last executing test programs: 2m23.467979975s ago: executing program 1 (id=730): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000080)={0x0, 0x2710}, 0x10) sendmmsg$inet(r0, &(0x7f0000002780)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, 0x0}}], 0x1, 0x20008004) 2m22.578166849s ago: executing program 1 (id=734): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @hash={{0x9}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_HASH_TYPE={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_HASH_DREG={0x8}, @NFTA_HASH_MODULUS={0x8}, @NFTA_HASH_OFFSET={0x8, 0x6, 0x1, 0x0, 0x10001}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x8c}}, 0x0) 2m20.976282265s ago: executing program 0 (id=737): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc8) open_by_handle_at(r1, &(0x7f00000005c0)=ANY=[@ANYRES32=r0], 0x4a0d82) 2m20.529768325s ago: executing program 0 (id=740): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x80000001, 0x4) recvmmsg(r0, &(0x7f0000002b40)=[{{0x0, 0x0, &(0x7f0000002880)=[{&(0x7f0000000700)=""/4096, 0x1000}, {0x0}], 0x2}}], 0x1, 0x0, 0x0) 2m19.339778788s ago: executing program 1 (id=743): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x818}, 0x20000004) 2m19.191727738s ago: executing program 0 (id=746): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffe0, 0xa}, {0x1, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x55}, 0x4000) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001800090000000000000000001c140000fe000001000000000c0013"], 0x28}}, 0x0) 2m18.724378768s ago: executing program 1 (id=748): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv', 0x2) getsockopt$inet_tcp_buf(r0, 0x6, 0x1a, 0x0, &(0x7f0000000100)) 2m18.702757104s ago: executing program 0 (id=750): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_RINGS_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000600)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd7000ffdbdf252e0000001800018014000200776c616e30"], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x90) 2m18.417287378s ago: executing program 1 (id=752): socket$kcm(0x29, 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00') preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/151, 0x97}], 0x1, 0xd, 0x0) 2m18.292030747s ago: executing program 0 (id=753): syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file1\x00', 0x4490, &(0x7f0000000180)=ANY=[@ANYRES8=0x0], 0xfd, 0x2a7, &(0x7f0000000740)="$eJzs3TFv004Yx/HfOW6b/79V69IiJNSpUIkJtWVBLJFQ3wELEwKaIFVERaJFokyFGfEC2PsWeAGMTIgZqRsTL6Bb0J3P1El8SQhNnYTvR0rkxH7s5+wzd49RFQH4Z93fOT2588O+jFRRRdI9KZJUlWJJV3Wt+mr/cO+w2aj32lHFRdiXURppurbZ3W8Uhdo4F+El9lOshfx3GI3qdx2vzZedBcrm7v4CkTTn7063vnrpmY3GcdkJlMyc6UyvtVh2HgCAcvnxP/Lj/IKfv0eRtOGH/XT8z2b1Ez6AnpWdwIh97rM+N/67Kqtl7PVdcqvO6z13sWPN/F0us0p7VtsE0/SrKl0u0X/P9pqN27svmvVI71Sr1WpHUj6hVfdeT7tu5vTEuJrWLr/t3vW6r00HrC+zCnmwrfNcYRXN2DZsZ/lbuU1WLvaI/Zkv5qt5ZBJ9VP33/C9uGXuZ3JVKOq5Umv9meI+ulbNyWwVauewOct0fwevZyooCFYmyHrXccQGTQJ5xW5RMe1Tauq1w61zUioqitvtErXZGnffmcOSomQ/moVnXT33STm7+H9mzvaHszqz0ft5j3Ja+Z/RsT+y2TNyJ92PH8VrhltGwLcIQ3uup7mrx4OjN8yfNZuPlxC9kDfPfZA8qDuydOB4Zjs9Cdq7GJZ+pXch1yMs9ejbuDL+f8D8dPJafHucX/Q8D6QTTws67TFr/5eqVTTdZs29J+zx9Lh/b6tpba6ntY26PW4Ha4Ip7/7+zggvUBsY9epgv+N/F7iP2rLlu3JJuDnLEVOLzHEvBkxGO2NE3Peb5PwAAAAAAAAAAAAAAAAAAwKS5uD85qCq0quw2AgAAAAAAAAAAAAAAAAAAAAAw6Qp+/3eu1N//faD0E7//C4zcrwAAAP//UBNqTA==") setuid(0xee01) open(&(0x7f0000000000)='./bus\x00', 0x64942, 0x0) 2m17.609901363s ago: executing program 1 (id=756): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x1}]}) 2m17.508792336s ago: executing program 0 (id=757): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000010400000000feffffff00000000", @ANYRES32=0x0, @ANYBLOB="10100000200800001c0012800e00010069703665727370616e000000080002800400120008000300", @ANYRES32], 0x4c}, 0x1, 0x0, 0x0, 0x8080}, 0xd0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 2m2.393630151s ago: executing program 32 (id=756): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0), 0x101042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000100)) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x1, &(0x7f0000000140)=[{0x6, 0x1}]}) 2m2.156850573s ago: executing program 33 (id=757): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c0000001000010400000000feffffff00000000", @ANYRES32=0x0, @ANYBLOB="10100000200800001c0012800e00010069703665727370616e000000080002800400120008000300", @ANYRES32], 0x4c}, 0x1, 0x0, 0x0, 0x8080}, 0xd0) sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0) 1m31.108153378s ago: executing program 4 (id=905): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000200)={[{@grpjquota}, {@i_version}, {@discard}, {@noload}, {@resuid}]}, 0x3, 0x4fe, &(0x7f0000000dc0)="$eJzs3E9sFFUcAODfbFta/klFREHUKhobiS0UFA4mitHEgyZGTNRj0xaCFGpoSYSgLhc8GhLvxqNXD17VCzGcTLzi0cSQEMMFMCGumd2Zdrvd3XbLtmvp9yXtvjezM++9efNm37y3swGsWwPpv6QSvh4R2yKiUPuGgcrLnVsXx+7eujgWxVLp2N9JebPbaTyT7SY2Z5HBQsTraSBZmO70+QunRicnJ85m8eGZ058OT5+/8NLJvmzJkSOHDh44/MrIy60Xqk56ablu7/5ias+utz++8u5Yd748T626HO0yEAP1slL2fLsT67CtVeGku4MZoSXp+Z9WV0+5/W+LrmhWecVVzBmw0kqlUqm38epiqdalBUuANSv6Op0DoDPyD/r0/jf/q9cR2LAy3Y+Ou3m0cgOUlvtO9hfxdHlhPg7SU3N/204DEfFR8Z9v079oNA7RtUKJAwDr0s9H855gTf+vvzIzcu/c1dfS14eyOZT+iHg4IrZHxCMRsSMiHo2InRHxWEQ8XrP/tOtSapL+QE18Nv3ZSajCjTYVta60//dqNrc11/+bl4H+riy2NSLvME/sz47JYPT0Hj85OXGgSRq/vPn7143Wlft/6c6zPmCaft4XzPJxo7tmgG58dGZ02QWucfNSxO7u2vIn3RHJ7ExAEhG7ImJ3C/vtrwqffPH7PbORnvnvq+7/1i9/WanuPFob5plK30W8EMm9O7cuFmNe/c+lmMybnzw9emLixMSZkdn5yeG+mJzYP5yeBfvrpnHtt8vvNUp/0fL/+GftJm8d/ulY224K0vrfVHX+Rz5/O1f+/iQimZ2vnW49jct/fNVwbnXx+q9//m9IPiiH8/vSz0ZnZs4eiNiQvLNw+cjctnk8fY1ipfyDe+u3/+3ZNumReCIi0pP4yYh4Kip3iGnen4mIZyNib5Py//rGc5+0XP5Ckx22UVr+8ZrrX6Xm59X/3Hx9o0CSzQ3WWdV1quf63QYXj6XV/6FyaDBbUv/6l8y7RDTKaf5ply75976PHgAAAKwNhYjYUjWWtCUKhaGhyhjQjthUmJyantl3fOrcmfF0XUR/9BTyka7KeHBPko9/9lfFR2riB7Nx42+6NpbjQ2NTk+MdLTmwudzmk8JQxIddVe0/9ZfvncCDz/NasH41a/9pJ37nlVXMDLCqlv75f/XzFc0IsOqq2n+jJ/yLy/jeF7AGuP8H5iz+Qz+uGbD2lbRlWNdaav/7/AggPEi64/3Z8Co9dwj8Tyy3//9lm/MBrKpFnuvvbfgg/ZICpd76q/pi4Zujr/kOu2J52dhYJ62OBNKeVUdS37icrfJfU2j4nii0tsPeaE+dHr/Po1E8O31i55JO/lYCpey78u2uwR8at9NrvU1q5/4DHbkcAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtN1/AQAA//8O/N2Z") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0xc2800, 0x18) ioctl$FS_IOC_SETFLAGS(r0, 0x41009432, &(0x7f00000001c0)=0x800) 1m30.259049942s ago: executing program 4 (id=909): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x80, &(0x7f00000002c0)="1a00000002000100", 0x8) setsockopt(r0, 0x84, 0x81, &(0x7f00000003c0)="1a00000002000100", 0x8) 1m26.763694251s ago: executing program 4 (id=911): r0 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000200)={0x5c}, 0x8) 1m26.255916208s ago: executing program 4 (id=913): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x210000, &(0x7f0000000680)={[{@norecovery}, {@delalloc}, {@data_err_ignore}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@data_err_ignore}, {@abort}]}, 0x1, 0x4ef, &(0x7f0000000180)="$eJzs3M9vFdUeAPDv3PbSAo9HH49HAg+1gMbGxBYKCgs3mJi40MSIC1k2bSGVCxjahZBGLonBNYl7w9K408StLo0r/wBcuDAxJETZAG68Zu6dub29P3p7S2nT3s8nGThn5sycc2bmzD0zpzMB9K3R9J8k4l8RcS8i9taiyxOM1v57/HBx+snDxekoVyrn/kiq6R6l8Uy+3u4sMlaIKHyWNG7wbh6Yv37j0lSpNHstytX4xMLljyfmr994de7y1MXZi7NXJs+cOXXyxOnXJ19rLvJw10olrbPSej069OnVwwffPn/n3enB5o011qOjfK0/y12TRr5vO3ipcXvbwJ6GcNJar5sbWhhWbTg7DYtp+18sHT1fm520a0PA9lKpVCpDnReXK81utcwBtqwkNrsEwObIf+jT+998qs0pbkT3Y9M9OFu7AXr0cLFyM2L6cb3+g1HI0hSb7m9TK/SZejIaER+W//oynWKl5xC/rlOGAEDf++Fs1g1Moqn/V4gDDen+nY2hjETEfyJiX0T8NyL2R8T/IpalXSaJqKyQ//7mGfX8v81GEQr311q31Uj7f29kY1v5lOWbJxkZyGJ7IvIO8+zxbJ+MRXHowlxp9kSH7e/okn9j/y+d0vzzvmBWjvuDTZ3NmamFqbXVttWDWxGHBpvrnwymBy4fxkki4mBEHOphuyMN4blXvjpcjzTdVnSvf1Wl7XDEOoyfVe5GvFw7/uVYdvyXckwaxycLLeOTE8NRmj0+kZ4Fx9vm8dPPt9/rlH/X+n/3W/Mqb53+/tzTVrsuPf67Gs7/yMdvl+o/kkQk9fHa+YjKQG953P7l8+p2R4+1Llvr+b8j+aAaztvXJ1MLC9dOROxI3mmdP7m0bh7P06f1HzvWvv3vy9ZJ98T/IyI9iZ+LiOcjBvKyH4mIoxHRpmp1P7754kedlq3y/H9m0vrPtL3+LTv+S+P1qwzkK6dzBi4dufekw8Ujq//elY//qWpoLOLv6Hj9S5ZdIlZb0qfegQAAALAFFKL6t/+F8Xq4UBgfrz0D2h+7CqWr8wsvRMSVmdo7AiNRLFyYK83mD+RGopjkzz9HGuKTTfGT2XPjLwZ2VuPj01dLM5tdeehzu6ttPmlp/6nfe3zOC2xB2+g9NKBH3dr/gTsbVBBgw/n9h/7V0P47fdmi7C9lYHvy+w/9q137vxlfr/jugmsGbH0VbRn62srtv/v3NoGtazDer4errz37+Cf0Df1/6Eu9vtffW6Ay1H7RcLT5YsDwsynGzjZ5bUog7Vmt4waLEbG6xDvXkkXeBez8hYdCbxscitZFA7HSWkn77zhERLnjWule6VqeiwfW/eTPv4my3qfNN0vttLjKw/20Aff7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAtvJPAAAA//8tL8+m") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 1m25.630299451s ago: executing program 4 (id=914): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x30, r0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x32}]}]}, 0x30}}, 0x0) 1m23.477438105s ago: executing program 4 (id=918): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4048aec9, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0xffffffff}) 1m18.856603398s ago: executing program 3 (id=927): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x19, 0x4, 0x4, 0x2}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0xd, &(0x7f0000000200)=@framed={{}, [@call={0x85, 0x0, 0x0, 0xe}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r1, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 1m15.562390929s ago: executing program 3 (id=935): r0 = socket$netlink(0x10, 0x3, 0x9) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc) close(0x3) 1m15.1171968s ago: executing program 3 (id=937): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}, {0x24, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_QUEUE_SREG_QNUM={0x8, 0x4, 0x1, 0x0, 0x10}, @NFTA_QUEUE_FLAGS={0x6, 0x3, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa0}}, 0x0) 1m12.925554407s ago: executing program 3 (id=942): syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0) r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603) ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000000)={&(0x7f00000014c0)=[{0xc, 0x200, 0x4f, &(0x7f0000000080)="b480baf6a75bac3a2d2e53528d0da3f5a171f512815aafb3f7b5ce37c46203a7ee1881fe8eba3cbb26980c82d8e2e1214abb846294c531fb90d04678489bdc2331d926897fd2aa4c8edcfb02c2fff5"}], 0x1}) 1m11.432439888s ago: executing program 3 (id=945): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5", 0x4f}, {&(0x7f0000000140)="16cd038529d0816f8820957e67", 0xd}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0) recvmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000002940)=""/4060, 0xfdc}, {&(0x7f0000000c00)=""/4115, 0x1013}], 0x2}, 0x0) 1m9.971484401s ago: executing program 3 (id=946): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x109001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) 1m7.881178897s ago: executing program 34 (id=918): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_HYPERV_EVENTFD(r1, 0x4048aec9, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0xffffffff}) 54.65484568s ago: executing program 35 (id=946): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x109001, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, 0x0) 22.161272171s ago: executing program 2 (id=966): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001c0001fc28bd7000fcdbdf2507000000", @ANYRES32=r1, @ANYBLOB="8000260b0a0002000180c200000c00000c000e80"], 0x34}, 0x1, 0x0, 0x0, 0x42044}, 0x20040010) 19.459755229s ago: executing program 2 (id=967): connect$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x1, './file1\x00'}, 0x6e) r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000191401"], 0x20}}, 0x0) 19.221728067s ago: executing program 2 (id=968): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x3, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x20, 0x10, 0x0, 0xfffff00c}, {0x6}]}, 0x10) sendmmsg$inet(r0, &(0x7f0000000200)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000240)="2a73ed35", 0x4}], 0x1}}], 0x40000ca, 0x200040c4) 18.503767337s ago: executing program 2 (id=969): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000002c0)={[{@errors_remount}, {@lazytime}, {@grpjquota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@minixdf}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000001c0)={0x9, 0xfffffffffffffffd, 0x1, 0x2}) 17.906022528s ago: executing program 2 (id=970): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0) sendfile(r0, r1, 0x0, 0x201f00) 15.478579077s ago: executing program 2 (id=971): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f00000001c0)={0xc0, 0x0, 0xedd79407c0972f5a}) 0s ago: executing program 36 (id=971): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CAP_DIRTY_LOG_RING(r1, 0x4068aea3, &(0x7f00000001c0)={0xc0, 0x0, 0xedd79407c0972f5a}) kernel console output (not intermixed with test programs): audit(1777471323.813:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6265 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 118.119384][ T38] audit: type=1326 audit(1777471323.843:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6265 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 118.126721][ T38] audit: type=1326 audit(1777471323.853:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6265 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 118.239743][ T38] audit: type=1326 audit(1777471323.963:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6265 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 118.239783][ T38] audit: type=1326 audit(1777471323.963:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6265 comm="syz.1.193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 118.261695][ T6272] netlink: 260 bytes leftover after parsing attributes in process `syz.3.195'. [ 118.317472][ T5731] gspca_stk1135: reg_w 0x3 err -71 [ 118.318513][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318519][ T5731] gspca_stk1135: Sensor write failed [ 118.318533][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318538][ T5731] gspca_stk1135: Sensor write failed [ 118.318551][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318556][ T5731] gspca_stk1135: Sensor read failed [ 118.318569][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318574][ T5731] gspca_stk1135: Sensor read failed [ 118.318577][ T5731] gspca_stk1135: Detected sensor type unknown (0x0) [ 118.318596][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318600][ T5731] gspca_stk1135: Sensor read failed [ 118.318613][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318618][ T5731] gspca_stk1135: Sensor read failed [ 118.318631][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318635][ T5731] gspca_stk1135: Sensor write failed [ 118.318649][ T5731] gspca_stk1135: serial bus timeout: status=0x00 [ 118.318654][ T5731] gspca_stk1135: Sensor write failed [ 118.318702][ T5731] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71 [ 118.363641][ T5731] usb 1-1: USB disconnect, device number 2 [ 118.483847][ T5704] udevd[5704]: setting owner of /dev/bus/usb/001/002 to uid=0, gid=0 failed: No such file or directory [ 118.648007][ T6282] loop3: detected capacity change from 0 to 256 [ 118.729417][ T6282] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x246f1341, utbl_chksum : 0xe619d30d) [ 118.938430][ T6287] xt_policy: too many policy elements [ 119.364798][ T6292] loop4: detected capacity change from 0 to 64 [ 119.860812][ T38] audit: type=1326 audit(1777471325.543:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860853][ T38] audit: type=1326 audit(1777471325.563:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860882][ T38] audit: type=1326 audit(1777471325.563:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860909][ T38] audit: type=1326 audit(1777471325.573:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860936][ T38] audit: type=1326 audit(1777471325.573:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860964][ T38] audit: type=1326 audit(1777471325.573:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.860996][ T38] audit: type=1326 audit(1777471325.583:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.861023][ T38] audit: type=1326 audit(1777471325.583:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 119.861050][ T38] audit: type=1326 audit(1777471325.583:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6297 comm="syz.0.208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc1e35bcdd9 code=0x7ffc0000 [ 120.032947][ T6300] loop2: detected capacity change from 0 to 64 [ 120.242454][ T6306] Bluetooth: MGMT ver 1.23 [ 120.372487][ T6309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'. [ 120.606874][ T6317] process 'syz.3.217' launched '/dev/fd/3' with NULL argv: empty string added [ 120.639019][ T6318] loop1: detected capacity change from 0 to 512 [ 121.121991][ T6329] loop4: detected capacity change from 0 to 512 [ 121.122871][ T6329] EXT4-fs: Ignoring removed oldalloc option [ 121.137998][ T6332] loop0: detected capacity change from 0 to 64 [ 121.159329][ T6332] hfs: unable to locate alternate MDB [ 121.159341][ T6332] hfs: continuing without an alternate