last executing test programs: 19m44.250431808s ago: executing program 32 (id=1081): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x60ae0}], 0x318, 0x0, 0xdb0, 0xf5ffffff}, 0x3f01) sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x18, &(0x7f00000000c0), 0x31}, 0x0) sendmmsg$sock(r1, &(0x7f0000002c80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000008c0)="9a1646e333841dd817f884072bcfc4e86d09eae42c771150d2a0f7409c1370d3638a8b435039d8f5f5a58fd9696b618dee51e4869aced576ce4348d9b259fb3273c6a36fc309164021180c785a3c299cbf15a38790db0474eb0b41d11d4893959adec407e9ba742652a28fc5165a05b7593682298736a7ccd86db5f3758d2939e9992035d6de58a4b803a94a72a31139fd6e1f77b7e96492191da02c8bfd789de8bc6acd5484430d64a233fd9512f3d646d33db37e305f92dc1db89bd85b2689c942b596c0a45c4e", 0xc8}, {&(0x7f00000009c0)="efaf7a93d21cbcbd56d058e53b498eb5aec446ded5a0a15afc4a85e66ba967dd32bdaa041334d821c83f07626dff625725d9d7f2454a3c0354409cd461092701a394007cca7bf7ed39cb6d0860fc9fffc3867688808a8a9fa32d9c9f797ac6d2f35665413642d174ba233adaa36bf0d40144a05abc9458f98e5738d6952053397589681183bf74246782eaa788d1afbf227f54319c505f1678a3165181261067977d2cc5ce2f9a8ca0b99fa09f8e95675cd7666c5e2edb4b8029c371ccfe0497285e0e223106e4b43dbbdae8faa67a625fff23346e701f1c8cf9b6cd0d485c422d1c07b63988d337", 0xe8}, {&(0x7f0000000780)="8f30e4f3a357d24b35a884da0ffdc5c42f7ce57129b691f99daded3f1e2aa5f6738c747cd9fa7b3e59a5a24970b0a2a5bcc8cd72fc0a6e472442b441e273146cb840d20afb23fa12cfaaf4d54ffea9bdaf5d445e4773e815b6462cdc4b449d55a1d007a07e49cef17635abf4c4986abcc36fc5529e63aa97265af26fd3286548b2a7", 0x82}, {&(0x7f0000000fc0)="3bbd070c4a7f58ffca9b24b191f510fbf55fd3e761ff4c24907805f79e2a90f0d8c752fb233465c8facc36f054bd2243475ecfa1f5fac83b8910baf212596b2a4a23aab8eb9cfa683836af5e50b1bc4f815b49fc47f85fe32f63a26492042b663d8c955bfad1312698c3ef79f08b7e1b1eba61b59d48753d8f248e6503b9499d257af6bac5c923f22c70fa3a9eaa0247c8ecdcf07f64b4ba0f8aedf5df6c8777b927273b2d3e5a898c32e765af22c810eb3e6b06f2066746bbbb7f9f867d03bb7e318fd4b24c788b516b3f53aa8d40f339c6e3549d4b66d020ff12f61f44da1f8e3713adae3d6400fbfc9f232a555d7988d2538a76a42d1b5a35cb938b7663a6d34a763fe9a5c1f06ca04966380d0276b4af2815e0f777683f45cf34e2e934796e1a5587e60ec247a929b91119e14dadce3c01dbf60fb26428fb4cea4fd7c70e5bd8fdca8db9e3c3e6ae68292d7f4ba0e8c025d7f9e597f3be00"/359, 0x167}], 0x4}}], 0x2, 0x0) 15m27.532034504s ago: executing program 3 (id=2479): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4e23, 0x8020000c, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffffffff}, 0x1c) syz_extract_tcp_res$synack(0x0, 0x1, 0x0) 15m27.106315599s ago: executing program 3 (id=2483): r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="3400000015000100fdffffff02000000021854ff", @ANYRES32=r1, @ANYBLOB="140003007665746802"], 0x34}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) 15m26.488686898s ago: executing program 3 (id=2498): r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000001580), 0x240580) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = add_key$fscrypt_v1(&(0x7f0000002e40), &(0x7f0000002e80)={'fscrypt:', @desc3}, &(0x7f0000002ec0)={0x0, "ea3d44c1153597ed27b8123fae53940b4ead6634607d5d6a4e20bacc9458a97062e2819310bd0b759212f0d12845896e21c15479910adfa38266dabe453348ed", 0x1d}, 0x48, 0xfffffffffffffffd) keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0x74) 15m26.06766961s ago: executing program 3 (id=2490): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e24, 0x6, @rand_addr=' \x01\x00', 0x7177}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={r1, @in={{0x2, 0x4e21, @empty}}, 0x5, 0x4, 0x7fffffff, 0x4, 0xe2d8f2eb1d010935, 0x5, 0x7}, 0x9c) 15m24.712441603s ago: executing program 3 (id=2499): syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x3810744, &(0x7f0000000300)={[{@noauto_da_alloc}, {@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {}, {@nodiscard}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x490, &(0x7f0000001300)="$eJzs3M9vFFUcAPDvTLdAEGlF/AGiVtHY+IPSgsrBi0YTD5qY6AGPtS0EKdTQmgghUo3BoyHxTown/wVPnozxZOJVr8aQECUm/Lg4ZnZmSne7W9llYaH9fJKl73XezJtv33u7b+YxG8C6NZL/k0RsiYjfImKoyDYWGCl+XLl0eurqpdNTSWTZu38l9XKXL52eqopW+91TZkbTiPSLpKyk0fzJU0cnZ2dnTpT5sYVjH43Nnzz1wpFjk4dnDs8cnzhwYP++8ZdfmnixJ3Hm53R556dzu3a8+f65t6cOnvtgU8P25XH0ykge+N9ZXfO2p3tdWZ/9m12PM6n1+2y4UQMRkTfXYH38D8VAXG+8oXjj876eHHBL5e/ZfzT/cnAptZgBa1gSXe0W3e0G3DmqD/r8+rd63cbpR99dfLW4AMrjvlK+ii21SMs/0OAtrH8kIg4uXjufv6LpPkTW4r4BAMDN+iGf/zy/cv6XRMSDy8ol5drQcETcFxHbIuL+iNgeEQ+UZR+KiIc7rL95aWjl/DO90GVoNySf/71Srm01zv/SqsjwQJm7tx7/YHLoyOzM3ojYGhGjMbgxz4+3Onh1iNd//apd/cvnfwcXi/Oo5oLlQS7UNi7b4cy3xc8eTUovfhaxs9Yq/qS+EpBEluVtvyMidnZ26K1V4siz3+1qV6gx/mvnV8a/ih6sM2XfRDxTtP9iNMVfSVZfnxzbFLMze8eqXrFkqYV+/uXsO+3qH4kNZaqL+Hsgb//Njf2/qcTQP8ny9dr5zus4+/uXba8pa//b/k39PyKmJxcmNyTv1desq7/eJ5MLCyfGIzYkb9XzDb+fuL5vla/K5/GP7m49/reV++TxPxIReSd+NCIei4jHy777REQ8GRG7V4n/p9ee+rDdtpvq/z2Qxz/d8v1vqf8PN7Z/54mBoz9+367+VeOvv4Pk7b+/nh0t98nbv0htahtX+9Op9um2NwMAAMDdJ42ILZGke5bSabpnT/H/5bfH5nR2bn7huUNzHx+fLp4RGI7BtLrTNbTsfuh4slgeschPlPeKq+37yvvGX1e3FabmZqf7GDdQjPNW4z/350C/zw645TyvBetX8/hP+3QewO13o5//rgdg7el2/m+eAHc/1/+wfrUa/2ea8ub+sDb5/If1y/iH9Wvl+E+uNn49ELBW+fyHdamDx/nz4t1/CUAHidoqT+9L3CmJSHtxnCtZlq3YtHhHBHgXJ2qdj+4Vif6+LwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTKfwEAAP//CNn1og==") bind$inet6(0xffffffffffffffff, 0x0, 0x0) r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x10) 15m24.217982915s ago: executing program 3 (id=2503): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000900), r1) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x8080) 15m8.82989287s ago: executing program 33 (id=2503): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000900), r1) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x8080) 12m53.98013579s ago: executing program 1 (id=3456): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) io_setup(0x6, &(0x7f0000000300)=0x0) io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x80000000}]) io_getevents(r1, 0x0, 0x0, 0x0, 0x0) 12m53.318752275s ago: executing program 1 (id=3461): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1, 0x1, 0x86, 0x10, 0x20f4, 0xe05a, 0x6c6d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x69, 0x2, 0x2, 0xff, 0x5a, 0xa3, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10, 0x0, 0xfa}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000540)={0x44, &(0x7f00000001c0)={0x20, 0x14, 0x6, "0fa9849f304a"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 12m52.269456825s ago: executing program 1 (id=3466): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'macvlan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4dc1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r2}, @IFLA_HSR_SLAVE1={0x8, 0x1, r1}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 12m51.464346249s ago: executing program 1 (id=3471): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) unlinkat(r0, &(0x7f0000000b40)='./file1\x00', 0x200) 12m50.755515546s ago: executing program 1 (id=3474): r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x18, &(0x7f0000000300)=0xffffffff, 0x4) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @remote}, 0x10) 12m49.857746569s ago: executing program 1 (id=3480): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x282000, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000001c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r1}}, 0x18) 12m47.11959297s ago: executing program 34 (id=3480): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x282000, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r0, &(0x7f00000001c0)={0x12, 0x10, 0xfa00, {0x0, 0xffffffffffffffff, r1}}, 0x18) 7m17.883538474s ago: executing program 6 (id=5428): r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x24020000) syz_clone(0x19001411, 0x0, 0x0, 0x0, 0x0, 0x0) 7m16.868880495s ago: executing program 6 (id=5433): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) accept4(r0, &(0x7f00000004c0)=@alg, 0x0, 0x80800) 7m16.059476406s ago: executing program 6 (id=5438): ioprio_set$uid(0x3, 0x0, 0x0) r0 = eventfd2(0x0, 0x0) io_setup(0x81, &(0x7f0000000400)=0x0) io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x2000, 0x0, 0x1fd, r0, 0x0, 0x0, 0x0, 0x0, 0x1, r0}]) 7m15.080383649s ago: executing program 6 (id=5445): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000540)='./bus\x00', 0x8800, &(0x7f0000000280)={[{@errors_remount}, {@usrquota}, {@minixdf}, {@nombcache}]}, 0x1, 0x51a, &(0x7f0000000f00)="$eJzs3c9vI1cdAPCvnThxfnSTlh4AQbu0hQWt1km8bVT1AOWIUCVEjyBtQ+KNothxFDulCXtIz1yRqMSJHvkDOPfEgRsXBDcuywGJHxFog8TBaMaTrDdrb6xNYqfx5yON5r2ZWX+/L868t36O/QIYWTcj4iAiJiLig4iYy47nsi3ebW/JdY8OH6weHT5YzUWr9f4/c+n55Fh0/JvETPaYxYj44acRP8k9Hbext7+5Uq1WdrL6QrO2vdDY27+zUVtZr6xXtsrl5aXlxbfvvlW+sLa+WpvISl99+IeDb/0sSWs2O9LZjovUbnrhJE5iPCK+fxnBhmAsa8/EsBPhueQj4qWIeC29/+diLH02AYDrrNWai9ZcZx0AuO7y6RxYLl/K5gJmI58vldpzeC/HdL5abzRv36/vbq2158rmo5C/v1GtLGZzhfNRyCX1pbT8uF4+Vb8bES9GxC8mp9J6abVeXRvmf3wAYITNnBr//zPZHv8BgGuuOOwEAICB6zH+Hww6DwBgcLz+B4DRY/wHgNFTTL/DYWrYaQAAA+T1PwCMHuM/AIyUH7z3XrK1jrLvv177cG93s/7hnbVKY7NU210trdZ3tkvr9fp6+p09tbMer1qvby+9GbsfzX97u9FcaOzt36vVd7ea99Lv9b5XKaRX+WQBAAzTi69+9udcMiK/M5Vu0bGWQ2GomQGXLT/sBIChGetRBq4/q33B6DrHa3zTA3BNdFmi9wnF6PIBoVar1bq8lIBLdutL5v9hVHXM//srYBgx5vxhdJn/h9HVauX6XfM/+r0QALjazPEDPd7/fynb/yZ7c+DHa6ev+OQyswIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICr7Xj931K2Fvhs5POlUsQLETEfhdz9jWplMSJuRMSfJguTSX1pyDkDAOeV/1suW//r1twbs0+cemXmpDgRET/91fu//Gil2dz5Y8RE7l+Tx8ebn2THy4PPHgA42/E4ne47Xsg/OnywerwNMp+/fzciiu34R4cTcXQSfzzG030xChEx/e9cVm/LdcxdnMfBxxHxxW7tz8VsOgfSXvn0dPwk9gsDjZ9/In4+PdfeJz+LL1xALjBqPkv6n3e73X/5uJnuu9//xbSHOr+s/0seavUo7QMfxz/u/8Z69H83+43x5u++1y5NPX3u44gvj0ccxz7q6H+O4+d6xH+jz/h/+corr/U61/p1xK3oHr8z1kKztr3Q2Nu/s1FbWa+sV7bK5eWl5cW3775VXkjnqBd6jwb/eOf2jV7nkvZP94hfPKP9X++z/Z/+74Mffe0Z8b/5erf4+Xj5GfGTMfEbfcZfmf5tsde5JP5aj/af9fzf7jP+w7/uP7VsOAAwPI29/c2VarWy86zCjaOIs675XBaiv4t/n/2wrkTOI11InoUrkEbXwnc6jszEJcaa6HEz/vz19q/pZETnL3ar9VyxevUYFzHrBlwFJzd9RPx32MkAAAAAAAAAAAAAAABdDeLTUcNuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANfX/wMAAP//jMfJaQ==") syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x20020, 0x0, 0x1, 0x0, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000340), 0x0, 0x0, 0x1) mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]}) 7m13.713228066s ago: executing program 6 (id=5451): syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x208008de, &(0x7f0000001b80)=ANY=[], 0x1, 0x1503, &(0x7f0000000580)="$eJzs3AuYj1XXMPC99t43Y5L+TXIY9trr5p8G2yRJDgk5JEmSJDklJCZJEhJDTklDEnKcJIchJIdpTBrn8yHnpMkjTZKE5BT2d+np/Tzv0/O+fe9X3+e93lm/69qXvdz/tf7rnjXX3Pf9v66Z73uOqtu8Xq2mRCT+FPj7P8lCiBghxDAhxA1CiEAIUTGuYtyV4/kUJP+5N2F/rUfTrnUH7Fri+eduPP/cjeefu/H8czeef+7G88/deP65G8+fsdxs+5yiN/LKvYs//8/N+Pr/P0hOuclfbyx3c6//QgrPP3fj+eduPP/cjeefu/H8czee//98Nf+TYzz/3I3nz1hudq0/f+Z1bde1/v5jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZY7nPNXaSHEv+2vdV+MMcYYY4wxxhj76/i817oDxhhjjDHGGGOM/b8HQgoltAhEHpFXxIh8IlZcJ/KL60UBcYOIiBtFnLhJFBQ3i0KisCgiiop4UUwUF0agsIJEKEqIkiIqbhGlxK0iQZQWZURZ4UQ5kShuE+XF7aKCuENUFHeKSuIuUVlUEVVFNXG3qC7uETVETVFL3Ctqizqirqgn7hP1xf2igXhANBQPikbiIdFYPCyaiEdEU/GoaCYeE83F46KFeEK0FK1Ea9FGtP2/yn9Z9BWviH6iv0gWA8RA8aoYJAaLIWKoGCZeE8PF62KEeEOkiJFilHhTjBZviTHibTFWjBPjxTtigpgoJonJYoqYKlLFu2KaeE9MF++LGWKmmCVmizQxR8wVH4h5Yr5YID4UC8VHYpFYLJaIpSJdfCwyxDKRKT4Ry8WnIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCZ2iJ1il9gt9oi9Yp/4XOwXX4gD4kuRLb76L+af/af8XiBAgAQJGjTkgTwQAzEQC7GQH/JDASgAEYhAHMRBQSgIhaAQFIEiEA/xUByKAwICAUEJKAFRiEIpKAUJkABloAw4cJAIiVAebocKUAEqQkWoBJWgMlSBKlANqkF1qA41oAbUglpQG2pDXagL98F9cD80gAbQEBpCI2gEjaExNIEm0BSaQjNoBs2hObSAFtASWkJraA1toS20g3bQHtpDR+gInaATdIbOkARJ0BW6QjfoBt2hO/SAHtATekIv6A294WV4GV6BV6A/1JYDYCAMhEEwCIbAUBgKr8FweB1ehzcgBUbCKHgT3oS3YAycgbEwDsbDeKguJ8IkmAwkp0IqpMI0mAbTYTrMgJkwE2ZDGsyBuTAX5sF8mA8fwkL4CD6CxbAYlkI6pEMGLINMyITlcBayYAWshFWwGtbAalgH62EdbIRNsBG2wBbYBtvgM/gMdsJO2A27YS/shc/hc/gCvoAUyIZsOAgH4RAcgsNwGHIgB47AETgKR+EYHIPjcBxOwEk4BSfhNJyGM3AWzsE5uAAX4CK8GP9ts72lN6QIeYWWWuaReWSMjJGxMlbml/llAVlARmRExsk4WVAWlIVkIVlEFpHxMl4Wl8UlSpQkQ1lClogRQshSspRMkAmyjCwjnXQyUSbK8rK8rCAryIryTllJ3iUryyqyg6smq8nqsqOrIWvKWrKWrC3ryLqynqwn68v6soFsIBvKhrKRbCQby4dlEzkAhsCj8spkmsuR0EKOgpaylWwt28i34EnZTo6B9rKD7CifluNgLHSW7VySfFZ2lZOgm3xeToYXZA85FXrKl2Qv2Vv2kS/LvrK96yf7yxkwQA6Us2GQHCyHyKFyHtSRVyZWV74hU+RIOUq+KZfCW3KMfFuOlePkePmOnCAnyklyspwip8pU+a6cJt+T0+X7coacKWfJ2TJNzpFz5QdynpwvF8gP5UL5kVwkF8slcqlMlx/LDLlMZspP5HL5qcySK+RKuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ul5/JHXKn3CV3yz1yr9wnP5f75RfygPxSZsuv5EH5N3lIfi0Py29kjvxWHpHfyaPye3lM/iCPyx/lCXlSnpI/ydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaDyqLwqRuVTseo6lV9drwqoG1RE3aji1E2qoLpZFVKFVRFVVMWrYqq4MgqVVaRCVUKVVFF1iyqlblUJqrQqo8oqp8qpRHWbKq9uVxXUHaqiulNVUnepyqqKqqqqqbtVdXWPqqFqqlrqXlVb1VF1VT11n6qv7lcN1AOqoXpQNVIPqcbqYdVEPaKaqkdVM/WYaq4eVy3UE6qlaqVaqzaqrXpStVNPqfaqg+qonlad1DOqs+qiktSzqqt6TnVTz6vu6gXVQ72oeqqXVC/VW/VRl9Rl5VU/1V8lqwFqoHpVDVKD1RA1VA1Tr6nh6nU1Qr2hUtRINUq9qUart9QY9bYaq8ap8eodNUFNVJPUZDVFTVWp6l01Tb2npqv31Qw1U81Ss1WamqOG/FZpwT/lD/jtqvuP+e/9i/wRv777NrVdfaZ2qJ1ql9qt9qi9ap/ap/ar/eqAOqCyVbY6qA6qQ+qQOqwOqxyVo46oI+qoOqqOqWPquDquTqiT6rz6SZ1WP6sz6qw6q86rC+qCuvjb10Bo0FIrrXWg8+i8Okbn07H6Op1fX68L6Bt0RN+o4/RNuqC+WRfShXURXVTH62K6uDYatdWkQ11Cl9RRfYsupW/VCbq0LqPLaqfL6UR925/O/6P+2uq2up1up9vr9rqj7qg76U66s+6sk3SS7qq76m66m+6uu+seuofuqXvqXrqX7qP76L66r+6n++lknawH6lf1ID1YD9FD9TD9mh6uh+sReoRO0Sl6lB6lR+vReoweo8fqsXq8Hq8n6Al6kp6kp+gpOlWn6ml6mp6up+sZeoaepWfpNJ2m5+q5ep6epxfoBXqhXqgX6UV6iV6i03W6ztAZOlNn6uV6uc7SK/QKvUqv0mv0Gr1Or9Mb9Aa9SW/SW/QWnaW36+16h96hd+ldeo/eo/fpfXq/3q8P6AM6W2frg/qgPqQP6cP6sM7ROfqIPqKP6qP6mD424Lg+rk/oE/qUPqVP69P6jD6jz+lz+oK+oC/qi/qyvnzlti+QgQx0oIM8QZ4gJogJYoPYIH+QPygQFAgiQSSIC+KCgsHNQaGgcFAkKBrEB8WC4oEJMLABBWFQIigZRINbglLBrUFCUDooE5QNXFAuSAxuC8oHtwcVgjuCisGdQaXgrqByUCWoGlQL7g6qB/cENYKaQa3g3qB2UCeoG9QL7gvqB/cHDYIHgobBg0Gj4KGgcfBw0CR4JGgaPBo0Cx4LmgePBy2CJ4KWQaugddAmaPuX1vf+TOGnXD/T3ySbAWagedUMMoPNEDPUDDOvmeHmdTPCvGFSzEgzyrxpRpu3zBjzthlrxpnx5h0zwUw0k8xkM8VMNanmXTPNvGemm/fNDDPTzDKzTZqZY+aaD8w8M98sMB+aheYjs8gsNkvMUpNuPjYZZpnJNJ+Y5eZTk2VWmJVmlVlt1py/UQiz3mwwG80ms9lsMVvNNrPdfGZ2mJ1ml9lt9pi9Zp/53Ow3X5gD5kuTbb4yB83fzCHztTlsvjE55ltzxHxnjprvzTHzgzlufjQnzElzyvxkTpufzRlz1pwz580F84u5aC6Zy8Zfubm/cnlHjRrzYB6MwRiMxVjMj/mxABbACEYwDuOwIBbEQlgIi2ARjMd4LI7F8QpCwhJYAqMYxVJYChMwActgGXToMBETsTyWxwpYAStiRayElbAyVsaqWBXvxrvxHrwHa2JNvBfvxTpYB+thPayP9bEBNsCG2BAbYSNsjI2xCTbBptgUm2EzbI7NsQW2wJbYEltja2yLbbEdtsP22B47YkfshJ2wM3bGJEzCrtgVu2E37I7dsQf2wJ7YE3thL+yDfbAv9sV+2A+TMRkH4kAchINwCA7BYTgMh+NwHIEjMAVTcBSOwtE4GsfgGByL43A8voMTcCJOwsk4BadiKqbiNJyG03E6zsAZOAtnYRqm4Vyci/NwHi7ABbgQF+IiXIRLcAmmYzpmYAZmYiYux+WYhVm4ElfialyNa3Etrsf1uBE34mbcjFtxK27H7bgDd+Au3IV7cA/uw324H/fjATyA2ZiNB/EgHsJDeBgPYw7m4BE8gkfxKB7DY3gcj+MJPIGn8BSextN4Bs/gOTyHF/AXvIiX8DJ6jLFSxNrrbH57vS1gb7AxNp/9x7iILWrjbTFb3BpbyBb+dzFaaxNsaVvGlrXOlrOJ9rbfxZVtFVvVVrN32+r2Hlvjd3F9e79tYB+wDe2Dtp6977c4769xI/uQbWwft03sE7apbWWb2Ta2uX3ctrBP2Ja2lW1t29hO9hnb2XaxSfZZ29U+97s4wy6z6+0Gu9FusvvtF/acPW+P2u/tBfuL7Wf722H2NTvcvm5H2Ddsih35u3i8fcdOsBPtJDvZTrFTfxfPsrNtmp1j59oP7Dw7/3dxuv3YLrSZdpFdbJfYpb/GV3rKtJ/Y5fZTm2VX2JV2lV1t19i1dt3/7nWV3WK32m12n/3c7rA77S672+6xe3+Nr5zHAfulzbZf2SP2O3vIfm0P22M2x377a3zl/I7ZH+xx+6M9YU/aU/Yne9r+bM/Ys7+e/5Vz/8lespett4KAJCnSFFAeyksxlI9i6TrKT9dTAbqBInQjxdFNVJBupkJUmIpQUYqnYlScDCFZIgqpBJWkKN1CpehWSqDSVIbKkqNylEi3UXm6nSrQHVSR7qRKdBdVpipUlarR3VSd7qEaVJNq0b1Um+pQXapH91F9up8a0APUkB6kRvQQNaaHqQk9Qk3pUWpGj1Fzepxa0BPUklpRa2pDbelJakdPUXvqQB3paepEz1Bn6kJJ9Cx1peeoGz1P3ekF6kEvUk96iXpRb+pDL1NfeoX6UX9KpgE0kF6lQTSYhtBQGkav0XB6nUbQG5RCI2kUvUmj6S0aQ2/TWBpH4+kdmkATaRJNpik0lVLpXTqb3qXIlXu9GTSTZtFsSqM5NJc+oHk0nxbQh7SQPqJFtJiW0FJKp48pg5ZRJn1Cy+lTyqIVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp89oB+2kXbSb9tBe2kef0376gg7Ql5RNX9FB+hsdoq/pMH1DOfQtHaHv6Ch9T8foBzpOP9IJOkmn6Cc6TT/TGTpL5+g8XaBf6CJdosvkSYQQylCFOgzCPGHeMCbMF8aG14X5w+vDAuENYSS8MYwLbwoLhjeHhcLCYZGwaBgfFguLhybE0IYUhmGJsGQYDW8JS4W3hglh6bBMWDZ0YbkwMbwtLB/eHlYI7wgrhneGlcK7wsphlfDxB6uFd4fVw3vCGmHNsFZ4b1g7rBPWDeuF94X1w/vDBuEDYcPwwbBC+FDYOHw4bBI+EjYNHw2bhY+FzcPHwxbhE2HLsFXYOmwTtg2fDNuFT4Xtww5hx/DpsFP4TNg57BImhc+GXcPn/vB4cjggHBi+Gr4aev+AWhJdGk2PfhzNiC6LZkY/iS6PfhrNiq6Iroyuiq6Oromuja6Lro9uiG6Mbopujm6Jbo1ui3pfL69w4KRTTrvA5XF5XYzL52LddS6/u94VcDe4iLvRxbmbXEF3syvkCrsirqiLd8VccWccOuvIha6EK+mi7hZXyt3qElxpV8aVdc6Vc4mujWvr2rp27inX3nVwHd3T7mn3jHvGdXFd3LOuq3vOdXPPu+7uBdfDvehedC+5Xq636+Nedn3dK66f6++SXbIb6Aa6QW6QG+KGuGFumBvuhrsRboRLcSlulBvlRrvRbowb48a6sW68G+8muAlukpvkprgpLtWlumlumpvuprsZboab5Wa5NJfm5rq5bp6b5xa4BW5hwkK3yC1yS9wSl+7SXYbLcJku0y13y12Wy3Ir3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt8vtcnvcHrfP7XP73X53wB1w2S7bHXQH3SF3yB1237gc96074r5zR9337pj7wR13P7oT7qQ75X5yp93P7ow768658+6C+8VddJfcZeddauTdyLTIe5HpkfcjMyIzI7MisyNpkTmRuZEPIvMi8yMLIh9GFkY+iiyKLI4siSyNpEc+jmRElkUyI59Elkc+jWRFVkRWRlZFVkfWRLwvtiP0JXxJH/W3+FL+Vp/gS/syvqx3vpxP9Lf58v52X8Hf4Sv6O30lf5ev7Kv4qv4J39K38q19G9/WP+nb+ad8e9/Bd/RP+07+Gd/Zd/FJ/lnf1T/nu/nnfXf/gu/hX/Q9/Uu+l+/t+/iXfV//iu/n+/tkP8AP9K/6QX6wH+KH+mH+NT/cv+5H+Dd8ih/pR/k3/Wj/lh/j3/Zj/Tg/3r/jJ/iJfpKf7Kf4qT7Vv+un+ff8dP++n+Fn+ll+tk/zc/xc/4Gf5+f7Bf5Dv9B/5Bf5xX6JX+rT/cc+wy/zmf4Tv9x/6rP8Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Wd+h9/pd/ndfo/f6/f5z/1+/4U/4L/02f4rf9D/zR/yX/vD/huf47/1R/x3/qj/3h/zP/jj/kd/wp/0p/xP/rT/2Z/xZ/05f95f8L/4i/6Sv8y/s8YYY4wx9n9E/cHxAf/i/+Rv64qBQojrdxbN+eeamwv9fT9YxneKCCGe7d/z0X9btWsnJyf/9tosJYKSi4UQkav5ecTVeIXoKJ4RSaKDKP8v+xsse1+gP6gfvVOI2KuVfxUr/rn+7f9B/SefHp9RKTwX95/UXyxEQsmrOfnE1fhq/Qr/Qf3C7f6g/3xfpwrR/h9y8our8dX6ieIp8ZxI+nevZIwxxhhjjDHG/m6wrNr9j56frzyfx+urOXnF1fiPns8ZY4wxxhhjjDF27b3Qu0+XJ5OSOnTnzZ/Y1Pjv0QZvePOXba71TybGGGOMMcbYX+3qTf+17oQxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMu9/n/8ObFrfY6MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbYtfa/AgAA///mJjhh") unshare(0x6020400) r0 = socket$inet_tcp(0x2, 0x1, 0x0) fgetxattr(r0, &(0x7f0000000c80)=ANY=[], 0x0, 0x0) 7m11.016778349s ago: executing program 6 (id=5463): r0 = syz_usb_connect_ath9k(0x3, 0x97, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e446, [{{0x9, 0x2, 0xfffffffffffffdf8}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000040)=@ready={0x0, 0x0, 0x8, '\b\x00', {0x1, 0x8, 0x5, 0x40}}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000f40)=ANY=[@ANYBLOB="0c00004e15"]) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000240)={[{0xc, 0x4e00, "15190c7a17414158847341c8"}]}) 7m8.793168792s ago: executing program 35 (id=5463): r0 = syz_usb_connect_ath9k(0x3, 0x97, &(0x7f00000001c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e446, [{{0x9, 0x2, 0xfffffffffffffdf8}}]}}, 0x0) syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x10, &(0x7f0000000040)=@ready={0x0, 0x0, 0x8, '\b\x00', {0x1, 0x8, 0x5, 