last executing test programs: 22.991027612s ago: executing program 4 (id=457): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r2, 0x2000009) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) r3 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x544, &(0x7f0000000580)="$eJzs3W9v00YcwPGfSzuiTKqmMSFUFTjKJhWpBCeBoIgn85xLeuDYke2g9hGqaIoqUpgok9Y+YTxhm7S9CJ7uRewdob2ETbaT/qFNApQ2XfX9RHBX++z7XWr5JzfxWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhuzbaLlnjGby+pwdxaGDR3f+xtfWCB3NhXDOlXxEr+SS4nl7JFl77ZXX0x+W9OZrOfZiWXFDnZ/vLiV/cuTE70tx8S8InY3Np+utLtdl6MO5BjdPn84HUN7ZsoME2noZWJAlWtVOxbi/VI1Y2no+Uo1k3lhtqJg1DNuzdUsVotK11YDtp+o+Z4ur/w7s2SbVfU/UJLO2EU+LfuFyJ30Xie8Rtpm2R10uZuciA+MLGKtdNUam292ymPGkDSqPghjUqjGpXsUqlYLJWKlTvVO3dte/LAAvs9cqDF+A9ajNdnPHsDRzPRy//iiRFf2rIk6tCXKzUJJZDmgPU9/fz/3S09tN+9+b+f5S/trp6RNP9fEZHvRa4Myv8DYjm516ZsybY8lRXpSlc68mLsEZ3sqyFafDESSSBGmuKkS1RviZKqVKQitjySRalLJErqYsQTLZEsSySx6PSIciUULY7EEkgoSubFlRuipChVqUpZlGgpyLIE0hZfGlITJ93Lmqyn73tZlDUoxp1GxYHDyPePu46UhoyW/I+j+9yncOCT/dvP/wAAAAAA4Myy0r++J9f/U3I5rdWNp+1xhwUAAAAAAD6j9JP/2aSYSmqXxeL6HwAAAACAs8ZK77GzRCQvV7Pamljp7VL8EQAAAAAAgDMi/fz/SlKkc6BcFWtnuhSu/wEAAAAAOCN+GznHftQ6b/39j4ThlPW6tfSttZHOzetsnMu2O/f+HuP6jDXd20laVLJictLVs1Yua7QzCea7XrE2Kg5rNwBnJ4BfPiaAC5Pyh1zL2lxbzcrV/pqsl3zdeLrgBt69ojjO9ESsl+Kfnq3/LOnwf/eb01ZO1rudwuPn3dU0ltfJXl5v9CZQPDCP4pBYXqbzLaT3XBw64qn0Roxev3lL1ta7HXvv+CeyzSf29/hqekifb2QuazXXm/E2v3/8uaTPYmHQ6HtRFI848jdyPWtzff56VhwSRWlUFKW9URz+Xhw9ivKoKMpHjAIAxmVtRBay5EDe/YSz3Kdld/nI7P5G5rM28zPpiXVy5pAzuj3qjG4fMbv9deAZSINybNLvn+9l1bfJBm8H9ht5JSt5C8+93PhRLm5ubd9c31h50nnSeVYqlSv2bdu+U5KpdBi9gtwDADhE9owdGfKMnZEtrNsjrqq/3vlKQUEey3PpyqospHcbpN84OHSv+T1fQ1gYcdWaT9Nk9oSXhSFXdV+kdzn091sa2nZ/DOXj/0UAAHCC5kbk4Q/J/wsjrrv35/LhV8f5PU9rAwAAx0OH76x8/KsVhqb1qFitFp14UaswcB+o0NQaWhk/1qG76PgNrVphEAdu4CWVh6amIxW1W60gjFU9CFUriMxSOn2g6j36PdJNx4+NG7U87URauYEfO26saiZyVav9g2eiRR2mG0ct7Zq6cZ3YBL6Kgnbo6oJSkdZ7Gpqa9mNTN0nVV63QNJ0wpx4GXrupVU1HbmhacZDtsN+X8etB2Ex3Wxj3mw0AwCmxubX9dKXb7bw4xsq4xwgAAPYjSwMAAAAAAAAAAAAAAAAAAAAAcPqdxP1/VI5YmTjlv6b+VNCnJZ4Pr5z/H8Z8QpWRp45Xx35yAnCs/gsAAP//YsVNsQ==") ioctl$FS_IOC_SETFLAGS(r3, 0x4c02, &(0x7f0000000140)) write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 22.205194223s ago: executing program 4 (id=458): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x37, @time}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0bc5351, &(0x7f0000000200)={{}, 'port1\x00'}) tkill(r0, 0x7) 21.553188277s ago: executing program 4 (id=459): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20) r1 = socket$can_j1939(0x1d, 0x2, 0x7) syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0) r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100) io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1) openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0) 19.518420565s ago: executing program 1 (id=465): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000500)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000440)=@gcm_128={{0x304}, "e453f079df21d540", "1ec2d524d78682576ec2d9e13dad1018", "993161e3", "be0692db0b429ee8"}, 0x28) write$binfmt_script(r0, &(0x7f0000001300), 0x8f) 19.327554842s ago: executing program 1 (id=467): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20) r1 = socket$can_j1939(0x1d, 0x2, 0x7) syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0) r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100) io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1) openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0) 19.043711893s ago: executing program 1 (id=470): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x400500, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r2}, 0x38) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) syz_open_procfs$userns(r1, &(0x7f00000027c0)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x204401, 0x0) prctl$PR_MCE_KILL(0x22, 0xfe8679d1aaaa176c, 0x0) renameat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', r3, &(0x7f0000000280)='./file0\x00') r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getegid() r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000001a40)) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000002100010000000000000000000200000000000c00f43f000000000000000000607a89842f0000"], 0x30}}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x2f, 0x9, 0x31, 0x1, 0x5b, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x80, 0x5, 0x7}}) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$sock_buf(r7, 0x1, 0x1f, &(0x7f00000000c0)=""/8, &(0x7f0000000180)=0x8) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r9}, 0x48) 18.07732706s ago: executing program 1 (id=471): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r2, 0x2000009) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x544, &(0x7f0000000580)="$eJzs3W9v00YcwPGfSzuiTKqmMSFUFTjKJhWpBCeBoIgn85xLeuDYke2g9hGqaIoqUpgok9Y+YTxhm7S9CJ7uRewdob2ETbaT/qFNApQ2XfX9RHBX++z7XWr5JzfxWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhuzbaLlnjGby+pwdxaGDR3f+xtfWCB3NhXDOlXxEr+SS4nl7JFl77ZXX0x+W9OZrOfZiWXFDnZ/vLiV/cuTE70tx8S8InY3Np+utLtdl6MO5BjdPn84HUN7ZsoME2noZWJAlWtVOxbi/VI1Y2no+Uo1k3lhtqJg1DNuzdUsVotK11YDtp+o+Z4ur/w7s2SbVfU/UJLO2EU+LfuFyJ30Xie8Rtpm2R10uZuciA+MLGKtdNUam292ymPGkDSqPghjUqjGpXsUqlYLJWKlTvVO3dte/LAAvs9cqDF+A9ajNdnPHsDRzPRy//iiRFf2rIk6tCXKzUJJZDmgPU9/fz/3S09tN+9+b+f5S/trp6RNP9fEZHvRa4Myv8DYjm516ZsybY8lRXpSlc68mLsEZ3sqyFafDESSSBGmuKkS1RviZKqVKQitjySRalLJErqYsQTLZEsSySx6PSIciUULY7EEkgoSubFlRuipChVqUpZlGgpyLIE0hZfGlITJ93Lmqyn73tZlDUoxp1GxYHDyPePu46UhoyW/I+j+9yncOCT/dvP/wAAAAAA4Myy0r++J9f/U3I5rdWNp+1xhwUAAAAAAD6j9JP/2aSYSmqXxeL6HwAAAACAs8ZK77GzRCQvV7Pamljp7VL8EQAAAAAAgDMi/fz/SlKkc6BcFWtnuhSu/wEAAAAAOCN+GznHftQ6b/39j4ThlPW6tfSttZHOzetsnMu2O/f+HuP6jDXd20laVLJictLVs1Yua7QzCea7XrE2Kg5rNwBnJ4BfPiaAC5Pyh1zL2lxbzcrV/pqsl3zdeLrgBt69ojjO9ESsl+Kfnq3/LOnwf/eb01ZO1rudwuPn3dU0ltfJXl5v9CZQPDCP4pBYXqbzLaT3XBw64qn0Roxev3lL1ta7HXvv+CeyzSf29/hqekifb2QuazXXm/E2v3/8uaTPYmHQ6HtRFI848jdyPWtzff56VhwSRWlUFKW9URz+Xhw9ivKoKMpHjAIAxmVtRBay5EDe/YSz3Kdld/nI7P5G5rM28zPpiXVy5pAzuj3qjG4fMbv9deAZSINybNLvn+9l1bfJBm8H9ht5JSt5C8+93PhRLm5ubd9c31h50nnSeVYqlSv2bdu+U5KpdBi9gtwDADhE9owdGfKMnZEtrNsjrqq/3vlKQUEey3PpyqospHcbpN84OHSv+T1fQ1gYcdWaT9Nk9oSXhSFXdV+kdzn091sa2nZ/DOXj/0UAAHCC5kbk4Q/J/wsjrrv35/LhV8f5PU9rAwAAx0OH76x8/KsVhqb1qFitFp14UaswcB+o0NQaWhk/1qG76PgNrVphEAdu4CWVh6amIxW1W60gjFU9CFUriMxSOn2g6j36PdJNx4+NG7U87URauYEfO26saiZyVav9g2eiRR2mG0ct7Zq6cZ3YBL6Kgnbo6oJSkdZ7Gpqa9mNTN0nVV63QNJ0wpx4GXrupVU1HbmhacZDtsN+X8etB2Ex3Wxj3mw0AwCmxubX9dKXb7bw4xsq4xwgAAPYjSwMAAAAAAAAAAAAAAAAAAAAAcPqdxP1/VI5YmTjlv6b+VNCnJZ4Pr5z/H8Z8QpWRp45Xx35yAnCs/gsAAP//YsVNsQ==") write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 17.583150329s ago: executing program 1 (id=474): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000240)={0x0, 0xfffffffffffffe1a, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000003f00000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) 16.915641345s ago: executing program 3 (id=476): ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045731, &(0x7f0000000000)) 16.903483244s ago: executing program 3 (id=477): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20) r1 = socket$can_j1939(0x1d, 0x2, 0x7) syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0) r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100) io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1) openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000040)={0x1d, 0x0, 0x3, {}, 0xff}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0) 16.76072873s ago: executing program 3 (id=478): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x400500, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r2}, 0x38) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) syz_open_procfs$userns(r1, &(0x7f00000027c0)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x204401, 0x0) prctl$PR_MCE_KILL(0x22, 0xfe8679d1aaaa176c, 0x0) renameat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', r3, &(0x7f0000000280)='./file0\x00') r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getegid() r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000001a40)) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000002100010000000000000000000200000000000c00f43f000000000000000000607a89842f0000"], 0x30}}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x2f, 0x9, 0x31, 0x1, 0x5b, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x80, 0x5, 0x7}}) r7 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$sock_buf(r7, 0x1, 0x1f, &(0x7f00000000c0)=""/8, &(0x7f0000000180)=0x8) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r9}, 0x48) 16.51171175s ago: executing program 1 (id=479): sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x400, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r0, 0x2) 13.961709117s ago: executing program 3 (id=481): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r2, 0x2000009) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x544, &(0x7f0000000580)="$eJzs3W9v00YcwPGfSzuiTKqmMSFUFTjKJhWpBCeBoIgn85xLeuDYke2g9hGqaIoqUpgok9Y+YTxhm7S9CJ7uRewdob2ETbaT/qFNApQ2XfX9RHBX++z7XWr5JzfxWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhuzbaLlnjGby+pwdxaGDR3f+xtfWCB3NhXDOlXxEr+SS4nl7JFl77ZXX0x+W9OZrOfZiWXFDnZ/vLiV/cuTE70tx8S8InY3Np+utLtdl6MO5BjdPn84HUN7ZsoME2noZWJAlWtVOxbi/VI1Y2no+Uo1k3lhtqJg1DNuzdUsVotK11YDtp+o+Z4ur/w7s2SbVfU/UJLO2EU+LfuFyJ30Xie8Rtpm2R10uZuciA+MLGKtdNUam292ymPGkDSqPghjUqjGpXsUqlYLJWKlTvVO3dte/LAAvs9cqDF+A9ajNdnPHsDRzPRy//iiRFf2rIk6tCXKzUJJZDmgPU9/fz/3S09tN+9+b+f5S/trp6RNP9fEZHvRa4Myv8DYjm516ZsybY8lRXpSlc68mLsEZ3sqyFafDESSSBGmuKkS1RviZKqVKQitjySRalLJErqYsQTLZEsSySx6PSIciUULY7EEkgoSubFlRuipChVqUpZlGgpyLIE0hZfGlITJ93Lmqyn73tZlDUoxp1GxYHDyPePu46UhoyW/I+j+9yncOCT/dvP/wAAAAAA4Myy0r++J9f/U3I5rdWNp+1xhwUAAAAAAD6j9JP/2aSYSmqXxeL6HwAAAACAs8ZK77GzRCQvV7Pamljp7VL8EQAAAAAAgDMi/fz/SlKkc6BcFWtnuhSu/wEAAAAAOCN+GznHftQ6b/39j4ThlPW6tfSttZHOzetsnMu2O/f+HuP6jDXd20laVLJictLVs1Yua7QzCea7XrE2Kg5rNwBnJ4BfPiaAC5Pyh1zL2lxbzcrV/pqsl3zdeLrgBt69ojjO9ESsl+Kfnq3/LOnwf/eb01ZO1rudwuPn3dU0ltfJXl5v9CZQPDCP4pBYXqbzLaT3XBw64qn0Roxev3lL1ta7HXvv+CeyzSf29/hqekifb2QuazXXm/E2v3/8uaTPYmHQ6HtRFI848jdyPWtzff56VhwSRWlUFKW9URz+Xhw9ivKoKMpHjAIAxmVtRBay5EDe/YSz3Kdld/nI7P5G5rM28zPpiXVy5pAzuj3qjG4fMbv9deAZSINybNLvn+9l1bfJBm8H9ht5JSt5C8+93PhRLm5ubd9c31h50nnSeVYqlSv2bdu+U5KpdBi9gtwDADhE9owdGfKMnZEtrNsjrqq/3vlKQUEey3PpyqospHcbpN84OHSv+T1fQ1gYcdWaT9Nk9oSXhSFXdV+kdzn091sa2nZ/DOXj/0UAAHCC5kbk4Q/J/wsjrrv35/LhV8f5PU9rAwAAx0OH76x8/KsVhqb1qFitFp14UaswcB+o0NQaWhk/1qG76PgNrVphEAdu4CWVh6amIxW1W60gjFU9CFUriMxSOn2g6j36PdJNx4+NG7U87URauYEfO26saiZyVav9g2eiRR2mG0ct7Zq6cZ3YBL6Kgnbo6oJSkdZ7Gpqa9mNTN0nVV63QNJ0wpx4GXrupVU1HbmhacZDtsN+X8etB2Ex3Wxj3mw0AwCmxubX9dKXb7bw4xsq4xwgAAPYjSwMAAAAAAAAAAAAAAAAAAAAAcPqdxP1/VI5YmTjlv6b+VNCnJZ4Pr5z/H8Z8QpWRp45Xx35yAnCs/gsAAP//YsVNsQ==") write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 13.603479881s ago: executing program 3 (id=482): openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYBLOB="0000000000000000b708000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000484b60fc3795454500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) write$cgroup_devices(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308004d8c71ef2885634a8270001488"], 0xffdd) 12.547758721s ago: executing program 3 (id=483): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, &(0x7f0000000100)=""/140, 0xde) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000040)={0x37, @time}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0bc5351, &(0x7f0000000200)={{}, 'port1\x00'}) tkill(r0, 0x7) 8.731741357s ago: executing program 2 (id=486): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x20, &(0x7f0000000040)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in={0x2, 0x4e24, @remote}]}, &(0x7f0000000080)=0x10) socket$nl_route(0x10, 0x3, 0x0) socket(0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xce024d}, 0x9c) 8.658533659s ago: executing program 2 (id=487): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x400500, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r0) r1 = gettid() bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x4, 0x6, 0x80, 0x42}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619, r2}, 0x38) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f00000000c0)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) syz_open_procfs$userns(r1, &(0x7f00000027c0)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x204401, 0x0) prctl$PR_MCE_KILL(0x22, 0xfe8679d1aaaa176c, 0x0) renameat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', r3, &(0x7f0000000280)='./file0\x00') r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r4, 0x0, 0x486, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getegid() r5 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000001a40)) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="300000002100010000000000000000000200000000000c00f43f000000000000000000607a89842f0000"], 0x30}}, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x2f, 0x9, 0x31, 0x1, 0x5b, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, 0x1, 0x80, 0x5, 0x7}}) socket$inet6_udplite(0xa, 0x2, 0x88) clock_gettime(0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x3, 0x261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r8}, 0x48) 7.751211064s ago: executing program 2 (id=488): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000200)) 7.611688309s ago: executing program 2 (id=489): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r2, 0x2000009) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f00000000c0), &(0x7f0000000540)='./file0\x00', 0x204018, &(0x7f0000000140)=ANY=[@ANYBLOB="6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c686964652c73657373696f6e3d3078303030303030303030303030303032312c756e686964652c696f636861727365743d63703433372c6f76657272696465726f636b7065726d2c626c6f636b3d3078303030303030303030303030303430302c005fb50aab29cf1d32d24be5ab2a6506aa524c8f1cd5781842ee1c86bee627767fee958f25bb6db8e631262ed8a59d337d730b6698271aeb8c31c1902a7e236e5dd878e6c1352c0c799d8e80d7346f8d2870acebe617c694bbb925d3ab4fb01784c564c03d88c81d2f84f58e8c6ba18548f09fa6"], 0x1, 0x544, &(0x7f0000000580)="$eJzs3W9v00YcwPGfSzuiTKqmMSFUFTjKJhWpBCeBoIgn85xLeuDYke2g9hGqaIoqUpgok9Y+YTxhm7S9CJ7uRewdob2ETbaT/qFNApQ2XfX9RHBX++z7XWr5JzfxWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFhuzbaLlnjGby+pwdxaGDR3f+xtfWCB3NhXDOlXxEr+SS4nl7JFl77ZXX0x+W9OZrOfZiWXFDnZ/vLiV/cuTE70tx8S8InY3Np+utLtdl6MO5BjdPn84HUN7ZsoME2noZWJAlWtVOxbi/VI1Y2no+Uo1k3lhtqJg1DNuzdUsVotK11YDtp+o+Z4ur/w7s2SbVfU/UJLO2EU+LfuFyJ30Xie8Rtpm2R10uZuciA+MLGKtdNUam292ymPGkDSqPghjUqjGpXsUqlYLJWKlTvVO3dte/LAAvs9cqDF+A9ajNdnPHsDRzPRy//iiRFf2rIk6tCXKzUJJZDmgPU9/fz/3S09tN+9+b+f5S/trp6RNP9fEZHvRa4Myv8DYjm516ZsybY8lRXpSlc68mLsEZ3sqyFafDESSSBGmuKkS1RviZKqVKQitjySRalLJErqYsQTLZEsSySx6PSIciUULY7EEkgoSubFlRuipChVqUpZlGgpyLIE0hZfGlITJ93Lmqyn73tZlDUoxp1GxYHDyPePu46UhoyW/I+j+9yncOCT/dvP/wAAAAAA4Myy0r++J9f/U3I5rdWNp+1xhwUAAAAAAD6j9JP/2aSYSmqXxeL6HwAAAACAs8ZK77GzRCQvV7Pamljp7VL8EQAAAAAAgDMi/fz/SlKkc6BcFWtnuhSu/wEAAAAAOCN+GznHftQ6b/39j4ThlPW6tfSttZHOzetsnMu2O/f+HuP6jDXd20laVLJictLVs1Yua7QzCea7XrE2Kg5rNwBnJ4BfPiaAC5Pyh1zL2lxbzcrV/pqsl3zdeLrgBt69ojjO9ESsl+Kfnq3/LOnwf/eb01ZO1rudwuPn3dU0ltfJXl5v9CZQPDCP4pBYXqbzLaT3XBw64qn0Roxev3lL1ta7HXvv+CeyzSf29/hqekifb2QuazXXm/E2v3/8uaTPYmHQ6HtRFI848jdyPWtzff56VhwSRWlUFKW9URz+Xhw9ivKoKMpHjAIAxmVtRBay5EDe/YSz3Kdld/nI7P5G5rM28zPpiXVy5pAzuj3qjG4fMbv9deAZSINybNLvn+9l1bfJBm8H9ht5JSt5C8+93PhRLm5ubd9c31h50nnSeVYqlSv2bdu+U5KpdBi9gtwDADhE9owdGfKMnZEtrNsjrqq/3vlKQUEey3PpyqospHcbpN84OHSv+T1fQ1gYcdWaT9Nk9oSXhSFXdV+kdzn091sa2nZ/DOXj/0UAAHCC5kbk4Q/J/wsjrrv35/LhV8f5PU9rAwAAx0OH76x8/KsVhqb1qFitFp14UaswcB+o0NQaWhk/1qG76PgNrVphEAdu4CWVh6amIxW1W60gjFU9CFUriMxSOn2g6j36PdJNx4+NG7U87URauYEfO26saiZyVav9g2eiRR2mG0ct7Zq6cZ3YBL6Kgnbo6oJSkdZ7Gpqa9mNTN0nVV63QNJ0wpx4GXrupVU1HbmhacZDtsN+X8etB2Ex3Wxj3mw0AwCmxubX9dKXb7bw4xsq4xwgAAPYjSwMAAAAAAAAAAAAAAAAAAAAAcPqdxP1/VI5YmTjlv6b+VNCnJZ4Pr5z/H8Z8QpWRp45Xx35yAnCs/gsAAP//YsVNsQ==") write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 7.200689555s ago: executing program 2 (id=490): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, &(0x7f0000000100)=""/140, 0xde) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0bc5351, &(0x7f0000000200)={{}, 'port1\x00'}) tkill(r0, 0x7) 6.251562681s ago: executing program 2 (id=493): r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000001d00)=0xaf0f) 5.935601613s ago: executing program 0 (id=495): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x1, &(0x7f0000000200)=@raw=[@kfunc], &(0x7f0000000900)='syzkaller\x00', 0x9, 0xc7, &(0x7f0000000940)=""/199}, 0x90) 5.858760096s ago: executing program 0 (id=496): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)={0x38, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0xc, 0x2c, 0x0, 0x1, [{0x8}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x38}}, 0x0) 5.654912154s ago: executing program 0 (id=497): r0 = socket$igmp(0x2, 0x3, 0x2) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', 0x0}) sendmsg$inet(r0, &(0x7f00000008c0)={&(0x7f00000004c0)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @loopback, @dev}}}], 0x20}, 0x0) 5.423718533s ago: executing program 0 (id=498): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0) ftruncate(r2, 0x2000009) write$cgroup_int(r1, &(0x7f00000000c0), 0x12) creat(&(0x7f00000000c0)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0) r3 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x4c02, &(0x7f0000000140)) write$binfmt_script(r2, &(0x7f0000000140), 0xfcb8) 5.123260995s ago: executing program 0 (id=499): r0 = socket$inet_sctp(0x2, 0x5, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getpeername$netlink(0xffffffffffffffff, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x8901, &(0x7f0000000000)) dup3(r2, r0, 0x0) socket(0x2c, 0x800, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000000), &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000080)={0x0, 0xf47, 0x4, 0x8, 0x0, 0xab2}, &(0x7f00000000c0)=0x14) socket$inet6_sctp(0xa, 0x0, 0x84) socket$inet_sctp(0x2, 0x1, 0x84) accept$inet6(r3, 0x0, &(0x7f0000000540)) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r4, 0x8983, &(0x7f0000001c00)={0x0, 'vcan0\x00'}) 4.119709733s ago: executing program 0 (id=500): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, &(0x7f0000000100)=""/140, 0xde) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0bc5351, &(0x7f0000000200)={{}, 'port1\x00'}) tkill(r0, 0x7) 411.717304ms ago: executing program 4 (id=460): write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0) gettid() openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) 257.82152ms ago: executing program 4 (id=502): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x401, 0x0, 0x0, {}, [@NFTA_OBJ_TYPE={0x8}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x50}}, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000140)='./file1\x00') bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x2, [@volatile={0x0, 0x0, 0x2, 0x2, 0x4}, @union={0xd, 0x2, 0x0, 0x5, 0x0, 0x4, [{0x3, 0x1, 0xfffffffb}, {0x4, 0x5, 0x4}]}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x2, 0x4}]}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}]}}, 0x0, 0x6a}, 0x20) r1 = socket$can_j1939(0x1d, 0x2, 0x7) syz_emit_ethernet(0x276, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd642b72b902403a00fe8000000000000000000000000000aa00000000000000000000ffffac14141dff03000000000000c910fc00000000000000000000000000000104016f0001001d0020c1640000003200080065000000010200080000000020010000000000000000000000000001620e021f00000000fc0100000000000000000000000000010000000000000000000000000000000120010000000000000000000000000002fe80000000000000000000000000000ffc020000000000000000000000000001fe8000000000000000000000000000aafe80000000200000000000000000003e3b14000600000000fc00000000000000000000000000000100000000000000000000ffffac1e0101000000000000000000000000000000012001000000000000000000000000000020010000000000000000002e7cd7ce00fc000000000000000000000000000001fc000000000000000000000000000000fe8000000000000000000000000000bbff010000000000000000000000000001ff01000000000000000000000000000187009078fe8000000000000000000000000000bb2201e61ec8d48d7044626a6608e84002160a5a57529ffb9c30c1b5a6c41a1b5d3290e45b70e0e6fb58d25dd3e5b8eeeed323ed5de4fbcaf254bf6b0d787415c2d8f83e90f26aea933f68321bdec137d764c7dd89b3cbab255a5bab800273124333b5d4bb43ed860d8a8b9b7f520484556c333014fd19b25923e8dc7fd2c02b301395b0d19cb2ddbf953d292e77f1aa8911a037d89926c23d23a0ee79a201abad134cb44345ac4aefafc457affa00ffeefdab9c04329016564291385f69ab9dcdd83e54ad"], 0x0) r2 = syz_io_uring_setup(0x48be, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x3}, &(0x7f00000011c0), &(0x7f0000ff4000)) io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100) io_uring_register$IORING_UNREGISTER_BUFFERS(r2, 0x1, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_io_capa_reply={{0x32, 0x9}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}}}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000063019b0000000000950000000000000071a8d592b2874e8c1d0dff5409307d894d30bbdc92517f18890400000066dece220917c3e29dbc09764747e14957158d3dbadcdef22f3fd78f6d8339811026218d0a7677f9568e7189e444766a55ce43bb745aa696bc09bbaa1fa079b7ee50358c6950cf155860b8b76003fe561428d5aaccfe51b4e86b5520e51a621ef15b7e7459cdc659"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000011c0)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000001200)={0x1d, r3, 0x0, {0x1}}, 0x18) connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r3}, 0x18) writev(r1, &(0x7f0000000240)=[{&(0x7f0000000000)='h', 0xfdef}], 0x1) openat$ipvs(0xffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) r4 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r3, 0x0, {}, 0xff}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0) quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000700, 0x0, 0x0) 0s ago: executing program 4 (id=503): syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x10144d4, &(0x7f0000000280)=ANY=[@ANYBLOB='iocharset=cp737,mode=0000000\x00\x0000000000000006,fileset=00000000000000000126,gid=forget,iocharset=cp874,gid=forget,uid=forget,\x00'], 0xfe, 0xc24, &(0x7f0000001480)="$eJzs3UFsHNd9B+D/Gy5Fym4rJk5Uu42LTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmFoSJNXIRtrQvfTQQ4Ci6CEnAq1RIEUDoymCHtnWBZKLD0VOPREtbARFD2wRIKeAxcy+lZY0ZcmmSFH299nUbznz3ux7b5YzkqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN976cKpZ9ODbgUAcJAuTX311Gn3fwD4RLnsz/8AAAAAAAAAAAAAAHDYpSjisUixeGkzzVTfdw1fbHdu3Jwen9i92tFU1Ryoypdfw8+ePnP2S8+NnevlB9e/356IV6YuX6i/uHB9cam1vNyaq0932rMLc617PsJe6+80Wg1A/fqrN+auXl2un37mzLbdN0feG3r0+Mj5sadOPtkrOz0+MTHVV6Y2+JHf/X3uNMPjSBRxMlI8/b2fpGZEFLH3sbjLZ2e/Ha06MVp1Ynp8ourIfLvZWSl3TvYGooio91Vq9MboAM7FnjQiVsvmlw0eLbs3tdhcal6Zb9Unm0sr7ZX2QmcydVtb9qceRZxLEWsRsTH0/sMNRhG1SPGdY5vpSkQM9Mbhi9XE4Du3o9jHPt6Dsp31wYi14iE4Z4fYUBTxcqT46dtFzJZjlr/iCxEvl/mDiDfLfCEilR+MsxHv7vI54uFUiyL+vDz/5zfTXHU96F1XLn6t/pXO1YW+sr3rykN/fzhIh/zaNBxFNKsr/mb66L/ZAQAAAAAAAAAAAAAAAOB+OxpFPBEpXvr3P6rmFUc1L/3Y+bHfH/nF/jnjj9/lOGXZZyJitbi3OblH8hTiyTSZ0gOeS/xJNhxF/HGe//fGg24MAAAAAAAAAAAAAAAAAADAJ9yPI8Xz75xIa9G/pni7c61+uXllvrsqbG/t396a6VtbW1v11M1GzpmcqznXcq7n3MgZRa6fs5FzJudqzrWc6zk3csZArp+zkXMm52rOtZzrOTdyRi3Xz9nIOZNzNedazvWcGznjkKzdCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwcVJEET+PFN/+xmaKFBGNiJno5vpQrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CANpSK+Hynqf9C4ta0WEan6v+tE+cvZaBwp89PRGCvzhWhcyNmsstZ44wG0n70ZTEX8KFIMDb9164Tn8z/Y/e7WxyDe/Obt736l1s2B3s6R94YePX7s/NjErz1+p9dptwaMXmx3btysT49PTEz1ba7ld/9037aR/L7F/ek6EbH82uuvNufnW0ufmBdFHIpmPKgXte6LWhyS9hzUi3y9il12FYfhp6BxWAaq9+IBX5g4EOX9/91I8dvv/Efvht+7//9C97tbd/j42Z/cvv8/v/NA+3T/f6xv2/P5dyODtYjhleuLg8cjhpdfe/1k+3rzWutaq3P21Kkvj419+cypwSMRw1fb862+V3seKgAAAAAAAAAAAAAAAICDlYr43UjR/NFmqkfEzWq+1sj5sadOPjkQA9V8q23ztl6Zunyh/uLC9cWl1vJya64+3WnPLsy17vXthqvpXtPjE/vSmbs6us/tPzr84sLia0vta3+4suv+R4YvXFleWWrO7r47jkYR0ejfMlo1eHp8omr0fLvZqapO7jqZ7sMbTEX8Z6SYPVs/0tuW5//tnOG/bf7/6s4D7dP8v0/1bSvfM6UifhYpfusvHo/PV+18JN43Zrnc30SK0XOfy+XiSFmu14bucwW6MwPLsv8bKf7h59vL9uZDPna77LP3Oq4Pi/L8H4sU3/+z78av523bn/+w+/l/ZOeB9un8f6Zv2yPbnlew566Tz//JSPHCY2/Fb+RtH/T8jyK2tra+FXEiF771fI59Ov+f7ds2Et33/c37130AAAAAAAAAAICH1mAq4m8jxZMTtfRc3nYv//5vbueB9unff/1y37a5A1qvaM+DCgAAAACHxGAq4seR4trKW7fmUG+f/903//N3bq+9Pp527K3+nu+XqucG3M+//+s3kt93Zu/dBgAAAAAAAAAAAAAAAAAAgEMlpSKey+upz9xlPfX1SPHSfz+dy6XjZbneOvAj1a/DlxY6Jy/Mzy/MNleaV+Zb9anF5myrrPuZSLH515/LdYtqffXP57rdNd6Ht3prsS9Fiom/65XtrsXeW5u8ux54dy32suynIsV//f32sr11rD97u+zpsuxfRYqv/9PuZY/fLnumLPvdSPHDr9d7ZR8py/aej9p9JulwLeZbz8wuzL/vUagAAAAAAAAAAAAAAAAAAADwYQ2mIv40UvzP9bVYrab9v3FrV85ab8Ob3+xb73+Hm9U6/yPV+v93ev1R1v8fuS+9BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0uKIl6PFIuXNtP6UPl91/DFdufGzenxid2rHU1VzYGqfPk1/OzpM2e/9NzYuV5+cP377Yl4ZeryhfqLC9cXl1rLy625+nSnPbsw17rnI+y1/u2h6xqtBqB+/dUbc1evLtdPP3Nm2+6bI+8NPXp85PzYUyef7JWdHp+YmOorUxv8EO/+oRp325Eo4i8jxdPf+0n656GIIvY+Fnf57Oy3o1UnRqtOTI9PVB2Zbzc7K+XOyd5AFBH1vkqN3hgdwLnYk0bEatn8ssGjZfemFptLzSvzrfpkc2mlvdJe6EymbmvL/tSjiHMpYi0iNob6D3QkZxGvRorvHNtM/zIUMdAbhy9emvrqqdN3bkexr728i29V7awPRqwVD8E5O8SGooh/jBQ/fftE/OtQRC26X/GFiJfL/EHEm2W+EJHKD8bZiHeHHnSruV9qUcT/lef//GZ6eyii+pGprisXv1b/SufqQl/Z3nVl5/1hKyIeqvvDQTrk16bhKOKH1RV/M/2bn2sAAAAAAAAAAAAAAACAQ6SIX40Uz79zIlXzg2/NKW53rtUvN6/Md6f19eb+9eZMb21tbdVTNxs5Z3Ku5lzLuZ5zI2cUuX7ORs6ZnKs513Ku59zIGQO5fs5GzpmcqznXcq7n3MgZtVw/ZyPnTM7VnGs513Nu5IxDMncPAAAAAAAAAAAAAAAAAAD4eCmq/1J8+xubaWuou770THRz3XqgH3v/HwAA//9wn/vk") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0) setrlimit(0x1, &(0x7f0000006300)={0xffffffffffffffff, 0xffffffffffffffff}) ftruncate(r0, 0x200ffffffff400) kernel console output (not intermixed with test programs): exists on: batadv_slave_0 [ 56.384946][ T3555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.396239][ T3555] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.414177][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.426863][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.437624][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.448394][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.458706][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.479004][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.480087][ T3633] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 56.505129][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.522007][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.539400][ T3545] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.548321][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.555715][ T3551] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201' [ 56.562083][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.565916][ T3551] CPU: 1 PID: 3551 Comm: kworker/u5:3 Not tainted 6.1.96-syzkaller #0 [ 56.580106][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 56.582058][ T3551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 56.590733][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 56.600040][ T3551] Workqueue: hci0 hci_rx_work [ 56.600088][ T3551] Call Trace: [ 56.600095][ T3551] [ 56.600104][ T3551] dump_stack_lvl+0x1e3/0x2cb [ 56.600139][ T3551] ? nf_tcp_handle_invalid+0x642/0x642 [ 56.600167][ T3551] ? panic+0x764/0x764 [ 56.600201][ T3551] sysfs_create_dir_ns+0x2c6/0x390 [ 56.600230][ T3551] ? sysfs_warn_dup+0xa0/0xa0 [ 56.600265][ T3551] kobject_add_internal+0x6df/0xd10 [ 56.600298][ T3551] kobject_add+0x14e/0x210 [ 56.600322][ T3551] ? device_add+0x3c2/0xfd0 [ 56.600346][ T3551] ? kobject_init+0x1d0/0x1d0 [ 56.600372][ T3551] ? __raw_spin_lock_init+0x41/0x100 [ 56.600394][ T3551] ? get_device_parent+0x128/0x400 [ 56.613382][ T3593] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 56.616361][ T3551] device_add+0x476/0xfd0 [ 56.684141][ T3551] hci_conn_add_sysfs+0xe4/0x1f0 [ 56.689093][ T3551] le_conn_complete_evt+0xcc6/0x1320 [ 56.694368][ T3551] ? trace_contention_end+0x61/0x170 [ 56.699643][ T3551] ? hci_le_big_info_adv_report_evt+0x390/0x390 [ 56.705881][ T3551] ? __mutex_unlock_slowpath+0x218/0x750 [ 56.711527][ T3551] ? mutex_unlock+0x10/0x10 [ 56.716030][ T3551] ? skb_pull_data+0x10e/0x220 [ 56.720782][ T3551] hci_le_enh_conn_complete_evt+0x181/0x410 [ 56.726681][ T3551] hci_event_packet+0xa40/0x1510 [ 56.731628][ T3551] ? hci_remote_host_features_evt+0x210/0x210 [ 56.737688][ T3551] ? bis_list+0x290/0x290 [ 56.742003][ T3551] ? do_raw_spin_unlock+0x137/0x8a0 [ 56.747204][ T3551] ? kcov_remote_start+0x4b5/0x7d0 [ 56.752321][ T3551] ? lockdep_hardirqs_on+0x50/0x130 [ 56.757510][ T3551] ? hci_send_to_monitor+0x99/0x4d0 [ 56.762700][ T3551] hci_rx_work+0x3cd/0xce0 [ 56.767121][ T3551] ? do_raw_spin_unlock+0x137/0x8a0 [ 56.772327][ T3551] ? process_one_work+0x7a9/0x11d0 [ 56.777428][ T3551] process_one_work+0x8a9/0x11d0 [ 56.782360][ T3551] ? worker_detach_from_pool+0x260/0x260 [ 56.787992][ T3551] ? _raw_spin_lock_irqsave+0x120/0x120 [ 56.793551][ T3551] ? kthread_data+0x4e/0xc0 [ 56.798064][ T3551] ? wq_worker_running+0x97/0x190 [ 56.803080][ T3551] worker_thread+0xa47/0x1200 [ 56.807762][ T3551] ? __sched_text_start+0x8/0x8 [ 56.812635][ T3551] kthread+0x28d/0x320 [ 56.816687][ T3551] ? worker_clr_flags+0x190/0x190 [ 56.821694][ T3551] ? kthread_blkcg+0xd0/0xd0 [ 56.826286][ T3551] ret_from_fork+0x1f/0x30 [ 56.830725][ T3551] [ 56.841737][ T3555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.854734][ T3551] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 56.866545][ T3555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.868351][ T3551] Bluetooth: hci0: failed to register connection device [ 56.883533][ T3555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.895512][ T3555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.905541][ T3555] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.916891][ T3555] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.928701][ T3555] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.941552][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.957513][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.967703][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 56.973434][ T3593] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 56.978724][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.989549][ T3593] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.006626][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.009264][ T3593] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 57.024798][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.032473][ T3593] usb 2-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 57.047283][ T3545] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.051325][ T3593] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.066847][ T3545] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.073228][ T3593] usb 2-1: config 0 descriptor?? [ 57.088295][ T3545] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.096446][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.105234][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.114008][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.122412][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.137109][ T3555] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.141836][ T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.149656][ T3555] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.163392][ T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.169250][ T3555] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.179498][ T3555] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.194869][ T3545] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.207235][ T3545] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.216096][ T3545] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.225075][ T3545] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.236122][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 57.305086][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.314527][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.345817][ T3603] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.424718][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.434694][ T3593] usbhid 2-1:0.0: can't add hid device: -71 [ 57.440830][ T3593] usbhid: probe of 2-1:0.0 failed with error -71 [ 57.449834][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.461102][ T3593] usb 2-1: USB disconnect, device number 2 [ 57.541898][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 57.555014][ T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.562920][ T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.589917][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.612810][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.629079][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 57.641543][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.688348][ T47] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.720409][ T47] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.755425][ T3593] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 57.978079][ T3649] netlink: 28 bytes leftover after parsing attributes in process `syz.2.8'. [ 58.124940][ T3654] loop0: detected capacity change from 0 to 1024 [ 58.138004][ T3654] ext4: Unknown parameter 'hash' [ 58.145475][ T3556] Bluetooth: hci3: command tx timeout [ 58.145508][ T3546] Bluetooth: hci0: command tx timeout [ 58.145662][ T3561] Bluetooth: hci1: command tx timeout [ 58.145828][ T3551] Bluetooth: hci4: command tx timeout [ 58.167455][ T48] Bluetooth: hci2: command tx timeout [ 58.728457][ T3665] tmpfs: Bad value for 'mpol' [ 58.951739][ T3549] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201' [ 58.961695][ T3549] CPU: 0 PID: 3549 Comm: kworker/u5:2 Not tainted 6.1.96-syzkaller #0 [ 58.969868][ T3549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 58.980024][ T3549] Workqueue: hci4 hci_rx_work [ 58.984744][ T3549] Call Trace: [ 58.988037][ T3549] [ 58.990982][ T3549] dump_stack_lvl+0x1e3/0x2cb [ 58.995694][ T3549] ? nf_tcp_handle_invalid+0x642/0x642 [ 59.001188][ T3549] ? panic+0x764/0x764 [ 59.005292][ T3549] sysfs_create_dir_ns+0x2c6/0x390 [ 59.010436][ T3549] ? sysfs_warn_dup+0xa0/0xa0 [ 59.015154][ T3549] kobject_add_internal+0x6df/0xd10 [ 59.020383][ T3549] kobject_add+0x14e/0x210 [ 59.024826][ T3549] ? device_add+0x3c2/0xfd0 [ 59.029349][ T3549] ? kobject_init+0x1d0/0x1d0 [ 59.034050][ T3549] ? __raw_spin_lock_init+0x41/0x100 [ 59.039360][ T3549] ? get_device_parent+0x128/0x400 [ 59.044501][ T3549] device_add+0x476/0xfd0 [ 59.048857][ T3549] hci_conn_add_sysfs+0xe4/0x1f0 [ 59.053813][ T3549] le_conn_complete_evt+0xcc6/0x1320 [ 59.059127][ T3549] ? trace_contention_end+0x61/0x170 [ 59.064433][ T3549] ? hci_le_big_info_adv_report_evt+0x390/0x390 [ 59.070678][ T3549] ? __mutex_unlock_slowpath+0x218/0x750 [ 59.076310][ T3549] ? mutex_unlock+0x10/0x10 [ 59.080803][ T3549] ? skb_pull_data+0x10e/0x220 [ 59.085561][ T3549] hci_le_enh_conn_complete_evt+0x181/0x410 [ 59.091452][ T3549] hci_event_packet+0xa40/0x1510 [ 59.096388][ T3549] ? hci_remote_host_features_evt+0x210/0x210 [ 59.102455][ T3549] ? bis_list+0x290/0x290 [ 59.106778][ T3549] ? do_raw_spin_unlock+0x137/0x8a0 [ 59.111969][ T3549] ? kcov_remote_start+0x4b5/0x7d0 [ 59.117085][ T3549] ? lockdep_hardirqs_on+0x50/0x130 [ 59.122283][ T3549] ? hci_send_to_monitor+0x99/0x4d0 [ 59.127477][ T3549] hci_rx_work+0x3cd/0xce0 [ 59.131885][ T3549] ? do_raw_spin_unlock+0x137/0x8a0 [ 59.137083][ T3549] ? process_one_work+0x7a9/0x11d0 [ 59.142191][ T3549] process_one_work+0x8a9/0x11d0 [ 59.147132][ T3549] ? worker_detach_from_pool+0x260/0x260 [ 59.152760][ T3549] ? _raw_spin_lock_irqsave+0x120/0x120 [ 59.158297][ T3549] ? kthread_data+0x4e/0xc0 [ 59.162805][ T3549] ? wq_worker_running+0x97/0x190 [ 59.167831][ T3549] worker_thread+0xa47/0x1200 [ 59.172506][ T3549] ? __sched_text_start+0x8/0x8 [ 59.177369][ T3549] kthread+0x28d/0x320 [ 59.181428][ T3549] ? worker_clr_flags+0x190/0x190 [ 59.186443][ T3549] ? kthread_blkcg+0xd0/0xd0 [ 59.191025][ T3549] ret_from_fork+0x1f/0x30 [ 59.195451][ T3549] [ 59.211569][ T3549] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 59.225580][ T3549] Bluetooth: hci4: failed to register connection device [ 59.346087][ T3686] loop0: detected capacity change from 0 to 256 [ 59.446291][ T3681] netlink: 72 bytes leftover after parsing attributes in process `syz.0.19'. [ 59.489886][ T3689] loop2: detected capacity change from 0 to 512 [ 59.506945][ T3681] netlink: 72 bytes leftover after parsing attributes in process `syz.0.19'. [ 59.508098][ T3689] EXT4-fs: Ignoring removed mblk_io_submit option [ 59.628382][ T3689] EXT4-fs error (device loop2): ext4_find_inline_data_nolock:164: inode #12: comm syz.2.20: inline data xattr refers to an external xattr inode [ 59.654254][ T3689] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.20: couldn't read orphan inode 12 (err -117) [ 59.728997][ T3689] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 59.737764][ T3699] usb usb9: usbfs: process 3699 (syz.4.25) did not claim interface 0 before use [ 59.782524][ T3550] EXT4-fs (loop2): unmounting filesystem. [ 60.194208][ T3556] Bluetooth: hci0: command tx timeout [ 60.401495][ T3743] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3) [ 60.408203][ T3743] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 60.420012][ T3743] vhci_hcd vhci_hcd.0: Device attached [ 60.447524][ T3744] vhci_hcd: connection closed [ 60.449259][ T3655] vhci_hcd: stop threads [ 60.475164][ T3655] vhci_hcd: release socket [ 60.479684][ T3655] vhci_hcd: disconnect device [ 60.700576][ T3549] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 60.807405][ T3769] loop2: detected capacity change from 0 to 512 [ 60.856524][ T3774] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 60.857032][ T3769] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 60.883828][ T3769] ext4 filesystem being mounted at /root/syzkaller.bmMskN/9/control supports timestamps until 2038 (0x7fffffff) [ 60.931054][ T3769] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz.2.49: path /root/syzkaller.bmMskN/9/control: bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1 [ 61.001059][ T3550] EXT4-fs (loop2): unmounting filesystem. [ 61.323331][ T3556] Bluetooth: hci4: command tx timeout [ 61.518986][ T3807] loop1: detected capacity change from 0 to 2048 [ 61.584756][ T3807] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 61.731916][ T3554] EXT4-fs (loop1): unmounting filesystem. [ 61.875294][ T26] audit: type=1326 audit(1719817106.301:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3830 comm="syz.1.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbab7175b99 code=0x7ffc0000 [ 61.897669][ T3834] loop4: detected capacity change from 0 to 512 [ 61.915169][ T3834] EXT4-fs: Ignoring removed mblk_io_submit option [ 61.923955][ T26] audit: type=1326 audit(1719817106.331:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3830 comm="syz.1.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fbab7175b99 code=0x7ffc0000 [ 61.953489][ T3834] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 62.002303][ T3834] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 62.015194][ T26] audit: type=1326 audit(2000000000.000:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3830 comm="syz.1.72" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbab7175b99 code=0x7ffc0000 [ 62.061981][ T3834] EXT4-fs (loop4): 1 truncate cleaned up [ 62.113342][ T3834] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 62.142960][ T26] audit: type=1800 audit(2000000000.219:5): pid=3834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.74" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 62.177450][ T26] audit: type=1800 audit(2000000000.249:6): pid=3834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.74" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 62.200370][ T3545] EXT4-fs (loop4): unmounting filesystem. [ 62.268648][ T3556] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 62.278741][ T3556] CPU: 0 PID: 3556 Comm: kworker/u5:5 Not tainted 6.1.96-syzkaller #0 [ 62.286915][ T3556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 62.296982][ T3556] Workqueue: hci2 hci_rx_work [ 62.301682][ T3556] Call Trace: [ 62.304968][ T3556] [ 62.307913][ T3556] dump_stack_lvl+0x1e3/0x2cb [ 62.312626][ T3556] ? nf_tcp_handle_invalid+0x642/0x642 [ 62.313272][ T3849] netlink: 24 bytes leftover after parsing attributes in process `syz.4.79'. [ 62.318095][ T3556] ? panic+0x764/0x764 [ 62.318155][ T3556] sysfs_create_dir_ns+0x2c6/0x390 [ 62.336095][ T3556] ? sysfs_warn_dup+0xa0/0xa0 [ 62.340814][ T3556] kobject_add_internal+0x6df/0xd10 [ 62.346040][ T3556] kobject_add+0x14e/0x210 [ 62.350459][ T3556] ? device_add+0x3c2/0xfd0 [ 62.354961][ T3556] ? kobject_init+0x1d0/0x1d0 [ 62.359643][ T3556] ? __raw_spin_lock_init+0x41/0x100 [ 62.364936][ T3556] ? get_device_parent+0x128/0x400 [ 62.370046][ T3556] device_add+0x476/0xfd0 [ 62.374386][ T3556] hci_conn_add_sysfs+0xe4/0x1f0 [ 62.379319][ T3556] le_conn_complete_evt+0xcc6/0x1320 [ 62.384612][ T3556] ? trace_contention_end+0x61/0x170 [ 62.389898][ T3556] ? hci_le_big_info_adv_report_evt+0x390/0x390 [ 62.396132][ T3556] ? __mutex_unlock_slowpath+0x218/0x750 [ 62.401760][ T3556] ? mutex_unlock+0x10/0x10 [ 62.406252][ T3556] ? skb_pull_data+0x10e/0x220 [ 62.411008][ T3556] hci_le_enh_conn_complete_evt+0x181/0x410 [ 62.416898][ T3556] hci_event_packet+0xa40/0x1510 [ 62.421831][ T3556] ? hci_remote_host_features_evt+0x210/0x210 [ 62.427894][ T3556] ? bis_list+0x290/0x290 [ 62.432214][ T3556] ? do_raw_spin_unlock+0x137/0x8a0 [ 62.437408][ T3556] ? kcov_remote_start+0x4b5/0x7d0 [ 62.442511][ T3556] ? lockdep_hardirqs_on+0x50/0x130 [ 62.447706][ T3556] ? hci_send_to_monitor+0x99/0x4d0 [ 62.452896][ T3556] hci_rx_work+0x3cd/0xce0 [ 62.457297][ T3556] ? do_raw_spin_unlock+0x137/0x8a0 [ 62.462490][ T3556] ? process_one_work+0x7a9/0x11d0 [ 62.467590][ T3556] process_one_work+0x8a9/0x11d0 [ 62.472530][ T3556] ? worker_detach_from_pool+0x260/0x260 [ 62.478154][ T3556] ? _raw_spin_lock_irqsave+0x120/0x120 [ 62.483689][ T3556] ? kthread_data+0x4e/0xc0 [ 62.488190][ T3556] ? wq_worker_running+0x97/0x190 [ 62.493211][ T3556] worker_thread+0xa47/0x1200 [ 62.497883][ T3556] ? __sched_text_start+0x8/0x8 [ 62.502740][ T3556] kthread+0x28d/0x320 [ 62.506798][ T3556] ? worker_clr_flags+0x190/0x190 [ 62.511809][ T3556] ? kthread_blkcg+0xd0/0xd0 [ 62.516386][ T3556] ret_from_fork+0x1f/0x30 [ 62.520808][ T3556] [ 62.529127][ T3556] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 62.542437][ T3556] Bluetooth: hci2: failed to register connection device [ 62.985114][ T3867] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 63.087713][ T3874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.88'. [ 63.239583][ T3877] netlink: 'syz.4.89': attribute type 1 has an invalid length. [ 63.373539][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.725344][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 63.733472][ T7] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 64.074491][ T3899] netlink: 8 bytes leftover after parsing attributes in process `syz.3.99'. [ 64.093896][ T7] usb 3-1: config 220 has too many interfaces: 184, using maximum allowed: 32 [ 64.128170][ T7] usb 3-1: config 220 has 1 interface, different from the descriptor's value: 184 [ 64.167151][ T7] usb 3-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85 [ 64.186861][ T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.246755][ T7] gspca_main: sn9c2028-2.14.0 probing 0c45:8008 [ 64.279419][ T3907] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 64.293101][ T3907] kvm: pic: non byte read [ 64.298086][ T3907] kvm: pic: non byte read [ 64.302918][ T3907] kvm: pic: non byte read [ 64.309294][ T3907] kvm: pic: non byte read [ 64.320469][ T3907] kvm: pic: non byte read [ 64.326091][ T3907] kvm: pic: non byte read [ 64.330939][ T3907] kvm: pic: non byte read [ 64.336655][ T3907] kvm: pic: non byte read [ 64.454345][ T7] gspca_sn9c2028: read1 error -32 [ 64.484621][ T3915] process 'syz.1.103' launched './file2' with NULL argv: empty string added [ 64.494009][ T7] gspca_sn9c2028: read1 error -32 [ 64.513745][ T3915] random: crng reseeded on system resumption [ 64.595001][ T3549] Bluetooth: hci2: command tx timeout [ 64.738450][ T3589] usb 3-1: USB disconnect, device number 2 [ 64.793400][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.801859][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 64.811596][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 65.068269][ T3935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.111'. [ 65.391314][ T3944] capability: warning: `syz.2.115' uses deprecated v2 capabilities in a way that may be insecure [ 65.465031][ T26] audit: type=1326 audit(2000000003.549:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3943 comm="syz.2.115" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f19e6375b99 code=0x0 [ 65.592031][ T3954] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 65.796810][ T3960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.122'. [ 66.047126][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 66.401984][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 66.656446][ T3994] syz.2.132[3994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.656547][ T3994] syz.2.132[3994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.672309][ T3994] syz.2.132[3994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 66.695498][ T3994] syz.2.132[3994] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 68.436168][ T4055] random: crng reseeded on system resumption [ 68.935231][ T4060] netlink: 4 bytes leftover after parsing attributes in process `syz.4.155'. [ 68.981654][ T4062] tmpfs: Unknown parameter 'usrquota' [ 69.012962][ T4064] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 69.020489][ T4064] IPv6: NLM_F_CREATE should be set when creating new route [ 69.108681][ T4060] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 69.115983][ T4060] IPv6: NLM_F_CREATE should be set when creating new route [ 69.402969][ T4071] netlink: 20 bytes leftover after parsing attributes in process `syz.2.157'. [ 71.163586][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.169962][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.675473][ T4104] tmpfs: Unknown parameter 'usrquota' [ 71.924859][ T4113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.170'. [ 71.991737][ T4114] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 71.999013][ T4114] IPv6: NLM_F_CREATE should be set when creating new route [ 72.101395][ T4113] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 72.108678][ T4113] IPv6: NLM_F_CREATE should be set when creating new route [ 73.175164][ T4150] random: crng reseeded on system resumption [ 73.648540][ T4163] tmpfs: Unknown parameter 'usrquota' [ 73.829179][ T4170] netlink: 4 bytes leftover after parsing attributes in process `syz.3.186'. [ 73.993041][ T4170] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 74.000280][ T4170] IPv6: NLM_F_CREATE should be set when creating new route [ 74.100180][ T4175] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 74.107476][ T4175] IPv6: NLM_F_CREATE should be set when creating new route [ 74.889681][ T4211] tmpfs: Unknown parameter 'usrquota' [ 75.477474][ T4224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.202'. [ 75.506273][ T4224] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 75.513580][ T4224] IPv6: NLM_F_CREATE should be set when creating new route [ 75.573386][ T4225] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 75.580660][ T4225] IPv6: NLM_F_CREATE should be set when creating new route [ 76.275415][ T14] cfg80211: failed to load regulatory.db [ 76.422954][ T4253] netlink: 4 bytes leftover after parsing attributes in process `syz.2.214'. [ 76.505550][ T4256] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 76.512903][ T4256] IPv6: NLM_F_CREATE should be set when creating new route [ 76.571823][ T4258] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 76.579126][ T4258] IPv6: NLM_F_CREATE should be set when creating new route [ 77.324804][ T4286] random: crng reseeded on system resumption [ 79.024363][ T4302] netlink: 4 bytes leftover after parsing attributes in process `syz.1.227'. [ 79.064215][ T4303] tmpfs: Unknown parameter 'usrquota' [ 79.107114][ T4304] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.114414][ T4304] IPv6: NLM_F_CREATE should be set when creating new route [ 79.259676][ T4302] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.266957][ T4302] IPv6: NLM_F_CREATE should be set when creating new route [ 80.344296][ T4339] tmpfs: Unknown parameter 'usrquota' [ 80.618614][ T4343] netlink: 4 bytes leftover after parsing attributes in process `syz.3.240'. [ 80.684089][ T4344] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 80.691386][ T4344] IPv6: NLM_F_CREATE should be set when creating new route [ 80.793797][ T4343] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 80.801122][ T4343] IPv6: NLM_F_CREATE should be set when creating new route [ 81.702815][ T4373] tmpfs: Unknown parameter 'usrquota' [ 82.085198][ T4390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.256'. [ 82.144979][ T4394] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 82.152245][ T4394] IPv6: NLM_F_CREATE should be set when creating new route [ 82.192774][ T4390] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 82.200059][ T4390] IPv6: NLM_F_CREATE should be set when creating new route [ 82.358922][ T4396] netlink: 20 bytes leftover after parsing attributes in process `syz.0.258'. [ 83.332658][ T4428] tmpfs: Unknown parameter 'usrquota' [ 83.739439][ T4436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.270'. [ 83.788591][ T4436] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 83.795882][ T4436] IPv6: NLM_F_CREATE should be set when creating new route [ 83.835521][ T4436] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 83.842771][ T4436] IPv6: NLM_F_CREATE should be set when creating new route [ 84.356826][ T4460] netlink: 20 bytes leftover after parsing attributes in process `syz.2.276'. [ 84.372683][ T4461] tmpfs: Unknown parameter 'usrquota' [ 84.792849][ T4477] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'. [ 84.851814][ T4479] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 84.859110][ T4479] IPv6: NLM_F_CREATE should be set when creating new route [ 84.934316][ T4477] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 84.941604][ T4477] IPv6: NLM_F_CREATE should be set when creating new route [ 85.676699][ T4504] tmpfs: Unknown parameter 'usrquota' [ 86.041094][ T4517] netlink: 20 bytes leftover after parsing attributes in process `syz.0.295'. [ 86.209104][ T4522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.297'. [ 86.319997][ T4527] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 86.327415][ T4527] IPv6: NLM_F_CREATE should be set when creating new route [ 86.492262][ T4522] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 86.499535][ T4522] IPv6: NLM_F_CREATE should be set when creating new route [ 87.102011][ T4556] tmpfs: Unknown parameter 'usrquota' [ 87.151922][ T4561] loop0: detected capacity change from 0 to 256 [ 87.157006][ T4560] loop2: detected capacity change from 0 to 1024 [ 87.482381][ T4567] xt_SECMARK: invalid mode: 0 [ 87.667361][ T4560] EXT4-fs error (device loop2): __ext4_fill_super:5399: inode #2: comm syz.2.310: casefold flag without casefold feature [ 88.047446][ T4560] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 88.114430][ T4560] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 88.467627][ T4582] netlink: 4 bytes leftover after parsing attributes in process `syz.0.313'. [ 88.481179][ T3550] EXT4-fs (loop2): unmounting filesystem. [ 88.583314][ T4583] netlink: 20 bytes leftover after parsing attributes in process `syz.3.314'. [ 88.821479][ T4585] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 88.828807][ T4585] IPv6: NLM_F_CREATE should be set when creating new route [ 89.012369][ T4609] loop0: detected capacity change from 0 to 256 [ 89.161781][ T4611] tmpfs: Unknown parameter 'usrquota' [ 89.415878][ T4618] xt_SECMARK: invalid mode: 0 [ 90.732001][ T26] audit: type=1800 audit(2000000028.809:8): pid=4633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.330" name="bus" dev="sda1" ino=1982 res=0 errno=0 [ 91.031799][ T4637] syz.2.329 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 91.749147][ T4647] netlink: 4 bytes leftover after parsing attributes in process `syz.2.333'. [ 91.800693][ T4647] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 91.807979][ T4647] IPv6: NLM_F_CREATE should be set when creating new route [ 91.987420][ T4657] loop2: detected capacity change from 0 to 256 [ 92.158348][ T4661] netlink: 20 bytes leftover after parsing attributes in process `syz.3.338'. [ 92.555411][ T4675] xt_SECMARK: invalid mode: 0 [ 94.420867][ T4690] netlink: 4 bytes leftover after parsing attributes in process `syz.0.347'. [ 94.641483][ T4697] tmpfs: Unknown parameter 'usrquota' [ 95.386588][ T4711] device pim6reg1 entered promiscuous mode [ 95.467785][ T26] audit: type=1804 audit(2000000033.549:9): pid=4720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.354" name="/root/syzkaller.t6ZCU1/80/bus" dev="sda1" ino=1968 res=1 errno=0 [ 95.563629][ T4717] netlink: 20 bytes leftover after parsing attributes in process `syz.2.356'. [ 95.744562][ T26] audit: type=1804 audit(2000000033.829:10): pid=4724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.354" name="/root/syzkaller.t6ZCU1/80/bus" dev="sda1" ino=1968 res=1 errno=0 [ 96.126954][ T4730] xt_SECMARK: invalid mode: 0 [ 98.646936][ T4751] tmpfs: Unknown parameter 'usrquota' [ 98.667400][ T4749] usb usb8: usbfs: process 4749 (syz.1.364) did not claim interface 0 before use [ 98.972766][ T4758] 9pnet_fd: Insufficient options for proto=fd [ 99.073380][ T3637] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 99.353264][ T4770] netlink: 20 bytes leftover after parsing attributes in process `syz.0.370'. [ 99.453378][ T3637] usb 4-1: config 0 has no interfaces? [ 99.458922][ T3637] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 99.489161][ T3637] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.527408][ T3637] usb 4-1: config 0 descriptor?? [ 99.803248][ T4753] usb usb8: usbfs: process 4753 (syz.3.365) did not claim interface 0 before use [ 99.847928][ T41] usb 4-1: USB disconnect, device number 2 [ 100.082324][ T4777] loop2: detected capacity change from 0 to 256 [ 100.114511][ T4777] exfat: Unknown parameter 'attr/keycreate' [ 100.322781][ T4769] loop1: detected capacity change from 0 to 32768 [ 100.352122][ T4779] loop0: detected capacity change from 0 to 4096 [ 100.382614][ T4769] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.371 (4769) [ 100.415423][ T4779] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) [ 100.515035][ T4779] ntfs3: loop0: MFT: r=0, expect seq=1 instead of 0! [ 100.534301][ T4769] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 100.563472][ T4779] ntfs3: loop0: Failed to load $MFT. [ 100.579006][ T4769] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 100.607002][ T4769] BTRFS info (device loop1): using free space tree [ 100.863874][ T4788] tmpfs: Unknown parameter 'usrquota' [ 101.043099][ T4769] BTRFS info (device loop1): enabling ssd optimizations [ 101.219824][ T3554] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 101.732295][ T4782] loop3: detected capacity change from 0 to 40427 [ 101.779324][ T4777] loop2: detected capacity change from 0 to 32768 [ 101.859431][ T4777] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz" [ 101.891737][ T4782] F2FS-fs (loop3): Found nat_bits in checkpoint [ 101.936187][ T4777] gfs2: fsid=syz:syz: Now mounting FS (format 1801)... [ 102.002653][ T4827] loop1: detected capacity change from 0 to 256 [ 102.011761][ T4777] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error [ 102.011761][ T4777] inode = 0 2073 [ 102.011761][ T4777] function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 464 [ 102.064395][ T4827] ======================================================= [ 102.064395][ T4827] WARNING: The mand mount option has been deprecated and [ 102.064395][ T4827] and is ignored by this kernel. Remove the mand [ 102.064395][ T4827] option from the mount to silence this warning. [ 102.064395][ T4827] ======================================================= [ 102.106784][ T4777] gfs2: fsid=syz:syz.0: G: s:SH n:2/819 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1 [ 102.134507][ T4777] gfs2: fsid=syz:syz.0: H: s:SH f:H e:0 p:4777 [syz.2.373] gfs2_lookup_simple+0xf2/0x170 [ 102.154133][ T4782] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 102.193595][ T4827] FAT-fs (loop1): Directory bread(block 64) failed [ 102.203818][ T4777] gfs2: fsid=syz:syz.0: I: n:0/2073 t:4 f:0x00 d:0x00000000 s:0 p:0 [ 102.222107][ T4827] FAT-fs (loop1): Directory bread(block 65) failed [ 102.238079][ T4777] gfs2: fsid=syz:syz.0: about to withdraw this file system [ 102.248708][ T4827] FAT-fs (loop1): Directory bread(block 66) failed [ 102.261325][ T4777] gfs2: fsid=syz:syz.0: File system withdrawn [ 102.269801][ T4827] FAT-fs (loop1): Directory bread(block 67) failed [ 102.291940][ T4782] syz.3.375: attempt to access beyond end of device [ 102.291940][ T4782] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 102.323239][ T4777] CPU: 1 PID: 4777 Comm: syz.2.373 Not tainted 6.1.96-syzkaller #0 [ 102.331155][ T4777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 102.341214][ T4777] Call Trace: [ 102.344488][ T4777] [ 102.347407][ T4777] dump_stack_lvl+0x1e3/0x2cb [ 102.352085][ T4777] ? nf_tcp_handle_invalid+0x642/0x642 [ 102.357543][ T4777] ? panic+0x764/0x764 [ 102.361689][ T4777] ? kobject_uevent_env+0x54a/0x8c0 [ 102.366887][ T4777] gfs2_withdraw+0xf09/0x14b0 [ 102.371567][ T4777] ? gfs2_meta_buffer+0x274/0x410 [ 102.376589][ T4777] ? gfs2_lm+0x230/0x230 [ 102.380834][ T4777] ? gfs2_journal_wipe+0x980/0x980 [ 102.385936][ T4777] ? gfs2_consist_inode_i+0xf1/0x110 [ 102.391217][ T4777] gfs2_inode_refresh+0xbde/0x1060 [ 102.396330][ T4777] ? gfs2_inode_metasync+0xf0/0xf0 [ 102.401438][ T4777] ? gfs2_glock_nq+0xe37/0x18a0 [ 102.406281][ T4777] gfs2_instantiate+0x188/0x250 [ 102.411125][ T4777] gfs2_glock_wait+0x1db/0x2a0 [ 102.415882][ T4777] gfs2_lookupi+0x403/0x5e0 [ 102.420377][ T4777] ? mark_lock+0x9a/0x340 [ 102.424707][ T4777] ? gfs2_lookup_simple+0x170/0x170 [ 102.429900][ T4777] ? gfs2_lookup_simple+0xf2/0x170 [ 102.435003][ T4777] ? crc32_le_base+0x79c/0xd20 [ 102.439768][ T4777] gfs2_lookup_simple+0xf2/0x170 [ 102.444700][ T4777] ? gfs2_lookup_by_inum+0xe0/0xe0 [ 102.449811][ T4777] init_journal+0x1be/0x2470 [ 102.454394][ T4777] ? string+0x26a/0x2b0 [ 102.458539][ T4777] ? vsnprintf+0x1dc/0x1c70 [ 102.463036][ T4777] ? vsnprintf+0x1b96/0x1c70 [ 102.467615][ T4777] ? _compound_head+0x130/0x130 [ 102.472458][ T4777] ? ptr_to_hashval+0x70/0x70 [ 102.477128][ T4777] ? init_sb+0xc34/0x1320 [ 102.481448][ T4777] ? lockref_put_or_lock+0x71/0xb0 [ 102.486558][ T4777] ? snprintf+0xd6/0x120 [ 102.490794][ T4777] ? vscnprintf+0x80/0x80 [ 102.495117][ T4777] init_inodes+0xdc/0x310 [ 102.499438][ T4777] gfs2_fill_super+0x1bbb/0x26e0 [ 102.504474][ T4777] ? gfs2_reconfigure+0xcf0/0xcf0 [ 102.509487][ T4777] ? ptr_to_hashval+0x70/0x70 [ 102.514161][ T4777] ? init_locking+0xbd/0x210 [ 102.518749][ T4777] ? set_blocksize+0x1c6/0x350 [ 102.523506][ T4777] get_tree_bdev+0x3fe/0x620 [ 102.528088][ T4777] ? gfs2_reconfigure+0xcf0/0xcf0 [ 102.533104][ T4777] gfs2_get_tree+0x50/0x210 [ 102.537598][ T4777] ? bpf_lsm_capable+0x5/0x10 [ 102.542273][ T4777] vfs_get_tree+0x88/0x270 [ 102.546682][ T4777] do_new_mount+0x2ba/0xb40 [ 102.551176][ T4777] ? ns_capable+0x85/0xe0 [ 102.555498][ T4777] ? do_move_mount_old+0x160/0x160 [ 102.560604][ T4777] __se_sys_mount+0x2d5/0x3c0 [ 102.565274][ T4777] ? __x64_sys_mount+0xc0/0xc0 [ 102.570030][ T4777] ? syscall_enter_from_user_mode+0x2e/0x230 [ 102.575999][ T4777] ? lockdep_hardirqs_on+0x94/0x130 [ 102.581185][ T4777] ? __x64_sys_mount+0x1c/0xc0 [ 102.585944][ T4777] do_syscall_64+0x3b/0xb0 [ 102.590352][ T4777] ? clear_bhb_loop+0x45/0xa0 [ 102.595021][ T4777] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 102.600907][ T4777] RIP: 0033:0x7f19e637729a [ 102.605321][ T4777] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 7e 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 102.624915][ T4777] RSP: 002b:00007f19e70ece78 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 102.633320][ T4777] RAX: ffffffffffffffda RBX: 00007f19e70ecf00 RCX: 00007f19e637729a [ 102.641277][ T4777] RDX: 0000000020000100 RSI: 0000000020000000 RDI: 00007f19e70ecec0 [ 102.649237][ T4777] RBP: 0000000020000100 R08: 00007f19e70ecf00 R09: 000000000100c000 [ 102.657205][ T4777] R10: 000000000100c000 R11: 0000000000000206 R12: 0000000020000000 [ 102.665167][ T4777] R13: 00007f19e70ecec0 R14: 000000000001251d R15: 0000000020000240 [ 102.673136][ T4777] [ 102.677084][ T4827] FAT-fs (loop1): Directory bread(block 68) failed [ 102.702574][ T4827] FAT-fs (loop1): Directory bread(block 69) failed [ 102.731799][ T4827] FAT-fs (loop1): Directory bread(block 70) failed [ 102.758576][ T4827] FAT-fs (loop1): Directory bread(block 71) failed [ 102.781803][ T4827] FAT-fs (loop1): Directory bread(block 72) failed [ 102.815272][ T4835] netlink: 20 bytes leftover after parsing attributes in process `syz.0.384'. [ 102.824281][ T4827] FAT-fs (loop1): Directory bread(block 73) failed [ 102.949883][ T4839] loop4: detected capacity change from 0 to 1024 [ 103.061363][ T4827] loop1: detected capacity change from 256 to 0 [ 103.230044][ T4570] hfsplus: b-tree write err: -5, ino 4 [ 103.365791][ T4777] gfs2: fsid=syz:syz.0: can't lookup journal index: 0 [ 103.456312][ T4845] tmpfs: Unknown parameter 'usrquota' [ 103.707031][ T4849] loop4: detected capacity change from 0 to 256 [ 103.778964][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.798891][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.798946][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.798973][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.799058][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.936479][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.957061][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 103.991111][ T3556] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 104.000628][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.022068][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.054389][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.062991][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.080466][ T4861] syz.0.393 (4861): attempted to duplicate a private mapping with mremap. This is not supported. [ 104.095013][ T3556] Bluetooth: hci0: Malformed Event: 0x2f [ 104.102521][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.118716][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.142880][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.163642][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.172184][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.203459][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.223536][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.247233][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.248162][ T4860] loop2: detected capacity change from 0 to 4096 [ 104.271625][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.281763][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.299625][ T4860] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512) [ 104.310103][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.322950][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.357050][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.359146][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.419120][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.442133][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.468665][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.471671][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.507113][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.525056][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.546051][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.568657][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.568800][ T3549] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.592579][ T3549] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.600686][ T3549] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.608647][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.612760][ T3549] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.624956][ T3549] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 104.632168][ T3549] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.640003][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.649367][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.658032][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.666726][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.675409][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.684118][ T4849] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 196) [ 104.693091][ T26] audit: type=1800 audit(2000000042.769:11): pid=4849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.390" name="file1" dev="loop4" ino=1048604 res=0 errno=0 [ 104.704128][ T4849] syz.4.390 (4849) used greatest stack depth: 19632 bytes left [ 104.804750][ T4871] tmpfs: Unknown parameter 'usrquota' [ 105.596958][ T4866] chnl_net:caif_netlink_parms(): no params data found [ 105.683474][ T3591] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 105.854377][ T4866] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.876893][ T4866] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.899632][ T4866] device bridge_slave_0 entered promiscuous mode [ 105.946416][ T4866] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.958312][ T4866] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.975505][ T4866] device bridge_slave_1 entered promiscuous mode [ 106.071494][ T3591] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping [ 106.100627][ T3591] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 106.121130][ T4866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.126810][ T3591] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 106.162382][ T3591] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 106.203847][ T3591] usb 4-1: config 0 descriptor?? [ 106.253607][ T4898] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 106.275492][ T3591] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 106.320072][ T4936] tmpfs: Unknown parameter 'usrquota' [ 106.335609][ T4866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.515226][ T4866] team0: Port device team_slave_0 added [ 106.632453][ T11] device hsr_slave_0 left promiscuous mode [ 106.653964][ T11] device hsr_slave_1 left promiscuous mode [ 106.673338][ T3549] Bluetooth: hci3: command tx timeout [ 106.682885][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.716419][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.759631][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.800812][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.828596][ T11] device bridge_slave_1 left promiscuous mode [ 106.838381][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 106.893568][ T11] device bridge_slave_0 left promiscuous mode [ 106.899781][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 106.950396][ T11] device veth1_macvtap left promiscuous mode [ 106.970471][ T11] device veth0_macvtap left promiscuous mode [ 106.992727][ T11] device veth1_vlan left promiscuous mode [ 107.015217][ T11] device veth0_vlan left promiscuous mode [ 107.735599][ T11] team0 (unregistering): Port device team_slave_1 removed [ 107.764634][ T11] team0 (unregistering): Port device team_slave_0 removed [ 107.789221][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 107.816254][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 108.046263][ T3556] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 108.054974][ T3556] Bluetooth: hci0: Injecting HCI hardware error event [ 108.065983][ T3549] Bluetooth: hci0: hardware error 0x00 [ 108.074667][ T11] bond0 (unregistering): Released all slaves [ 108.162456][ T4866] team0: Port device team_slave_1 added [ 108.178059][ T4955] netlink: 20 bytes leftover after parsing attributes in process `syz.4.419'. [ 108.228394][ T4866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 