last executing test programs: 28.539462133s ago: executing program 3 (id=607): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000080)="5972eace35fde434daec669cc17ecc908b79e797705bea34685f273f8762e2e23947e7e3f756e0bb5e9a0fea9d6f0f2a04da5c55db358a36bc955d8cb45f518123667b92a5cb97c2059ea344f3fafa976b2c6dd44f2deb7ba5e1d943afd65cb115fd", 0x62}, {&(0x7f0000000100)="794083", 0x3}, {&(0x7f0000000180)="94eb34a1c54b0b33527b0df43118", 0xe}, {&(0x7f00000001c0)="1e5f880453b4d608a19b", 0xa}, {&(0x7f0000000200)="99346fe1a7297ff9b6", 0x9}], 0x5, 0x0, 0x0, 0x20004010}}], 0x1, 0x0) 28.244838937s ago: executing program 3 (id=609): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x4020801) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0) mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000040)='squashfs\x00', 0x0, 0x0) set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x2) 26.897703947s ago: executing program 3 (id=616): socket$nl_generic(0x10, 0x3, 0x10) socket$kcm(0xa, 0x3, 0x73) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) listen(r0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) socket$inet6_mptcp(0xa, 0x1, 0x106) accept(r0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="280000001e000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="000002000a0002"], 0x28}}, 0x0) 25.171373738s ago: executing program 3 (id=619): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000880)={'bridge_slave_0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001c00070208000000000000", @ANYRES32=r1, @ANYBLOB="4000cc000a000200aaaaaaaaaa0c"], 0x28}}, 0x0) 24.845938065s ago: executing program 3 (id=624): openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_open_procfs(0x0, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) mkdir(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[]) read$FUSE(r1, &(0x7f000000e280)={0x2020}, 0x2020) syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}}}, 0x0, 0x0, 0x0, 0x0}) r2 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0) r3 = syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x0) readv(r3, &(0x7f0000001640)=[{&(0x7f0000000080)=""/61, 0x3d}], 0x1) syz_usb_disconnect(r2) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) 21.752096427s ago: executing program 3 (id=638): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') r3 = dup(r1) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'dvmrp1\x00', 0x1}) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r0}}) sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYRES8=r2], 0xc4}, 0x1, 0x0, 0x0, 0x48090}, 0x24000800) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) copy_file_range(0xffffffffffffffff, 0x0, r4, 0x0, 0x0, 0x0) syz_emit_ethernet(0x4a, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f0000000080)={0x0, 0x2e, "c30b29b9429b94b5e89342bbe4b70f6cbdf1b934689baccd1a35eb765812106c3732f8cb66deff5d6ff2e7ca4442"}, &(0x7f0000000180)=0x36) r7 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f00000001c0)={r6, 0x9, 0x22, 0x16, 0x2, 0x9}, &(0x7f0000000200)=0x14) r8 = openat$cgroup_freezer_state(r5, &(0x7f0000000140), 0x2, 0x0) write$cgroup_freezer_state(r8, &(0x7f0000000040)='FROZEN\x00', 0x7) read(r8, &(0x7f0000000300)=""/41, 0x29) r9 = openat$cgroup_procs(r5, &(0x7f0000000480)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r9, &(0x7f0000000240), 0x12) r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101}) ioctl$TUNGETVNETHDRSZ(r10, 0x800454d7, &(0x7f00000000c0)) socket$nl_generic(0x10, 0x3, 0x10) 7.699950602s ago: executing program 0 (id=723): r0 = timerfd_create(0x0, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0) clock_settime(0x0, &(0x7f0000003c80)={0x77359400}) timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x77359400}}, 0x0) 7.576875723s ago: executing program 2 (id=725): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}}], {0x14}}, 0x3c}}, 0x0) 7.522317996s ago: executing program 0 (id=727): r0 = socket(0x2c, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, 0x0, &(0x7f0000000080)='GPL\x00'}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x2000, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00') poll(0x0, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000000000300000d020000000d00000000000000090000000000000000000000000000000000000000000002020000000000a7f18e11faaefbd94c761d7806f01e6456146a1db7ee65682d8bf24215cb5858a2c3e80bc492437a3070e21800bd1f61e9f38797b1"], &(0x7f00000002c0)=""/235, 0x4a, 0xeb, 0x1}, 0x20) getsockopt$inet_pktinfo(r0, 0x0, 0x8, 0x0, 0x0) 7.270855827s ago: executing program 2 (id=729): bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x200000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x80000000}, 0x48) socket$inet(0x2, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[], 0x1c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008d}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7) sched_setaffinity(0x0, 0xffffffffffffffc2, &(0x7f0000000280)=0x666) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r2, 0x8982, &(0x7f0000000240)) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000380)={0x0, 0x5e, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5c010000210001000000000000001000fe8000000000000000000000000000aafc02000000000000000000000000002000000000000000000a00000000000000243140e6b4754ad872", @ANYRES16, @ANYRES32=0x0, @ANYBLOB="0000000000000000e8001100fc000000000000000000000000000001ff02000000000000000000000000000100000000000000000000ffffac14140efc020000000000000000000000000000000000000000000000000a00ac1e0001000000000000000000000000000000000000000000000000000000000a010101000000000000000000000000fc00000000000000000000000010000000000000000000000000020000000000000000000000000000000000fc010000000000000000000000000000ac1e0001000000000000000000000000ffffffff0000000000005a47b8da9be036653f5a4ece7bf36400000000000000000000000000000000020024000900050000800000000001c9756693c9e44e4e"], 0x15c}}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x0, 0xfff, 0x7}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000200)={'wg2\x00'}) sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r6, 0x89f1, &(0x7f0000000900)={'ip6tnl0\x00', @random='\f\x00\x00 \x00'}) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 6.000984981s ago: executing program 4 (id=732): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000c80)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@norecovery}, {@auto_da_alloc}, {@mblk_io_submit}, {@grpquota}, {@barrier_val}, {@grpjquota}, {}, {}, {@usrjquota}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3}) quotactl$Q_GETINFO(0x0, 0x0, 0x0, 0x0) quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000040), 0x0, &(0x7f0000000340)='./file2\x00') 5.447792116s ago: executing program 2 (id=733): socket$netlink(0x10, 0x3, 0x0) socket$packet(0x11, 0xa, 0x300) r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00') ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140)) r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x0, 0x0, 0x4, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1, 0x0, 0x0, 0x2, 0x3, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0xfffffffffffffff8, 0x0, 0x4], 0x0, 0x200}) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r5, 0x40084149, &(0x7f0000000080)) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) open(&(0x7f00000001c0)='./file0\x00', 0x1, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)=ANY=[@ANYBLOB='B'], 0x4c}}, 0x0) write$binfmt_misc(r6, &(0x7f0000001280)=ANY=[], 0x6) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) 5.128768212s ago: executing program 4 (id=736): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1a, 0x4, 0x3, 0x0, 0x2009}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0xffffffffffffffff, &(0x7f0000000080)=0x20) syz_open_dev$tty20(0xc, 0x4, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r5, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r6 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r6, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x10, 0x3, 0x0) 4.90164627s ago: executing program 2 (id=737): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00\x00\x00\x00\x00\x00\x00\x00', 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$unix(r1, &(0x7f0000003140)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000100)="79408307", 0x4}, {&(0x7f0000000180)="94eb34a1c54b0b33527b0df4", 0xc}, {&(0x7f00000001c0)="1e5f", 0x2}], 0x3, 0x0, 0x0, 0x20004010}}], 0x1, 0x0) 4.773010951s ago: executing program 4 (id=738): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x54}}, 0x0) 3.968805597s ago: executing program 1 (id=739): syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x200000000000011, 0x3, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="800202000a00020057"], 0x48}}, 0x0) 3.893584393s ago: executing program 4 (id=740): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000540)=@v1={0x0, @adiantum, 0x2, @desc3}) openat(0xffffffffffffff9c, &(0x7f0000000700)='mnt/encrypted_dir/file\x00', 0x8dff, 0x0) 3.892746712s ago: executing program 2 (id=749): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) prlimit64(0x0, 0xe, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2}) madvise(&(0x7f000056f000/0x2000)=nil, 0x2000, 0x1) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 3.753099054s ago: executing program 0 (id=741): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_COALESCE(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)=ANY=[@ANYBLOB=' \x00*\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fddbdf25650000000c009900da0000007b000000"], 0x20}, 0x1, 0x0, 0x0, 0x20000810}, 0x8040) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r3, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x2000) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0) mmap(&(0x7f00000cb000/0x1000)=nil, 0x1000, 0x6, 0x100010, r3, 0x841ea000) syz_emit_ethernet(0x233, &(0x7f000001aa80)=ANY=[], &(0x7f0000000540)={0x0, 0x3, [0x72f, 0xd40, 0xec3, 0x806]}) getgroups(0x5, &(0x7f00000000c0)=[0x0, 0xee00, 0xffffffffffffffff, 0x0, 0xee00]) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc) statx(r3, &(0x7f0000000180)='./cgroup/../file0\x00', 0x4000, 0x800, &(0x7f0000000740)) getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f00000018c0)={{{@in6=@private1, @in6=@mcast1}}, {{}, 0x0, @in=@remote}}, &(0x7f0000000840)=0xe4) write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x32, &(0x7f0000000980)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0) syz_emit_ethernet(0x86, &(0x7f00000000c0)={@link_local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @multicast1}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "306720a65ecadd8f8d4096edd3a616a0c3491e3bea200200", "8e6dbc6bc4b02931a149e80581e14a2c", {"a65651e8000000000000007f96141e51", "dac60bebefc50000000000000200"}}}}}}}, 0x0) 3.711832567s ago: executing program 1 (id=742): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000002c0)={0x2, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1}, 0xe) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x4a6a, 0x4) recvmmsg(r0, &(0x7f0000002580)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) shutdown(r0, 0x1) 3.436978019s ago: executing program 1 (id=743): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@errors_remount}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@noload}]}, 0x3, 0x573, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvbDb9rU2hFPUggR6s1G6axB8VhNajaLGg97ok01Cy6ZbspjSx0PZgL16kCCIWxD/Au8fiP+BfUdBCkRL04CUym9l2m81m03RrUufzgWnfm5nsm7dvvm+/s7PLBlBYo9k/pYhXI+KbJOJgx7Zy5BtHV/dbfnhtKluSWFn57M8kknxde/8k/39/XnklIn79KuJ4qbvdxuLSbLVWS+fz+lhz7vJYY3HpxMW56kw6k16amJw89c7kxPvvvTuwvr557u/vP7370amvjy5/9/P9Q7eTOBMH8m2d/XgGNzorozGaPyfDcWbNjuMDaGwnSbb7ANiSoTzOhyObAw7GUB71wP/f9YhYAQoqEf9QUO08oH1tP6Dr4BfGgw9XL4C6+19efW8k9rSujfYtJ09cGWXXuyMDaD9r45c/7tzOlujzPsT1AbQH0HbjZkScLJe7578kn/+27mTrzeONrW2jaK8/sJ3uZvnPW+vlP6VH+U+sk//sXyd2t6J//JfuD6CZnrL874N1899HU9fIUF57qZXzDScXLtbSkxHxckQci+HdWX2j+zmnlu+t9NrWmf9lS9Z+OxfMj+N+efeTfzNdbVafpc+dHtyMeO1x/ptE1/y/p5Xrrh3/7Pk4t8k2jqR3Xu9amfep3Lf/nQafAa/8FPHGuuP/+I5WsvH9ybHW+TDWPiu6/XXryG+92u8//s9XNv77Nu7/SNJ5v7bx9G38uOeftNe2rZ7/u5LPW+Vd+bqr1WZzfjxiV/JJ9/qJx3/brrf3z/p/7OjG89965//eiPhik/2/dfhWz113wvhPP9X4P33h3sdf/tCr/c2N/9ut0rF8zWbmv80e4LM8dwAAAAAAALDTlCLiQCSlyqNyqVSprH6+43DsK9XqjebxC/WFS9PR+q7sSAyX2ne6D3Z8HmI8/zxsuz6xpj4ZEYci4tuhva16Zapem97uzgMAAAAAAAAAAAAAAAAAAMAOsb/H9/8zvw9t99EBz52f/Ibi6hv/g/ilJ2BH8voPxSX+objEPxSX+IfiEv9QXOIfikv8Q3GJfwAAAAAAAAAAAAAAAAAAAAAAAAAAABioc2fPZsvK8sNrU1l9+sriwmz9yonptDFbmVuYqkzV5y9XZur1mVpamarP9Xu8Wr1+eXwiFq6ONdNGc6yxuHR+rr5wqXn+4lx1Jj2fDv8nvQIAAAAAAAAAAAAAAAAAAIAXS2NxabZaq6XzCj0Lp2NHHMaWC0m/UT6dnwx9H3Ao37FzU3n7O6jwHArbOCkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBr/BgAA//+nEzBG") setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) 3.037326293s ago: executing program 0 (id=744): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) futex(0x0, 0x5, 0x100000, 0x0, &(0x7f0000000000), 0x0) r1 = creat(&(0x7f0000000080)='./file0\x00', 0x1de) write$binfmt_script(r1, &(0x7f00000019c0)={'#! ', './file0'}, 0xb) close(r1) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100), &(0x7f00000001c0)) socket$nl_generic(0x10, 0x3, 0x10) bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00'}) 2.936898751s ago: executing program 1 (id=745): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x20, 0x3b, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x805'}]}]}, 0x20}}, 0x0) 2.741106746s ago: executing program 4 (id=746): socket$netlink(0x10, 0x3, 0x0) socket$packet(0x11, 0xa, 0x300) r0 = socket$igmp6(0xa, 0x3, 0x2) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/ip6_flowlabel\x00') ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000140)) r4 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]}) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000280)={0x0, 0x0, 0x4, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x1, 0x0, 0x0, 0x2, 0x3, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0xfffffffffffffff8, 0x0, 0x4], 0x0, 0x200}) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000200)={0xbe, 0x0, 0x1}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r4, 0xae80, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r5, 0x40084149, &(0x7f0000000080)) openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) open(&(0x7f00000001c0)='./file0\x00', 0x1, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001280)=ANY=[@ANYBLOB='B'], 0x4c}}, 0x0) write$binfmt_misc(r6, &(0x7f0000001280)=ANY=[], 0x6) syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) 1.861191718s ago: executing program 0 (id=747): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1a, 0x4, 0x3, 0x0, 0x2009}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x0) r3 = socket$xdp(0x2c, 0x3, 0x0) getsockopt$XDP_STATISTICS(r3, 0x11b, 0x7, 0xffffffffffffffff, &(0x7f0000000080)=0x20) syz_open_dev$tty20(0xc, 0x4, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r5 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4) bind$inet6(r5, &(0x7f0000000040)={0xa, 0xe22}, 0x1c) r6 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r6, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e220e227f000001925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee000000deff0000000200000000", 0x58}], 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x10, 0x3, 0x0) 1.830958091s ago: executing program 1 (id=748): memfd_create(&(0x7f00000004c0)='\xf3e\t\x05\x00\vty\x01sen\x01C\x1f\xc6\xcf\x12\xd3A\xbbZ%\xb2\xc8<\xf8\xff\xff\xff\xe2\x8e\x9a:\x1c\xec\x87\x87\xcf\x83\xcf\x14\xb0\xfcK\xb9\x1a\xa9\xec{\xb7bn`\xbb\x0e_\bm\x1f\xb1x\x05;,\xf1h\x8cwR-\x81^T\xa8\x90\x17\x03B\x99\x85\x93scH\xe4\xfb\xda\xe7\xaa\x93ZY\xe4\xa0\x040\x8cw#\xfd\x12\xddi \xf62\xee\xe5\x92u\xd8\x06H\xbb*xN\x8c\xe1a\xe8\xcf\x99\x8f\xbe\xbe\aaC\xb0\x9d\x19*3_\xc4\xf9\xecEunE\xfa\xe82\x9f\x8d\xd4\x1d\xfeD\xba*\xef\xdb\xa4U\xfd4v\x8ei\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa7L\xbf\x9c\xe6\x89\xe1Vij\xd1yy\xefg\x8cn\xb2N\xc8Sc\x9cbF[\xecM\x15Z\xbe\xdf\x00+\x89\xcc/.\x95\x11\x97\xade\x9eZvM\x1c\xd0\xc2\x89j\x1e\xe1\xee\xf7J\x17.