0x40}}) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000f40)=ANY=[@ANYBLOB="0c00004e15"]) syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x10, &(0x7f0000000240)={[{0xc, 0x4e00, "15190c7a17414158847341c8"}]}) 3m36.774334357s ago: executing program 0 (id=6668): r0 = socket(0x2c, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000280)=0x497, 0x4) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00000005c0)={0x2000a210}) 3m35.982342247s ago: executing program 0 (id=6672): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x8, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) listxattr(&(0x7f0000000380)='./file0\x00', &(0x7f0000000740)=""/10, 0xa) 3m35.243873377s ago: executing program 0 (id=6675): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f0000000340)={'wpan0\x00', 0x0}) sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x38, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_LEVEL={0x1c, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0xf6}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) 3m34.283386822s ago: executing program 0 (id=6679): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x1400c, &(0x7f0000000080), 0x3, 0x47a, &(0x7f00000006c0)="$eJzs3M1vG0UbAPBn13H65k1pTClfLR+BgqgQJE1boAcOgEDiUCQkOMDRSkJVmhbUBIlWkUg5lBNCSNwRR/4FTnBBiBMSV7ijShXqhZaT0dq7sZ3YTpPaccG/n+T2mf3IzOPd2czu2AlgZE1n/yQReyPit4iYahTbN5hu/Hfj+ur8zeur80nUam/9mdS3++v66nyxabHfZGshkjjUod7li5fOVpeWFi/k5dmVcx/OLl+89OyZc9XTi6cXzx87efLE8bkXnj/2XF/ynIw0j15/98s3Tn3elv+GPPpkutfKJ2u1Plc3XHe1xGNDbAfbU8qPV7ne/6ei1HL0puK1T9cLnwypgcDA1Gq12mT31Ws14D8sifayLg+jovhFX9z/droPfmlgo4/hu/Zy4wYoy/tG/mqsGVt/YlDecH/bT9MR8c7a319nrxjMcwgAgDbfZ+OfZ7LRzup8NvZojj/SuK9lu3353FAlIu6OiP0RcU+cjwMRcW9Efdv7I+KBbdbfMklSH2ZuHv+kV3ec3C3Ixn8v5nNb7eO/YvQXlVK9dLFRiHLy3pmlxaP5e3Ikynuy8lyPOn549dcvuq1rHf9lr6z+YiyYt+Pq2J72fRaqK9WdZ9zu2uWIg2Od8k/WZwKSiHgwIg52+gHp1nWcefrbh7qt2zr/Hvow0VT7JuKpxvFfiw35F5Le85Oz/4ulxaOzxVmx2c+/XHmzW/23lX8fZMf//x3P//X8K0nrfO3yNiuoRFz5/bOu9zTT5TzYxvm/Vl2pjidv1+PxfNnH1ZWVC3MR48mpotrm8mPNfYtysX2W/5HDnfv//mi+E4ciIjuJH46IRyLi0fzYPRYRj0fE4R5vwU+vPPH+xmUTRf53wPFf2Nbxbwbj0b4k7bBNFpTO/vhdW6WVZpjnf7P39e9EPTqSL7mV69/mVnQObvf9AwAAgH+DNCL2RpLOrMdpOjPT+Az/gcbUd+aj8wuN7whUopwWT7qmWp6HzuW39Y3y5YhofLSgWH880vpz469KE/XyzPwHSwtDzRyY7NL/M3+Uht06YOB8YQtGl/4Po6tn/y/vXjuA3bep//fs83sG2hZgd3X4/T8xjHYAu6/T+N/f+4HRsKH/m/aDEeL5P4wu/R9Gl/4PI2l5Irb+knzPoPhJO9x9q2Aq4nZbOJwgyndEMwYWRDrwKsYHe2ptHUzEjnZPhtnmfgVtl4l9u31dAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Jd/AgAA///miM2S") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) getdents64(r0, &(0x7f0000000400)=""/4096, 0x1000) 3m32.861406256s ago: executing program 0 (id=6684): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0) r1 = epoll_create(0x203) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x18}) ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000)) ioctl$TIOCGPTPEER(r0, 0x5441, 0xffff) 3m31.114394724s ago: executing program 0 (id=6693): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1}) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}}) 3m28.653940612s ago: executing program 36 (id=6693): r0 = userfaultfd(0x1) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1}) mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}}) 1m40.83874711s ago: executing program 5 (id=7192): r0 = socket$igmp(0x2, 0x3, 0x2) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x2, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_team\x00', 0x10) sendto$inet(r0, 0x0, 0x0, 0x804, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10) recvfrom$inet(r0, 0x0, 0x0, 0xc9100120, 0x0, 0x0) 1m39.43415691s ago: executing program 5 (id=7198): syz_open_dev$sndpcmp(&(0x7f0000000a40), 0x1, 0x1) r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885, 0x0, 0x0, 0x100}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 1m38.662046559s ago: executing program 5 (id=7201): r0 = socket$inet_sctp(0x2, 0x1, 0x84) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @rand_addr=0x240100fb}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4621, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000180)={0x0, 0xc, 0x8, 0xcec, 0x4, 0x6, 0x7, 0xbf3, {0x0, @in={{0x2, 0x4e22, @local}}, 0xd, 0x0, 0x0, 0xffff, 0x7ff}}, &(0x7f0000000400)=0xb0) 1m37.380538179s ago: executing program 5 (id=7210): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000002c0)=0x20) bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 1m37.007345615s ago: executing program 5 (id=7212): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x2a800, 0x55) fcntl$notify(r0, 0x402, 0x1a) r1 = socket$unix(0x1, 0x2, 0x0) bind$unix(r1, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e) bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 1m34.996812953s ago: executing program 5 (id=7221): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, 0x0) 1m33.218065491s ago: executing program 37 (id=7221): r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, 0x0) 10.24296452s ago: executing program 4 (id=7503): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@empty, 0x8000, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x2, 0x96c, 0x0, 0x0, 0x0, 0x0, 0x4000000000000001, 0xfffffffffffffffb}, {0x0, 0x7, 0x2}, 0x800, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x2c000010) ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0cc5605, &(0x7f0000000540)={0x9, @pix_mp={0x101, 0xc, 0x3147504d, 0x8, 0xb, [{0xba, 0x7fffffff}, {0x7ffff7ff, 0x1}, {0x0, 0x2202}, {0x46b, 0x40004}, {0x6, 0xd5d}, {0x3c, 0xe43}, {0x7, 0x2}, {0x2, 0x2}], 0xc, 0xbf, 0x6, 0x0, 0x97be6e47811f337}}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004) 9.481145791s ago: executing program 8 (id=7507): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2000004, 0x31, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a99000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ff8000/0x2000)=nil) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) mlock(&(0x7f0000bfc000/0x3000)=nil, 0x3000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) 8.932333677s ago: executing program 9 (id=7509): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x3, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020206e2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000888500000073000000850000000e00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xe, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0x3b}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80) 8.595468523s ago: executing program 4 (id=7510): r0 = io_uring_setup(0x3beb, &(0x7f0000000100)={0x0, 0xe861, 0x0, 0x4, 0x2aa}) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$TCSBRKP(r1, 0x5425, 0x9) ioctl$TCSBRKP(r1, 0x5425, 0x6) close_range(r0, 0xffffffffffffffff, 0x0) 8.489794495s ago: executing program 8 (id=7511): r0 = socket(0x1e, 0x1, 0x0) connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x1, 0x1}}}, 0x10) getrandom(&(0x7f0000000040)=""/280, 0xffffffc8, 0x3) recvmmsg(r0, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000140)=""/156, 0x9c}], 0x1, &(0x7f0000000400)=""/17, 0x11}, 0x8000}], 0x1, 0x2102, 0x0) write$binfmt_misc(r0, &(0x7f0000000340), 0x2000011a) 7.922915087s ago: executing program 9 (id=7514): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x220000c, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}, {@xino_auto}]}) r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00') read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203) 7.474341154s ago: executing program 2 (id=7515): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x6, 0x22, 0x3, 0x50000}]}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[], 0x48}}, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) syz_clone3(&(0x7f0000000080)={0x21800000, 0x0, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58) io_destroy(r0) 6.963875959s ago: executing program 9 (id=7517): syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") chdir(&(0x7f0000000000)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000140)=""/32, 0x20) getdents(r0, 0x0, 0x0) 6.834814501s ago: executing program 8 (id=7518): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = fsopen(&(0x7f00000000c0)='mqueue\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r1 = fsmount(r0, 0x0, 0x0) flock(r1, 0x1) 6.415093284s ago: executing program 4 (id=7519): ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0x8) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/net\x00') sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000ffff2abd7000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1420050021200000140012800900010076657468000000000400028008001c00", @ANYRES32=r1], 0x3c}, 0x1, 0x0, 0x0, 0x8841}, 0x280048c6) 6.189758138s ago: executing program 8 (id=7520): r0 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e22, 0x0, @local, 0x5}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, 0x0, 0x0) 5.972656115s ago: executing program 2 (id=7521): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x4ee59ce4, 0xfffffffffffffffe, 0xfffffffc}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x4) write(r1, &(0x7f00000000c0)="2900000014000d200d69a51d54efbdeb0101b6ff02159f7ec6cff25fb7f7930884191c47bb3f6b1933", 0x29) 5.27160216s ago: executing program 7 (id=7522): r0 = socket(0x400000000010, 0x3, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1, 0x8}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x4c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x1, 0xfff6}, {0x0, 0x1}, {0x10, 0x5}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_FLAGS={0x8}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x2}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40004}, 0x2008c010) 5.137251014s ago: executing program 2 (id=7523): r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002) ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000080)=0xd0) r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002) ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000080)=0xd0) ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000040)=0x2) 5.011500801s ago: executing program 9 (id=7524): r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0xfffffffc, 0x10000000}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40) 4.464134488s ago: executing program 4 (id=7525): sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000cc0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, 0x0}}], 0x1, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000340)={r2, 0x5}, 0x8) 4.378088887s ago: executing program 7 (id=7526): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'geneve0\x00', 0x0}) sendto$packet(r1, &(0x7f0000000180)="0b031407e0ff640f0200475400f6a13bb1000e00080081004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14) 4.201983685s ago: executing program 2 (id=7527): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)={0x30, r0, 0x1, 0x0, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL={0x6, 0xc, 0x3}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x9}]}]}, 0x30}}, 0x0) 4.09020224s ago: executing program 8 (id=7528): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00220f0000000b2e2b5aa40bf85e080083"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000040)={0x1, 0xffffffff, 0x6f94, 0x5, 0xa45a2b2e, 0x7fff}) 3.572813895s ago: executing program 9 (id=7529): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick=0xffffff3f, {}, {}, @raw32}], 0xffc8) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r0, 0xc0bc5351, &(0x7f00000001c0)={0x8f4, 0x1, 'client0\x00', 0x80000009, "e3aacc211b9a87c7", "04f2071492a2c89bdf5753e6e8b3e15299f8d22e08021f254a4253543b0530e9", 0x9, 0x95}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, 0x0) 3.236031344s ago: executing program 7 (id=7530): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000880)={0x20, r2, 0x801, 0x8, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SCAN_SUPP_RATES={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c010}, 0x40000a0) 3.189021458s ago: executing program 2 (id=7531): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) write$P9_RVERSION(r2, &(0x7f0000000000)={0x15, 0x65, 0xffff, 0x7ff9, 0x8, '9P2000.u'}, 0x15) 3.071624883s ago: executing program 4 (id=7532): pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x107842, 0xa) pselect6(0x2d, &(0x7f0000000100)={0x0, 0xf, 0x1000, 0x0, 0x801, 0x100}, 0x0, &(0x7f0000000000)={0x1f, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x7, 0x3}, 0x0, 0x0) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x33fe0, 0x0) 2.219473839s ago: executing program 9 (id=7533): r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, 0x0) syz_usb_connect(0x0, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000300)="b8", 0x1}], 0x1) 2.130778692s ago: executing program 7 (id=7534): mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000) r0 = userfaultfd(0x80801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x100}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000400)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f00000002c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}}) 1.414590316s ago: executing program 2 (id=7535): r0 = socket$inet6(0xa, 0x80002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x9359, 0x4) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00) 1.207898428s ago: executing program 7 (id=7536): sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000000000/0x800000)=nil, 0x800000}) 737.882611ms ago: executing program 4 (id=7537): r0 = syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet6_mptcp(0xa, 0x1, 0x106) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_pidfd_open(r0, 0x0) pidfd_getfd(r1, r1, 0x0) 333.175777ms ago: executing program 7 (id=7538): ioprio_set$uid(0x3, 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023892) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 0s ago: executing program 8 (id=7539): r0 = socket(0x10, 0x803, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xb, 0xfff3}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x80000001, 0x0, 0x8}}}}]}, 0x44}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000009b80)=@newtfilter={0x40, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x3}, {}, {0x4, 0x3}}, [@filter_kind_options=@f_route={{0xa}, {0x10, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x8}, @TCA_ROUTE4_ACT={0x4}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x24040084) kernel console output (not intermixed with test programs): ] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 1174.293832][T19203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1174.550784][T19203] 8021q: adding VLAN 0 to HW filter on device team0 [ 1174.668314][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1174.675950][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1174.844273][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1174.851945][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1175.332498][T19401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5535'. [ 1175.687826][T19410] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5538'. [ 1176.956682][T19415] loop7: detected capacity change from 0 to 4096 [ 1177.665335][T19203] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1180.063097][T19470] loop7: detected capacity change from 0 to 256 [ 1180.128117][T19470] exfat: Deprecated parameter 'namecase' [ 1180.269711][T10405] usb 3-1: new full-speed USB device number 29 using dummy_hcd [ 1180.310411][T19203] veth0_vlan: entered promiscuous mode [ 1180.342150][T19470] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x542a3d5d, utbl_chksum : 0xe619d30d) [ 1180.443779][T19203] veth1_vlan: entered promiscuous mode [ 1180.504266][T10405] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 1180.545970][T10405] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1180.588744][T10405] usb 3-1: Product: syz [ 1180.596712][T10405] usb 3-1: Manufacturer: syz [ 1180.629475][T10405] usb 3-1: SerialNumber: syz [ 1180.667740][T10405] usb 3-1: config 0 descriptor?? [ 1180.951044][T19203] veth0_macvtap: entered promiscuous mode [ 1181.054407][T19203] veth1_macvtap: entered promiscuous mode [ 1181.274762][T10405] usb 3-1: USB disconnect, device number 29 [ 1181.342999][T19203] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1181.427153][ T6182] udevd[6182]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1181.523870][T19203] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1181.636869][ T8129] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.676005][ T8129] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.744812][ T8129] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1181.808509][ T8129] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.281539][T19531] loop0: detected capacity change from 0 to 256 [ 1184.347670][T19531] exfat: Deprecated parameter 'utf8' [ 1184.373320][T19531] exfat: Deprecated parameter 'namecase' [ 1184.410454][T19531] exfat: Deprecated parameter 'namecase' [ 1184.416380][T19531] exfat: Deprecated parameter 'utf8' [ 1184.602093][T19531] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d) [ 1184.680919][T19531] exFAT-fs (loop0): failed to test first cluster bit of root dir(5) [ 1185.695798][T19552] IPv6: NLM_F_CREATE should be specified when creating new route [ 1186.236454][T19559] loop0: detected capacity change from 0 to 64 [ 1186.440128][ T29] audit: type=1800 audit(2000000573.295:153): pid=19559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5583" name="file1" dev="loop0" ino=22 res=0 errno=0 [ 1186.444325][T19559] syz.0.5583: attempt to access beyond end of device [ 1186.444325][T19559] loop0: rw=0, sector=39, nr_sectors = 28 limit=64 [ 1187.072278][T19571] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5587'. [ 1187.961108][ T8129] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1187.993043][ T8129] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1188.303714][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1188.359410][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1190.595003][T19633] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5610'. [ 1191.030778][T19638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5612'. [ 1191.886768][T19653] loop0: detected capacity change from 0 to 512 [ 1191.978885][T19653] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1192.033730][T19653] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 1192.093806][T19653] System zones: 1-12 [ 1192.154417][T19653] EXT4-fs (loop0): 1 truncate cleaned up [ 1192.195290][T19653] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1192.271116][ T29] audit: type=1800 audit(2000000579.155:154): pid=19653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.5618" name="file1" dev="loop0" ino=15 res=0 errno=0 [ 1192.574814][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1193.161589][T19673] loop8: detected capacity change from 0 to 64 [ 1193.205102][ T29] audit: type=1326 audit(2000000580.075:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19670 comm="syz.0.5626" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x0 [ 1194.143882][T19686] can0: slcan on ttyS3. [ 1194.412307][T19688] can0 (unregistered): slcan off ttyS3. [ 1194.438698][T19688] Falling back ldisc for ttyS3. [ 1194.967842][T19700] input: syz1 as /devices/virtual/input/input35 [ 1195.045252][T19701] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5637'. [ 1195.144604][T19701] netlink: 72 bytes leftover after parsing attributes in process `syz.5.5637'. [ 1196.440396][T19722] loop0: detected capacity change from 0 to 1024 [ 1196.603776][T19722] hfsplus: walked past end of dir [ 1196.777614][T19725] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5645'. [ 1199.363072][T19758] sit0: entered promiscuous mode [ 1199.440140][T19758] netlink: 'syz.8.5656': attribute type 1 has an invalid length. [ 1199.470349][T19758] netlink: 1 bytes leftover after parsing attributes in process `syz.8.5656'. [ 1202.665518][T19813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5678'. [ 1202.787342][T19813] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5678'. [ 1204.840488][T19854] lo speed is unknown, defaulting to 1000 [ 1207.491914][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1208.395749][T19921] loop8: detected capacity change from 0 to 64 [ 1208.459012][T19924] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5712'. [ 1209.016829][ T29] audit: type=1326 audit(2000000595.895:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19929 comm="syz.5.5713" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6ffef6c code=0x0 [ 1210.312404][T19949] loop8: detected capacity change from 0 to 128 [ 1210.362171][T19949] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1210.419924][T19949] hpfs: filesystem error: improperly stopped [ 1210.449743][T19949] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1210.457718][T19949] hpfs: You really don't want any checks? You are crazy... [ 1210.500250][T19949] hpfs: hpfs_map_sector(): read error [ 1210.505975][T19949] hpfs: code page support is disabled [ 1210.562691][T19949] hpfs: hpfs_map_4sectors(): unaligned read [ 1210.595146][T19949] hpfs: hpfs_map_4sectors(): unaligned read [ 1210.647929][T19949] hpfs: filesystem error: unable to find root dir [ 1211.726295][T19963] lo speed is unknown, defaulting to 1000 [ 1214.590890][T20009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5747'. [ 1215.194892][T20017] lo speed is unknown, defaulting to 1000 [ 1216.059975][T10445] usb 3-1: new high-speed USB device number 30 using dummy_hcd [ 1216.157687][T20018] loop7: detected capacity change from 0 to 8192 [ 1216.262818][T10445] usb 3-1: config 165 has no interfaces? [ 1216.271877][T20036] overlayfs: missing 'workdir' [ 1216.329542][T10445] usb 3-1: New USB device found, idVendor=0c52, idProduct=2431, bcdDevice=fc.33 [ 1216.338827][T10445] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1216.397366][T10445] usb 3-1: Product: syz [ 1216.429733][T10445] usb 3-1: Manufacturer: syz [ 1216.434542][T10445] usb 3-1: SerialNumber: syz [ 1216.743318][T10445] usb 3-1: USB disconnect, device number 30 [ 1217.803855][T20053] tipc: Started in network mode [ 1217.850657][T20053] tipc: Node identity ac14140f, cluster identity 4711 [ 1217.888691][T20053] tipc: New replicast peer: 255.255.255.255 [ 1217.913059][T20053] tipc: Enabled bearer , priority 10 [ 1219.049486][T19207] tipc: Node number set to 2886997007 [ 1219.364297][T10445] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 1219.544995][T10445] usb 1-1: Using ep0 maxpacket: 8 [ 1219.565399][T10445] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 1219.609478][T10445] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1219.678786][T10445] pvrusb2: Hardware description: Terratec Grabster AV400 [ 1219.736781][T10445] pvrusb2: ********** [ 1219.748072][T10445] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 1219.829685][T10445] pvrusb2: Important functionality might not be entirely working. [ 1219.859341][T10445] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 1219.909706][T10445] pvrusb2: ********** [ 1219.935803][ T2329] pvrusb2: Invalid write control endpoint [ 1220.146608][T20081] pvrusb2: Invalid write control endpoint [ 1220.215191][T10430] usb 1-1: USB disconnect, device number 28 [ 1220.263534][ T2329] pvrusb2: Invalid write control endpoint [ 1220.286721][ T2329] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 1220.319788][ T2329] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 1220.336145][ T2329] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 1220.358460][ T2329] pvrusb2: Device being rendered inoperable [ 1220.370508][ T2329] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 1220.378701][ T2329] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 1220.415276][ T2329] pvrusb2: Attached sub-driver cx25840 [ 1220.434466][ T2329] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 1220.469543][ T2329] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 1220.629878][T20101] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5786'. [ 1221.530799][T20113] program syz.2.5792 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1221.959466][T19551] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 1222.155071][T19551] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 1222.213775][T19551] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1222.240285][T19551] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 1222.260255][T20127] netlink: 'syz.8.5798': attribute type 10 has an invalid length. [ 1222.268258][T20127] netlink: 40 bytes leftover after parsing attributes in process `syz.8.5798'. [ 1222.280917][T19551] usb 1-1: SerialNumber: syz [ 1222.434849][T20127] team0: Port device netdevsim1 added [ 1222.809813][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 1222.987049][T19551] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 1223.214558][T19551] usb 1-1: USB disconnect, device number 29 [ 1224.800805][T20153] netlink: 'syz.0.5809': attribute type 10 has an invalid length. [ 1227.124231][T20183] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5823'. [ 1228.151743][T20196] loop7: detected capacity change from 0 to 512 [ 1228.226138][T20196] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 1228.281532][T20196] EXT4-fs (loop7): orphan cleanup on readonly fs [ 1228.301590][T20196] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.5828: Block bitmap for bg 0 marked uninitialized [ 1228.340039][T20196] loop7: lost filesystem error report for type 5 error -117 [ 1228.347014][T20196] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6687: Corrupt filesystem [ 1228.354898][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1228.354993][ C1] EXT4-fs (loop7): initial error at time 2000000615: ext4_read_block_bitmap_nowait:517 [ 1228.355229][ C1] EXT4-fs (loop7): last error at time 2000000615: ext4_read_block_bitmap_nowait:517 [ 1228.447997][T20196] loop7: lost filesystem error report for type 5 error -117 [ 1228.451976][T20196] EXT4-fs (loop7): 1 orphan inode deleted [ 1228.510106][T20196] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1228.643123][T20196] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended [ 1228.719773][T20196] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 1228.784876][ T29] audit: type=1800 audit(2000000615.665:157): pid=20196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5828" name="file2" dev="loop7" ino=16 res=0 errno=0 [ 1229.095075][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1229.608488][T20215] overlayfs: upper fs does not support file handles, falling back to index=off. [ 1229.654298][T20215] overlayfs: NFS export requires "index=on", falling back to nfs_export=off. [ 1231.014588][T20233] lo speed is unknown, defaulting to 1000 [ 1232.739866][T20255] loop0: detected capacity change from 0 to 512 [ 1232.781277][T20255] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31 [ 1234.322174][T20275] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5862'. [ 1235.153509][T20287] loop8: detected capacity change from 0 to 128 [ 1235.983414][T20297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5872'. [ 1236.446040][T20305] overlayfs: failed to clone upperpath [ 1237.739016][T20324] loop8: detected capacity change from 0 to 512 [ 1237.817842][T20324] EXT4-fs: Ignoring removed orlov option [ 1237.865489][T20324] EXT4-fs: Ignoring removed mblk_io_submit option [ 1237.911417][T20324] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -13 [ 1237.952537][T20324] EXT4-fs error (device loop8): ext4_clear_blocks:876: inode #13: comm syz.8.5881: attempt to clear invalid blocks 2 len 1 [ 1238.006354][T20322] bond1: entered promiscuous mode [ 1238.051532][T20324] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1238.055825][T20324] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1315: group 0, [ 1238.065674][ C0] EXT4-fs (loop8): error count since last fsck: 1 [ 1238.065785][ C0] EXT4-fs (loop8): initial error at time 2000000624: ext4_clear_blocks:876: inode 13 [ 1238.065942][ C0] EXT4-fs (loop8): last error at time 2000000624: ext4_clear_blocks:876: inode 13 [ 1238.111485][T20324] block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters [ 1238.149655][T20322] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1238.210432][T20324] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.5881: invalid indirect mapped block 1819239214 (level 0) [ 1238.227881][T20322] team0: Port device bond1 added [ 1238.279510][T20324] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1238.295240][T20324] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #13: comm syz.8.5881: invalid indirect mapped block 1819239214 (level 1) [ 1238.346206][T20324] loop8: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 1238.354643][T20324] EXT4-fs (loop8): 1 truncate cleaned up [ 1238.415952][T20324] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1238.451738][T20336] Failed to get privilege flags for destination (handle=0x2:0x0) [ 1238.633190][T20324] EXT4-fs (loop8): Quota file not on filesystem root. Journaled quota will not work [ 1239.686002][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1239.760184][T20346] loop7: detected capacity change from 0 to 4096 [ 1239.834986][T20346] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 1240.170150][T20346] ntfs3(loop7): ino=1a, mi_enum_attr [ 1240.213648][T20346] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1240.334233][T20346] ntfs3(loop7): ino=1e, "file1" ntfs_sync_inode failed, -22. [ 1240.382035][ T29] audit: type=1800 audit(2000000627.265:158): pid=20346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.5893" name="file1" dev="loop7" ino=30 res=0 errno=0 [ 1240.623286][ T49] ntfs3(loop7): ino=1e, ntfs3_write_inode failed, -22. [ 1242.197655][T20381] trusted_key: encrypted_key: keyword 'nelt' not recognized [ 1243.507551][T20401] netlink: 52 bytes leftover after parsing attributes in process `syz.0.5917'. [ 1243.521656][T20402] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5918'. [ 1243.721588][T20404] sctp: [Deprecated]: syz.5.5919 (pid 20404) Use of int in max_burst socket option deprecated. [ 1243.721588][T20404] Use struct sctp_assoc_value instead [ 1244.084977][T20408] loop7: detected capacity change from 0 to 512 [ 1244.245567][T20408] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1244.338414][T20408] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1244.549902][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1246.383182][T20441] syzkaller0: tun_chr_ioctl cmd 35108 [ 1249.269447][T19207] usb 1-1: new low-speed USB device number 30 using dummy_hcd [ 1249.486041][T19207] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 1249.511863][T19207] usb 1-1: config 0 has no interface number 0 [ 1249.540245][T19207] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1249.567625][T19207] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 1249.613541][T19207] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1249.647897][T19207] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 1249.709451][T19207] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 1249.745002][T19207] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1249.809441][T19207] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1249.839880][T19207] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1249.885489][T19207] usb 1-1: config 0 descriptor?? [ 1249.915299][T20491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1249.935809][T20491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 1249.993832][T19207] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 1250.244256][T19207] usb 1-1: USB disconnect, device number 30 [ 1250.291565][T19207] ldusb 1-1:0.55: LD USB Device #0 now disconnected [ 1251.403128][T20523] ieee802154 phy0 wpan0: encryption failed: -126 [ 1252.067723][T20534] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5977'. [ 1252.159528][T20534] netem: incorrect ge model size [ 1252.164691][T20534] netem: change failed [ 1252.179031][T20532] loop0: detected capacity change from 0 to 1764 [ 1253.012410][T20547] Invalid ELF header magic: != ELF [ 1254.427129][T20569] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5991'. [ 1255.313764][T20585] loop8: detected capacity change from 0 to 128 [ 1255.759471][T20587] program syz.0.5998 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1257.134863][T20608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6008'. [ 1257.210370][T20608] netlink: 'syz.2.6008': attribute type 14 has an invalid length. [ 1257.218403][T20608] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6008'. [ 1258.442476][T20624] netlink: 56 bytes leftover after parsing attributes in process `syz.5.6015'. [ 1258.604863][ T29] audit: type=1804 audit(2000000645.485:159): pid=20626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.6016" name="/newroot/1251/file0" dev="tmpfs" ino=6442 res=1 errno=0 [ 1258.728641][T20629] loop8: detected capacity change from 0 to 128 [ 1258.779818][T20629] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1258.855889][T20629] hpfs: filesystem error: improperly stopped [ 1258.873303][T20629] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1258.893535][T20629] hpfs: You really don't want any checks? You are crazy... [ 1258.905569][T20629] hpfs: hpfs_map_sector(): read error [ 1258.931125][T20629] hpfs: code page support is disabled [ 1258.937666][T20629] hpfs: hpfs_map_4sectors(): unaligned read [ 1258.954783][T20630] loop0: detected capacity change from 0 to 1024 [ 1259.003017][T20629] hpfs: hpfs_map_4sectors(): unaligned read [ 1259.045262][T20629] hpfs: filesystem error: unable to find root dir [ 1259.151687][T20630] hfsplus: bad catalog entry type [ 1259.160918][T20629] hpfs: hpfs_map_4sectors(): unaligned read [ 1259.200412][T20629] hpfs: hpfs_map_sector(): read error [ 1259.519689][ T8139] hfsplus: b-tree write err: -5, ino 25 [ 1259.525828][ T8139] hfsplus: b-tree write err: -5, ino 4 [ 1259.550387][ T8139] hfsplus: b-tree write err: -5, ino 2 [ 1260.077344][ T29] audit: type=1326 audit(2000000646.955:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.199037][ T29] audit: type=1326 audit(2000000646.995:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.296482][ T29] audit: type=1326 audit(2000000647.005:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.399466][ T29] audit: type=1326 audit(2000000647.005:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.525019][ T29] audit: type=1326 audit(2000000647.005:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.584684][ T29] audit: type=1326 audit(2000000647.015:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=57 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.719599][ T29] audit: type=1326 audit(2000000647.015:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.829587][ T29] audit: type=1326 audit(2000000647.015:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1260.856409][T20651] loop0: detected capacity change from 0 to 64 [ 1260.955639][ T29] audit: type=1326 audit(2000000647.015:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20639 comm="syz.0.6022" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704ef6c code=0x7ffc0000 [ 1262.009035][T20661] loop0: detected capacity change from 0 to 1024 [ 1262.122514][T20661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1262.289984][T20661] ext4 filesystem being mounted at /1218/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1262.720628][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1263.280168][T20681] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6042'. [ 1264.161598][T20699] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6049'. [ 1266.633191][T20730] netlink: 'syz.5.6062': attribute type 30 has an invalid length. [ 1267.812727][T20749] netlink: 52 bytes leftover after parsing attributes in process `syz.5.6070'. [ 1268.203206][T20752] loop7: detected capacity change from 0 to 512 [ 1268.256554][T20752] FAT-fs (loop7): bogus number of FAT sectors [ 1268.286135][T20752] FAT-fs (loop7): Can't find a valid FAT filesystem [ 1268.920435][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1269.806447][T20774] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6082'. [ 1270.134260][T20779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6085'. [ 1270.210700][T20779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6085'. [ 1270.266093][T20779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6085'. [ 1271.329799][T19207] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 1271.510217][T19207] usb 1-1: Using ep0 maxpacket: 16 [ 1271.528620][T19207] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0 [ 1271.585171][T19207] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has an invalid bInterval 0, changing to 7 [ 1271.628292][T19207] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0 [ 1271.689028][T19207] usb 1-1: config 0 interface 0 has no altsetting 0 [ 1271.729062][T19207] usb 1-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb [ 1271.742797][T19207] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1271.781569][T19207] usb 1-1: Product: syz [ 1271.806330][T19207] usb 1-1: Manufacturer: syz [ 1271.831203][T19207] usb 1-1: SerialNumber: syz [ 1271.901733][T19207] usb 1-1: config 0 descriptor?? [ 1272.226509][T19207] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input36 [ 1272.336960][ T5112] synaptics_usb 1-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 1272.377550][ T5112] synaptics_usb 1-1:0.0: synusb_open - usb_submit_urb failed, error: -90 [ 1272.456643][T19207] usb 1-1: USB disconnect, device number 31 [ 1272.483105][ T5112] synaptics_usb 1-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 1272.576387][T20789] synaptics_usb 1-1:0.0: synusb_open - usb_submit_urb failed, error: -19 [ 1274.905355][T20825] loop0: detected capacity change from 0 to 2048 [ 1275.143794][T20825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1275.250512][T20836] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6109'. [ 1275.552118][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1277.083026][T20852] geneve2: entered promiscuous mode [ 1277.116401][T20852] geneve2: entered allmulticast mode [ 1277.900111][T20858] sctp: [Deprecated]: syz.8.6119 (pid 20858) Use of int in maxseg socket option. [ 1277.900111][T20858] Use struct sctp_assoc_value instead [ 1279.290722][T20873] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6125'. [ 1279.362917][T20875] netlink: 4 bytes leftover after parsing attributes in process `syz.8.6125'. [ 1279.456548][T20878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6129'. [ 1279.480852][T20878] netlink: 'syz.5.6129': attribute type 20 has an invalid length. [ 1279.513944][T20878] netlink: 'syz.5.6129': attribute type 21 has an invalid length. [ 1281.112590][T20902] kernel read not supported for file /file1 (pid: 20902 comm: syz.7.6138) [ 1281.159925][ T29] kauditd_printk_skb: 6 callbacks suppressed [ 1281.160010][ T29] audit: type=1800 audit(2000000668.035:175): pid=20902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.6138" name="file1" dev="mqueue" ino=59070 res=0 errno=0 [ 1284.426993][T20946] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6158'. [ 1285.156631][T20953] loop7: detected capacity change from 0 to 2048 [ 1285.349611][T20958] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1286.329710][ T5781] Bluetooth: hci2: command 0x0406 tx timeout [ 1287.637814][T20996] loop7: detected capacity change from 0 to 512 [ 1289.638972][T21019] netlink: 'syz.5.6187': attribute type 11 has an invalid length. [ 1289.661481][T21019] netlink: 36 bytes leftover after parsing attributes in process `syz.5.6187'. [ 1290.273969][T21026] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6189'. [ 1290.930832][T21034] loop8: detected capacity change from 0 to 256 [ 1291.023789][T21034] exfat: Deprecated parameter 'utf8' [ 1291.620313][T21034] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d) [ 1293.078001][T21059] loop0: detected capacity change from 0 to 128 [ 1293.250168][T21059] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1293.342390][T21059] ext4 filesystem being mounted at /1249/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1293.588838][T21068] bridge0: port 2(bridge_slave_1) entered disabled state [ 1293.597368][T21068] bridge0: port 1(bridge_slave_0) entered disabled state [ 1293.860755][ T5773] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1295.452261][T21092] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6218'. [ 1295.785810][T21096] netlink: 'syz.5.6220': attribute type 7 has an invalid length. [ 1296.583935][T21105] loop0: detected capacity change from 0 to 128 [ 1296.678733][T21105] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1296.734086][T21105] hpfs: filesystem error: improperly stopped [ 1296.759750][T21105] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1296.790291][T21105] hpfs: You really don't want any checks? You are crazy... [ 1296.828772][T21105] hpfs: hpfs_map_sector(): read error [ 1296.852981][T21105] hpfs: code page support is disabled [ 1296.901804][T21105] hpfs: hpfs_map_4sectors(): unaligned read [ 1296.921751][T21105] hpfs: hpfs_map_4sectors(): unaligned read [ 1296.937669][T21105] hpfs: filesystem error: unable to find root dir [ 1297.865186][T21125] netlink: 'syz.5.6231': attribute type 10 has an invalid length. [ 1297.899628][T21125] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6231'. [ 1298.764985][T21139] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6237'. [ 1299.150677][T21143] loop0: detected capacity change from 0 to 512 [ 1299.270460][T21143] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.6239: inode has both inline data and extents flags [ 1299.355100][T21143] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1299.356034][T21143] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.6239: couldn't read orphan inode 15 (err -117) [ 1299.365771][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1299.365869][ C1] EXT4-fs (loop0): initial error at time 2000000686: ext4_orphan_get:1391: inode 15 [ 1299.366031][ C1] EXT4-fs (loop0): last error at time 2000000686: ext4_orphan_get:1391: inode 15 [ 1299.480087][T21143] loop0: lost filesystem error report for type 5 error -117 [ 1299.487605][T21143] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1299.977840][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1301.992834][T21182] loop7: detected capacity change from 0 to 7 [ 1302.027296][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.037347][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.058350][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.068501][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.083709][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.093647][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.131694][T21187] Invalid logical block size (768) [ 1302.143885][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.154024][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.164677][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.174702][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.202538][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.212533][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.222906][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.232920][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.254022][ T5903] ldm_validate_partition_table(): Disk read failed. [ 1302.267703][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.277861][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.289872][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.299886][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.319837][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 1302.329849][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 1302.344335][ T5903] Dev loop7: unable to read RDB block 0 [ 1302.378659][ T5903] loop7: unable to read partition table [ 1302.392590][T21181] loop8: detected capacity change from 0 to 2048 [ 1302.414592][ T5903] loop7: partition table beyond EOD, truncated [ 1302.481354][T21182] ldm_validate_partition_table(): Disk read failed. [ 1302.504365][T21182] Dev loop7: unable to read RDB block 0 [ 1302.556026][T21181] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1302.585047][T21182] loop7: unable to read partition table [ 1302.604059][T21182] loop7: partition table beyond EOD, truncated [ 1302.641107][T21182] loop_reread_partitions: partition scan of loop7 (úùƒå¡™‰ü¾CêjÌ–ã¢P=ý?ã}X‹ºÐ œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö˜Èµ4FLQkÝŠ) failed (rc=-5) [ 1302.805255][T21190] sctp: [Deprecated]: syz.0.6258 (pid 21190) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1302.805255][T21190] Use struct sctp_sack_info instead [ 1303.045008][T21192] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6259'. [ 1304.605319][T21208] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6266'. [ 1305.024190][T21216] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1305.032358][T21216] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1305.068078][T21216] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1305.103030][T21216] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1305.156022][T21216] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1305.208710][T21216] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1305.232495][T21216] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1305.233288][T21219] overlayfs: failed to clone upperpath [ 1306.505703][T21233] binder: 21232:21233 ioctl 400c620e 80000300 returned -22 [ 1307.059642][T11342] Bluetooth: hci1: command 0x2016 tx timeout [ 1307.132076][T11342] Bluetooth: hci4: command 0x0406 tx timeout [ 1307.209734][T11342] Bluetooth: hci2: command 0x0406 tx timeout [ 1308.463416][T21264] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 1309.129997][T11342] Bluetooth: hci1: command 0x2016 tx timeout [ 1309.212483][T11342] Bluetooth: hci4: command 0x0406 tx timeout [ 1309.289691][T11342] Bluetooth: hci2: command 0x0406 tx timeout [ 1310.269722][T21284] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6301'. [ 1310.931309][T21294] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6306'. [ 1311.292309][T11342] Bluetooth: hci4: command 0x0406 tx timeout [ 1314.176805][T21326] loop0: detected capacity change from 0 to 512 [ 1314.192848][T21326] EXT4-fs: Ignoring removed i_version option [ 1314.199086][T21326] EXT4-fs: Ignoring removed bh option [ 1314.351906][T21326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1314.381910][T21326] ext4 filesystem being mounted at /1275/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 1314.446698][T21326] EXT4-fs (loop0): shut down requested (1) [ 1314.781615][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1314.840913][T21328] loop7: detected capacity change from 0 to 4096 [ 1314.939375][T21328] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512). [ 1315.446349][T21328] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1315.839654][ T8131] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22. [ 1315.872408][T14498] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1315.896933][T14498] ntfs3(loop7): Mark volume as dirty due to NTFS errors [ 1315.929450][T14498] ntfs3(loop7): ino=3, ntfs_set_state failed, -22. [ 1315.937672][ T8131] ntfs3(loop7): ino=3, ntfs3_write_inode failed, -22. [ 1317.200726][T21366] loop8: detected capacity change from 0 to 128 [ 1317.260706][T21366] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256 [ 1317.430980][ T29] audit: type=1800 audit(2000000704.315:176): pid=21366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6333" name="file1" dev="loop8" ino=94 res=0 errno=0 [ 1317.530027][ T29] audit: type=1800 audit(2000000704.365:177): pid=21366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6333" name="file1" dev="loop8" ino=94 res=0 errno=0 [ 1319.375940][T21393] loop8: detected capacity change from 0 to 4096 [ 1319.464188][T10445] usb 1-1: new full-speed USB device number 32 using dummy_hcd [ 1319.734094][T10445] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 1319.760629][T21393] ntfs3(loop8): Failed to initialize $Extend/$ObjId. [ 1319.786952][T10445] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1319.808687][T10445] usb 1-1: Product: syz [ 1319.829494][T10445] usb 1-1: Manufacturer: syz [ 1319.834301][T10445] usb 1-1: SerialNumber: syz [ 1319.891214][T10445] usb 1-1: config 0 descriptor?? [ 1319.951686][T10445] gspca_main: sq930x-2.14.0 probing 2770:930c [ 1320.059696][T21403] netlink: 2140 bytes leftover after parsing attributes in process `syz.2.6351'. [ 1320.615313][T21407] loop7: detected capacity change from 0 to 512 [ 1320.729015][T10445] gspca_sq930x: ucbus_write failed -71 [ 1320.779828][T21407] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1320.812612][T21407] ext4 filesystem being mounted at /519/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1320.953106][T10445] gspca_sq930x: Sensor ov9630 not yet treated [ 1320.981708][T10445] sq930x 1-1:0.0: probe with driver sq930x failed with error -22 [ 1321.075064][T10445] usb 1-1: USB disconnect, device number 32 [ 1321.368761][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1321.790993][T21421] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6361'. [ 1321.975333][T21427] loop8: detected capacity change from 0 to 512 [ 1322.037461][T21427] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1322.157715][T21427] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.6363: inode has both inline data and extents flags [ 1322.266053][T21432] program syz.0.6364 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1322.284603][T21427] loop8: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1322.289287][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 1322.305450][ C1] EXT4-fs (loop8): initial error at time 2000000709: ext4_orphan_get:1391: inode 15 [ 1322.315266][ C1] EXT4-fs (loop8): last error at time 2000000709: ext4_orphan_get:1391: inode 15 [ 1322.331472][T21427] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.6363: couldn't read orphan inode 15 (err -117) [ 1322.356700][T21427] loop8: lost filesystem error report for type 5 error -117 [ 1322.370379][T21427] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1322.815061][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1323.512545][T21443] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6370'. [ 1324.652712][T21459] Falling back ldisc for ttyS3. [ 1324.941230][T21461] loop0: detected capacity change from 0 to 512 [ 1324.993070][T21461] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1325.084105][T21461] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.6378: inode has both inline data and extents flags [ 1325.189965][T21461] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1325.199312][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1325.215312][ C1] EXT4-fs (loop0): initial error at time 2000000712: ext4_orphan_get:1391: inode 15 [ 1325.225123][ C1] EXT4-fs (loop0): last error at time 2000000712: ext4_orphan_get:1391: inode 15 [ 1325.243863][T21461] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.6378: couldn't read orphan inode 15 (err -117) [ 1325.290670][T21461] loop0: lost filesystem error report for type 5 error -117 [ 1325.363235][T21461] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1325.681611][ T5773] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1327.238568][T21494] netlink: 428 bytes leftover after parsing attributes in process `syz.7.6392'. [ 1327.259811][T21494] netlink: 32 bytes leftover after parsing attributes in process `syz.7.6392'. [ 1330.363570][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1330.512968][ T5827] usb 3-1: new high-speed USB device number 31 using dummy_hcd [ 1330.692910][ T5827] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 1330.720434][ T5827] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1330.776920][ T5827] usb 3-1: config 0 descriptor?? [ 1330.800828][ T5827] cp210x 3-1:0.0: cp210x converter detected [ 1331.112201][T21553] netlink: 'syz.7.6418': attribute type 3 has an invalid length. [ 1331.150526][T21553] netlink: 76 bytes leftover after parsing attributes in process `syz.7.6418'. [ 1331.182129][T21554] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6419'. [ 1331.230368][T21554] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6419'. [ 1331.248335][ T5827] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32 [ 1331.328557][ T5827] usb 3-1: cp210x converter now attached to ttyUSB0 [ 1331.495572][ T5827] usb 3-1: USB disconnect, device number 31 [ 1331.597166][ T5827] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 1331.691435][T21556] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6420'. [ 1331.740562][T21556] netlink: 28 bytes leftover after parsing attributes in process `syz.8.6420'. [ 1331.772680][ T5827] cp210x 3-1:0.0: device disconnected [ 1331.858935][T21558] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6421'. [ 1331.903916][T21558] netlink: 'syz.7.6421': attribute type 30 has an invalid length. [ 1331.943580][ T8129] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 1331.951203][T21558] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6421'. [ 1331.970434][T21558] netlink: 'syz.7.6421': attribute type 30 has an invalid length. [ 1331.974193][ T8129] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 1332.022416][ T8129] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 1332.063513][ T8129] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 1332.327894][T21561] bridge0: port 2(bridge_slave_1) entered disabled state [ 1332.337783][T21561] bridge0: port 1(bridge_slave_0) entered disabled state [ 1333.693030][T19207] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 1333.886425][T19207] usb 9-1: Using ep0 maxpacket: 8 [ 1333.923631][T19207] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 1333.972466][T19207] usb 9-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 1333.993884][T19207] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1334.029025][T19207] usb 9-1: config 0 descriptor?? [ 1334.294071][T19207] iowarrior 9-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 1334.519034][T10445] usb 9-1: USB disconnect, device number 2 [ 1334.846065][T21599] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6440'. [ 1335.854901][T21609] loop7: detected capacity change from 0 to 512 [ 1335.893749][T21609] EXT4-fs: Ignoring removed i_version option [ 1336.005146][T21609] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1336.122689][T21609] ext4 filesystem being mounted at /541/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1336.548666][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1336.706444][T21624] 9p: Bad value for 'rfdno' [ 1339.684743][T11342] Bluetooth: hci4: Unknown advertising packet type: 0x70 [ 1339.684895][T11342] Bluetooth: hci4: adv larger than maximum supported [ 1339.695998][T11342] Bluetooth: hci4: Malformed LE Event: 0x0d [ 1339.722438][T21674] loop7: detected capacity change from 0 to 512 [ 1339.822770][T21674] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1339.860066][T21674] ext4 filesystem being mounted at /546/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1340.062004][T21675] loop8: detected capacity change from 0 to 4096 [ 1340.110112][T21675] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512). [ 