last executing test programs: 8.900554318s ago: executing program 2: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = syz_io_uring_setup(0x27f3, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1868, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54}) io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000140)={0xff02}) 8.094939048s ago: executing program 2: syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x800000, &(0x7f0000000000)={[{@lastblock={'lastblock', 0x3d, 0xe2}}, {@gid}, {@gid_forget}, {@adinicb}, {@unhide}, {@noadinicb}, {@fileset={'fileset', 0x3d, 0x2}}, {@shortad}, {@undelete}, {@noadinicb}]}, 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) sendfile(r1, r0, 0x0, 0x0) 6.643170605s ago: executing program 0: socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 6.580020454s ago: executing program 3: socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = socket$inet6(0xa, 0x6, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x6, &(0x7f0000000080), 0x8) 6.289536628s ago: executing program 2: syz_io_uring_setup(0x0, &(0x7f0000001680)={0x0, 0xbab0, 0x0, 0x2, 0xf0}, &(0x7f0000000000), &(0x7f0000000080)) r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x55af) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) ioctl$SG_SET_RESERVED_SIZE(r0, 0x2201, &(0x7f0000000040)=0x2) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x400001, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000018c0)=@newtaction={0x198, 0x30, 0x20, 0x0, 0x0, {}, [{0x184, 0x1, [@m_police={0x120, 0x1f, 0x0, 0x0, {{0xb}, {0x68, 0x2, 0x0, 0x1, [[@TCA_POLICE_AVRATE={0x8, 0x4, 0xffffffff}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x200}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x1, 0x0, 0x5, 0x1, {0xb4, 0x2, 0x5, 0x84c, 0x4, 0xd0}, {0x7b, 0x1, 0x800, 0x9, 0x9}, 0x46, 0x9c7b5d6, 0x800}}], [@TCA_POLICE_PEAKRATE64={0xc}, @TCA_POLICE_AVRATE={0x8}]]}, {0x90, 0x6, "efe743ba0b718fed76f0e367ae56f86fdcad1c4b8e14280ff3a226fa351fda38e652322b858bac83915a8aebfc48cb5596f8356c436f8c80b6b1469cff2e90a0d4ec108947beb63108c64354b7eb09d17aebf89ede2441d46292c0a3bdcf2cbc7a25a2ad8bd2d6f960fb7a6a03e636d74bc9847f631f65b4485d28b685c782c286565f73bea3ff3bbbe96008"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_xt={0x60, 0x8, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_IPT_INDEX={0x8}]}, {0x30, 0x6, "7993610f7f6e6334e2c72d562b43112f16c676614c356c05a1756dd0f78ff704c975bda727ec1426d6529cd8"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x198}}, 0x14000015) ioctl$TUNSETPERSIST(r2, 0x400454c9, 0x1) gettid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000540)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x90) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_raw(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r4}, 0x10) 5.390649457s ago: executing program 3: iopl(0x3) clock_settime(0x26b63767e4fa4493, &(0x7f0000000380)) 5.008561576s ago: executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100c05e0000000000003b00000008000300", @ANYRES32, @ANYBLOB="1e003300a0ffffff080211000001080211"], 0x54}}, 0x0) 4.861658045s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b0001010000000904000012020a0000052406000005240000000d240f0100000000000000000009058202"], 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000240)={0x14, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0) 4.849835862s ago: executing program 1: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000040)={'veth1_to_hsr\x00', 0x3}) 4.549922588s ago: executing program 3: syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2}, @address_request={0x11, 0x2}}}}}, 0x0) socket$nl_generic(0x11, 0x3, 0x10) sendmsg(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 4.320084394s ago: executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700) 4.178476451s ago: executing program 0: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/kexec_crash_size', 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x101bff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x4020940d, 0x0) 4.027363748s ago: executing program 1: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = creat(&(0x7f0000000300)='./bus\x00', 0x0) write$binfmt_elf32(r1, &(0x7f00000008c0)=ANY=[], 0x4b0) renameat2(r1, &(0x7f0000000140)='./bus\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x6) ioctl$TCXONC(r0, 0x540a, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) dup(r2) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 3.708741304s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000040)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) setxattr$trusted_overlay_upper(&(0x7f0000000300)='./file0\x00', &(0x7f0000000240), &(0x7f0000000880)=ANY=[], 0xff27, 0x0) chdir(&(0x7f0000000140)='./file0\x00') openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0) 3.349107075s ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000600)='./bus\x00', 0x1c14744, &(0x7f00000002c0), 0xfe, 0x490, &(0x7f0000000640)="$eJzs3M9vFFUcAPDvTLf8VFoRf4AkVtHY+KOlBZSDHjSaeNBEowc81rYQZKGG1kQI0WIMHg2Jd+PRxL/Akyejnky8eNC7ISFKTAAvrpndmba77lT6cxf380kW3tt5M+99++btvr632wB61lD2TxJxR0T8EhEDjWxzgaHGfzeuXZi8ee3CZBK12hu/J/Vy169dmCyKFuftzDPDaUT6cZJX0mz23PlTE9Xq9Nk8Pzp3+t3R2XPnnzp5euLE9InpM+NHjx4+NPbM0+NHms47sso4s/iu7/tgZv/el9+6/Orksctvf/9V1t40P740jvUylAX+R62u9dij611Zh/1dW4wzqXS6NdyqvojIuqu/Pv4Hoi8WO28gXvqoo40DNlT2mr21/PB8DfgfS6LTLQA6o3ijz37/zR/9mzT16ApXn2/8ApTFfiN/NI5UFtYGNvIHMhQRx+b/+jx7RMs6RK3NugEAwFp9k81/nmya/+XzjzTuXVJuV743NBgRd0XE7oi4OyL2RMQ9EfWy90XE/Susv3Vr6N/7MOmVVQV2i7L537P53lbz/K+Y/cVgX567sx5/f3L8ZHX6YP4zGY7+rVl+rN3Fi0u8+NOnZfUvnf9lj6z+Yi6YX+RKpWWBbmpibmK9JqVXL0bsq7SLP1nYCUgiYm9E7FvZpXcViZOPf7m/rNB/x7+Mddhnqn0R8Vij/+ejJf5Csvz+5Oi2qE4fHG3cFX1t6vjhx0uvldW/pvjXQdb/O5rv/5YSA38mS/drZ1dex6VfPyndW62s8v7fkrxZ39Pdkj/3/sTc3NmxiC3JK/V80/Pji+cW+aJ8Fv/wgfbjf3d+Thb/AxGxP+LnYtg9mPfdQxHxcEQcWCb+71545J2yY93Q/1NtX/8W7v/B5v5feaLv1Ldfl9XfGn+S5xdLZP1/uJ4azp+pv/7ltpdct7w52/ISq72bAQAA4PaT1j8bn6QjC+k0HRlpfIZ/T+xIqzOzc08cn3nvzFTjM/SD0Z8W658DS9ZDx5L5/IqN/Hi+VlwcP5SvG3/Wtz1Jojo9MjlTnepw7NDrdpaM/8xv7RazI+K5TW0hsKF8Xwt6V+v4TzvUDmDzef+H3mX8Q+8y/qF3FeP/9SXPfdhSpmQvALjNef+H3mX8Q+9aGP8XO9sOYPN5/4ee1O5L8sXfOFjDV/7XlKgs8+39Lk0Uq6Pd0p5TSURsbBWRdkekpYnI/4hFt7Rn5YmbtVWeXllmdN9qojOvRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvtnwAAAP//aP7lHQ==") r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x58) 3.169540104s ago: executing program 1: inotify_init1(0x0) socket$tipc(0x1e, 0x0, 0x0) socket$tipc(0x1e, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004084) process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) epoll_create(0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x2, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f000000050001000100000004000200050001"], 0x48}}, 0x0) 3.138871588s ago: executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000540)={0x30, 0x3, 0x8, 0x301, 0x0, 0x0, {}, [@CTA_TIMEOUT_L3PROTO={0x6}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x21}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_UNREPLIED={0x8}]}]}, 0x30}}, 0x0) 2.540719747s ago: executing program 1: r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0) read(r1, &(0x7f0000000800)=""/248, 0xf8) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x1, @time}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0xc0605345, &(0x7f0000000100)) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0xc08c5335, &(0x7f0000000180)) tkill(r0, 0x7) 2.2406499s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000035000100000000000000000003ffffffe5000000100001800c00", @ANYRES64], 0x28}}, 0x0) 1.918174376s ago: executing program 0: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ipvlan1\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000000)={@rand_addr=' \x01\x00', 0x3f, r2}) 1.750495822s ago: executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000300)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa210104, @local, {[@timestamp_addr={0x44, 0x4, 0x8}, @generic={0x7, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) 1.678253296s ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100c05e0000000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="1e003300a0ffffff080211000001080211"], 0x54}}, 0x0) 1.49566116s ago: executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000640)=ANY=[], 0x8) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x6, 0x0, 0x0) 1.209859836s ago: executing program 2: syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2}, @address_request={0x11, 0x2}}}}}, 0x0) socket$nl_generic(0x11, 0x3, 0x10) sendmsg(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm, 0x80, 0x0, 0x0, 0x0, 0x0, 0x11000000}, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) mremap(&(0x7f0000000000/0x9000)=nil, 0xa00000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) 879.983734ms ago: executing program 4: openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/kexec_crash_size', 0x0, 0x0) open(&(0x7f0000000100)='./file0\x00', 0x101bff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0) r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r0, 0x4020940d, 0x0) 477.238783ms ago: executing program 1: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10) r1 = add_key$keyring(&(0x7f0000000240), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff) add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000000)="1080", 0x2, r1) 401.758579ms ago: executing program 3: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x6, 0x7fffffff}) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000003c0)='./bus\x00') mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700) 150.117619ms ago: executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240), 0x24}}, 0x0) getsockname$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@delchain={0x24, 0x66, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x0, 0xffff}}}, 0x24}}, 0x0) 100.988421ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702000014ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000400)='jbd2_handle_stats\x00', r1}, 0x10) unlink(&(0x7f0000000080)='./cgroup\x00') 0s ago: executing program 4: socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00'}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0), &(0x7f00000004c0), 0x6, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.155' (ED25519) to the list of known hosts. 