\xfdl\x99\x82\xf1\x05\xd9C\x1b\xceK\r\xcc', 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffffff, 0x0, 0x88) r3 = socket$inet6(0xa, 0x2, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0) setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmmsg$unix(r4, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) r5 = socket$vsock_stream(0x28, 0x1, 0x0) getsockopt(r5, 0x28, 0x0, 0x0, &(0x7f0000000000)) 1.480906829s ago: executing program 0 (id=750): r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102384, 0x18ff0}], 0x1, 0x0, 0x20000) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xeee6, 0x6, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) mlockall(0x6) fcntl$dupfd(r0, 0x0, r0) 630.179808ms ago: executing program 1 (id=751): r0 = syz_usb_connect(0x4, 0x210, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3d173085e040f04cee8010203010902fe0101000000020904b5000ee84ffc0009050e03100006e109072501010604000725018015070009050500400005ff0509050900000207dee107250180970900090507100002020ca3072501"], 0x0) syz_usb_ep_write(r0, 0x80, 0x6a, &(0x7f0000000080)="8add3f25616788dae85d88bd9a16909077d3ecba9c36261928617119fadc0e13cb9b997061b3572a4cd55f3165e4032bccdc61641c1b4d092dd4c9922eb59003b09076775bfe8ec848b93a5b9ac87dbc3d9df1c2fd81b69d45e533794ad4427a6f2c2ba0c75983cfa272") syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100000000e1ffd018009400000000000109022400010000000009040000000300000009210000000122000009051d03"], 0x0) syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b14201040000010902380001000000000904000003"], 0x0) 209.276633ms ago: executing program 2 (id=752): socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f0000000d40)="$eJzs3b9rO2UYAPDn0vQSdEgEJxE80MHpS9vVJUVaEDspGdRBi21BmiC0UPAHnp1cXRxdXQTBzX/Cxf9AcBXcLFg4ueSuSTSNSTWt+v18hvbte8/z3vNe39J2yJN3nh2eHmVxcvnxj9FuJ9HoRS+ukuhGI2qfxoze5wEA/JddFUX8UoytkpdERHt9ZQEAa7Ty7/9v114SALBmr7/x5qu7Bwd7r2VZO/aHn130y//sy8/j67sn8V4M4ji2ohPXEUVe3Py1UH7cL4oib2albrwwzC/6Zebw7e+r9Xd/jhjlb0cnuqOp2fxXDva2s7Gp/Lys44nq/r0yfyc68fRN8kz+zpz86Kfx4vNT9T+KTvzwbrwfgzgaFTHOj0bEJ9tZ9nLxxa8fvVWWV+Yn+UW/NYqbKDbu+VsDAAAAAAAAAAAAAAAAAAAAAMD/2KOqd04rRv17yqmq/87GdfnFZmS17mx/nnF+Ui9U9weq5EV8Wffn2cqyrKgCJ/nNeKYZzYfZNQAAAAAAAAAAAAAAAAAAAPy7nH/w4enhYHB89o8M6m4A9cv677pOb2rmuVgc3JrcqxGRlsMFK8dGFV7WurCMchNL1/xb1fbgbo/uqdtq/vqbpdf5qt7XXwZvLhHzNwf16To9TOY/w1bUM+36kHw3HZPGkvdKb7tUrHT80rmXOivvPX1yNMgXxESyqLCXfho/uWom+eMu0tFTnZu+WQ2m0mdj2suf5/In5U8S3ToAAAAAAAAAAAAAAAAAAGCtJi/6nXPxcmFqo2itrSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuFeT9/9fYZBXyUsEp3F2/sBbBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DHwewAAAP//M+pilA==") syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2810000, &(0x7f0000000580), 0x1, 0x574, &(0x7f0000001600)="$eJzs3U1rG0cfAPD/ynLenycOhNCWUgw5NCWNHNt9SaGH9Fja0EB7T4WtGGM5CpYcYjeQ5NBceimhUEoDpff23mPoF+inCLSBUIJpD72orLxylFiyJUexXev3g01mNGv9dzQ7s7MaCQUwsEbTf3IRL0fE10nE0ZayfGSFo6v7rTy+MZVuSdTrn/6ZRJI91tw/yf4/nGVeiohfv4w4nVsft7q0PFcsl0sLWX6sNn91rLq0fGZ2vjhTmildmZicPPf25MR7777Tt7q+cfHv7z65/+G5r06ufPvzw2N3kzgfR7Ky1nq0SHoMcas1Mxqj2RMMx/lndhzv8Yl3u15fKHaHoayfD0c6BhyNoazXA3vfzYioAwMq6b3/5w0ZsBc05wHNe/sO98F71qMPVm+A1tc/v/reSBxo3BsdWkmeujNK73dH+hA/jfHLH/fuplt0fh8ing59qw+RgUF363ZEnM3n149/STb+bd3ZLvZ5NsagXX9gJ91P5z9vtpv/5NbmP9Fm/nO4Td/dis37f+5hH8J0lM7/3m87/11btBoZynL/a8z5hpPLs+VSOrb9PyJOxfD+y7Pl/EbrOedWHtQ7lbXO/9Itjd+cC2bH8TC//+m/mS7Wis9T51aPbke80nb+m6y1f9Km/dPX42KXMU6U7r3WqWyD+u97rop1qf5jxOtt2//Jilay8frkWON8GGueFev9defEb53ib97+L1ba/oc2rv9I0rpeW+09xg8H/ilF/Wbbsq2e//uSzxrp5klyvVirLYxH7Es+Xv/4xJO/beab+6f1P3Vy4/Gv3fl/MCI+77L+d47/9Gqnsjb1z213+0/31P69Jx589MX3neJ31/5vNVKnske6Gf+6PcDnee0AAAAAAABgt8lFxJFIcoW1dC5XKKx+vuN4HMqVK9Xa6cuVxSvT0fiu7EgM55or3UdbPg8xnn0etpmfeCY/GRHHIuKboYONfGGqUp7e6coDAAAAAAAAAAAAAAAAAADALnG4w/f/U78P7fTRAS+cn/yGwbVp/+/HLz0Bu5LrPwyuLvr/ge04DmD7uf7D4NL/YXDp/zC4sv5vuR8GkOs/DC79HwAAAAAAAAAAAAAAAAAAAAAAAAAAAPrq4oUL6VZfeXxjKs1PX1tanKtcOzNdqs4V5henClOVhauFmUplplwqTFXmN3u+cqVydXwiFq+P1UrV2lh1afnSfGXxSu3S7HxxpnSpNLwttQIAAAAAAAAAAAAAAAAAAID/lurS8lyxXC4tSEhsKZHfHYch0efETo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDEvwEAAP//fi437g==") open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) open(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b70300000000002085000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000440)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x2800, &(0x7f0000000840)=ANY=[@ANYRES8=r0, @ANYRES16, @ANYRES64], 0x1, 0x36e, &(0x7f0000000c00)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=") r4 = creat(&(0x7f0000000540)='./bus\x00', 0x154) r5 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) fallocate(r4, 0x0, 0x0, 0x1000f4) io_setup(0x7, &(0x7f00000000c0)=0x0) io_submit(r6, 0x2, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r5, &(0x7f0000000000)="96", 0xfe00}, &(0x7f0000000040)={0x0, 0x0, 0x41, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) setresuid(0xee01, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x14, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}}, @NFT_MSG_NEWSETELEM={0x30, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10}}, 0x8c}}, 0x0) 0s ago: executing program 4 (id=753): r0 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10, 0x3f6, 0x0, 0x70bd25}, 0x10}}, 0x8000) r1 = socket$inet6(0xa, 0x80000, 0x1) syz_emit_ethernet(0x46, &(0x7f00000003c0)=ANY=[@ANYRESDEC=r1], 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x298) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r2, 0x4b3b, &(0x7f0000000040)={0x0, 0x1, 0xe, 0x1f, 0x0, 0x0}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000200)={'wlan0\x00'}) sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x20000880}, 0x2000001) syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[], 0x3, 0x7a6, &(0x7f0000001340)="$eJzs3U9sHGcVAPA3Jk5SV4qqgkoUpekkKVIiUnd3nbpYPZTteuxMu961dtcoEUJt1DiVFaetWlXQHCi5tIBAiBPH0mvVCzcQEkgcgBMSPXDhgFSpJ1QQCARCSEEzu47/2/ljJ235/azuNzv75pv3zW7n7Wx2ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiKQxWalUk2jmrbmz6eYak532zBaPL/X3y1XNFuuNSIr/Yv/+ONifdfBzyw8/UNwci8P9e4djf9Hsjyv3PnDfE5/dM7S0/BYJ3aqjNxiXRHyrSOrS+cXF+Vd2IZE76Ls/v+lF/n2tuJ3OWnm3nc/Up7M077bTifHxyqNnprrpVN7Muue6vWwmbXSyeq/d2Tt4ZsfSbPRce641PVlvZumJxsm0OjHx+CO1SmU8fXp0Nqt3uu3Wo0+Pdhtn8mYzb02XMbXK16OIebx4IT6T99JeVp9J04sLi/Nj26VaBFVXzdm36oVz+OH7Pnztg78vzBcvyM06SQbp16rVWq06/tjEY49XKntqldrqGZU14npEDEUUEbvyouUTZGd23LADhgb1P5qRRyvm4mykkcZQebv8NxyNmIxOtGOmuP+H4TWPr6v/X3j0L7/bar0r6/9SlT+4/PChKOv/kf69I5vV/3VZ3P7f6QOb9dp6r5/NynmvxutxJS7F+ViMxZiPV3Yhox39G9rZ/qYji1bk0Y125DET9XJOOpiTxkSMx3hU4tk4E1PRjTSmIo9mZNGNc9GNXmTlK6oRnciiHr1oRyfSOBGNOBlpVGMiJmIs0shiNM5FO+aiFdMxGfWyl4uxUG73sTV5PfDN5372wu8/fLuYvh5U3WIgSfFmrgj62xZB68r9TdT/pQj1/9Nm/2CfdaPxO7n7httyraz/e+52GgAAAMAuSspP35OIGI4Hy6mpvJl99W6nBQAAAOyg8nvNh4tmuJh6MJLi+L+yQeT7dzw3AAAAYGck5Tl2SUSMxEP9qaXTpTb6EAAAAAD4BCr//f9I0YxEvFHOcPwPAAAAnzLf3uwa+x/sHVxjtzu7L/nFX6PTGU6uzp59OLlcL+Lqlz/TX27QfOV6j72pQ8mBQSdlM77nyr1JROxpZIeTpatf/ndfv/2ovD20fAHCza71n2yTQGydQHkvvhdH+zFHL/TbC0uP9NcyMpU3s9FGu/lENRl8ONJ77cWFb0Q5/O+0Zg4kcXFhcX70+ZcWL5S5XC16uXp5cHn45CZyuTbYAvHgxiMeLk/EGKx3pL/eysrxD/UXH9p6ncnKdb4Zx/oxx0b67cjq8e8v1lkdfaIa9fqBoV52tvfatRWjH2RRvc2RvxnH+zHHTxzvNxtkUVuVxYvrs6itzGLttvjH0G1l8fbRN87+89ftJBvbLouxrbK4gW0BcLf0r/qzXIXuKavQf671FfV/Td29Z2nJm9nLXVx+l7G0/Ipatyd2prq/GSf6MSf67yf2HNqgrlQ22KO/vPDybwZ79NPv/ujHXzvy25/cenV7N072YwZN3P+rTWpsMebvr6mq7xRLvLPpervNWhLD/d8+KFx5ZOHy+RfmX5h/sVYbG6+crlQeq8Vw+VZh0Kg9AGxg+9/Y2TYiOb3NUfX9179SMBrPx0uxGBfiVHm2QUQ8tHGvIyu+hnBqm6PWkRW/8HJqm2PL5dja2th9x5PYJHZsxRb7/A/L5l+795wAwG47tk0dvpH6f2qb4+7Vtfxk/4dzl46OY/NavpEv7fYGAYD/A1nno2Sk91bS6eSzz1YnJqr13pks7bQbz6SdfHI6S/NWL+s0ztRb01k622n32o2lD44ns27anZudbXd66VS7k862u/nZ8pff08FPv3ezmXqrlze6s82s3s3SRrvVqzd66WTebaSzc0818+6ZrFMu3J3NGvlU3qj38nYr7bbnOo1sNE27WbYiMJ/MWr18Ki8mW+lsJ5+pd65GRHNuJksns26jk8/22v0Ol9aVt6banZmy29H1w//znd7eAPBx8OrrVy6dX1ycf+XWJv54I8F3e4wAwGqqNAAAAAAAAAAAAAAAfPytP12vmHtTJwIOxy2fPvjqvridsw8/NRNLz8aVL743mNiBnm+nn3tWPad7B+nd/Q110xPPPfnkpc1innrj4Jk/ZRHb97Px/ykbner61oGIvT/9QX/Ol+/USN+PGxnFuolryRYxd2NvBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb+18AAAD//zDnU/I=") ioctl$TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000400)=""/189) r4 = open(&(0x7f00000001c0)='./file1\x00', 0x22a801, 0x0) getdents(r4, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8d}, 0x0) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) futex(&(0x7f0000001300)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='l%\x86\xce6\xdb\f\xcf\x19|\xc9O\x7f\xce\x8f\x7f\x1c\xeay\x06\x00\x00\x00\a0\r\x13\xaa\x84r\xd7^\xe82\x0f\x1a\xf1\x02\x00\x1e&{\xee2\x95I\xca\xbevl\x12\xb6 \xd4') prctl$PR_SET_SECCOMP(0x10, 0x0, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) signalfd(0xffffffffffffffff, 0x0, 0x0) connect$unix(r4, &(0x7f0000000140)=@file={0x1, './file1\x00'}, 0xc5) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) kernel console output (not intermixed with test programs): : hsr_slave_1: link becomes ready [ 73.635719][ T3639] device veth0_vlan entered promiscuous mode [ 73.668083][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 73.678556][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 73.698590][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 73.707299][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 73.729729][ T3639] device veth1_vlan entered promiscuous mode [ 73.833748][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 73.852126][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 73.887502][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 73.899849][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 73.911428][ T3639] device veth0_macvtap entered promiscuous mode [ 73.922540][ T3639] device veth1_macvtap entered promiscuous mode [ 73.972918][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 73.981996][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 74.003140][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.019783][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.033267][ T3638] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.057928][ T3639] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.082251][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 74.092673][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 74.147427][ T3652] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.157106][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.165655][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.175828][ T3639] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.197637][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 74.206600][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 74.215668][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 74.225491][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.253273][ T3639] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.263033][ T3639] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.272332][ T3639] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.284043][ T3639] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.297754][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.306449][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.314418][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 74.322084][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 74.343362][ T3647] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.368019][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 74.378348][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.405705][ T3645] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 74.431951][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 74.441201][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.452789][ T3652] device veth0_vlan entered promiscuous mode [ 74.471961][ T3638] device veth0_vlan entered promiscuous mode [ 74.490982][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.500574][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.508656][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 74.518573][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 74.530684][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 74.538601][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 74.563237][ T3652] device veth1_vlan entered promiscuous mode [ 74.589523][ T3638] device veth1_vlan entered promiscuous mode [ 74.642801][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 74.654517][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 74.664563][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 74.674525][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 74.747916][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 74.756982][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.771818][ T3652] device veth0_macvtap entered promiscuous mode [ 74.784688][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.811091][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.817582][ T3638] device veth0_macvtap entered promiscuous mode [ 74.850980][ T3652] device veth1_macvtap entered promiscuous mode [ 74.876245][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 74.889796][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 74.898051][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 74.907432][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 74.916882][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 74.929193][ T3642] Bluetooth: hci2: command tx timeout [ 74.934650][ T3642] Bluetooth: hci4: command tx timeout [ 74.942581][ T3638] device veth1_macvtap entered promiscuous mode [ 74.949275][ T3651] Bluetooth: hci3: command tx timeout [ 74.954834][ T3651] Bluetooth: hci1: command tx timeout [ 74.955856][ T3642] Bluetooth: hci0: command tx timeout [ 74.973759][ T3701] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.978615][ T3652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.982117][ T3701] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.002306][ T3652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.015165][ T3652] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.024611][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 75.033036][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 75.041482][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.050336][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.060247][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 75.068164][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.076968][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.086483][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 75.095022][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 75.116876][ T3652] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.128281][ T3652] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.143213][ T3652] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.151641][ T3645] device veth0_vlan entered promiscuous mode [ 75.179369][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 75.193959][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 75.207764][ T3652] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.225577][ T3652] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.235017][ T3652] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.244440][ T3652] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.292095][ T3645] device veth1_vlan entered promiscuous mode [ 75.333230][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.345367][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.355893][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.368482][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.380966][ T3638] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.388435][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 75.397878][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 75.407046][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 75.416887][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 75.432491][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 75.552057][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.570831][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.621085][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 75.630133][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 75.638424][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 75.648040][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 76.359190][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 76.381339][ T3647] device veth0_vlan entered promiscuous mode [ 76.389903][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.411490][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.428268][ T3638] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 76.445068][ T3638] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 76.466731][ T3638] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.539000][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 76.547939][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 76.597519][ T3638] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.609367][ T3638] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.618127][ T3638] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.629269][ T3638] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.658847][ T3647] device veth1_vlan entered promiscuous mode [ 76.750561][ T53] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.758287][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 76.767178][ T53] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.769739][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 76.786233][ T3645] device veth0_macvtap entered promiscuous mode [ 76.809201][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 76.817939][ T3689] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 76.830215][ T3645] device veth1_macvtap entered promiscuous mode [ 76.975456][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 76.994239][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 77.006728][ T3731] fuse: Bad value for 'user_id' [ 77.009509][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 77.019887][ T3642] Bluetooth: hci1: command tx timeout [ 77.019908][ T3651] Bluetooth: hci4: command tx timeout [ 77.025290][ T3642] Bluetooth: hci3: command tx timeout [ 77.031383][ T3651] Bluetooth: hci0: command tx timeout [ 77.036244][ T3655] Bluetooth: hci2: command tx timeout [ 77.058012][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.071472][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.083862][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.094745][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.106806][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.119229][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.133245][ T3645] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.143609][ T3647] device veth0_macvtap entered promiscuous mode [ 77.157357][ T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.161004][ T3647] device veth1_macvtap entered promiscuous mode [ 77.183354][ T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.197787][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 77.206441][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 