0x20000a, 0x131}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x200, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xffe0, 0xffe0}, {0xc, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000804) 1.779655456s ago: executing program 1 (id=1694): r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0102, 0x0) write$vga_arbiter(r0, &(0x7f0000000040)=@unlock_all, 0xb) 1.779263096s ago: executing program 4 (id=1695): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200b3e8179f731700a226c704147fd243da8a5c9d484c713415e05a1c19699658c951e243854646bd"], 0x50) r0 = socket$qrtr(0x2a, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() r2 = io_uring_setup(0x66a5, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, 0x0, 0x1) sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7) socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_vhci(0x0, 0x0) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) close(r5) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) 1.651695063s ago: executing program 1 (id=1696): bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x19, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 1.52161669s ago: executing program 1 (id=1697): r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x0, 0x68241) ioctl$SG_IO(r0, 0x2285, &(0x7f0000001a80)={0x53, 0xfffffffffffffffd, 0x4, 0x3, @buffer={0x0, 0x0, 0x0}, &(0x7f0000001900)="a1080000", 0x0, 0x80000001, 0x1, 0x1, 0x0}) 1.276428083s ago: executing program 1 (id=1698): bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xf, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xb000000, 0x0, 0x0, 0xa00}, {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1c}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94) 1.143846619s ago: executing program 1 (id=1699): r0 = socket(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000001800128008000100707070000c00028008000100", @ANYRES32=r1], 0x40}}, 0x0) 1.113791951s ago: executing program 4 (id=1700): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r3, {0x8, 0xb}, {}, {0xa}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x9}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x22044028}, 0x0) 1.044468415s ago: executing program 2 (id=1701): r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCALLUSERDATA(r0, 0x89e5, &(0x7f0000000480)={0x24, "08d4d4eb3e042f7641c5f25319fe7ad9f324fa662850a3e5d8b61830aa1d169e9317c004e0091f775bcee267e2df663b3578a8d25897730db85181cd6f6ff83a52f4b45fa5c31488c064fee427ca20da78ce0ee927e6a5c7f46dd918046cb023c8430be9854bd80b9c1af021bb00893217eab58e542a884bde35cc62ebd7850d"}) 996.936877ms ago: executing program 2 (id=1702): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f00000008c0)={[{@errors_remount}, {@nodioread_nolock}], [{@permit_directio}, {@dont_measure}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@fsname={'fsname', 0x3d, 'errors=remount-ro'}}, {@dont_hash}, {@context={'context', 0x3d, 'unconfined_u'}}, {@appraise}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=") r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, 0x0, 0x40000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) unshare(0x400) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000080)={0x0, 0x2, 0x7e, 0x990f}) r2 = socket$inet_sctp(0x2, 0x5, 0x84) r3 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCSETSW2(r3, 0x402c542c, &(0x7f0000000140)={0xffffffd1, 0x1002, 0x3, 0x831a, 0x3, "040000ffff000800", 0x8, 0x1}) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000080)=0x42) ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000000)=0xff) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0xbe, @rand_addr=0x64010101, 0x0, 0x3, 'lblcr\x00', 0x0, 0x80005, 0x41}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) 422.729158ms ago: executing program 3 (id=1703): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94) r0 = socket(0x400000000010, 0x3, 0x0) sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)}, {&(0x7f0000000900)}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6e", 0x71}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f39f", 0x1c}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f", 0x4}], 0x1}}], 0x4, 0x20000044) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0) 356.425851ms ago: executing program 2 (id=1704): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000600)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x50483}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GTP_PDP_HASHSIZE={0x8, 0x3, 0x3}, @IFLA_GTP_ROLE={0x8, 0x4, 0x2}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000) 150.240692ms ago: executing program 1 (id=1705): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0xe, 0x13e, 0x89, 0xffffffff, 0x2}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x88, 0x0, &(0x7f0000000180)="c3ef7f670000ec6783b4241544b500000000000000000653003cd83cb6543bdb090ac311e0f0544b00aab085e0dc23d907bde6a1b56f92241432fa00228f0000000000000000000000000000c398cc2ae53c435256fed52379fbd6c5ef65e664cd70f1daf14576fcb0cd91617a1416c264cd73f189c4cdffaf5d9fdfd3ad7d2531878ac098961b13", 0x0, 0x4f80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x10000006}, 0x50) r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85) 113.802224ms ago: executing program 3 (id=1706): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @multicast1}]}, &(0x7f0000000080)=0x10) 113.495254ms ago: executing program 2 (id=1707): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket(0x2b, 0x1, 0x1) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r1, 0x5) r2 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) 4.441439ms ago: executing program 3 (id=1708): r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_opts(r0, 0x29, 0x37, &(0x7f00000000c0)=@dstopts, 0x8) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, 0x0, 0x0) 0s ago: executing program 3 (id=1709): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0200b3e8179f731700a226c704147fd243da8a5c9d484c713415e05a1c19699658c951e243854646bd"], 0x50) r0 = socket$qrtr(0x2a, 0x2, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() r2 = io_uring_setup(0x66a5, 0x0) io_uring_register$IORING_REGISTER_EVENTFD(r2, 0x4, 0x0, 0x1) sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7) socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_emit_vhci(0x0, 0x0) connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r5 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) close(r5) ioctl$sock_qrtr_TIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) kernel console output (not intermixed with test programs): v6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.324020][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.339615][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.360475][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.372761][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.375027][ T4253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.388023][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.401057][ T4253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.408558][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.422059][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.434957][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.445171][ T4192] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.456146][ T4192] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.472808][ T4192] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.495119][ T4197] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.504054][ T4197] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.514262][ T4197] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.524027][ T4197] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.542372][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 56.560989][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 56.572854][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 56.599294][ T4192] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.632427][ T4192] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.642620][ T4192] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.662581][ T4192] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.733892][ T4253] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.760828][ T4253] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.830209][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 56.836992][ T4236] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.845254][ T4236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.930881][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.036109][ T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.044398][ T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.054689][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.063596][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.081702][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 57.094511][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 57.097559][ T4271] ieee802154 phy0 wpan0: encryption failed: -22 [ 57.112304][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.126057][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.161424][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.187167][ T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.236103][ T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.303807][ T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 58.126500][ T4227] Bluetooth: hci1: command 0x0419 tx timeout [ 58.221797][ T4227] Bluetooth: hci0: command 0x0419 tx timeout [ 58.241204][ T4268] Bluetooth: hci3: command 0x0419 tx timeout [ 58.256357][ T4268] Bluetooth: hci4: command 0x0419 tx timeout [ 58.264061][ T4268] Bluetooth: hci2: command 0x0419 tx timeout [ 59.895513][ C1] sched: RT throttling activated [ 59.944710][ T4286] loop3: detected capacity change from 0 to 32768 [ 59.992941][ T4286] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.7 (4286) [ 60.370670][ T4286] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 60.405697][ T4286] BTRFS info (device loop3): enabling auto defrag [ 60.412170][ T4286] BTRFS info (device loop3): use no compression [ 60.632136][ T4286] BTRFS info (device loop3): max_inline at 4096 [ 60.644652][ T4286] BTRFS info (device loop3): using free space tree [ 60.651620][ T4286] BTRFS info (device loop3): has skinny extents [ 60.739676][ T4286] BTRFS info (device loop3): enabling ssd optimizations [ 60.755512][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 60.775511][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #8a!!! [ 60.815522][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #288!!! [ 63.094453][ T4343] loop3: detected capacity change from 0 to 2048 [ 63.224043][ T4344] ieee802154 phy0 wpan0: encryption failed: -22 [ 63.278486][ T4343] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 63.348212][ T26] audit: type=1800 audit(1776557263.102:2): pid=4343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.13" name="file1" dev="loop3" ino=1367 res=0 errno=0 [ 67.395547][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!! [ 67.636966][ T4225] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 67.926244][ T4225] usb 1-1: Using ep0 maxpacket: 8 [ 67.984441][ T4378] loop1: detected capacity change from 0 to 4096 [ 68.020736][ T4378] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option [ 68.086813][ T4225] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 68.091011][ T4378] EXT4-fs (loop1): mounted filesystem without journal. Opts: init_itable=0x0000000000000101,stripe=0x0000000000000061,journal_ioprio=0x0000000000000006,minixdf,nodiscard,nomblk_io_submit,acl,nojournal_checksum,resuid=0x0000000000000000,,errors=continue. Quota mode: writeback. [ 68.097262][ T4225] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 68.653445][ T4225] usb 1-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1 [ 68.662723][ T4225] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 68.676244][ T4225] usb 1-1: Product: syz [ 68.681138][ T4225] usb 1-1: Manufacturer: syz [ 68.685866][ T4225] usb 1-1: SerialNumber: syz [ 68.694692][ T4225] usb 1-1: config 0 descriptor?? [ 68.747199][ T4225] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx [ 71.927583][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.933917][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.467108][ T2421] usb 1-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2 [ 72.486630][ T4225] usb 1-1: USB disconnect, device number 2 [ 72.535750][ T2421] usb 1-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw [ 75.375537][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 75.385540][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 75.395575][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 75.463364][ T4420] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.349876][ T7] cfg80211: failed to load regulatory.db [ 76.963150][ T4433] ieee802154 phy0 wpan0: encryption failed: -22 [ 77.315512][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #300!!! [ 80.689752][ T4450] Zero length message leads to an empty skb [ 80.829307][ T4454] fuse: Unknown parameter 'f0x000000000000000700000000000000000000' [ 82.535526][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 82.545524][ T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #182!!! [ 83.539986][ T26] audit: type=1326 audit(1776557283.292:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4474 comm="syz.3.55" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f85c9b04819 code=0x0 [ 86.520669][ T4487] ieee802154 phy0 wpan0: encryption failed: -22 [ 91.399072][ T4532] fuse: Unknown parameter 'f0xffffffffffffffff00000000000000000000' [ 92.482314][ T4545] loop4: detected capacity change from 0 to 512 [ 93.028350][ T4545] EXT4-fs error (device loop4): ext4_xattr_inode_iget:401: inode #12: comm syz.4.75: missing EA_INODE flag [ 93.214337][ T4545] EXT4-fs error (device loop4): ext4_xattr_inode_iget:406: comm syz.4.75: error while reading EA inode 12 err=-117 [ 93.228936][ T4545] EXT4-fs (loop4): 1 orphan inode deleted [ 93.265543][ T4545] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,nogrpid,,errors=continue. Quota mode: writeback. [ 95.724554][ T4567] ieee802154 phy0 wpan0: encryption failed: -22 [ 98.912768][ T4593] netlink: 'syz.2.89': attribute type 21 has an invalid length. [ 98.941663][ T4593] netlink: 8 bytes leftover after parsing attributes in process `syz.2.89'. [ 98.970991][ T4598] loop4: detected capacity change from 0 to 256 [ 99.012122][ T4571] loop0: detected capacity change from 0 to 32768 [ 99.106651][ T4598] exfat: Deprecated parameter 'namecase' [ 99.112360][ T4598] exfat: Deprecated parameter 'namecase' [ 99.144362][ T4571] XFS (loop0): Mounting V5 Filesystem [ 99.162106][ T4598] exfat: Unknown parameter 'keep_last_dots' [ 99.232443][ T4571] XFS (loop0): Ending clean mount [ 99.426571][ T4612] netlink: 4 bytes leftover after parsing attributes in process `syz.4.93'. [ 99.549102][ T4184] XFS (loop0): Unmounting Filesystem [ 100.272672][ T4615] ieee802154 phy0 wpan0: encryption failed: -22 [ 103.050553][ T4631] loop0: detected capacity change from 0 to 32768 [ 103.153949][ T4631] XFS (loop0): Mounting V5 Filesystem [ 103.252155][ T4631] XFS (loop0): Ending clean mount [ 103.294723][ T26] audit: type=1800 audit(1776557303.042:4): pid=4631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.99" name="file1" dev="loop0" ino=6150 res=0 errno=0 [ 103.315013][ C1] vkms_vblank_simulate: vblank timer overrun [ 103.448329][ T4184] XFS (loop0): Unmounting Filesystem [ 104.569109][ T4666] loop0: detected capacity change from 0 to 256 [ 104.956292][ T4666] exfat: Deprecated parameter 'namecase' [ 104.961995][ T4666] exfat: Deprecated parameter 'namecase' [ 105.016735][ T4666] exfat: Unknown parameter 'keep_last_dots' [ 105.118256][ T4669] ieee802154 phy0 wpan0: encryption failed: -22 [ 106.832573][ T4679] loop4: detected capacity change from 0 to 512 [ 107.020006][ T4671] loop1: detected capacity change from 0 to 32768 [ 107.037390][ T4679] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 107.144714][ T4679] EXT4-fs (loop4): 1 truncate cleaned up [ 107.160793][ T4679] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,stripe=0x00000000000000dc,bsdgroups,noload,abort,auto_da_alloc,,errors=continue. Quota mode: none. [ 107.233733][ T4671] ======================================================= [ 107.233733][ T4671] WARNING: The mand mount option has been deprecated and [ 107.233733][ T4671] and is ignored by this kernel. Remove the mand [ 107.233733][ T4671] option from the mount to silence this warning. [ 107.233733][ T4671] ======================================================= [ 107.268677][ C1] vkms_vblank_simulate: vblank timer overrun [ 107.305566][ T26] audit: type=1804 audit(1776557307.052:5): pid=4679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.114" name="/newroot/30/file1/bus" dev="loop4" ino=18 res=1 errno=0 [ 107.848607][ T26] audit: type=1800 audit(1776557307.612:6): pid=4671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.111" name="file1" dev="loop1" ino=4 res=0 errno=0 [ 109.416158][ T4705] loop3: detected capacity change from 0 to 32768 [ 109.524829][ T26] audit: type=1800 audit(1776557309.272:7): pid=4705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.121" name="file1" dev="loop3" ino=4 res=0 errno=0 [ 109.777026][ T4715] loop3: detected capacity change from 0 to 64 [ 109.971050][ T4708] loop1: detected capacity change from 0 to 40427 [ 110.022775][ T4708] F2FS-fs (loop1): build fault injection attr: rate: 19, type: 0x1ffff [ 110.371030][ T2384] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 110.766844][ T2384] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 111.095977][ T2384] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 111.132506][ T2384] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 111.192328][ T2384] usb 4-1: SerialNumber: syz [ 111.381590][ T4717] loop4: detected capacity change from 0 to 32768 [ 111.613998][ T4717] XFS (loop4): Mounting V5 Filesystem [ 111.692711][ T4746] fuse: Bad value for 'fd' [ 112.224130][ T4717] XFS (loop4): Ending clean mount [ 112.397206][ T2384] cdc_ether: probe of 4-1:1.0 failed with error -71 [ 112.409723][ T2384] usb 4-1: USB disconnect, device number 2 [ 112.477816][ T4193] XFS (loop4): Unmounting Filesystem [ 112.859878][ T4755] loop4: detected capacity change from 0 to 512 [ 112.920242][ T4755] EXT4-fs (loop4): Ignoring removed nobh option [ 112.930861][ T4755] EXT4-fs (loop4): Ignoring removed bh option [ 112.985242][ T4759] loop3: detected capacity change from 0 to 256 [ 112.989675][ T4755] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 112.997487][ T4759] FAT-fs (loop3): Unrecognized mount option "iocharsdt=d.Uӭhefault" or missing value [ 113.200439][ T4755] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.129: invalid indirect mapped block 256 (level 1) [ 113.408580][ T4755] EXT4-fs (loop4): Remounting filesystem read-only [ 113.449955][ T4755] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.129: invalid indirect mapped block 2683928664 (level 1) [ 113.610842][ T4755] EXT4-fs (loop4): Remounting filesystem read-only [ 113.628363][ T4755] EXT4-fs (loop4): 1 truncate cleaned up [ 113.644066][ T4755] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,nouid32,nobh,nodioread_nolock,discard,usrjquota=.noacl,bh,jqfmt=vfsv0,auto_da_alloc,errors=remount-ro,nolazytime,,. Quota mode: writeback. [ 115.147314][ T4768] loop0: detected capacity change from 0 to 512 [ 115.175660][ T4768] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (25604!=33349) [ 115.443027][ T4768] EXT4-fs (loop0): orphan cleanup on readonly fs [ 115.450082][ T4768] EXT4-fs error (device loop0): ext4_iget_extra_inode:4573: inode #15: comm syz.0.132: corrupted in-inode xattr [ 115.587312][ T4768] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.132: couldn't read orphan inode 15 (err -117) [ 115.758340][ T4768] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,grpquota,,,errors=continue. Quota mode: writeback. [ 116.585426][ T4786] loop1: detected capacity change from 0 to 32768 [ 116.870653][ T4786] XFS (loop1): Mounting V5 Filesystem [ 117.075188][ T4786] XFS (loop1): Ending clean mount [ 118.962188][ T4188] XFS (loop1): Unmounting Filesystem [ 120.501741][ T4840] netlink: 12 bytes leftover after parsing attributes in process `syz.4.156'. [ 120.525623][ T2384] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 120.776918][ T4847] loop4: detected capacity change from 0 to 32768 [ 120.840894][ T4847] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop4 scanned by syz.4.159 (4847) [ 120.942421][ T2384] usb 4-1: Using ep0 maxpacket: 8 [ 121.027312][ T4847] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm [ 121.036663][ T4847] BTRFS info (device loop4): using free space tree [ 121.043451][ T4847] BTRFS info (device loop4): has skinny extents [ 121.105753][ T2384] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 121.150401][ T2384] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 121.182569][ T2384] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 121.198605][ T2384] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 121.353934][ T2384] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 121.810418][ T2384] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.996317][ T2384] usb 4-1: usb_control_msg returned -71 [ 122.018931][ T2384] usbtmc 4-1:16.0: can't read capabilities [ 122.155237][ T2384] usb 4-1: USB disconnect, device number 3 [ 122.266128][ T4847] BTRFS info (device loop4): enabling ssd optimizations [ 122.895885][ T2384] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 123.186034][ T2384] usb 4-1: Using ep0 maxpacket: 8 [ 123.356589][ T2384] usb 4-1: config 179 has an invalid interface number: 65 but max is 0 [ 123.393851][ T2384] usb 4-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 123.565398][ T2384] usb 4-1: config 179 has no interface number 0 [ 123.625349][ T2384] usb 4-1: config 179 interface 65 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 123.654507][ T2384] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 123.686367][ T2384] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 124.017983][ T4895] loop0: detected capacity change from 0 to 32768 [ 124.079871][ T4895] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.167 (4895) [ 124.274756][ T2384] usb 4-1: USB disconnect, device number 4 [ 124.290778][ T4883] loop1: detected capacity change from 0 to 32768 [ 124.354196][ T4883] XFS (loop1): Mounting V5 Filesystem [ 124.367288][ T4895] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 124.376019][ T4895] BTRFS info (device loop0): using free space tree [ 124.383231][ T4895] BTRFS info (device loop0): has skinny extents [ 124.441111][ T4883] XFS (loop1): Ending clean mount [ 124.538488][ T26] audit: type=1800 audit(1776557324.292:8): pid=4883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.161" name="file1" dev="loop1" ino=6150 res=0 errno=0 [ 124.575973][ T4188] XFS (loop1): Unmounting Filesystem [ 124.701622][ T4895] BTRFS info (device loop0): enabling ssd optimizations [ 125.201354][ T4937] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.441679][ T4657] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop0 scanned by udevd (4657) [ 127.686828][ T4967] netlink: 4 bytes leftover after parsing attributes in process `syz.4.175'. [ 129.302908][ T4972] loop0: detected capacity change from 0 to 32768 [ 129.582022][ T4972] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 129.676459][ T4972] BTRFS info (device loop0): enabling auto defrag [ 129.803715][ T4972] BTRFS info (device loop0): use no compression [ 130.104332][ T4972] BTRFS info (device loop0): max_inline at 4096 [ 130.143619][ T4972] BTRFS info (device loop0): using free space tree [ 130.174340][ T4972] BTRFS info (device loop0): has skinny extents [ 130.232895][ T4967] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.241278][ T4967] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.485397][ T4972] BTRFS info (device loop0): enabling ssd optimizations [ 132.393531][ T4967] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.546374][ T4967] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.679249][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.685657][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.914447][ T5006] loop3: detected capacity change from 0 to 32768 [ 133.914295][ T5006] XFS (loop3): Mounting V5 Filesystem [ 134.459132][ T5006] XFS (loop3): Ending clean mount [ 134.512257][ T4197] XFS (loop3): Unmounting Filesystem [ 134.709786][ T4967] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.719290][ T4967] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.728228][ T4967] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.737182][ T4967] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 135.293752][ T5040] loop3: detected capacity change from 0 to 1156 [ 136.345694][ T4262] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 136.625854][ T4262] usb 4-1: Using ep0 maxpacket: 32 [ 136.746577][ T4262] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0 [ 136.853398][ T4262] usb 4-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0 [ 136.942347][ T4262] usb 4-1: config 0 interface 0 has no altsetting 0 [ 137.001838][ T5048] loop0: detected capacity change from 0 to 32768 [ 137.150999][ T4262] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e [ 137.174035][ T4262] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.196440][ T5048] JBD2: Ignoring recovery information on journal [ 137.223744][ T4262] usb 4-1: Product: syz [ 137.228399][ T4262] usb 4-1: Manufacturer: syz [ 137.233012][ T4262] usb 4-1: SerialNumber: syz [ 137.275388][ T4262] usb 4-1: config 0 descriptor?? [ 137.303741][ T5048] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 137.365675][ T4903] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 137.605794][ T4903] usb 5-1: Using ep0 maxpacket: 8 [ 137.727330][ T4903] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 137.844235][ T2421] pvrusb2: request_firmware fatal error with code=-110 [ 137.876014][ T4903] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 137.879183][ T2421] pvrusb2: Failure uploading firmware1 [ 137.904116][ T2421] pvrusb2: Device initialization was not successful. [ 137.917877][ T4903] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 137.933258][ T2421] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 137.954183][ T4903] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 137.972700][ T2421] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 138.042221][ T4225] pvrusb2: Device being rendered inoperable [ 138.060140][ T4903] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 138.070616][ T4903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.178983][ T4184] ocfs2: Unmounting device (7,0) on (node local) [ 138.414131][ T4903] usb 5-1: GET_CAPABILITIES returned 0 [ 138.419804][ T4903] usbtmc 5-1:16.0: can't read capabilities [ 138.623303][ T4957] usb 5-1: USB disconnect, device number 2 [ 138.663527][ T5078] loop0: detected capacity change from 0 to 1024 [ 138.702872][ T5078] EXT4-fs (loop0): Ignoring removed orlov option [ 138.730529][ T5078] EXT4-fs (loop0): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 139.038597][ T5084] xt_hashlimit: max too large, truncated to 1048576 [ 139.555780][ T4331] usb 4-1: USB disconnect, device number 5 [ 139.903001][ T5096] loop4: detected capacity change from 0 to 2048 [ 140.255615][ T5096] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000000005,,errors=continue. Quota mode: none. [ 140.612934][ T26] audit: type=1800 audit(1776557340.362:9): pid=5096 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.204" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 142.149547][ T5111] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 142.194851][ T5091] loop1: detected capacity change from 0 to 32768 [ 142.287278][ T5091] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.205 (5091) [ 142.335015][ T5091] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 142.376088][ T5091] BTRFS info (device loop1): enabling auto defrag [ 142.399979][ T5091] BTRFS info (device loop1): use no compression [ 142.554930][ T5091] BTRFS info (device loop1): max_inline at 4096 [ 142.561591][ T5091] BTRFS info (device loop1): using free space tree [ 142.568154][ T5091] BTRFS info (device loop1): has skinny extents [ 143.613011][ T5091] BTRFS error (device loop1): open_ctree failed: -12 [ 143.616191][ T4178] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by udevd (4178) [ 143.640769][ T4954] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 143.903387][ T4954] usb 1-1: Using ep0 maxpacket: 8 [ 144.305653][ T2857] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 144.545658][ T2857] usb 2-1: device descriptor read/64, error -71 [ 144.670663][ T4954] usb 1-1: config 179 has an invalid interface number: 65 but max is 0 [ 144.682046][ T5144] loop4: detected capacity change from 0 to 32768 [ 144.683550][ T4954] usb 1-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config [ 144.714982][ T5144] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.214 (5144) [ 144.730568][ T4954] usb 1-1: config 179 has no interface number 0 [ 144.744306][ T4954] usb 1-1: config 179 interface 65 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 23 [ 144.762832][ T4954] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 144.777762][ T5144] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 144.786728][ T4954] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.795247][ T5144] BTRFS info (device loop4): using free space tree [ 144.825562][ T2857] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 144.842983][ T5144] BTRFS info (device loop4): has skinny extents [ 145.095706][ T2857] usb 2-1: device descriptor read/64, error -71 [ 145.216367][ T2857] usb usb2-port1: attempt power cycle [ 145.635372][ T5144] BTRFS info (device loop4): enabling ssd optimizations [ 145.807406][ T2857] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 145.818849][ T4954] usb 1-1: USB disconnect, device number 3 [ 146.015695][ T2857] usb 2-1: device descriptor read/8, error -71 [ 146.285564][ T2857] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 146.375938][ T2857] usb 2-1: device descriptor read/8, error -71 [ 146.626102][ T5180] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 147.363162][ T5187] loop0: detected capacity change from 0 to 32768 [ 147.372171][ T2857] usb usb2-port1: unable to enumerate USB device [ 147.432830][ T5191] loop3: detected capacity change from 0 to 128 [ 147.589496][ T5187] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 147.599135][ T5187] BTRFS info (device loop0): using free space tree [ 147.605680][ T5187] BTRFS info (device loop0): has skinny extents [ 147.614748][ T5196] loop1: detected capacity change from 0 to 1156 [ 147.925890][ T5180] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 147.959996][ T5180] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config [ 148.097120][ T5180] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 148.172385][ T5180] usb 5-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping [ 148.526267][ T5180] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 148.549223][ T5180] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 148.572381][ T5180] usb 5-1: Product: syz [ 148.576939][ T5180] usb 5-1: Manufacturer: syz [ 148.591288][ T5191] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 148.603840][ T5182] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 148.605865][ T5191] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 148.648926][ T5180] cdc_wdm 5-1:1.0: skipping garbage [ 148.654290][ T5180] cdc_wdm 5-1:1.0: skipping garbage [ 148.660105][ T5180] cdc_wdm: probe of 5-1:1.0 failed with error -22 [ 148.770429][ T5187] BTRFS info (device loop0): enabling ssd optimizations [ 148.788442][ T5212] loop1: detected capacity change from 0 to 1156 [ 148.858637][ T5180] usb 5-1: USB disconnect, device number 3 [ 149.516948][ T2857] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 149.593237][ T2857] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 149.864170][ T5223] loop3: detected capacity change from 0 to 32768 [ 149.951097][ T5223] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.225 (5223) [ 150.041469][ T5223] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 150.080510][ T5223] BTRFS info (device loop3): enabling auto defrag [ 150.101158][ T5223] BTRFS info (device loop3): use no compression [ 150.115237][ T5223] BTRFS info (device loop3): max_inline at 4096 [ 150.129592][ T5223] BTRFS info (device loop3): using free space tree [ 150.169970][ T5223] BTRFS info (device loop3): has skinny extents [ 150.885600][ T4331] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 151.086625][ T5223] BTRFS info (device loop3): enabling ssd optimizations [ 151.705588][ T4331] usb 1-1: Using ep0 maxpacket: 8 [ 152.283016][ T5002] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 152.515722][ T4331] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xAD, skipping [ 152.636746][ T5279] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0 [ 152.648807][ T5279] SQUASHFS error: Failed to read block 0x0: -5 [ 152.796353][ T5002] usb 5-1: config 1 has an invalid interface number: 7 but max is 0 [ 152.846858][ T4331] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 152.880619][ T5002] usb 5-1: config 1 has no interface number 0 [ 153.029468][ T5002] usb 5-1: config 1 interface 7 altsetting 0 has an invalid endpoint with address 0xDB, skipping [ 153.139611][ T5002] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 153.507594][ T4331] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=3a.9f [ 153.533002][ T4331] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 154.584234][ T4331] usb 1-1: Product: syz [ 154.599768][ T5289] loop0: detected capacity change from 0 to 1156 [ 154.769062][ T4331] usb 1-1: config 0 descriptor?? [ 154.922531][ T5002] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00 [ 154.932284][ T4331] usb 1-1: can't set config #0, error -71 [ 154.983184][ T5002] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 156.787890][ T5002] usb 5-1: Product: syz [ 156.949032][ T5002] usb 5-1: Manufacturer: syz [ 156.976725][ T4331] usb 1-1: USB disconnect, device number 4 [ 156.985383][ T5318] loop1: detected capacity change from 0 to 8 [ 157.316385][ T5002] usb 5-1: can't set config #1, error -71 [ 157.448611][ T5002] usb 5-1: USB disconnect, device number 4 [ 158.444697][ T5336] netlink: 40 bytes leftover after parsing attributes in process `syz.3.251'. [ 159.555507][ T5269] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 159.570917][ T5349] loop3: detected capacity change from 0 to 1024 [ 159.654512][ T5349] EXT4-fs (loop3): Ignoring removed orlov option [ 160.661059][ T5360] loop4: detected capacity change from 0 to 64 [ 160.698766][ T5349] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 161.163805][ T5366] xt_hashlimit: max too large, truncated to 1048576 [ 162.177231][ T5269] usb 2-1: Using ep0 maxpacket: 8 [ 162.256136][ T5269] usb 2-1: device descriptor read/all, error -71 [ 164.730124][ T5377] loop3: detected capacity change from 0 to 32768 [ 164.944458][ T5377] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.260 (5377) [ 164.959697][ T5377] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm [ 164.968422][ T5377] BTRFS info (device loop3): using free space tree [ 164.975124][ T5377] BTRFS info (device loop3): has skinny extents [ 165.814538][ T5377] BTRFS error (device loop3): open_ctree failed: -12 [ 165.970644][ T4194] Bluetooth: Frame is too long (len 16, expected len 4) [ 167.978340][ T5427] loop3: detected capacity change from 0 to 1024 [ 169.675045][ T5450] loop1: detected capacity change from 0 to 128 [ 170.175471][ T5450] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 170.335366][ T5450] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 171.807433][ T5470] netlink: 20 bytes leftover after parsing attributes in process `syz.3.281'. [ 173.766410][ T5483] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'. [ 173.886192][ T5488] overlayfs: failed to resolve './file1': -2 [ 174.865959][ T5269] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 175.153653][ T5504] loop4: detected capacity change from 0 to 40427 [ 175.221803][ T5504] F2FS-fs (loop4): invalid crc value [ 175.308585][ T5504] F2FS-fs (loop4): Found nat_bits in checkpoint [ 175.365125][ T5504] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 175.975686][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.991319][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 176.001936][ T5269] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00 [ 176.100273][ T5269] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.288998][ T4952] Bluetooth: hci1: command 0x0406 tx timeout [ 176.348781][ T5269] usb 1-1: config 0 descriptor?? [ 176.400926][ T5522] loop3: detected capacity change from 0 to 256 [ 176.555756][ T5522] FAT-fs (loop3): Unrecognized mount option "utf8=y" or missing value [ 177.870055][ T5492] udc-core: couldn't find an available UDC or it's busy [ 177.898757][ T5492] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 [ 178.005661][ T5269] usbhid 1-1:0.0: can't add hid device: -71 [ 178.013917][ T5269] usbhid: probe of 1-1:0.0 failed with error -71 [ 178.047782][ T5269] usb 1-1: USB disconnect, device number 5 [ 183.949976][ T5575] syz.2.317 uses obsolete (PF_INET,SOCK_PACKET) [ 183.960945][ T5579] netlink: 32 bytes leftover after parsing attributes in process `syz.0.319'. [ 183.995627][ T5579] netlink: 32 bytes leftover after parsing attributes in process `syz.0.319'. [ 184.818857][ T5596] loop0: detected capacity change from 0 to 512 [ 185.282480][ T5596] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 186.478748][ T5596] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 186.506118][ T5596] Quota error (device loop0): write_blk: dquota write failed [ 186.528748][ T5596] Quota error (device loop0): find_free_dqentry: Can't write quota data block 5 [ 186.596184][ T5596] Quota error (device loop0): write_blk: dquota write failed [ 186.641298][ T5596] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota [ 186.651447][ T5596] EXT4-fs error (device loop0): ext4_acquire_dquot:6236: comm syz.0.325: Failed to acquire dquot type 1 [ 186.680646][ T5596] EXT4-fs (loop0): 1 truncate cleaned up [ 186.692788][ T5596] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000010000,resgid=0x0000000000000000,norecovery,quota,auto_da_alloc,auto_da_alloc=0x0000000000000001,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 186.720166][ C1] vkms_vblank_simulate: vblank timer overrun [ 188.904807][ T5621] loop3: detected capacity change from 0 to 256 [ 189.368795][ T5612] loop1: detected capacity change from 0 to 32768 [ 189.548708][ T5621] exfat: Deprecated parameter 'utf8' [ 189.560104][ T5621] exfat: Deprecated parameter 'namecase' [ 189.575789][ T5621] exfat: Deprecated parameter 'namecase' [ 189.581522][ T5621] exfat: Deprecated parameter 'utf8' [ 189.831987][ T5621] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 189.949454][ T5634] device syzkaller0 entered promiscuous mode [ 189.969044][ T5634] 0: reclassify loop, rule prio 0, protocol 800 [ 194.186353][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.193018][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.580026][ T5673] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 195.765505][ T4906] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 196.103266][ T5707] sd 0:0:1:0: device reset [ 198.342534][ T4906] usb 1-1: Using ep0 maxpacket: 16 [ 198.416497][ T5722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'. [ 198.434201][ T4906] usb 1-1: device descriptor read/all, error -71 [ 203.576233][ T5761] sd 0:0:1:0: device reset [ 206.919204][ T5777] capability: warning: `syz.3.375' uses deprecated v2 capabilities in a way that may be insecure [ 208.470185][ T5269] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 209.015947][ T5269] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 209.114685][ T5269] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 209.256818][ T5269] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.344399][ T5269] usb 1-1: config 0 descriptor?? [ 209.397719][ T5269] pwc: Askey VC010 type 2 USB webcam detected. [ 210.679396][ T5269] pwc: recv_control_msg error -71 req 02 val 2700 [ 210.705692][ T5269] pwc: recv_control_msg error -71 req 02 val 2c00 [ 210.747961][ T5269] pwc: recv_control_msg error -71 req 04 val 1000 [ 210.785664][ T5269] pwc: recv_control_msg error -71 req 04 val 1300 [ 210.825686][ T5269] pwc: recv_control_msg error -71 req 04 val 1400 [ 210.875654][ T5269] pwc: recv_control_msg error -71 req 02 val 2000 [ 210.929925][ T5269] pwc: recv_control_msg error -71 req 02 val 2100 [ 210.986222][ T5269] pwc: recv_control_msg error -71 req 04 val 1500 [ 211.143185][ T5822] loop1: detected capacity change from 0 to 2048 [ 211.378601][ T5822] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 211.397919][ T5269] pwc: recv_control_msg error -71 req 02 val 2500 [ 211.425601][ T5269] pwc: recv_control_msg error -71 req 02 val 2400 [ 211.597244][ T5269] pwc: recv_control_msg error -71 req 02 val 2600 [ 211.640014][ T5269] pwc: recv_control_msg error -71 req 02 val 2900 [ 211.695626][ T5269] pwc: recv_control_msg error -71 req 02 val 2800 [ 211.725712][ T5269] pwc: recv_control_msg error -71 req 04 val 1100 [ 211.745996][ T5269] pwc: recv_control_msg error -71 req 04 val 1200 [ 211.786689][ T5269] pwc: Registered as video103. [ 211.813074][ T5269] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input5 [ 211.852220][ T26] audit: type=1326 audit(1776557411.602:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 211.872822][ T5269] usb 1-1: USB disconnect, device number 8 [ 211.874348][ C1] vkms_vblank_simulate: vblank timer overrun [ 211.964448][ T26] audit: type=1326 audit(1776557411.602:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.056403][ T26] audit: type=1326 audit(1776557411.632:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.178227][ T26] audit: type=1326 audit(1776557411.632:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.288726][ T26] audit: type=1326 audit(1776557411.642:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.411440][ T26] audit: type=1326 audit(1776557411.642:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.495536][ T26] audit: type=1326 audit(1776557411.642:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.663344][ T26] audit: type=1326 audit(1776557411.642:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 212.663381][ T26] audit: type=1326 audit(1776557411.642:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.1.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f78f5d20819 code=0x7ffc0000 [ 213.359163][ T5861] sd 0:0:1:0: device reset [ 214.406647][ T5867] process 'syz.2.401' launched './file1' with NULL argv: empty string added [ 216.686257][ T5902] ieee802154 phy0 wpan0: encryption failed: -22 [ 216.992253][ T5906] netlink: 4 bytes leftover after parsing attributes in process `syz.3.414'. [ 217.001968][ T5003] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 219.570521][ T5927] loop3: detected capacity change from 0 to 512 [ 221.693496][ T5003] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 221.707643][ T5003] usb 5-1: can't read configurations, error -71 [ 221.727470][ T5927] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,max_dir_size_kb=0x0000000000000a32,acl,,errors=continue. Quota mode: writeback. [ 221.746280][ T5927] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 226.466907][ T5986] ieee802154 phy0 wpan0: encryption failed: -22 [ 228.764854][ T4190] Bluetooth: Frame is too long (len 16, expected len 4) [ 228.870704][ T5995] bridge0: port 2(bridge_slave_1) entered disabled state [ 228.878022][ T5995] bridge0: port 1(bridge_slave_0) entered disabled state [ 230.206361][ T6032] ieee802154 phy0 wpan0: encryption failed: -22 [ 230.254650][ T4331] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 230.625592][ T4331] usb 1-1: Using ep0 maxpacket: 8 [ 230.665178][ T6038] loop1: detected capacity change from 0 to 256 [ 230.747042][ T4331] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xAD, skipping [ 230.763125][ T6038] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d) [ 230.784217][ T6040] netlink: 12 bytes leftover after parsing attributes in process `syz.4.451'. [ 230.798116][ T4331] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 231.654661][ T4331] usb 1-1: New USB device found, idVendor=0bfd, idProduct=0124, bcdDevice=3a.9f [ 231.664150][ T4331] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 231.672567][ T4331] usb 1-1: Product: syz [ 232.572720][ T4331] usb 1-1: Manufacturer: syz [ 232.577475][ T4331] usb 1-1: SerialNumber: syz [ 232.587959][ T4331] usb 1-1: config 0 descriptor?? [ 232.636512][ T4331] kvaser_usb 1-1:0.0: Cannot get usb endpoint(s) [ 232.729273][ T4331] usb 1-1: USB disconnect, device number 9 [ 235.024307][ T6081] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.404610][ T6085] loop1: detected capacity change from 0 to 1024 [ 235.556797][ T6085] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000006,nodiscard,noblock_validity,noinit_itable,dioread_lock,nogrpid,noinit_itable,jqfmt=vfsv0,mb_optimize_scan=0x0000000000000000,sb=0x0000000000000001,,errors=continue. Quota mode: none. [ 235.595349][ T6085] ext4 filesystem being mounted at /80/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 235.716974][ T26] audit: type=1800 audit(1776557435.472:19): pid=6085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.462" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 235.834095][ T26] audit: type=1800 audit(1776557435.542:20): pid=6085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.462" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 239.316155][ T6135] ieee802154 phy0 wpan0: encryption failed: -22 [ 239.894237][ T6150] netlink: 8 bytes leftover after parsing attributes in process `syz.3.482'. [ 240.832860][ T6161] 9pnet: Insufficient options for proto=fd [ 244.181676][ T6199] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2622702393 (2622702393 ns) > initial count (1696441458 ns). Using initial count to start timer. [ 244.843887][ T6214] loop2: detected capacity change from 0 to 7 [ 244.913254][ T6214] Dev loop2: unable to read RDB block 7 [ 244.945069][ T6214] loop2: AHDI p1 p2 p3 [ 244.963901][ T6214] loop2: partition table partially beyond EOD, truncated [ 244.972533][ T6214] loop2: p1 start 1818582900 is beyond EOD, truncated [ 244.985153][ T6214] loop2: p3 start 335544320 is beyond EOD, truncated [ 245.627790][ T6232] loop0: detected capacity change from 0 to 128 [ 245.790214][ T6232] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 245.839291][ T6232] FAT-fs (loop0): Filesystem has been set read-only [ 247.218199][ T6246] loop4: detected capacity change from 0 to 128 [ 247.266391][ T6246] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 247.336833][ T6246] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 247.687023][ T1278] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 249.166630][ T6277] netlink: 88 bytes leftover after parsing attributes in process `syz.1.523'. [ 249.205598][ T6277] netlink: 12 bytes leftover after parsing attributes in process `syz.1.523'. [ 249.232090][ T6277] netlink: 20 bytes leftover after parsing attributes in process `syz.1.523'. [ 249.246434][ T6274] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 249.254492][ T6277] netlink: 20 bytes leftover after parsing attributes in process `syz.1.523'. [ 249.269126][ T6274] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 249.479318][ T6282] netlink: 23 bytes leftover after parsing attributes in process `syz.0.525'. [ 249.796617][ T6291] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 249.804586][ T6291] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 250.066588][ T6295] ieee802154 phy0 wpan0: encryption failed: -22 [ 251.616457][ T6323] capability: warning: `syz.2.539' uses 32-bit capabilities (legacy support in use) [ 254.098278][ T6346] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.141768][ T6349] block device autoloading is deprecated and will be removed. [ 254.493429][ T26] audit: type=1326 audit(1776557454.242:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.529978][ T26] audit: type=1326 audit(1776557454.242:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.559521][ T26] audit: type=1326 audit(1776557454.242:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.612078][ T26] audit: type=1326 audit(1776557454.242:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.760434][ T26] audit: type=1326 audit(1776557454.242:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.839153][ T26] audit: type=1326 audit(1776557454.242:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.872115][ T26] audit: type=1326 audit(1776557454.242:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 254.926052][ T26] audit: type=1326 audit(1776557454.242:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15cf71e04e code=0x7ffc0000 [ 254.948246][ C0] vkms_vblank_simulate: vblank timer overrun [ 255.025556][ T26] audit: type=1326 audit(1776557454.242:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f15cf71e04e code=0x7ffc0000 [ 255.047686][ C0] vkms_vblank_simulate: vblank timer overrun [ 255.088100][ T26] audit: type=1326 audit(1776557454.242:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.0.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15cf75d819 code=0x7ffc0000 [ 256.026100][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.032428][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.637660][ T6477] loop4: detected capacity change from 0 to 128 [ 261.257614][ T6486] loop4: detected capacity change from 0 to 128 [ 261.329874][ T6486] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 261.359627][ T6486] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 261.471170][ T4318] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 263.572281][ T6513] loop0: detected capacity change from 0 to 512 [ 264.573447][ T6523] overlayfs: failed to clone upperpath [ 264.819135][ T6532] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 265.346843][ T6536] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.483612][ T6545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'. [ 267.754660][ T26] kauditd_printk_skb: 18 callbacks suppressed [ 267.754672][ T26] audit: type=1326 audit(1776557467.502:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 267.783099][ C0] vkms_vblank_simulate: vblank timer overrun [ 267.865461][ T26] audit: type=1326 audit(1776557467.552:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 267.957092][ T26] audit: type=1326 audit(1776557467.552:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.037039][ T26] audit: type=1326 audit(1776557467.552:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.101052][ T6603] loop4: detected capacity change from 0 to 128 [ 268.115688][ T26] audit: type=1326 audit(1776557467.552:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.181037][ T26] audit: type=1326 audit(1776557467.552:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.265299][ T26] audit: type=1326 audit(1776557467.552:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.308783][ T6603] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 268.342685][ T26] audit: type=1326 audit(1776557467.552:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6591 comm="syz.4.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb10ea61819 code=0x7ffc0000 [ 268.364833][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.530610][ T6584] ieee802154 phy0 wpan0: encryption failed: -22 [ 268.543431][ T26] audit: type=1800 audit(1776557468.302:57): pid=6603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.638" name="file1" dev="loop4" ino=1049014 res=0 errno=0 [ 268.562312][ T6614] netlink: 8 bytes leftover after parsing attributes in process `syz.0.642'. [ 268.564269][ C0] vkms_vblank_simulate: vblank timer overrun [ 268.855379][ T6623] overlayfs: unrecognized mount option "verity=on" or missing value [ 269.938007][ T6630] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 269.955784][ T6630] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 271.146081][ T6668] netlink: 12 bytes leftover after parsing attributes in process `syz.0.660'. [ 271.188932][ T6668] device vlan2 entered promiscuous mode [ 271.209585][ T6668] device erspan0 entered promiscuous mode [ 271.853565][ T6657] ieee802154 phy0 wpan0: encryption failed: -22 [ 273.243593][ T6685] loop3: detected capacity change from 0 to 128 [ 273.499541][ T6685] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 273.591580][ T26] audit: type=1800 audit(1776557473.342:58): pid=6685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.665" name="file1" dev="loop3" ino=1049028 res=0 errno=0 [ 273.840017][ T6697] loop4: detected capacity change from 0 to 256 [ 273.932051][ T6697] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 274.163742][ T6705] loop0: detected capacity change from 0 to 256 [ 274.216327][ T6705] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 274.444448][ T6708] loop3: detected capacity change from 0 to 16 [ 274.500994][ T6708] erofs: (device loop3): mounted with root inode @ nid 36. [ 274.587787][ T6708] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36 [ 274.630950][ T6708] erofs: (device loop3): z_erofs_lz4_decompress: failed to decompress -29 in[58, 4038] out[1851] [ 274.650896][ T26] audit: type=1800 audit(1776557474.402:59): pid=6697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.670" name="file1" dev="loop4" ino=1049029 res=0 errno=0 [ 274.710891][ T6708] erofs: (device loop3): z_erofs_readpage: failed to read, err [-117] [ 275.050256][ T26] audit: type=1800 audit(1776557474.802:60): pid=6705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.671" name="file1" dev="loop0" ino=1049030 res=0 errno=0 [ 276.506472][ T6730] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 276.524277][ T6730] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 276.844088][ T6735] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 276.878595][ T6735] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 276.912289][ T6723] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability [ 276.950007][ T6723] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16 [ 277.994971][ T6744] overlayfs: conflicting lowerdir path [ 278.156866][ T6749] loop0: detected capacity change from 0 to 128 [ 278.234590][ T6752] 9pnet: Unknown protocol version 9 [ 278.274891][ T6749] FAT-fs (loop0): Invalid FSINFO signature: 0x41000006, 0x61417272 (sector = 1) [ 285.737414][ T6835] usb usb8: usbfs: process 6835 (syz.1.708) did not claim interface 0 before use [ 286.735965][ T6838] loop1: detected capacity change from 0 to 2048 [ 287.176389][ T6840] loop0: detected capacity change from 0 to 1024 [ 288.040491][ T4177] loop1: p3 p4 < > [ 288.050008][ T4177] loop1: p3 start 263168 is beyond EOD, truncated [ 288.344739][ T6838] loop1: p3 p4 < > [ 288.348858][ T6838] loop1: p3 start 263168 is beyond EOD, truncated [ 288.642166][ T6840] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 290.112650][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 291.045917][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 291.898300][ T6879] loop4: detected capacity change from 0 to 512 [ 292.021488][ T6875] loop1: detected capacity change from 0 to 8192 [ 292.150327][ T6879] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 292.589323][ T6879] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 292.720671][ T6879] Quota error (device loop4): write_blk: dquota write failed [ 292.769315][ T6879] Quota error (device loop4): find_free_dqentry: Can't write quota data block 5 [ 292.811038][ T6879] Quota error (device loop4): write_blk: dquota write failed [ 292.852734][ T6879] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 292.958813][ T6879] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.722: Failed to acquire dquot type 1 [ 293.051037][ T6879] EXT4-fs (loop4): 1 truncate cleaned up [ 293.107590][ T6879] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000010000,resgid=0x0000000000000000,norecovery,quota,noinit_itable,abort,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 293.372311][ T6879] EXT4-fs error (device loop4): ext4_remount:6062: comm syz.4.722: Abort forced by user [ 293.433570][ T6879] EXT4-fs (loop4): re-mounted. Opts: (null). Quota mode: writeback. [ 295.935668][ T6893] ieee802154 phy0 wpan0: encryption failed: -22 [ 297.902392][ T6924] loop0: detected capacity change from 0 to 256 [ 297.941249][ T6924] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 298.016659][ T6924] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 298.626885][ T6936] loop0: detected capacity change from 0 to 2048 [ 298.800881][ T4177] loop0: p3 p4 < > [ 298.805281][ T4177] loop0: p3 start 263168 is beyond EOD, truncated [ 299.872989][ T6947] loop4: detected capacity change from 0 to 1024 [ 299.886390][ T6936] loop0: p3 p4 < > [ 299.890466][ T6936] loop0: p3 start 263168 is beyond EOD, truncated [ 300.040516][ T6947] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 300.130934][ T6952] loop0: detected capacity change from 0 to 128 [ 300.260426][ T6952] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 52) [ 300.300621][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 300.311251][ T6952] FAT-fs (loop0): Filesystem has been set read-only [ 300.345183][ T6952] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 52) [ 300.362934][ T6961] loop1: detected capacity change from 0 to 256 [ 300.384590][ T6952] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 52) [ 300.415975][ T6952] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 300.494519][ T6961] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 300.516238][ T6965] netlink: 68 bytes leftover after parsing attributes in process `syz.4.746'. [ 300.534947][ T6961] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 300.547822][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 300.569284][ T6965] netlink: 40 bytes leftover after parsing attributes in process `syz.4.746'. [ 300.572967][ T6967] loop0: detected capacity change from 0 to 512 [ 300.711534][ T6969] loop4: detected capacity change from 0 to 1024 [ 300.742684][ T6967] EXT4-fs (loop0): unsupported inode size: 0 [ 300.760478][ T6967] EXT4-fs (loop0): blocksize: 1024 [ 301.151575][ T6969] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 301.770649][ T26] audit: type=1804 audit(1776557501.512:61): pid=6969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.748" name="/newroot/163/file1/bus" dev="loop4" ino=18 res=1 errno=0 [ 302.906469][ T6989] loop1: detected capacity change from 0 to 1024 [ 302.999637][ T6989] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 303.349907][ T7001] loop1: detected capacity change from 0 to 512 [ 303.432155][ T7001] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 303.574937][ T7001] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,errors=remount-ro,grpjquota=,nodiscard,dioread_nolock,. Quota mode: writeback. [ 303.615767][ T7001] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 304.645753][ T7016] loop4: detected capacity change from 0 to 256 [ 304.667201][ T7016] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 304.713467][ T7016] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 304.804670][ T7018] device syzkaller0 entered promiscuous mode [ 306.039676][ T7055] loop3: detected capacity change from 0 to 128 [ 306.090188][ T7057] device syzkaller0 entered promiscuous mode [ 306.152140][ T7055] netlink: 20 bytes leftover after parsing attributes in process `syz.3.778'. [ 307.611605][ T7087] loop0: detected capacity change from 0 to 4096 [ 307.802083][ T7087] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback. [ 307.923498][ T26] audit: type=1800 audit(1776557507.672:62): pid=7087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.790" name="file0" dev="loop0" ino=13 res=0 errno=0 [ 308.034400][ T7101] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 310.849735][ T7142] loop0: detected capacity change from 0 to 512 [ 310.956222][ T7142] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 311.025178][ T7142] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 311.035753][ T7142] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 311.045496][ T4906] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 311.164021][ T7142] EXT4-fs (loop0): 1 truncate cleaned up [ 311.191272][ T7142] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,usrjquota="errors=remount-ro,noload,mblk_io_submit,grpjquota="errors=continue,errors=remount-ro,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 311.383545][ T4906] usb 5-1: device descriptor read/64, error -71 [ 311.520599][ T7173] autofs4:pid:7173:autofs_fill_super: called with bogus options [ 311.796324][ T4906] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 312.092448][ T4906] usb 5-1: device descriptor read/64, error -71 [ 312.305933][ T4906] usb usb5-port1: attempt power cycle [ 312.404726][ T7189] loop1: detected capacity change from 0 to 256 [ 313.842443][ T7223] loop0: detected capacity change from 0 to 512 [ 314.013471][ T7223] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.841: inode has both inline data and extents flags [ 314.059929][ T7223] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.841: couldn't read orphan inode 15 (err -117) [ 314.087951][ T7223] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 316.832027][ T7245] netlink: 'syz.3.848': attribute type 1 has an invalid length. [ 316.998698][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.005019][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.260512][ T7254] loop0: detected capacity change from 0 to 512 [ 317.337485][ T7257] loop4: detected capacity change from 0 to 512 [ 317.399604][ T7254] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 317.424351][ T7257] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 317.478505][ T7254] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 317.509943][ T7257] EXT4-fs (loop4): 1 truncate cleaned up [ 317.536999][ T7257] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,noload,lazytime,noload,resgid=0x0000000000000000,auto_da_alloc,,errors=continue. Quota mode: none. [ 317.570031][ T7254] EXT4-fs (loop0): 1 truncate cleaned up [ 317.586760][ T7254] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 318.853118][ T7316] loop4: detected capacity change from 0 to 512 [ 318.931999][ T7320] loop1: detected capacity change from 0 to 512 [ 319.055544][ T7316] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 319.070067][ T7320] EXT4-fs error (device loop1): ext4_orphan_get:1406: inode #15: comm syz.1.875: inode has both inline data and extents flags [ 319.084342][ T7316] EXT4-fs (loop4): 1 truncate cleaned up [ 319.090342][ T7316] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 319.154887][ T7320] EXT4-fs error (device loop1): ext4_orphan_get:1411: comm syz.1.875: couldn't read orphan inode 15 (err -117) [ 319.168024][ T7320] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 319.698973][ T7343] loop0: detected capacity change from 0 to 1024 [ 319.802548][ T7343] EXT4-fs (loop0): Ignoring removed orlov option [ 319.817589][ T7343] EXT4-fs (loop0): Ignoring removed nobh option [ 320.644896][ T7343] EXT4-fs (loop0): mounted filesystem without journal. Opts: data_err=ignore,errors=remount-ro,sysvgroups,nolazytime,nodioread_nolock,orlov,nogrpid,noauto_da_alloc,nobh,. Quota mode: none. [ 321.312156][ T7363] Cannot find add_set index 0 as target [ 322.018476][ T7380] loop0: detected capacity change from 0 to 512 [ 322.094639][ T7375] team0 (unregistering): Port device team_slave_0 removed [ 322.124885][ T7380] EXT4-fs (loop0): Ignoring removed bh option [ 322.212554][ T7380] EXT4-fs (loop0): mounted filesystem without journal. Opts: nouid32,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 322.244627][ T7380] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 322.270362][ T7375] team0 (unregistering): Port device team_slave_1 removed [ 322.627172][ T7393] sctp: [Deprecated]: syz.0.898 (pid 7393) Use of struct sctp_assoc_value in delayed_ack socket option. [ 322.627172][ T7393] Use struct sctp_sack_info instead [ 322.824623][ T7403] loop3: detected capacity change from 0 to 1024 [ 323.090289][ T7403] EXT4-fs (loop3): inline encryption not supported [ 323.451497][ T7403] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 323.613953][ T7403] EXT4-fs (loop3): bad geometry: bigalloc file system with non-zero first_data_block [ 323.613953][ T7403] [ 324.173403][ T7422] loop1: detected capacity change from 0 to 512 [ 324.222944][ T7422] EXT4-fs (loop1): Ignoring removed bh option [ 324.286924][ T7422] EXT4-fs (loop1): mounted filesystem without journal. Opts: nouid32,nogrpid,bh,,errors=continue. Quota mode: writeback. [ 324.319833][ T7422] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 324.763095][ T7428] team0 (unregistering): Port device team_slave_0 removed [ 324.832846][ T7428] team0 (unregistering): Port device team_slave_1 removed [ 325.211715][ T7441] loop0: detected capacity change from 0 to 8192 [ 327.374648][ T7472] loop3: detected capacity change from 0 to 1024 [ 327.478775][ T7474] team0 (unregistering): Port device team_slave_0 removed [ 327.504951][ T7474] team0 (unregistering): Port device team_slave_1 removed [ 327.513205][ T7472] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,,errors=continue. Quota mode: none. [ 327.543075][ T7472] ext4 filesystem being mounted at /163/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 327.827780][ T7488] loop4: detected capacity change from 0 to 128 [ 327.921636][ T7491] loop1: detected capacity change from 0 to 8192 [ 329.002224][ T7488] FAT-fs (loop4): FAT read failed (blocknr 128) [ 329.343691][ T7495] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 329.351694][ T7516] loop4: detected capacity change from 0 to 512 [ 329.498363][ T7516] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 329.564102][ T7516] EXT4-fs (loop4): 1 truncate cleaned up [ 329.606055][ T7516] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,noload,lazytime,noload,resgid=0x0000000000000000,auto_da_alloc,,errors=continue. Quota mode: none. [ 329.718224][ T7518] loop1: detected capacity change from 0 to 8192 [ 329.868255][ T7518] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 330.979731][ T7540] loop3: detected capacity change from 0 to 164 [ 332.324977][ T7547] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 333.011308][ T7569] netlink: 'syz.3.961': attribute type 6 has an invalid length. [ 335.086371][ T7600] device syzkaller1 entered promiscuous mode [ 335.112282][ T7589] loop1: detected capacity change from 0 to 8192 [ 335.216455][ T7602] device gretap0 entered promiscuous mode [ 335.222850][ T7602] device gretap0 left promiscuous mode [ 336.585780][ T7622] ieee802154 phy0 wpan0: encryption failed: -22 [ 337.875401][ T7644] device gretap0 entered promiscuous mode [ 337.884637][ T7644] device gretap0 left promiscuous mode [ 338.324440][ T7648] loop0: detected capacity change from 0 to 8192 [ 338.948820][ T7658] loop1: detected capacity change from 0 to 128 [ 339.085249][ T7660] loop4: detected capacity change from 0 to 256 [ 339.195259][ T7660] FAT-fs (loop4): bogus sectors per cluster 0 [ 339.204069][ T7660] FAT-fs (loop4): Can't find a valid FAT filesystem [ 340.152360][ T7674] device bridge1 entered promiscuous mode [ 341.825901][ C0] ODEBUG: Out of memory. ODEBUG disabled [ 342.687801][ T7704] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1009'. [ 345.843020][ T7750] loop0: detected capacity change from 0 to 512 [ 345.913894][ T7750] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 346.185046][ T7750] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.1025: bad orphan inode 131083 [ 346.212330][ T7750] EXT4-fs (loop0): mounted filesystem without journal. Opts: stripe=0x0000000000000004,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 346.298540][ T7740] loop1: detected capacity change from 0 to 736 [ 346.385257][ T7740] rock: directory entry would overflow storage [ 346.397799][ T7740] rock: sig=0x3b10, size=4, remaining=3 [ 350.102075][ T7790] loop1: detected capacity change from 0 to 512 [ 350.188498][ T7790] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 350.284113][ T7790] EXT4-fs error (device loop1): ext4_orphan_get:1432: comm syz.1.1038: bad orphan inode 131083 [ 350.325244][ T7790] EXT4-fs (loop1): mounted filesystem without journal. Opts: stripe=0x0000000000000004,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 353.170682][ T7828] loop3: detected capacity change from 0 to 512 [ 353.219873][ T7828] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 353.291016][ T7828] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 353.322396][ T7828] Quota error (device loop3): write_blk: dquota write failed [ 353.363195][ T7828] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 353.391153][ T7828] Quota error (device loop3): write_blk: dquota write failed [ 353.412604][ T7828] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 353.454629][ T7828] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.1051: Failed to acquire dquot type 1 [ 353.472175][ T7828] EXT4-fs (loop3): 1 truncate cleaned up [ 353.479903][ T7828] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000010000,resgid=0x0000000000000000,norecovery,quota,noinit_itable,abort,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 353.544223][ T7828] EXT4-fs error (device loop3): ext4_remount:6062: comm syz.3.1051: Abort forced by user [ 353.566706][ T7828] EXT4-fs (loop3): Remounting filesystem read-only [ 353.573321][ T7828] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: writeback. [ 354.084935][ T7841] loop1: detected capacity change from 0 to 764 [ 354.123855][ T7841] ISOFS: unable to read i-node block [ 354.152328][ T7841] isofs_fill_super: get root inode failed [ 355.286926][ T7854] loop3: detected capacity change from 0 to 512 [ 355.314618][ T7854] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 355.402116][ T7854] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1055: bad orphan inode 131083 [ 355.585684][ T7854] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000004,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 355.648850][ T7866] netlink: 'syz.1.1063': attribute type 19 has an invalid length. [ 355.913572][ T7873] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1068'. [ 358.674911][ T7894] loop0: detected capacity change from 0 to 512 [ 358.764714][ T7894] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 358.764815][ T7894] ext4 filesystem being mounted at /187/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 358.811065][ T7900] loop3: detected capacity change from 0 to 128 [ 359.067033][ T26] audit: type=1800 audit(1776557558.822:63): pid=7904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1077" name="bus" dev="loop3" ino=1049250 res=0 errno=0 [ 359.129421][ T7900] attempt to access beyond end of device [ 359.129421][ T7900] loop3: rw=2049, want=657, limit=128 [ 359.265833][ T7908] loop0: detected capacity change from 0 to 1024 [ 359.326156][ T9] attempt to access beyond end of device [ 359.326156][ T9] loop3: rw=1, want=705, limit=128 [ 359.435692][ T9] attempt to access beyond end of device [ 359.435692][ T9] loop3: rw=1, want=793, limit=128 [ 359.455595][ T9] attempt to access beyond end of device [ 359.455595][ T9] loop3: rw=1, want=865, limit=128 [ 359.479561][ T9] attempt to access beyond end of device [ 359.479561][ T9] loop3: rw=1, want=689, limit=128 [ 359.501240][ T9] attempt to access beyond end of device [ 359.501240][ T9] loop3: rw=1, want=745, limit=128 [ 359.525688][ T9] attempt to access beyond end of device [ 359.525688][ T9] loop3: rw=1, want=825, limit=128 [ 359.557188][ T7908] EXT4-fs (loop0): inline encryption not supported [ 359.595833][ T9] attempt to access beyond end of device [ 359.595833][ T9] loop3: rw=1, want=1041, limit=128 [ 359.638286][ T7908] EXT4-fs (loop0): mounted filesystem without journal. Opts: block_validity,bsddf,bsdgroups,norecovery,inlinecrypt,noinit_itable,usrquota,noauto_da_alloc,norecovery,,errors=continue. Quota mode: writeback. [ 359.708856][ T26] audit: type=1800 audit(1776557559.462:64): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1080" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 361.025398][ T7934] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 363.146050][ T4331] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 363.164952][ T4331] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 364.262070][ T7983] ieee802154 phy0 wpan0: encryption failed: -22 [ 366.274439][ T7999] loop3: detected capacity change from 0 to 512 [ 366.425263][ T7999] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 366.504292][ T7999] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 366.733385][ T7999] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1111: bad orphan inode 4 [ 366.914922][ T7999] EXT4-fs (loop3): 1 orphan inode deleted [ 367.062117][ T7999] EXT4-fs (loop3): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=ignore,acl,noload,data_err=ignore,usrjquota="init_itable=0x0000000000000601,init_itable=0x00000000000000fd,max_dir_size_kb=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 367.200796][ T7999] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #2: block 4: comm syz.3.1111: lblock 0 mapped to illegal pblock 4 (length 1) [ 367.231335][ T8010] loop0: detected capacity change from 0 to 136 [ 367.268814][ T8011] loop1: detected capacity change from 0 to 512 [ 367.461876][ T8011] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 367.506532][ T8010] Attempt to read inode for relocated directory [ 367.737304][ T8011] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 367.969893][ T8011] Quota error (device loop1): write_blk: dquota write failed [ 368.075149][ T8011] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5 [ 368.095968][ T8011] Quota error (device loop1): write_blk: dquota write failed [ 368.103488][ T8011] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 368.154804][ T8011] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.1116: Failed to acquire dquot type 1 [ 368.178380][ T8011] EXT4-fs (loop1): 1 truncate cleaned up [ 368.184079][ T8011] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000010000,resgid=0x0000000000000000,norecovery,quota,noinit_itable,abort,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 368.209070][ C0] vkms_vblank_simulate: vblank timer overrun [ 368.729460][ T8011] EXT4-fs error (device loop1): ext4_remount:6062: comm syz.1.1116: Abort forced by user [ 368.939958][ T8011] EXT4-fs (loop1): Remounting filesystem read-only [ 368.994739][ T8011] EXT4-fs (loop1): re-mounted. Opts: . Quota mode: writeback. [ 370.256497][ T8049] ieee802154 phy0 wpan0: encryption failed: -22 [ 370.712034][ T8062] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.918661][ T8062] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.177443][ T8062] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.410042][ T8062] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.650788][ T8062] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.712975][ T8062] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.853892][ T8062] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 371.976540][ T8062] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 373.040846][ T8107] loop3: detected capacity change from 0 to 512 [ 374.116985][ T8107] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 374.158782][ T8107] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 374.862611][ T8126] loop4: detected capacity change from 0 to 512 [ 375.776614][ T8138] loop0: detected capacity change from 0 to 512 [ 375.817062][ T8126] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.1152: corrupted inode contents [ 375.851011][ T8126] EXT4-fs error (device loop4): ext4_dirty_inode:6077: inode #16: comm syz.4.1152: mark_inode_dirty error [ 375.911338][ T8126] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.1152: corrupted inode contents [ 376.517780][ T8138] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 376.545585][ T8138] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 376.657404][ T8126] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.1152: mark_inode_dirty error [ 376.676937][ T8126] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.1152: corrupted inode contents [ 376.704201][ T8126] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 376.717211][ T8138] EXT4-fs error (device loop0): ext4_get_first_dir_block:3597: inode #12: comm syz.0.1161: Directory hole found for htree leaf block 0 [ 376.751779][ T8126] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.1152: corrupted inode contents [ 376.823122][ T8126] EXT4-fs error (device loop4): ext4_truncate:4286: inode #16: comm syz.4.1152: mark_inode_dirty error [ 376.885638][ T8126] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 377.108363][ T8126] EXT4-fs (loop4): 1 truncate cleaned up [ 377.169159][ T8126] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 377.469305][ T8126] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 377.588141][ T8166] loop1: detected capacity change from 0 to 512 [ 377.777469][ T26] audit: type=1800 audit(1776557577.522:65): pid=8126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1152" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 377.893555][ T8179] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 378.020037][ T8166] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 378.324422][ T8166] ext4 filesystem being mounted at /241/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 378.499287][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.505784][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.647164][ T8185] loop0: detected capacity change from 0 to 128 [ 379.887010][ T8201] device syzkaller0 entered promiscuous mode [ 