Warning: Permanently added '10.128.1.78' (ED25519) to the list of known hosts. 2024/04/02 11:03:47 fuzzer started 2024/04/02 11:03:48 dialing manager at 10.128.0.169:30005 [ 64.899378][ T5079] cgroup: Unknown subsys name 'net' [ 65.036708][ T5079] cgroup: Unknown subsys name 'rlimit' 2024/04/02 11:03:49 syscalls: 3855 2024/04/02 11:03:49 code coverage: enabled 2024/04/02 11:03:49 comparison tracing: enabled 2024/04/02 11:03:49 extra coverage: enabled 2024/04/02 11:03:49 delay kcov mmap: enabled 2024/04/02 11:03:49 setuid sandbox: enabled 2024/04/02 11:03:49 namespace sandbox: enabled 2024/04/02 11:03:49 Android sandbox: /sys/fs/selinux/policy does not exist 2024/04/02 11:03:49 fault injection: enabled 2024/04/02 11:03:49 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2024/04/02 11:03:49 net packet injection: enabled 2024/04/02 11:03:49 net device setup: enabled 2024/04/02 11:03:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2024/04/02 11:03:49 devlink PCI setup: PCI device 0000:00:10.0 is not available 2024/04/02 11:03:49 NIC VF setup: PCI device 0000:00:11.0 is not available 2024/04/02 11:03:49 USB emulation: enabled 2024/04/02 11:03:49 hci packet injection: enabled 2024/04/02 11:03:49 wifi device emulation: enabled 2024/04/02 11:03:49 802.15.4 emulation: enabled 2024/04/02 11:03:49 swap file: enabled [ 66.425946][ T5079] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/04/02 11:03:50 starting 5 executor processes [ 67.458004][ T5093] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 67.467521][ T5093] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 67.489147][ T5095] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 67.499782][ T5095] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 67.510470][ T5100] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 67.518500][ T5100] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 67.527240][ T5100] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 67.536959][ T5100] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 67.545506][ T5102] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 67.553063][ T5102] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 67.562043][ T5102] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 67.576216][ T5105] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 67.578842][ T5100] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 67.579623][ T5102] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 67.585307][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 67.592062][ T5100] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 67.600392][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 67.607993][ T5102] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 67.614380][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 67.624141][ T5102] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 67.629448][ T5105] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 67.636546][ T5102] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 67.642972][ T5105] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 67.650753][ T5102] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 67.660994][ T5107] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 67.676548][ T5102] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 67.679972][ T5107] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 67.719902][ T5107] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 67.733040][ T5107] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 67.741619][ T5107] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 68.190424][ T5092] chnl_net:caif_netlink_parms(): no params data found [ 68.392269][ T5103] chnl_net:caif_netlink_parms(): no params data found [ 68.402932][ T5094] chnl_net:caif_netlink_parms(): no params data found [ 68.445089][ T5090] chnl_net:caif_netlink_parms(): no params data found [ 68.522602][ T5099] chnl_net:caif_netlink_parms(): no params data found [ 68.534549][ T5092] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.545124][ T5092] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.553683][ T5092] bridge_slave_0: entered allmulticast mode [ 68.562923][ T5092] bridge_slave_0: entered promiscuous mode [ 68.577554][ T5092] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.585166][ T5092] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.592460][ T5092] bridge_slave_1: entered allmulticast mode [ 68.599508][ T5092] bridge_slave_1: entered promiscuous mode [ 68.714085][ T5092] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 68.743142][ T5103] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.755036][ T5103] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.762841][ T5103] bridge_slave_0: entered allmulticast mode [ 68.770544][ T5103] bridge_slave_0: entered promiscuous mode [ 68.777670][ T5094] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.785337][ T5094] bridge0: port 1(bridge_slave_0) entered disabled state [ 68.792855][ T5094] bridge_slave_0: entered allmulticast mode [ 68.800997][ T5094] bridge_slave_0: entered promiscuous mode [ 68.811605][ T5092] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 68.853042][ T5103] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.860480][ T5103] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.869633][ T5103] bridge_slave_1: entered allmulticast mode [ 68.876564][ T5103] bridge_slave_1: entered promiscuous mode [ 68.896883][ T5094] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.904234][ T5094] bridge0: port 2(bridge_slave_1) entered disabled state [ 