MDB [ 121.259730][ T6329] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.223: invalid block [ 121.259763][ T6329] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 121.264915][ C1] EXT4-fs (loop4): error count since last fsck: 1 [ 121.264936][ C1] EXT4-fs (loop4): initial error at time 1777471326: ext4_get_branch:178: inode 11: block 4294967295 [ 121.264982][ C1] EXT4-fs (loop4): last error at time 1777471326: ext4_get_branch:178: inode 11: block 4294967295 [ 121.291552][ T6329] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.223: invalid indirect mapped block 4294967295 (level 1) [ 121.291588][ T6329] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 121.392773][ T6343] loop2: detected capacity change from 0 to 512 [ 121.393769][ T6343] EXT4-fs: Ignoring removed nobh option [ 121.401537][ T6343] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 121.401555][ T6343] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 121.451733][ T6329] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.223: invalid indirect mapped block 4294967295 (level 1) [ 121.451771][ T6329] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 121.464985][ T5731] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 121.513933][ T6329] EXT4-fs (loop4): 2 truncates cleaned up [ 121.524765][ T6329] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.602002][ T6329] EXT4-fs warning (device loop4): ext4_resize_begin:72: won't resize using backup superblock at 1 [ 121.625033][ T5731] usb 4-1: Using ep0 maxpacket: 16 [ 121.666131][ T5731] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 121.666164][ T5731] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 121.666203][ T5731] usb 4-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00 [ 121.666224][ T5731] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.702893][ T5731] usb 4-1: config 0 descriptor?? [ 121.741718][ T6343] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2860: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 121.748784][ T6343] EXT4-fs (loop2): 1 truncate cleaned up [ 121.825545][ T6343] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.022406][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.337261][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.394048][ T5731] apple 0003:05AC:024B.0006: unknown global tag 0xe [ 122.394070][ T5731] apple 0003:05AC:024B.0006: item 0 1 1 14 parsing failed [ 122.394768][ T5731] apple 0003:05AC:024B.0006: parse failed [ 122.416045][ T5731] apple 0003:05AC:024B.0006: probe with driver apple failed with error -22 [ 122.602631][ T1009] usb 4-1: USB disconnect, device number 4 [ 123.133464][ T6373] netlink: 24 bytes leftover after parsing attributes in process `syz.4.241'. [ 123.221469][ T6374] loop2: detected capacity change from 0 to 256 [ 123.222668][ T6374] exfat: Invalid gid '0x00000000ffffffff' [ 123.631277][ T6381] loop3: detected capacity change from 0 to 4096 [ 123.860115][ T38] audit: type=1326 audit(1777471329.583:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6393 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 124.187483][ T6382] loop2: detected capacity change from 0 to 32768 [ 124.239941][ T10] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 124.465830][ T10] usb 2-1: unable to get BOS descriptor or descriptor too short [ 124.473834][ T10] usb 2-1: not running at top speed; connect to a high speed hub [ 124.490503][ T10] usb 2-1: config 4 has an invalid interface number: 147 but max is 0 [ 124.490531][ T10] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 124.490549][ T10] usb 2-1: config 4 has no interface number 0 [ 124.504093][ T10] usb 2-1: string descriptor 0 read error: -22 [ 124.504227][ T10] usb 2-1: Dual-Role OTG device on HNP port [ 124.504557][ T10] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e [ 124.504580][ T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=38 [ 124.737460][ T10] uvcvideo 2-1:4.147: Found UVC 0.02 device (04f2:b746) [ 124.737558][ T10] uvcvideo 2-1:4.147: No valid video chain found. [ 124.867487][ T38] kauditd_printk_skb: 34 callbacks suppressed [ 124.867503][ T38] audit: type=1326 audit(1777471330.593:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6393 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 124.867538][ T38] audit: type=1326 audit(1777471330.593:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6393 comm="syz.1.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a96f6cdd9 code=0x7ffc0000 [ 124.911155][ T10] usb 2-1: USB disconnect, device number 6 [ 125.256429][ T6407] loop3: detected capacity change from 0 to 32768 [ 125.599213][ T6419] netlink: 60 bytes leftover after parsing attributes in process `syz.3.265'. [ 125.601217][ T6419] netlink: 60 bytes leftover after parsing attributes in process `syz.3.265'. [ 125.676024][ T6424] loop0: detected capacity change from 0 to 8 [ 126.191281][ T6424] SQUASHFS error: Unable to read directory block [629:ff26] [ 126.207019][ T6427] Driver unsupported XDP return value 0 on prog (id 13) dev N/A, expect packet loss! [ 126.613400][ T6437] macsec1: entered promiscuous mode [ 126.629643][ T6437] macsec1: entered allmulticast mode [ 126.629664][ T6437] veth1_macvtap: entered allmulticast mode [ 126.953589][ T6453] loop4: detected capacity change from 0 to 1024 [ 127.168666][ T6458] loop2: detected capacity change from 0 to 512 [ 127.380647][ T6466] F2FS-fs: Conflicting test_dummy_encryption options [ 127.504991][ T5731] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 127.674970][ T5731] usb 1-1: Using ep0 maxpacket: 8 [ 127.677020][ T5731] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.677053][ T5731] usb 1-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 127.677077][ T5731] usb 1-1: config 0 interface 0 has no altsetting 0 [ 127.677105][ T5731] usb 1-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00 [ 127.677124][ T5731] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.694516][ T6458] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.281: corrupted inode contents [ 127.694547][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.701177][ C0] EXT4-fs (loop2): initial error at time 1777471333: ext4_do_update_inode:5690: inode 16 [ 127.701212][ C0] EXT4-fs (loop2): last error at time 1777471333: ext4_do_update_inode:5690: inode 16 [ 127.807376][ T5731] usb 1-1: config 0 descriptor?? [ 127.808162][ T6458] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #16: comm syz.2.281: mark_inode_dirty error [ 127.808190][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.831433][ T6458] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.281: corrupted inode contents [ 127.831481][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.832543][ T6458] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.281: mark_inode_dirty error [ 127.832569][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.833988][ T6458] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.281: corrupted inode contents [ 127.834014][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.840670][ T6458] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 127.840694][ T6458] loop2: lost filesystem error report for type 5 error -117 [ 127.841220][ T6458] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.281: corrupted inode contents [ 127.841245][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.842895][ T6458] EXT4-fs error (device loop2): ext4_truncate:4690: inode #16: comm syz.2.281: mark_inode_dirty error [ 127.842921][ T6458] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 127.843326][ T6458] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 127.843345][ T6458] loop2: lost filesystem error report for type 5 error -117 [ 127.867084][ T6458] EXT4-fs (loop2): 1 truncate cleaned up [ 127.895327][ T6458] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.895477][ T6458] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 127.926512][ T13] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 127.926608][ T13] EXT4-fs error (device loop2): ext4_release_dquot:7070: comm kworker/u8:1: Failed to release dquot type 1 [ 128.088974][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.275999][ T5731] kye 0003:0458:0138.0007: unexpected long global item [ 128.277882][ T5731] kye 0003:0458:0138.0007: parse failed [ 128.277949][ T5731] kye 0003:0458:0138.0007: probe with driver kye failed with error -22 [ 128.278984][ T6484] loop3: detected capacity change from 0 to 1024 [ 128.337525][ T6485] loop1: detected capacity change from 0 to 2048 [ 128.351538][ T6484] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 128.351642][ T6484] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 128.352400][ T6484] EXT4-fs error (device loop3): ext4_get_journal_inode:5896: inode #32: comm syz.3.294: iget: special inode unallocated [ 128.352424][ T6484] loop3: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117 [ 128.380423][ T6485] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024) [ 128.424878][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 128.424898][ C0] EXT4-fs (loop3): initial error at time 1777471334: ext4_get_journal_inode:5896: inode 32 [ 128.424924][ C0] EXT4-fs (loop3): last error at time 1777471334: ext4_get_journal_inode:5896: inode 32 [ 128.462076][ T6484] EXT4-fs (loop3): no journal found [ 128.462095][ T6484] EXT4-fs (loop3): can't get journal size [ 128.480701][ T6489] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 128.482404][ T6484] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 128.588097][ T10] usb 1-1: USB disconnect, device number 3 [ 128.868868][ T6494] loop1: detected capacity change from 0 to 512 [ 128.881643][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.931948][ T6494] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 129.066459][ T6494] EXT4-fs (loop1): 1 truncate cleaned up [ 129.112982][ T6500] overlayfs: regular lower layers cannot follow data lower layers [ 129.200648][ T6494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.262812][ T6502] loop0: detected capacity change from 0 to 256 [ 129.383102][ T6502] FAT-fs (loop0): Directory bread(block 64) failed [ 129.383135][ T6502] FAT-fs (loop0): Directory bread(block 65) failed [ 129.383258][ T6502] FAT-fs (loop0): Directory bread(block 66) failed [ 129.383278][ T6502] FAT-fs (loop0): Directory bread(block 67) failed [ 129.383371][ T6502] FAT-fs (loop0): Directory bread(block 68) failed [ 129.383391][ T6502] FAT-fs (loop0): Directory bread(block 69) failed [ 129.383471][ T6502] FAT-fs (loop0): Directory bread(block 70) failed [ 129.383491][ T6502] FAT-fs (loop0): Directory bread(block 71) failed [ 129.383588][ T6502] FAT-fs (loop0): Directory bread(block 72) failed [ 129.383610][ T6502] FAT-fs (loop0): Directory bread(block 73) failed [ 129.939039][ T6516] loop3: detected capacity change from 0 to 2048 [ 130.086649][ T6516] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 130.156896][ T5602] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.629881][ T6528] loop1: detected capacity change from 0 to 4096 [ 130.654331][ T6528] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 130.816515][ T6532] loop2: detected capacity change from 0 to 64 [ 131.319820][ T6528] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 131.650105][ T6547] loop4: detected capacity change from 0 to 512 [ 131.828054][ T6547] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 131.828078][ T6547] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 131.847156][ T12] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 131.869301][ T6552] loop2: detected capacity change from 0 to 2048 [ 131.889660][ T5602] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 131.889685][ T5602] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 131.889698][ T5602] ntfs3(loop1): ino=3, ntfs_set_state failed, -22. [ 131.922401][ T6547] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended [ 132.049919][ T6547] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006] [ 132.050039][ T6547] System zones: 0-2, 18-18, 34-35 [ 132.124492][ T166] ntfs3(loop1): ino=3, ntfs3_write_inode failed, -22. [ 132.244597][ T6547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.261071][ T6554] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 132.470910][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.849349][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.849444][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.147500][ T6565] loop4: detected capacity change from 0 to 4096 [ 133.167840][ T6575] loop0: detected capacity change from 0 to 256 [ 133.187268][ T6575] exfat: Deprecated parameter 'utf8' [ 133.274646][ T6575] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 133.338493][ T6573] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 133.338510][ T6573] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 133.515545][ T6573] vhci_hcd vhci_hcd.0: Device attached [ 133.769911][ T5731] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 133.791433][ T5711] usb 37-1: new low-speed USB device number 2 using vhci_hcd [ 134.099391][ T5731] usb 3-1: Using ep0 maxpacket: 8 [ 134.102647][ T5731] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 134.102673][ T5731] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 134.102690][ T5731] usb 3-1: config 16 has 0 interfaces, different from the descriptor's value: 1 [ 134.102726][ T5731] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 134.102747][ T5731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.356343][ T5731] usb 3-1: USB disconnect, device number 3 [ 134.372319][ T6577] usb 37-1: recv xbuf, 0 [ 134.460816][ T1457] vhci_hcd vhci_hcd.2: stop threads [ 134.498170][ T1457] vhci_hcd vhci_hcd.2: release socket [ 134.523464][ T1457] vhci_hcd vhci_hcd.2: disconnect device [ 134.554980][ T5711] usb 37-1: device descriptor read/64, error -71 [ 134.698741][ T6613] loop3: detected capacity change from 0 to 1024 [ 134.851295][ T6613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.913186][ T5711] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 135.047057][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.701955][ T6643] loop4: detected capacity change from 0 to 1024 [ 135.750880][ T6643] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 136.598709][ T6644] loop2: detected capacity change from 0 to 131072 [ 136.659015][ T6644] F2FS-fs (loop2): invalid crc value [ 137.037516][ T6651] loop0: detected capacity change from 0 to 4096 [ 137.047175][ T6651] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512). [ 137.343961][ T6622] loop1: detected capacity change from 0 to 32768 [ 137.376455][ T6651] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 137.512949][ T6662] loop4: detected capacity change from 0 to 4096 [ 137.571219][ T6662] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512). [ 138.941299][ T6688] loop0: detected capacity change from 0 to 256 [ 138.965732][ T6689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.372'. [ 138.999221][ T6689] netlink: 'syz.1.372': attribute type 1 has an invalid length. [ 139.041163][ T6693] loop3: detected capacity change from 0 to 256 [ 139.194934][ T6688] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4711949a, utbl_chksum : 0xe619d30d) [ 139.221408][ T6693] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d) [ 139.362485][ T6699] syz.4.385 uses obsolete (PF_INET,SOCK_PACKET) [ 139.667363][ T6701] ipvlan2: entered allmulticast mode [ 139.667383][ T6701] geneve0: entered allmulticast mode [ 140.356532][ T6713] loop4: detected capacity change from 0 to 1024 [ 140.453313][ T6713] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 140.522011][ T6707] netlink: 24 bytes leftover after parsing attributes in process `syz.3.389'. [ 140.928190][ T6713] EXT4-fs error (device loop4): ext4_free_inode:354: comm syz.4.393: bit already cleared for inode 13 [ 141.004801][ T6730] loop1: detected capacity change from 0 to 64 [ 141.282326][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.438449][ T6737] loop3: detected capacity change from 0 to 1024 [ 141.443936][ T6737] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 141.531986][ T6739] loop0: detected capacity change from 0 to 64 [ 142.248391][ T6765] loop3: detected capacity change from 0 to 256 [ 142.457018][ T38] audit: type=1326 audit(1777471348.183:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6771 comm="syz.0.421" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc1e35bcdd9 code=0x0 [ 142.854476][ T6789] netlink: 24 bytes leftover after parsing attributes in process `syz.2.428'. [ 142.869528][ T6788] loop4: detected capacity change from 0 to 512 [ 143.030119][ T6788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.030258][ T6788] ext4 filesystem being mounted at /78/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 