77.217890][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.227102][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.236248][ T3695] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 77.253553][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.270200][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.281542][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.293546][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.307662][ T3645] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.322881][ T3645] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.337646][ T3645] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.366504][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.377873][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.402342][ T3645] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.415639][ T3645] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.436169][ T3645] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.459027][ T3645] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.480971][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.497697][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.516105][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.528373][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.547266][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.561722][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.594135][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 77.608570][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.623262][ T3736] netlink: 40 bytes leftover after parsing attributes in process `syz.2.9'. [ 77.628293][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.636483][ T3736] netlink: 284 bytes leftover after parsing attributes in process `syz.2.9'. [ 77.646066][ T3701] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.682115][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 77.697454][ T3701] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.712785][ T3686] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 77.736580][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.761651][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.773243][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.792115][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.806592][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.829036][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.839143][ T3647] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 77.849735][ T3647] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 77.862449][ T3647] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.876880][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 77.887592][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 77.929822][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 77.958121][ T3647] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.973900][ T3647] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.984756][ T3647] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.993827][ T3647] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 78.295374][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 78.304003][ T0] NOHZ tick-stop error: local softirq work is pending, handler #0a!!! [ 78.333242][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 78.346337][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.360329][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 78.368844][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 78.380468][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 78.388871][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 78.398827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 78.405090][ T3751] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 78.426732][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 78.615938][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.664320][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.702071][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 78.711439][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.822618][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.895581][ T3687] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.439502][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.458686][ T3763] loop3: detected capacity change from 0 to 512 [ 79.500916][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.502646][ T3764] netlink: 'syz.0.12': attribute type 1 has an invalid length. [ 79.528275][ T3763] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 79.542147][ T3761] loop1: detected capacity change from 0 to 4096 [ 79.552835][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 79.565429][ T3761] ======================================================= [ 79.565429][ T3761] WARNING: The mand mount option has been deprecated and [ 79.565429][ T3761] and is ignored by this kernel. Remove the mand [ 79.565429][ T3761] option from the mount to silence this warning. [ 79.565429][ T3761] ======================================================= [ 79.615121][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 79.665791][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 79.709282][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 79.813181][ T3763] EXT4-fs (loop3): 1 orphan inode deleted [ 79.848980][ T3763] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 79.862988][ T3703] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 79.896384][ T3703] EXT4-fs error (device loop3): ext4_release_dquot:6800: comm kworker/u4:6: Failed to release dquot type 1 [ 79.934852][ T3763] ext4 filesystem being mounted at /0/file1 supports timestamps until 2038 (0x7fffffff) [ 80.669949][ T3687] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 81.539187][ T3687] usb 3-1: device descriptor read/64, error -71 [ 81.651502][ T1163] cfg80211: failed to load regulatory.db [ 81.659112][ T22] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 81.750133][ T3786] netlink: 12 bytes leftover after parsing attributes in process `syz.4.17'. [ 81.794918][ T3645] EXT4-fs (loop3): unmounting filesystem. [ 81.820635][ T3687] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 81.841611][ T3786] device wg2 entered promiscuous mode [ 82.045198][ T3687] usb 3-1: device descriptor read/64, error -71 [ 82.059370][ T22] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 82.079560][ T22] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 82.189067][ T3687] usb usb3-port1: attempt power cycle [ 82.199449][ T22] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 82.208565][ T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 82.250752][ T22] usb 1-1: SerialNumber: syz [ 82.309888][ T3783] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 82.546333][ T3781] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22 [ 82.591725][ T3690] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 82.629165][ T3687] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 82.749203][ T3687] usb 3-1: device descriptor read/8, error -71 [ 82.878915][ T3690] usb 4-1: Using ep0 maxpacket: 32 [ 83.010091][ T3690] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 83.010157][ T3690] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.012021][ T3690] usb 4-1: config 0 descriptor?? [ 83.051862][ T3690] gspca_main: sunplus-2.14.0 probing 041e:400b [ 83.053512][ T22] cdc_ether 1-1:1.0 wwan0: register 'cdc_ether' at usb-dummy_hcd.0-1, Mobile Broadband Network Device, 42:42:42:42:42:42 [ 83.103693][ T3801] loop2: detected capacity change from 0 to 128 [ 83.224855][ T26] audit: type=1800 audit(1723231721.741:2): pid=3801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.21" name="bus" dev="loop2" ino=1048595 res=0 errno=0 [ 83.380329][ T7] usb 1-1: USB disconnect, device number 2 [ 83.381739][ T7] cdc_ether 1-1:1.0 wwan0: unregister 'cdc_ether' usb-dummy_hcd.0-1, Mobile Broadband Network Device [ 84.020171][ T3690] gspca_sunplus: reg_r err -110 [ 84.020564][ T3690] sunplus: probe of 4-1:0.0 failed with error -110 [ 84.039430][ T3687] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 84.150424][ T3687] usb 3-1: Using ep0 maxpacket: 16 [ 84.279235][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 84.279272][ T3687] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 84.279296][ T3687] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 84.279336][ T3687] usb 3-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00 [ 84.279361][ T3687] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 84.282302][ T3687] usb 3-1: config 0 descriptor?? [ 84.822018][ T3687] ryos 0003:1E7D:31CE.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.2-1/input0 [ 85.086240][ T22] usb 4-1: USB disconnect, device number 2 [ 86.190547][ T3684] usb 3-1: USB disconnect, device number 5 [ 87.123373][ T3841] loop1: detected capacity change from 0 to 256 [ 87.300686][ T3841] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010498, chksum : 0xdd406529, utbl_chksum : 0xe619d30d) [ 87.511398][ T3845] netlink: 8 bytes leftover after parsing attributes in process `syz.3.28'. [ 87.595851][ T3845] netlink: 32 bytes leftover after parsing attributes in process `syz.3.28'. [ 87.954077][ T3857] loop1: detected capacity change from 0 to 1024 [ 89.115735][ T3867] loop2: detected capacity change from 0 to 1024 [ 89.179890][ T3867] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 89.384785][ T3867] loop2: detected capacity change from 1024 to 1023 [ 89.441582][ T3881] EXT4-fs error (device loop2): ext4_xattr_ibody_get:603: inode #15: comm syz.2.33: corrupted in-inode xattr [ 89.737258][ T3652] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /8/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=33619980, rec_len=46, size=1024 fake=0 [ 89.966268][ T3892] input: syz0 as /devices/virtual/input/input5 [ 90.781554][ T3652] EXT4-fs (loop2): unmounting filesystem. [ 90.895905][ T3905] loop3: detected capacity change from 0 to 256 [ 91.436064][ T22] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 91.999342][ T22] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 92.056447][ T22] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 92.094643][ T22] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 92.249338][ T22] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 92.269065][ T22] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 92.277131][ T22] usb 1-1: Manufacturer: syz [ 92.315514][ T22] usb 1-1: config 0 descriptor?? [ 92.391729][ T22] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 92.594194][ T3684] usb 1-1: USB disconnect, device number 3 [ 92.869069][ T22] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 92.888985][ T1163] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 92.920402][ T3655] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 92.935932][ T3655] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 92.945934][ T3655] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 92.954946][ T3655] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 92.962949][ T3655] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 92.970815][ T3655] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 93.139188][ T22] usb 5-1: Using ep0 maxpacket: 16 [ 93.259082][ T1163] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 93.279682][ T1163] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 93.284807][ T22] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 93.334535][ T22] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 93.361701][ T22] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 93.379108][ T1163] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 93.409070][ T22] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 93.410982][ T1163] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 93.419546][ T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 93.447236][ T1163] usb 4-1: SerialNumber: syz [ 93.486132][ T22] usb 5-1: config 0 descriptor?? [ 93.584172][ T3937] chnl_net:caif_netlink_parms(): no params data found [ 93.599048][ T3659] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 93.730398][ T3937] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.737707][ T3937] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.753677][ T1163] usb 4-1: 0:2 : does not exist [ 93.760988][ T3937] device bridge_slave_0 entered promiscuous mode [ 93.769400][ T1163] usb 4-1: unit 5 not found! [ 93.775001][ T3937] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.795991][ T3937] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.812775][ T3937] device bridge_slave_1 entered promiscuous mode [ 93.849639][ T1163] usb 4-1: USB disconnect, device number 3 [ 93.914517][ T3957] netlink: 104 bytes leftover after parsing attributes in process `syz.0.58'. [ 93.939913][ T3937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.955865][ T3937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.969284][ T3659] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 93.988680][ T3659] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.020163][ T3659] usb 2-1: config 0 descriptor?? [ 94.064871][ T3937] team0: Port device team_slave_0 added [ 94.081013][ T3937] team0: Port device team_slave_1 added [ 94.102716][ T3630] udevd[3630]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 94.163737][ T3937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.189313][ T3937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.219938][ T3930] netlink: 32 bytes leftover after parsing attributes in process `syz.4.51'. [ 94.276502][ T3937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.306937][ T3937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.323720][ T3937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.363049][ T3937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.371923][ T3963] loop3: detected capacity change from 0 to 256 [ 94.491105][ T3937] device hsr_slave_0 entered promiscuous mode [ 94.651654][ T3937] device hsr_slave_1 entered promiscuous mode [ 94.680941][ T3937] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.704082][ T3937] Cannot create hsr debugfs directory [ 95.009870][ T3655] Bluetooth: hci4: command tx timeout [ 95.699161][ T22] usbhid 5-1:0.0: can't add hid device: -71 [ 95.705237][ T22] usbhid: probe of 5-1:0.0 failed with error -71 [ 95.748347][ T22] usb 5-1: USB disconnect, device number 2 [ 95.841555][ T3978] netlink: 16 bytes leftover after parsing attributes in process `syz.4.64'. [ 95.897304][ T3937] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.959345][ T3659] pegasus 2-1:0.0: setup Pegasus II specific registers [ 96.093287][ T3937] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.181317][ T3937] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.269196][ T3659] pegasus 2-1:0.0: can't locate MII phy, using default [ 96.300569][ T3937] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.326342][ T3995] loop0: detected capacity change from 0 to 7 [ 96.347870][ T3659] pegasus 2-1:0.0: eth1, ELECOM USB Ethernet LD-USB20, c6:30:41:06:ca:86 [ 96.353080][ T3995] Dev loop0: unable to read RDB block 7 [ 96.364162][ T3995] loop0: unable to read partition table [ 96.383997][ T3995] loop0: partition table beyond EOD, truncated [ 96.397843][ T3659] usb 2-1: USB disconnect, device number 2 [ 96.425695][ T3995] loop_reread_partitions: partition scan of loop0 (þ被xüŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨â·û [ 96.425695][ T3995] ) failed (rc=-5) [ 96.691987][ T4006] loop4: detected capacity change from 0 to 256 [ 96.915225][ C0] eth0: bad gso: type: 1, size: 1408 [ 96.995821][ T3937] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.189935][ T3655] Bluetooth: hci4: command tx timeout [ 97.801058][ T3937] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.829786][ T3937] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.933593][ T3937] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.157276][ C0] eth0: bad gso: type: 1, size: 1408 [ 98.264571][ T4028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.82'. [ 98.298690][ T4028] netlink: 32 bytes leftover after parsing attributes in process `syz.1.82'. [ 98.321127][ T4031] loop3: detected capacity change from 0 to 1024 [ 98.459021][ T3630] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 99.258978][ T3651] Bluetooth: hci4: command tx timeout [ 99.508643][ T4039] loop3: detected capacity change from 0 to 1024 [ 99.566087][ T32] device hsr_slave_0 left promiscuous mode [ 99.716883][ T4044] loop4: detected capacity change from 0 to 2048 [ 99.725655][ T32] device hsr_slave_1 left promiscuous mode [ 99.738443][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.740491][ T4044] EXT4-fs: Ignoring removed mblk_io_submit option [ 99.773553][ T32] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.789966][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.817645][ T32] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 99.855344][ T4044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 99.887715][ T32] device bridge_slave_1 left promiscuous mode [ 99.902612][ T32] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.941968][ T4044] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.86: bg 0: block 234: padding at end of block bitmap is not set [ 99.963525][ T32] device bridge_slave_0 left promiscuous mode [ 99.972312][ T4039] input: syz0 as /devices/virtual/input/input6 [ 99.979618][ T32] bridge0: port 1(bridge_slave_0) entered disabled state [ 100.006575][ T4044] EXT4-fs (loop4): Remounting filesystem read-only [ 100.080055][ T4031] fuse: Bad value for 