68.911554][ T5094] bridge_slave_1: entered allmulticast mode [ 68.918705][ T5094] bridge_slave_1: entered promiscuous mode [ 68.985428][ T5103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.026363][ T5090] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.035389][ T5090] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.042934][ T5090] bridge_slave_0: entered allmulticast mode [ 69.050155][ T5090] bridge_slave_0: entered promiscuous mode [ 69.057327][ T5099] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.064921][ T5099] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.072241][ T5099] bridge_slave_0: entered allmulticast mode [ 69.079241][ T5099] bridge_slave_0: entered promiscuous mode [ 69.088490][ T5103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.100596][ T5094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.114314][ T5094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.126878][ T5092] team0: Port device team_slave_0 added [ 69.134140][ T5090] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.141434][ T5090] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.148724][ T5090] bridge_slave_1: entered allmulticast mode [ 69.156056][ T5090] bridge_slave_1: entered promiscuous mode [ 69.162920][ T5099] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.170600][ T5099] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.177807][ T5099] bridge_slave_1: entered allmulticast mode [ 69.185071][ T5099] bridge_slave_1: entered promiscuous mode [ 69.227312][ T5092] team0: Port device team_slave_1 added [ 69.277781][ T5099] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.304310][ T5103] team0: Port device team_slave_0 added [ 69.335468][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.343380][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.370582][ T5092] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.385731][ T5090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.397973][ T5099] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.413966][ T5094] team0: Port device team_slave_0 added [ 69.424724][ T5094] team0: Port device team_slave_1 added [ 69.435296][ T5103] team0: Port device team_slave_1 added [ 69.458011][ T5092] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.465292][ T5092] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.493681][ T5092] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.514635][ T5090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.572513][ T5103] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.580605][ T5103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.607819][ T5103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.622604][ T5103] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.629864][ T5103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.657751][ T5103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.691379][ T5099] team0: Port device team_slave_0 added [ 69.699896][ T5107] Bluetooth: hci1: command tx timeout [ 69.704534][ T5090] team0: Port device team_slave_0 added [ 69.725108][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.734867][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.761978][ T5094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.773680][ T5098] Bluetooth: hci3: command tx timeout [ 69.773748][ T53] Bluetooth: hci2: command tx timeout [ 69.779787][ T5098] Bluetooth: hci0: command tx timeout [ 69.791750][ T5107] Bluetooth: hci4: command tx timeout [ 69.814803][ T5099] team0: Port device team_slave_1 added [ 69.826034][ T5090] team0: Port device team_slave_1 added [ 69.833516][ T5094] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.841163][ T5094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.868476][ T5094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.897543][ T5092] hsr_slave_0: entered promiscuous mode [ 69.904683][ T5092] hsr_slave_1: entered promiscuous mode [ 69.975090][ T5103] hsr_slave_0: entered promiscuous mode [ 69.982779][ T5103] hsr_slave_1: entered promiscuous mode [ 69.993056][ T5103] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.001378][ T5103] Cannot create hsr debugfs directory [ 70.024781][ T5099] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.032666][ T5099] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.059632][ T5099] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.073599][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.081551][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.114842][ T5090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.128462][ T5090] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.135739][ T5090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.163179][ T5090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.189181][ T5094] hsr_slave_0: entered promiscuous mode [ 70.195998][ T5094] hsr_slave_1: entered promiscuous mode [ 70.203153][ T5094] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.210945][ T5094] Cannot create hsr debugfs directory [ 70.237026][ T5099] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.244437][ T5099] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.270941][ T5099] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.434862][ T5090] hsr_slave_0: entered promiscuous mode [ 70.441934][ T5090] hsr_slave_1: entered promiscuous mode [ 70.448003][ T5090] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.456740][ T5090] Cannot create hsr debugfs directory [ 70.486949][ T5099] hsr_slave_0: entered promiscuous mode [ 70.498416][ T5099] hsr_slave_1: entered promiscuous mode [ 