108.253224][ T4866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.337448][ T4977] tmpfs: Unknown parameter 'usrquota' [ 108.352442][ T4866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 108.396644][ T155] usb 4-1: USB disconnect, device number 3 [ 108.409169][ T4866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 108.426878][ T4866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 108.533285][ T4866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 108.718983][ T4866] device hsr_slave_0 entered promiscuous mode [ 108.753336][ T3556] Bluetooth: hci3: command tx timeout [ 108.773037][ T4866] device hsr_slave_1 entered promiscuous mode [ 108.820878][ T5000] loop2: detected capacity change from 0 to 512 [ 108.862209][ T5000] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 108.890087][ T5000] ext4 filesystem being mounted at /root/syzkaller.bmMskN/91/file0 supports timestamps until 2038 (0x7fffffff) [ 109.123356][ T5000] loop2: detected capacity change from 512 to 0 [ 109.178548][ T5013] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.432: bg 0: block 128: padding at end of block bitmap is not set [ 109.248271][ T5013] EXT4-fs error (device loop2): ext4_mb_discard_group_preallocations:4951: comm syz.2.432: Error -117 reading block bitmap for 0 [ 109.302616][ T5013] EXT4-fs error (device loop2): ext4_mb_discard_group_preallocations:4951: comm syz.2.432: Error -117 reading block bitmap for 0 [ 109.360515][ T5018] netlink: 20 bytes leftover after parsing attributes in process `syz.3.435'. [ 109.383944][ T5013] EXT4-fs error (device loop2): ext4_discard_preallocations:5123: comm syz.2.432: Error -117 reading block bitmap for 0 [ 109.518702][ T3550] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /root/syzkaller.bmMskN/91/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 109.693266][ T5024] netlink: 68 bytes leftover after parsing attributes in process `syz.0.437'. [ 109.720044][ T5024] openvswitch: netlink: Message has 8 unknown bytes. [ 109.759690][ T3712] EXT4-fs (loop2): unmounting filesystem. [ 109.935404][ T5028] tmpfs: Unknown parameter 'usrquota' [ 110.113319][ T3549] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 110.229629][ T4866] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 110.291481][ T4866] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 110.373458][ T4866] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 110.418933][ T4866] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 110.593601][ T3589] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 110.714872][ T4866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 110.747748][ T5048] loop0: detected capacity change from 0 to 512 [ 110.760383][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 110.791268][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 110.811448][ T5048] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 110.826791][ T4866] 8021q: adding VLAN 0 to HW filter on device team0 [ 110.834229][ T3549] Bluetooth: hci3: command tx timeout [ 110.839305][ T5048] ext4 filesystem being mounted at /root/syzkaller.t6ZCU1/106/file0 supports timestamps until 2038 (0x7fffffff) [ 110.839793][ T3589] usb 4-1: Using ep0 maxpacket: 32 [ 110.871457][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 110.884206][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 110.892601][ T153] bridge0: port 1(bridge_slave_0) entered blocking state [ 110.899730][ T153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 110.907776][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 110.916487][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 110.930808][ T153] bridge0: port 2(bridge_slave_1) entered blocking state [ 110.937947][ T153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 110.946664][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 110.983413][ T3589] usb 4-1: config 0 has an invalid interface number: 206 but max is 0 [ 110.993011][ T3589] usb 4-1: config 0 has no interface number 0 [ 111.009921][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 111.022764][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 111.061463][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 111.077875][ T3549] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 111.092063][ T3549] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 111.101091][ T3549] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 111.109737][ T3549] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 111.117325][ T3549] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 111.124769][ T3549] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 111.132742][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 111.155059][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 111.163018][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 111.163819][ T3589] usb 4-1: New USB device found, idVendor=13d3, idProduct=3393, bcdDevice=6b.ed [ 111.172335][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 111.188506][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 111.196873][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 111.203605][ T5048] loop0: detected capacity change from 512 to 0 [ 111.225363][ T4866] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 111.265164][ T3589] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.296245][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 111.330444][ T5057] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.445: bg 0: block 128: padding at end of block bitmap is not set [ 111.356175][ T5057] EXT4-fs error (device loop0): ext4_mb_discard_group_preallocations:4951: comm syz.0.445: Error -117 reading block bitmap for 0 [ 111.367990][ T3589] usb 4-1: Product: syz [ 111.380220][ T3589] usb 4-1: Manufacturer: syz [ 111.418057][ T3589] usb 4-1: SerialNumber: syz [ 111.440756][ T5057] EXT4-fs error (device loop0): ext4_mb_discard_group_preallocations:4951: comm syz.0.445: Error -117 reading block bitmap for 0 [ 111.450122][ T3589] usb 4-1: config 0 descriptor?? [ 111.467323][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 111.492129][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 111.532657][ T5057] EXT4-fs error (device loop0): ext4_discard_preallocations:5123: comm syz.0.445: Error -117 reading block bitmap for 0 [ 111.675721][ T3544] EXT4-fs error (device loop0): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /root/syzkaller.t6ZCU1/106/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 111.770707][ T3589] usb 4-1: USB disconnect, device number 4 [ 111.808815][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 111.837722][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 111.859329][ T4866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 111.896148][ T5054] chnl_net:caif_netlink_parms(): no params data found [ 111.911689][ T3800] EXT4-fs (loop0): unmounting filesystem. [ 111.918468][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 111.937703][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 112.068174][ T4866] device veth0_vlan entered promiscuous mode [ 112.078330][ T5078] tmpfs: Unknown parameter 'usrquota' [ 112.146427][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 112.157044][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 112.179805][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 112.187971][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 112.235486][ T4866] device veth1_vlan entered promiscuous mode [ 112.317598][ T5054] bridge0: port 1(bridge_slave_0) entered blocking state [ 112.341594][ T5054] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.358889][ T5054] device bridge_slave_0 entered promiscuous mode [ 112.405506][ T5054] bridge0: port 2(bridge_slave_1) entered blocking state [ 112.412597][ T5054] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.480453][ T5054] device bridge_slave_1 entered promiscuous mode [ 112.521223][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 112.543660][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 112.616973][ T5054] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 112.712342][ T5054] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 112.739816][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 112.761201][ T5099] loop4: detected capacity change from 0 to 512 [ 112.763898][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 112.806827][ T4866] device veth0_macvtap entered promiscuous mode [ 112.861091][ T5099] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 112.884868][ T5054] team0: Port device team_slave_0 added [ 112.893375][ T5099] ext4 filesystem being mounted at /root/syzkaller.kEPHCD/74/file0 supports timestamps until 2038 (0x7fffffff) [ 112.913449][ T3549] Bluetooth: hci3: command tx timeout [ 113.006493][ T5054] team0: Port device team_slave_1 added [ 113.044168][ T4866] device veth1_macvtap entered promiscuous mode [ 113.053322][ T5099] loop4: detected capacity change from 512 to 0 [ 113.063820][ T3556] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 113.072450][ T3556] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 113.080867][ T3556] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 113.089094][ T3556] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 113.098510][ T3556] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 113.105804][ T3556] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 113.132279][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.153558][ T3556] Bluetooth: hci2: command tx timeout [ 113.182661][ T5103] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.457: bg 0: block 128: padding at end of block bitmap is not set [ 113.204436][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.214316][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.224765][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.239730][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.247796][ T5103] EXT4-fs error (device loop4): ext4_mb_discard_group_preallocations:4951: comm syz.4.457: Error -117 reading block bitmap for 0 [ 113.263404][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.273410][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 113.289368][ T5103] EXT4-fs error (device loop4): ext4_mb_discard_group_preallocations:4951: comm syz.4.457: Error -117 reading block bitmap for 0 [ 113.293268][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.337109][ T5103] EXT4-fs error (device loop4): ext4_discard_preallocations:5123: comm syz.4.457: Error -117 reading block bitmap for 0 [ 113.339448][ T4866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 113.412587][ T5054] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.429931][ T5054] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.480671][ T3545] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /root/syzkaller.kEPHCD/74/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=2048 fake=0 [ 113.508268][ T5054] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.534335][ T5054] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.541323][ T5054] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.610125][ T3723] EXT4-fs (loop4): unmounting filesystem. [ 113.610782][ T5054] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.650326][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 113.664008][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 113.711788][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 113.727411][ T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 113.742619][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.763520][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.774292][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.785038][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.795236][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.812031][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.829440][ T4866] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 113.839918][ T4866] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 113.856078][ T4866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 113.903397][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 113.930752][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 113.944750][ T4866] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.955457][ T4866] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.964892][ T4866] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 113.973945][ T4866] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 114.058308][ T11] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.111307][ T5054] device hsr_slave_0 entered promiscuous mode [ 114.135944][ T5054] device hsr_slave_1 entered promiscuous mode [ 114.155407][ T5054] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 114.175455][ T5054] Cannot create hsr debugfs directory [ 114.280809][ T11] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.412581][ T11] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.572850][ T11] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.621692][ T3657] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.640326][ T3657] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.659655][ T5139] netlink: 20 bytes leftover after parsing attributes in process `syz.3.462'. [ 114.694661][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 114.848181][ T3598] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.870695][ T3598] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.909359][ T5105] chnl_net:caif_netlink_parms(): no params data found [ 114.922710][ T3561] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 114.932644][ T3561] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 114.941021][ T3561] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 114.950719][ T3561] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 114.958401][ T3561] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 114.965867][ T3561] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 114.995851][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 115.205863][ T5054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 115.246261][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.275996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #302!!! [ 115.287994][ T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!! [ 115.315403][ T3549] Bluetooth: hci0: command tx timeout [ 115.321104][ T3561] Bluetooth: hci2: command tx timeout [ 115.830497][ T5105] bridge0: port 1(bridge_slave_0) entered blocking state [ 115.854015][ T5105] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.889010][ T5105] device bridge_slave_0 entered promiscuous mode [ 115.932153][ T5105] bridge0: port 2(bridge_slave_1) entered blocking state [ 115.940978][ T5105] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.973264][ T5105] device bridge_slave_1 entered promiscuous mode [ 116.122939][ T5105] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 116.235209][ T5105] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 116.450101][ T5171] tmpfs: Unknown parameter 'usrquota' [ 116.518198][ T5054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.561291][ T5105] team0: Port device team_slave_0 added [ 116.587162][ T5105] team0: Port device team_slave_1 added [ 116.765422][ T5054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.925410][ T5054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.994721][ T3561] Bluetooth: hci1: command tx timeout [ 116.997075][ T5185] netlink: 20 bytes leftover after parsing attributes in process `syz.1.470'. [ 117.093370][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 117.100431][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.163345][ T5105] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 117.327173][ T5105] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 117.360604][ T5105] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 117.418799][ T5105] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 117.633359][ T3549] Bluetooth: hci0: command tx timeout [ 117.657260][ T5105] device hsr_slave_0 entered promiscuous mode [ 117.666987][ T5105] device hsr_slave_1 entered promiscuous mode [ 117.684328][ T5105] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 117.691902][ T5105] Cannot create hsr debugfs directory [ 117.714040][ T3549] Bluetooth: hci2: command tx timeout [ 117.721205][ T5199] loop1: detected capacity change from 0 to 512 [ 117.730268][ T5143] chnl_net:caif_netlink_parms(): no params data found [ 117.847697][ T5199] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 117.893558][ T5199] ext4 filesystem being mounted at /root/syzkaller.A7hTtM/4/file0 supports timestamps until 2038 (0x7fffffff) [ 118.011570][ T5054] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 118.137078][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.161896][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.186447][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.223771][ T5054] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 118.231916][ T5219] loop3: detected capacity change from 0 to 2048 [ 