'user_id' [ 100.113671][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 100.139418][ T32] device veth1_macvtap left promiscuous mode [ 100.146758][ T32] device veth0_macvtap left promiscuous mode [ 100.153507][ T3690] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 100.176753][ T32] device veth1_vlan left promiscuous mode [ 100.229833][ T32] device veth0_vlan left promiscuous mode [ 100.297236][ T4058] loop4: detected capacity change from 0 to 256 [ 100.529222][ T3690] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 100.606884][ T3690] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 101.139025][ T3690] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 101.259339][ T3690] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 101.289816][ T3690] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 101.308882][ T3690] usb 1-1: Manufacturer: syz [ 101.338994][ T3651] Bluetooth: hci4: command tx timeout [ 101.363368][ T3690] usb 1-1: config 0 descriptor?? [ 101.402966][ T3690] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 101.607114][ T3690] usb 1-1: USB disconnect, device number 4 [ 101.836295][ T32] team0 (unregistering): Port device team_slave_1 removed [ 101.876649][ T32] team0 (unregistering): Port device team_slave_0 removed [ 101.907984][ T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.940576][ T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.222150][ T4069] loop0: detected capacity change from 0 to 512 [ 102.267280][ T4069] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.95: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0) [ 102.301218][ T4069] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.95: couldn't read orphan inode 15 (err -117) [ 102.321727][ T4069] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 102.330628][ T4069] ext4 filesystem being mounted at /25/file2 supports timestamps until 2038 (0x7fffffff) [ 102.455835][ T32] bond0 (unregistering): Released all slaves [ 102.604327][ T4073] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.95: Directory hole found for htree leaf block 0 [ 102.645208][ T4066] netlink: 8 bytes leftover after parsing attributes in process `syz.4.94'. [ 102.655672][ T4067] netlink: 32 bytes leftover after parsing attributes in process `syz.4.94'. [ 102.672360][ T3937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 102.793484][ T3937] 8021q: adding VLAN 0 to HW filter on device team0 [ 102.834428][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 102.848238][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 102.880706][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 102.891018][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 102.901558][ T3659] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.909418][ T3659] bridge0: port 1(bridge_slave_0) entered forwarding state [ 102.933831][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 102.948404][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 102.965958][ T3659] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.973231][ T3659] bridge0: port 2(bridge_slave_1) entered forwarding state [ 103.027023][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 103.041933][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 103.057404][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 103.087583][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 103.097877][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 103.120836][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 103.136120][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 103.146981][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 103.185016][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 103.206545][ T3937] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 103.226055][ T3937] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 103.236573][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 103.285929][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 103.324572][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 103.375882][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 103.988311][ T4093] loop0: detected capacity change from 0 to 256 [ 104.105696][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 104.114957][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 104.156054][ T3937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.341885][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 104.353397][ T3688] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 105.243661][ T3655] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 105.265654][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 105.284868][ T3655] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 105.293357][ T3655] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 105.306644][ T3655] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 105.316073][ T3655] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 105.323862][ T3655] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 105.331764][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 105.335094][ T3937] device veth0_vlan entered promiscuous mode [ 105.368864][ T22] usb 2-1: new full-speed USB device number 3 using dummy_hcd [ 105.434025][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 105.452331][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 105.485210][ T4111] netlink: 8 bytes leftover after parsing attributes in process `syz.0.106'. [ 105.531517][ T4111] netlink: 32 bytes leftover after parsing attributes in process `syz.0.106'. [ 105.582010][ T3937] device veth1_vlan entered promiscuous mode [ 105.690179][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 105.703806][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 105.735058][ T3937] device veth0_macvtap entered promiscuous mode [ 105.749153][ T22] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 105.777511][ T3937] device veth1_macvtap entered promiscuous mode [ 105.784173][ T22] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 105.807071][ T22] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 105.913490][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.929513][ T22] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 105.938545][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.939095][ T22] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 105.966379][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.977111][ T22] usb 2-1: Manufacturer: syz [ 105.979874][ T22] usb 2-1: config 0 descriptor?? [ 106.013827][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.046464][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.061748][ T22] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 106.085566][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.114739][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.152945][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.191574][ T3937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.264188][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 106.266157][ T22] usb 2-1: USB disconnect, device number 3 [ 106.282065][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 106.298466][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 106.317162][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 106.328006][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.348936][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.369232][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.388822][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.408830][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.428835][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.451830][ T3937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.468841][ T3937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.491144][ T3937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.512111][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 106.529722][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 106.552959][ T3937] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.568140][ T3937] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.587516][ T3937] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.616533][ T3937] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.751602][ T4100] chnl_net:caif_netlink_parms(): no params data found [ 106.913979][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 106.922471][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.953601][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.018553][ T4100] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.025989][ T4100] bridge0: port 1(bridge_slave_0) entered disabled state [ 107.036831][ T4100] device bridge_slave_0 entered promiscuous mode [ 107.062774][ T4100] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.079051][ T4100] bridge0: port 2(bridge_slave_1) entered disabled state [ 107.097944][ T4100] device bridge_slave_1 entered promiscuous mode [ 107.130370][ T4017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.159091][ T4017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.297991][ T3690] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.360815][ T4100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 107.409242][ T3642] Bluetooth: hci2: command tx timeout [ 107.441969][ T4100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 107.483227][ T4100] team0: Port device team_slave_0 added [ 107.521590][ T4100] team0: Port device team_slave_1 added [ 107.656184][ T4100] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 107.678890][ T4100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.803504][ T4100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 107.848748][ T4100] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 107.873017][ T4100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 107.957013][ T4100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.094381][ T4100] device hsr_slave_0 entered promiscuous mode [ 108.119905][ T4100] device hsr_slave_1 entered promiscuous mode [ 108.121901][ T4134] loop2: detected capacity change from 0 to 256 [ 108.146490][ T4100] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 108.154665][ T4100] Cannot create hsr debugfs directory [ 109.489122][ T3642] Bluetooth: hci2: command tx timeout [ 109.510743][ T32] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.675903][ T4141] loop1: detected capacity change from 0 to 256 [ 109.706605][ T32] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.454582][ T32] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.685159][ T4148] xt_hashlimit: size too large, truncated to 1048576 [ 110.749092][ T32] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 111.580243][ T3642] Bluetooth: hci2: command tx timeout [ 112.137715][ C0] eth0: bad gso: type: 1, size: 1408 [ 112.571094][ T4167] syz.2.120[4167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.571614][ T4167] syz.2.120[4167] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 113.649124][ T3642] Bluetooth: hci2: command tx timeout [ 114.900733][ T4189] loop0: detected capacity change from 0 to 256 [ 115.200766][ T14] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 115.579634][ T14] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 115.660491][ T14] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 115.854748][ T14] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 116.099451][ T14] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 116.112305][ T14] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 116.142289][ T14] usb 5-1: Manufacturer: syz [ 116.189981][ T14] usb 5-1: config 0 descriptor?? [ 116.257238][ T152] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 116.258545][ T14] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 116.398475][ T1163] usb 5-1: USB disconnect, device number 3 [ 116.498846][ T152] usb 3-1: Using ep0 maxpacket: 8 [ 116.550593][ T4204] loop0: detected capacity change from 0 to 512 [ 116.620319][ T4204] EXT4-fs (loop0): 1 truncate cleaned up [ 116.629194][ T152] usb 3-1: config 0 has no interfaces? [ 116.635691][ T152] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 116.645898][ T152] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.655881][ T152] usb 3-1: config 0 descriptor?? [ 116.668899][ T4204] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 116.921984][ T4216] EXT4-fs error (device loop0): ext4_add_entry:2484: inode #2: comm syz.0.127: Directory hole found for htree leaf block 0 [ 117.155401][ T4220] loop4: detected capacity change from 0 to 512 [ 117.467109][ T4220] EXT4-fs (loop4): 1 orphan inode deleted [ 117.473096][ T4220] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 117.482731][ T4220] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038 (0x7fffffff) [ 117.806971][ T4100] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 118.178092][ T4100] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 118.352634][ T4100] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 118.365155][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 118.495011][ T4100] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 118.539860][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 118.666124][ T4231] loop4: detected capacity change from 0 to 2048 [ 118.703196][ T14] usb 3-1: USB disconnect, device number 6 [ 118.717901][ T4231] ext4: Unknown parameter 'euid>00000000000000000000' [ 118.785054][ T4231] loop4: detected capacity change from 0 to 16 [ 118.823637][ T4231] erofs: (device loop4): erofs_read_superblock: blkszbits 9 isn't supported on this platform [ 119.163164][ T32] device hsr_slave_0 left promiscuous mode [ 119.184172][ T32] device hsr_slave_1 left promiscuous mode [ 119.209375][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.249403][ T32] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 119.275802][ C0] eth0: bad gso: type: 1, size: 1408 [ 119.281635][ T32] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.311373][ T32] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 119.327090][ T4240] loop4: detected capacity change from 0 to 4096 [ 119.339625][ T32] device bridge_slave_1 left promiscuous mode [ 119.357121][ T32] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.365486][ T4240] EXT4-fs: Ignoring removed nomblk_io_submit option [ 119.418429][ T32] device bridge_slave_0 left promiscuous mode [ 119.428766][ T4240] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 119.447573][ T32] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.587276][ T4240] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #15: comm syz.4.133: corrupted inode contents [ 119.629648][ T32] device veth1_macvtap left promiscuous mode [ 119.635752][ T32] device veth0_macvtap left promiscuous mode [ 119.670400][ T32] device veth1_vlan left promiscuous mode [ 119.676300][ T32] device veth0_vlan left promiscuous mode [ 119.703391][ T4240] EXT4-fs error (device loop4): ext4_dirty_inode:6072: inode #15: comm syz.4.133: mark_inode_dirty error [ 119.809748][ T4240] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #15: comm syz.4.133: corrupted inode contents [ 119.845329][ T4252] loop2: detected capacity change from 0 to 256 [ 119.859525][ T4240] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.133: mark_inode_dirty error [ 119.914243][ T3630] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 119.936337][ T4240] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #15: comm syz.4.133: corrupted inode contents [ 119.996321][ T4252] loop2: detected capacity change from 0 to 2048 [ 120.007960][ T4240] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #15: comm syz.4.133: mark_inode_dirty error [ 120.041111][ T4252] ext4: Unknown parameter 'euid>00000000000000000000' [ 120.055442][ T4240] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #15: comm syz.4.133: corrupted inode contents [ 120.087742][ T4240] EXT4-fs error (device loop4): ext4_truncate:4300: inode #15: comm syz.4.133: mark_inode_dirty error [ 120.096339][ T3630] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 120.180477][ T4240] EXT4-fs error (device loop4) in ext4_setattr:5611: Corrupt filesystem [ 120.281319][ T4244] EXT4-fs error (device loop4): ext4_do_update_inode:5210: inode #15: comm syz.4.133: corrupted inode contents [ 120.411069][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 120.741376][ T3685] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 120.894103][ T4270] loop0: detected capacity change from 0 to 4096 [ 121.019128][ T3685] usb 3-1: Using ep0 maxpacket: 8 [ 121.122215][ T32] team0 (unregistering): Port device team_slave_1 removed [ 121.160537][ T3685] usb 3-1: config 0 has no interfaces? [ 121.166209][ T3685] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 121.184515][ T3685] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.203134][ T3685] usb 3-1: config 0 descriptor?? [ 121.371163][ T32] team0 (unregistering): Port device team_slave_0 removed [ 122.101407][ T32] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 122.221484][ T32] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 122.375463][ T4274] loop4: detected capacity change from 0 to 32768 [ 122.397410][ T4274] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.144 (4274) [ 122.440736][ T4274] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 122.452013][ T4274] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 122.461370][ T4274] BTRFS info (device loop4): using free space tree [ 122.641943][ T4274] BTRFS info (device loop4): enabling ssd optimizations [ 122.968444][ T32] bond0 (unregistering): Released