2024/06/04 00:56:18 fuzzer started 2024/06/04 00:56:19 dialing manager at 10.128.0.169:30026 [ 186.345690][ T5040] cgroup: Unknown subsys name 'net' [ 186.598549][ T5040] cgroup: Unknown subsys name 'rlimit' [ 224.207085][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.213943][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 2024/06/04 00:57:14 starting 5 executor processes [ 240.537324][ T5050] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 243.610549][ T5069] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 243.625600][ T5069] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 243.635395][ T5069] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 243.715086][ T5075] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 243.736596][ T5077] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 243.745621][ T5076] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 243.754326][ T5076] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 243.765815][ T5079] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 243.775577][ T5079] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 243.777311][ T5076] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 243.786248][ T5079] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 243.797475][ T5076] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 243.809911][ T5076] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 243.812111][ T5079] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 243.843051][ T5079] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 243.852197][ T5079] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 243.861101][ T5076] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 243.864889][ T5079] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 243.882255][ T5079] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 243.890992][ T5076] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 243.894342][ T5079] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 243.904672][ T5076] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 243.923935][ T5075] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 243.934197][ T5076] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 244.159831][ T5076] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 244.190543][ T5076] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 244.202756][ T5076] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 244.221589][ T5076] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 244.237332][ T5076] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 244.247172][ T5076] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 245.314308][ T5068] chnl_net:caif_netlink_parms(): no params data found [ 245.872296][ T5076] Bluetooth: hci0: command tx timeout [ 246.061694][ T5076] Bluetooth: hci2: command tx timeout [ 246.067558][ T5076] Bluetooth: hci1: command tx timeout [ 246.067805][ T5073] chnl_net:caif_netlink_parms(): no params data found [ 246.075665][ T5076] Bluetooth: hci3: command tx timeout [ 246.141268][ T5071] chnl_net:caif_netlink_parms(): no params data found [ 246.357334][ T51] Bluetooth: hci4: command tx timeout [ 246.428433][ T5074] chnl_net:caif_netlink_parms(): no params data found [ 246.452157][ T5068] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.460030][ T5068] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.468143][ T5068] bridge_slave_0: entered allmulticast mode [ 246.480167][ T5068] bridge_slave_0: entered promiscuous mode [ 246.550663][ T5086] chnl_net:caif_netlink_parms(): no params data found [ 246.571842][ T5068] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.579670][ T5068] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.587838][ T5068] bridge_slave_1: entered allmulticast mode [ 246.597552][ T5068] bridge_slave_1: entered promiscuous mode [ 246.803320][ T5068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.928559][ T5068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 247.206532][ T5068] team0: Port device team_slave_0 added [ 247.263171][ T5068] team0: Port device team_slave_1 added [ 247.542938][ T5068] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 247.550161][ T5068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.576882][ T5068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 247.752120][ T5068] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 247.759314][ T5068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 247.788114][ T5068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.803186][ T5071] bridge0: port 1(bridge_slave_0) entered blocking state [ 247.810977][ T5071] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.819285][ T5071] bridge_slave_0: entered allmulticast mode [ 247.828852][ T5071] bridge_slave_0: entered promiscuous mode [ 247.951927][ T51] Bluetooth: hci0: command tx timeout [ 247.968528][ T5071] bridge0: port 2(bridge_slave_1) entered blocking state [ 247.976530][ T5071] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.984520][ T5071] bridge_slave_1: entered allmulticast mode [ 247.993953][ T5071] bridge_slave_1: entered promiscuous mode [ 248.080151][ T5073] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.089005][ T5073] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.096981][ T5073] bridge_slave_0: entered allmulticast mode [ 248.106160][ T5073] bridge_slave_0: entered promiscuous mode [ 248.112382][ T51] Bluetooth: hci3: command tx timeout [ 248.112482][ T51] Bluetooth: hci1: command tx timeout [ 248.112578][ T51] Bluetooth: hci2: command tx timeout [ 248.129942][ T5074] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.138114][ T5074] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.146070][ T5074] bridge_slave_0: entered allmulticast mode [ 248.155616][ T5074] bridge_slave_0: entered promiscuous mode [ 248.316654][ T5074] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.326142][ T5074] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.333977][ T5074] bridge_slave_1: entered allmulticast mode [ 248.343463][ T5074] bridge_slave_1: entered promiscuous mode [ 248.355685][ T5073] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.363760][ T5073] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.371776][ T5073] bridge_slave_1: entered allmulticast mode [ 248.381235][ T5073] bridge_slave_1: entered promiscuous mode [ 248.390388][ T5086] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.398395][ T5086] bridge0: port 1(bridge_slave_0) entered disabled state [ 248.406230][ T5086] bridge_slave_0: entered allmulticast mode [ 248.415634][ T5086] bridge_slave_0: entered promiscuous mode [ 248.435050][ T51] Bluetooth: hci4: command tx timeout [ 248.445374][ T5071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.455386][ T5086] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.463608][ T5086] bridge0: port 2(bridge_slave_1) entered disabled state [ 248.471575][ T5086] bridge_slave_1: entered allmulticast mode [ 248.480972][ T5086] bridge_slave_1: entered promiscuous mode [ 248.508835][ T5068] hsr_slave_0: entered promiscuous mode [ 248.519951][ T5068] hsr_slave_1: entered promiscuous mode [ 248.637641][ T5071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 248.839606][ T5071] team0: Port device team_slave_0 added [ 248.861601][ T5086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.884912][ T5074] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.903928][ T5086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 248.924190][ T5073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 248.978305][ T5071] team0: Port device team_slave_1 added [ 249.015592][ T5074] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 249.066361][ T5073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 249.373853][ T5086] team0: Port device team_slave_0 added [ 249.407384][ T5086] team0: Port device team_slave_1 added [ 249.422996][ T5073] team0: Port device team_slave_0 added [ 249.435856][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 249.443231][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.469579][ T5071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 249.514201][ T5074] team0: Port device team_slave_0 added [ 249.544182][ T5074] team0: Port device team_slave_1 added [ 249.633952][ T5073] team0: Port device team_slave_1 added [ 249.644129][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 249.651302][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.679656][ T5086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 249.695238][ T5071] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 249.702516][ T5071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.729088][ T5071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 249.841223][ T5086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 249.848680][ T5086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 249.876539][ T5086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 249.997988][ T5073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.005420][ T5073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.033237][ T5073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.046355][ T51] Bluetooth: hci0: command tx timeout [ 250.068398][ T5073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.075912][ T5073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.102424][ T5073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 250.148835][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 250.156224][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.182914][ T5074] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 250.195701][ T51] Bluetooth: hci1: command tx timeout [ 250.201575][ T51] Bluetooth: hci3: command tx timeout [ 250.207573][ T51] Bluetooth: hci2: command tx timeout [ 250.297153][ T5074] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 250.304620][ T5074] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 250.332574][ T5074] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 250.417891][ T5071] hsr_slave_0: entered promiscuous mode [ 250.428519][ T5071] hsr_slave_1: entered promiscuous mode [ 250.437461][ T5071] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 250.445462][ T5071] Cannot create hsr debugfs directory [ 250.521584][ T5075] Bluetooth: hci4: command tx timeout [ 250.549981][ T5086] hsr_slave_0: entered promiscuous mode [ 250.559310][ T5086] hsr_slave_1: entered promiscuous mode [ 250.569361][ T5086] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 250.578975][ T5086] Cannot create hsr debugfs directory [ 250.892667][ T5073] hsr_slave_0: entered promiscuous mode [ 250.902969][ T5073] hsr_slave_1: entered promiscuous mode [ 250.911535][ T5073] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 250.919338][ T5073] Cannot create hsr debugfs directory [ 251.006728][ T5074] hsr_slave_0: entered promiscuous mode [ 251.018061][ T5074] hsr_slave_1: entered promiscuous mode [ 251.027198][ T5074] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 251.035243][ T5074] Cannot create hsr debugfs directory [ 251.386066][ T5068] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 251.421032][ T5068] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 251.545415][ T5068] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 251.586022][ T5068] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 252.111702][ T5075] Bluetooth: hci0: command tx timeout [ 252.272899][ T5075] Bluetooth: hci2: command tx timeout [ 252.278144][ T51] Bluetooth: hci3: command tx timeout [ 252.278459][ T5075] Bluetooth: hci1: command tx timeout [ 252.394145][ T5071] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 252.431757][ T5071] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 252.461888][ T5071] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 252.535345][ T5071] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 252.601926][ T5076] Bluetooth: hci4: command tx timeout [ 252.657009][ T5074] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 252.718041][ T5074] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 252.748505][ T5074] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 252.839765][ T5074] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 252.964595][ T5086] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 253.091015][ T5086] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 253.149140][ T5073] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 253.180272][ T5073] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 253.203665][ T5086] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 253.242165][ T5086] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 253.288545][ T5073] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 253.366462][ T5073] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 253.746174][ T5068] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.072997][ T5068] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.142605][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.150489][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.375834][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.383706][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.427672][ T5074] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.641805][ T5074] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.775707][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.783613][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.818807][ T5071] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.919967][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.927900][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.974751][ T5086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 255.148434][ T5071] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.371278][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.379183][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.410793][ T5086] 8021q: adding VLAN 0 to HW filter on device team0 [ 255.509858][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.517734][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 255.647269][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 255.655301][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 255.768720][ T5073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 255.826129][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 255.834006][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 256.219791][ T5086] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 256.262882][ T5073] 8021q: adding VLAN 0 to HW filter on device team0 [ 256.467737][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.475671][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 256.493968][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.501916][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 257.634028][ T5068] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.088099][ T5074] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.708579][ T5071] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.734952][ T5086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 258.818955][ T5074] veth0_vlan: entered promiscuous mode [ 259.119109][ T5074] veth1_vlan: entered promiscuous mode [ 259.377233][ T5073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 259.428885][ T5071] veth0_vlan: entered promiscuous mode [ 259.472488][ T5086] veth0_vlan: entered promiscuous mode [ 259.616509][ T5074] veth0_macvtap: entered promiscuous mode [ 259.640515][ T5071] veth1_vlan: entered promiscuous mode [ 259.662573][ T5086] veth1_vlan: entered promiscuous mode [ 259.774116][ T5074] veth1_macvtap: entered promiscuous mode [ 260.051787][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.091877][ T5071] veth0_macvtap: entered promiscuous mode [ 260.168064][ T5074] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 260.183709][ T5086] veth0_macvtap: entered promiscuous mode [ 260.228109][ T5071] veth1_macvtap: entered promiscuous mode [ 260.269997][ T5086] veth1_macvtap: entered promiscuous mode [ 260.346737][ T5074] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.359647][ T5074] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.370658][ T5074] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.379933][ T5074] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 260.408698][ T5073] veth0_vlan: entered promiscuous mode [ 260.493442][ T5073] veth1_vlan: entered promiscuous mode [ 260.705082][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.715983][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.732167][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.747713][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.761912][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.772535][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 260.783439][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.799840][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 260.877594][ T5086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 260.889311][ T5086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 260.905140][ T5086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 261.020148][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.031165][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.043854][ T5071] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.054864][ T5071] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.075202][ T5071] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 261.160832][ T5086] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.170102][ T5086] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.179452][ T5086] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.191024][ T5086] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.246274][ T5073] veth0_macvtap: entered promiscuous mode [ 261.277346][ T5068] veth0_vlan: entered promiscuous mode [ 261.316877][ T5073] veth1_macvtap: entered promiscuous mode [ 261.341804][ T5071] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.350871][ T5071] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.360072][ T5071] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.369216][ T5071] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 261.482616][ T5068] veth1_vlan: entered promiscuous mode [ 261.579701][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.592204][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.604564][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.615337][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.625509][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.636422][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.652588][ T5073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 261.928717][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.942448][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.953294][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.964098][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.974278][ T5073] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.985065][ T5073] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.000812][ T5073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.101099][ T5068] veth0_macvtap: entered promiscuous mode [ 262.199795][ T5068] veth1_macvtap: entered promiscuous mode [ 262.330668][ T5073] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.342428][ T5073] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.353660][ T5073] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.362862][ T5073] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.585328][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.596682][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.606958][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.617720][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.627935][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.638797][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.648956][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.659834][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.675831][ T5068] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.879816][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.893009][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.904221][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.918363][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.932022][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.943058][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.953199][ T5068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.964064][ T5068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.979847][ T5068] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.328655][ T5068] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.337981][ T5068] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.348955][ T5068] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.360302][ T5068] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.925080][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 267.933420][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.281559][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.289659][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.532282][ T779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.540410][ T779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 268.721722][ T779] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 268.729846][ T779] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.270294][ T3022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.278606][ T3022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.546234][ T5122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.556001][ T5122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.687605][ T779] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 269.903398][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 269.911789][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 269.979758][ T779] usb 3-1: Using ep0 maxpacket: 8 [ 270.150378][ T779] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 270.177284][ T10] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 270.185489][ T10] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 270.264512][ T779] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 270.287543][ T779] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 270.302289][ T779] usb 3-1: SerialNumber: syz [ 270.354934][ T779] usb 3-1: config 0 descriptor?? [ 270.432539][ T779] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 270.439794][ T779] usb 3-1: No valid video chain found. [ 270.684441][ T4500] usb 3-1: USB disconnect, device number 2 [ 271.061607][ T779] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.069609][ T779] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.375017][ T1083] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.383580][ T1083] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.456195][ T5259] loop1: detected capacity change from 0 to 2048 [ 271.663795][ T5259] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 271.717113][ T5259] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 271.725265][ T5259] UDF-fs: Scanning with blocksize 512 failed [ 272.026691][ T5259] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 272.463019][ T5263] loop2: detected capacity change from 0 to 2048 [ 272.560689][ T5267] loop4: detected capacity change from 0 to 2048 [ 272.569518][ T5263] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 272.674890][ T5267] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal [ 272.775491][ T5270] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 273.185699][ T5267] warning: `syz-executor.