1340.175259][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1342.114985][T21700] loop8: detected capacity change from 0 to 1 [ 1342.163455][T21700] Dev loop8: unable to read RDB block 1 [ 1342.209487][T21700] loop8: unable to read partition table [ 1342.216010][T21700] loop8: partition table beyond EOD, truncated [ 1342.312058][T21700] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– ) failed (rc=-5) [ 1342.782148][T21710] binder: BC_ACQUIRE_RESULT not supported [ 1342.813781][T21710] binder: 21709:21710 ioctl c0306201 800004c0 returned -22 [ 1343.643116][T21714] loop8: detected capacity change from 0 to 4096 [ 1343.789618][T21726] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1343.919083][ T29] audit: type=1800 audit(2000000730.795:178): pid=21714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6489" name="file1" dev="loop8" ino=15 res=0 errno=0 [ 1344.526269][ T8129] Bluetooth: hci5: Frame reassembly failed (-84) [ 1344.552564][T21736] Bluetooth: received HCILL_WAKE_UP_IND in state 2 [ 1345.096135][T21745] netlink: 'syz.2.6502': attribute type 6 has an invalid length. [ 1345.138864][T21745] netlink: 36 bytes leftover after parsing attributes in process `syz.2.6502'. [ 1346.572615][T11342] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1346.579267][ T5781] Bluetooth: hci5: command 0x1003 tx timeout [ 1348.119921][T21793] loop7: detected capacity change from 0 to 128 [ 1348.186925][T21793] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1348.215830][T21793] ext4 filesystem being mounted at /553/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 1348.649472][T14498] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1349.215675][T21811] random: crng reseeded on system resumption [ 1353.220184][T11342] Bluetooth: hci2: unexpected event for opcode 0x0009 [ 1353.257696][T21864] ALSA: mixer_oss: invalid OSS volume '' [ 1353.954101][T21875] loop7: detected capacity change from 0 to 1024 [ 1354.037031][T21875] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 1354.101684][T21875] EXT4-fs (loop7): orphan cleanup on readonly fs [ 1354.178816][T21875] EXT4-fs error (device loop7): ext4_map_blocks:776: inode #3: block 2: comm syz.7.6556: lblock 2 mapped to illegal pblock 2 (length 1) [ 1354.202279][T21875] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1354.203030][T21875] Quota error (device loop7): qtree_write_dquot: dquota write failed [ 1354.212635][ C1] EXT4-fs (loop7): error count since last fsck: 1 [ 1354.212725][ C1] EXT4-fs (loop7): initial error at time 2000000741: ext4_map_blocks:776: inode 3: block 2 [ 1354.212916][ C1] EXT4-fs (loop7): last error at time 2000000741: ext4_map_blocks:776: inode 3: block 2 [ 1354.269983][T21875] EXT4-fs error (device loop7): ext4_map_blocks:776: inode #3: block 48: comm syz.7.6556: lblock 0 mapped to illegal pblock 48 (length 1) [ 1354.331691][T21875] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1354.344958][T21875] Quota error (device loop7): v2_write_file_info: Can't write info structure [ 1354.417692][T21875] EXT4-fs error (device loop7): ext4_acquire_dquot:7003: comm syz.7.6556: Failed to acquire dquot type 0 [ 1354.462305][T21875] loop7: lost filesystem error report for type 5 error -117 [ 1354.464827][T21875] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6246: Corrupt filesystem [ 1354.499458][T21875] loop7: lost filesystem error report for type 5 error -117 [ 1354.524577][T21875] EXT4-fs error (device loop7): ext4_evict_inode:255: inode #11: comm syz.7.6556: mark_inode_dirty error [ 1354.590057][T21875] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 1354.600693][T21875] EXT4-fs warning (device loop7): ext4_evict_inode:258: couldn't mark inode dirty (err -117) [ 1354.665889][T21875] EXT4-fs (loop7): 1 orphan inode deleted [ 1354.718402][ T8120] EXT4-fs error (device loop7): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:19: lblock 1 mapped to illegal pblock 1 (length 1) [ 1354.736194][ T8120] loop7: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 1354.736843][ T8120] Quota error (device loop7): remove_tree: Can't read quota data block 1 [ 1354.763943][ T8120] EXT4-fs error (device loop7): ext4_release_dquot:7039: comm kworker/u8:19: Failed to release dquot type 0 [ 1354.879491][ T8120] loop7: lost filesystem error report for type 5 error -117 [ 1354.902630][T21875] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1355.314770][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1356.896448][T21916] loop7: detected capacity change from 0 to 256 [ 1357.016687][T21918] geneve2: entered promiscuous mode [ 1357.050398][T21918] geneve2: entered allmulticast mode [ 1357.067330][T21916] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 1357.084889][T18044] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 20000 - 0 [ 1357.152785][T18044] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 20000 - 0 [ 1357.173742][T18044] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 20000 - 0 [ 1357.215587][ T8139] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 20000 - 0 [ 1358.112350][T19207] usb 3-1: new high-speed USB device number 32 using dummy_hcd [ 1358.339378][T19207] usb 3-1: Using ep0 maxpacket: 32 [ 1358.352708][T19207] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 1358.383508][T19207] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1358.452481][T19207] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 1359.088457][T19207] usb 3-1: USB disconnect, device number 32 [ 1360.364783][T21961] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6589'. [ 1360.438588][T21963] loop0: detected capacity change from 0 to 16 [ 1360.474490][T21963] erofs (device loop0): mounted with root inode @ nid 36. [ 1361.930685][T21985] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6602'. [ 1362.336301][T21983] loop8: detected capacity change from 0 to 4096 [ 1362.880686][T21995] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6606'. [ 1362.978029][T21995] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6606'. [ 1363.050033][T21998] netlink: 60 bytes leftover after parsing attributes in process `syz.2.6606'. [ 1364.359532][T22018] can0: slcan on ttyS3. [ 1364.577794][T22019] can0 (unregistered): slcan off ttyS3. [ 1364.657196][T22018] can0: slcan on ttyS3. [ 1364.941419][T22017] can0 (unregistered): slcan off ttyS3. [ 1365.254712][T22028] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6620'. [ 1365.712528][T22036] netlink: 1684 bytes leftover after parsing attributes in process `syz.7.6623'. [ 1365.749574][T22036] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6623'. [ 1366.837377][T22054] ptrace attach of "./syz-executor exec"[5773] was attempted by "./syz-executor exec"[22054] [ 1370.719322][T22108] geneve2: entered promiscuous mode [ 1370.749887][T22108] geneve2: entered allmulticast mode [ 1370.855783][ T8131] netdevsim netdevsim8 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 1370.873557][ T8131] netdevsim netdevsim8 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 1370.894786][ T8131] netdevsim netdevsim8 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 1370.928969][ T8131] netdevsim netdevsim8 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 1370.979752][T22105] lo speed is unknown, defaulting to 1000 [ 1371.045975][T22110] loop7: detected capacity change from 0 to 2048 [ 1371.185989][T22110] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1371.264557][T22110] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1371.768814][T22120] netlink: 'syz.8.6659': attribute type 4 has an invalid length. [ 1375.354819][T22158] loop7: detected capacity change from 0 to 164 [ 1375.495435][T22158] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 1376.132128][T22167] loop0: detected capacity change from 0 to 512 [ 1376.192784][T22167] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 1376.265486][T22167] EXT4-fs error (device loop0): ext4_orphan_get:1417: comm syz.0.6679: bad orphan inode 131083 [ 1376.279629][T22167] loop0: lost filesystem error report for type 5 error -117 [ 1376.289289][ C1] EXT4-fs (loop0): error count since last fsck: 1 [ 1376.303309][T22167] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1376.315670][ C1] EXT4-fs (loop0): initial error at time 2000000763: ext4_orphan_get:1417 [ 1376.324642][ C1] EXT4-fs (loop0): last error at time 2000000763: ext4_orphan_get:1417 [ 1377.253530][T22174] loop8: detected capacity change from 0 to 4096 [ 1377.302914][T22174] ntfs3: Unknown parameter 'ÿÿÿÿÿÿÿÿ' [ 1378.394939][T12251] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1378.494409][ T8131] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1378.713171][ T8131] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1378.850376][ T8131] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1379.055545][ T8131] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1379.647978][ T8131] bridge_slave_1: left allmulticast mode [ 1379.663762][ T8131] bridge_slave_1: left promiscuous mode [ 1379.710706][ T8131] bridge0: port 2(bridge_slave_1) entered disabled state [ 1379.751570][ T8131] bridge_slave_0: left allmulticast mode [ 1379.757425][ T8131] bridge_slave_0: left promiscuous mode [ 1379.791781][ T8131] bridge0: port 1(bridge_slave_0) entered disabled state [ 1380.308536][ T8131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1380.328656][ T8131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1380.363473][ T8131] bond0 (unregistering): Released all slaves [ 1380.530542][ T8131] tipc: Disabling bearer [ 1380.549694][ T8131] tipc: Left network mode [ 1380.955424][ T8131] hsr_slave_0: left promiscuous mode [ 1380.983291][ T8131] hsr_slave_1: left promiscuous mode [ 1380.992626][ T8131] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1381.033122][ T8131] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1381.053868][ T8131] batman_adv: batadv0: Removing interface: macvtap1 [ 1382.147110][ T8131] team0 (unregistering): Port device team_slave_1 removed [ 1382.295750][ T8131] team0 (unregistering): Port device team_slave_0 removed [ 1382.855387][ T5781] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1382.866695][ T5781] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1382.898824][ T5781] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1382.918034][ T5781] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1382.928854][ T5781] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1383.510775][T22232] lo speed is unknown, defaulting to 1000 [ 1383.547273][T22228] loop7: detected capacity change from 0 to 8192 [ 1383.861644][T22227] lo speed is unknown, defaulting to 1000 [ 1384.577867][ T8131] IPVS: stop unused estimator thread 0... [ 1384.920161][T22244] loop8: detected capacity change from 0 to 4096 [ 1384.977391][T22244] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512). [ 1385.049780][ T5781] Bluetooth: hci1: command tx timeout [ 1385.454094][T22244] ntfs3(loop8): ino=1d, mi_enum_attr [ 1385.482364][T22244] ntfs3(loop8): ino=1d, mi_enum_attr [ 1385.505931][T22244] ntfs3(loop8): ino=1d, "file1" mi_enum_attr [ 1385.795042][T22232] chnl_net:caif_netlink_parms(): no params data found [ 1387.133270][ T5781] Bluetooth: hci1: command tx timeout [ 1387.283455][ T29] audit: type=1326 audit(2000000774.155:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22274 comm="syz.7.6714" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f64f6c code=0x0 [ 1387.720463][T22232] bridge0: port 1(bridge_slave_0) entered blocking state [ 1387.732998][T22232] bridge0: port 1(bridge_slave_0) entered disabled state [ 1387.756405][T22232] bridge_slave_0: entered allmulticast mode [ 1387.790182][T22276] loop8: detected capacity change from 0 to 4096 [ 1387.793411][T22232] bridge_slave_0: entered promiscuous mode [ 1387.846104][T22276] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512). [ 1387.886719][T22232] bridge0: port 2(bridge_slave_1) entered blocking state [ 1387.923293][T22232] bridge0: port 2(bridge_slave_1) entered disabled state [ 1387.954933][T22232] bridge_slave_1: entered allmulticast mode [ 1388.029087][T22232] bridge_slave_1: entered promiscuous mode [ 1388.318816][T22276] ntfs3(loop8): ino=1a, mi_enum_attr [ 1388.363041][T22232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1388.374311][T22276] ntfs3(loop8): Mark volume as dirty due to NTFS errors [ 1388.397933][T22276] ntfs3(loop8): ino=1a, mi_enum_attr [ 1388.429720][T22276] ntfs3(loop8): Failed to initialize $Extend/$Reparse. [ 1388.471259][T22232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1388.905438][T22296] overlayfs: failed to clone lowerpath [ 1388.927847][T22232] team0: Port device team_slave_0 added [ 1389.040117][T22232] team0: Port device team_slave_1 added [ 1389.214344][ T5781] Bluetooth: hci1: command tx timeout [ 1389.537218][T22232] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1389.571645][T22232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1389.672683][T22232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1389.710081][T22232] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1389.740044][T22232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1389.799291][T22232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1390.080165][T22302] loop7: detected capacity change from 0 to 4096 [ 1390.135831][T22302] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512). [ 1390.295394][T22232] hsr_slave_0: entered promiscuous mode [ 1390.338844][T22232] hsr_slave_1: entered promiscuous mode [ 1390.488310][T22302] ntfs3(loop7): ino=1d, mi_enum_attr [ 1390.570120][ T29] audit: type=1326 audit(2000000777.405:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22309 comm="syz.8.6725" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000 [ 1390.598206][T22302] ntfs3(loop7): ino=1d, mi_enum_attr [ 1390.637999][T22302] ntfs3(loop7): ino=1d, "file1" mi_enum_attr [ 1391.153049][T22316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6727'. [ 1391.216570][T10449] hid-generic 0000:0000:0000.0037: unknown main item tag 0x0 [ 1391.251159][T22316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6727'. [ 1391.293040][ T5781] Bluetooth: hci1: command tx timeout [ 1391.315272][T10449] hid-generic 0000:0000:0000.0037: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1391.806589][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1391.919717][T22318] lo speed is unknown, defaulting to 1000 [ 1392.862151][T22334] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 1393.637835][T22232] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 1393.732951][T22232] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 1393.872819][T22232] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 1394.019043][T22232] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 1395.400955][T22354] IPVS: Scheduler module ip_vs_sip not found [ 1395.420749][T22356] IPVS: length: 152 != 8 [ 1395.811017][T22232] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1396.190931][T22232] 8021q: adding VLAN 0 to HW filter on device team0 [ 1396.334722][T15218] bridge0: port 1(bridge_slave_0) entered blocking state [ 1396.342462][T15218] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1396.446402][T15218] bridge0: port 2(bridge_slave_1) entered blocking state [ 1396.454140][T15218] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1398.439556][T22388] loop8: detected capacity change from 0 to 1024 [ 1398.583355][T22388] EXT4-fs (loop8): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 1398.702107][T22388] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1398.917534][T22388] EXT4-fs error (device loop8): ext4_map_blocks:818: inode #15: block 3: comm syz.8.6747: lblock 3 mapped to illegal pblock 3 (length 3) [ 1399.034920][T22388] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 1399.189286][T22388] EXT4-fs (loop8): This should not happen!! Data will be lost [ 1399.189286][T22388] [ 1399.303912][T22400] EXT4-fs error (device loop8): ext4_map_blocks:818: inode #15: block 8: comm syz.8.6747: lblock 8 mapped to illegal pblock 8 (length 8) [ 1399.373733][T22395] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set [ 1399.382104][T22232] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1399.409733][T22400] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117 [ 1399.452385][T22400] EXT4-fs (loop8): This should not happen!! Data will be lost [ 1399.452385][T22400] [ 1399.918964][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 1401.888425][T22232] veth0_vlan: entered promiscuous mode [ 1402.039093][T22232] veth1_vlan: entered promiscuous mode [ 1402.453678][ T29] audit: type=1800 audit(2000000789.335:181): pid=22448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.6763" name="nullb0" dev="tmpfs" ino=6254 res=0 errno=0 [ 1402.546905][T22446] loop8: detected capacity change from 0 to 1024 [ 1402.592775][T22232] veth0_macvtap: entered promiscuous mode [ 1402.689031][T22232] veth1_macvtap: entered promiscuous mode [ 1403.028906][T22232] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1403.159655][T22232] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1403.295515][ T8120] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1403.349514][T15218] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1403.391266][ T8129] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1403.474750][ T8129] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1405.798504][T22493] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6776'. [ 1406.779770][T19551] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 1406.959721][T19551] usb 9-1: Using ep0 maxpacket: 8 [ 1406.986250][T19551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9 [ 1407.029613][T19551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1407.053541][T19551] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1407.089487][T19551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 1407.109883][T19551] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0 [ 1407.186904][T19551] usb 9-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58 [ 1407.228238][T19551] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1407.257024][T19551] usb 9-1: config 0 descriptor?? [ 1407.403206][ T5781] Bluetooth: hci5: urb ffff8880707cb0c0 submission failed (90) [ 1407.606614][ T5827] usb 9-1: USB disconnect, device number 3 [ 1407.886012][T22519] netlink: 'syz.2.6784': attribute type 4 has an invalid length. [ 1408.065646][T10405] lo speed is