379.910019][ T8203] loop4: detected capacity change from 0 to 512 [ 380.101428][ T8203] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 380.136457][ T8203] EXT4-fs (loop4): orphan cleanup on readonly fs [ 380.881743][ T8203] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -13 [ 380.906073][ T8203] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #13: comm syz.4.1181: attempt to clear invalid blocks 2 len 1 [ 380.923206][ T8219] loop3: detected capacity change from 0 to 512 [ 380.937816][ T8203] EXT4-fs (loop4): Remounting filesystem read-only [ 380.950947][ T8203] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 380.975424][ T8203] EXT4-fs (loop4): Remounting filesystem read-only [ 380.989172][ T8203] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1181: invalid indirect mapped block 1819239214 (level 0) [ 381.029981][ T8203] EXT4-fs (loop4): Remounting filesystem read-only [ 381.049571][ T8203] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1181: invalid indirect mapped block 1819239214 (level 1) [ 381.134598][ T8203] EXT4-fs (loop4): Remounting filesystem read-only [ 381.165212][ T8203] EXT4-fs (loop4): 1 truncate cleaned up [ 381.187342][ T8203] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,init_itable=0x0000000000000004,mblk_io_submit,minixdf,jqfmt=vfsv0,usrjquota=... Quota mode: writeback. [ 381.264223][ T8203] EXT4-fs (loop4): shut down requested (2) [ 383.147718][ T8274] loop1: detected capacity change from 0 to 128 [ 384.090866][ T8294] loop1: detected capacity change from 0 to 1024 [ 384.135541][ T2857] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 384.249078][ T8294] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,journal_dev=0x0000000000000007,quota,noinit_itable,resuid=0x0000000000000000,nodiscard,jqfmt=vfsv0,noinit_itable,mb_optimize_scan=0x0000000000000000,usrquota,nojournal_checksum,,errors=continue. Quota mode: writeback. [ 384.292158][ T8294] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 384.327067][ T8294] EXT4-fs (loop1): shut down requested (0) [ 384.395501][ T2857] usb 1-1: Using ep0 maxpacket: 16 [ 384.461677][ T8280] loop0: detected capacity change from 0 to 256 [ 385.383690][ T8280] FAT-fs (loop0): Directory bread(block 64) failed [ 385.422339][ T8280] FAT-fs (loop0): Directory bread(block 65) failed [ 385.464006][ T8280] FAT-fs (loop0): Directory bread(block 66) failed [ 385.499762][ T8280] FAT-fs (loop0): Directory bread(block 67) failed [ 385.522227][ T8280] FAT-fs (loop0): Directory bread(block 68) failed [ 385.595861][ T8280] FAT-fs (loop0): Directory bread(block 69) failed [ 385.649888][ T8280] FAT-fs (loop0): Directory bread(block 70) failed [ 385.651793][ T8325] loop4: detected capacity change from 0 to 128 [ 385.661703][ T8323] loop3: detected capacity change from 0 to 512 [ 385.684584][ T8280] FAT-fs (loop0): Directory bread(block 71) failed [ 385.699467][ T8280] FAT-fs (loop0): Directory bread(block 72) failed [ 385.713687][ T8280] FAT-fs (loop0): Directory bread(block 73) failed [ 385.815158][ T8323] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 385.846324][ T2857] usb 1-1: unable to get BOS descriptor or descriptor too short [ 385.860015][ T2857] usb 1-1: no configurations [ 385.893753][ T2857] usb 1-1: can't read configurations, error -22 [ 385.911181][ T8323] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 386.033020][ T8323] EXT4-fs error (device loop3): ext4_get_first_dir_block:3597: inode #12: comm syz.3.1227: Directory hole found for htree leaf block 0 [ 386.452564][ T8338] autofs4:pid:8338:autofs_fill_super: called with bogus options [ 387.959063][ T8364] loop0: detected capacity change from 0 to 128 [ 388.034717][ T8364] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 388.045907][ T8364] ext4 filesystem being mounted at /219/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 388.110360][ T8364] Invalid argument reading file caps for ./file0 [ 388.284638][ T8370] loop0: detected capacity change from 0 to 764 [ 388.325519][ T8370] Symlink component flag not implemented [ 388.339031][ T8370] Symlink component flag not implemented (101) [ 388.587148][ T8331] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 388.636325][ T8331] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 389.243140][ T8331] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.257772][ T8331] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.269270][ T8331] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 389.281669][ T8331] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 390.456110][ T8404] loop3: detected capacity change from 0 to 1024 [ 390.633717][ T8404] EXT4-fs (loop3): Ignoring removed bh option [ 390.872880][ T8404] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none. [ 391.246943][ T8417] loop3: detected capacity change from 0 to 512 [ 391.473177][ T8417] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 391.522561][ T8427] loop4: detected capacity change from 0 to 512 [ 391.530727][ T8417] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 392.243395][ T8427] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 392.252204][ T8427] EXT4-fs (loop4): bad geometry: block count 4294967295 exceeds size of device (256 blocks) [ 394.694185][ T8465] loop3: detected capacity change from 0 to 1024 [ 394.892020][ T8465] EXT4-fs error (device loop3): ext4_map_blocks:741: inode #3: block 1: comm syz.3.1280: lblock 1 mapped to illegal pblock 1 (length 1) [ 394.981030][ T8465] Quota error (device loop3): write_blk: dquota write failed [ 395.035448][ T8465] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 395.103177][ T8465] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.1280: Failed to acquire dquot type 0 [ 395.315509][ T8465] EXT4-fs error (device loop3): ext4_free_blocks:6231: comm syz.3.1280: Freeing blocks not in datazone - block = 0, count = 4096 [ 395.541241][ T8465] EXT4-fs error (device loop3): ext4_read_inode_bitmap:140: comm syz.3.1280: Invalid inode bitmap blk 0 in block_group 0 [ 395.582607][ T9] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 395.648832][ T8465] EXT4-fs error (device loop3) in ext4_free_inode:362: Corrupt filesystem [ 395.674892][ T9] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 395.701982][ T8465] EXT4-fs (loop3): 1 orphan inode deleted [ 395.780095][ T9] EXT4-fs error (device loop3): ext4_release_dquot:6272: comm kworker/u4:0: Failed to release dquot type 0 [ 395.794035][ T8465] EXT4-fs (loop3): mounted filesystem without journal. Opts: ; ,errors=continue. Quota mode: writeback. [ 396.026160][ T4253] EXT4-fs error (device loop3): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:6: lblock 1 mapped to illegal pblock 1 (length 1) [ 396.929229][ T8511] loop1: detected capacity change from 0 to 2048 [ 396.976954][ T4253] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 397.015382][ T4253] EXT4-fs error (device loop3): ext4_release_dquot:6272: comm kworker/u4:6: Failed to release dquot type 0 [ 397.561325][ T8518] loop4: detected capacity change from 0 to 8192 [ 398.103857][ T8511] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,init_itable,noblock_validity,,errors=continue. Quota mode: none. [ 398.145131][ T8511] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 398.217317][ T8540] bridge0: port 1(bridge_slave_0) entered forwarding state [ 399.849194][ T8568] autofs4:pid:8568:autofs_fill_super: called with bogus options [ 400.048831][ T8568] batman_adv: batadv0: Adding interface: dummy0 [ 400.055208][ T8568] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 400.080447][ C1] vkms_vblank_simulate: vblank timer overrun [ 400.087298][ T8568] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active [ 400.114950][ T8575] bridge0: port 3(syz_tun) entered blocking state [ 400.148132][ T8575] bridge0: port 3(syz_tun) entered disabled state [ 400.189342][ T8575] device syz_tun entered promiscuous mode [ 400.211511][ T8584] loop4: detected capacity change from 0 to 2048 [ 400.218742][ T8575] bridge0: port 3(syz_tun) entered blocking state [ 400.225786][ T8575] bridge0: port 3(syz_tun) entered forwarding state [ 400.243530][ T8578] netlink: 'syz.3.1319': attribute type 10 has an invalid length. [ 400.274756][ T8578] bridge0: port 3(syz_tun) entered disabled state [ 400.281536][ T8578] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.288811][ T8578] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.309945][ T8578] bridge0: port 3(syz_tun) entered blocking state [ 400.316483][ T8578] bridge0: port 3(syz_tun) entered forwarding state [ 400.323301][ T8578] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.330450][ T8578] bridge0: port 2(bridge_slave_1) entered forwarding state [ 400.337839][ T8578] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.344936][ T8578] bridge0: port 1(bridge_slave_0) entered forwarding state [ 400.372485][ T8578] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 400.391649][ T8580] netem: change failed [ 400.422780][ T8584] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,init_itable,noblock_validity,,errors=continue. Quota mode: none. [ 401.227926][ T8584] ext4 filesystem being mounted at /278/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 401.291671][ T8604] device bridge0 entered promiscuous mode [ 401.458013][ T8604] device macvlan2 entered promiscuous mode [ 401.973310][ T8609] loop3: detected capacity change from 0 to 2048 [ 402.055024][ T8620] loop0: detected capacity change from 0 to 1024 [ 402.130478][ T8620] EXT4-fs (loop0): Ignoring removed bh option [ 402.228283][ T8627] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1339'. [ 402.250940][ T8620] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none. [ 402.332899][ T8620] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 403.951342][ T8652] 9pnet: Insufficient options for proto=fd [ 404.316880][ T8660] loop3: detected capacity change from 0 to 2048 [ 404.601854][ T8660] EXT4-fs (loop3): mounted filesystem without journal. Opts: i_version,init_itable,noblock_validity,,errors=continue. Quota mode: none. [ 404.769367][ T8660] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 405.856268][ T8687] tipc: Started in network mode [ 405.863483][ T8687] tipc: Node identity 7a89e330d4f7, cluster identity 4711 [ 405.929919][ T8687] tipc: Enabled bearer , priority 0 [ 405.937738][ T8690] tipc: Failed to remove unknown binding: 66,0,0/0:1822390556/1822390557 [ 405.965927][ T8691] device syzkaller0 entered promiscuous mode [ 405.973327][ T8690] tipc: Failed to remove unknown binding: 66,0,0/0:1822390556/1822390557 [ 406.067952][ T8687] tipc: Resetting bearer [ 406.090896][ T8687] tipc: Disabling bearer [ 406.126680][ T8690] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 407.677757][ T8731] loop1: detected capacity change from 0 to 512 [ 407.762501][ T8731] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 407.832022][ T8731] EXT4-fs (loop1): shut down requested (2) [ 407.958189][ T8737] loop0: detected capacity change from 0 to 736 [ 409.003930][ T8749] loop1: detected capacity change from 0 to 512 [ 409.101738][ T8749] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 409.302203][ T8749] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 409.471750][ T8749] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.1383: bg 0: block 248: padding at end of block bitmap is not set [ 409.624436][ T8749] Quota error (device loop1): write_blk: dquota write failed [ 409.693115][ T8749] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 409.785447][ T8749] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.1383: Failed to acquire dquot type 1 [ 409.792302][ T8775] loop4: detected capacity change from 0 to 512 [ 409.840889][ T8779] loop3: detected capacity change from 0 to 512 [ 409.841766][ T8749] EXT4-fs (loop1): 1 truncate cleaned up [ 409.866225][ T4957] kernel write not supported for file bpf-prog (pid: 4957 comm: kworker/0:14) [ 409.877425][ T8749] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 409.908778][ T8775] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 409.925124][ T8775] ext4 filesystem being mounted at /290/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 409.952377][ T8749] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5 [ 409.968162][ T8779] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 409.988284][ T8749] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota [ 409.998963][ T8749] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.1383: Failed to acquire dquot type 1 [ 410.184394][ T8779] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 410.566701][ T8779] Quota error (device loop3): write_blk: dquota write failed [ 410.590946][ T8779] Quota error (device loop3): find_free_dqentry: Can't write quota data block 5 [ 410.695646][ T8779] Quota error (device loop3): write_blk: dquota write failed [ 410.745162][ T8779] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 411.925492][ T8779] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.1395: Failed to acquire dquot type 1 [ 412.016237][ T8779] EXT4-fs (loop3): 1 truncate cleaned up [ 412.021927][ T8779] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000010000,resgid=0x0000000000000000,norecovery,quota,noinit_itable,abort,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 412.062291][ T8804] loop1: detected capacity change from 0 to 128 [ 412.189156][ T8804] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 412.260600][ T8804] ext4 filesystem being mounted at /276/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 412.356224][ T8779] EXT4-fs error (device loop3): ext4_remount:6062: comm syz.3.1395: Abort forced by user [ 412.380853][ T8779] EXT4-fs (loop3): Remounting filesystem read-only [ 412.400497][ T8779] EXT4-fs (loop3): re-mounted. Opts: . Quota mode: writeback. [ 412.504746][ T8804] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 18: comm syz.1.1400: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1 [ 412.570967][ T8804] EXT4-fs error (device loop1) in do_split:2095: Corrupt filesystem [ 412.985297][ T8812] loop0: detected capacity change from 0 to 128 [ 413.183538][ T8812] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 413.366938][ T8812] ext4 filesystem being mounted at /265/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 413.398692][ C1] vkms_vblank_simulate: vblank timer overrun [ 413.745080][ T8816] loop1: detected capacity change from 0 to 1024 [ 413.822989][ T8821] loop4: detected capacity change from 0 to 4096 [ 413.880975][ T8816] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 413.904192][ T8816] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945) [ 413.956704][ T8816] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 413.975565][ T8821] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback. [ 414.000707][ T8816] EXT4-fs (loop1): orphan cleanup on readonly fs [ 414.010885][ T8829] sg_write: data in/out 439260/178 bytes for SCSI command 0x0-- guessing data in; [ 414.010885][ T8829] program syz.0.1406 not setting count and/or reply_len properly [ 414.018783][ T8816] EXT4-fs warning (device loop1): ext4_enable_quotas:6488: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 414.090529][ T8816] EXT4-fs (loop1): Cannot turn on quotas: error -22 [ 414.098082][ T8816] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.1402: Inode bitmap for bg 0 marked uninitialized [ 414.116265][ T8816] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000006,jqfmt=vfsv1,,errors=continue. Quota mode: writeback. [ 414.134098][ T26] audit: type=1800 audit(1776557613.882:66): pid=8821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1405" name="file0" dev="loop4" ino=13 res=0 errno=0 [ 414.269837][ T8837] loop3: detected capacity change from 0 to 128 [ 414.297725][ T8837] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 414.317972][ T8837] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 414.655132][ T26] audit: type=1326 audit(1776557614.402:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c9b04819 code=0x7ffc0000 [ 415.518784][ T26] audit: type=1326 audit(1776557614.432:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f85c9ac0c6c code=0x7ffc0000 [ 415.666531][ T26] audit: type=1326 audit(1776557614.432:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f85c9ac0cce code=0x7ffc0000 [ 415.745560][ T26] audit: type=1326 audit(1776557614.432:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f85c9b044ab code=0x7ffc0000 [ 415.791577][ T26] audit: type=1326 audit(1776557614.432:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f85c9b04819 code=0x7ffc0000 [ 415.813870][ C1] vkms_vblank_simulate: vblank timer overrun [ 415.932588][ T26] audit: type=1326 audit(1776557614.432:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f85c9b04819 code=0x7ffc0000 [ 416.038682][ T26] audit: type=1326 audit(1776557614.432:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f85c9b04819 code=0x7ffc0000 [ 416.060892][ C1] vkms_vblank_simulate: vblank timer overrun [ 416.255978][ T26] audit: type=1326 audit(1776557614.432:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8850 comm="syz.3.1419" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f85c9b04819 code=0x7ffc0000 [ 416.278173][ C1] vkms_vblank_simulate: vblank timer overrun [ 418.133254][ T8928] autofs4:pid:8928:autofs_fill_super: called with bogus options [ 418.368091][ T8925] bond1: (slave veth3): Enslaving as an active interface with an up link [ 418.378507][ T8931] loop1: detected capacity change from 0 to 512 [ 418.406247][ T8931] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 418.541220][ T8931] EXT4-fs (loop1): orphan file too big: 4294967295 [ 418.561221][ T8935] device syzkaller0 entered promiscuous mode [ 418.567602][ T8936] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 418.606247][ T8931] EXT4-fs (loop1): mount failed [ 419.588746][ T8946] loop4: detected capacity change from 0 to 128 [ 419.599111][ T8947] loop3: detected capacity change from 0 to 512 [ 419.656395][ T8946] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 419.706683][ T8947] EXT4-fs (loop3): 1 truncate cleaned up [ 419.712414][ T8947] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,jqfmt=vfsv1,nojournal_checksum,stripe=0x0000000000000000,usrjquota=,,errors=continue. Quota mode: none. [ 419.804624][ T8946] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 421.666238][ T8982] sg_write: data in/out 447452/210 bytes for SCSI command 0x0-- guessing data in; [ 421.666238][ T8982] program syz.4.1467 not setting count and/or reply_len properly [ 422.703583][ T9000] loop4: detected capacity change from 0 to 512 [ 422.708845][ T8998] autofs4:pid:8998:autofs_fill_super: called with bogus options [ 422.764176][ T8992] loop1: detected capacity change from 0 to 8192 [ 422.815912][ T9000] EXT4-fs (loop4): 1 truncate cleaned up [ 422.821592][ T9000] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,abort,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none. [ 422.845024][ T9000] EXT4-fs (loop4): shut down requested (2) [ 424.759187][ T9021] loop1: detected capacity change from 0 to 512 [ 424.990593][ T9021] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 425.103376][ T9021] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters [ 425.215129][ T9021] Quota error (device loop1): write_blk: dquota write failed [ 425.227776][ T9041] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1488'. [ 425.237135][ T9041] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1488'. [ 425.246640][ T9041] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1488'. [ 425.255790][ T9041] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1488'. [ 425.285878][ T9021] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5 [ 425.335480][ T9021] Quota error (device loop1): write_blk: dquota write failed [ 425.343023][ T9021] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 425.415568][ T9021] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.1481: Failed to acquire dquot type 1 [ 425.455608][ T9021] EXT4-fs (loop1): 1 truncate cleaned up [ 425.477101][ T9021] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,inode_readahead_blks=0x0000000000200000,resgid=0x0000000000000000,norecovery,quota,resuid=0x0000000000000000,sysvgroups,resgid=0x00000000000000002,errors=continue. Quota mode: writeback. [ 425.588363][ T9021] EXT4-fs (loop1): re-mounted. Opts: grpjquota=,inode_readahead_blks=0x0000000000020000,nogrpid,user_xattr,. Quota mode: writeback. [ 425.930085][ T9070] netlink: 'syz.3.1499': attribute type 13 has an invalid length. [ 425.975775][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1499'. [ 426.152317][ T9070] bond0: option fail_over_mac: unable to set because the bond device has slaves [ 426.301544][ T9084] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1501'. [ 426.940701][ T9093] loop4: detected capacity change from 0 to 1024 [ 427.061311][ T9105] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 427.136196][ T9105] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready [ 427.185891][ T9105] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 427.193447][ T9105] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 427.307205][ T9105] device bridge_slave_0 left promiscuous mode [ 427.345244][ T9105] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.413768][ T9105] device bridge_slave_1 left promiscuous mode [ 427.442894][ T9105] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.459181][ T9105] bond0: (slave bond_slave_0): Releasing backup interface [ 427.500953][ T9105] bond0: (slave bond_slave_1): Releasing backup interface [ 427.518145][ T9105] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 427.533285][ T9105] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 427.544820][ T9105] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 427.558634][ T9105] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 427.602239][ T9118] netlink: 'syz.4.1513': attribute type 10 has an invalid length. [ 427.612728][ T9118] 8021q: adding VLAN 0 to HW filter on device team0 [ 427.621186][ T9118] bond0: (slave team0): Enslaving as an active interface with an up link [ 427.721189][ T9136] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1519'. [ 427.754634][ T9142] loop3: detected capacity change from 0 to 128 [ 427.886707][ T9142] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 428.004631][ T9142] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 428.185623][ T26] audit: type=1800 audit(1776557627.912:75): pid=9142 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1521" name="file1" dev="loop3" ino=1049321 res=0 errno=0 [ 428.377092][ T9] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 428.479271][ T9166] bond0: (slave team0): Releasing backup interface [ 428.496011][ T9166] batman_adv: batadv0: Removing interface: dummy0 [ 428.510769][ T9166] device bridge_slave_0 left promiscuous mode [ 428.520173][ T9166] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.531382][ T9161] loop3: detected capacity change from 0 to 512 [ 428.548456][ T9166] device bridge_slave_1 left promiscuous mode [ 428.568895][ T9166] bridge0: port 2(bridge_slave_1) entered disabled state [ 428.594987][ T9170] loop4: detected capacity change from 0 to 512 [ 428.622259][ T9166] bond0: (slave bond_slave_0): Releasing backup interface [ 428.631766][ T9166] bond0: (slave bond_slave_1): Releasing backup interface [ 428.661385][ T9166] team0: Port device team_slave_0 removed [ 428.669016][ T9166] team0: Port device team_slave_1 removed [ 428.675777][ T9166] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 428.683633][ T9166] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 428.701587][ T9172] netlink: 'syz.1.1532': attribute type 10 has an invalid length. [ 428.782589][ T9170] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 428.825875][ T9170] ext4 filesystem being mounted at /324/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 428.979895][ T9166] team0: Mode changed to "loadbalance" [ 428.990151][ T9166] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1530'. [ 429.966251][ T9200] program syz.3.1541 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 430.092213][ T9216] netlink: 'syz.2.1545': attribute type 10 has an invalid length. [ 430.230485][ T9226] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1552'. [ 430.246069][ T9226] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1552'. [ 431.624522][ T9251] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1560'. [ 432.016991][ T9266] device bridge_slave_0 left promiscuous mode [ 432.023244][ T9266] bridge0: port 1(bridge_slave_0) entered disabled state [ 432.023471][ T9255] loop0: detected capacity change from 0 to 8192 [ 432.531909][ T9274] loop1: detected capacity change from 0 to 512 [ 432.537575][ T9276] loop3: detected capacity change from 0 to 128 [ 432.553312][ T9266] device bridge_slave_1 left promiscuous mode [ 432.553638][ T9255] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 432.576792][ T9266] bridge0: port 2(bridge_slave_1) entered disabled state [ 432.694190][ T9266] bond0: (slave bond_slave_0): Releasing backup interface [ 432.727557][ T9266] bond0: (slave bond_slave_1): Releasing backup interface [ 432.741835][ T9274] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 432.754075][ T9274] ext4 filesystem being mounted at /305/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 432.775058][ T9266] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 432.804990][ T9266] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 432.896116][ T9291] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1575'. [ 432.932719][ T9291] bridge0: port 2(bridge_slave_1) entered disabled state [ 433.019125][ T9266] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1569'. [ 433.279255][ T9304] IPVS: wlc: UDP 224.0.0.2:0 - no destination available [ 434.149558][ T9319] device bond2 entered promiscuous mode [ 434.295785][ T9330] kernel read not supported for file /eth0 (pid: 9330 comm: syz.3.1591) [ 434.311460][ T26] audit: type=1800 audit(1776557634.062:76): pid=9330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1591" name="eth0" dev="mqueue" ino=48632 res=0 errno=0 [ 434.613764][ T9336] loop1: detected capacity change from 0 to 8192 [ 434.643291][ T9336] attempt to access beyond end of device [ 434.643291][ T9336] loop1: rw=0, want=57848, limit=8192 [ 434.677779][ T9336] Buffer I/O error on dev loop1, logical block 57847, async page read [ 434.729100][ T9336] attempt to access beyond end of device [ 434.729100][ T9336] loop1: rw=0, want=57848, limit=8192 [ 434.765410][ T9336] Buffer I/O error on dev loop1, logical block 57847, async page read [ 434.781633][ T26] audit: type=1800 audit(1776557634.532:77): pid=9336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1593" name="file2" dev="loop1" ino=1049363 res=0 errno=0 [ 435.591356][ T9351] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 435.642478][ T9351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 435.763363][ T9351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 435.973694][ T9351] device bridge_slave_0 left promiscuous mode [ 436.131644][ T9351] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.206390][ T9353] loop0: detected capacity change from 0 to 512 [ 436.327989][ T9351] device bridge_slave_1 left promiscuous mode [ 436.370407][ T9351] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.410990][ T9351] bond0: (slave bond_slave_0): Releasing backup interface [ 436.453764][ T9351] bond0: (slave bond_slave_1): Releasing backup interface [ 436.454818][ T9364] loop4: detected capacity change from 0 to 128 [ 436.546329][ T9364] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 436.549932][ T9353] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 436.565527][ T9364] ext4 filesystem being mounted at /331/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 436.702873][ T9353] ext4 filesystem being mounted at /301/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 436.789779][ T9351] team0: Port device team_slave_0 removed [ 436.898316][ T9351] team0: Port device team_slave_1 removed [ 436.940123][ T9351] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 436.970319][ T9351] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 436.986798][ T9351] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 436.994252][ T9351] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 437.021167][ T9353] team0: Mode changed to "loadbalance" [ 437.072370][ T9357] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1598'. [ 437.203641][ T26] audit: type=1326 audit(1776557636.952:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9378 comm="syz.2.1609" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f69cb55e819 code=0x7ffc0000 [ 437.322579][ T9387] loop1: detected capacity change from 0 to 4096 [ 437.472058][ T9387] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 437.585118][ T9397] loop4: detected capacity change from 0 to 128 [ 438.158889][ T9351] syz.0.1598 (9351) used greatest stack depth: 20368 bytes left [ 438.167826][ T26] audit: type=1800 audit(1776557637.912:79): pid=9398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1614" name="bus" dev="loop4" ino=1049390 res=0 errno=0 [ 438.374064][ T9404] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1616'. [ 438.811877][ T9432] loop0: detected capacity change from 0 to 512 [ 438.917688][ T9432] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 439.297386][ T9449] x_tables: ip_tables: icmp match: only valid for protocol 1 [ 439.433102][ T9455] loop0: detected capacity change from 0 to 512 [ 439.567271][ T9455] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 439.634786][ T9455] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 439.671192][ T9455] System zones: 0-1, 15-15, 18-18, 34-34 [ 439.692974][ T9455] EXT4-fs (loop0): orphan cleanup on readonly fs [ 439.733435][ T9455] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0 [ 439.755415][ T9455] EXT4-fs warning (device loop0): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 439.788345][ T9455] EXT4-fs (loop0): Cannot turn on quotas: error -22 [ 439.816020][ T9455] EXT4-fs (loop0): 1 truncate cleaned up [ 439.822122][ T9455] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000008,,errors=continue. Quota mode: writeback. [ 439.869034][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.875411][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 439.936836][ T9472] loop4: detected capacity change from 0 to 136 [ 440.241783][ T9482] loop0: detected capacity change from 0 to 128 [ 440.459390][ T9482] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 440.989217][ T9490] loop1: detected capacity change from 0 to 4096 [ 441.093545][ T9490] EXT4-fs (loop1): Invalid log block size: 16711682 [ 441.577232][ T9504] loop0: detected capacity change from 0 to 512 [ 441.648404][ T9504] EXT4-fs (loop0): Ignoring removed nobh option [ 441.736225][ T9504] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,nobh,,errors=continue. Quota mode: writeback. [ 441.781433][ T9504] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 442.045279][ T26] audit: type=1800 audit(1776557641.792:80): pid=9504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1658" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 442.122342][ T26] audit: type=1804 