118.237556][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.272517][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.274876][ T5219] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 118.304380][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.333644][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.356354][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.363213][ T5219] syz.3.473: attempt to access beyond end of device [ 118.363213][ T5219] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048 [ 118.375984][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.392924][ T5220] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 118.400390][ T4866] EXT4-fs error (device loop1): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 118.423488][ T5054] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 118.530693][ T5054] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 118.555381][ T5143] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.562485][ T5143] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.622071][ T5143] device bridge_slave_0 entered promiscuous mode [ 118.721874][ T5143] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.729664][ T5143] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.748958][ T5143] device bridge_slave_1 entered promiscuous mode [ 118.823628][ T5228] tmpfs: Unknown parameter 'usrquota' [ 118.870489][ T5143] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.958656][ T5143] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 119.049638][ T4866] EXT4-fs (loop1): unmounting filesystem. [ 119.059841][ T5143] team0: Port device team_slave_0 added [ 119.077774][ T5143] team0: Port device team_slave_1 added [ 119.084338][ T3549] Bluetooth: hci1: command tx timeout [ 119.341623][ T5233] netlink: 20 bytes leftover after parsing attributes in process `syz.3.478'. [ 119.413665][ T11] device hsr_slave_0 left promiscuous mode [ 119.428551][ T11] device hsr_slave_1 left promiscuous mode [ 119.451102][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.473409][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 119.494585][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.523367][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 119.541268][ T11] device bridge_slave_1 left promiscuous mode [ 119.556628][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.576356][ T11] device bridge_slave_0 left promiscuous mode [ 119.582577][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.620844][ T11] device hsr_slave_0 left promiscuous mode [ 119.634234][ T11] device hsr_slave_1 left promiscuous mode [ 119.676945][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.687810][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 119.704654][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.713418][ T3549] Bluetooth: hci0: command tx timeout [ 119.718914][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 119.760425][ T11] device bridge_slave_1 left promiscuous mode [ 119.795137][ T3549] Bluetooth: hci2: command tx timeout [ 119.811262][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 119.846545][ T11] device bridge_slave_0 left promiscuous mode [ 119.852753][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 119.891714][ T3561] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 119.904259][ T3561] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 119.912304][ T3561] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 119.912350][ T11] device veth1_macvtap left promiscuous mode [ 119.922632][ T3561] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 119.925578][ T11] device veth0_macvtap left promiscuous mode [ 119.939339][ T3561] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 119.939496][ T11] device veth1_vlan left promiscuous mode [ 119.946938][ T3561] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 119.952147][ T11] device veth0_vlan left promiscuous mode [ 119.971897][ T11] device veth1_macvtap left promiscuous mode [ 119.982336][ T11] device veth0_macvtap left promiscuous mode [ 119.988495][ T11] device veth1_vlan left promiscuous mode [ 119.994563][ T11] device veth0_vlan left promiscuous mode [ 120.485792][ T11] team0 (unregistering): Port device team_slave_1 removed [ 120.512416][ T11] team0 (unregistering): Port device team_slave_0 removed [ 120.540251][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 120.573519][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 120.820655][ T11] bond0 (unregistering): Released all slaves [ 121.153967][ T3561] Bluetooth: hci1: command tx timeout [ 121.259192][ T11] team0 (unregistering): Port device team_slave_1 removed [ 121.286457][ T11] team0 (unregistering): Port device team_slave_0 removed [ 121.313044][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 121.343413][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 121.586462][ T11] bond0 (unregistering): Released all slaves [ 121.700104][ T5143] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 121.717929][ T5143] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.756344][ T5143] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 121.768971][ T5143] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 121.782248][ T5143] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 121.800466][ T5254] loop3: detected capacity change from 0 to 512 [ 121.815021][ T3561] Bluetooth: hci0: command tx timeout [ 121.819525][ T5143] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 121.849536][ T5254] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 121.872226][ T5254] ext4 filesystem being mounted at /root/syzkaller.7wV1AC/97/file0 supports timestamps until 2038 (0x7fffffff) [ 122.033481][ T3561] Bluetooth: hci3: command tx timeout [ 122.041205][ T5143] device hsr_slave_0 entered promiscuous mode [ 122.048818][ T5143] device hsr_slave_1 entered promiscuous mode [ 122.055791][ T5143] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 122.063603][ T5143] Cannot create hsr debugfs directory [ 122.083287][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.099056][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.138379][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.160749][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.170819][ T5105] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 122.190409][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.194158][ T5054] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.211137][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.224882][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.253760][ T5105] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 122.269196][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.312800][ T5054] 8021q: adding VLAN 0 to HW filter on device team0 [ 122.330464][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.349517][ T5105] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 122.364323][ T3555] EXT4-fs error (device loop3): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 122.386804][ T5105] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 122.414383][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 122.422189][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 122.472673][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 122.481697][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 122.497125][ T4807] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.504258][ T4807] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.511977][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 122.522253][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 122.531319][ T4807] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.539299][ T4807] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.547228][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 122.600321][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 122.619518][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 122.637463][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 122.650113][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 122.666926][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 122.680732][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 122.693000][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 122.709501][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 122.720144][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 122.734102][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 122.770943][ T5251] chnl_net:caif_netlink_parms(): no params data found [ 122.785711][ T5054] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 122.802448][ T3591] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 123.017145][ T3555] EXT4-fs (loop3): unmounting filesystem. [ 123.162378][ T5143] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.234125][ T3561] Bluetooth: hci1: command tx timeout [ 123.278852][ T5143] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.306652][ T5105] 8021q: adding VLAN 0 to HW filter on device bond0 [ 123.341828][ T5251] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.373589][ T5251] bridge0: port 1(bridge_slave_0) entered disabled state [ 123.381561][ T5251] device bridge_slave_0 entered promiscuous mode [ 123.441049][ T5251] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.473700][ T5251] bridge0: port 2(bridge_slave_1) entered disabled state [ 123.481780][ T5251] device bridge_slave_1 entered promiscuous mode [ 123.519432][ T5143] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.562539][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 123.581117][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 123.626514][ T5105] 8021q: adding VLAN 0 to HW filter on device team0 [ 123.708191][ T5143] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.785670][ T3549] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 123.794768][ T3549] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 123.802441][ T3549] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 123.805540][ T5251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 123.822986][ T3549] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 123.831229][ T3549] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 123.838735][ T3549] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 123.847982][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 123.855660][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 123.872807][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 123.881653][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 123.890189][ T3589] bridge0: port 1(bridge_slave_0) entered blocking state [ 123.897305][ T3589] bridge0: port 1(bridge_slave_0) entered forwarding state [ 123.904980][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 123.913737][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 123.922158][ T3589] bridge0: port 2(bridge_slave_1) entered blocking state [ 123.929284][ T3589] bridge0: port 2(bridge_slave_1) entered forwarding state [ 123.942388][ T5054] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.962722][ T5251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.005418][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 124.023426][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 124.113386][ T3549] Bluetooth: hci3: command tx timeout [ 124.142697][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 124.152140][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 124.161835][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 124.179130][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 124.188497][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 124.205259][ T5251] team0: Port device team_slave_0 added [ 124.224890][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 124.274986][ T5251] team0: Port device team_slave_1 added [ 124.298651][ T5054] device veth0_vlan entered promiscuous mode [ 124.314630][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 124.351810][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 124.371247][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 124.411188][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 124.420005][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 124.456051][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 124.488530][ T5105] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 124.531469][ T5105] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 124.592877][ T5251] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 124.613674][ T5251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.663567][ T5251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 124.695550][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 124.713655][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 124.721548][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 124.737743][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 124.761696][ T5251] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 124.780269][ T5251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 124.814411][ T5251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 124.879614][ T5054] device veth1_vlan entered promiscuous mode [ 124.939954][ T5143] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 125.041412][ T5143] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 125.062604][ T5251] device hsr_slave_0 entered promiscuous mode [ 125.069949][ T5251] device hsr_slave_1 entered promiscuous mode [ 125.089506][ T5251] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 125.100066][ T5251] Cannot create hsr debugfs directory [ 125.113749][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 125.122387][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 125.171774][ T5054] device veth0_macvtap entered promiscuous mode [ 125.184833][ T5143] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 125.227192][ T5143] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 125.253988][ T5054] device veth1_macvtap entered promiscuous mode [ 125.270253][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 125.291328][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 125.314180][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 125.321626][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 125.346394][ T5105] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 125.369867][ T5294] chnl_net:caif_netlink_parms(): no params data found [ 125.409310][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.421119][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.432764][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.443652][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.453531][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.464387][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.483002][ T5054] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.508582][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 125.517784][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 125.567902][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.578885][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.590370][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.600915][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.610975][ T5054] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.621681][ T5054] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.634045][ T5054] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 125.644406][ T5054] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.653106][ T5054] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.661902][ T5054] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.670630][ T5054] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.681410][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 125.690325][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 125.699589][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 125.708617][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 125.782689][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 125.791512][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 125.817803][ T5105] device veth0_vlan entered promiscuous mode [ 125.858300][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 125.868186][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 125.875980][ T3549] Bluetooth: hci4: command tx timeout [ 125.895051][ T5143] 8021q: adding VLAN 0 to HW filter on device bond0 [ 125.910072][ T5294] bridge0: port 1(bridge_slave_0) entered blocking state [ 125.920162][ T5294] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.929084][ T5294] device bridge_slave_0 entered promiscuous mode [ 125.956673][ T5251] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 125.979472][ T5105] device veth1_vlan entered promiscuous mode [ 125.987558][ T5294] bridge0: port 2(bridge_slave_1) entered blocking state [ 125.995049][ T5294] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.004328][ T5294] device bridge_slave_1 entered promiscuous mode [ 126.041914][ T5143] 8021q: adding VLAN 0 to HW filter