70.505968][ T5099] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.514153][ T5099] Cannot create hsr debugfs directory [ 70.834484][ T5103] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 70.845228][ T5103] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 70.857083][ T5103] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 70.866948][ T5103] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 70.918190][ T5092] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.932289][ T5092] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.951966][ T5092] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.962996][ T5092] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.051101][ T5094] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.064452][ T5094] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.074286][ T5094] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.084894][ T5094] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.232230][ T5090] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 71.243047][ T5090] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 71.276394][ T5090] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 71.286878][ T5090] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 71.356254][ T5099] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 71.368128][ T5099] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 71.390119][ T5092] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.403433][ T5103] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.425545][ T5099] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 71.446054][ T5099] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 71.505894][ T5092] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.522857][ T5103] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.560835][ T5130] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.568536][ T5130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.583199][ T5130] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.590481][ T5130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.630995][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.638749][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.652707][ T5094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.682381][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.689684][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.735093][ T5094] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.764273][ T5103] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.776427][ T5107] Bluetooth: hci1: command tx timeout [ 71.794552][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.801835][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.849163][ T5098] Bluetooth: hci4: command tx timeout [ 71.849216][ T53] Bluetooth: hci3: command tx timeout [ 71.854959][ T5098] Bluetooth: hci0: command tx timeout [ 71.867635][ T5107] Bluetooth: hci2: command tx timeout [ 71.895574][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.903016][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.017255][ T5090] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.076894][ T5099] 8021q: adding VLAN 0 to HW filter on device bond0 [ 72.118248][ T5103] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.145182][ T5099] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.168475][ T5090] 8021q: adding VLAN 0 to HW filter on device team0 [ 72.196597][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.203954][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.245198][ T5142] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.252932][ T5142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.296790][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.304211][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.322661][ T5142] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.330475][ T5142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.344010][ T1245] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.352700][ T1245] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.525002][ T5103] veth0_vlan: entered promiscuous mode [ 72.543567][ T5090] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 72.588535][ T5103] veth1_vlan: entered promiscuous mode [ 72.634410][ T5094] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.652191][ T5092] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.834796][ T5103] veth0_macvtap: entered promiscuous mode [ 72.855278][ T5103] veth1_macvtap: entered promiscuous mode [ 72.887956][ T5092] veth0_vlan: entered promiscuous mode [ 72.907642][ T5094] veth0_vlan: entered promiscuous mode [ 72.932033][ T5092] veth1_vlan: entered promiscuous mode [ 72.962439][ T5099] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.974478][ T5094] veth1_vlan: entered promiscuous mode [ 72.996391][ T5103] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.013745][ T5103] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.032992][ T5090] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.085579][ T5103] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.096582][ T5103] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.105817][ T5103] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.115585][ T5103] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.132433][ T5092] veth0_macvtap: entered promiscuous mode [ 73.143921][ T5092] veth1_macvtap: entered promiscuous mode [ 73.212960][ T5094] veth0_macvtap: entered promiscuous mode [ 