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 274.030348][ T5276] loop0: detected capacity change from 0 to 64 [ 274.091922][ T5277] loop4: detected capacity change from 0 to 512 [ 274.424059][ T5277] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2 [ 274.497450][ T5277] EXT4-fs (loop4): 1 truncate cleaned up [ 274.503617][ T5277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.885493][ T5283] loop2: detected capacity change from 0 to 16 [ 274.993455][ T5283] erofs: (device loop2): mounted with root inode @ nid 36. [ 275.026000][ T5068] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.625382][ T5295] loop4: detected capacity change from 0 to 512 [ 276.767723][ T5295] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 276.875744][ T5295] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 276.889320][ T5295] ext4 filesystem being mounted at /root/syzkaller-testdir1193859779/syzkaller.94mcax/3/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 277.140770][ T5295] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 277.152576][ T5295] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 277.163066][ T5295] EXT4-fs error (device loop4): ext4_acquire_dquot:6882: comm syz-executor.4: Failed to acquire dquot type 0 [ 277.444852][ T5068] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 277.498168][ T5299] loop0: detected capacity change from 0 to 2048 [ 277.599048][ T5299] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 277.671969][ T5299] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 277.680089][ T5299] UDF-fs: Scanning with blocksize 512 failed [ 277.898866][ T5299] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 280.669298][ T5318] loop0: detected capacity change from 0 to 16 [ 280.795027][ T5318] erofs: (device loop0): mounted with root inode @ nid 36. [ 282.251577][ T5328] loop2: detected capacity change from 0 to 2048 [ 282.342243][ T5328] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 282.391755][ T5328] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 282.399816][ T5328] UDF-fs: Scanning with blocksize 512 failed [ 282.538800][ T5328] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 282.695334][ T5326] loop3: detected capacity change from 0 to 4096 [ 283.024092][ T779] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 283.284452][ T5326] ntfs3: loop3: Failed to load $Extend (-22). [ 283.291009][ T5326] ntfs3: loop3: Failed to initialize $Extend. [ 283.502821][ T779] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.514420][ T779] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.545634][ T5326] ntfs3: loop3: ino=1f, "file2" attr_set_size [ 283.744581][ T779] usb 1-1: New USB device found, idVendor=045e, idProduct=00db, bcdDevice= 0.40 [ 283.754588][ T779] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 283.763036][ T779] usb 1-1: Product: syz [ 283.767449][ T779] usb 1-1: Manufacturer: syz [ 283.772456][ T779] usb 1-1: SerialNumber: syz [ 284.243971][ T779] usbhid 1-1:1.0: can't add hid device: -22 [ 284.250734][ T779] usbhid 1-1:1.0: probe with driver usbhid failed with error -22 [ 284.380685][ T779] usb 1-1: USB disconnect, device number 2 [ 284.898249][ T5342] kAFS: unable to lookup cell '.S²jË¡8' [ 284.912915][ T5337] net_ratelimit: 2 callbacks suppressed [ 284.912992][ T5337] sctp: failed to load transform for md5: -2 [ 285.509688][ T5350] loop0: detected capacity change from 0 to 256 [ 285.605927][ T5350] exfat: Deprecated parameter 'namecase' [ 285.679618][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 285.686703][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 285.821750][ T5350] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 287.143983][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 287.273520][ T5361] loop3: detected capacity change from 0 to 2048 [ 287.367705][ T5361] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 287.416149][ T5361] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 287.424260][ T5361] UDF-fs: Scanning with blocksize 512 failed [ 287.484567][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 287.695816][ T5361] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 292.191997][ T5420] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 292.538280][ T5417] loop2: detected capacity change from 0 to 2048 [ 292.579988][ T5417] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 292.581197][ T5417] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 292.581290][ T5417] UDF-fs: Scanning with blocksize 512 failed [ 292.658176][ T5417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 293.873164][ T5425] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 294.783521][ T5434] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 296.684422][ T5453] 9pnet_fd: Insufficient options for proto=fd [ 297.029237][ T5456] loop2: detected capacity change from 0 to 2048 [ 297.168863][ T5456] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 297.242189][ T5456] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 297.250317][ T5456] UDF-fs: Scanning with blocksize 512 failed [ 297.412659][ T29] audit: type=1804 audit(1717462691.731:2): pid=5461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/18/bus" dev="sda1" ino=1966 res=1 errno=0 [ 297.447170][ T5456] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 298.364872][ T5467] loop1: detected capacity change from 0 to 1764 [ 299.902068][ T5129] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 300.292902][ T5129] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 300.304506][ T5129] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 300.318068][ T5129] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 300.327647][ T5129] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 300.536635][ T5129] usb 1-1: config 0 descriptor?? [ 301.132533][ T5129] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 301.140447][ T5129] plantronics 0003:047F:FFFF.0001: unknown main item tag 0x0 [ 301.212144][ T29] audit: type=1804 audit(1717462695.481:3): pid=5496 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310709672/syzkaller.GIiEap/20/bus" dev="sda1" ino=1964 res=1 errno=0 [ 301.237601][ T5129] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving [ 301.345708][ T5129] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 301.444481][ T5129] usb 1-1: USB disconnect, device number 3 [ 302.461108][ T5500] loop3: detected capacity change from 0 to 2048 [ 302.510556][ T5500] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 302.571699][ T5500] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 302.579981][ T5500] UDF-fs: Scanning with blocksize 512 failed [ 302.610478][ T5502] loop1: detected capacity change from 0 to 256 [ 302.725423][ T5502] ======================================================= [ 302.725423][ T5502] WARNING: The mand mount option has been deprecated and [ 302.725423][ T5502] and is ignored by this kernel. Remove the mand [ 302.725423][ T5502] option from the mount to silence this warning. [ 302.725423][ T5502] ======================================================= [ 302.770378][ T5502] FAT-fs (loop1): Unrecognized mount option "00000000000000000000005" or missing value [ 302.794621][ T5500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 302.971915][ T5129] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 303.562468][ T5129] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 303.572070][ T5129] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 303.580485][ T5129] usb 5-1: Product: syz [ 303.585182][ T5129] usb 5-1: Manufacturer: syz [ 303.590074][ T5129] usb 5-1: SerialNumber: syz [ 303.648443][ T5129] usb 5-1: config 0 descriptor?? [ 304.082587][ T5129] usb 5-1: USB disconnect, device number 2 [ 304.417982][ T5251] udevd[5251]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 306.692203][ T29] audit: type=1804 audit(1717462700.961:4): pid=5522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/26/bus" dev="sda1" ino=1945 res=1 errno=0 [ 307.326397][ T5529] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 307.349277][ T5529] bridge_slave_1: left allmulticast mode [ 307.358355][ T5529] bridge_slave_1: left promiscuous mode [ 307.365478][ T5529] bridge0: port 2(bridge_slave_1) entered disabled state [ 307.505349][ T5529] bridge_slave_0: left allmulticast mode [ 307.511521][ T5529] bridge_slave_0: left promiscuous mode [ 307.518433][ T5529] bridge0: port 1(bridge_slave_0) entered disabled state [ 307.973130][ T5531] loop2: detected capacity change from 0 to 2048 [ 308.096895][ T5531] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 308.122771][ T5531] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 308.130805][ T5531] UDF-fs: Scanning with blocksize 512 failed [ 308.295621][ T5531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 308.502945][ T5533] input: syz0 as /devices/virtual/input/input5 [ 308.800964][ T5537] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 309.500348][ T5540] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 309.702346][ T5543] loop0: detected capacity change from 0 to 2048 [ 310.180718][ T5546] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 310.723997][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 310.826430][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 310.834875][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 310.931105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 310.939537][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 311.033605][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 311.042034][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 311.135780][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 311.144215][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 311.235868][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 315.798025][ T29] audit: type=1804 audit(1717462710.051:5): pid=5558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2825052814/syzkaller.NncG1r/27/bus" dev="sda1" ino=1954 res=1 errno=0 [ 316.815744][ T5565] loop0: detected capacity change from 0 to 2048 [ 316.929479][ T5565] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 316.983722][ T5565] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 317.006976][ T5565] UDF-fs: Scanning with blocksize 512 failed [ 317.207102][ T5565] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 317.921067][ T5572] sit0: entered allmulticast mode [ 318.619478][ T5577] loop0: detected capacity change from 0 to 164 [ 318.797122][ T5577] Unable to read rock-ridge attributes [ 318.859229][ T5577] Unable to read rock-ridge attributes [ 319.603851][ T5581] loop4: detected capacity change from 0 to 2048 [ 319.616978][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 320.461705][ T29] audit: type=1804 audit(1717462714.711:6): pid=5588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2825052814/syzkaller.NncG1r/31/bus" dev="sda1" ino=1952 res=1 errno=0 [ 321.251542][ C0] hrtimer: interrupt took 271642 ns [ 323.930797][ T29] audit: type=1804 audit(1717462718.221:7): pid=5624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3054051684/syzkaller.d2sbX7/18/bus" dev="sda1" ino=1954 res=1 errno=0 [ 327.251608][ T29] audit: type=1804 audit(1717462721.541:8): pid=5652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/39/bus" dev="sda1" ino=1953 res=1 errno=0 [ 328.473022][ T29] audit: type=1804 audit(1717462722.681:9): pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2078868811/syzkaller.GUHIo8/24/bus" dev="sda1" ino=1944 res=1 errno=0 [ 330.144023][ T5075] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 330.155348][ T5075] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 330.186972][ T5075] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 330.216963][ T5075] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 330.252241][ T5075] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 330.278551][ T5075] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 330.443390][ T5665] loop1: detected capacity change from 0 to 8192 [ 330.564416][ T5682] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 331.603871][ T29] audit: type=1804 audit(1717462725.861:10): pid=5690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/42/bus" dev="sda1" ino=1959 res=1 errno=0 [ 331.756371][ T5508] I/O error, dev loop1, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 [ 331.822923][ T5693] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) [ 331.883949][ T5693] dccp_invalid_packet: P.Data Offset(0) too small [ 332.446666][ T5075] Bluetooth: hci5: command tx timeout [ 333.014227][ T5122] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 333.030868][ T2893] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.172901][ T5678] chnl_net:caif_netlink_parms(): no params data found [ 333.274543][ T5122] usb 5-1: device descriptor read/64, error -71 [ 333.305729][ T2893] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.495193][ T5709] loop2: detected capacity change from 0 to 2048 [ 333.567919][ T2893] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.620602][ T5709] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 333.655155][ T5122] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 333.689468][ T5709] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 333.698188][ T5709] UDF-fs: Scanning with blocksize 512 failed [ 333.813508][ T2893] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 333.883278][ T5122] usb 5-1: device descriptor read/64, error -71 [ 333.923617][ T5709] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 334.013520][ T5122] usb usb5-port1: attempt power cycle [ 334.266874][ T2893] bridge_slave_1: left allmulticast mode [ 334.285209][ T2893] bridge_slave_1: left promiscuous mode [ 334.292343][ T2893] bridge0: port 2(bridge_slave_1) entered disabled state [ 334.359194][ T2893] bridge_slave_0: left allmulticast mode [ 334.365431][ T2893] bridge_slave_0: left promiscuous mode [ 334.384136][ T2893] bridge0: port 1(bridge_slave_0) entered disabled state [ 334.474116][ T5122] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 334.512211][ T5075] Bluetooth: hci5: command tx timeout [ 334.622541][ T5122] usb 5-1: device descriptor read/8, error -71 [ 334.951987][ T5122] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 335.093482][ T5122] usb 5-1: device descriptor read/8, error -71 [ 335.153667][ T2893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 335.256547][ T2893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 335.263510][ T5122] usb usb5-port1: unable to enumerate USB device [ 335.330204][ T2893] bond0 (unregistering): Released all slaves [ 336.203076][ T5729] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 336.585182][ T2893] hsr_slave_0: left promiscuous mode [ 336.604448][ T2893] hsr_slave_1: left promiscuous mode [ 336.608127][ T5075] Bluetooth: hci5: command tx timeout [ 336.684210][ T2893] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 336.692231][ T2893] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 336.717461][ T2893] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 336.725407][ T2893] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 336.792117][ T2893] veth1_macvtap: left promiscuous mode [ 336.798061][ T2893] veth0_macvtap: left promiscuous mode [ 336.805353][ T2893] veth1_vlan: left promiscuous mode [ 336.811010][ T2893] veth0_vlan: left promiscuous mode [ 336.823943][ T29] audit: type=1804 audit(1717462731.071:11): pid=5738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/44/bus" dev="sda1" ino=1951 res=1 errno=0 [ 338.377083][ T5749] loop2: detected capacity change from 0 to 2048 [ 338.506072][ T2893] team0 (unregistering): Port device team_slave_1 removed [ 338.528620][ T5749] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 338.606392][ T5749] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 338.614695][ T5749] UDF-fs: Scanning with blocksize 512 failed [ 338.627419][ T2893] team0 (unregistering): Port device team_slave_0 removed [ 338.682899][ T5075] Bluetooth: hci5: command tx timeout [ 338.962388][ T5749] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 339.522376][ T779] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 339.750847][ T779] usb 4-1: device descriptor read/64, error -71 [ 339.796172][ T5678] bridge0: port 1(bridge_slave_0) entered blocking state [ 339.816513][ T5678] bridge0: port 1(bridge_slave_0) entered disabled state [ 339.824747][ T5678] bridge_slave_0: entered allmulticast mode [ 339.834520][ T5678] bridge_slave_0: entered promiscuous mode [ 339.958807][ T5678] bridge0: port 2(bridge_slave_1) entered blocking state [ 339.967008][ T5678] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.975372][ T5678] bridge_slave_1: entered allmulticast mode [ 339.986712][ T5678] bridge_slave_1: entered promiscuous mode [ 340.092010][ T779] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 340.320564][ T779] usb 4-1: device descriptor read/64, error -71 [ 340.458770][ T779] usb usb4-port1: attempt power cycle [ 340.502131][ T5678] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 340.648666][ T5678] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 340.707936][ T5767] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 340.945603][ T779] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 341.004550][ T5678] team0: Port device team_slave_0 added [ 341.053324][ T779] usb 4-1: device descriptor read/8, error -71 [ 341.081611][ T5678] team0: Port device team_slave_1 added [ 341.375184][ T779] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 341.469159][ T5678] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 341.476641][ T5678] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.503167][ T5678] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 341.514461][ T29] audit: type=1804 audit(1717462735.711:12): pid=5776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2078868811/syzkaller.GUHIo8/31/bus" dev="sda1" ino=1941 res=1 errno=0 [ 341.565485][ T779] usb 4-1: device descriptor read/8, error -71 [ 341.683510][ T5678] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 341.690724][ T5678] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 341.717390][ T5678] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 341.772331][ T779] usb usb4-port1: unable to enumerate USB device [ 341.783247][ T5778] Zero length message leads to an empty skb [ 342.338989][ T5783] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 342.396685][ T5678] hsr_slave_0: entered promiscuous mode [ 342.493431][ T5678] hsr_slave_1: entered promiscuous mode [ 342.548468][ T5678] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 342.557277][ T5678] Cannot create hsr debugfs directory [ 343.000869][ T5792] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 343.584103][ T5793] loop3: detected capacity change from 0 to 2048 [ 343.838584][ T5793] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 343.968518][ T5793] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 343.976704][ T5793] UDF-fs: Scanning with blocksize 512 failed [ 344.185349][ T5793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 345.269466][ T5678] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 345.412900][ T5678] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 345.474533][ T5807] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 345.481681][ T29] audit: type=1804 audit(1717462739.721:13): pid=5808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310709672/syzkaller.GIiEap/47/bus" dev="sda1" ino=1950 res=1 errno=0 [ 345.606115][ T5678] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 345.753769][ T5678] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 346.632448][ T779] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 346.898993][ T779] usb 3-1: device descriptor read/64, error -71 [ 347.013579][ T29] audit: type=1326 audit(1717462741.231:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5817 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x0 [ 347.090965][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 347.098549][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 347.306844][ T779] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 347.501812][ T779] usb 3-1: device descriptor read/64, error -71 [ 347.628988][ T5678] 8021q: adding VLAN 0 to HW filter on device bond0 [ 347.667112][ T779] usb usb3-port1: attempt power cycle [ 347.956149][ T5678] 8021q: adding VLAN 0 to HW filter on device team0 [ 348.112315][ T779] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 348.158103][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.166071][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 348.275935][ T779] usb 3-1: device descriptor read/8, error -71 [ 348.330336][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.338307][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 