unknown, defaulting to 1000 [ 1408.072057][T10405] syz2: Port: 1 Link DOWN [ 1408.630916][T22522] loop7: detected capacity change from 0 to 2048 [ 1408.776875][T22522] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1409.022513][T19551] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 1409.238844][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1409.268511][T19551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1409.327024][T19551] usb 9-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00 [ 1409.360593][T19551] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1409.453761][T19551] usb 9-1: config 0 descriptor?? [ 1409.937859][T19551] hid-led 0003:1294:1320.0038: unknown main item tag 0x2 [ 1409.981710][T19551] hid-led 0003:1294:1320.0038: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.8-1/input0 [ 1410.070852][T19551] hid-led 0003:1294:1320.0038: Riso Kagaku Webmail Notifier initialized [ 1410.181205][T19551] usb 9-1: USB disconnect, device number 4 [ 1410.267666][ T8120] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38) [ 1410.349374][T18044] leds riso_kagaku0:green: Setting an LED's brightness failed (-38) [ 1410.444882][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1410.465707][ T8139] leds riso_kagaku0:red: Setting an LED's brightness failed (-38) [ 1410.530811][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1410.856131][T22546] Context (ID=0x0) not attached to queue pair (handle=0x2:0x0) [ 1410.907213][ T8139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1410.952483][ T8139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1410.996971][T22541] fido_id[22541]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1411.281474][T22552] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 1412.167545][ T8120] Bluetooth: hci5: Frame reassembly failed (-84) [ 1412.375878][T22563] Bluetooth: hci2: hardware error 0x00 [ 1412.854156][T22570] process '/newroot/1218/file0' started with executable stack [ 1413.017336][T22567] loop8: detected capacity change from 0 to 4096 [ 1414.172268][ T5781] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 1414.245511][T22562] Bluetooth: hci0: Opcode 0x0c20 failed: -110 [ 1414.409531][T22563] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 1414.557441][T22591] loop8: detected capacity change from 0 to 512 [ 1414.634301][T22591] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode [ 1414.817274][T22591] EXT4-fs error (device loop8): ext4_free_branches:1023: inode #16: comm syz.8.6806: invalid indirect mapped block 4294967295 (level 0) [ 1414.932396][T22591] loop8: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 1414.933776][T22591] EXT4-fs (loop8): Remounting filesystem read-only [ 1414.943333][ C1] EXT4-fs (loop8): error count since last fsck: 1 [ 1414.943425][ C1] EXT4-fs (loop8): initial error at time 2000000801: ext4_free_branches:1023: inode 16 [ 1414.943585][ C1] EXT4-fs (loop8): last error at time 2000000801: ext4_free_branches:1023: inode 16 [ 1415.063152][T22591] EXT4-fs (loop8): 1 orphan inode deleted [ 1415.069419][T22591] EXT4-fs (loop8): 1 truncate cleaned up [ 1415.104624][T22591] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1415.363958][T22591] EXT4-fs (loop8): shut down requested (1) [ 1415.487812][T22603] loop7: detected capacity change from 0 to 512 [ 1415.577932][T22603] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 1415.766413][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1415.793176][T22603] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1415.903876][T22603] ext4 filesystem being mounted at /615/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1416.143958][ T29] audit: type=1800 audit(2000000803.015:182): pid=22603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.6809" name="file1" dev="loop7" ino=18 res=0 errno=0 [ 1416.472397][T22617] netlink: 14 bytes leftover after parsing attributes in process `syz.8.6813'. [ 1416.596056][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1416.752661][T22617] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1416.860521][T22617] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1416.917516][T22617] bond0 (unregistering): Released all slaves [ 1416.974627][T22626] loop9: detected capacity change from 0 to 512 [ 1417.101033][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1417.148800][T22626] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1417.178358][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1417.326121][T22626] EXT4-fs (loop9): 1 truncate cleaned up [ 1417.401796][T22626] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1418.113028][T22232] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1418.238648][ T29] audit: type=1326 audit(2000000805.115:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1418.267150][T22639] loop8: detected capacity change from 0 to 1024 [ 1418.348856][ T29] audit: type=1326 audit(2000000805.185:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1418.497264][ T29] audit: type=1326 audit(2000000805.185:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1418.635590][ T29] audit: type=1326 audit(2000000805.185:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1418.801127][ T29] audit: type=1326 audit(2000000805.195:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=224 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1418.936710][ T29] audit: type=1326 audit(2000000805.195:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1419.079796][ T29] audit: type=1326 audit(2000000805.195:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1419.220982][ T29] audit: type=1326 audit(2000000805.195:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=177 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1419.338597][ T29] audit: type=1326 audit(2000000805.265:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22640 comm="syz.2.6822" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc7f6c code=0x7ffc0000 [ 1420.558682][T22671] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 1420.582963][T19209] usb 10-1: new high-speed USB device number 2 using dummy_hcd [ 1420.750533][T19209] usb 10-1: Using ep0 maxpacket: 8 [ 1420.784824][T19209] usb 10-1: config index 0 descriptor too short (expected 301, got 45) [ 1420.823315][T19209] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1420.894221][T19209] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1420.915037][T19209] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1420.964424][T19209] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1421.035376][T19209] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1421.088784][T19209] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1421.409081][T22681] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6836'. [ 1422.070381][T22687] usbtmc 10-1:16.0: simple control status returned d7 [ 1422.285751][T19209] usb 10-1: USB disconnect, device number 2 [ 1422.382649][T22696] loop8: detected capacity change from 0 to 512 [ 1423.806621][T22712] loop7: detected capacity change from 0 to 64 [ 1424.849427][T19551] usb 10-1: new high-speed USB device number 3 using dummy_hcd [ 1424.954139][T22723] overlayfs: overlay with incompat feature 'volatile' cannot be mounted [ 1425.065778][T19551] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1425.113666][T19551] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1425.164090][T19551] usb 10-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 1425.202040][T19551] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1425.267662][T19551] usb 10-1: config 0 descriptor?? [ 1425.780284][T19551] steelseries 0003:1038:12B6.0039: unknown main item tag 0x0 [ 1425.870956][T19551] steelseries 0003:1038:12B6.0039: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.9-1/input0 [ 1426.053179][T19551] steelseries 0003:1038:12B6.0039: hid_hw_raw_request() failed with -71 [ 1426.181007][T19551] usb 10-1: USB disconnect, device number 3 [ 1426.637301][T22745] loop7: detected capacity change from 0 to 65 [ 1426.722012][T22745] BFS-fs: bfs_fill_super(): NOTE: filesystem loop7 was created with 512 inodes, the real maximum is 511, mounting anyway [ 1426.814496][T22741] fido_id[22741]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.9/usb10/report_descriptor': No such file or directory [ 1426.847176][T22750] pim6reg1: entered promiscuous mode [ 1426.900769][T22750] pim6reg1: entered allmulticast mode [ 1427.586393][T22755] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 1427.619382][T19551] IPVS: starting estimator thread 0... [ 1427.740108][T22759] IPVS: using max 240 ests per chain, 12000 per kthread [ 1431.276610][T22816] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6880'. [ 1431.412207][T22812] bond0: entered allmulticast mode [ 1431.451122][T22812] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1431.988799][T22826] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6882'. [ 1434.815946][T22871] PF_CAN: dropped non conform CAN skbuff: dev type 65534, len 49 [ 1435.114152][T22878] loop8: detected capacity change from 0 to 128 [ 1435.324044][T19551] Process accounting resumed [ 1435.379039][T19551] kworker/0:3: attempt to access beyond end of device [ 1435.379039][T19551] loop8: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 1435.765420][T22883] loop7: detected capacity change from 0 to 1024 [ 1435.935222][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 1435.935293][ T29] audit: type=1800 audit(2000000822.815:193): pid=22883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.6900" name="file1" dev="loop7" ino=20 res=0 errno=0 [ 1437.516090][T22910] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6911'. [ 1437.518932][ T29] audit: type=1326 audit(2000000824.395:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.598982][ T29] audit: type=1326 audit(2000000824.455:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.718679][ T29] audit: type=1326 audit(2000000824.465:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.753645][ T29] audit: type=1326 audit(2000000824.475:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.780754][ T29] audit: type=1326 audit(2000000824.485:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.863691][ T29] audit: type=1326 audit(2000000824.485:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=442 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1437.953544][ T29] audit: type=1326 audit(2000000824.485:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1438.048614][ T29] audit: type=1326 audit(2000000824.485:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22905 comm="syz.9.6912" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000 [ 1439.608538][T22928] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6919'. [ 1439.663598][T22928] netlink: 452 bytes leftover after parsing attributes in process `syz.2.6919'. [ 1439.714858][T22928] netlink: 452 bytes leftover after parsing attributes in process `syz.2.6919'. [ 1440.862294][T22941] netlink: 64138 bytes leftover after parsing attributes in process `syz.7.6926'. [ 1443.740382][T22968] geneve2: entered promiscuous mode [ 1443.751657][T22968] geneve2: entered allmulticast mode [ 1444.482831][T22976] batadv_slave_1: entered promiscuous mode [ 1444.548044][T22975] batadv_slave_1: left promiscuous mode [ 1444.845201][T22981] lo speed is unknown, defaulting to 1000 [ 1444.968400][T22984] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 1447.487547][T23018] loop9: detected capacity change from 0 to 512 [ 1448.059973][T19551] kernel write not supported for file bpf-prog (pid: 19551 comm: kworker/0:3) [ 1448.454243][T23030] ipvlan1: entered promiscuous mode [ 1448.471861][T23027] ipvlan1: left promiscuous mode [ 1449.751242][T23049] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6971'. [ 1450.215067][T23057] loop8: detected capacity change from 0 to 64 [ 1450.581277][T23059] netlink: 12 bytes leftover after parsing attributes in process `syz.7.6976'. [ 1451.477068][ T29] audit: type=1326 audit(2000000838.355:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1451.560110][ T29] audit: type=1326 audit(2000000838.355:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=162 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1451.574576][T23068] loop7: detected capacity change from 0 to 256 [ 1451.692733][ T29] audit: type=1326 audit(2000000838.355:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1451.839547][ T29] audit: type=1326 audit(2000000838.355:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1451.944507][ T29] audit: type=1326 audit(2000000838.355:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1452.074023][ T29] audit: type=1326 audit(2000000838.355:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf716572b code=0x7ffc0000 [ 1452.157827][ T29] audit: type=1326 audit(2000000838.445:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1452.263858][ T29] audit: type=1326 audit(2000000838.445:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf716572b code=0x7ffc0000 [ 1452.422451][ T29] audit: type=1326 audit(2000000838.445:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f64f6c code=0x7ffc0000 [ 1452.518770][ T29] audit: type=1326 audit(2000000838.535:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23067 comm="syz.7.6979" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf716572b code=0x7ffc0000 [ 1453.240795][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1453.266076][T23088] loop9: detected capacity change from 0 to 512 [ 1453.328978][T23088] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode [ 1453.447657][T23088] EXT4-fs (loop9): 1 truncate cleaned up [ 1453.512511][T23088] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1453.922891][T22232] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1455.441799][T23113] loop8: detected capacity change from 0 to 512 [ 1455.482990][T23113] FAT-fs (loop8): error, invalid access to FAT (entry 0x004e60ff) [ 1456.960143][T23137] loop8: detected capacity change from 0 to 128 [ 1457.073909][T23137] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 1457.139763][T23137] hpfs: filesystem error: improperly stopped [ 1457.171067][T23137] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 1457.179029][T23137] hpfs: You really don't want any checks? You are crazy... [ 1457.219773][T23137] hpfs: hpfs_map_sector(): read error [ 1457.225311][T23137] hpfs: code page support is disabled [ 1457.298863][T23137] hpfs: hpfs_map_4sectors(): unaligned read [ 1457.321886][T23137] hpfs: hpfs_map_4sectors(): unaligned read [ 1457.369633][T23137] hpfs: filesystem error: unable to find root dir [ 1459.152719][T23163] loop8: detected capacity change from 0 to 1024 [ 1459.798921][T23174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1460.723691][ T29] kauditd_printk_skb: 10 callbacks suppressed [ 1460.723770][ T29] audit: type=1326 audit(2000000847.605:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23175 comm="syz.8.7024" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7fc00000 [ 1461.272139][ T5827] usb 10-1: new low-speed USB device number 4 using dummy_hcd [ 1461.452626][ T5827] usb 10-1: config 1 has an invalid interface descriptor of length 6, skipping [ 1461.463008][ T5827] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1461.505838][ T5827] usb 10-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 1461.552659][ T5827] usb 10-1: config 1 has no interface number 1 [ 1461.596903][ T5827] usb 10-1: string descriptor 0 read error: -71 [ 1461.634666][ T5827] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 1461.671240][ T5827] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1461.707169][ T5827] usb 10-1: can't set config #1, error -71 [ 1461.743950][ T5827] usb 10-1: USB disconnect, device number 4 [ 1463.059587][T23209] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1464.921649][T23236] loop9: detected capacity change from 0 to 1024 [ 1464.953502][T23236] EXT4-fs: Ignoring removed orlov option [ 1465.138903][T23236] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1465.897924][T23250] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized [ 1465.948799][T23247] loop7: detected capacity change from 0 to 1024 [ 1466.427922][ T8129] hfsplus: b-tree write err: -5, ino 25 [ 1466.451984][T22232] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1466.471072][ T8129] hfsplus: b-tree write err: -5, ino 4 [ 1466.476928][ T8129] hfsplus: b-tree write err: -5, ino 2 [ 1473.496923][T23352] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7100'. [ 1474.343926][ T5827] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1474.380562][ T5827] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1474.449073][T23357] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1474.608908][T23357] 8021q: adding VLAN 0 to HW filter on device team0 [ 1474.734106][T23357] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1474.860847][ T13] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1474.888713][ T13] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1474.991116][ T13] bond0: (slave bond_slave_0): link status definitely down, disabling slave [ 1475.021081][ T13] bond0: (slave bond_slave_1): link status definitely down, disabling slave [ 1475.031202][T19551] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1475.047858][ T13] bond0: now running without any active interface! [ 1475.289921][ T5827] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1477.452065][T23408] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 1477.520455][T19551] lo speed is unknown, defaulting to 1000 [ 1477.526364][T19551] syz2: Port: 1 Link ACTIVE [ 1477.798300][T23415] loop8: detected capacity change from 0 to 1024 [ 1477.870169][T23415] EXT4-fs: inline encryption not supported [ 1478.051939][T23415] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1478.265401][ T29] audit: type=1800 audit(2000000865.145:223): pid=23415 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.7124" name="file1" dev="loop8" ino=15 res=0 errno=0 [ 1478.270416][T23415] EXT4-fs (loop8): shut down requested (0) [ 1478.760252][T23428] lo speed is unknown, defaulting to 1000 [ 1478.786499][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1479.370015][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1479.476019][T23436] loop9: detected capacity change from 0 to 2048 [ 1479.755178][T23436] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1480.203754][T23436] UDF-fs: warning (device