audit(1776557641.822:81): pid=9504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1658" name="/newroot/310/file1/file1" dev="loop0" ino=15 res=1 errno=0 [ 442.181285][ T4184] EXT4-fs error (device loop0): ext4_readdir:263: inode #2: block 3: comm syz-executor: path /310/file1: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0 [ 442.275364][ T4184] EXT4-fs warning (device loop0): __ext4_unlink:3335: inode #15: comm syz-executor: Deleting file 'file1' with no links [ 442.602529][ T1278] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.773561][ T1278] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.920828][ T1278] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 443.118261][ T1278] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.045175][ T9566] loop1: detected capacity change from 0 to 512 [ 444.153798][ T9566] EXT4-fs (loop1): Ignoring removed nobh option [ 444.211530][ T9566] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 444.411004][ T9547] chnl_net:caif_netlink_parms(): no params data found [ 444.493632][ T9566] EXT4-fs (loop1): 1 truncate cleaned up [ 444.547446][ T9566] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nobh,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,max_batch_time=0x0000000000000007,dioread_lock,. Quota mode: none. [ 444.801586][ T9603] loop1: detected capacity change from 0 to 128 [ 444.771557][ T9547] bridge0: port 1(bridge_slave_0) entered blocking state [ 444.831906][ T9547] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.846905][ T9547] device bridge_slave_0 entered promiscuous mode [ 444.898677][ T9547] bridge0: port 2(bridge_slave_1) entered blocking state [ 444.951602][ T9547] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.982480][ T9547] device bridge_slave_1 entered promiscuous mode [ 445.190438][ T9547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.221939][ T9547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.350612][ T9547] team0: Port device team_slave_0 added [ 445.608336][ T9547] team0: Port device team_slave_1 added [ 445.705646][ T7] Bluetooth: hci0: command 0x0409 tx timeout [ 445.818989][ T1278] device hsr_slave_0 left promiscuous mode [ 445.855993][ T1278] device hsr_slave_1 left promiscuous mode [ 446.155880][ T1278] device veth1_macvtap left promiscuous mode [ 446.162484][ T1278] device veth0_macvtap left promiscuous mode [ 446.189767][ T1278] device veth1_vlan left promiscuous mode [ 446.209436][ T1278] device veth0_vlan left promiscuous mode [ 446.362692][ T9654] IPVS: set_ctl: invalid protocol: 190 100.1.1.1:0 [ 446.898827][ T1278] bond0 (unregistering): Released all slaves [ 446.968746][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 446.975982][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.002833][ T9547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 447.014104][ T9644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1699'. [ 447.053980][ T9547] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 447.088111][ T9547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 447.118010][ T9660] program syz.1.1705 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 447.161462][ T9547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 447.216729][ T9661] [ 447.219094][ T9661] ====================================================== [ 447.226107][ T9661] WARNING: possible circular locking dependency detected [ 447.233133][ T9661] syzkaller #0 Not tainted [ 447.237545][ T9661] ------------------------------------------------------ [ 447.244556][ T9661] syz.2.1707/9661 is trying to acquire lock: [ 447.250532][ T9661] ffff888079f31f98 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0xfa/0x210 [ 447.261954][ T9661] [ 447.261954][ T9661] but task is already holding lock: [ 447.269311][ T9661] ffff888079f30c60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530 [ 447.278298][ T9661] [ 447.278298][ T9661] which lock already depends on the new lock. [ 447.278298][ T9661] [ 447.288695][ T9661] [ 447.288695][ T9661] the existing dependency chain (in reverse order) is: [ 447.297705][ T9661] [ 447.297705][ T9661] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 447.305450][ T9661] lock_sock_nested+0x44/0x100 [ 447.310743][ T9661] smc_listen_out+0x109/0x3d0 [ 447.315947][ T9661] smc_listen_work+0x526/0xd00 [ 447.321237][ T9661] process_one_work+0x85f/0x1010 [ 447.326689][ T9661] worker_thread+0xaa6/0x1290 [ 447.331891][ T9661] kthread+0x436/0x520 [ 447.336481][ T9661] ret_from_fork+0x1f/0x30 [ 447.341433][ T9661] [ 447.341433][ T9661] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 447.351597][ T9661] __lock_acquire+0x2c42/0x7d10 [ 447.356974][ T9661] lock_acquire+0x19e/0x400 [ 447.362020][ T9661] __flush_work+0x116/0x210 [ 447.367048][ T9661] __cancel_work_timer+0x3f4/0x560 [ 447.372687][ T9661] smc_clcsock_release+0x5c/0xe0 [ 447.378151][ T9661] __smc_release+0x661/0x7d0 [ 447.383270][ T9661] smc_close_non_accepted+0xd1/0x1f0 [ 447.389080][ T9661] smc_close_active+0xb00/0xea0 [ 447.394457][ T9661] __smc_release+0x8d/0x7d0 [ 447.399490][ T9661] smc_release+0x2ca/0x530 [ 447.404430][ T9661] sock_close+0xd5/0x240 [ 447.409210][ T9661] __fput+0x234/0x930 [ 447.413717][ T9661] task_work_run+0x125/0x1a0 [ 447.418831][ T9661] exit_to_user_mode_loop+0x10f/0x130 [ 447.424723][ T9661] exit_to_user_mode_prepare+0xee/0x180 [ 447.430791][ T9661] syscall_exit_to_user_mode+0x16/0x40 [ 447.436782][ T9661] do_syscall_64+0x58/0xa0 [ 447.441715][ T9661] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 447.448127][ T9661] [ 447.448127][ T9661] other info that might help us debug this: [ 447.448127][ T9661] [ 447.458357][ T9661] Possible unsafe locking scenario: [ 447.458357][ T9661] [ 447.465806][ T9661] CPU0 CPU1 [ 447.471259][ T9661] ---- ---- [ 447.476619][ T9661] lock(sk_lock-AF_SMC/1); [ 447.481129][ T9661] lock((work_completion)(&new_smc->smc_listen_work)); [ 447.490586][ T9661] lock(sk_lock-AF_SMC/1); [ 447.497708][ T9661] lock((work_completion)(&new_smc->smc_listen_work)); [ 447.504640][ T9661] [ 447.504640][ T9661] *** DEADLOCK *** [ 447.504640][ T9661] [ 447.512860][ T9661] 2 locks held by syz.2.1707/9661: [ 447.517964][ T9661] #0: ffff88805d904410 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x90/0x240 [ 447.528277][ T9661] #1: ffff888079f30c60 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530 [ 447.537698][ T9661] [ 447.537698][ T9661] stack backtrace: [ 447.543609][ T9661] CPU: 0 PID: 9661 Comm: syz.2.1707 Not tainted syzkaller #0 [ 447.550979][ T9661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 447.561048][ T9661] Call Trace: [ 447.564325][ T9661] [ 447.567249][ T9661] dump_stack_lvl+0x188/0x250 [ 447.571930][ T9661] ? load_image+0x400/0x400 [ 447.576429][ T9661] ? show_regs_print_info+0x20/0x20 [ 447.581630][ T9661] ? print_circular_bug+0x12b/0x1a0 [ 447.586834][ T9661] check_noncircular+0x296/0x330 [ 447.591778][ T9661] ? look_up_lock_class+0x71/0x110 [ 447.596897][ T9661] ? add_chain_block+0x940/0x940 [ 447.601837][ T9661] ? lockdep_lock+0xf1/0x1f0 [ 447.606436][ T9661] ? rcu_is_watching+0x11/0xa0 [ 447.611211][ T9661] ? mark_lock+0x94/0x320 [ 447.615540][ T9661] __lock_acquire+0x2c42/0x7d10 [ 447.620390][ T9661] ? deref_stack_reg+0xd0/0x120 [ 447.625262][ T9661] ? __bfs+0x2a3/0x5c0 [ 447.629329][ T9661] ? verify_lock_unused+0x140/0x140 [ 447.634528][ T9661] ? mark_lock+0x94/0x320 [ 447.638860][ T9661] ? __lock_acquire+0x13bc/0x7d10 [ 447.643884][ T9661] ? lockdep_lock+0xf1/0x1f0 [ 447.648479][ T9661] lock_acquire+0x19e/0x400 [ 447.652977][ T9661] ? __flush_work+0xfa/0x210 [ 447.657567][ T9661] ? verify_lock_unused+0x140/0x140 [ 447.662767][ T9661] ? read_lock_is_recursive+0x10/0x10 [ 447.668148][ T9661] __flush_work+0x116/0x210 [ 447.672644][ T9661] ? __flush_work+0xfa/0x210 [ 447.677229][ T9661] ? flush_work+0x20/0x20 [ 447.681564][ T9661] ? try_to_grab_pending+0xfa/0x7f0 [ 447.686758][ T9661] ? mark_lock+0x94/0x320 [ 447.691211][ T9661] ? lockdep_hardirqs_on_prepare+0x409/0x770 [ 447.697196][ T9661] ? lock_chain_count+0x20/0x20 [ 447.702047][ T9661] ? __cancel_work_timer+0x36a/0x560 [ 447.707333][ T9661] __cancel_work_timer+0x3f4/0x560 [ 447.712449][ T9661] ? cancel_work_sync+0x20/0x20 [ 447.717302][ T9661] ? __local_bh_enable_ip+0x136/0x1c0 [ 447.722673][ T9661] ? lockdep_hardirqs_on+0x94/0x140 [ 447.727877][ T9661] ? __local_bh_enable_ip+0x136/0x1c0 [ 447.733248][ T9661] ? _local_bh_enable+0xa0/0xa0 [ 447.738104][ T9661] smc_clcsock_release+0x5c/0xe0 [ 447.743043][ T9661] __smc_release+0x661/0x7d0 [ 447.747640][ T9661] ? do_raw_spin_unlock+0x11d/0x230 [ 447.752838][ T9661] smc_close_non_accepted+0xd1/0x1f0 [ 447.758130][ T9661] smc_close_active+0xb00/0xea0 [ 447.762980][ T9661] ? sock_no_sendpage_locked+0x1a0/0x1a0 [ 447.768619][ T9661] __smc_release+0x8d/0x7d0 [ 447.773123][ T9661] ? do_raw_spin_unlock+0x11d/0x230 [ 447.778326][ T9661] smc_release+0x2ca/0x530 [ 447.782748][ T9661] sock_close+0xd5/0x240 [ 447.786989][ T9661] ? sock_mmap+0x90/0x90 [ 447.791231][ T9661] __fput+0x234/0x930 [ 447.795225][ T9661] task_work_run+0x125/0x1a0 [ 447.799826][ T9661] exit_to_user_mode_loop+0x10f/0x130 [ 447.805206][ T9661] exit_to_user_mode_prepare+0xee/0x180 [ 447.810759][ T9661] syscall_exit_to_user_mode+0x16/0x40 [ 447.816232][ T9661] do_syscall_64+0x58/0xa0 [ 447.820656][ T9661] ? clear_bhb_loop+0x30/0x80 [ 447.825339][ T9661] ? clear_bhb_loop+0x30/0x80 [ 447.830037][ T9661] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 447.830076][ T9661] RIP: 0033:0x7f69cb55e819 [ 447.830092][ T9661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 447.830111][ T9661] RSP: 002b:00007ffcb0e53418 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 447.830130][ T9661] RAX: 0000000000000000 RBX: 00007f69cb7d9da0 RCX: 00007f69cb55e819 [ 447.830141][ T9661] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 447.830150][ T9661] RBP: 00007f69cb7d9da0 R08: 00007f69cb7d8038 R09: 0000000000000000 [ 447.830161][ T9661] R10: 00000000003ffd60 R11: 0000000000000246 R12: 000000000006d595 [ 447.830173][ T9661] R13: 00007f69cb7d7fac R14: 000000000006d28a R15: 00007ffcb0e53520 [ 447.830189][ T9661] [ 447.838189][ T4228] Bluetooth: hci0: command 0x041b tx timeout [ 447.839632][ T9547] device hsr_slave_0 entered promiscuous mode [ 447.841279][ T9547] device hsr_slave_1 entered promiscuous mode [ 447.855638][ T9547] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 447.855657][ T9547] Cannot create hsr debugfs directory [ 447.921868][ T9682] loop3: detected capacity change from 0 to 8192 [ 447.988361][ T9682] loop_set_status: loop3 () has still dirty pages (nrpages=2) [ 448.014607][ T4197] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 448.014630][ T4197] FAT-fs (loop3): Filesystem has been set read-only [ 448.093869][ T9547] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 448.098311][ T9547] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 448.107080][ T9547] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 448.110673][ T9547] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 448.237306][ T9547] 8021q: adding VLAN 0 to HW filter on device bond0 [ 448.252236][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 448.261638][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 448.274471][ T9547] 8021q: adding VLAN 0 to HW filter on device team0 [ 448.284100][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 448.295441][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 448.303874][ T4560] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.310979][ T4560] bridge0: port 1(bridge_slave_0) entered forwarding state [ 448.319509][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 448.342435][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 448.354495][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 448.373396][ T4318] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.380533][ T4318] bridge0: port 2(bridge_slave_1) entered forwarding state [ 448.412800][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 448.437587][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 448.446367][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 448.466625][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 448.485971][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 448.494638][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 448.503895][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 448.512657][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 448.523522][ T9547] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 448.536654][ T9547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 448.549457][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 448.566681][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 448.585663][ T4318] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 448.737224][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 448.744832][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 448.758177][ T9547] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 448.859577][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 448.868964][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 448.883258][ T9547] device veth0_vlan entered promiscuous mode [ 448.890367][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 448.900892][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 448.909804][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 448.919714][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 448.931296][ T9547] device veth1_vlan entered promiscuous mode [ 448.950771][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 448.960678][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 448.969579][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 448.979737][ T1278] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 448.990663][ T9547] device veth0_macvtap entered promiscuous mode [ 449.000582][ T9547] device veth1_macvtap entered promiscuous mode [ 449.013256][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 449.024048][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.035928][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 449.043263][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 449.051857][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 449.060096][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 449.068646][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 449.078736][ T9547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 449.089425][ T9547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 449.100193][ T9547] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 449.108985][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 449.117621][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 449.127675][ T9547] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.137711][ T9547] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.146843][ T9547] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.156593][ T9547] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 449.182485][ T9547] ieee80211 phy13: Selected rate control algorithm 'minstrel_ht' [ 449.200667][ T4560] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.201379][ T9547] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 449.212297][ T4560] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.230891][ T4253] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 449.245666][ T4253] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 449.253692][ T4253] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 449.261593][ T4560] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 449.866384][ T4228] Bluetooth: hci0: command 0x040f tx timeout [ 451.945483][ T4957] Bluetooth: hci0: command 0x0419 tx timeout