143.224392][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.240409][ T6802] loop3: detected capacity change from 0 to 512 [ 143.381088][ T6802] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.383301][ T6802] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 144.269863][ T6815] program syz.0.438 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 144.813733][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.907149][ T6825] sg_write: data in/out 418782/610 bytes for SCSI command 0x0-- guessing data in; [ 144.907149][ T6825] program syz.4.443 not setting count and/or reply_len properly [ 145.499260][ T6833] loop2: detected capacity change from 0 to 4096 [ 145.549213][ T6833] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512). [ 145.549725][ T6833] ntfs3(loop2): ino=3, mi_enum_attr [ 145.586003][ T6840] loop1: detected capacity change from 0 to 1024 [ 145.746849][ T6840] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 145.911858][ T6833] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 146.149804][ T6852] tracefs: Bad value for 'gid' [ 146.149823][ T6852] tracefs: Bad value for 'gid' [ 147.938438][ T6870] loop1: detected capacity change from 0 to 512 [ 148.067296][ T6836] syz.0.447 (6836): drop_caches: 2 [ 148.646758][ T38] audit: type=1800 audit(1777471354.313:55): pid=6870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.462" name="bus" dev="loop1" ino=1048619 res=0 errno=0 [ 149.346624][ T6880] loop0: detected capacity change from 0 to 1024 [ 149.350877][ T6880] EXT4-fs: inline encryption not supported [ 149.468333][ T6880] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 149.723146][ T6887] loop2: detected capacity change from 0 to 64 [ 149.736081][ T6880] EXT4-fs error (device loop0): ext4_map_blocks:833: inode #3: block 1: comm syz.0.467: lblock 1 mapped to illegal pblock 1 (length 1) [ 149.736119][ T6880] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 149.745283][ C0] EXT4-fs (loop0): error count since last fsck: 1 [ 149.745307][ C0] EXT4-fs (loop0): initial error at time 1777471355: ext4_map_blocks:833: inode 3: block 1 [ 149.745337][ C0] EXT4-fs (loop0): last error at time 1777471355: ext4_map_blocks:833: inode 3: block 1 [ 149.873371][ T6880] Quota error (device loop0): write_blk: dquota write failed [ 149.873415][ T6880] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 149.873726][ T6880] EXT4-fs error (device loop0): ext4_acquire_dquot:7034: comm syz.0.467: Failed to acquire dquot type 0 [ 149.873750][ T6880] loop0: lost filesystem error report for type 5 error -117 [ 149.880213][ T6880] EXT4-fs error (device loop0): ext4_free_blocks:6718: comm syz.0.467: Freeing blocks not in datazone - block = 0, count = 4096 [ 149.880246][ T6880] loop0: lost filesystem error report for type 5 error -117 [ 150.374750][ T6880] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.467: Invalid inode bitmap blk 0 in block_group 0 [ 150.374785][ T6880] loop0: lost filesystem error report for type 5 error -117 [ 150.399330][ T6880] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem [ 150.399356][ T6880] loop0: lost filesystem error report for type 5 error -117 [ 150.452633][ T1032] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1) [ 150.452669][ T1032] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 150.512898][ T1032] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 150.512945][ T1032] EXT4-fs error (device loop0): ext4_release_dquot:7070: comm kworker/u8:8: Failed to release dquot type 0 [ 150.512965][ T1032] loop0: lost filesystem error report for type 5 error -117 [ 150.518082][ T6880] EXT4-fs (loop0): 1 orphan inode deleted [ 150.563371][ T6880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 150.869366][ T5600] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 150.915496][ T41] EXT4-fs error (device loop0): ext4_map_blocks:791: inode #3: block 1: comm kworker/u8:2: lblock 1 mapped to illegal pblock 1 (length 1) [ 150.915532][ T41] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 150.923754][ T41] Quota error (device loop0): remove_tree: Can't read quota data block 1 [ 150.923788][ T41] EXT4-fs error (device loop0): ext4_release_dquot:7070: comm kworker/u8:2: Failed to release dquot type 0 [ 150.923800][ T41] loop0: lost filesystem error report for type 5 error -117 [ 150.978669][ T6908] loop1: detected capacity change from 0 to 8 [ 151.130253][ T6910] loop2: detected capacity change from 0 to 512 [ 151.198516][ T6910] EXT4-fs error (device loop2): ext4_orphan_get:1397: inode #11: comm syz.2.478: unexpected EA_INODE flag [ 151.198546][ T6910] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 151.203674][ T6910] EXT4-fs (loop2): Remounting filesystem read-only [ 151.309725][ T6910] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.586798][ T6923] loop1: detected capacity change from 0 to 1024 [ 151.622501][ T6923] EXT4-fs: Ignoring removed orlov option [ 151.699774][ T6923] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a002c018, mo2=0002] [ 151.701805][ T6923] System zones: 0-1, 3-12 [ 151.820539][ T6923] EXT4-fs (loop1): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 151.907587][ T6930] netlink: 4 bytes leftover after parsing attributes in process `syz.4.487'. [ 151.924184][ T6915] loop0: detected capacity change from 0 to 4096 [ 152.515840][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 153.199906][ T6938] loop4: detected capacity change from 0 to 512 [ 153.380252][ T6938] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 153.452207][ T6938] ext4 filesystem being mounted at /88/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 153.573476][ T6943] loop3: detected capacity change from 0 to 256 [ 153.605925][ T5602] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000. [ 153.952837][ T6945] loop1: detected capacity change from 0 to 256 [ 154.112059][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 154.241492][ T6943] FAT-fs (loop3): Directory bread(block 64) failed [ 154.241525][ T6943] FAT-fs (loop3): Directory bread(block 65) failed [ 154.241625][ T6943] FAT-fs (loop3): Directory bread(block 66) failed [ 154.241645][ T6943] FAT-fs (loop3): Directory bread(block 67) failed [ 154.241749][ T6943] FAT-fs (loop3): Directory bread(block 68) failed [ 154.241769][ T6943] FAT-fs (loop3): Directory bread(block 69) failed [ 154.241857][ T6943] FAT-fs (loop3): Directory bread(block 70) failed [ 154.241877][ T6943] FAT-fs (loop3): Directory bread(block 71) failed [ 154.241968][ T6943] FAT-fs (loop3): Directory bread(block 72) failed [ 154.241988][ T6943] FAT-fs (loop3): Directory bread(block 73) failed [ 154.538462][ T6945] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 154.757242][ T6950] exFAT-fs (loop1): start_clu is invalid cluster(0xffffffff) [ 155.041885][ T6956] Bluetooth: MGMT ver 1.23 [ 155.107698][ T6958] loop2: detected capacity change from 0 to 512 [ 155.288792][ T6958] EXT4-fs (loop2): 1 orphan inode deleted [ 155.333039][ T6958] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 155.360036][ T6958] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 155.376900][ T1032] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 155.377008][ T1032] EXT4-fs error (device loop2): ext4_release_dquot:7070: comm kworker/u8:8: Failed to release dquot type 1 [ 155.614241][ T6968] loop3: detected capacity change from 0 to 512 [ 155.649421][ T6968] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 155.651485][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.751305][ T6968] EXT4-fs (loop3): 1 truncate cleaned up [ 155.753684][ T6968] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.287535][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.016515][ T6988] loop1: detected capacity change from 0 to 4096 [ 157.407590][ T6988] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 157.628596][ T6997] loop2: detected capacity change from 0 to 4096 [ 158.153315][ T7002] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 158.520075][ T6997] NILFS (loop2): bad btree node (ino=288230376151711747, blocknr=3): level = 0, flags = 0x0, nchildren = 0 [ 158.520110][ T6997] NILFS (loop2): error -5 preparing GC: cannot read source blocks [ 162.431518][ T7022] loop3: detected capacity change from 0 to 256 [ 162.496627][ T7022] exfat: Deprecated parameter 'utf8' [ 162.829816][ T7022] exFAT-fs (loop3): error, data size is invalid(34359738378) [ 162.829839][ T7022] exFAT-fs (loop3): Filesystem has been set read-only [ 162.890245][ T7022] exFAT-fs (loop3): error, data size is invalid(34359738378) [ 163.739963][ T7038] loop1: detected capacity change from 0 to 1024 [ 163.924219][ T38] audit: type=1800 audit(1777471369.643:56): pid=7041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.532" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0 [ 164.272199][ T7048] loop3: detected capacity change from 0 to 1024 [ 164.536545][ T7058] loop0: detected capacity change from 0 to 256 [ 165.309011][ T7062] FAT-fs (loop0): error, fat_bmap_cluster: request beyond EOF (i_pos 198) [ 165.309046][ T7062] FAT-fs (loop0): Filesystem has been set read-only [ 165.510266][ T7061] hfsplus: cannot replace xattr [ 166.424231][ T7068] loop2: detected capacity change from 0 to 256 [ 166.520412][ T7067] loop1: detected capacity change from 0 to 1024 [ 166.522500][ T7067] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 167.043908][ T7068] FAT-fs (loop2): Directory bread(block 64) failed [ 167.043942][ T7068] FAT-fs (loop2): Directory bread(block 65) failed [ 167.044139][ T7068] FAT-fs (loop2): Directory bread(block 66) failed [ 167.044162][ T7068] FAT-fs (loop2): Directory bread(block 67) failed [ 167.044267][ T7068] FAT-fs (loop2): Directory bread(block 68) failed [ 167.044288][ T7068] FAT-fs (loop2): Directory bread(block 69) failed [ 167.044382][ T7068] FAT-fs (loop2): Directory bread(block 70) failed [ 167.044402][ T7068] FAT-fs (loop2): Directory bread(block 71) failed [ 167.044499][ T7068] FAT-fs (loop2): Directory bread(block 72) failed [ 167.044522][ T7068] FAT-fs (loop2): Directory bread(block 73) failed [ 167.522117][ T7072] loop0: detected capacity change from 0 to 256 [ 167.541625][ T7072] exfat: Deprecated parameter 'utf8' [ 167.610094][ T7072] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d) [ 168.350992][ T7077] loop1: detected capacity change from 0 to 2048 [ 168.711610][ T7077] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 168.779953][ T7077] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 169.199584][ T7085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.550'. [ 169.199617][ T7085] netlink: 24 bytes leftover after parsing attributes in process `syz.0.550'. [ 169.663480][ T7091] loop3: detected capacity change from 0 to 1024 [ 169.749867][ T7091] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 169.753309][ T7091] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 169.753714][ T7091] EXT4-fs (loop3): orphan cleanup on readonly fs [ 169.818027][ T7091] EXT4-fs error (device loop3): ext4_free_blocks:6718: comm syz.3.553: Freeing blocks not in datazone - block = 0, count = 4096 [ 169.818064][ T7091] loop3: lost filesystem error report for type 5 error -117 [ 169.827760][ C0] EXT4-fs (loop3): initial error at time 1777471375: ext4_free_blocks:6718 [ 169.827792][ C0] EXT4-fs (loop3): last error at time 1777471375: ext4_free_blocks:6718 [ 169.949492][ T7091] EXT4-fs (loop3): 1 orphan inode deleted [ 170.009316][ T7091] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 170.067331][ T7096] loop0: detected capacity change from 0 to 64 [ 170.780918][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.123059][ T7104] loop1: detected capacity change from 0 to 4096 [ 171.464764][ T5600] hfs: node 4:3 still has 1 user(s)! [ 172.382787][ T7104] ntfs3(loop1): Failed to initialize $Extend/$ObjId. [ 172.659842][ T7114] loop4: detected capacity change from 0 to 131072 [ 172.678241][ T7114] F2FS-fs (loop4): invalid crc value [ 172.727308][ T7114] F2FS-fs (loop4): Mismatch valid blocks 0 vs. 11 [ 172.731924][ T7114] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117) [ 173.147491][ T7131] loop2: detected capacity change from 0 to 512 [ 173.467699][ T7131] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.467842][ T7131] ext4 filesystem being mounted at /116/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 175.042980][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 175.933119][ T7161] sch_tbf: burst 3 is lower than device tunl0 mtu (1480) ! [ 176.433192][ T7164] loop3: detected capacity change from 0 to 512 [ 176.550426][ T7164] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -2 [ 176.716128][ T7172] loop0: detected capacity change from 0 to 1024 [ 177.487226][ T7164] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.580: corrupted in-inode xattr: e_value size too large [ 177.487278][ T7164] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 177.494907][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 177.494930][ C0] EXT4-fs (loop3): initial error at time 1777471383: ext4_iget_extra_inode:5128: inode 15 [ 177.494955][ C0] EXT4-fs (loop3): last error at time 1777471383: ext4_iget_extra_inode:5128: inode 15 [ 177.597590][ T7164] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.580: couldn't read orphan inode 15 (err -117) [ 177.597625][ T7164] loop3: lost filesystem error report for type 5 error -117 [ 177.627917][ T7164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.478167][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.749389][ T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 178.955542][ T10] usb 1-1: config index 0 descriptor too short (expected 98, got 45) [ 178.984239][ T10] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 178.984269][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 178.984288][ T10] usb 1-1: Product: syz [ 178.984302][ T10] usb 1-1: Manufacturer: syz [ 178.984315][ T10] usb 1-1: SerialNumber: syz [ 179.132434][ T7208] netlink: 8 bytes leftover after parsing attributes in process `syz.3.596'. [ 180.069208][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000098. ret = -EPROTO [ 180.069271][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO [ 180.105532][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO [ 180.105588][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 180.161544][ T7210] blktrace: Concurrent blktraces are not allowed on sg0 [ 180.230741][ T10] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 180.354137][ T10] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 180.452069][ T10] usb 1-1: USB disconnect, device number 4 [ 181.145840][ T7217] loop3: detected capacity change from 0 to 512 [ 181.228404][ T7217] EXT4-fs: inline encryption not supported [ 181.292813][ T7217] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 181.402049][ T7198] loop1: detected capacity change from 0 to 32768 [ 181.709379][ T7198] read_mapping_page failed! [ 181.709392][ T7198] diRead: diIAGRead returned -5 [ 181.846839][ T7217] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.601: bg 0: block 64: padding at end of block bitmap is not set [ 181.846894][ T7217] loop3: lost filesystem error report for type 5 error -117 [ 181.850172][ T7217] Quota error (device loop3): write_blk: dquota write failed [ 181.850311][ T7217] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 181.850377][ T7217] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.601: Failed to acquire dquot type 0 [ 181.850399][ T7217] loop3: lost filesystem error report for type 5 error -117 [ 181.854895][ C0] EXT4-fs (loop3): error count since last fsck: 2 [ 181.854914][ C0] EXT4-fs (loop3): initial error at time 1777471387: ext4_validate_block_bitmap:441 [ 181.854934][ C0] EXT4-fs (loop3): last error at time 1777471387: ext4_acquire_dquot:7034 [ 181.981038][ T7217] EXT4-fs (loop3): 1 truncate cleaned up [ 181.983855][ T7217] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 183.009938][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 183.090258][ T7228] loop1: detected capacity change from 0 to 512 [ 183.190407][ T7228] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 183.302115][ T7228] EXT4-fs (loop1): 1 truncate cleaned up [ 183.383243][ T7228] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 183.451053][ T7228] EXT4-fs (loop1): Online resizing not supported with sparse_super2 [ 184.693906][ T5602] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 184.799623][ T7242] loop2: detected capacity change from 0 to 512 [ 184.848758][ T7242] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 185.221478][ T7242] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.610: bg 0: block 104: invalid block bitmap [ 185.221512][ T7242] loop2: lost filesystem error report for type 5 error -117 [ 185.232273][ C0] EXT4-fs (loop2): initial error at time 1777471390: ext4_validate_block_bitmap:432 [ 185.232305][ C0] EXT4-fs (loop2): last error at time 1777471390: ext4_validate_block_bitmap:432 [ 185.354093][ T7242] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 185.354118][ T7242] loop2: lost filesystem error report for type 5 error -117 [ 185.364584][ T7242] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.610: invalid indirect mapped block 1 (level 1) [ 185.364621][ T7242] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 185.565575][ T7242] EXT4-fs (loop2): 1 truncate cleaned up [ 185.664580][ T7242] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 185.918225][ T7252] loop4: detected capacity change from 0 to 64 [ 185.983862][ T7231] loop3: detected capacity change from 0 to 32768 [ 186.161638][ T38] audit: type=1800 audit(1777471391.883:57): pid=7242 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.610" name="file1" dev="loop2" ino=18 res=0 errno=0 [ 186.306965][ T7231] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 186.859231][ T7231] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 186.957043][ T7231] XFS (loop3): Starting recovery (logdev: internal) [ 186.988387][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.360648][ T7231] XFS (loop3): Ending recovery (logdev: internal) [ 187.442581][ T7274] loop1: detected capacity change from 0 to 256 [ 187.551192][ T7274] exFAT-fs (loop1): error, no upcase table entry. Please run fsck [ 187.551212][ T7274] exFAT-fs (loop1): Filesystem has been set read-only [ 187.551447][ T7274] exFAT-fs (loop1): failed to test first cluster bit of root dir(5) [ 187.757802][ T5599] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 188.643445][ T7290] loop0: detected capacity change from 0 to 4096 [ 188.644641][ T7290] EXT4-fs: Ignoring removed orlov option [ 188.672722][ T7290] EXT4-fs (loop0): Test dummy encryption mode enabled [ 188.702966][ T7292] loop2: detected capacity change from 0 to 1024 [ 188.717771][ T7292] EXT4-fs: inline encryption not supported [ 188.726445][ T7292] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 188.750206][ T7292] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e814c01c, mo2=0003] [ 188.750323][ T7292] System zones: 0-1, 3-36 [ 188.760061][ T7290] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.790084][ T7292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 188.830207][ T7290] EXT4-fs: Can't set or change test_dummy_encryption on remount [ 189.130848][ T5600] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 189.295865][ T7309] loop3: detected capacity change from 0 to 256 [ 190.295458][ T5738] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 190.479769][ T5738] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 190.479826][ T5738] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 190.479854][ T5738] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 190.479891][ T5738] usb 1-1: New USB device found, idVendor=056a, idProduct=0010, bcdDevice= 0.00 [ 190.479912][ T5738] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 190.541663][ T5738] usb 1-1: config 0 descriptor?? [ 191.031793][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.345477][ T5738] usb 1-1: USB disconnect, device number 5 [ 192.646454][ T7336] loop0: detected capacity change from 0 to 256 [ 192.670059][ T7337] loop1: detected capacity change from 0 to 64 [ 193.813852][ T7352] loop2: detected capacity change from 0 to 512 [ 193.827715][ T5738] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 193.985455][ T5738] usb 4-1: Using ep0 maxpacket: 16 [ 194.179584][ T5738] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.179617][ T5738] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.179703][ T5738] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 194.179725][ T5738] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.384234][ T5738] usb 4-1: config 0 descriptor?? [ 194.421490][ T7352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 194.421617][ T7352] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 194.564359][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.586078][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.754604][ T7352] EXT4-fs: Ignoring sb option on remount [ 194.757753][ T7352] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 195.780282][ T7352] EXT4-fs (loop2): can't disable delalloc during remount [ 195.933793][ T5738] mcp2221 0003:04D8:00DD.0009: unexpected long global item [ 195.952399][ T5738] mcp2221 0003:04D8:00DD.0009: can't parse reports [ 195.952614][ T5738] mcp2221 0003:04D8:00DD.0009: probe with driver mcp2221 failed with error -22 [ 196.445840][ T5738] usb 4-1: USB disconnect, device number 5 [ 197.120641][ T7359] loop1: detected capacity change from 0 to 32768 [ 197.562485][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 197.769853][ T7359] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 198.008563][ T7359] XFS (loop1): Ending clean mount [ 198.422449][ T5602] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 198.822922][ T7384] tipc: Enabling of bearer rejected, failed to enable media [ 199.011537][ T7386] loop2: detected capacity change from 0 to 4096 [ 199.689455][ T7386] ntfs3(loop2): Mark volume as dirty due to NTFS errors [ 199.698159][ T7399] loop0: detected capacity change from 0 to 4096 [ 199.742036][ T7399] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 201.015517][ T7407] tipc: Started in network mode [ 201.015538][ T7407] tipc: Node identity 4, cluster identity 4711 [ 201.015549][ T7407] tipc: Node number set to 4 [ 202.045361][ T4924] Bluetooth: hci4: command 0x0406 tx timeout [ 202.060746][ T5609] Bluetooth: hci0: command 0x0406 tx timeout [ 202.060784][ T5609] Bluetooth: hci2: command 0x0406 tx timeout [ 202.060806][ T5609] Bluetooth: hci3: command 0x0406 tx timeout [ 202.330805][ T5618] Bluetooth: hci1: command 0x0406 tx timeout [ 203.310890][ T7430] comedi comedi3: 8255: I/O base address not correctly aligned [ 203.327374][ T5738] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 203.476687][ T5738] usb 3-1: Using ep0 maxpacket: 16 [ 203.479212][ T5738] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.479242][ T5738] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.479263][ T5738] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 203.479303][ T5738] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 203.479325][ T5738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.598500][ T5738] usb 3-1: config 0 descriptor?? [ 203.620105][ T7432] loop4: detected capacity change from 0 to 1024 [ 203.942884][ T7434] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 203.945771][ T7434] overlayfs: conflicting options: userxattr,redirect_dir=on [ 204.108591][ T5738] hid_parser_main: 65 callbacks suppressed [ 204.108642][ T5738] microsoft 0003:045E:07DA.000A: unknown main item tag 0x0 [ 204.108673][ T5738] microsoft 0003:045E:07DA.000A: ignoring exceeding usage max [ 204.122130][ T5738] microsoft 0003:045E:07DA.000A: ignoring exceeding usage max [ 204.489943][ T5738] microsoft 0003:045E:07DA.000A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0 [ 204.489975][ T5738] microsoft 0003:045E:07DA.000A: no inputs found [ 204.489988][ T5738] microsoft 0003:045E:07DA.000A: could not initialize ff, continuing anyway [ 204.589020][ T5738] usb 3-1: USB disconnect, device number 4 [ 204.859372][ T7438] netlink: 24 bytes leftover after parsing attributes in process `syz.1.685'. [ 205.336857][ T7436] fido_id[7436]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 205.785435][ T5738] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 205.945643][ T5738] usb 1-1: Using ep0 maxpacket: 16 [ 205.993825][ T5738] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.993856][ T5738] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.993878][ T5738] usb 1-1: config 0 interface 0 has no altsetting 0 [ 205.993908][ T5738] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00 [ 205.993928][ T5738] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 206.056934][ T5738] usb 1-1: config 0 descriptor?? [ 207.380941][ T5738] nzxt-smart2 0003:1E71:2009.000B: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0 [ 207.737787][ T5738] usb 1-1: USB disconnect, device number 6 [ 209.097477][ T7460] loop0: detected capacity change from 0 to 128 [ 209.174076][ T7458] fido_id[7458]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 209.261141][ T7460] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 209.292973][ T7460] ext4 filesystem being mounted at /131/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 209.372252][ T7460] EXT4-fs warning (device loop0): ext4_dirblock_csum_verify:375: inode #2: comm syz.0.694: No space for directory leaf checksum. Please run e2fsck -D. [ 209.372282][ T7460] EXT4-fs error (device loop0): htree_dirblock_to_tree:1051: inode #2: comm syz.0.694: Directory block failed checksum [ 210.397054][ T5600] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 210.464488][ T7470] sg_write: data in/out 451548/226 bytes for SCSI command 0x0-- guessing data in; [ 210.464488][ T7470] program syz.1.698 not setting count and/or reply_len properly [ 212.767769][ T7486] loop4: detected capacity change from 0 to 2048 [ 213.189622][ T7486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.033008][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.000790][ T7520] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd [ 215.655427][ T5738] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 215.848244][ T5738] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 215.848272][ T5738] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 215.848290][ T5738] usb 2-1: Product: syz [ 215.848303][ T5738] usb 2-1: Manufacturer: syz [ 215.848316][ T5738] usb 2-1: SerialNumber: syz [ 215.892645][ T5738] usb 2-1: config 0 descriptor?? [ 216.124182][ T5738] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 216.526221][ T7529] loop3: detected capacity change from 0 to 764 [ 216.798679][ T5738] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 216.822400][ T5738] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 216.822488][ T5738] usb 2-1: media controller created [ 217.883353][ T7544] loop4: detected capacity change from 0 to 4096 [ 217.923589][ T5738] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 218.521663][ T7548] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 219.112313][ T5738] DVB: Unable to find symbol mt352_attach() [ 219.522305][ T5738] DVB: Unable to find symbol nxt6000_attach() [ 219.522333][ T5738] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 219.613336][ T5738] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10 [ 220.176976][ T5738] dvb-usb: schedule remote query interval to 1000 msecs. [ 220.177005][ T5738] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 220.242086][ T5738] dvb-usb: bulk message failed: -22 (7/0) [ 220.242110][ T5738] dvb-usb: bulk message failed: -22 (7/0) [ 220.343666][ T5738] usb 2-1: USB disconnect, device number 7 [ 221.998726][ T7579] loop2: detected capacity change from 0 to 1024 [ 222.013908][ T7579] EXT4-fs: Ignoring removed bh option [ 222.023440][ T7579] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 222.127324][ T7579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 222.580392][ T7579] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 223.680590][ T7600] netlink: 8 bytes leftover after parsing attributes in process `syz.3.751'. [ 223.680611][ T7600] netlink: 4 bytes leftover after parsing attributes in process `syz.3.751'. [ 223.680635][ T7600] netlink: 'syz.3.751': attribute type 14 has an invalid length. [ 223.680648][ T7600] netlink: 'syz.3.751': attribute type 13 has an invalid length. [ 223.895798][ T5738] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 224.056415][ T7605] loop0: detected capacity change from 0 to 64 [ 224.790866][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 226.126822][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.0.757'. [ 226.180119][ T7624] netlink: 8 bytes leftover after parsing attributes in process `syz.0.757'. [ 226.310614][ T7628] netlink: 24 bytes leftover after parsing attributes in process `syz.4.762'. [ 226.835525][ T7637] loop2: detected capacity change from 0 to 512 [ 226.857880][ T7637] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 227.126362][ T7637] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 227.209883][ T7637] EXT4-fs error (device loop2): ext4_map_blocks:791: inode #2: block 3: comm syz.2.767: lblock 8 mapped to illegal pblock 3 (length 26) [ 229.241270][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 230.082611][ T7654] netlink: 'syz.4.772': attribute type 1 has an invalid length. [ 230.164408][ T7653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.771'. [ 230.317058][ T7656] loop4: detected capacity change from 0 to 512 [ 230.438899][ T7656] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.773: couldn't read orphan inode 26 (err -116) [ 230.439061][ T7656] loop4: lost filesystem error report for type 5 error -116 [ 230.444918][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 230.444937][ C0] EXT4-fs (loop4): initial error at time 1777471436: ext4_orphan_get:1402 [ 230.444955][ C0] EXT4-fs (loop4): last error at time 1777471436: ext4_orphan_get:1402 [ 230.495700][ T7656] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 230.495840][ T7656] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 231.753942][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 232.284153][ T7670] xt_limit: Overflow, try lower: 271964/0 [ 232.320957][ T7672] loop3: detected capacity change from 0 to 256 [ 232.771833][ T7674] loop4: detected capacity change from 0 to 128 [ 232.851946][ T7674] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 232.851996][ T7674] hpfs: filesystem error: improperly stopped [ 232.852009][ T7674] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 232.852022][ T7674] hpfs: You really don't want any checks? You are crazy... [ 232.852443][ T7674] hpfs: hpfs_map_sector(): read error [ 232.852453][ T7674] hpfs: code page support is disabled [ 232.853592][ T7674] hpfs: hpfs_map_4sectors(): unaligned read [ 232.853692][ T7674] hpfs: hpfs_map_4sectors(): unaligned read [ 232.853701][ T7674] hpfs: filesystem error: unable to find root dir [ 233.356251][ T7682] netlink: 67 bytes leftover after parsing attributes in process `syz.3.785'. [ 233.556771][ T7686] netlink: 8 bytes leftover after parsing attributes in process `syz.3.787'. [ 233.661199][ T7688] netlink: 'syz.3.788': attribute type 10 has an invalid length. [ 233.661219][ T7688] netlink: 40 bytes leftover after parsing attributes in process `syz.3.788'. [ 233.689807][ T7688] team0: entered promiscuous mode [ 233.689827][ T7688] team_slave_0: entered promiscuous mode [ 233.690057][ T7688] team_slave_1: entered promiscuous mode [ 233.707247][ T7688] team0: entered allmulticast mode [ 233.707266][ T7688] team_slave_0: entered allmulticast mode [ 233.707290][ T7688] team_slave_1: entered allmulticast mode [ 233.708478][ T7688] bridge0: port 3(team0) entered blocking state [ 233.708925][ T7688] bridge0: port 3(team0) entered disabled state [ 233.770303][ T7688] bridge0: port 3(team0) entered blocking state [ 233.770491][ T7688] bridge0: port 3(team0) entered forwarding state [ 234.310940][ T7694] netlink: 'syz.2.791': attribute type 1 has an invalid length. [ 238.515449][ T7739] loop2: detected capacity change from 0 to 512 [ 238.578936][ T7739] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 238.684630][ T7739] EXT4-fs (loop2): 1 orphan inode deleted [ 238.684654][ T7739] EXT4-fs (loop2): 1 truncate cleaned up [ 238.695704][ T7739] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 238.842362][ T7744] loop3: detected capacity change from 0 to 2048 [ 238.982163][ T7744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 239.285468][ T7742] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 239.924385][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.196958][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 240.763711][ T7765] tipc: Enabled bearer , priority 10 [ 240.858445][ T5614] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 240.951902][ T5614] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 240.964744][ T5614] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 240.966684][ T5614] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 240.974553][ T5614] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 241.542883][ T7774] loop3: detected capacity change from 0 to 1024 [ 241.786076][ T5616] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 241.842457][ T5616] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 241.859181][ T5616] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 241.862918][ T5616] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 