all slaves [ 122.993990][ T3647] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 123.265737][ T152] usb 3-1: USB disconnect, device number 7 [ 123.316439][ T4100] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.453273][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.469998][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.500476][ T4318] netlink: 32 bytes leftover after parsing attributes in process `syz.4.149'. [ 123.527144][ T4100] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.550908][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 123.568625][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 123.593595][ T4306] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.601019][ T4306] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.681438][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 123.699923][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 123.719315][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 123.738284][ T152] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.745515][ T152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.769119][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 123.795690][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 123.848480][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 123.867028][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 123.886675][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 123.907473][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 123.925582][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 123.944553][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 124.004692][ T4100] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 124.046001][ T4100] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 124.089846][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 124.111250][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 124.154226][ T4306] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 124.587554][ T4349] Zero length message leads to an empty skb [ 124.871391][ T4357] netlink: 32 bytes leftover after parsing attributes in process `syz.1.161'. [ 124.959523][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 124.979164][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 124.992441][ T4100] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 125.093916][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 125.120002][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 125.181663][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 125.191036][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 125.234689][ T4100] device veth0_vlan entered promiscuous mode [ 125.259833][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 125.268731][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 125.283421][ T4100] device veth1_vlan entered promiscuous mode [ 125.490018][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 125.519962][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 125.579739][ T4100] device veth0_macvtap entered promiscuous mode [ 125.603832][ T4100] device veth1_macvtap entered promiscuous mode [ 125.667347][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.754627][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.778879][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.823363][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.863996][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.905370][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.932619][ T4344] loop0: detected capacity change from 0 to 40427 [ 125.948897][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.985060][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.011755][ T4344] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 126.057669][ T4344] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 126.066759][ T4100] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 126.107231][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 126.126104][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 126.144577][ T4344] F2FS-fs (loop0): invalid crc value [ 126.157867][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 126.186358][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 126.197399][ T4344] F2FS-fs (loop0): Found nat_bits in checkpoint [ 126.228017][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 126.268895][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.308906][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 126.340712][ T4355] loop4: detected capacity change from 0 to 40427 [ 126.367929][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.398456][ T4355] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 126.418838][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 126.442576][ T4355] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 126.451510][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.467726][ T4344] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 126.489151][ T4344] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 126.497849][ T4100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 126.528112][ T4100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.549446][ T4355] F2FS-fs (loop4): invalid crc value [ 126.581399][ T4100] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 126.586790][ T4344] syz.0.157: attempt to access beyond end of device [ 126.586790][ T4344] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 126.616787][ T4355] F2FS-fs (loop4): Found nat_bits in checkpoint [ 126.636858][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 126.666917][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 126.720539][ T4100] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.749621][ T4100] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.781288][ T4100] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.799787][ T4100] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 126.834649][ T4392] syz.0.157: attempt to access beyond end of device [ 126.834649][ T4392] loop0: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 126.896038][ T4355] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 126.911035][ T4392] syz.0.157: attempt to access beyond end of device [ 126.911035][ T4392] loop0: rw=2049, sector=45216, nr_sectors = 8 limit=40427 [ 126.915042][ T4355] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 127.078409][ T4355] syz.4.160: attempt to access beyond end of device [ 127.078409][ T4355] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 127.103541][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.162234][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.221582][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 127.233898][ T4355] syz.4.160: attempt to access beyond end of device [ 127.233898][ T4355] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 127.267715][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.289332][ T4355] syz.4.160: attempt to access beyond end of device [ 127.289332][ T4355] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 127.289477][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.452032][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 127.798603][ T4375] loop2: detected capacity change from 0 to 32768 [ 127.835094][ T4375] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 127.879991][ T4375] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 128.010923][ T4375] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms [ 128.077440][ T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use [ 128.095930][ T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal... [ 128.326186][ T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 230ms [ 128.357311][ T14] gfs2: fsid=syz:syz.0: jid=0: Done [ 128.386759][ T4375] gfs2: fsid=syz:syz.0: first mount done, others may mount [ 128.886884][ T4428] loop4: detected capacity change from 0 to 4096 [ 129.605849][ T4441] loop3: detected capacity change from 0 to 128 [ 129.846511][ T4432] loop1: detected capacity change from 0 to 32768 [ 129.851565][ T4444] loop2: detected capacity change from 0 to 64 [ 129.910025][ T4432] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.176 (4432) [ 129.947440][ T4444] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended. mounting read-only. [ 129.975541][ T4430] loop0: detected capacity change from 0 to 32768 [ 130.000075][ T4444] hfs: filesystem is marked locked, mounting read-only. [ 130.040847][ T4432] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 130.085540][ T4432] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 130.166071][ T4432] BTRFS info (device loop1): max_inline at 0 [ 130.196402][ T4432] BTRFS info (device loop1): enabling auto defrag [ 130.200388][ T4430] jfs_strtoUCS: char2uni returned -22. [ 130.235877][ T4432] BTRFS info (device loop1): doing ref verification [ 130.243184][ T4430] charset = ascii, char = 0xc5 [ 130.259347][ T52] block nbd4: Attempted send on invalid socket [ 130.264894][ T4432] BTRFS info (device loop1): max_inline at 0 [ 130.265795][ T52] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 130.304926][ T4442] SQUASHFS error: Failed to read block 0x0: -5 [ 130.312455][ T4442] unable to read squashfs_super_block [ 130.339696][ T4432] BTRFS info (device loop1): enabling ssd optimizations [ 130.346710][ T4432] BTRFS info (device loop1): turning on sync discard [ 130.390427][ T4432] BTRFS info (device loop1): setting nodatacow, compression disabled [ 130.418979][ T4432] BTRFS info (device loop1): using free space tree [ 130.784504][ T26] audit: type=1800 audit(1723231769.301:3): pid=4432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.176" name="file0" dev="loop1" ino=258 res=0 errno=0 [ 130.837830][ T4446] loop3: detected capacity change from 0 to 32768 [ 130.867040][ T4432] fs-verity: sha512 using implementation "sha512-avx2" [ 130.991043][ T4446] XFS (loop3): Mounting V5 Filesystem [ 131.023454][ T4432] BTRFS info (device loop1): setting compat-ro feature flag for VERITY (0x4) [ 131.037962][ T4477] loop0: detected capacity change from 0 to 1024 [ 131.165864][ T4446] XFS (loop3): Ending clean mount [ 131.179868][ T4477] EXT4-fs: Ignoring removed orlov option [ 131.232451][ T4477] EXT4-fs (loop0): Test dummy encryption mode enabled [ 131.340267][ T4446] XFS (loop3): User initiated shutdown received. [ 131.347934][ T4446] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xde/0x150 (fs/xfs/xfs_fsops.c:491). Shutting down filesystem. [ 131.394911][ T4477] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 131.424434][ T4446] XFS (loop3): Please unmount the filesystem and rectify the problem(s) [ 131.706918][ T4100] XFS (loop3): Unmounting Filesystem [ 131.745855][ T3638] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 132.272467][ T4477] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 132.273452][ T4455] loop2: detected capacity change from 0 to 32768 [ 132.467057][ T4455] XFS (loop2): Mounting V5 Filesystem [ 132.568724][ T4477] fscrypt: AES-256-XTS using implementation "xts-aes-aesni" [ 132.597302][ T4455] XFS (loop2): Ending clean mount [ 132.688524][ T4455] XFS (loop2): Quotacheck needed: Please wait. [ 132.753355][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 132.783244][ T4521] loop4: detected capacity change from 0 to 128 [ 132.807569][ T4455] XFS (loop2): Quotacheck: Done. [ 132.835593][ T4521] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 132.852076][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.858537][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.901223][ T4521] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038 (0x7fffffff) [ 132.931842][ T26] audit: type=1804 audit(1723231771.451:4): pid=4455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.183" name="/newroot/18/file0/bus" dev="loop2" ino=4426 res=1 errno=0 [ 132.986299][ T26] audit: type=1804 audit(1723231771.481:5): pid=4455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.183" name="/newroot/18/file0/bus" dev="loop2" ino=4426 res=1 errno=0 [ 133.148589][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 133.213658][ T4303] usb 2-1: new full-speed USB device number 4 using dummy_hcd [ 133.699831][ T4303] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 133.777367][ T4303] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 133.957037][ T4303] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 133.987056][ T3937] XFS (loop2): Unmounting Filesystem [ 134.253869][ T4303] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 134.265896][ T4303] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 134.274179][ T4303] usb 2-1: Manufacturer: syz [ 134.281238][ T4303] usb 2-1: config 0 descriptor?? [ 134.319735][ T4538] loop4: detected capacity change from 0 to 8 [ 134.362302][ T4303] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 134.951951][ T4303] usb 2-1: USB disconnect, device number 4 [ 135.072410][ C0] eth0: bad gso: type: 1, size: 1408 [ 136.488989][ T4303] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 137.570570][ T4570] loop2: detected capacity change from 0 to 512 [ 137.921842][ T4570] EXT4-fs (loop2): orphan cleanup on readonly fs [ 137.945188][ T4570] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 137.954690][ T4570] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 137.964730][ T4570] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz.2.204: Failed to acquire dquot type 0 [ 137.988036][ T4570] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 137.997220][ T4570] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 138.007370][ T4570] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz.2.204: Failed to acquire dquot type 0 [ 138.028315][ T4570] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.204: bg 0: block 64: padding at end of block bitmap is not set [ 138.050924][ T4570] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6173: Corrupt filesystem [ 138.062293][ T4570] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated! [ 138.071812][ T4570] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota [ 138.082138][ T4570] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz.2.204: Failed to acquire dquot type 0 [ 138.096693][ T4570] EXT4-fs (loop2): 1 orphan inode deleted [ 138.105069][ T4570] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 138.400436][ T3937] EXT4-fs (loop2): unmounting filesystem. [ 138.439275][ T4303] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 138.491799][ T4303] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 138.535148][ T4303] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9 [ 138.550466][ T4303] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.584279][ T4303] usb 2-1: config 0 descriptor?? [ 138.645686][ T4303] gspca_main: spca561-2.14.0 probing abcd:cdee [ 138.697672][ T4584] loop2: detected capacity change from 0 to 4096 [ 138.713561][ T4584] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512) [ 138.744833][ T4584] ntfs3: loop2: Mark volume as dirty due to NTFS errors [ 139.039197][ T4303] spca561: probe of 2-1:0.0 failed with error -22 [ 139.525302][ T4303] usb 2-1: MIDIStreaming interface descriptor not found [ 139.745737][ T4303] usb 2-1: USB disconnect, device number 5 [ 139.986409][ T4600] loop2: detected capacity change from 0 to 256 [ 140.000468][ T4597] loop1: detected capacity change from 0 to 512 [ 140.011998][ T4597] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 140.022131][ T7] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 140.060921][ T3630] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 140.069862][ T4603] loop3: detected capacity change from 0 to 512 [ 140.091863][ T4597] EXT4-fs (loop1): 1 truncate cleaned up [ 140.120218][ T4226] udevd[4226]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 140.136523][ T4597] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 140.173171][ T4603] EXT4-fs error (device loop3): ext4_orphan_get:1396: inode #15: comm syz.3.217: casefold flag without casefold feature [ 140.197969][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #2: comm syz.3.217: missing EA_INODE flag [ 140.304087][ T4603] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.217: error while reading EA inode 2 err=-117 [ 140.352770][ T4603] EXT4-fs (loop3): 1 orphan inode deleted [ 140.358596][ T4603] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 140.408112][ T7] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 140.556422][ T26] audit: type=1400 audit(1723231779.071:6): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=4601 comm="syz.3.217" [ 140.712721][ T7] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 140.741990][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 140.766041][ T7] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 140.889057][ T7] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 141.138442][ T7] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 141.221542][ T7] usb 5-1: Manufacturer: syz [ 141.357734][ T4100] EXT4-fs (loop3): unmounting filesystem. [ 141.449792][ T7] usb 5-1: config 0 descriptor?? [ 141.584668][ T7] usbhid 5-1:0.0: couldn't find an input interrupt endpoint [ 141.783621][ T7] usb 5-1: USB disconnect, device number 4 [ 143.416782][ T4636] loop0: detected capacity change from 0 to 16 [ 143.473313][ T4647] loop4: detected capacity change from 0 to 512 [ 143.479072][ T4636] erofs: (device loop0): mounted with root inode @ nid 36. [ 143.524017][ T4636] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36 [ 143.589591][ T4636] erofs: (device loop0): z_erofs_readahead: readahead error at page 19 @ nid 36 [ 143.599245][ T4636] erofs: (device loop0): z_erofs_readahead: readahead error at page 13 @ nid 36 [ 143.627965][ T4647] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 143.659267][ T4647] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038 (0x7fffffff) [ 143.704610][ T4636] erofs: (device loop0): z_erofs_readahead: readahead error at page 8 @ nid 36 [ 143.753620][ T4653] loop2: detected capacity change from 0 to 128 [ 143.763324][ T4636] syz.0.227: attempt to access beyond end of device [ 143.763324][ T4636] loop0: rw=524288, sector=736, nr_sectors = 112 limit=16 [ 143.882518][ T4636] syz.0.227: attempt to access beyond end of device [ 143.882518][ T4636] loop0: rw=524288, sector=13478624032, nr_sectors = 24 limit=16 [ 143.938103][ T4653] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 144.037755][ T4653] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038 (0x7fffffff) [ 144.063670][ T4656] EXT4-fs error (device loop4): ext4_add_entry:2484: inode #2: comm syz.4.230: Directory hole found for htree leaf block 0 [ 144.497086][ T4653] syz.2.232 (pid 4653) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 144.653265][ T4660] loop3: detected capacity change from 0 to 1024 [ 144.822569][ T3937] EXT4-fs (loop2): unmounting filesystem. [ 145.188402][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 145.227789][ T4675] loop0: detected capacity change from 0 to 1024 [ 145.350627][ T4675] hfsplus: extend alloc file! (8192,65536,366) [ 147.100273][ T1036] block nbd4: Attempted send on invalid socket [ 147.106477][ T1036] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 147.120967][ T4698] SQUASHFS error: Failed to read block 0x0: -5 [ 147.153861][ T4698] unable to read squashfs_super_block [ 147.316888][ T4713] loop1: detected capacity change from 0 to 512 [ 147.369829][ T4714] loop3: detected capacity change from 0 to 256 [ 147.389602][ T4713] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2 [ 147.409853][ T4713] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2 [ 147.508135][ T4713] EXT4-fs (loop1): 1 truncate cleaned up [ 147.527803][ T4713] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 147.577021][ T4713] EXT4-fs error (device loop1): ext4_append:79: inode #2: comm syz.1.248: Logical block already allocated [ 147.602169][ T4713] EXT4-fs error (device loop1): ext4_append:79: inode #2: comm syz.1.248: Logical block already allocated [ 147.696877][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 147.873891][ T4725] loop1: detected capacity change from 0 to 1024 [ 147.894301][ T4725] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 147.905788][ T4725] jbd2_journal_init_inode: Cannot locate journal superblock [ 147.913270][ T4725] EXT4-fs (loop1): Could not load journal inode [ 147.961156][ T4726] loop3: detected capacity change from 0 to 512 [ 147.980324][ T3630] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 148.057990][ T4726] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 148.076539][ T4726] ext4 filesystem being mounted at /21/bus supports timestamps until 2038 (0x7fffffff) [ 150.407777][ T4742] sched: RT throttling activated [ 151.821140][ T4100] EXT4-fs (loop3): unmounting filesystem. [ 153.054599][ T52] block nbd4: Attempted send on invalid socket [ 153.060904][ T52] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 153.072878][ T4775] SQUASHFS error: Failed to read block 0x0: -5 [ 153.153852][ T4775] unable to read squashfs_super_block [ 155.507080][ T4801] veth0_to_bond: mtu less than device minimum [ 156.984444][ T4829] netlink: 268 bytes leftover after parsing attributes in process `syz.1.282'. [ 157.704242][ T4832] tipc: Started in network mode [ 157.709440][ T4832] tipc: Node identity ac1414aa, cluster identity 4711 [ 157.719750][ T4832] tipc: Enabled bearer , priority 10 [ 157.727362][ T4832] tipc: Disabling bearer [ 158.101049][ T4843] syz.2.285[4843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.101171][ T4843] syz.2.285[4843] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.320404][ T4845] netlink: 268 bytes leftover after parsing attributes in process `syz.1.287'. [ 161.546081][ T1036] block nbd0: Attempted send on invalid socket [ 161.552364][ T1036] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 161.567292][ T4863] SQUASHFS error: Failed to read block 0x0: -5 [ 161.615789][ T4863] unable to read squashfs_super_block [ 161.871696][ T4880] loop2: detected capacity change from 0 to 40427 [ 161.880363][ T4880] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 161.888119][ T4880] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 161.935840][ T4875] netlink: 12 bytes leftover after parsing attributes in process `syz.4.298'. [ 161.968978][ T4880] F2FS-fs (loop2): Found nat_bits in checkpoint [ 162.093287][ T4761] udevd[4761]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system [ 162.108455][ T4880] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 162.115756][ T4880] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 162.297411][ T4887] netlink: 32 bytes leftover after parsing attributes in process `syz.4.302'. [ 162.539377][ T4892] process 'syz.3.301' launched './file0' with NULL argv: empty string added [ 163.307689][ T4890] syz.2.300: attempt to access beyond end of device [ 163.307689][ T4890] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 163.505185][ T4761] udevd[4761]: symlink '../../loop2' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:2' failed: Read-only file system [ 164.467713][ T4909] veth0_to_bond: mtu less than device minimum [ 166.630278][ T4934] netlink: 32 bytes leftover after parsing attributes in process `syz.1.316'. [ 166.695232][ T4935] loop4: detected capacity change from 0 to 1024 [ 166.779792][ T4935] EXT4-fs: Ignoring removed orlov option [ 166.841772][ T4935] EXT4-fs (loop4): Test dummy encryption mode enabled [ 166.855953][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 167.069752][ T4935] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 167.151762][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 167.400944][ T1036] block nbd3: Attempted send on invalid socket [ 167.407365][ T1036] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 167.425916][ T4946] SQUASHFS error: Failed to read block 0x0: -5 [ 167.445785][ T4946] unable to read squashfs_super_block [ 167.949890][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 168.476977][ T4965] netlink: 32 bytes leftover after parsing attributes in process `syz.4.328'. [ 168.529291][ T1163] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 168.655983][ T4968] veth0_to_bond: mtu less than device minimum [ 168.901371][ T1163] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 168.938898][ T1163] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0 [ 168.967715][ T1163] usb 1-1: config 0 interface 0 has no altsetting 0 [ 168.990525][ T1163] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 169.024478][ T1163] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 169.074583][ T1163] usb 1-1: config 0 descriptor?? [ 170.081932][ T1163] hid-multitouch 0003:1FD2:6007.0002: unknown main item tag 0x0 [ 170.106199][ T1163] hid-multitouch 0003:1FD2:6007.0002: unknown main item tag 0x0 [ 170.138380][ T1163] hid-multitouch 0003:1FD2:6007.0002: unknown main item tag 0x0 [ 170.168988][ T1163] hid-multitouch 0003:1FD2:6007.0002: unknown main item tag 0x0 [ 170.176710][ T1163] hid-multitouch 0003:1FD2:6007.0002: unknown main item tag 0x0 [ 170.238530][ T1163] hid-multitouch 0003:1FD2:6007.0002: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0 [ 170.299479][ T1163] usb 1-1: USB disconnect, device number 5 [ 171.863155][ T1036] block nbd0: Attempted send on invalid socket [ 171.869465][ T1036] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 171.888188][ T4997] SQUASHFS error: Failed to read block 0x0: -5 [ 171.982235][ T5007] loop1: detected capacity change from 0 to 512 [ 171.989508][ T5007] ext4: Bad value for 'sb' [ 173.481036][ T4997] unable to read squashfs_super_block [ 173.623287][ T5011] loop2: detected capacity change from 0 to 2048 [ 173.631063][ T5011] EXT4-fs: Ignoring removed bh option [ 173.636783][ T5011] EXT4-fs: Ignoring removed nomblk_io_submit option [ 173.644452][ T5011] EXT4-fs: Ignoring removed nobh option [ 173.844405][ T4761] udevd[4761]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 173.859755][ T5011] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 174.735644][ T5011] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.343: bg 0: block 2: invalid block bitmap [ 174.917800][ T3937] EXT4-fs (loop2): unmounting filesystem. [ 175.445185][ T5038] loop1: detected capacity change from 0 to 512 [ 175.544637][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 175.556309][ T5038] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 175.578872][ T5045] bridge: RTM_NEWNEIGH with invalid ether address [ 175.583751][ T5038] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038 (0x7fffffff) [ 175.760354][ T5051] loop2: detected capacity change from 0 to 512 [ 175.772139][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 175.806452][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 175.870157][ T5051] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 175.874689][ T4761] udevd[4761]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system [ 175.903438][ T5051] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038 (0x7fffffff) [ 176.794543][ T5071] EXT4-fs error (device loop2): ext4_add_entry:2484: inode #2: comm syz.2.355: Directory hole found for htree leaf block 0 [ 178.028332][ T3937] EXT4-fs (loop2): unmounting filesystem. [ 179.450223][ T5100] loop0: detected capacity change from 0 to 512 [ 179.492498][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 179.965772][ T5100] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 180.309118][ T5100] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038 (0x7fffffff) [ 180.433910][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 180.438044][ T5107] bridge: RTM_NEWNEIGH with invalid ether address [ 180.564850][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 180.931098][ T5119] 9pnet_fd: Insufficient options for proto=fd [ 181.033518][ T1036] block nbd2: Attempted send on invalid socket [ 181.039837][ T1036] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 181.057965][ T5118] SQUASHFS error: Failed to read block 0x0: -5 [ 181.089250][ T5118] unable to read squashfs_super_block [ 182.575292][ T5113] loop4: detected capacity change from 0 to 32768 [ 182.675139][ T5113] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.373 (5113) [ 182.738825][ T5113] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 182.799039][ T5113] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 182.808041][ T5113] BTRFS info (device loop4): max_inline at 0 [ 182.828207][ T5113] BTRFS info (device loop4): enabling auto defrag [ 182.873699][ T5113] BTRFS info (device loop4): doing ref verification [ 182.881222][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-uuid/ed167579-eb65-4e76-9a50-61ac97e9b59d.tmp-b7:4' failed: Read-only file system [ 182.926428][ T5113] BTRFS info (device loop4): max_inline at 0 [ 182.958964][ T5113] BTRFS info (device loop4): enabling ssd optimizations [ 182.959761][ T5141] loop0: detected capacity change from 0 to 512 [ 182.998951][ T5113] BTRFS info (device loop4): turning on sync discard [ 183.005734][ T5113] BTRFS info (device loop4): setting nodatacow, compression disabled [ 183.058097][ T4983] udevd[4983]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 183.080897][ T5113] BTRFS info (device loop4): using free space tree [ 183.117654][ T5141] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 183.171286][ T5141] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038 (0x7fffffff) [ 183.229730][ T4983] udevd[4983]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 183.335051][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 183.517863][ T5129] input: syz0 as /devices/virtual/input/input9 [ 183.589550][ T26] audit: type=1800 audit(2000000015.770:7): pid=5113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.373" name="file0" dev="loop4" ino=258 res=0 errno=0 [ 183.795814][ T5113] BTRFS info (device loop4): setting compat-ro feature flag for VERITY (0x4) [ 183.971147][ T5145] loop3: detected capacity change from 0 to 40427 [ 183.987983][ T5145] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 183.995993][ T5145] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 184.016149][ T5145] F2FS-fs (loop3): invalid crc value [ 184.024882][ T5145] F2FS-fs (loop3): Found nat_bits in checkpoint [ 184.093376][ T5145] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 184.104393][ T4761] udevd[4761]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system [ 184.127565][ T5145] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 184.152773][ T4761] udevd[4761]: symlink '../../loop3' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:3' failed: Read-only file system [ 184.187331][ T3647] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 184.252587][ T5145] syz.3.384: attempt to access beyond end of device [ 184.252587][ T5145] loop3: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 184.337887][ T5184] syz.3.384: attempt to access beyond end of device [ 184.337887][ T5184] loop3: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 184.402600][ T5184] syz.3.384: attempt to access beyond end of device [ 184.402600][ T5184] loop3: rw=2049, sector=45216, nr_sectors = 8 limit=40427 [ 184.610577][ T5174] netlink: 52 bytes leftover after parsing attributes in process `syz.0.386'. [ 186.785963][ T5220] input: syz0 as /devices/virtual/input/input11 [ 187.587823][ T1036] block nbd4: Attempted send on invalid socket [ 187.594965][ T1036] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 187.607562][ T5224] SQUASHFS error: Failed to read block 0x0: -5 [ 187.635325][ T5224] unable to read squashfs_super_block [ 190.584408][ T5260] input: syz0 as /devices/virtual/input/input13 [ 191.729434][ T3649] Bluetooth: hci1: command 0x0406 tx timeout [ 191.735638][ T3649] Bluetooth: hci3: command 0x0406 tx timeout [ 191.742270][ T3651] Bluetooth: hci0: command 0x0406 tx timeout [ 192.003851][ T5280] input: syz0 as /devices/virtual/input/input14 [ 192.644715][ T5259] netlink: 52 bytes leftover after parsing attributes in process `syz.4.412'. [ 193.485762][ T1036] block nbd2: Attempted send on invalid socket [ 193.493730][ T1036] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 193.529444][ T5292] SQUASHFS error: Failed to read block 0x0: -5 [ 193.557401][ T5292] unable to read squashfs_super_block [ 193.923785][ T5305] loop3: detected capacity change from 0 to 512 [ 194.291323][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.309284][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.715884][ T5305] EXT4-fs (loop3): 1 orphan inode deleted [ 194.721857][ T5305] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 194.730965][ T5305] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038 (0x7fffffff) [ 195.061136][ T4761] udevd[4761]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 195.197673][ T4100] EXT4-fs (loop3): unmounting filesystem. [ 196.268590][ T5328] input: syz0 as /devices/virtual/input/input15 [ 196.991985][ T5337] input: syz0 as /devices/virtual/input/input16 [ 197.417648][ T5344] loop3: detected capacity change from 0 to 2048 [ 197.448728][ T5344] EXT4-fs: Ignoring removed mblk_io_submit option [ 197.694891][ T5344] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 197.715647][ T4761] udevd[4761]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system [ 197.746555][ T5344] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.438: bg 0: block 234: padding at end of block bitmap is not set [ 197.771273][ T5344] EXT4-fs (loop3): Remounting filesystem read-only [ 197.990310][ T4100] EXT4-fs (loop3): unmounting filesystem. [ 198.413062][ T52] block nbd4: Attempted send on invalid socket [ 198.419389][ T52] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 198.450583][ T5369] SQUASHFS error: Failed to read block 0x0: -5 [ 198.484377][ T5369] unable to read squashfs_super_block [ 198.698796][ T5381] loop4: detected capacity change from 0 to 256 [ 198.769963][ T4761] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 198.840236][ T5381] loop4: detected capacity change from 0 to 2048 [ 198.875589][ T5381] ext4: Unknown parameter 'euid>00000000000000000000' [ 198.881514][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 198.905665][ T5385] input: syz0 as /devices/virtual/input/input17 [ 199.002151][ T5389] netlink: 12 bytes leftover after parsing attributes in process `syz.1.451'. [ 199.433983][ T5394] loop1: detected capacity change from 0 to 2048 [ 199.476459][ T5394] EXT4-fs: Ignoring removed mblk_io_submit option [ 199.525748][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 199.590953][ T5394] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 199.602473][ T5361] netlink: 52 bytes leftover after parsing attributes in process `syz.2.443'. [ 199.739570][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 199.753668][ T5394] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.454: bg 0: block 234: padding at end of block bitmap is not set [ 199.791707][ T5394] EXT4-fs (loop1): Remounting filesystem read-only [ 199.822595][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 200.135558][ T1036] block nbd1: Attempted send on invalid socket [ 200.141986][ T1036] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 