loop9): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 4096 lbcount: 4608 extent 65+512 [ 1480.706126][ T5827] hid-generic 0000:0000:0000.003A: unknown main item tag 0x0 [ 1480.805171][ T5827] hid-generic 0000:0000:0000.003A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 1480.916195][T23452] loop8: detected capacity change from 0 to 1024 [ 1481.758802][T23458] fido_id[23458]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 1481.760347][ T8129] hfsplus: b-tree write err: -5, ino 25 [ 1481.850449][ T8129] hfsplus: b-tree write err: -5, ino 4 [ 1481.899896][ T8129] hfsplus: b-tree write err: -5, ino 2 [ 1483.992378][T23495] netlink: 'syz.2.7160': attribute type 83 has an invalid length. [ 1486.764122][T23530] netlink: 'syz.8.7175': attribute type 3 has an invalid length. [ 1488.409822][ C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured! [ 1489.273749][T23567] netlink: 'syz.9.7191': attribute type 3 has an invalid length. [ 1489.310551][T23567] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7191'. [ 1489.628849][T23574] loop7: detected capacity change from 0 to 256 [ 1490.604659][T23583] loop7: detected capacity change from 0 to 512 [ 1490.712756][T23583] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002] [ 1490.750402][T23583] System zones: 0-2, 18-18, 34-35 [ 1490.798622][T23583] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1490.832751][T23583] ext4 filesystem being mounted at /678/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1491.328073][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1494.655141][ T49] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1494.774749][ T49] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1494.897818][ T49] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1495.107884][ T49] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1495.868890][ T49] bridge_slave_1: left allmulticast mode [ 1495.886031][ T49] bridge_slave_1: left promiscuous mode [ 1495.901014][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 1495.950160][ T49] bridge_slave_0: left allmulticast mode [ 1495.964983][ T49] bridge_slave_0: left promiscuous mode [ 1495.973356][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 1496.528837][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1496.581279][ T49] bond_slave_0: left promiscuous mode [ 1496.610928][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1496.681990][ T49] bond_slave_1: left promiscuous mode [ 1496.715222][ T49] bond0 (unregistering): Released all slaves [ 1497.622324][T22568] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1497.644733][T22568] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1497.656484][T22568] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1497.675528][T22568] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1497.708538][T22568] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1497.779489][ T49] hsr_slave_0: left promiscuous mode [ 1497.874346][ T49] hsr_slave_1: left promiscuous mode [ 1497.883903][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1497.948709][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1498.347469][ T49] team0 (unregistering): Port device batadv1 removed [ 1498.466417][ T49] pimreg (unregistering): left allmulticast mode [ 1498.469771][T23672] sock: sock_set_timeout: `syz.7.7232' (pid 23672) tries to set negative timeout [ 1499.299554][T19209] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 1499.323292][ T49] team0 (unregistering): Port device team_slave_1 removed [ 1499.485227][T19209] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1499.493025][ T49] team0 (unregistering): Port device team_slave_0 removed [ 1499.552245][T19209] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 1499.626563][T19209] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1499.815872][T19209] usb 3-1: config 0 descriptor?? [ 1499.855205][T22568] Bluetooth: hci4: command tx timeout [ 1500.374571][T19209] lua 0003:1E7D:2C2E.003B: unbalanced collection at end of report description [ 1500.422393][T19209] lua 0003:1E7D:2C2E.003B: parse failed [ 1500.465325][T19209] lua 0003:1E7D:2C2E.003B: probe with driver lua failed with error -22 [ 1500.598275][T19209] usb 3-1: USB disconnect, device number 33 [ 1500.699745][T19551] usb 9-1: new full-speed USB device number 5 using dummy_hcd [ 1500.711005][ T49] lo (unregistering): left allmulticast mode [ 1500.904456][T19551] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 1500.954057][T19551] usb 9-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00 [ 1501.003386][T19551] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1501.085882][T19551] usb 9-1: config 0 descriptor?? [ 1501.098037][T23661] lo speed is unknown, defaulting to 1000 [ 1501.119451][T23695] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22 [ 1501.687824][T19551] elan 0003:04F3:0755.003C: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.8-1/input0 [ 1501.836551][T19209] usb 9-1: USB disconnect, device number 5 [ 1501.929631][T22568] Bluetooth: hci4: command tx timeout [ 1502.066960][T23706] fido_id[23706]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1502.095616][T23709] netlink: 'syz.2.7244': attribute type 12 has an invalid length. [ 1502.137463][T23709] netlink: 'syz.2.7244': attribute type 29 has an invalid length. [ 1502.222117][T23709] netlink: 'syz.2.7244': attribute type 1 has an invalid length. [ 1502.269690][T23709] netlink: 'syz.2.7244': attribute type 2 has an invalid length. [ 1502.298651][T23709] netlink: 'syz.2.7244': attribute type 1 has an invalid length. [ 1502.359429][T23709] netlink: 228 bytes leftover after parsing attributes in process `syz.2.7244'. [ 1503.280705][T23727] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7250'. [ 1503.319513][T23727] netlink: 40 bytes leftover after parsing attributes in process `syz.7.7250'. [ 1503.497409][T23661] chnl_net:caif_netlink_parms(): no params data found [ 1504.010433][T22568] Bluetooth: hci4: command tx timeout [ 1504.068449][ T49] IPVS: stop unused estimator thread 0... [ 1504.143447][T23739] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7253'. [ 1505.610723][T23661] bridge0: port 1(bridge_slave_0) entered blocking state [ 1505.665243][T23661] bridge0: port 1(bridge_slave_0) entered disabled state [ 1505.693656][T23661] bridge_slave_0: entered allmulticast mode [ 1505.713128][T23661] bridge_slave_0: entered promiscuous mode [ 1505.783195][T23661] bridge0: port 2(bridge_slave_1) entered blocking state [ 1505.802729][T23661] bridge0: port 2(bridge_slave_1) entered disabled state [ 1505.820366][T23661] bridge_slave_1: entered allmulticast mode [ 1505.875680][T23661] bridge_slave_1: entered promiscuous mode [ 1506.096634][T22563] Bluetooth: hci4: command tx timeout [ 1506.163850][T23661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1506.196420][T23661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1506.497822][T22563] Bluetooth: hci1: command 0x0406 tx timeout [ 1506.708361][T23661] team0: Port device team_slave_0 added [ 1506.754120][T23661] team0: Port device team_slave_1 added [ 1507.057833][T23661] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1507.090294][T23661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1507.232756][T23661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1507.296073][T23661] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1507.330047][T23661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1507.400790][T23661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1507.572490][T23783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7267'. [ 1507.702739][T23661] hsr_slave_0: entered promiscuous mode [ 1507.730670][T23661] hsr_slave_1: entered promiscuous mode [ 1507.751380][T23661] debugfs: 'hsr0' already exists in 'hsr' [ 1507.757892][T23661] Cannot create hsr debugfs directory [ 1510.562322][T23661] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1510.628626][T23661] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1510.780355][T23661] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1510.897494][T23661] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1511.517055][T23830] loop8: detected capacity change from 0 to 4096 [ 1511.567560][T23830] EXT4-fs: inline encryption not supported [ 1511.648257][T23830] EXT4-fs (loop8): Test dummy encryption mode enabled [ 1511.754936][T23830] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 1511.771434][T23830] System zones: 0-5 [ 1511.864969][T23830] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1512.374096][T23661] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1512.583989][T19203] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1512.655288][T23661] 8021q: adding VLAN 0 to HW filter on device team0 [ 1512.828693][ T8120] bridge0: port 1(bridge_slave_0) entered blocking state [ 1512.836367][ T8120] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1512.948142][ T8120] bridge0: port 2(bridge_slave_1) entered blocking state [ 1512.955733][ T8120] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1514.322344][T23868] loop8: detected capacity change from 0 to 64 [ 1514.676595][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1515.851609][T23661] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1518.656696][T23661] veth0_vlan: entered promiscuous mode [ 1518.870322][T23661] veth1_vlan: entered promiscuous mode [ 1518.974733][T23936] kvm: apic: phys broadcast and lowest prio [ 1519.306881][T23661] veth0_macvtap: entered promiscuous mode [ 1519.381637][T23661] veth1_macvtap: entered promiscuous mode [ 1519.462919][T23943] loop9: detected capacity change from 0 to 1024 [ 1519.639960][T23661] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1519.739762][T23661] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1519.878006][T15218] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1519.910525][T22538] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1519.986119][T22538] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1520.016818][T22538] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1520.266932][ T8131] hfsplus: b-tree write err: -5, ino 3 [ 1520.677597][ T8403] bond0: (slave syz_tun): Releasing backup interface [ 1521.126265][T22538] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1521.163547][T22538] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 1521.348304][T22538] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1521.365128][T22538] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 1521.486936][T22538] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1521.506987][T22538] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 1521.635914][T22538] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 1521.670611][T22538] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20000 - 0 [ 1522.126894][T22538] bridge_slave_1: left allmulticast mode [ 1522.159466][T22538] bridge_slave_1: left promiscuous mode [ 1522.168050][T22538] bridge0: port 2(bridge_slave_1) entered disabled state [ 1522.218712][T22538] bridge_slave_0: left allmulticast mode [ 1522.239478][T22538] bridge_slave_0: left promiscuous mode [ 1522.246061][T22538] bridge0: port 1(bridge_slave_0) entered disabled state [ 1523.073481][T22538] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1523.112158][T22538] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1523.133474][T22538] bond0 (unregistering): Released all slaves [ 1523.370057][T22538] tipc: Disabling bearer [ 1523.376175][T22538] tipc: Left network mode [ 1523.405034][T22538] IPVS: stopping backup sync thread 6004 ... [ 1523.805472][T22538] hsr_slave_0: left promiscuous mode [ 1523.837062][T22538] hsr_slave_1: left promiscuous mode [ 1524.420184][T22538] team0 (unregistering): Port device team_slave_1 removed [ 1524.471527][T22538] team0 (unregistering): Port device team_slave_0 removed [ 1524.907818][T10405] lo speed is unknown, defaulting to 1000 [ 1524.931900][T10405] syz2: Port: 1 Link DOWN [ 1525.247336][T22538] IPVS: stop unused estimator thread 0... [ 1525.835621][ T8120] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1525.867958][ T8120] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1525.974559][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1525.982848][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1527.162948][T22563] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1527.177536][T22563] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1527.188036][T22563] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1527.247715][T22563] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1527.259541][T22563] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1527.708273][T24023] loop7: detected capacity change from 0 to 128 [ 1527.800477][T24023] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1527.933633][T24023] ext4 filesystem being mounted at /706/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1528.433549][T22122] usb 9-1: new full-speed USB device number 6 using dummy_hcd [ 1528.501497][T14498] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1528.659688][T22122] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 1528.709955][T22122] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 1528.732925][T22122] usb 9-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00 [ 1528.743232][T22122] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1528.824787][T22122] usb 9-1: config 0 descriptor?? [ 1529.290377][T22568] Bluetooth: hci3: command tx timeout [ 1529.422794][T24046] netlink: 'syz.9.7325': attribute type 29 has an invalid length. [ 1529.454456][T22122] hid-multitouch 0003:0457:07DA.003D: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.8-1/input0 [ 1529.477710][T24046] netlink: 'syz.9.7325': attribute type 29 has an invalid length. [ 1529.556705][T24049] netlink: 600 bytes leftover after parsing attributes in process `syz.9.7325'. [ 1529.629733][T24049] unsupported nla_type 58 [ 1529.637027][T22122] usb 9-1: USB disconnect, device number 6 [ 1529.682346][T24014] chnl_net:caif_netlink_parms(): no params data found [ 1530.553422][T24051] fido_id[24051]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory [ 1530.604960][T24059] netlink: 24 bytes leftover after parsing attributes in process `syz.9.7332'. [ 1530.877536][T24061] loop4: detected capacity change from 0 to 512 [ 1530.973297][T24061] EXT4-fs: Ignoring removed bh option [ 1531.056300][T24061] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 1531.159469][T24061] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.7333: corrupted in-inode xattr: e_value size too large [ 1531.187344][T24061] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1531.189309][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 1531.205356][ C1] EXT4-fs (loop4): initial error at time 2000000918: ext4_iget_extra_inode:5025: inode 15 [ 1531.215631][ C1] EXT4-fs (loop4): last error at time 2000000918: ext4_iget_extra_inode:5025: inode 15 [ 1531.256580][T24061] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.7333: couldn't read orphan inode 15 (err -117) [ 1531.310544][T24061] loop4: lost filesystem error report for type 5 error -117 [ 1531.342597][T24061] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1531.419413][T22568] Bluetooth: hci3: command tx timeout [ 1531.882752][T23661] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1532.232893][T24014] bridge0: port 1(bridge_slave_0) entered blocking state [ 1532.274118][T24014] bridge0: port 1(bridge_slave_0) entered disabled state [ 1532.303580][T24014] bridge_slave_0: entered allmulticast mode [ 1532.382550][T24014] bridge_slave_0: entered promiscuous mode [ 1532.465174][T24014] bridge0: port 2(bridge_slave_1) entered blocking state [ 1532.519718][T24014] bridge0: port 2(bridge_slave_1) entered disabled state [ 1532.527436][T24014] bridge_slave_1: entered allmulticast mode [ 1532.580162][T24014] bridge_slave_1: entered promiscuous mode [ 1533.021930][T24014] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1533.074870][T24014] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1533.191588][T24014] team0: Port device team_slave_0 added [ 1533.210839][T24014] team0: Port device team_slave_1 added [ 1533.449431][T22568] Bluetooth: hci3: command tx timeout [ 1533.496206][T24014] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1533.540175][T24014] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1533.659582][T24014] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1533.725318][T24014] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1533.799325][T24014] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1533.967234][T24014] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1534.512905][T24014] hsr_slave_0: entered promiscuous mode [ 1534.542296][T24014] hsr_slave_1: entered promiscuous mode [ 1534.631551][T24014] debugfs: 'hsr0' already exists in 'hsr' [ 1534.637485][T24014] Cannot create hsr debugfs directory [ 1534.947819][T24110] loop9: detected capacity change from 0 to 512 [ 1535.070979][T24110] EXT4-fs: Ignoring removed bh option [ 1535.079683][T19209] IPVS: starting estimator thread 0... [ 1535.087546][T24113] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1535.151744][T24110] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem [ 1535.242325][T24117] IPVS: using max 240 ests per chain, 12000 per kthread [ 1535.294478][T24110] EXT4-fs error (device loop9): ext4_iget_extra_inode:5025: inode #15: comm syz.9.7347: corrupted in-inode xattr: e_value size too large [ 1535.399617][T24110] loop9: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 1535.409298][ C0] EXT4-fs (loop9): error count since last fsck: 1 [ 1535.425351][ C0] EXT4-fs (loop9): initial error at time 2000000922: ext4_iget_extra_inode:5025: inode 15 [ 1535.435697][ C0] EXT4-fs (loop9): last error at time 2000000922: ext4_iget_extra_inode:5025: inode 15 [ 1535.450065][T24110] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.7347: couldn't read orphan inode 15 (err -117) [ 1535.469898][T24110] loop9: lost filesystem error report for type 5 error -117 [ 1535.492125][T24110] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1535.557670][T22568] Bluetooth: hci3: command tx timeout [ 1536.094539][T22232] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1536.398057][T24120] loop4: detected capacity change from 0 to 8192 [ 1536.912901][T24131] loop9: detected capacity change from 0 to 2048 [ 1537.012162][T24131] NILFS (loop9): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1537.136903][T23661] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 1537.166686][T24136] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1537.199510][T23661] FAT-fs (loop4): Filesystem has been set read-only [ 1537.662373][T24014] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1537.816325][T24014] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1537.848750][T24142] loop7: detected capacity change from 0 to 256 [ 1537.967747][T24142] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d) [ 1538.017037][T24014] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1538.127612][T24014] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1538.155953][T24139] NILFS (loop9): DAT doesn't have a block to manage vblocknr = 3044605952 [ 1538.219948][T24139] NILFS error (device loop9): nilfs_bmap_truncate: broken bmap (inode number=15) [ 1538.311979][T24139] Remounting filesystem read-only [ 1538.317194][T24139] NILFS (loop9): error -5 truncating bmap (ino=15) [ 1538.821631][T22232] NILFS (loop9): disposed unprocessed dirty file(s) when detaching log writer [ 1539.755335][T24014] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1540.065469][T24014] 8021q: adding VLAN 0 to HW filter on device team0 [ 1540.183920][ T8129] bridge0: port 1(bridge_slave_0) entered blocking state [ 1540.191500][ T8129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1540.300326][T24168] loop5: detected capacity change from 0 to 7 [ 1540.388731][T24168] Dev loop5: unable to read RDB block 7 [ 1540.409772][ T8129] bridge0: port 2(bridge_slave_1) entered blocking state [ 1540.417245][ T8129] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1540.480948][T24168] loop5: unable to read partition table [ 1540.487487][T24168] loop5: partition table beyond EOD, truncated [ 1540.559668][T24168] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5) [ 1541.422691][T24177] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7367'. [ 1541.602877][T24184] [U] [ 1541.605891][T24184] [U] [ 1541.608843][T24184] [U] [ 1541.611797][T24184] [U] [ 1541.614765][T24184] [U] [ 1541.617752][T24184] [U] [ 1541.620724][T24184] [U] [ 1541.623688][T24184] [U] [ 1541.703558][T24184] [U] [ 1541.706558][T24184] [U] [ 1541.709506][T24184] [U] [ 1541.876357][T24187] loop4: detected capacity change from 0 to 2048 [ 1541.965283][T24187] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1542.193664][T24192] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1542.216526][T24179] [U] [ 1543.544889][T24014] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1544.172823][T24209] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7375'. [ 1544.318632][T24014] veth0_vlan: entered promiscuous mode [ 1544.485148][T24014] veth1_vlan: entered promiscuous mode [ 1545.064290][T24220] netlink: 'syz.8.7379': attribute type 1 has an invalid length. [ 1545.094181][T24220] netlink: 16 bytes leftover after parsing attributes in process `syz.8.7379'. [ 1545.110991][T24014] veth0_macvtap: entered promiscuous mode [ 1545.204609][T24220] netlink: 'syz.8.7379': attribute type 1 has an invalid length. [ 1545.248543][T24014] veth1_macvtap: entered promiscuous mode [ 1545.279610][T24220] netlink: 16 bytes leftover after parsing attributes in process `syz.8.7379'. [ 1545.499835][T24223] loop7: detected capacity change from 0 to 8 [ 1545.667994][T24014] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1545.904201][T24014] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1546.043102][T24229] loop9: detected capacity change from 0 to 2048 [ 1546.112578][ T8139] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1546.161853][ T8139] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1546.250789][ T8139] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1546.349731][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1546.403001][T24229] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1546.529053][T24229] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1546.724077][T24229] EXT4-fs (loop9): shut down requested (2) [ 1547.083653][T22232] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1551.254199][T24304] loop7: detected capacity change from 0 to 512 [ 1551.329855][T24304] EXT4-fs: Ignoring removed i_version option [ 1551.493562][T24304] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1551.679352][ T29] audit: type=1804 audit(2000000938.535:224): pid=24304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.7400" name="/newroot/726/file1/file1" dev="loop7" ino=15 res=1 errno=0 [ 1552.247118][T14498] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1554.323404][T18044] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1554.389683][T18044] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1554.763924][ T8129] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1554.795699][ T8129] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1555.328521][T24350] vcan0: tx drop: invalid da for name 0x0000008000000000 [ 1555.471904][T24352] netlink: 16 bytes leftover after parsing attributes in process `syz.8.7415'. [ 1555.528976][T24352] netlink: 16 bytes leftover after parsing attributes in process `syz.8.7415'. [ 1556.769772][T10445] usb 9-1: new high-speed USB device number 7 using dummy_hcd [ 1556.969696][T10445] usb 9-1: Using ep0 maxpacket: 16 [ 1557.052276][T10445] usb 9-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6 [ 1557.074017][T10445] usb 9-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3 [ 1557.139810][T10445] usb 9-1: Product: syz [ 1557.144200][T10445] usb 9-1: Manufacturer: syz [ 1557.148977][T10445] usb 9-1: SerialNumber: syz [ 1557.197801][T10445] usb 9-1: config 0 descriptor?? [ 1557.340143][T24375] sctp: [Deprecated]: syz.7.7422 (pid 24375) Use of int in max_burst socket option. [ 1557.340143][T24375] Use struct sctp_assoc_value instead [ 1557.362732][T24376] loop2: detected capacity change from 0 to 128 [ 1557.580744][T24379] netlink: 16 bytes leftover after parsing attributes in process `syz.9.7424'. [ 1557.861008][T10445] usb 9-1: USB disconnect, device number 7 [ 1558.347636][ T5998] udevd[5998]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 1561.434835][T24421] loop4: detected capacity change from 0 to 256 [ 1561.651921][T24425] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 1561.740085][T24425] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1562.293610][T24432] loop9: detected capacity change from 0 to 16 [ 1562.400265][T24432] erofs (device loop9): mounted with root inode @ nid 36. [ 1563.526600][T24441] netlink: 15478 bytes leftover after parsing attributes in process `syz.9.7443'. [ 1565.805112][T24468] sctp: [Deprecated]: syz.2.7452 (pid 24468) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1565.805112][T24468] Use struct sctp_sack_info instead [ 1568.017308][T24496] loop4: detected capacity change from 0 to 1024 [ 1568.244187][T24502] netlink: 'syz.9.7464': attribute type 34 has an invalid length. [ 1568.547435][T24496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1568.615634][T24498] loop8: detected capacity change from 0 to 4096 [ 1568.800001][T24511] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1570.286617][T23661] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1570.338909][T10445] IPVS: starting estimator thread 0... [ 1570.479969][T24527] IPVS: using max 240 ests per chain, 12000 per kthread [ 1570.712088][T24531] sctp: [Deprecated]: syz.7.7469 (pid 24531) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1570.712088][T24531] Use struct sctp_sack_info instead [ 1572.663974][T24555] input: syz0 as /devices/virtual/input/input41 [ 1573.799664][T19209] usb 9-1: new high-speed USB device number 8 using dummy_hcd [ 1573.989505][T19209] usb 9-1: Using ep0 maxpacket: 8 [ 1574.043102][T19209] usb 9-1: config index 0 descriptor too short (expected 301, got 45) [ 1574.077663][T19209] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1574.149292][T19209] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1574.210392][T19209] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1574.294140][T19209] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1574.369705][T19209] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1574.398319][T19209] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1574.732485][T24575] ceph: No mds server is up or the cluster is laggy [ 1574.752074][T10445] libceph: connect (1)[c::]:6789 error -101 [ 1574.758407][T10445] libceph: mon0 (1)[c::]:6789 connect error [ 1575.119765][T19551] IPVS: starting estimator thread 0... [ 1575.233551][T24584] IPVS: using max 192 ests per chain, 9600 per kthread [ 1575.603752][T19551] usb 9-1: USB disconnect, device number 8 [ 1576.124463][ T1291] ieee802154 phy0 wpan0: encryption failed: -22 [ 1576.996192][T24602] loop2: detected capacity change from 0 to 1024 [ 1577.164377][T24602] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1577.537419][T24602] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 161808409 free clusters [ 1577.630499][T24602] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28 [ 1577.674456][T24613] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 1577.675704][T24602] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1577.675704][T24602] [ 1577.707892][T24613] EXT4-fs (loop2): This should not happen!! Data will be lost [ 1577.707892][T24613] [ 1577.758810][T24613] EXT4-fs (loop2): Total free blocks count 0 [ 1577.799482][T24602] EXT4-fs (loop2): Total free blocks count 0 [ 1577.824121][T24602] EXT4-fs (loop2): Free/Dirty block details [ 1577.876316][T24613] EXT4-fs (loop2): Free/Dirty block details [ 1577.950302][T24613] EXT4-fs (loop2): free_blocks=2588934144 [ 1578.908057][T24623] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 1580.291945][T24646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7503'. [ 1580.403112][T24646] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7503'. [ 1580.944969][T24652] loop7: detected capacity change from 0 to 16 [ 1581.021195][T24652] erofs (device loop7): invalid ishare xattr prefix id 139 [ 1582.284591][T24668] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 1583.174630][T24680] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7516'. [ 1584.061185][T24678] loop9: detected capacity change from 0 to 8192 [ 1585.252646][T24695] netlink: 'syz.9.7524': attribute type 10 has an invalid length. [ 1585.528569][T24695] team0: Port device dummy0 added [ 1586.071835][ C0] IPv4: Oversized IP packet from 172.20.20.24 [ 1586.432643][T10430] usb 9-1: new high-speed USB device number 9 using dummy_hcd [ 1586.653266][T10430] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 1586.708439][T10430] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 1586.789898][T10430] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 1586.829660][T10430] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 1586.903446][T10430] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 1586.949358][T10430] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1587.018973][T10430] usb 9-1: config 0 descriptor?? [ 1587.570509][T10430] plantronics 0003:047F:FFFF.003E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0 [ 1588.179396][T10430] usb 10-1: new high-speed USB device number 5 using dummy_hcd [ 1588.399745][T10430] usb 10-1: Using ep0 maxpacket: 8 [ 1588.432087][T10430] usb 10-1: config 0 has an invalid interface number: 55 but max is 0 [ 1588.488633][T10430] usb 10-1: config 0 has no interface number 0 [ 1588.541201][T10430] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 1588.608865][T10430] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 1588.692766][T10430] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 1588.781042][T10430] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 1588.865737][T10430] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 1588.912926][T10430] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1589.000324][T10430] usb 10-1: config 0 descriptor?? [ 1589.089793][T10430] ldusb 10-1:0.55: LD USB Device #1 now attached to major 180 minor 1 [ 1589.366437][T19207] usb 10-1: USB disconnect, device number 5 [ 1589.438744][T19207] ldusb 10-1:0.55: LD USB Device #1 now disconnected [ 1589.564842][T10445] usb 9-1: USB disconnect, device number 9 [ 1590.173233][ T8120] ===================================================== [ 1590.181345][ T8120] BUG: KMSAN: uninit-value in n_tty_receive_buf_standard+0xe7b/0xc820 [ 1590.190013][ T8120] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1590.195992][ T8120] n_tty_receive_buf_common+0x1a59/0x2610 [ 1590.201983][ T8120] n_tty_receive_buf2+0x4c/0x60 [ 1590.207012][ T8120] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1590.212776][ T8120] tty_port_default_receive_buf+0xd7/0x1a0 [ 1590.218764][ T8120] flush_to_ldisc+0x43e/0xe40 [ 1590.229672][ T8120] process_scheduled_works+0xae7/0x1d60 [ 1590.235393][ T8120] worker_thread+0xede/0x1580 [ 1590.242454][ T8120] kthread+0x53f/0x600 [ 1590.246688][ T8120] ret_from_fork+0x20f/0x910 [ 1590.254367][ T8120] ret_from_fork_asm+0x1a/0x30 [ 1590.259800][ T8120] [ 1590.262199][ T8120] Uninit was stored to memory at: [ 1590.267405][ T8120] n_tty_receive_buf_standard+0xe74/0xc820 [ 1590.273468][ T8120] n_tty_receive_buf_common+0x1a59/0x2610 [ 1590.279434][ T8120] n_tty_receive_buf2+0x4c/0x60 [ 1590.284459][ T8120] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1590.289903][ T8120] tty_port_default_receive_buf+0xd7/0x1a0 [ 1590.295890][ T8120] flush_to_ldisc+0x43e/0xe40 [ 1590.301107][ T8120] process_scheduled_works+0xae7/0x1d60 [ 1590.306812][ T8120] worker_thread+0xede/0x1580 [ 1590.311777][ T8120] kthread+0x53f/0x600 [ 1590.322078][ T8120] ret_from_fork+0x20f/0x910 [ 1590.326849][ T8120] ret_from_fork_asm+0x1a/0x30 [ 1590.334031][ T8120] [ 1590.336443][ T8120] Uninit was created at: [ 1590.341306][ T8120] __kmalloc_noprof+0x47f/0x1610 [ 1590.346419][ T8120] __tty_buffer_request_room+0x3d4/0x7a0 [ 1590.352318][ T8120] __tty_insert_flip_string_flags+0x157/0x6e0 [ 1590.358564][ T8120] uart_insert_char+0x368/0x930 [ 1590.363660][ T8120] serial8250_read_char+0x1ba/0x670 [ 1590.369200][ T8120] serial8250_handle_irq+0x930/0x1110 [ 1590.374710][ T8120] serial8250_default_handle_irq+0x116/0x370 [ 1590.380985][ T8120] serial8250_interrupt+0xcb/0x420 [ 1590.386293][ T8120] __handle_irq_event_percpu+0x118/0xed0 [ 1590.393414][ T8120] handle_irq_event+0xe0/0x2a0 [ 1590.398390][ T8120] handle_edge_irq+0x2a9/0xb30 [ 1590.403491][ T8120] __common_interrupt+0x9d/0x180 [ 1590.408565][ T8120] common_interrupt+0x4c/0xb0 [ 1590.413565][ T8120] asm_common_interrupt+0x2b/0x40 [ 1590.424965][ T8120] [ 1590.427412][ T8120] CPU: 1 UID: 0 PID: 8120 Comm: kworker/u8:19 Tainted: G L syzkaller #0 PREEMPT(full) [ 1590.441455][ T8120] Tainted: [L]=SOFTLOCKUP [ 1590.445884][ T8120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1590.456251][ T8120] Workqueue: events_unbound flush_to_ldisc [ 1590.462405][ T8120] ===================================================== [ 1590.470281][ T8120] Disabling lock debugging due to kernel taint SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 1590.693040][T24742] ptrace attach of ""[24747] was attempted by "./syz-executor exec"[24742] [ 1590.806352][ T8120] Kernel panic - not syncing: kmsan.panic set ... [ 1590.812948][ T8120] CPU: 1 UID: 0 PID: 8120 Comm: kworker/u8:19 Tainted: G B L syzkaller #0 PREEMPT(full) [ 1590.824266][ T8120] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP [ 1590.829915][ T8120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 1590.840110][ T8120] Workqueue: events_unbound flush_to_ldisc [ 1590.846122][ T8120] Call Trace: [ 1590.849482][ T8120] [ 1590.852531][ T8120] __dump_stack+0x26/0x30 [ 1590.857038][ T8120] dump_stack_lvl+0x50/0x1c0 [ 1590.861804][ T8120] ? dump_stack+0x12/0x25 [ 1590.866310][ T8120] dump_stack+0x1e/0x25 [ 1590.870650][ T8120] vpanic+0x7b4/0x1430 [ 1590.874927][ T8120] panic+0x15d/0x160 [ 1590.879044][ T8120] kmsan_report+0x31a/0x320 [ 1590.883708][ T8120] ? __msan_warning+0x1b/0x30 [ 1590.888539][ T8120] ? n_tty_receive_buf_standard+0xe7b/0xc820 [ 1590.894680][ T8120] ? n_tty_receive_buf_common+0x1a59/0x2610 [ 1590.900732][ T8120] ? n_tty_receive_buf2+0x4c/0x60 [ 1590.905956][ T8120] ? tty_ldisc_receive_buf+0xc6/0x2c0 [ 1590.911509][ T8120] ? tty_port_default_receive_buf+0xd7/0x1a0 [ 1590.917701][ T8120] ? flush_to_ldisc+0x43e/0xe40 [ 1590.922834][ T8120] ? process_scheduled_works+0xae7/0x1d60 [ 1590.928720][ T8120] ? worker_thread+0xede/0x1580 [ 1590.933729][ T8120] ? kthread+0x53f/0x600 [ 1590.938138][ T8120] ? ret_from_fork+0x20f/0x910 [ 1590.943047][ T8120] ? ret_from_fork_asm+0x1a/0x30 [ 1590.948167][ T8120] ? ret_from_fork_asm+0x1a/0x30 [ 1590.953295][ T8120] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1590.959817][ T8120] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1590.966063][ T8120] ? kmsan_get_metadata+0x146/0x160 [ 1590.971439][ T8120] ? kmsan_internal_set_shadow_origin+0x7a/0x110 [ 1590.977950][ T8120] ? kmsan_get_metadata+0x146/0x160 [ 1590.983345][ T8120] ? kmsan_get_shadow_origin_ptr+0x4a/0xb0 [ 1590.989360][ T8120] ? n_tty_receive_char+0x1223/0x14f0 [ 1590.994893][ T8120] ? kmsan_get_metadata+0xf1/0x160 [ 1591.000204][ T8120] __msan_warning+0x1b/0x30 [ 1591.004885][ T8120] n_tty_receive_buf_standard+0xe7b/0xc820 [ 1591.010875][ T8120] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 1591.017118][ T8120] ? kmsan_get_metadata+0xf1/0x160 [ 1591.022481][ T8120] n_tty_receive_buf_common+0x1a59/0x2610 [ 1591.028460][ T8120] n_tty_receive_buf2+0x4c/0x60 [ 1591.033509][ T8120] ? __pfx_n_tty_receive_buf2+0x10/0x10 [ 1591.039267][ T8120] tty_ldisc_receive_buf+0xc6/0x2c0 [ 1591.044671][ T8120] tty_port_default_receive_buf+0xd7/0x1a0 [ 1591.050679][ T8120] flush_to_ldisc+0x43e/0xe40 [ 1591.055555][ T8120] ? __pfx_tty_port_default_receive_buf+0x10/0x10 [ 1591.062168][ T8120] ? __pfx_flush_to_ldisc+0x10/0x10 [ 1591.067540][ T8120] process_scheduled_works+0xae7/0x1d60 [ 1591.073294][ T8120] worker_thread+0xede/0x1580 [ 1591.078175][ T8120] kthread+0x53f/0x600 [ 1591.082426][ T8120] ? __pfx_worker_thread+0x10/0x10 [ 1591.087712][ T8120] ? __pfx_kthread+0x10/0x10 [ 1591.092469][ T8120] ret_from_fork+0x20f/0x910 [ 1591.097297][ T8120] ? __switch_to+0x51c/0x750 [ 1591.102062][ T8120] ? __pfx_kthread+0x10/0x10 [ 1591.106803][ T8120] ret_from_fork_asm+0x1a/0x30 [ 1591.111796][ T8120] [ 1591.115053][ T8120] Kernel Offset: disabled [ 1591.119427][ T8120] Rebooting in 86400 seconds..