241.973452][ T5616] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 242.700741][ T7762] loop2: detected capacity change from 0 to 32768 [ 243.085373][ T5614] Bluetooth: hci5: command tx timeout [ 244.125442][ T5614] Bluetooth: hci6: command tx timeout [ 245.165439][ T5614] Bluetooth: hci5: command tx timeout [ 246.205413][ T5614] Bluetooth: hci6: command tx timeout [ 247.150592][ T7820] netlink: 'syz.4.833': attribute type 2 has an invalid length. [ 247.245421][ T5614] Bluetooth: hci5: command tx timeout [ 248.058073][ T7772] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.063329][ T7772] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.063751][ T7772] bridge_slave_0: entered allmulticast mode [ 248.109293][ T7772] bridge_slave_0: entered promiscuous mode [ 248.286081][ T5614] Bluetooth: hci6: command tx timeout [ 248.378651][ T7772] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.378940][ T7772] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.379259][ T7772] bridge_slave_1: entered allmulticast mode [ 248.538762][ T7772] bridge_slave_1: entered promiscuous mode [ 248.627059][ T7837] netlink: 20 bytes leftover after parsing attributes in process `syz.3.839'. [ 249.170162][ T821] IPVS: starting estimator thread 0... [ 249.173828][ T7847] IPVS: ip_vs_edit_dest(): server weight less than zero [ 249.285542][ T7848] IPVS: using max 9 ests per chain, 21600 per kthread [ 249.325583][ T5614] Bluetooth: hci5: command tx timeout [ 250.365924][ T5614] Bluetooth: hci6: command tx timeout [ 250.511424][ T7772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.191429][ T7868] mmap: syz.2.852 (7868) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 251.613008][ T7772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.891020][ T7880] loop2: detected capacity change from 0 to 512 [ 252.992695][ T7880] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2 [ 252.993519][ T7880] EXT4-fs error (device loop2): ext4_iget_extra_inode:5128: inode #15: comm syz.2.857: corrupted in-inode xattr: e_value size too large [ 252.993549][ T7880] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 252.993940][ T7880] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.857: couldn't read orphan inode 15 (err -117) [ 252.993968][ T7880] loop2: lost filesystem error report for type 5 error -117 [ 253.059283][ T7880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 253.550220][ T7887] loop3: detected capacity change from 0 to 128 [ 253.638240][ T7887] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 253.668943][ T7887] ext4 filesystem being mounted at /206/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 253.875759][ T7887] EXT4-fs warning (device loop3): ext4_group_extend:1890: can't read last block, resize aborted [ 253.934322][ T7772] team0: Port device team_slave_0 added [ 253.988597][ T7772] team0: Port device team_slave_1 added [ 254.364400][ T7772] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 254.364416][ T7772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 254.364439][ T7772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 254.452759][ T7763] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.453156][ T7763] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.453472][ T7763] bridge_slave_0: entered allmulticast mode [ 254.486275][ T7763] bridge_slave_0: entered promiscuous mode [ 254.588094][ T7772] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 254.588110][ T7772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 254.588133][ T7772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 254.592443][ T7763] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.592725][ T7763] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.593305][ T7763] bridge_slave_1: entered allmulticast mode [ 254.686825][ T7763] bridge_slave_1: entered promiscuous mode [ 255.090216][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 255.349968][ T7904] loop2: detected capacity change from 0 to 128 [ 255.453770][ T5599] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 255.657175][ T7904] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only [ 255.657241][ T7904] hpfs: filesystem error: improperly stopped [ 255.657255][ T7904] hpfs: filesystem error: warning: spare dnodes used, try chkdsk [ 255.657269][ T7904] hpfs: You really don't want any checks? You are crazy... [ 255.657677][ T7904] hpfs: hpfs_map_sector(): read error [ 255.657688][ T7904] hpfs: code page support is disabled [ 255.657804][ T7904] hpfs: hpfs_map_4sectors(): unaligned read [ 255.657884][ T7904] hpfs: hpfs_map_4sectors(): unaligned read [ 255.657893][ T7904] hpfs: filesystem error: unable to find root dir [ 256.198148][ T7763] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 256.340287][ T7912] loop4: detected capacity change from 0 to 256 [ 256.352228][ T7912] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 257.207546][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 257.207638][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.750585][ T7925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.875'. [ 260.830009][ T7936] loop2: detected capacity change from 0 to 1024 [ 260.865727][ T7936] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended. mounting read-only. [ 261.238527][ T7942] loop4: detected capacity change from 0 to 128 [ 261.269997][ T7942] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 261.299026][ T7942] ext4 filesystem being mounted at /172/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 262.896699][ T5603] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 263.067965][ T7947] loop2: detected capacity change from 0 to 128 [ 263.152546][ T7947] FAT-fs (loop2): Invalid FSINFO signature: 0x41000006, 0x61417272 (sector = 1) [ 263.950773][ T7952] loop4: detected capacity change from 0 to 512 [ 264.057339][ T7952] EXT4-fs (loop4): orphan cleanup on readonly fs [ 264.057908][ T7952] Quota error (device loop4): v2_read_file_info: Block with free entry 9 out of range (1, 6). [ 264.058105][ T7952] EXT4-fs warning (device loop4): ext4_enable_quotas:7269: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 264.109108][ T7952] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 264.131441][ T7952] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #14: comm syz.4.888: invalid orphan symlink nlink 1 [ 264.131473][ T7952] loop4: lost file I/O error report for ino 14 type 5 pos 0x0 len 0x0 error -117 [ 264.132052][ T7952] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.888: couldn't read orphan inode 14 (err -117) [ 264.132081][ T7952] loop4: lost filesystem error report for type 5 error -117 [ 264.132596][ T7952] EXT4-fs (loop4): 1 truncate cleaned up [ 264.189515][ T7952] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 264.543882][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 264.698603][ T7763] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 264.766874][ T7772] hsr_slave_0: entered promiscuous mode [ 264.772783][ T7772] hsr_slave_1: entered promiscuous mode [ 264.791381][ T7772] debugfs: 'hsr0' already exists in 'hsr' [ 264.791407][ T7772] Cannot create hsr debugfs directory [ 265.278151][ T7763] team0: Port device team_slave_0 added [ 265.546658][ T7763] team0: Port device team_slave_1 added [ 265.825419][ T5738] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 266.027960][ T7977] loop3: detected capacity change from 0 to 256 [ 266.123983][ T5738] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 266.124038][ T5738] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18 [ 266.124060][ T5738] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 266.272797][ T5738] gspca_main: stv0680-2.14.0 probing 041e:4007 [ 267.580267][ T5738] gspca_stv0680: usb_control_msg error 2, request = 0x6, error = -71 [ 267.580290][ T5738] stv0680 3-1:4.0: Could not get descriptor 0200 [ 267.581811][ T5738] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71 [ 267.581830][ T5738] stv0680 3-1:4.0: last error: 9, command = 0x5 [ 267.697781][ T5738] usb 3-1: USB disconnect, device number 5 [ 269.843325][ T7763] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 269.843342][ T7763] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 269.843367][ T7763] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 270.032126][ T7763] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 270.032144][ T7763] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 270.032169][ T7763] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 270.360031][ T7763] hsr_slave_0: entered promiscuous mode [ 270.362608][ T7763] hsr_slave_1: entered promiscuous mode [ 270.364698][ T7763] debugfs: 'hsr0' already exists in 'hsr' [ 270.364722][ T7763] Cannot create hsr debugfs directory [ 271.124398][ T7994] loop4: detected capacity change from 0 to 512 [ 271.150265][ T7994] EXT4-fs: Ignoring removed i_version option [ 271.171126][ T7994] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 271.270011][ T7994] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.905: invalid indirect mapped block 4294967295 (level 1) [ 271.270051][ T7994] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 271.274812][ C0] EXT4-fs (loop4): initial error at time 1777471476: ext4_free_branches:1023: inode 11 [ 271.274847][ C0] EXT4-fs (loop4): last error at time 1777471476: ext4_free_branches:1023: inode 11 [ 271.379418][ T7994] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.905: invalid indirect mapped block 4294967295 (level 1) [ 271.379464][ T7994] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 271.380531][ T7994] EXT4-fs (loop4): 2 truncates cleaned up [ 271.431993][ T7994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.373972][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.479181][ T9] IPVS: starting estimator thread 0... [ 275.565060][ T8012] IPVS: using max 9 ests per chain, 21600 per kthread [ 275.889898][ T8016] loop4: detected capacity change from 0 to 512 [ 275.940692][ T8016] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.913: iget: bad i_size value: 38620345925642 [ 275.940741][ T8016] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 275.944851][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 275.944871][ C0] EXT4-fs (loop4): initial error at time 1777471481: ext4_orphan_get:1397: inode 15 [ 275.944897][ C0] EXT4-fs (loop4): last error at time 1777471481: ext4_orphan_get:1397: inode 15 [ 275.955910][ T8016] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.913: couldn't read orphan inode 15 (err -117) [ 275.955942][ T8016] loop4: lost filesystem error report for type 5 error -117 [ 276.043005][ T8016] EXT4-fs (loop4): mounted filesystem 00000000-0000-00a1-0000-000000000000 r/w without journal. Quota mode: writeback. [ 276.960389][ T8013] loop2: detected capacity change from 0 to 32768 [ 277.264018][ T7772] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 277.549312][ T5603] EXT4-fs (loop4): unmounting filesystem 00000000-0000-00a1-0000-000000000000. [ 278.038179][ T7772] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 278.159832][ T7772] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 279.211744][ T8037] loop3: detected capacity change from 0 to 512 [ 279.233824][ T8037] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 279.292730][ T8037] EXT4-fs (loop3): orphan cleanup on readonly fs [ 279.293095][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 279.293121][ T8037] loop3: lost filesystem error report for type 5 error -117 [ 279.295367][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 279.295387][ C0] EXT4-fs (loop3): initial error at time 1777471485: ext4_read_block_bitmap_nowait:517 [ 279.295408][ C0] EXT4-fs (loop3): last error at time 1777471485: ext4_read_block_bitmap_nowait:517 [ 279.398563][ T8037] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 279.398589][ T8037] loop3: lost filesystem error report for type 5 error -117 [ 279.435833][ T8037] EXT4-fs (loop3): 1 orphan inode deleted [ 279.444056][ T8037] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 279.881171][ T8045] loop2: detected capacity change from 0 to 4096 [ 279.955476][ T7772] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 279.966989][ T7772] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 280.147227][ T8045] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=6) [ 280.152342][ T8046] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 280.271022][ T8045] NILFS (loop2): mounting fs with errors [ 281.211322][ T8037] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 281.248035][ T8037] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 281.266629][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 281.270098][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 281.366733][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 281.367577][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 281.368206][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 281.368941][ T8037] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:517: comm syz.3.920: Block bitmap for bg 0 marked uninitialized [ 282.053142][ T7772] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 282.094109][ T5599] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 283.076871][ T7772] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 284.199939][ T7772] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 284.843159][ T38] audit: type=1326 audit(1777471490.563:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8067 comm="syz.2.930" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fef9692cdd9 code=0x0 [ 284.988700][ T7763] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 286.460760][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 286.512271][ T7763] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 286.895458][ T1009] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 287.046844][ T1009] usb 3-1: Using ep0 maxpacket: 8 [ 287.054385][ T1009] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 287.073019][ T1009] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 287.073048][ T1009] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 287.073250][ T1009] usb 3-1: Product: syz [ 287.073268][ T1009] usb 3-1: Manufacturer: syz [ 287.073282][ T1009] usb 3-1: SerialNumber: syz [ 287.143216][ T1009] usb 3-1: config 0 descriptor?? [ 287.162767][ T1009] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 287.162843][ T1009] usb 3-1: setting power ON [ 287.179186][ T1009] dvb-usb: bulk message failed: -22 (2/0) [ 287.249803][ T1009] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 287.250599][ T1009] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 287.250748][ T1009] usb 3-1: media controller created [ 287.321323][ T1009] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 287.383392][ T8080] dvb-usb: bulk message failed: -22 (3/0) [ 287.383417][ T8080] cxusb: i2c rd: len=147 is too big! [ 287.383417][ T8080] [ 287.521413][ T1009] usb 3-1: selecting invalid altsetting 6 [ 287.521437][ T1009] usb 3-1: digital interface selection failed (-22) [ 287.521453][ T1009] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 287.524560][ T1009] usb 3-1: setting power OFF [ 287.524725][ T1009] dvb-usb: bulk message failed: -22 (2/0) [ 287.557770][ T1009] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 287.557789][ T1009] (NULL device *): no alternate interface [ 287.651207][ T1009] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 287.675846][ T1009] usb 3-1: USB disconnect, device number 6 [ 288.734423][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 288.817926][ T8093] sch_tbf: burst 0 is lower than device dummy0 mtu (1514) ! [ 289.315429][ T5738] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 289.515419][ T5738] usb 4-1: Using ep0 maxpacket: 8 [ 289.519025][ T5738] usb 4-1: config index 0 descriptor too short (expected 30, got 18) [ 289.526873][ T5738] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 289.526903][ T5738] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 289.526923][ T5738] usb 4-1: Product: syz [ 289.526937][ T5738] usb 4-1: Manufacturer: syz [ 289.526951][ T5738] usb 4-1: SerialNumber: syz [ 289.589234][ T5738] usb 4-1: config 0 descriptor?? [ 289.613612][ T5738] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 289.613671][ T5738] usb 4-1: setting power ON [ 289.613690][ T5738] dvb-usb: bulk message failed: -22 (2/0) [ 289.688689][ T5738] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 289.689425][ T5738] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 289.689477][ T5738] usb 4-1: media controller created [ 289.730573][ T5738] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 289.769213][ T5738] usb 4-1: selecting invalid altsetting 6 [ 289.769237][ T5738] usb 4-1: digital interface selection failed (-22) [ 289.769261][ T5738] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 289.770515][ T5738] usb 4-1: setting power OFF [ 289.770536][ T5738] dvb-usb: bulk message failed: -22 (2/0) [ 289.770552][ T5738] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 289.770564][ T5738] (NULL device *): no alternate interface [ 289.832965][ T8095] dvb-usb: bulk message failed: -22 (3/0) [ 289.832987][ T8095] cxusb: i2c wr: len=79 is too big! [ 289.832987][ T8095] [ 289.956129][ T7763] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 290.101911][ T5738] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 290.130957][ T5738] usb 4-1: USB disconnect, device number 6 [ 290.223006][ T8097] loop2: detected capacity change from 0 to 512 [ 290.232053][ T8097] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 290.278919][ T8097] EXT4-fs (loop2): 1 truncate cleaned up [ 290.291936][ T8097] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 290.343025][ T8097] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 13: comm syz.2.943: bad entry in directory: directory entry overrun - offset=76, inode=16, rec_len=1024, size=1024 fake=0 [ 291.241609][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 291.529226][ T8104] loop2: detected capacity change from 0 to 24 [ 291.548012][ T8104] MTD: Attempt to mount non-MTD device "/dev/loop2" [ 291.650169][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 291.720134][ T8101] netlink: 'syz.3.945': attribute type 29 has an invalid length. [ 291.781258][ T7763] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 291.924443][ T8104] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 293.454619][ T7763] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 294.242816][ T8116] loop2: detected capacity change from 0 to 16 [ 294.774042][ T8116] erofs (device loop2): mounted with root inode @ nid 36. [ 294.859387][ T5616] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 294.929216][ T5616] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 294.933162][ T5616] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 294.934292][ T5616] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 294.958181][ T5616] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 296.234415][ T8124] loop2: detected capacity change from 0 to 256 [ 296.249279][ T8124] exfat: Deprecated parameter 'utf8' [ 296.299881][ T8124] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 297.091175][ T5614] Bluetooth: hci4: command tx timeout [ 299.166453][ T5614] Bluetooth: hci4: command tx timeout [ 300.378641][ T5616] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 300.438594][ T5616] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 300.443005][ T5616] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 300.480930][ T5616] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 300.481795][ T5616] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 300.720755][ T5614] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 300.818951][ T5614] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 300.859896][ T5614] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 300.861332][ T5614] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 300.862261][ T5614] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 301.245448][ T5616] Bluetooth: hci4: command tx timeout [ 302.606359][ T5616] Bluetooth: hci1: command tx timeout [ 303.007043][ T5616] Bluetooth: hci7: command tx timeout [ 303.325526][ T5616] Bluetooth: hci4: command tx timeout [ 304.685952][ T5616] Bluetooth: hci1: command tx timeout [ 305.085379][ T5616] Bluetooth: hci7: command tx timeout [ 306.767132][ T5616] Bluetooth: hci1: command tx timeout [ 307.168372][ T5616] Bluetooth: hci7: command tx timeout [ 307.348945][ T7763] kthread_run failed with err -4 [ 308.331438][ T5614] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 308.405594][ T5614] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 308.449265][ T5614] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 308.453061][ T5614] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 308.477893][ T5614] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 308.849993][ T5616] Bluetooth: hci1: command tx timeout [ 309.245598][ T5614] Bluetooth: hci7: command tx timeout [ 311.795166][ T5614] Bluetooth: hci8: command tx timeout [ 313.417391][ T8117] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.418063][ T8117] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.418406][ T8117] bridge_slave_0: entered allmulticast mode [ 313.421922][ T8117] bridge_slave_0: entered promiscuous mode [ 313.509836][ T8117] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.511648][ T8117] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.512373][ T8117] bridge_slave_1: entered allmulticast mode [ 313.557291][ T8117] bridge_slave_1: entered promiscuous mode [ 313.740150][ T8134] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.740528][ T8134] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.740818][ T8134] bridge_slave_0: entered allmulticast mode [ 313.744582][ T8134] bridge_slave_0: entered promiscuous mode [ 313.879450][ T8134] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.881157][ T8134] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.881486][ T8134] bridge_slave_1: entered allmulticast mode [ 313.894163][ T5616] Bluetooth: hci8: command tx timeout [ 313.950464][ T8134] bridge_slave_1: entered promiscuous mode [ 314.087246][ T8117] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 314.143100][ T8136] bridge0: port 1(bridge_slave_0) entered blocking state [ 314.143380][ T8136] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.143657][ T8136] bridge_slave_0: entered allmulticast mode [ 314.168931][ T8136] bridge_slave_0: entered promiscuous mode [ 314.334617][ T8216] ALSA: seq fatal error: cannot create timer (-22) [ 314.398515][ T8117] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 314.461838][ T8136] bridge0: port 2(bridge_slave_1) entered blocking state [ 314.463089][ T8136] bridge0: port 2(bridge_slave_1) entered disabled state [ 314.464422][ T8136] bridge_slave_1: entered allmulticast mode [ 314.490960][ T8136] bridge_slave_1: entered promiscuous mode [ 314.754340][ T8134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 314.811551][ T8219] loop2: detected capacity change from 0 to 4096 [ 314.992850][ T8134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 315.035392][ T8221] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 315.965371][ T5616] Bluetooth: hci8: command tx timeout [ 318.045786][ T5616] Bluetooth: hci8: command tx timeout [ 319.389369][ T8117] team0: Port device team_slave_0 added [ 322.339935][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.340042][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 332.922320][ T8136] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 333.001966][ T8117] team0: Port device team_slave_1 added [ 333.088518][ T8136] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 333.308671][ T8134] team0: Port device team_slave_0 added [ 333.383682][ T8163] bridge0: port 1(bridge_slave_0) entered blocking state [ 333.383975][ T8163] bridge0: port 1(bridge_slave_0) entered disabled state [ 333.384302][ T8163] bridge_slave_0: entered allmulticast mode [ 333.419230][ T8163] bridge_slave_0: entered promiscuous mode [ 333.503893][ T8134] team0: Port device team_slave_1 added [ 333.619256][ T8163] bridge0: port 2(bridge_slave_1) entered blocking state [ 333.619534][ T8163] bridge0: port 2(bridge_slave_1) entered disabled state [ 333.619875][ T8163] bridge_slave_1: entered allmulticast mode [ 333.651543][ T8163] bridge_slave_1: entered promiscuous mode [ 333.672113][ T8117] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 333.672130][ T8117] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 333.672155][ T8117] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 333.783832][ T8231] loop2: detected capacity change from 0 to 2048 [ 333.928333][ T8136] team0: Port device team_slave_0 added [ 333.932535][ T8231] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 334.165897][ T8117] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 334.165914][ T8117] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 334.165940][ T8117] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.276735][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 337.440311][ T8136] team0: Port device team_slave_1 added [ 337.532015][ T8134] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 337.532031][ T8134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 337.532057][ T8134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.611069][ T8163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 337.674702][ T8134] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.674719][ T8134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 337.719213][ T8134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 337.744276][ T8163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 337.761449][ T8136] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 337.761464][ T8136] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 337.761489][ T8136] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 337.945345][ T8136] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 337.945363][ T8136] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 337.945390][ T8136] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 338.124660][ T8117] hsr_slave_0: entered promiscuous mode [ 338.140685][ T8117] hsr_slave_1: entered promiscuous mode [ 338.142412][ T8117] debugfs: 'hsr0' already exists in 'hsr' [ 338.142436][ T8117] Cannot create hsr debugfs directory [ 338.174591][ T8163] team0: Port device team_slave_0 added [ 338.401624][ T8163] team0: Port device team_slave_1 added [ 338.575882][ T8134] hsr_slave_0: entered promiscuous mode [ 338.578097][ T8134] hsr_slave_1: entered promiscuous mode [ 338.580101][ T8134] debugfs: 'hsr0' already exists in 'hsr' [ 338.580125][ T8134] Cannot create hsr debugfs directory [ 342.252166][ T8136] hsr_slave_0: entered promiscuous mode [ 342.254247][ T8136] hsr_slave_1: entered promiscuous mode [ 342.271340][ T8136] debugfs: 'hsr0' already exists in 'hsr' [ 342.271367][ T8136] Cannot create hsr debugfs directory [ 342.292310][ T8163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 342.292325][ T8163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 342.292350][ T8163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 342.292883][ T8240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.966'. [ 342.520483][ T8163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 342.520499][ T8163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 342.520527][ T8163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 342.597690][ T8242] netlink: 16 bytes leftover after parsing attributes in process `syz.2.967'. [ 343.483347][ T8246] loop2: detected capacity change from 0 to 512 [ 343.695511][ T8246] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 343.774218][ T8246] EXT4-fs (loop2): 1 truncate cleaned up [ 343.788877][ T8246] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 343.851842][ T8163] hsr_slave_0: entered promiscuous mode [ 343.893986][ T8163] hsr_slave_1: entered promiscuous mode [ 343.928674][ T8163] debugfs: 'hsr0' already exists in 'hsr' [ 343.928700][ T8163] Cannot create hsr debugfs directory [ 345.875965][ T5601] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 348.622469][ T8117] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 348.826092][ T8117] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 348.880879][ T8117] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 349.959844][ T8117] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 354.838434][ T5614] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 354.909353][ T5614] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 354.930909][ T5614] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 355.098446][ T5614] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 355.102629][ T5614] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 357.165646][ T5616] Bluetooth: hci5: command tx timeout [ 357.715556][ T8117] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 359.245516][ T5616] Bluetooth: hci5: command tx timeout [ 359.820581][ T8117] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 360.494454][ T5614] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 360.572067][ T5614] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 360.619140][ T5614] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 360.638189][ T5614] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 360.670200][ T5614] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 361.330792][ T5614] Bluetooth: hci5: command tx timeout [ 362.383939][ T5616] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 362.462609][ T5616] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 362.495917][ T5616] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 362.533870][ T5616] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 362.542957][ T5616] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 362.860131][ T5614] Bluetooth: hci6: command tx timeout [ 363.407779][ T5614] Bluetooth: hci5: command tx timeout [ 364.253110][ T5616] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 364.351315][ T5616] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 364.353136][ T5616] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 364.439580][ T5616] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 364.442769][ T5616] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 364.766139][ T5616] Bluetooth: hci9: command tx timeout [ 364.925757][ T5616] Bluetooth: hci6: command tx timeout [ 366.845304][ T5616] Bluetooth: hci9: command tx timeout [ 367.005786][ T5616] Bluetooth: hci6: command tx timeout [ 367.407035][ T5616] Bluetooth: hci10: command tx timeout [ 368.161025][ T5614] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 368.246099][ T5614] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 368.249067][ T5614] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 368.320803][ T5614] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 368.338599][ T5614] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 368.926252][ T5614] Bluetooth: hci9: command tx timeout [ 369.085659][ T5614] Bluetooth: hci6: command tx timeout [ 369.489398][ T5614] Bluetooth: hci10: command tx timeout [ 370.605565][ T5614] Bluetooth: hci11: command tx timeout [ 371.005373][ T5614] Bluetooth: hci9: command tx timeout [ 371.565392][ T5614] Bluetooth: hci10: command tx timeout [ 372.685632][ T5614] Bluetooth: hci11: command tx timeout [ 373.299817][ T1032] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 373.645499][ T5614] Bluetooth: hci10: command tx timeout [ 374.765777][ T5614] Bluetooth: hci11: command tx timeout [ 376.845424][ T5614] Bluetooth: hci11: command tx timeout [ 383.752757][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.752855][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.283837][ T8254] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.284158][ T8254] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.307868][ T8254] bridge_slave_0: entered allmulticast mode [ 390.327115][ T8254] bridge_slave_0: entered promiscuous mode [ 390.452188][ T8254] bridge0: port 2(bridge_slave_1) entered blocking state [ 390.452826][ T8254] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.453151][ T8254] bridge_slave_1: entered allmulticast mode [ 390.480551][ T8254] bridge_slave_1: entered promiscuous mode [ 390.659465][ T8266] bridge0: port 1(bridge_slave_0) entered blocking state [ 390.660779][ T8266] bridge0: port 1(bridge_slave_0) entered disabled state [ 390.661109][ T8266] bridge_slave_0: entered allmulticast mode [ 390.698789][ T8266] bridge_slave_0: entered promiscuous mode [ 390.786465][ T8266] bridge0: port 2(bridge_slave_1) entered blocking state [ 390.787433][ T8266] bridge0: port 2(bridge_slave_1) entered disabled state [ 390.787803][ T8266] bridge_slave_1: entered allmulticast mode [ 390.791268][ T8266] bridge_slave_1: entered promiscuous mode [ 390.871328][ T8254] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 390.986906][ T8254] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 391.137472][ T8266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 391.251316][ T8266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 391.279084][ T8254] team0: Port device team_slave_0 added [ 391.387861][ T8254] team0: Port device team_slave_1 added [ 396.237621][ T8266] team0: Port device team_slave_0 added [ 396.337396][ T8266] team0: Port device team_slave_1 added [ 396.340575][ T8254] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 396.340590][ T8254] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 