200.151901][ T5414] SQUASHFS error: Failed to read block 0x0: -5 [ 200.183560][ T5414] unable to read squashfs_super_block [ 200.376569][ T5426] netlink: 12 bytes leftover after parsing attributes in process `syz.4.464'. [ 200.771414][ T5430] input: syz0 as /devices/virtual/input/input18 [ 201.722483][ T5439] loop4: detected capacity change from 0 to 2048 [ 201.730650][ T5439] EXT4-fs: Ignoring removed mblk_io_submit option [ 201.824770][ T26] audit: type=1326 audit(2000000034.010:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5432 comm="syz.1.466" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabecd779f9 code=0x0 [ 202.215798][ T5439] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 202.593264][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 202.608983][ T5439] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.468: bg 0: block 234: padding at end of block bitmap is not set [ 202.701406][ T5439] EXT4-fs (loop4): Remounting filesystem read-only [ 203.117484][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 204.073288][ T1036] block nbd4: Attempted send on invalid socket [ 204.079591][ T1036] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 204.155604][ T5470] SQUASHFS error: Failed to read block 0x0: -5 [ 204.199068][ T5470] unable to read squashfs_super_block [ 204.317298][ T5479] netlink: 'syz.2.479': attribute type 1 has an invalid length. [ 204.576939][ T5485] input: syz0 as /devices/virtual/input/input19 [ 205.817657][ T5493] input: syz0 as /devices/virtual/input/input20 [ 209.289573][ T5524] input: syz0 as /devices/virtual/input/input21 [ 210.495461][ T5528] loop0: detected capacity change from 0 to 2048 [ 210.509976][ T5528] EXT4-fs: Ignoring removed mblk_io_submit option [ 210.541643][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 210.606245][ T5532] input: syz0 as /devices/virtual/input/input22 [ 211.545432][ T5537] netlink: 60 bytes leftover after parsing attributes in process `syz.3.494'. [ 211.565843][ T5528] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 211.640067][ T5537] netlink: 172 bytes leftover after parsing attributes in process `syz.3.494'. [ 211.695601][ T4983] udevd[4983]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 211.835997][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 212.164560][ T1036] block nbd2: Attempted send on invalid socket [ 212.171735][ T1036] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 213.173690][ T5544] SQUASHFS error: Failed to read block 0x0: -5 [ 213.208235][ T5544] unable to read squashfs_super_block [ 214.686173][ T5565] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 214.705245][ T5573] netlink: 60 bytes leftover after parsing attributes in process `syz.1.505'. [ 214.905378][ T5573] netlink: 172 bytes leftover after parsing attributes in process `syz.1.505'. [ 215.927774][ T5579] loop0: detected capacity change from 0 to 16 [ 216.021137][ T5579] erofs: (device loop0): mounted with root inode @ nid 36. [ 216.046290][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-uuid/fcd48663-7311-483d-ab26-e63db9076faf.tmp-b7:0' failed: Read-only file system [ 216.179151][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-uuid/fcd48663-7311-483d-ab26-e63db9076faf.tmp-b7:0' failed: Read-only file system [ 216.218239][ T5593] loop4: detected capacity change from 0 to 16 [ 216.240582][ T5593] erofs: (device loop4): erofs_read_superblock: blkszbits 9 isn't supported on this platform [ 217.230889][ T3655] Bluetooth: hci4: command 0x0406 tx timeout [ 217.826604][ T5602] loop4: detected capacity change from 0 to 512 [ 217.895288][ T5602] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 217.982080][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 218.019942][ T5602] EXT4-fs (loop4): 1 orphan inode deleted [ 218.028254][ T5602] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 218.100724][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 218.139235][ T5602] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038 (0x7fffffff) [ 218.217226][ T5612] 9pnet_fd: Insufficient options for proto=fd [ 218.243979][ T5612] netlink: 28 bytes leftover after parsing attributes in process `syz.3.515'. [ 218.302322][ T5612] netlink: 12 bytes leftover after parsing attributes in process `syz.3.515'. [ 218.391743][ T3655] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 218.403427][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 218.589339][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 218.788973][ T5189] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 219.049389][ T5189] usb 1-1: Using ep0 maxpacket: 8 [ 219.119361][ T5586] netlink: 52 bytes leftover after parsing attributes in process `syz.2.509'. [ 219.469132][ T5189] usb 1-1: config 0 has no interfaces? [ 219.474793][ T5189] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 219.548301][ T5189] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 219.589824][ T5189] usb 1-1: config 0 descriptor?? [ 220.333245][ T5635] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 220.436004][ T5635] Bluetooth: MGMT ver 1.22 [ 221.089376][ T5189] usb 1-1: USB disconnect, device number 6 [ 221.739110][ T5664] Driver unsupported XDP return value 0 on prog (id 118) dev N/A, expect packet loss! [ 221.848189][ T5666] input: syz0 as /devices/virtual/input/input23 [ 223.976257][ T5682] netlink: 60 bytes leftover after parsing attributes in process `syz.0.538'. [ 224.335650][ T5695] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 224.669069][ T5712] netlink: 'syz.0.549': attribute type 29 has an invalid length. [ 224.677779][ T5712] netlink: 'syz.0.549': attribute type 29 has an invalid length. [ 224.694026][ T5712] netlink: 'syz.0.549': attribute type 29 has an invalid length. [ 226.058992][ T5721] netlink: 60 bytes leftover after parsing attributes in process `syz.1.552'. [ 226.393936][ T5732] loop1: detected capacity change from 0 to 1024 [ 226.441501][ T5732] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f01cc01c, mo2=0002] [ 226.454413][ T5732] System zones: 0-1, 3-36 [ 226.476003][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 226.477001][ T5732] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 226.715716][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 226.834519][ T5749] loop4: detected capacity change from 0 to 512 [ 226.849971][ T5743] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 226.877141][ T5749] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 226.914562][ T5749] ext4 filesystem being mounted at /118/bus supports timestamps until 2038 (0x7fffffff) [ 227.121771][ T4749] udevd[4749]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 229.068336][ T52] block nbd2: Attempted send on invalid socket [ 229.074770][ T52] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 229.088576][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 229.099156][ T5756] SQUASHFS error: Failed to read block 0x0: -5 [ 229.121290][ T5756] unable to read squashfs_super_block [ 229.433008][ T5779] netlink: 60 bytes leftover after parsing attributes in process `syz.4.568'. [ 231.278378][ T5806] loop0: detected capacity change from 0 to 2048 [ 231.453435][ T5806] loop0: p2 < > [ 232.194127][ T3091] loop0: p2 < > [ 232.209195][ T3655] Bluetooth: hci2: command 0x0406 tx timeout [ 232.257695][ T4761] udevd[4761]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 232.430243][ T4761] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 232.496189][ T4761] udevd[4761]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 232.900445][ T5822] input: syz0 as /devices/virtual/input/input24 [ 233.063274][ T5835] input: syz0 as /devices/virtual/input/input25 [ 234.014693][ T1036] block nbd0: Attempted send on invalid socket [ 234.025274][ T1036] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 234.049397][ T5824] SQUASHFS error: Failed to read block 0x0: -5 [ 234.068940][ T5824] unable to read squashfs_super_block [ 235.313705][ T5855] loop4: detected capacity change from 0 to 1024 [ 235.371633][ T5855] EXT4-fs: Ignoring removed orlov option [ 235.454159][ T5855] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 235.483817][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 235.510877][ T5855] EXT4-fs error (device loop4): ext4_xattr_set_entry:1615: inode #13: comm syz.4.593: corrupted xattr entries [ 235.574548][ T5855] EXT4-fs (loop4): Remounting filesystem read-only [ 235.735964][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 236.088998][ T4500] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 236.244245][ T5881] input: syz0 as /devices/virtual/input/input26 [ 237.118927][ T4500] usb 1-1: Using ep0 maxpacket: 8 [ 237.239154][ T4500] usb 1-1: config 0 has no interfaces? [ 237.244737][ T4500] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 237.278904][ T4500] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.319895][ T4500] usb 1-1: config 0 descriptor?? [ 237.492874][ T5896] input: syz0 as /devices/virtual/input/input27 [ 238.677954][ T5912] loop1: detected capacity change from 0 to 1024 [ 238.703797][ T152] usb 1-1: USB disconnect, device number 7 [ 238.722774][ T5912] EXT4-fs: Ignoring removed orlov option [ 238.816955][ T5912] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 238.831109][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 238.855462][ T5912] EXT4-fs error (device loop1): ext4_xattr_set_entry:1615: inode #13: comm syz.1.610: corrupted xattr entries [ 238.882680][ T5912] EXT4-fs (loop1): Remounting filesystem read-only [ 238.894333][ T1036] block nbd3: Attempted send on invalid socket [ 238.901122][ T1036] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 238.924727][ T5913] SQUASHFS error: Failed to read block 0x0: -5 [ 238.937975][ T5913] unable to read squashfs_super_block [ 238.970192][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 239.708572][ T5932] netlink: 60 bytes leftover after parsing attributes in process `syz.0.615'. [ 240.487669][ T5939] input: syz0 as /devices/virtual/input/input28 [ 241.686175][ T5944] netlink: 12 bytes leftover after parsing attributes in process `syz.3.619'. [ 241.979082][ T5954] loop0: detected capacity change from 0 to 1024 [ 242.019938][ T5954] EXT4-fs: Ignoring removed orlov option [ 242.041174][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 242.116495][ T5954] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 242.188594][ T4761] udevd[4761]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:0' failed: Read-only file system [ 242.223395][ T5954] EXT4-fs error (device loop0): ext4_xattr_set_entry:1615: inode #13: comm syz.0.623: corrupted xattr entries [ 242.268875][ T1163] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 242.309875][ T5954] EXT4-fs (loop0): Remounting filesystem read-only [ 242.331760][ T5960] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 242.463493][ T3639] EXT4-fs (loop0): unmounting filesystem. [ 242.536018][ T5969] input: syz0 as /devices/virtual/input/input29 [ 243.480564][ T1163] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 243.515680][ T1163] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 243.541051][ T1163] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 243.555220][ T1163] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 243.669261][ T5955] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 243.877978][ T5981] input: syz0 as /devices/virtual/input/input30 [ 244.599309][ T1163] usb 4-1: USB disconnect, device number 4 [ 244.653349][ T5991] netlink: 60 bytes leftover after parsing attributes in process `syz.0.632'. [ 244.686708][ T5991] netlink: 172 bytes leftover after parsing attributes in process `syz.0.632'. [ 244.852935][ T5998] netlink: 12 bytes leftover after parsing attributes in process `syz.1.635'. [ 244.921966][ T5988] udevd[5988]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 244.994831][ T5996] binder: 5993:5996 ioctl 40046205 0 returned -22 [ 246.123119][ T6016] netlink: 32 bytes leftover after parsing attributes in process `syz.4.641'. [ 246.148221][ T6016] bridge: RTM_NEWNEIGH with invalid ether address [ 246.207715][ T6012] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 246.648107][ T6036] input: syz0 as /devices/virtual/input/input31 [ 247.568464][ T6043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.649'. [ 248.866895][ T6057] netlink: 44 bytes leftover after parsing attributes in process `syz.4.654'. [ 248.961931][ T6053] input: syz0 as /devices/virtual/input/input32 [ 249.495798][ T6071] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 250.471217][ T6081] input: syz0 as /devices/virtual/input/input33 [ 251.635016][ T6091] netlink: 44 bytes leftover after parsing attributes in process `syz.0.666'. [ 251.964627][ T6105] netlink: 12 bytes leftover after parsing attributes in process `syz.4.672'. [ 251.990999][ T6104] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 252.193176][ T6112] netlink: 172 bytes leftover after parsing attributes in process `syz.4.673'. [ 252.967182][ T6128] netlink: 268 bytes leftover after parsing attributes in process `syz.4.677'. [ 253.915934][ T6134] netlink: 44 bytes leftover after parsing attributes in process `syz.0.680'. [ 254.196745][ T6114] netlink: 52 bytes leftover after parsing attributes in process `syz.1.674'. [ 254.246518][ T6141] netlink: 12 bytes leftover after parsing attributes in process `syz.0.683'. [ 254.399473][ T6143] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 254.578441][ T6155] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 254.851574][ T52] block nbd0: Attempted send on invalid socket [ 254.857809][ T52] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 254.877997][ T6161] SQUASHFS error: Failed to read block 0x0: -5 [ 254.904507][ T6161] unable to read squashfs_super_block [ 255.143835][ T6175] netlink: 12 bytes leftover after parsing attributes in process `syz.2.696'. [ 255.397209][ T6180] netlink: 'syz.4.698': attribute type 1 has an invalid length. [ 255.739370][ T1268] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.745831][ T1268] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.750757][ T3649] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 256.761572][ T3649] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 256.770918][ T3649] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 256.780336][ T3649] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 256.788249][ T3649] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 256.796259][ T3649] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 256.964361][ T6201] netlink: 68 bytes leftover after parsing attributes in process `syz.2.705'. [ 257.031367][ T6199] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 257.152821][ T6196] chnl_net:caif_netlink_parms(): no params data found [ 257.280927][ T6216] netlink: 'syz.0.708': attribute type 1 has an invalid length. [ 257.340018][ T6196] bridge0: port 1(bridge_slave_0) entered blocking state [ 257.347704][ T6196] bridge0: port 1(bridge_slave_0) entered disabled state [ 257.381062][ T6196] device bridge_slave_0 entered promiscuous mode [ 257.399925][ T6196] bridge0: port 2(bridge_slave_1) entered blocking state [ 257.407212][ T6196] bridge0: port 2(bridge_slave_1) entered disabled state [ 257.452609][ T6196] device bridge_slave_1 entered promiscuous mode [ 257.527691][ T6196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 257.636941][ T6196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 257.733615][ T6196] team0: Port device team_slave_0 added [ 257.766952][ T6196] team0: Port device team_slave_1 added [ 257.857335][ T6196] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.864909][ T6196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.920517][ T6196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.962466][ T6196] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.990114][ T6196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 258.075932][ T6196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 258.154533][ T6239] netlink: 68 bytes leftover after parsing attributes in process `syz.1.718'. [ 258.610719][ T6245] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 258.731864][ T6196] device hsr_slave_0 entered promiscuous mode [ 258.802504][ T6196] device hsr_slave_1 entered promiscuous mode [ 258.823885][ T6251] loop2: detected capacity change from 0 to 1024 [ 258.827851][ T6196] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 258.841400][ T6251] EXT4-fs: Ignoring removed orlov option [ 258.849262][ T3655] Bluetooth: hci5: command tx timeout [ 258.853813][ T6253] netlink: 'syz.0.721': attribute type 1 has an invalid length. [ 258.874018][ T6196] Cannot create hsr debugfs directory [ 258.968204][ T6251] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 259.095653][ T3937] EXT4-fs (loop2): unmounting filesystem. [ 259.388167][ T6270] netlink: 68 bytes leftover after parsing attributes in process `syz.1.728'. [ 259.689433][ T6196] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.917584][ T6284] netlink: 268 bytes leftover after parsing attributes in process `syz.2.729'. [ 260.854334][ T6196] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 260.934831][ T3655] Bluetooth: hci5: command tx timeout [ 261.024347][ T6287] loop4: detected capacity change from 0 to 2048 [ 261.100263][ T6287] EXT4-fs: Ignoring removed mblk_io_submit option [ 261.120586][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 261.146278][ T6196] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.174168][ T6287] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 261.280610][ T6287] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.732: bg 0: block 234: padding at end of block bitmap is not set [ 261.295339][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system [ 261.355161][ T6292] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 261.368294][ T6298] netlink: 'syz.1.734': attribute type 1 has an invalid length. [ 261.385462][ T6287] EXT4-fs (loop4): Remounting filesystem read-only [ 261.473945][ T6196] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.555488][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 262.107302][ T6305] veth0_to_bond: mtu less than device minimum [ 262.681253][ T6196] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 262.762206][ T6196] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 262.799905][ T6196] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 262.839743][ T6196] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 262.903971][ T6315] loop4: detected capacity change from 0 to 128 [ 262.973876][ T6315] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 262.993693][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:4' failed: Read-only file system [ 263.008109][ T6315] ext4 filesystem being mounted at /172/mnt supports timestamps until 2038 (0x7fffffff) [ 263.018117][ T3655] Bluetooth: hci5: command tx timeout [ 263.045217][ T6196] 8021q: adding VLAN 0 to HW filter on device bond0 [ 263.062165][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 263.072231][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 263.083957][ T6196] 8021q: adding VLAN 0 to HW filter on device team0 [ 263.097987][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 263.107677][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 263.116376][ T152] bridge0: port 1(bridge_slave_0) entered blocking state [ 263.123559][ T152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 263.149582][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 263.160169][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 263.197047][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 263.219437][ T152] bridge0: port 2(bridge_slave_1) entered blocking state [ 263.226550][ T152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 263.277219][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 263.346706][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 263.364137][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 263.399426][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 263.427060][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 263.443743][ T6326] loop1: detected capacity change from 0 to 1024 [ 263.455302][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 263.474339][ T6326] EXT4-fs: Ignoring removed orlov option [ 263.496882][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 263.503215][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 263.517231][ T41] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 263.540681][ T6196] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 263.578386][ T6326] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 263.589134][ T6196] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 263.613816][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 263.665629][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 263.711813][ T4761] udevd[4761]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system [ 263.727687][ T6315] fscrypt (loop4, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 263.759879][ T6315] fscrypt (loop4, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)") [ 263.944203][ T152] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 264.544169][ T3647] EXT4-fs (loop4): unmounting filesystem. [ 264.549988][ T3638] EXT4-fs (loop1): unmounting filesystem. [ 264.773648][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 264.797613][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 264.827144][ T6196] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 264.886292][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 264.910705][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 264.960110][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 264.977264][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 264.989543][ T6196] device veth0_vlan entered promiscuous mode [ 265.022185][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 265.049894][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 265.075342][ T6196] device veth1_vlan entered promiscuous mode [ 265.089026][ T3655] Bluetooth: hci5: command tx timeout [ 265.149240][ T6354] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 265.814432][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 265.845644][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 265.884944][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 265.926145][ T3685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 265.978253][ T6196] device veth0_macvtap entered promiscuous mode [ 266.031727][ T6196] device veth1_macvtap entered promiscuous mode [ 266.213271][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.273544][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.301308][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.348801][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.368852][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.388755][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.398627][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.438793][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.458785][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 266.488815][ T152] usb 2-1: new full-speed USB device number 6 using dummy_hcd [ 266.488825][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.553323][ T6196] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 266.562483][ T6373] loop2: detected capacity change from 0 to 256 [ 266.599381][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 266.607775][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 266.629705][ T1163] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 266.641574][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.669514][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.708844][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.765510][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.816224][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.908564][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 266.945072][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 266.988325][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.011339][ T6196] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 267.024355][ T152] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 267.035503][ T6379] loop4: detected capacity change from 0 to 764 [ 267.048969][ T152] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x1D, skipping [ 267.061342][ T6196] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 267.078758][ T152] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 267.111429][ T6196] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 267.115824][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-label/CDROM.tmp-b7:4' failed: Read-only file system [ 267.150745][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 267.172077][ T3684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 267.194138][ T6379] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 267.212212][ T6196] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.221529][ T152] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 267.231776][ T4761] udevd[4761]: symlink '../../loop4' '/dev/disk/by-uuid/2022-11-22-16-59-57-00.tmp-b7:4' failed: Read-only file system [ 267.254903][ T152] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 267.272605][ T6196] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.287652][ T6196] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.296951][ T6196] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.297511][ T152] usb 2-1: Manufacturer: syz [ 267.333557][ T26] audit: type=1326 audit(2000000008.240:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6374 comm="syz.4.753" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f36e4d779f9 code=0x7ffc0000 [ 372.348706][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 372.355747][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P4038/1:b..l [ 372.364454][ C0] (detected by 0, t=10502 jiffies, g=25565, q=105 ncpus=2) [ 372.371801][ C0] task:kworker/u4:14 state:R running task stack:25240 pid:4038 ppid:2 flags:0x00004000 [ 372.384016][ C0] Workqueue: bat_events batadv_nc_worker [ 372.389809][ C0] Call Trace: [ 372.393129][ C0] [ 372.396093][ C0] __schedule+0x143f/0x4570 [ 372.400642][ C0] ? _raw_spin_unlock_irqrestore+0x8b/0x130 [ 372.406572][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 372.411991][ C0] ? release_firmware_map_entry+0x186/0x186 [ 372.417958][ C0] ? print_irqtrace_events+0x210/0x210 [ 372.423532][ C0] ? preempt_schedule_irq+0xec/0x1c0 [ 372.428954][ C0] preempt_schedule_irq+0xf7/0x1c0 [ 372.434117][ C0] ? preempt_schedule_notrace+0x140/0x140 [ 372.439885][ C0] ? rcu_is_watching+0x11/0xb0 [ 372.444690][ C0] irqentry_exit+0x53/0x80 [ 372.449138][ C0] asm_sysvec_reschedule_ipi+0x16/0x20 [ 372.454737][ C0] RIP: 0010:rcu_is_watching+0x4/0xb0 [ 372.460145][ C0] Code: 21 02 0f 84 02 ff ff ff e9 6c ff ff ff 48 c7 c7 20 19 33 8d 4c 89 f6 e8 3a 9b f0 02 e9 2b ff ff ff e8 20 c3 31 09 41 57 41 56 <53> 65 ff 05 0c 17 8f 7e e8 5f db 31 09 89 c3 83 f8 08 73 76 49 bf [ 372.479874][ C0] RSP: 0018:ffffc90005d3fbe0 EFLAGS: 00000202 [ 372.485990][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff888021629dc0 [ 372.493990][ C0] RDX: ffff888021629dc0 RSI: 0000000000000001 RDI: 0000000000000000 [ 372.502109][ C0] RBP: 0000000000000000 R08: ffffffff8a75f39a R09: fffffbfff20e7245 [ 372.510121][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888021ec4c80 [ 372.518130][ C0] R13: 00000000000000d3 R14: ffff88805f538340 R15: dffffc0000000000 [ 372.526179][ C0] ? batadv_nc_worker+0x1fa/0x610 [ 372.531256][ C0] batadv_nc_worker+0x203/0x610 [ 372.536144][ C0] ? batadv_nc_worker+0xc7/0x610 [ 372.541216][ C0] ? process_one_work+0x7a9/0x11d0 [ 372.546453][ C0] process_one_work+0x8a9/0x11d0 [ 372.551475][ C0] ? worker_detach_from_pool+0x260/0x260 [ 372.557151][ C0] ? _raw_spin_lock_irqsave+0x120/0x120 [ 372.562746][ C0] ? kthread_data+0x4e/0xc0 [ 372.567306][ C0] ? wq_worker_running+0x97/0x190 [ 372.572386][ C0] worker_thread+0xa47/0x1200 [ 372.577106][ C0] ? _raw_spin_unlock+0x40/0x40 [ 372.581996][ C0] ? release_firmware_map_entry+0x186/0x186 [ 372.587954][ C0] ? _raw_spin_unlock+0x40/0x40 [ 372.592879][ C0] kthread+0x28d/0x320 [ 372.596985][ C0] ? worker_clr_flags+0x190/0x190 [ 372.602046][ C0] ? kthread_blkcg+0xd0/0xd0 [ 372.606669][ C0] ret_from_fork+0x1f/0x30 [ 372.611146][ C0] [ 372.614189][ C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10525 jiffies! g25565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 [ 372.626729][ C0] rcu: Possible timer handling issue on cpu=1 timer-softirq=14813 [ 372.634660][ C0] rcu: rcu_preempt kthread starved for 10526 jiffies! g25565 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 [ 372.646066][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 372.656062][ C0] rcu: RCU grace-period kthread stack dump: [ 372.661995][ C0] task:rcu_preempt state:I stack:26712 pid:16 ppid:2 flags:0x00004000 [ 372.671264][ C0] Call Trace: [ 372.674574][ C0] [ 372.677534][ C0] __schedule+0x143f/0x4570 [ 372.682087][ C0] ? _raw_spin_unlock+0x40/0x40 [ 372.686992][ C0] ? release_firmware_map_entry+0x186/0x186 [ 372.692930][ C0] ? lockdep_softirqs_off+0x420/0x420 [ 372.698346][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 372.704278][ C0] ? _raw_spin_unlock+0x40/0x40 [ 372.709170][ C0] schedule+0xbf/0x180 [ 372.713279][ C0] schedule_timeout+0x1b9/0x300 [ 372.718165][ C0] ? console_conditional_schedule+0x40/0x40 [ 372.724107][ C0] ? update_process_times+0x1b0/0x1b0 [ 372.729518][ C0] ? prepare_to_swait_event+0x329/0x350 [ 372.735111][ C0] rcu_gp_fqs_loop+0x2d2/0x1150 [ 372.740031][ C0] ? dump_blkd_tasks+0x810/0x810 [ 372.745002][ C0] ? lockdep_hardirqs_on+0x94/0x130 [ 372.750233][ C0] ? rcu_gp_init+0x15f0/0x15f0 [ 372.756766][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 372.762707][ C0] ? finish_swait+0xcf/0x1e0 [ 372.767343][ C0] rcu_gp_kthread+0xa3/0x3b0 [ 372.772147][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 372.777290][ C0] ? _raw_spin_unlock_irqrestore+0xd9/0x130 [ 372.783223][ C0] ? __kthread_parkme+0x168/0x1c0 [ 372.788295][ C0] kthread+0x28d/0x320 [ 372.792393][ C0] ? rcu_report_qs_rsp+0x1a0/0x1a0 [ 372.797556][ C0] ? kthread_blkcg+0xd0/0xd0 [ 372.802179][ C0] ret_from_fork+0x1f/0x30 [ 372.806647][ C0] [ 372.809722][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 372.816079][ C0] Sending NMI from CPU 0 to CPUs 1: [ 372.821331][ C1] NMI backtrace for cpu 1 [ 372.821346][ C1] CPU: 1 PID: 6374 Comm: syz.4.753 Not tainted 6.1.103-syzkaller #0 [ 372.821364][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 372.821375][ C1] RIP: 0010:native_apic_msr_write+0x35/0x50 [ 372.821417][ C1] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 89 f6 31 d2 e9 5f 11 29 03 66 2e 0f 1f 84 00 00 00 00 00 [ 372.821431][ C1] RSP: 0018:ffffc900001e0e60 EFLAGS: 00000046 [ 372.821447][ C1] RAX: 000000000006fde0 RBX: ffffffff8cd88a20 RCX: 0000000000000838 [ 372.821459][ C1] RDX: 0000000000000000 RSI: 000000000006fde0 RDI: 0000000000000838 [ 372.821470][ C1] RBP: 000000000006fde0 R08: ffffffff817ce88d R09: fffffbfff1d33896 [ 372.821483][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8880b99271c0 [ 372.821495][ C1] R13: dffffc0000000000 R14: 000000000006fde0 R15: dffffc0000000000 [ 372.821508][ C1] FS: 00005555573f6500(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 [ 372.821524][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 372.821536][ C1] CR2: 0000000000000000 CR3: 00000000536d1000 CR4: 00000000003506e0 [ 372.821551][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 372.821561][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 372.821572][ C1] Call Trace: [ 372.821578][ C1] [ 372.821584][ C1] ? nmi_cpu_backtrace+0x3de/0x560 [ 372.821612][ C1] ? read_lock_is_recursive+0x10/0x10 [ 372.821640][ C1] ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0 [ 372.821666][ C1] ? nmi_handle+0x25/0x440 [ 372.821702][ C1] ? nmi_cpu_backtrace_handler+0x8/0x10 [ 372.821729][ C1] ? nmi_handle+0x12e/0x440 [ 372.821756][ C1] ? nmi_handle+0x25/0x440 [ 372.821782][ C1] ? native_apic_msr_write+0x35/0x50 [ 372.821802][ C1] ? default_do_nmi+0x62/0x150 [ 372.821830][ C1] ? exc_nmi+0xa8/0x100 [ 372.821854][ C1] ? end_repeat_nmi+0x16/0x31 [ 372.821881][ C1] ? clockevents_program_event+0x18d/0x310 [ 372.821908][ C1] ? native_apic_msr_write+0x35/0x50 [ 372.821929][ C1] ? native_apic_msr_write+0x35/0x50 [ 372.821950][ C1] ? native_apic_msr_write+0x35/0x50 [ 372.821970][ C1] [ 372.821975][ C1] [ 372.821992][ C1] lapic_next_event+0x5b/0x70 [ 372.822015][ C1] clockevents_program_event+0x1c5/0x310 [ 372.822041][ C1] hrtimer_interrupt+0x546/0x980 [ 372.822081][ C1] __sysvec_apic_timer_interrupt+0x156/0x580 [ 372.822105][ C1] sysvec_apic_timer_interrupt+0x8c/0xb0 [ 372.822122][ C1] [ 372.822127][ C1] [ 372.822132][ C1] asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 372.822156][ C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 [ 372.822175][ C1] Code: a1 9d f5 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 6e 1a bb f6 48 89 df e8 d6 57 bc f6 e8 c1 e5 e1 f6 fb bf 01 00 00 00 c6 e8 ae f6 65 8b 05 67 f1 52 75 85 c0 74 02 5b c3 e8 14 15 51 [ 372.822189][ C1] RSP: 0018:ffffc90010fdfb30 EFLAGS: 00000286 [ 372.822202][ C1] RAX: 368fa3af0febf100 RBX: ffff88805b9e0000 RCX: ffffffff91f31103 [ 372.822215][ C1] RDX: dffffc0000000000 RSI: ffffffff8b0c0260 RDI: 0000000000000001 [ 372.822226][ C1] RBP: ffffc90010fdfc70 R08: dffffc0000000000 R09: ffffed100b73c001 [ 372.822239][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff1100b73c093 [ 372.822250][ C1] R13: 000000001c000004 R14: 0000000000000021 R15: ffff88805b9e0498 [ 372.822271][ C1] get_signal+0x154b/0x17d0 [ 372.822306][ C1] ? ptrace_notify+0x370/0x370 [ 372.822336][ C1] arch_do_signal_or_restart+0xb0/0x1a10 [ 372.822356][ C1] ? __might_fault+0xa1/0x110 [ 372.822379][ C1] ? __lock_acquire+0x1f80/0x1f80 [ 372.822408][ C1] ? do_sigaltstack+0x3f3/0x610 [ 372.822429][ C1] ? get_sigframe_size+0x10/0x10 [ 372.822447][ C1] ? restore_altstack+0x107/0x150 [ 372.822466][ C1] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 372.822498][ C1] ? exit_to_user_mode_loop+0x39/0x100 [ 372.822516][ C1] exit_to_user_mode_loop+0x6a/0x100 [ 372.822533][ C1] exit_to_user_mode_prepare+0xb1/0x140 [ 372.822550][ C1] syscall_exit_to_user_mode+0x60/0x270 [ 372.822570][ C1] do_syscall_64+0x47/0xb0 [ 372.822592][ C1] ? clear_bhb_loop+0x45/0xa0 [ 372.822615][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 372.822635][ C1] RIP: 0033:0x7f36e4d779f9 [ 372.822655][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 372.822668][ C1] RSP: 002b:00007fff6c19f708 EFLAGS: 00000246 [ 372.822681][ C1] RAX: fffffffffffffffc RBX: 0000000000041473 RCX: 00007f36e4d779f9 [ 372.822693][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f36e4f06064 [ 372.822703][ C1] RBP: 00007f36e4f06064 R08: 0000000000000010 R09: 00007fff6c19f9ef [ 372.822714][ C1] R10: 00007fff6c19f800 R11: 0000000000000246 R12: 0000000000000032 [ 372.822725][ C1] R13: 00007fff6c19f800 R14: 00007fff6c19f820 R15: 0000000000041441 [ 372.822746][ C1]