73.261479][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.277335][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.290674][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.308343][ T5094] veth1_macvtap: entered promiscuous mode [ 73.334324][ T5092] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.347641][ T5092] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.366700][ T5092] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.405024][ T5092] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.414447][ T5092] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.423867][ T5092] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.433524][ T5092] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.478374][ T5090] veth0_vlan: entered promiscuous mode [ 73.505015][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.516353][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.519162][ T51] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.528361][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.537589][ T51] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.560480][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.572446][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.597809][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.608346][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.620048][ T5094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.630746][ T5094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.642486][ T5094] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.695164][ T5090] veth1_vlan: entered promiscuous mode [ 73.728705][ T5094] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.738567][ T5094] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.747998][ T5094] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.757994][ T5094] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.788708][ T5099] veth0_vlan: entered promiscuous mode [ 73.797972][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.806964][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.849412][ T5107] Bluetooth: hci1: command tx timeout [ 73.865141][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.875805][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:03:57 executing program 2: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513db700000000000000bfa100000000000007010000f8ffffffb702000008000000b70300000000af6b850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000003900)={&(0x7f00000002c0)='ext4_da_release_space\x00', r0}, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) write$cgroup_type(r1, &(0x7f0000000140), 0x9) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1712) [ 73.916419][ T5099] veth1_vlan: entered promiscuous mode [ 73.929643][ T5107] Bluetooth: hci2: command tx timeout [ 73.935168][ T5098] Bluetooth: hci0: command tx timeout [ 73.937133][ T5095] Bluetooth: hci4: command tx timeout [ 73.949817][ T53] Bluetooth: hci3: command tx timeout 11:03:57 executing program 2: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0x541b, &(0x7f0000000000)={0xffffffffffffffff}) close_range(r1, 0xffffffffffffffff, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r2 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x48c0, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup2(r1, r3) dup2(r3, r2) ioctl$RTC_UIE_OFF(r2, 0x7004) [ 74.031186][ T5090] veth0_macvtap: entered promiscuous mode [ 74.121789][ T5090] veth1_macvtap: entered promiscuous mode [ 74.136388][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.175607][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.205012][ T29] audit: type=1800 audit(1712055837.727:2): pid=5178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name=".pending_reads" dev="sda1" ino=1944 res=0 errno=0 11:03:57 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x0) dup3(r0, r1, 0x0) sendmsg$AUDIT_ADD_RULE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[], 0x434}}, 0x0) 11:03:57 executing program 3: r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000800), 0x2, 0x0) close(r0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000001100)={0x14}, 0x14}}, 0x0) [ 74.308193][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 11:03:57 executing program 2: r0 = getpgrp(0x0) r1 = syz_pidfd_open(r0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f0000002600)={0x0, 0x0, &(0x7f00000025c0)={&(0x7f0000002580)={0x34, 0x0, 0x0, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @udp='udp:syz1\x00'}}}}, 0x34}}, 0x0) [ 74.373601][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.398020][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.431359][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.452518][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 11:03:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @mss, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x80a, 0x0, 0x6) 11:03:58 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f00000001c0)={0x0, 0x0}) r1 = io_uring_setup(0x2aa0, &(0x7f0000000000)={0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r0}) dup2(r0, r1) [ 74.488977][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.517675][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 74.545138][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.572156][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 74.584184][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 11:03:58 executing program 2: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0xa08000, &(0x7f00000000c0)={[{@gid}, {@creator={'creator', 0x3d, "6cc32b3a"}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@dir_umask={'dir_umask', 