348.562171][ T779] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 348.655323][ T779] usb 3-1: device descriptor read/8, error -71 [ 348.836013][ T779] usb usb3-port1: unable to enumerate USB device [ 349.564768][ T5848] loop1: detected capacity change from 0 to 2048 [ 349.768994][ T5848] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 349.863282][ T5848] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 349.871273][ T5848] UDF-fs: Scanning with blocksize 512 failed [ 350.207199][ T5848] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 350.361941][ T29] audit: type=1804 audit(1717462744.561:15): pid=5857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310709672/syzkaller.GIiEap/49/bus" dev="sda1" ino=1955 res=1 errno=0 [ 350.822017][ T5863] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 351.770435][ T5678] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 352.769696][ T5678] veth0_vlan: entered promiscuous mode [ 352.964258][ T5678] veth1_vlan: entered promiscuous mode [ 353.717808][ T5678] veth0_macvtap: entered promiscuous mode [ 353.969485][ T5678] veth1_macvtap: entered promiscuous mode [ 354.378392][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.390103][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.400369][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.411107][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.421775][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.433475][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.453762][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 354.467231][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 354.483285][ T5678] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 355.051605][ T29] audit: type=1804 audit(1717462749.271:16): pid=5890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/58/bus" dev="sda1" ino=1960 res=1 errno=0 [ 355.082556][ T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 355.212811][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.223648][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.233979][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.244903][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.255174][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.275838][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.288644][ T5678] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 355.299648][ T5678] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 355.318837][ T5678] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 355.562028][ T10] usb 2-1: device descriptor read/64, error -71 [ 355.657885][ T5678] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.667104][ T5678] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.676468][ T5678] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.685579][ T5678] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 355.927096][ T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 356.050840][ T5895] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'. [ 356.200621][ T10] usb 2-1: device descriptor read/64, error -71 [ 356.343656][ T10] usb usb2-port1: attempt power cycle [ 356.613790][ T5896] loop4: detected capacity change from 0 to 2048 [ 356.765509][ T5896] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 356.833039][ T5896] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 356.841247][ T5896] UDF-fs: Scanning with blocksize 512 failed [ 356.862288][ T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 356.992692][ T10] usb 2-1: device descriptor read/8, error -71 [ 357.103046][ T5896] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 357.321899][ T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 357.632251][ T10] usb 2-1: device descriptor read/8, error -71 [ 357.769990][ T10] usb usb2-port1: unable to enumerate USB device [ 358.534393][ T5915] netlink: 176 bytes leftover after parsing attributes in process `syz-executor.1'. [ 358.913388][ T29] audit: type=1326 audit(1717462753.131:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5912 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7456579 code=0x0 [ 360.472103][ T29] audit: type=1804 audit(1717462754.721:18): pid=5943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3054051684/syzkaller.d2sbX7/38/bus" dev="sda1" ino=1955 res=1 errno=0 [ 361.517989][ T5952] loop3: detected capacity change from 0 to 2048 [ 361.603240][ T5959] binder_alloc: 5958: binder_alloc_buf, no vma [ 361.651151][ T5952] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 361.689602][ T5952] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 361.697966][ T5952] UDF-fs: Scanning with blocksize 512 failed [ 361.752208][ T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 361.908168][ T5952] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 362.042081][ T10] usb 5-1: device descriptor read/64, error -71 [ 362.352622][ T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 362.624285][ T10] usb 5-1: device descriptor read/64, error -71 [ 362.767047][ T10] usb usb5-port1: attempt power cycle [ 363.262410][ T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 363.372959][ T10] usb 5-1: device descriptor read/8, error -71 [ 363.553898][ T5976] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 363.693016][ T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 363.812848][ T10] usb 5-1: device descriptor read/8, error -71 [ 363.993698][ T10] usb usb5-port1: unable to enumerate USB device [ 364.827158][ T29] audit: type=1804 audit(1717462759.051:19): pid=5988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310709672/syzkaller.GIiEap/59/bus" dev="sda1" ino=1941 res=1 errno=0 [ 366.380920][ T10] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.390011][ T10] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.477341][ T6006] loop3: detected capacity change from 0 to 2048 [ 366.637587][ T6006] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 366.681002][ T6006] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 366.689293][ T6006] UDF-fs: Scanning with blocksize 512 failed [ 366.779734][ T3022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 366.787958][ T3022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 366.800979][ T6006] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 367.582855][ T6015] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 368.311762][ T5129] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 368.573147][ T5129] usb 3-1: device descriptor read/64, error -71 [ 368.893529][ T5129] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 369.111685][ T5129] usb 3-1: device descriptor read/64, error -71 [ 369.255735][ T5129] usb usb3-port1: attempt power cycle [ 369.463964][ T6035] syz-executor.3[6035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.464840][ T6035] syz-executor.3[6035] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.535135][ T6036] syz-executor.3[6036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.632500][ T5079] Bluetooth: hci4: command 0x0406 tx timeout [ 369.650989][ T4428] Bluetooth: hci2: command 0x0406 tx timeout [ 369.659712][ T4428] Bluetooth: hci1: command 0x0406 tx timeout [ 369.666149][ T4428] Bluetooth: hci0: command 0x0406 tx timeout [ 369.695476][ T6036] syz-executor.3[6036] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 369.757838][ T5129] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 369.883078][ T5129] usb 3-1: device descriptor read/8, error -71 [ 370.083726][ T6040] loop4: detected capacity change from 0 to 2048 [ 370.183113][ T6040] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 370.223563][ T5129] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 370.247494][ T6040] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 370.255881][ T6040] UDF-fs: Scanning with blocksize 512 failed [ 370.307161][ T6040] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 370.351087][ T5129] usb 3-1: device descriptor read/8, error -71 [ 370.586202][ T5129] usb usb3-port1: unable to enumerate USB device [ 372.609314][ T6063] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 373.344480][ T6068] loop1: detected capacity change from 0 to 256 [ 374.365037][ T6080] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 374.450721][ T5122] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 374.503497][ T6076] loop3: detected capacity change from 0 to 2048 [ 374.592159][ T6076] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 374.648579][ T6076] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 374.656961][ T6076] UDF-fs: Scanning with blocksize 512 failed [ 374.873057][ T6076] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 374.923251][ T5122] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 374.933894][ T5122] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 375.102379][ T5122] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 375.112192][ T5122] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 375.120696][ T5122] usb 3-1: SerialNumber: syz [ 375.273013][ T5122] usb 3-1: bad CDC descriptors [ 376.105428][ T6085] sctp: failed to load transform for md5: -2 [ 376.933881][ T6102] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 377.086448][ T10] usb 3-1: USB disconnect, device number 11 [ 377.393443][ T6107] netlink: 'syz-executor.3': attribute type 2 has an invalid length. [ 377.402045][ T6107] netlink: 'syz-executor.3': attribute type 8 has an invalid length. [ 377.410435][ T6107] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.3'. [ 377.510317][ T6110] loop2: detected capacity change from 0 to 16 [ 377.582697][ T6110] erofs: (device loop2): mounted with root inode @ nid 36. [ 377.983169][ T6113] loop1: detected capacity change from 0 to 512 [ 378.987157][ T6120] loop2: detected capacity change from 0 to 2048 [ 379.043925][ T6113] EXT4-fs (loop1): Test dummy encryption mode enabled [ 379.167380][ T6113] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2250: inode #12: comm syz-executor.1: corrupted in-inode xattr: invalid ea_ino [ 379.247139][ T6126] loop0: detected capacity change from 0 to 64 [ 379.269379][ T6120] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 379.271938][ T6113] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 12 (err -117) [ 379.281624][ T6120] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 379.300856][ T6120] UDF-fs: Scanning with blocksize 512 failed [ 379.394328][ T6113] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 379.532862][ T6120] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 380.605270][ T6113] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))" [ 380.881246][ T6113] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 381.198059][ T6143] loop2: detected capacity change from 0 to 764 [ 381.444051][ T5073] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000. [ 381.704419][ T6152] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 381.761771][ T779] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 382.242274][ T779] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 382.252962][ T779] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 382.408645][ T779] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 382.418197][ T779] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 382.426648][ T779] usb 5-1: SerialNumber: syz [ 382.556987][ T779] usb 5-1: bad CDC descriptors [ 384.423676][ T4500] usb 5-1: USB disconnect, device number 11 [ 385.948535][ T6170] loop4: detected capacity change from 0 to 2048 [ 386.077143][ T6170] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 386.152320][ T6170] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 386.160372][ T6170] UDF-fs: Scanning with blocksize 512 failed [ 386.435625][ T6170] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 387.384150][ T6179] syz-executor.1[6179] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 387.385224][ T6179] syz-executor.1[6179] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 389.561665][ T4500] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 389.992394][ T4500] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 390.003072][ T4500] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 390.143957][ T4500] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 390.153639][ T4500] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 390.162129][ T4500] usb 4-1: SerialNumber: syz [ 390.322399][ T4500] usb 4-1: bad CDC descriptors [ 391.661005][ T6203] loop0: detected capacity change from 0 to 2048 [ 391.710327][ T6203] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 391.756007][ T6203] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 391.764706][ T6203] UDF-fs: Scanning with blocksize 512 failed [ 391.791583][ T6205] loop2: detected capacity change from 0 to 1024 [ 391.893931][ T6203] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 392.239399][ T779] usb 4-1: USB disconnect, device number 6 [ 393.276134][ T6211] loop2: detected capacity change from 0 to 256 [ 393.836021][ T29] audit: type=1800 audit(1717462788.091:20): pid=6217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1940 res=0 errno=0 [ 394.958997][ T6225] loop1: detected capacity change from 0 to 256 [ 395.081677][ T6225] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 395.103171][ T6225] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512 [ 395.113375][ T6225] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 395.121417][ T6225] UDF-fs: Scanning with blocksize 512 failed [ 395.232777][ T6225] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 395.342573][ T6225] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 396.066987][ T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 396.110412][ T6236] loop0: detected capacity change from 0 to 2048 [ 396.195078][ T6236] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 396.241019][ T6236] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 396.249561][ T6236] UDF-fs: Scanning with blocksize 512 failed [ 396.354754][ T6236] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 396.518074][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 396.538191][ T10] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 396.754141][ T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 396.764065][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 396.773194][ T10] usb 3-1: SerialNumber: syz [ 396.854510][ T10] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 397.130460][ T6241] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 397.552016][ T5122] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 397.949743][ T5122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 397.949940][ T5122] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 397.950161][ T5122] usb 1-1: New USB device found, idVendor=056a, idProduct=0043, bcdDevice= 0.00 [ 397.950327][ T5122] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 397.956007][ T5122] usb 1-1: config 0 descriptor?? [ 398.763059][ T5122] wacom 0003:056A:0043.0002: unbalanced collection at end of report description [ 398.805498][ T5122] wacom 0003:056A:0043.0002: parse failed [ 398.806375][ T5122] wacom 0003:056A:0043.0002: probe with driver wacom failed with error -22 [ 398.939458][ T10] usb 3-1: USB disconnect, device number 12 [ 399.022969][ T5122] usb 1-1: USB disconnect, device number 4 [ 400.450706][ T6261] syzkaller0: entered promiscuous mode [ 400.456662][ T6261] syzkaller0: entered allmulticast mode [ 400.757866][ T6267] loop0: detected capacity change from 0 to 2048 [ 400.906501][ T6267] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 400.952489][ T6267] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 400.960711][ T6267] UDF-fs: Scanning with blocksize 512 failed [ 401.089677][ T6267] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 402.156854][ T6274] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 402.562104][ T779] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 402.579868][ T10] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 403.009570][ T779] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 403.021509][ T779] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 403.032039][ T779] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 403.041555][ T779] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 403.055149][ T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 403.065911][ T10] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 403.122775][ T779] usb 5-1: config 0 descriptor?? [ 403.211709][ T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 403.221662][ T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 403.229978][ T10] usb 3-1: SerialNumber: syz [ 403.363742][ T10] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 403.646588][ T779] hid (null): bogus close delimiter [ 404.262448][ T779] uclogic 0003:256C:006D.0003: failed retrieving Huion firmware version: -71 [ 404.272520][ T779] uclogic 0003:256C:006D.0003: failed probing parameters: -71 [ 404.280828][ T779] uclogic 0003:256C:006D.0003: probe with driver uclogic failed with error -71 [ 404.434403][ T779] usb 5-1: USB disconnect, device number 12 [ 405.344224][ T4500] usb 3-1: USB disconnect, device number 13 [ 405.568231][ T29] audit: type=1326 audit(1717462799.791:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.591420][ T29] audit: type=1326 audit(1717462799.791:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.615333][ T29] audit: type=1326 audit(1717462799.831:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.638256][ T29] audit: type=1326 audit(1717462799.861:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.669783][ T29] audit: type=1326 audit(1717462799.861:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.763215][ T6299] loop3: detected capacity change from 0 to 2048 [ 405.886221][ T29] audit: type=1326 audit(1717462800.131:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.901980][ T6299] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 405.909663][ T29] audit: type=1326 audit(1717462800.131:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.942915][ T29] audit: type=1326 audit(1717462800.131:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 405.976469][ T29] audit: type=1326 audit(1717462800.191:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=20 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 406.002020][ T29] audit: type=1326 audit(1717462800.191:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6300 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 406.089888][ T6299] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 406.098168][ T6299] UDF-fs: Scanning with blocksize 512 failed [ 406.252804][ T6299] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 407.613637][ T6316] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 408.153909][ T2937] Bluetooth: hci3: Frame reassembly failed (-84) [ 408.565355][ T1219] ieee802154 phy0 wpan0: encryption failed: -22 [ 408.572223][ T1219] ieee802154 phy1 wpan1: encryption failed: -22 [ 409.251562][ T779] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 409.259501][ T779] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 409.438267][ T4500] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 409.451891][ T779] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz0] on syz1 [ 409.861868][ T4500] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 409.872798][ T4500] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 409.978804][ T4500] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 409.988456][ T4500] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 409.997987][ T4500] usb 1-1: SerialNumber: syz [ 410.095526][ T4500] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 410.192148][ T5077] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 410.216474][ T6339] loop4: detected capacity change from 0 to 2048 [ 410.250616][ T6339] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 410.302354][ T6339] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 410.310407][ T6339] UDF-fs: Scanning with blocksize 512 failed [ 410.350770][ T6339] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 411.195632][ T29] kauditd_printk_skb: 17 callbacks suppressed [ 411.195712][ T29] audit: type=1804 audit(1717462805.511:48): pid=6344 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3054051684/syzkaller.d2sbX7/66/bus" dev="sda1" ino=1951 res=1 errno=0 [ 411.586779][ T6350] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 412.213941][ T779] usb 1-1: USB disconnect, device number 5 [ 412.681959][ T29] audit: type=1804 audit(1717462806.951:49): pid=6357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1310709672/syzkaller.GIiEap/85/bus" dev="sda1" ino=1955 res=1 errno=0 [ 414.573041][ T6376] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. [ 414.618994][ T6369] loop4: detected capacity change from 0 to 2048 [ 414.804623][ T6369] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 414.880151][ T6369] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 414.888327][ T6369] UDF-fs: Scanning with blocksize 512 failed [ 414.988561][ T6369] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 415.212250][ T5122] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 415.640474][ T5122] usb 1-1: config 1 has an invalid descriptor of length 12, skipping remainder of the config [ 415.651632][ T5122] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 415.662086][ T5122] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 415.672256][ T5122] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 415.813190][ T5122] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 415.823038][ T5122] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 415.831564][ T5122] usb 1-1: SerialNumber: syz [ 415.983432][ T5122] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22 [ 416.106397][ T29] audit: type=1804 