on device team0 [ 126.061756][ T5251] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.094725][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 126.102557][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 126.122264][ T5294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 126.135397][ T5294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 126.159434][ T4570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.177189][ T4570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.194552][ T3561] Bluetooth: hci3: command tx timeout [ 126.203117][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.228575][ T5251] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.246824][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 126.257647][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 126.266357][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 126.275436][ T153] bridge0: port 1(bridge_slave_0) entered blocking state [ 126.282498][ T153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 126.290663][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 126.299271][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 126.308243][ T153] bridge0: port 2(bridge_slave_1) entered blocking state [ 126.315362][ T153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 126.322857][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 126.331796][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 126.360756][ T5105] device veth0_macvtap entered promiscuous mode [ 126.378987][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.397826][ T5251] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.422858][ T5294] team0: Port device team_slave_0 added [ 126.430618][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 126.439619][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 126.448204][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 126.462367][ T5105] device veth1_macvtap entered promiscuous mode [ 126.475800][ T4570] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 126.486024][ T4570] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.501877][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.516994][ T5294] team0: Port device team_slave_1 added [ 126.535020][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 126.543014][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 126.551131][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 126.585761][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 126.620180][ T5294] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 126.655380][ T5294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.685868][ T5294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 126.700418][ T5294] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 126.709352][ T5294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 126.736247][ T5294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 126.737966][ T5322] tmpfs: Unknown parameter 'usrquota' [ 126.753754][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 126.766762][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 126.776203][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 126.785404][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 126.795166][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 126.804653][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 126.816316][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.828650][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 126.840643][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.850685][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 126.861353][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.871408][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 126.882014][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 126.902433][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 126.970531][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 126.980534][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 126.998209][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.013095][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.025042][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.038632][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.048712][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.059653][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.069820][ T5105] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 127.080851][ T5105] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 127.095750][ T5105] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 127.110881][ T5105] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.120677][ T5105] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.129883][ T5105] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.139496][ T5105] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 127.164773][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 127.175307][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 127.191560][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 127.200462][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 127.219060][ T5329] netlink: 20 bytes leftover after parsing attributes in process `syz.2.487'. [ 127.258779][ T5143] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 127.280176][ T5143] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 127.328944][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 127.354972][ T3637] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 127.395307][ T5251] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 127.465658][ T5294] device hsr_slave_0 entered promiscuous mode [ 127.492144][ T5294] device hsr_slave_1 entered promiscuous mode [ 127.504038][ T5294] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.511611][ T5294] Cannot create hsr debugfs directory [ 127.523051][ T5251] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 127.542377][ T5251] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 127.619948][ T5251] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 127.745173][ T4570] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 127.773362][ T4570] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 127.804555][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 127.954483][ T3561] Bluetooth: hci4: command tx timeout [ 128.072566][ T4622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 128.105460][ T4622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 128.143821][ T5346] loop2: detected capacity change from 0 to 512 [ 128.171748][ T5251] 8021q: adding VLAN 0 to HW filter on device bond0 [ 128.195132][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 128.227458][ T5346] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 128.233640][ T5143] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 128.237266][ T5346] ext4 filesystem being mounted at /root/syzkaller.hl5JzD/5/file0 supports timestamps until 2038 (0x7fffffff) [ 128.273557][ T3561] Bluetooth: hci3: command tx timeout [ 128.389830][ T5251] 8021q: adding VLAN 0 to HW filter on device team0 [ 128.431203][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 128.444497][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 128.466463][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 128.483976][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 128.493009][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.519353][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.557243][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.575669][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.597423][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 128.609830][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.611845][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 128.638290][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.661134][ T153] bridge0: port 1(bridge_slave_0) entered blocking state [ 128.668276][ T153] bridge0: port 1(bridge_slave_0) entered forwarding state [ 128.670528][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.693575][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 128.696994][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.714766][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 128.715147][ T153] bridge0: port 2(bridge_slave_1) entered blocking state [ 128.729991][ T153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 128.731666][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.765285][ T5054] EXT4-fs error (device loop2): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 128.793558][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 128.817264][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 128.924160][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 129.042781][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 129.060453][ T153] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 129.207689][ T5370] loop0: detected capacity change from 0 to 1024 [ 129.222686][ T5251] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 129.234836][ T5251] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 129.247977][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 129.266022][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 129.294876][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 129.304517][ T4622] hfsplus: b-tree write err: -5, ino 4 [ 129.312413][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 129.323339][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 129.331817][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 129.340656][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 129.350238][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 129.379416][ T5054] EXT4-fs (loop2): unmounting filesystem. [ 129.413885][ T5372] tmpfs: Unknown parameter 'usrquota' [ 129.561697][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 129.574919][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 129.753294][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 129.761617][ T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 129.917503][ T5143] device veth0_vlan entered promiscuous mode [ 129.941876][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 129.961229][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 130.043173][ T3561] Bluetooth: hci4: command tx timeout [ 130.066755][ T3549] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 130.072132][ T5143] device veth1_vlan entered promiscuous mode [ 130.075573][ T3549] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 130.088521][ T3549] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 130.105906][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 130.115403][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 130.123929][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 130.135914][ T3549] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 130.146350][ T3549] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 130.153907][ T3549] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 130.172416][ T5251] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 130.204136][ T5294] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 130.274568][ T5390] loop0: detected capacity change from 0 to 512 [ 130.332366][ T5390] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 130.345989][ T5390] ext4 filesystem being mounted at /root/syzkaller.M6Bjio/6/file0 supports timestamps until 2038 (0x7fffffff) [ 130.414084][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 130.422238][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 130.438044][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 130.457142][ T5294] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 130.529572][ T5143] device veth0_macvtap entered promiscuous mode [ 130.576432][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.615360][ T5294] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 130.620800][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.644774][ T5294] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 130.686806][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.690197][ T5251] device veth0_vlan entered promiscuous mode [ 130.719370][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.742274][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 130.750970][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.763864][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 130.772604][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 130.773034][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.798893][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 130.807677][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 130.808925][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.826255][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 130.838142][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 130.842917][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.861951][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.867449][ T5251] device veth1_vlan entered promiscuous mode [ 130.881846][ T5105] EXT4-fs error (device loop0): ext4_empty_dir:3093: inode #12: comm syz-executor: Directory hole found for htree leaf block [ 130.895641][ T5143] device veth1_macvtap entered promiscuous mode [ 130.970549][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 130.981663][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 130.992150][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.004373][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.015020][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.026109][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.036636][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.047226][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.057123][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.067691][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.084059][ T5143] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.106658][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 131.119891][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 131.128235][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 131.138262][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 131.147205][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 131.156287][ T4807] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 131.172024][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.182989][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.193024][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.203711][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.214293][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.224804][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.235529][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.246080][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.255943][ T5143] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.266496][ T5143] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.278878][ T5143] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 131.334408][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 131.343890][ T3599] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 131.378568][ T5251] device veth0_macvtap entered promiscuous mode [ 131.415374][ T5143] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.424950][ T5143] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.434480][ T5143] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.443745][ T5143] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.458490][ T3589] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 131.469492][ T5251] device veth1_macvtap entered promiscuous mode [ 131.516615][ T5105] EXT4-fs (loop0): unmounting filesystem. [ 131.655535][ T4622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 131.666399][ T5384] chnl_net:caif_netlink_parms(): no params data found [ 131.684495][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.695070][ T4622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 131.704263][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.723269][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.740979][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.760852][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.771394][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.790237][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.812158][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.823291][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.841814][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.863841][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.875179][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.887424][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.908288][ T5294] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.932364][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 131.954815][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 131.963986][ T4809] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 