396.340615][ T8254] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 396.484089][ T8254] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 396.484105][ T8254] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 396.484131][ T8254] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 396.739457][ T8266] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 396.739474][ T8266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 396.739501][ T8266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 396.932188][ T8266] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 396.932205][ T8266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 396.932231][ T8266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 397.413105][ T8254] hsr_slave_0: entered promiscuous mode [ 397.427716][ T8254] hsr_slave_1: entered promiscuous mode [ 397.431167][ T8254] debugfs: 'hsr0' already exists in 'hsr' [ 397.431193][ T8254] Cannot create hsr debugfs directory [ 397.872321][ T8266] hsr_slave_0: entered promiscuous mode [ 397.874437][ T8266] hsr_slave_1: entered promiscuous mode [ 397.891015][ T8266] debugfs: 'hsr0' already exists in 'hsr' [ 397.891045][ T8266] Cannot create hsr debugfs directory [ 398.323737][ T8280] bridge0: port 1(bridge_slave_0) entered blocking state [ 398.332734][ T8280] bridge0: port 1(bridge_slave_0) entered disabled state [ 398.333124][ T8280] bridge_slave_0: entered allmulticast mode [ 398.352564][ T8280] bridge_slave_0: entered promiscuous mode [ 398.422324][ T8280] bridge0: port 2(bridge_slave_1) entered blocking state [ 398.422644][ T8280] bridge0: port 2(bridge_slave_1) entered disabled state [ 398.422958][ T8280] bridge_slave_1: entered allmulticast mode [ 398.452138][ T8280] bridge_slave_1: entered promiscuous mode [ 408.752031][ T8292] bridge0: port 1(bridge_slave_0) entered blocking state [ 408.752709][ T8292] bridge0: port 1(bridge_slave_0) entered disabled state [ 408.753061][ T8292] bridge_slave_0: entered allmulticast mode [ 408.788099][ T8292] bridge_slave_0: entered promiscuous mode [ 408.843039][ T8280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 408.930021][ T8292] bridge0: port 2(bridge_slave_1) entered blocking state [ 408.930330][ T8292] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.930683][ T8292] bridge_slave_1: entered allmulticast mode [ 408.934370][ T8292] bridge_slave_1: entered promiscuous mode [ 408.997686][ T8280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.430397][ T8292] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.461644][ T8280] team0: Port device team_slave_0 added [ 409.569161][ T8292] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 409.628705][ T8280] team0: Port device team_slave_1 added [ 409.652814][ T8310] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.663952][ T8310] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.664351][ T8310] bridge_slave_0: entered allmulticast mode [ 409.682620][ T8310] bridge_slave_0: entered promiscuous mode [ 414.420611][ T8310] bridge0: port 2(bridge_slave_1) entered blocking state [ 414.420901][ T8310] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.421208][ T8310] bridge_slave_1: entered allmulticast mode [ 414.447836][ T8310] bridge_slave_1: entered promiscuous mode [ 414.610980][ T8292] team0: Port device team_slave_0 added [ 414.659234][ T8280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 414.659251][ T8280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 414.659277][ T8280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.724282][ T8292] team0: Port device team_slave_1 added [ 414.785959][ T8310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 414.803856][ T8280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.803873][ T8280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 414.803898][ T8280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.903224][ T8310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 415.024634][ T8292] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 415.024651][ T8292] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 415.024678][ T8292] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 415.231678][ T8292] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 415.231696][ T8292] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 415.231722][ T8292] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 415.468257][ T8310] team0: Port device team_slave_0 added [ 415.629833][ T8310] team0: Port device team_slave_1 added [ 415.851396][ T5616] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 415.920464][ T5616] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 415.942702][ T5616] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 415.979329][ T5616] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 415.980724][ T5616] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 416.694369][ T8280] hsr_slave_0: entered promiscuous mode [ 416.703693][ T8280] hsr_slave_1: entered promiscuous mode [ 416.712532][ T8280] debugfs: 'hsr0' already exists in 'hsr' [ 416.712559][ T8280] Cannot create hsr debugfs directory [ 416.937245][ T8310] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 416.937262][ T8310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 416.937289][ T8310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 417.172953][ T8292] hsr_slave_0: entered promiscuous mode [ 417.183063][ T8292] hsr_slave_1: entered promiscuous mode [ 417.192255][ T8292] debugfs: 'hsr0' already exists in 'hsr' [ 417.192285][ T8292] Cannot create hsr debugfs directory [ 417.194628][ T8310] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 417.194645][ T8310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 417.194671][ T8310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 417.807821][ T8310] hsr_slave_0: entered promiscuous mode [ 417.813610][ T8310] hsr_slave_1: entered promiscuous mode [ 417.838058][ T8310] debugfs: 'hsr0' already exists in 'hsr' [ 417.838087][ T8310] Cannot create hsr debugfs directory [ 418.206072][ T5616] Bluetooth: hci3: command tx timeout [ 420.290770][ T5616] Bluetooth: hci3: command tx timeout [ 421.313744][ T5614] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 421.393055][ T5614] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 421.678908][ T5614] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 421.693834][ T5614] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 421.694652][ T5614] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 422.364977][ T5614] Bluetooth: hci3: command tx timeout [ 423.863014][ T5616] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 423.885629][ T5610] Bluetooth: hci4: command tx timeout [ 424.064274][ T5616] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 424.076332][ T5616] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 424.077705][ T5616] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 424.090201][ T5616] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 424.455323][ T5616] Bluetooth: hci3: command tx timeout [ 424.863927][ T60] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 424.932934][ T60] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 424.949918][ T60] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 425.018980][ T60] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 425.048759][ T60] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 425.373071][ T8358] bridge0: port 1(bridge_slave_0) entered blocking state [ 425.373871][ T8358] bridge0: port 1(bridge_slave_0) entered disabled state [ 425.374283][ T8358] bridge_slave_0: entered allmulticast mode [ 425.399623][ T8358] bridge_slave_0: entered promiscuous mode [ 425.426600][ T8358] bridge0: port 2(bridge_slave_1) entered blocking state [ 425.426979][ T8358] bridge0: port 2(bridge_slave_1) entered disabled state [ 425.427395][ T8358] bridge_slave_1: entered allmulticast mode [ 425.431306][ T8358] bridge_slave_1: entered promiscuous mode [ 425.602969][ T8358] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 425.698783][ T8358] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 425.966800][ T60] Bluetooth: hci4: command tx timeout [ 426.032149][ T8358] team0: Port device team_slave_0 added [ 426.102401][ T8358] team0: Port device team_slave_1 added [ 426.401802][ T60] Bluetooth: hci12: command tx timeout [ 426.788802][ T60] Bluetooth: hci7: command 0x0406 tx timeout [ 426.788984][ T60] Bluetooth: hci1: command 0x0406 tx timeout [ 427.325467][ T5616] Bluetooth: hci13: command tx timeout [ 428.045467][ T60] Bluetooth: hci4: command tx timeout [ 428.208771][ T60] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 428.267318][ T60] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 428.271585][ T60] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 428.311572][ T60] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 428.354156][ T60] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 428.599788][ T60] Bluetooth: hci12: command tx timeout [ 429.406330][ T60] Bluetooth: hci13: command tx timeout [ 430.130612][ T5614] Bluetooth: hci4: command tx timeout [ 430.607432][ T5616] Bluetooth: hci12: command tx timeout [ 431.011678][ T8358] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 431.011695][ T8358] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 431.011722][ T8358] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 431.127963][ T8358] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 431.127979][ T8358] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 431.128004][ T8358] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 431.496472][ T5610] Bluetooth: hci13: command tx timeout [ 431.898819][ T8358] hsr_slave_0: entered promiscuous mode [ 431.901153][ T8358] hsr_slave_1: entered promiscuous mode [ 431.902873][ T8358] debugfs: 'hsr0' already exists in 'hsr' [ 431.902900][ T8358] Cannot create hsr debugfs directory [ 431.965507][ T5610] Bluetooth: hci8: command 0x0406 tx timeout [ 432.128777][ T5610] Bluetooth: hci14: command tx timeout [ 432.685758][ T5610] Bluetooth: hci12: command tx timeout [ 433.565512][ T5610] Bluetooth: hci13: command tx timeout [ 434.205457][ T5610] Bluetooth: hci14: command tx timeout [ 436.295409][ T5606] Bluetooth: hci14: command tx timeout [ 436.473936][ T8372] bridge0: port 1(bridge_slave_0) entered blocking state [ 436.474422][ T8372] bridge0: port 1(bridge_slave_0) entered disabled state [ 436.496280][ T8372] bridge_slave_0: entered allmulticast mode [ 436.499838][ T8372] bridge_slave_0: entered promiscuous mode [ 436.578831][ T8372] bridge0: port 2(bridge_slave_1) entered blocking state [ 436.579172][ T8372] bridge0: port 2(bridge_slave_1) entered disabled state [ 436.579580][ T8372] bridge_slave_1: entered allmulticast mode [ 436.620173][ T8372] bridge_slave_1: entered promiscuous mode [ 436.970744][ T8372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 437.094652][ T8372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 437.332556][ T8372] team0: Port device team_slave_0 added [ 437.398983][ T8372] team0: Port device team_slave_1 added [ 438.365587][ T5606] Bluetooth: hci14: command tx timeout [ 441.359362][ T8372] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 441.359379][ T8372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 441.359404][ T8372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 441.480241][ T8372] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 441.480259][ T8372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 441.480286][ T8372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 441.903170][ T8372] hsr_slave_0: entered promiscuous mode [ 441.924120][ T8372] hsr_slave_1: entered promiscuous mode [ 441.937271][ T8372] debugfs: 'hsr0' already exists in 'hsr' [ 441.937299][ T8372] Cannot create hsr debugfs directory [ 445.550018][ T8396] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.550371][ T8396] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.551025][ T8396] bridge_slave_0: entered allmulticast mode [ 445.598740][ T8396] bridge_slave_0: entered promiscuous mode [ 445.659247][ T8396] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.659615][ T8396] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.660069][ T8396] bridge_slave_1: entered allmulticast mode [ 445.663730][ T8396] bridge_slave_1: entered promiscuous mode [ 445.966795][ T1333] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.966899][ T1333] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.124073][ T8396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 446.138581][ T8389] bridge0: port 1(bridge_slave_0) entered blocking state [ 446.149771][ T8389] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.150190][ T8389] bridge_slave_0: entered allmulticast mode [ 446.180556][ T8389] bridge_slave_0: entered promiscuous mode [ 446.260020][ T8396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 446.260674][ T8389] bridge0: port 2(bridge_slave_1) entered blocking state [ 446.261026][ T8389] bridge0: port 2(bridge_slave_1) entered disabled state [ 446.261355][ T8389] bridge_slave_1: entered allmulticast mode [ 446.301617][ T8389] bridge_slave_1: entered promiscuous mode [ 448.359052][ T8396] team0: Port device team_slave_0 added [ 448.419922][ T8389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.420325][ T8408] bridge0: port 1(bridge_slave_0) entered blocking state [ 448.421803][ T8408] bridge0: port 1(bridge_slave_0) entered disabled state [ 448.422220][ T8408] bridge_slave_0: entered allmulticast mode [ 448.460550][ T8408] bridge_slave_0: entered promiscuous mode [ 448.499483][ T8396] team0: Port device team_slave_1 added [ 448.517096][ T8389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 448.517735][ T8408] bridge0: port 2(bridge_slave_1) entered blocking state [ 448.540695][ T8408] bridge0: port 2(bridge_slave_1) entered disabled state [ 448.541192][ T8408] bridge_slave_1: entered allmulticast mode [ 448.560983][ T8408] bridge_slave_1: entered promiscuous mode [ 448.759458][ T8396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 448.759475][ T8396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.759501][ T8396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 448.798584][ T8389] team0: Port device team_slave_0 added [ 448.901770][ T8408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 448.916330][ T8396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 448.916345][ T8396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 448.916371][ T8396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 448.922152][ T8389] team0: Port device team_slave_1 added [ 449.000393][ T8408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 449.253127][ T8389] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 449.253143][ T8389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 449.253168][ T8389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 449.321888][ T8408] team0: Port device team_slave_0 added [ 449.332490][ T8389] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 449.332507][ T8389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 449.332532][ T8389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 449.426984][ T8408] team0: Port device team_slave_1 added [ 457.480476][ T8396] hsr_slave_0: entered promiscuous mode [ 457.494120][ T8396] hsr_slave_1: entered promiscuous mode [ 457.513046][ T8396] debugfs: 'hsr0' already exists in 'hsr' [ 457.513075][ T8396] Cannot create hsr debugfs directory [ 457.590583][ T8408] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 457.590600][ T8408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 457.590625][ T8408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 457.670740][ T8408] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 457.670758][ T8408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 457.670785][ T8408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 457.829456][ T8389] hsr_slave_0: entered promiscuous mode [ 457.831925][ T8389] hsr_slave_1: entered promiscuous mode [ 457.833721][ T8389] debugfs: 'hsr0' already exists in 'hsr' [ 457.833746][ T8389] Cannot create hsr debugfs directory [ 458.197727][ T8408] hsr_slave_0: entered promiscuous mode [ 458.200207][ T8408] hsr_slave_1: entered promiscuous mode [ 458.202127][ T8408] debugfs: 'hsr0' already exists in 'hsr' [ 458.202152][ T8408] Cannot create hsr debugfs directory [ 460.530114][ T39] INFO: task syz.0.757:7623 blocked for more than 143 seconds. [ 460.530154][ T39] Not tainted syzkaller #0 [ 460.530163][ T39] Blocked by coredump. [ 460.530169][ T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 460.530182][ T39] task:syz.0.757 state:D stack:21120 pid:7623 tgid:7622 ppid:5600 task_flags:0x40054c flags:0x00080001 [ 460.530237][ T39] Call Trace: [ 460.530244][ T39] [ 460.530258][ T39] __schedule+0x169e/0x54f0 [ 