audit(1717462810.361:50): pid=6387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir2078868811/syzkaller.GUHIo8/83/bus" dev="sda1" ino=1958 res=1 errno=0 [ 417.546908][ T6405] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. [ 417.999871][ T5122] usb 1-1: USB disconnect, device number 6 [ 418.518446][ T6415] loop1: detected capacity change from 0 to 512 [ 418.546813][ T6410] loop2: detected capacity change from 0 to 2048 [ 418.652624][ T6410] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 418.684007][ T6410] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 418.692322][ T6410] UDF-fs: Scanning with blocksize 512 failed [ 418.838268][ T6415] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 418.863123][ T6415] ext4 filesystem being mounted at /root/syzkaller-testdir2078868811/syzkaller.GUHIo8/86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 418.913618][ T6410] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 419.070196][ T29] audit: type=1804 audit(1717462813.321:51): pid=6425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3054051684/syzkaller.d2sbX7/74/bus" dev="sda1" ino=1969 res=1 errno=0 [ 419.682752][ T5073] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 420.001897][ T29] audit: type=1326 audit(1717462814.271:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.025558][ T29] audit: type=1326 audit(1717462814.301:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.051251][ T29] audit: type=1326 audit(1717462814.301:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.052361][ T29] audit: type=1326 audit(1717462814.321:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.052611][ T29] audit: type=1326 audit(1717462814.321:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.052854][ T29] audit: type=1326 audit(1717462814.321:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.053110][ T29] audit: type=1326 audit(1717462814.351:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.053370][ T29] audit: type=1326 audit(1717462814.351:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.053617][ T29] audit: type=1326 audit(1717462814.351:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6429 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7474579 code=0x7ffc0000 [ 420.078598][ T6433] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 420.343632][ T6433] hsr_slave_1 (unregistering): left promiscuous mode [ 421.372096][ T6444] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'. [ 421.614460][ T6448] veth1_to_hsr: mtu less than device minimum [ 421.953918][ T779] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 422.448084][ T779] usb 3-1: config 1 has an invalid descriptor of length 12, skipping remainder of the config [ 422.458994][ T779] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 422.469625][ T779] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0 [ 422.479833][ T779] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18 [ 422.612871][ T779] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 422.623232][ T779] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 422.632368][ T779] usb 3-1: SerialNumber: syz [ 422.758164][ T779] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22 [ 422.985164][ T6458] loop3: detected capacity change from 0 to 512 [ 423.190414][ T6458] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.3: corrupted in-inode xattr: invalid ea_ino [ 423.207310][ T6458] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 423.226845][ T6458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 423.254837][ T6462] loop0: detected capacity change from 0 to 512 [ 423.535381][ T6462] EXT4-fs (loop0): 1 truncate cleaned up [ 423.541526][ T6462] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 423.717085][ T6462] EXT4-fs error (device loop0): htree_dirblock_to_tree:1082: inode #2: comm syz-executor.0: Directory hole found for htree leaf block [ 424.055386][ T5678] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.078864][ T6480] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 424.160047][ T5086] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 424.667608][ T5144] usb 3-1: USB disconnect, device number 14 [ 425.636887][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 425.636967][ T29] audit: type=1804 audit(1717462819.961:63): pid=6494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1193859779/syzkaller.94mcax/108/bus" dev="sda1" ino=1948 res=1 errno=0 [ 426.315274][ T6502] ===================================================== [ 426.322758][ T6502] BUG: KMSAN: uninit-value in trie_delete_elem+0xc0/0xbe0 [ 426.340710][ T6502] trie_delete_elem+0xc0/0xbe0 [ 426.348688][ T6502] bpf_map_delete_elem+0x5c/0x80 [ 426.353995][ T6502] ___bpf_prog_run+0x13fe/0xe0f0 [ 426.359128][ T6502] __bpf_prog_run256+0xb5/0xe0 [ 426.364236][ T6502] bpf_trace_run8+0x1bd/0x3a0 [ 426.369471][ T6502] __bpf_trace_jbd2_handle_stats+0x51/0x70 [ 426.375596][ T6502] jbd2_journal_stop+0x1157/0x12c0 [ 426.380948][ T6502] __ext4_journal_stop+0x115/0x310 [ 426.386366][ T6502] __ext4_unlink+0x10f5/0x11b0 [ 426.391480][ T6502] ext4_unlink+0x226/0x630 [ 426.396091][ T6502] vfs_unlink+0x676/0xa30 [ 426.400638][ T6502] do_unlinkat+0x823/0xe10 [ 426.405902][ T6502] __ia32_sys_unlink+0x77/0xa0 [ 426.410879][ T6502] ia32_sys_call+0x30d7/0x40a0 [ 426.417860][ T6502] __do_fast_syscall_32+0xb4/0x120 [ 426.423305][ T6502] do_fast_syscall_32+0x38/0x80 [ 426.439383][ T6502] do_SYSENTER_32+0x1f/0x30 [ 426.446994][ T6502] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 426.453680][ T6502] [ 426.456107][ T6502] Local variable stack created at: [ 426.461415][ T6502] __bpf_prog_run256+0x45/0xe0 [ 426.466371][ T6502] bpf_trace_run8+0x1bd/0x3a0 [ 426.471214][ T6502] [ 426.473783][ T6502] CPU: 0 PID: 6502 Comm: syz-executor.0 Not tainted 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 426.484037][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 426.494319][ T6502] ===================================================== [ 426.501745][ T6502] Disabling lock debugging due to kernel taint [ 426.508025][ T6502] Kernel panic - not syncing: kmsan.panic set ... [ 426.514633][ T6502] CPU: 0 PID: 6502 Comm: syz-executor.0 Tainted: G B 6.9.0-syzkaller-02339-g101b7a97143a #0 [ 426.526245][ T6502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 426.536409][ T6502] Call Trace: [ 426.539817][ T6502] [ 426.542831][ T6502] dump_stack_lvl+0x216/0x2d0 [ 426.547680][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.553661][ T6502] dump_stack+0x1e/0x30 [ 426.557975][ T6502] panic+0x4e2/0xcd0 [ 426.562029][ T6502] ? kmsan_get_metadata+0xf1/0x1d0 [ 426.567298][ T6502] kmsan_report+0x2d5/0x2e0 [ 426.571965][ T6502] ? insn_get_prefixes+0x17d2/0x2030 [ 426.577401][ T6502] ? __msan_warning+0x95/0x120 [ 426.582292][ T6502] ? trie_delete_elem+0xc0/0xbe0 [ 426.587384][ T6502] ? bpf_map_delete_elem+0x5c/0x80 [ 426.592712][ T6502] ? ___bpf_prog_run+0x13fe/0xe0f0 [ 426.597996][ T6502] ? __bpf_prog_run256+0xb5/0xe0 [ 426.603094][ T6502] ? bpf_trace_run8+0x1bd/0x3a0 [ 426.608091][ T6502] ? __bpf_trace_jbd2_handle_stats+0x51/0x70 [ 426.614270][ T6502] ? jbd2_journal_stop+0x1157/0x12c0 [ 426.619719][ T6502] ? __ext4_journal_stop+0x115/0x310 [ 426.625159][ T6502] ? __ext4_unlink+0x10f5/0x11b0 [ 426.630255][ T6502] ? ext4_unlink+0x226/0x630 [ 426.635020][ T6502] ? vfs_unlink+0x676/0xa30 [ 426.639707][ T6502] ? do_unlinkat+0x823/0xe10 [ 426.644469][ T6502] ? __ia32_sys_unlink+0x77/0xa0 [ 426.649576][ T6502] ? ia32_sys_call+0x30d7/0x40a0 [ 426.654699][ T6502] ? __do_fast_syscall_32+0xb4/0x120 [ 426.660171][ T6502] ? do_fast_syscall_32+0x38/0x80 [ 426.665360][ T6502] ? do_SYSENTER_32+0x1f/0x30 [ 426.670201][ T6502] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 426.676908][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.682259][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.688243][ T6502] ? __module_address+0xef/0x7e0 [ 426.693314][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.699280][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.704645][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.710616][ T6502] ? percpu_counter_add_batch+0x43/0x290 [ 426.716451][ T6502] ? filter_irq_stacks+0x60/0x1a0 [ 426.721660][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.727043][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.733013][ T6502] __msan_warning+0x95/0x120 [ 426.737732][ T6502] trie_delete_elem+0xc0/0xbe0 [ 426.742660][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.748627][ T6502] ? __find_get_block+0x4b/0x1d70 [ 426.753815][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.759157][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.764508][ T6502] ? __pfx_trie_delete_elem+0x10/0x10 [ 426.770043][ T6502] bpf_map_delete_elem+0x5c/0x80 [ 426.775150][ T6502] ___bpf_prog_run+0x13fe/0xe0f0 [ 426.780246][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.785609][ T6502] __bpf_prog_run256+0xb5/0xe0 [ 426.790568][ T6502] ? _raw_spin_unlock_irqrestore+0x3f/0x60 [ 426.796538][ T6502] ? stack_depot_save_flags+0x66d/0x6e0 [ 426.802246][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.807585][ T6502] ? kmsan_get_metadata+0x146/0x1d0 [ 426.812925][ T6502] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 426.818883][ T6502] ? __pfx___bpf_prog_run256+0x10/0x10 [ 426.824513][ T6502] ? __pfx___bpf_prog_run256+0x10/0x10 [ 426.830131][ T6502] bpf_trace_run8+0x1bd/0x3a0 [ 426.834955][ T6502] ? ext4_mark_iloc_dirty+0x28ef/0x2a70 [ 426.840701][ T6502] __bpf_trace_jbd2_handle_stats+0x51/0x70 [ 426.846710][ T6502] jbd2_journal_stop+0x1157/0x12c0 [ 426.852022][ T6502] __ext4_journal_stop+0x115/0x310 [ 426.857319][ T6502] __ext4_unlink+0x10f5/0x11b0 [ 426.862307][ T6502] ext4_unlink+0x226/0x630 [ 426.866911][ T6502] ? __pfx_ext4_unlink+0x10/0x10 [ 426.872023][ T6502] vfs_unlink+0x676/0xa30 [ 426.876535][ T6502] do_unlinkat+0x823/0xe10 [ 426.881140][ T6502] __ia32_sys_unlink+0x77/0xa0 [ 426.886085][ T6502] ia32_sys_call+0x30d7/0x40a0 [ 426.891030][ T6502] __do_fast_syscall_32+0xb4/0x120 [ 426.896334][ T6502] ? switch_fpu_return+0x17/0x20 [ 426.901451][ T6502] do_fast_syscall_32+0x38/0x80 [ 426.906478][ T6502] do_SYSENTER_32+0x1f/0x30 [ 426.911145][ T6502] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 426.917687][ T6502] RIP: 0023:0xf746d579 [ 426.921870][ T6502] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 426.941633][ T6502] RSP: 002b:00000000f5ef65ac EFLAGS: 00000206 ORIG_RAX: 000000000000000a [ 426.950206][ T6502] RAX: ffffffffffffffda RBX: 0000000020000080 RCX: 0000000000000000 [ 426.958295][ T6502] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 426.966388][ T6502] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 426.974478][ T6502] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 426.982562][ T6502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 426.990684][ T6502] [ 428.449278][ T6502] Shutting down cpus with NMI [ 428.454441][ T6502] Kernel Offset: disabled [ 428.458845][ T6502] Rebooting in 86400 seconds..