131.974466][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.988845][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.999487][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.006510][ T3561] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 132.018659][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.023936][ T3561] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 132.029328][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.046596][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.047909][ T3561] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 132.065109][ T3561] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 132.065181][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.072939][ T3561] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 132.089462][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.090166][ T3561] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 132.110467][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.113553][ T3549] Bluetooth: hci4: command tx timeout [ 132.135237][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.145167][ T5251] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.155775][ T5251] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.167150][ T5251] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.180021][ T11] device hsr_slave_0 left promiscuous mode [ 132.187169][ T11] device hsr_slave_1 left promiscuous mode [ 132.193697][ T3561] Bluetooth: hci2: command tx timeout [ 132.200517][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.210525][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.218226][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.225845][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.233582][ T11] device bridge_slave_1 left promiscuous mode [ 132.240277][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.248987][ T11] device bridge_slave_0 left promiscuous mode [ 132.255848][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.268522][ T11] device hsr_slave_0 left promiscuous mode [ 132.276441][ T11] device hsr_slave_1 left promiscuous mode [ 132.282808][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.290358][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.297926][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.305492][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.312975][ T11] device bridge_slave_1 left promiscuous mode [ 132.320834][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.330366][ T11] device bridge_slave_0 left promiscuous mode [ 132.336882][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.348097][ T11] device hsr_slave_0 left promiscuous mode [ 132.355678][ T11] device hsr_slave_1 left promiscuous mode [ 132.362532][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 132.370112][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 132.377899][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 132.385412][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 132.392884][ T11] device bridge_slave_1 left promiscuous mode [ 132.399223][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.407514][ T11] device bridge_slave_0 left promiscuous mode [ 132.413927][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.462961][ T11] device veth1_macvtap left promiscuous mode [ 132.469345][ T11] device veth0_macvtap left promiscuous mode [ 132.475730][ T11] device veth1_vlan left promiscuous mode [ 132.481533][ T11] device veth0_vlan left promiscuous mode [ 132.488351][ T11] device veth1_macvtap left promiscuous mode [ 132.494432][ T11] device veth0_macvtap left promiscuous mode [ 132.500521][ T11] device veth1_vlan left promiscuous mode [ 132.506341][ T11] device veth0_vlan left promiscuous mode [ 132.514820][ T11] device veth1_macvtap left promiscuous mode [ 132.520855][ T11] device veth0_macvtap left promiscuous mode [ 132.527128][ T11] device veth1_vlan left promiscuous mode [ 132.532964][ T11] device veth0_vlan left promiscuous mode [ 132.603465][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.609771][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.355807][ T11] team0 (unregistering): Port device team_slave_1 removed [ 133.382797][ T11] team0 (unregistering): Port device team_slave_0 removed [ 133.410653][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 133.439032][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 133.695960][ T11] bond0 (unregistering): Released all slaves [ 133.972574][ T11] team0 (unregistering): Port device team_slave_1 removed [ 134.001567][ T11] team0 (unregistering): Port device team_slave_0 removed [ 134.026842][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.054348][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.193671][ T3549] Bluetooth: hci0: command tx timeout [ 134.283372][ T3561] Bluetooth: hci2: command tx timeout [ 134.321561][ T11] bond0 (unregistering): Released all slaves [ 134.624077][ T11] team0 (unregistering): Port device team_slave_1 removed [ 134.649651][ T11] team0 (unregistering): Port device team_slave_0 removed [ 134.674619][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 134.702659][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 134.952324][ T11] bond0 (unregistering): Released all slaves [ 135.053632][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 135.062272][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 135.077977][ T5251] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.086829][ T5251] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.101343][ T5251] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.112107][ T5251] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.131386][ T5294] 8021q: adding VLAN 0 to HW filter on device team0 [ 135.184573][ T4622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 135.192653][ T4622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 135.225186][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 135.233967][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 135.241601][ T3592] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 135.277570][ T5384] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.285131][ T5384] bridge0: port 1(bridge_slave_0) entered disabled state [ 135.292762][ T5384] device bridge_slave_0 entered promiscuous mode [ 135.303868][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 135.312490][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 135.350097][ T3590] bridge0: port 1(bridge_slave_0) entered blocking state [ 135.357269][ T3590] bridge0: port 1(bridge_slave_0) entered forwarding state [ 135.373306][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 135.383027][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 135.403348][ T3590] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.410438][ T3590] bridge0: port 2(bridge_slave_1) entered forwarding state [ 135.418489][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 135.446821][ T5384] bridge0: port 2(bridge_slave_1) entered blocking state [ 135.456929][ T5417] tmpfs: Unknown parameter 'usrquota' [ 135.479797][ T5384] bridge0: port 2(bridge_slave_1) entered disabled state [ 135.488185][ T5384] device bridge_slave_1 entered promiscuous mode [ 135.516169][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 135.527390][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 135.537890][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 135.547138][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 135.559601][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 135.568398][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 135.576745][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 135.585260][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 135.594652][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 135.602791][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 135.615327][ T3590] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 135.628030][ T5294] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 135.641916][ T5384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 135.672007][ T5384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.790267][ T5384] team0: Port device team_slave_0 added [ 135.830655][ T5421] loop4: detected capacity change from 0 to 2048 [ 135.853672][ T5384] team0: Port device team_slave_1 added [ 135.872385][ T5421] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 135.889635][ T5421] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4 [ 135.908161][ T5421] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 135.963997][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 135.970963][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 135.972158][ T5421] ------------[ cut here ]------------ [ 136.002730][ T5421] WARNING: CPU: 0 PID: 5421 at fs/udf/inode.c:2020 __udf_add_aext+0x54c/0x6f0 [ 136.011701][ T5421] Modules linked in: [ 136.014824][ T5384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 136.015685][ T5421] CPU: 0 PID: 5421 Comm: syz.4.503 Not tainted 6.1.96-syzkaller #0 [ 136.034052][ T5421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 136.044132][ T5421] RIP: 0010:__udf_add_aext+0x54c/0x6f0 [ 136.044173][ T5421] Code: 4c 89 e7 e8 56 e7 e3 fe 49 8b 3c 24 4c 89 fe e8 1a 06 03 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 24 66 8c fe <0f> 0b e9 ed fb ff ff e8 18 66 8c fe 0f 0b e9 5c fc ff ff e8 0c 66 [ 136.044198][ T5421] RSP: 0018:ffffc900031df7d8 EFLAGS: 00010287 [ 136.044221][ T5421] RAX: ffffffff82fe2dac RBX: 1ffff9200063bf75 RCX: 0000000000040000 [ 136.044236][ T5421] RDX: ffffc90004ae9000 RSI: 000000000000bbf8 RDI: 000000000000bbf9 [ 136.044252][ T5421] RBP: 00000000000001d0 R08: ffffffff82fe2992 R09: ffffffff82fe28c2 [ 136.044267][ T5421] R10: 0000000000000002 R11: ffff888028d20000 R12: ffffc900031dfba0 [ 136.044282][ T5421] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffc900031dfba8 [ 136.044298][ T5421] FS: 00007fa3d3f286c0(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000 [ 136.044318][ T5421] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.044334][ T5421] CR2: 0000000020006300 CR3: 000000006119f000 CR4: 00000000003506f0 [ 136.044353][ T5421] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 136.044367][ T5421] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 136.044381][ T5421] Call Trace: [ 136.044389][ T5421] [ 136.044398][ T5421] ? __warn+0x15a/0x520 [ 136.044420][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.044450][ T5421] ? report_bug+0x2af/0x500 [ 136.044471][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.044502][ T5421] ? handle_bug+0x3d/0x70 [ 136.044521][ T5421] ? exc_invalid_op+0x16/0x40 [ 136.044540][ T5421] ? asm_exc_invalid_op+0x16/0x20 [ 136.061641][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.069605][ T5421] ? __udf_add_aext+0x62/0x6f0 [ 136.069637][ T5421] ? __udf_add_aext+0x132/0x6f0 [ 136.069662][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.069690][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.069718][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.069753][ T5421] udf_setup_indirect_aext+0x6ba/0x980 [ 136.069792][ T5421] ? __udf_iget+0x39b0/0x39b0 [ 136.069820][ T5421] ? mark_buffer_dirty_inode+0x103/0x300 [ 136.069849][ T5421] ? __udf_add_aext+0x536/0x6f0 [ 136.069884][ T5421] udf_do_extend_file+0x6df/0x1140 [ 136.069924][ T5421] ? udf_write_failed+0x1b0/0x1b0 [ 136.069954][ T5421] ? inode_bmap+0x2d4/0x6c0 [ 136.069991][ T5421] udf_setsize+0xd3c/0x1430 [ 136.070029][ T5421] ? udf_evict_inode+0x3d0/0x3d0 [ 136.070070][ T5421] ? current_time+0x1f2/0x2f0 [ 136.098502][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.100233][ T5421] ? setattr_prepare+0x1e0/0xc20 [ 136.126541][ T4622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.131728][ T5421] udf_setattr+0x36c/0x540 [ 136.131760][ T5421] ? udf_release_file+0x120/0x120 [ 136.162426][ T5384] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 136.166227][ T5421] notify_change+0xce3/0xfc0 [ 136.166274][ T5421] do_truncate+0x21c/0x300 [ 136.166304][ T5421] ? put_page_bootmem+0x2e0/0x2e0 [ 136.166347][ T5421] ? bpf_lsm_path_truncate+0x5/0x10 [ 136.166372][ T5421] do_sys_ftruncate+0x2e2/0x380 [ 136.166404][ T5421] do_syscall_64+0x3b/0xb0 [ 136.180351][ T5384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 136.180609][ T5421] ? clear_bhb_loop+0x45/0xa0 [ 136.188402][ T4622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.189597][ T5421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 136.195752][ T5384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 136.202439][ T5421] RIP: 0033:0x7fa3d3175b99 [ 136.202469][ T5421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.373374][ T3561] Bluetooth: hci2: command tx timeout [ 136.378808][ T5421] RSP: 002b:00007fa3d3f28048 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 136.433323][ T5421] RAX: ffffffffffffffda RBX: 00007fa3d3303fa0 RCX: 00007fa3d3175b99 [ 136.441300][ T5421] RDX: 0000000000000000 RSI: 00200ffffffff400 RDI: 0000000000000004 [ 136.449297][ T5421] RBP: 00007fa3d31f677e R08: 0000000000000000 R09: 0000000000000000 [ 136.457311][ T5421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.465326][ T5421] R13: 000000000000000b R14: 00007fa3d3303fa0 R15: 00007ffeee68ecc8 [ 136.473362][ T5421] [ 136.476383][ T5421] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 136.483659][ T5421] CPU: 0 PID: 5421 Comm: syz.4.503 Not tainted 6.1.96-syzkaller #0 [ 136.491551][ T5421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 136.501585][ T5421] Call Trace: [ 136.504864][ T5421] [ 136.507780][ T5421] dump_stack_lvl+0x1e3/0x2cb [ 136.512444][ T5421] ? nf_tcp_handle_invalid+0x642/0x642 [ 136.517887][ T5421] ? panic+0x764/0x764 [ 136.521940][ T5421] ? vscnprintf+0x59/0x80 [ 136.526250][ T5421] panic+0x318/0x764 [ 136.530129][ T5421] ? __warn+0x169/0x520 [ 136.534289][ T5421] ? memcpy_page_flushcache+0xfc/0xfc [ 136.539689][ T5421] __warn+0x348/0x520 [ 136.543672][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.548508][ T5421] report_bug+0x2af/0x500 [ 136.552818][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.557654][ T5421] handle_bug+0x3d/0x70 [ 136.561794][ T5421] exc_invalid_op+0x16/0x40 [ 136.566297][ T5421] asm_exc_invalid_op+0x16/0x20 [ 136.571142][ T5421] RIP: 0010:__udf_add_aext+0x54c/0x6f0 [ 136.576591][ T5421] Code: 4c 89 e7 e8 56 e7 e3 fe 49 8b 3c 24 4c 89 fe e8 1a 06 03 ff 31 c0 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 24 66 8c fe <0f> 0b e9 ed fb ff ff e8 18 66 8c fe 0f 0b e9 5c fc ff ff e8 0c 66 [ 136.596192][ T5421] RSP: 0018:ffffc900031df7d8 EFLAGS: 00010287 [ 136.602264][ T5421] RAX: ffffffff82fe2dac RBX: 1ffff9200063bf75 RCX: 0000000000040000 [ 136.610221][ T5421] RDX: ffffc90004ae9000 RSI: 000000000000bbf8 RDI: 000000000000bbf9 [ 136.618170][ T5421] RBP: 00000000000001d0 R08: ffffffff82fe2992 R09: ffffffff82fe28c2 [ 136.626129][ T5421] R10: 0000000000000002 R11: ffff888028d20000 R12: ffffc900031dfba0 [ 136.634103][ T5421] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffc900031dfba8 [ 136.642079][ T5421] ? __udf_add_aext+0x62/0x6f0 [ 136.646829][ T5421] ? __udf_add_aext+0x132/0x6f0 [ 136.651661][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.656495][ T5421] ? __udf_add_aext+0x54c/0x6f0 [ 136.661346][ T5421] udf_setup_indirect_aext+0x6ba/0x980 [ 136.666818][ T5421] ? __udf_iget+0x39b0/0x39b0 [ 136.671479][ T5421] ? mark_buffer_dirty_inode+0x103/0x300 [ 136.677096][ T5421] ? __udf_add_aext+0x536/0x6f0 [ 136.681934][ T5421] udf_do_extend_file+0x6df/0x1140 [ 136.687143][ T5421] ? udf_write_failed+0x1b0/0x1b0 [ 136.692180][ T5421] ? inode_bmap+0x2d4/0x6c0 [ 136.696673][ T5421] udf_setsize+0xd3c/0x1430 [ 136.701165][ T5421] ? udf_evict_inode+0x3d0/0x3d0 [ 136.706092][ T5421] ? current_time+0x1f2/0x2f0 [ 136.710747][ T5421] ? setattr_prepare+0x1e0/0xc20 [ 136.715669][ T5421] udf_setattr+0x36c/0x540 [ 136.720064][ T5421] ? udf_release_file+0x120/0x120 [ 136.725072][ T5421] notify_change+0xce3/0xfc0 [ 136.729649][ T5421] do_truncate+0x21c/0x300 [ 136.734064][ T5421] ? put_page_bootmem+0x2e0/0x2e0 [ 136.739119][ T5421] ? bpf_lsm_path_truncate+0x5/0x10 [ 136.744319][ T5421] do_sys_ftruncate+0x2e2/0x380 [ 136.749154][ T5421] do_syscall_64+0x3b/0xb0 [ 136.753553][ T5421] ? clear_bhb_loop+0x45/0xa0 [ 136.758212][ T5421] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 136.764094][ T5421] RIP: 0033:0x7fa3d3175b99 [ 136.768508][ T5421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.788105][ T5421] RSP: 002b:00007fa3d3f28048 EFLAGS: 00000246 ORIG_RAX: 000000000000004d [ 136.796521][ T5421] RAX: ffffffffffffffda RBX: 00007fa3d3303fa0 RCX: 00007fa3d3175b99 [ 136.804472][ T5421] RDX: 0000000000000000 RSI: 00200ffffffff400 RDI: 0000000000000004 [ 136.812421][ T5421] RBP: 00007fa3d31f677e R08: 0000000000000000 R09: 0000000000000000 [ 136.820370][ T5421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.828330][ T5421] R13: 000000000000000b R14: 00007fa3d3303fa0 R15: 00007ffeee68ecc8 [ 136.836333][ T5421] [ 136.839572][ T5421] Kernel Offset: disabled [ 136.843932][ T5421] Rebooting in 86400 seconds..