460.530319][ T39] ? __pfx___schedule+0x10/0x10 [ 460.530359][ T39] rt_mutex_schedule+0x76/0xf0 [ 460.530381][ T39] rt_mutex_slowlock_block+0x508/0x680 [ 460.530421][ T39] rt_mutex_slowlock+0x2dc/0x780 [ 460.530444][ T39] ? rt_mutex_slowlock+0x1fd/0x780 [ 460.530466][ T39] ? __pfx_rt_mutex_slowlock+0x10/0x10 [ 460.530498][ T39] ? rcu_barrier+0x4c/0x580 [ 460.530523][ T39] ? rcu_barrier+0x4c/0x580 [ 460.530550][ T39] ? rcu_barrier+0x4c/0x580 [ 460.530568][ T39] mutex_lock_nested+0x168/0x1d0 [ 460.530586][ T39] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 460.530607][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 460.530631][ T39] rcu_barrier+0x4c/0x580 [ 460.530654][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 460.530675][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 460.530694][ T39] netdev_run_todo+0x333/0x1130 [ 460.530723][ T39] ? rtnl_is_locked+0x9/0x20 [ 460.530745][ T39] ? netif_state_change+0x241/0x3a0 [ 460.530766][ T39] ? __pfx_netdev_run_todo+0x10/0x10 [ 460.530791][ T39] ? kasan_quarantine_put+0xbb/0x1f0 [ 460.530813][ T39] ? lockdep_hardirqs_on+0x7a/0x110 [ 460.530845][ T39] ? netdev_state_change+0x1ca/0x220 [ 460.530869][ T39] ? __pfx_tun_chr_close+0x10/0x10 [ 460.530892][ T39] tun_chr_close+0x13f/0x1c0 [ 460.530920][ T39] __fput+0x461/0xa70 [ 460.530949][ T39] task_work_run+0x1d9/0x270 [ 460.530973][ T39] ? __pfx_task_work_run+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 460.530990][ T39] ? do_exit+0x70a/0x22c0 [ 460.531012][ T39] ? kmem_cache_free+0x187/0x6c0 [ 460.531033][ T39] ? put_net+0x191/0x260 [ 460.531052][ T39] ? do_exit+0x70a/0x22c0 [ 460.531085][ T39] do_exit+0x70f/0x22c0 [ 460.531112][ T39] ? _raw_spin_unlock_irqrestore+0x30/0x80 [ 460.531142][ T39] ? __pfx_do_exit+0x10/0x10 [ 460.531173][ T39] ? rt_mutex_slowunlock+0x4a7/0x8b0 [ 460.531194][ T39] ? reacquire_held_locks+0x104/0x190 [ 460.531213][ T39] ? rt_spin_lock+0x1e0/0x400 [ 460.531244][ T39] do_group_exit+0x21b/0x2d0 [ 460.531270][ T39] ? rt_spin_unlock+0x160/0x200 [ 460.531293][ T39] get_signal+0x1284/0x1330 [ 460.531335][ T39] arch_do_signal_or_restart+0xbc/0x830 [ 460.531378][ T39] ? __x64_sys_sendmsg+0x275/0x2a0 [ 460.531403][ T39] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 460.531438][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.531491][ T39] exit_to_user_mode_loop+0x86/0x480 [ 460.531515][ T39] ? rcu_is_watching+0x15/0xb0 [ 460.531534][ T39] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.531552][ T39] do_syscall_64+0x33e/0xf80 [ 460.531576][ T39] ? trace_irq_disable+0x3b/0x140 [ 460.531600][ T39] ? clear_bhb_loop+0x40/0x90 [ 460.531623][ T39] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.531642][ T39] RIP: 0033:0x7fc1e35bcdd9 [ 460.531667][ T39] RSP: 002b:00007fc1e1816028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 460.531687][ T39] RAX: 000000000000004c RBX: 00007fc1e3835fa0 RCX: 00007fc1e35bcdd9 [ 460.531700][ T39] RDX: 00000000000000d0 RSI: 0000200000000000 RDI: 0000000000000003 [ 460.531712][ T39] RBP: 00007fc1e3652d69 R08: 0000000000000000 R09: 0000000000000000 [ 460.531724][ T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.531735][ T39] R13: 00007fc1e3836038 R14: 00007fc1e3835fa0 R15: 00007ffe050b48f8 [ 460.531766][ T39] [ 460.531838][ T39] [ 460.531838][ T39] Showing all locks held in the system: [ 460.531849][ T39] 3 locks held by rcuc/1/29: [ 460.531860][ T39] #0: ffffffff8dfc81c0 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420 [ 460.531908][ T39] #1: ffffffff8dfc81c0 (rcu_read_lock){....}-{1:3}, at: _task_rq_lock+0x5b/0x470 [ 460.531949][ T39] #2: ffff8880b873b9a0 (&rq->__lock){-...}-{2:2}, at: rcu_cpu_kthread+0x205/0x1470 [ 460.531998][ T39] 1 lock held by khungtaskd/39: [ 460.532008][ T39] #0: ffffffff8dfc81c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 460.532064][ T39] 3 locks held by kworker/u8:5/141: [ 460.532074][ T39] #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710 [ 460.532120][ T39] #1: ffffc9000380fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710 [ 460.532120][ T39] #1: ffffc9000380fc40 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710 [ 460.532171][ T39] #2: ffffffff8f36edb8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60 [ 460.532221][ T39] 6 locks held by kworker/u8:8/1032: [ 460.532231][ T39] #0: ffff88801b686138 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x890/0x1710 [ 460.532273][ T39] #1: ffffc90005ea7c40 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710 [ 460.532315][ T39] #2: ffffffff8f35f8e0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800 [ 460.532359][ T39] #3: ffff888061596160 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x129/0x420 [ 460.532404][ T39] #4: ffff888039ffe310 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x142/0x420 [ 460.532451][ T39] #5: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532515][ T39] 2 locks held by getty/5359: [ 460.532525][ T39] #0: ffff88803493b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 460.532568][ T39] #1: ffffc90003cb62e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0 [ 460.532625][ T39] 1 lock held by syz.0.757/7623: [ 460.532635][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532680][ T39] 1 lock held by syz-executor/7763: [ 460.532690][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532734][ T39] 1 lock held by syz-executor/7772: [ 460.532744][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532789][ T39] 1 lock held by syz.4.918/8028: [ 460.532799][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532843][ T39] 2 locks held by kworker/u8:16/8090: [ 460.532853][ T39] #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710 [ 460.532898][ T39] #1: ffffc90006a57c40 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710 [ 460.532942][ T39] 1 lock held by syz.3.946/8106: [ 460.532951][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.532992][ T39] 1 lock held by syz-executor/8117: [ 460.533001][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.533042][ T39] 7 locks held by syz-executor/8134: [ 460.533052][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.533107][ T39] #1: ffff888062775878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.533163][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.533215][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.533256][ T39] #4: ffff888062904160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x870 [ 460.533302][ T39] #5: ffff8880318f6310 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160 [ 460.533349][ T39] #6: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.533393][ T39] 4 locks held by syz-executor/8136: [ 460.533403][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.533453][ T39] #1: ffff8880729f4078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.533500][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.533552][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.533594][ T39] 4 locks held by syz-executor/8163: [ 460.533604][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.533649][ T39] #1: ffff88802039e078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.533695][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.533746][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.533793][ T39] 1 lock held by syz.2.971/8251: [ 460.533802][ T39] #0: ffffffff8dfce3b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580 [ 460.533846][ T39] 4 locks held by syz-executor/8254: [ 460.533856][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.533900][ T39] #1: ffff88803c0a8078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.533944][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.533993][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.534035][ T39] 4 locks held by syz-executor/8266: [ 460.534046][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.534094][ T39] #1: ffff88803786ac78 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.534140][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.534199][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.534242][ T39] 4 locks held by syz-executor/8280: [ 460.534252][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.534299][ T39] #1: ffff88808de6a478 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.534343][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.534390][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.534434][ T39] 4 locks held by syz-executor/8292: [ 460.534443][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.534491][ T39] #1: ffff88805ee4a878 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.534538][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.534588][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.534628][ T39] 4 locks held by syz-executor/8310: [ 460.534638][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.605699][ T39] #1: ffff88808e8df078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.605765][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.605817][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.605866][ T39] 4 locks held by syz-executor/8358: [ 460.605877][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.605923][ T39] #1: ffff88806ca1c078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.605967][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.606017][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.606060][ T39] 4 locks held by syz-executor/8372: [ 460.606071][ T39] #0: ffff888036334480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x22d/0xba0 [ 460.606118][ T39] #1: ffff8880796b2078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540 [ 460.606172][ T39] #2: ffff888029485698 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540 [ 460.606221][ T39] #3: ffffffff8ebe6278 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd7/0x370 [ 460.606262][ T39] 2 locks held by syz-executor/8389: [ 460.606271][ T39] #0: ffffffff8eaad8c8 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 460.606321][ T39] #1: ffffffff8f36edb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 460.606366][ T39] 2 locks held by syz-executor/8396: [ 460.606376][ T39] #0: ffffffff8f8a9668 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 460.606426][ T39] #1: ffffffff8f36edb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 460.606470][ T39] 2 locks held by syz-executor/8408: [ 460.606480][ T39] #0: ffffffff8f8c5758 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250 [ 460.606529][ T39] #1: ffffffff8f36edb8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0 [ 460.606579][ T39] [ 460.606584][ T39] ============================================= [ 460.606584][ T39] [ 460.606606][ T39] NMI backtrace for cpu 0 [ 460.606626][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 460.606649][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 460.606660][ T39] Call Trace: [ 460.606667][ T39] [ 460.606676][ T39] dump_stack_lvl+0xe8/0x150 [ 460.606700][ T39] nmi_cpu_backtrace+0x274/0x2d0 [ 460.606721][ T39] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 460.606746][ T39] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 460.606768][ T39] sys_info+0x135/0x170 [ 460.606785][ T39] watchdog+0xfd3/0x1030 [ 460.606815][ T39] ? watchdog+0x1c9/0x1030 [ 460.606842][ T39] kthread+0x388/0x470 [ 460.606873][ T39] ? __pfx_watchdog+0x10/0x10 [ 460.606892][ T39] ? __pfx_kthread+0x10/0x10 [ 460.606917][ T39] ret_from_fork+0x514/0xb70 [ 460.606945][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 460.606966][ T39] ? __switch_to+0xc79/0x1410 [ 460.606986][ T39] ? __pfx_kthread+0x10/0x10 [ 460.607010][ T39] ret_from_fork_asm+0x1a/0x30 [ 460.607048][ T39] [ 460.607077][ T39] Sending NMI from CPU 0 to CPUs 1: [ 460.607111][ C1] NMI backtrace for cpu 1 [ 460.607125][ C1] CPU: 1 UID: 0 PID: 29 Comm: rcuc/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 460.607142][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 460.607151][ C1] RIP: 0010:__unwind_start+0xb/0x760 [ 460.607176][ C1] Code: 00 00 00 00 00 fc ff df e9 30 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 41 57 41 56 41 55 <41> 54 53 48 83 ec 28 48 89 4c 24 10 49 89 d4 49 89 f5 48 89 fb 49 [ 460.607189][ C1] RSP: 0018:ffffc90000a3efe0 EFLAGS: 00000246 [ 460.607202][ C1] RAX: ffff88801de83d80 RBX: ffffc90000a3f0c0 RCX: ffffc90000a3f090 [ 460.607214][ C1] RDX: 0000000000000000 RSI: ffff88801de83d80 RDI: ffffc90000a3f008 [ 460.607226][ C1] RBP: ffffc90000a3f090 R08: dffffc0000000000 R09: 0000000000000000 [ 460.607236][ C1] R10: ffffc90000a3f140 R11: fffffbfff1f14edf R12: ffff88801de83d80 [ 460.607248][ C1] R13: 0000000000000000 R14: ffffffff81afb250 R15: 0000000000000000 [ 460.607257][ C1] FS: 0000000000000000(0000) GS:ffff88812602d000(0000) knlGS:0000000000000000 [ 460.607270][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 460.607281][ C1] CR2: 00007fd52b772440 CR3: 000000000ddb6000 CR4: 00000000003526f0 [ 460.607294][ C1] Call Trace: [ 460.607300][ C1] [ 460.607306][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 460.607327][ C1] arch_stack_walk+0xe3/0x150 [ 460.607354][ C1] stack_trace_save+0xa9/0x100 [ 460.607371][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 460.607390][ C1] ? __lock_acquire+0x6b5/0x2d10 [ 460.607413][ C1] kasan_save_track+0x3e/0x80 [ 460.607455][ C1] kasan_save_free_info+0x46/0x50 [ 460.607476][ C1] __kasan_slab_free+0x5c/0x80 [ 460.607493][ C1] kfree+0x1c5/0x6c0 [ 460.607508][ C1] ? nf_conntrack_free+0x2e8/0x380 [ 460.607526][ C1] nf_conntrack_free+0x2e8/0x380 [ 460.607541][ C1] nf_conntrack_in+0x9b4/0x15c0 [ 460.607567][ C1] ? __pfx_nf_conntrack_in+0x10/0x10 [ 460.607584][ C1] ? __netif_receive_skb_core+0x2ab5/0x3170 [ 460.607605][ C1] ? NF_HOOK+0x9e/0x3c0 [ 460.607622][ C1] ? NF_HOOK+0x9e/0x3c0 [ 460.607636][ C1] ? ipv4_conntrack_defrag+0x2aa/0x5c0 [ 460.607655][ C1] ? ip_sabotage_in+0x57/0x270 [ 460.607669][ C1] ? __pfx_ipv4_conntrack_in+0x10/0x10 [ 460.607692][ C1] nf_hook_slow+0xc5/0x220 [ 460.607714][ C1] NF_HOOK+0x21f/0x3c0 [ 460.607728][ C1] ? _raw_spin_unlock_irqrestore+0x4c/0x80 [ 460.607749][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 460.607765][ C1] ? NF_HOOK+0x9e/0x3c0 [ 460.607779][ C1] ? __pfx_NF_HOOK+0x10/0x10 [ 460.607796][ C1] ? __pfx_ip_rcv_finish+0x10/0x10 [ 460.607814][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 460.607829][ C1] ? process_backlog+0x271/0xc60 [ 460.607845][ C1] ? __pfx_ip_rcv+0x10/0x10 [ 460.607860][ C1] process_backlog+0x569/0xc60 [ 460.607877][ C1] ? ret_from_fork_asm+0x1a/0x30 [ 460.607908][ C1] __napi_poll+0xab/0x550 [ 460.607924][ C1] net_rx_action+0x696/0xe00 [ 460.607940][ C1] ? kasan_save_track+0x4f/0x80 [ 460.607963][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 460.607977][ C1] ? kvm_sched_clock_read+0x11/0x20 [ 460.608001][ C1] ? __pfx_sched_clock_cpu+0x10/0x10 [ 460.608024][ C1] handle_softirqs+0x1de/0x6d0 [ 460.608047][ C1] __local_bh_enable_ip+0x170/0x2b0 [ 460.608064][ C1] ? rcu_cpu_kthread+0x205/0x1470 [ 460.608085][ C1] rcu_cpu_kthread+0x9e8/0x1470 [ 460.608109][ C1] ? rcu_cpu_kthread+0x205/0x1470 [ 460.608135][ C1] ? __pfx_rcu_cpu_kthread+0x10/0x10 [ 460.608157][ C1] ? schedule+0x90/0x360 [ 460.608178][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 460.608197][ C1] smpboot_thread_fn+0x541/0xa50 [ 460.608216][ C1] ? smpboot_thread_fn+0x4d/0xa50 [ 460.608238][ C1] kthread+0x388/0x470 [ 460.608259][ C1] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 460.608276][ C1] ? __pfx_kthread+0x10/0x10 [ 460.608296][ C1] ret_from_fork+0x514/0xb70 [ 460.608315][ C1] ? __pfx_ret_from_fork+0x10/0x10 [ 460.608332][ C1] ? __switch_to+0xc79/0x1410 [ 460.608348][ C1] ? __pfx_kthread+0x10/0x10 [ 460.608368][ C1] ret_from_fork_asm+0x1a/0x30 [ 460.608394][ C1] [ 461.034312][ T39] Kernel panic - not syncing: hung_task: blocked tasks [ 461.034339][ T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} [ 461.034362][ T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 461.034373][ T39] Call Trace: [ 461.034381][ T39] [ 461.034391][ T39] vpanic+0x56c/0xa60 [ 461.034420][ T39] ? __pfx___schedule+0x10/0x10 [ 461.034444][ T39] ? __pfx_vpanic+0x10/0x10 [ 461.034476][ T39] panic+0xc5/0xd0 [ 461.034498][ T39] ? __pfx_panic+0x10/0x10 [ 461.034523][ T39] ? preempt_schedule_thunk+0x16/0x30 [ 461.034547][ T39] ? nmi_trigger_cpumask_backtrace+0x2bb/0x300 [ 461.034570][ T39] watchdog+0x102c/0x1030 [ 461.034599][ T39] ? watchdog+0x1c9/0x1030 [ 461.034628][ T39] kthread+0x388/0x470 [ 461.034653][ T39] ? __pfx_watchdog+0x10/0x10 [ 461.034678][ T39] ? __pfx_kthread+0x10/0x10 [ 461.034699][ T39] ret_from_fork+0x514/0xb70 [ 461.034720][ T39] ? __pfx_ret_from_fork+0x10/0x10 [ 461.034741][ T39] ? __switch_to+0xc79/0x1410 [ 461.034761][ T39] ? __pfx_kthread+0x10/0x10 [ 461.034786][ T39] ret_from_fork_asm+0x1a/0x30 [ 461.034822][ T39] [ 461.035188][ T39] Kernel Offset: disabled