0x3d, 0xc9}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {}, {@type={'type', 0x3d, "66a5646f"}}]}, 0x4, 0x334, &(0x7f0000000180)="$eJzs3U1r1EAYB/D/ZF+6a0uNbaXgsVrwVNp6UESwSPHiF/AgxdpuoTRW0AoqiKsXLyLeBMGjN8+iX0Ev4hfQUw/Fk16KiCMzk2wm25nsdvuSlv5/0HazmWfmmSSTZLa0AREdWVdmv787t66+RAVACcBFIABQA8oATmK0dn91bXktaizmVVTSEepLwESKLWUWVhuuUBWnI2KhWipjwH6P9oaUUv7oWOrXvuRCxRFm7G8RAH3x6NTra/ue2d5omn4dLdYeFpvYxAMMFpkOEREVL77+B/FVYiC+fw8CYDy+Dz/s1//M/c1mcXkcCK3rf2CWpVDb57helc739BRO7f0gmSW66nIeEzLd3FWYIyuzA0SnWaXOJagvLUeNiaau4Bkux6xiI6bw80ysL9uq+THmmJtaKm3LeX3P16/7UFF9qHjyH3bF5bb4aQOv3c3NfekiJ/FZfBVzIsQbLLbu/8pSqI2jt08I1O0Ak/+kv0bdy9CUyvQynb+f0I2cSvbAx/dpL+u+7VpDSeXiomoR7ffvYZLnq6o/CkPIfqxgejfl752OGnZGTbeW/zijRtIoPcyC+lIlakws3IlyP0rZNc4ZnXgprosx/MQHzFr3/4EqPQ7/yMyMcqFLxkdGbn/KuqRnP2boTXQ7d2SS01Xnjs73ArdwAYP3Hj5amY+ixt3iXyRD5YDkYw7E+HBU76ifVhnU1At1rdi1Rv9JKZ2ryuiynj500ZYvZ3PdO/+21WV9mm2axZ11EE2zDa1VM/7C6WlTvZOcEXpp/UkrSl0tthP+W7c+o/a7s4ywMqzu7QGZNJVZVUJfVyOl3kOj1x6vzEfbP6XQ4ZPudIze2LhUdDq0/9R9lzDzP2u+MqnPOupbmDMbkZ0qt2qc8syAhvT3Y0imolqHOVe/fwbXn7yIGtN5c67TZ4EzbS0GSFp82l5tGOeJg/hbSeevMup5EWIW33CTn/8TERERERERERERERERERERERERER022/1rhF7+nCDb4voR/McbREREREREREREREREREREREREREREREQ7Yz3/FyjpJ8ZUC3/+byn7/N+/0sgEJc+lIKKe/Q8AAP//iPNjmA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001640)=""/4111, 0x100f) [ 74.596466][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.607734][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 74.618426][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.635981][ T5090] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 11:03:58 executing program 3: r0 = syz_open_pts(0xffffffffffffffff, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) poll(&(0x7f0000000000)=[{r0, 0x40}, {r0}], 0x2, 0x0) poll(&(0x7f0000000100)=[{r0}], 0x1, 0x0) [ 74.646998][ T5090] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 74.662643][ T5090] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 74.675370][ T5099] veth0_macvtap: entered promiscuous mode [ 74.720548][ T5192] loop2: detected capacity change from 0 to 64 [ 74.741664][ T5090] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 11:03:58 executing program 3: r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x48c0, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x5450, 0x0) 11:03:58 executing program 2: r0 = socket(0xa, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000040), 0x4) [ 74.766948][ T5090] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.786636][ T5090] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.800516][ T5090] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 74.817098][ T5099] veth1_macvtap: entered promiscuous mode 11:03:58 executing program 3: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) close(r0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0) [ 74.869019][ T29] audit: type=1800 audit(1712055838.397:3): pid=5196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name=".pending_reads" dev="sda1" ino=1945 res=0 errno=0 [ 74.940289][ T1036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.948350][ T1036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:03:58 executing program 3: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x6, 0x4, 0x2003, 0x2}, 0x48) [ 75.021789][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 11:03:58 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @mss, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x80a, 0x0, 0x6) [ 75.063664][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.097758][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 11:03:58 executing program 3: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f00000001c0)={0x0, 0x0}) r1 = io_uring_setup(0x700, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/85, 0x55}], 0x1) dup2(r0, r1) [ 75.125972][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.144756][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 11:03:58 executing program 2: syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000a40)=ANY=[@ANYBLOB="73623d3078303030303030303030303030303030312c6175746f5f64615f616c6c6f633d3078303030303030303030303030346530302c6e6f6c6f61642c6175746f5f64615f616c6c6f633d3078303030303030303030303030303030392c008371c54f19cd70f60626f74eb07f285580b77cd00344a00a43af12360c2d7634bf27b6786dd9f1c21386e884d43daf784bb796205b009fed304bc6bc2adfa404a3b172ba2dc39d7e2637e5ab7d2503abccfee450913dd7b84cfb4222ece70f5b2e8163a2c104f50dc0236ac9d2e263bee3eb7415f59ee6c65d2f61b71cfa9336231e85c42e527d7a8eebd65d4700a92681a1d52dfb438679bbd7617d80ce97f79d4fb573eccd3cf639de1723d6", @ANYRES16, @ANYRES64, @ANYRES32, @ANYRESOCT], 0x0, 0x5aa, &(0x7f0000000180)="$eJzs3c9vFFUcAPDv7G4LbdVWYlQ8mEZjIFFaWsDgjwPcCcEfNy9WWgiy/Ait0aKJJcGLifHigcSTB/G/UKJXTyYePHjxZEjQGC4ao2tmd3ZZ2t12W7pM7Xw+ybDvzZv2vQG++97MvLcbQGGNp3+UInZHxMUkYrStrBJZ4XjjuNt/fHAy3ZKo1V77PYkk29c8PsleR7If/mc04odvk9hVXlnv/OLlszPV6tylLD+5cO7i5Pzi5X1nzs2cnjs9d376+enDhw4eOjy1/57Or9SWPnb17XdHPz7+xpef/51MffXz8SSOxG+nGmXt57FZxmM8/qzVPly+P/17PbzZleWk3Pp/ckeyfAdbV9KIkYGIeCxGo9z2rzkaH72Sa9uAvqolETWgoBLxDwXVHAc0r+17uw4u9XlUAtwPt45G/ep/ZfxXGvcGY6x+b2D4dnLXfZ4Ot/Q2JK3j+++OX0236NN9OKCzpSs7stTy+E/qsTkWO+u54dulu+I/HQGcyF7T/a9usP7xZXnxD/fP0pWIeLzT+H/t+H+zLf7f2mD94h8AAAAAAAA2z42jEfFcp+d/pezZ3M54qn3+z493Vgge2YT6137+V7q5CdUAHdw6GvFyx/m/rTm+Y+Us92BjNmBy6kx1bn9EPBQRe2NgR5qfWqWOfZ/sutatrH3+X7ql9TfnAmbtuFnZcffPzM4szNzLOQMNt65EPFHpPv8n7f+TDvN/0/eDiz3WseuZ6ye6la0d/0C/1L6I2NOx/09axySrfz7HZH08MNkcFaz05Pufft2tfvEP+Un7/+HV438saf+8nvn1/f7BiDiwWKl1K9/o+H8web3c/P2p92YWFi5NRQwmx1bun15fm2G7asZDM17S+N/79Or3/1rj/7Y4HIqIpR7rfPTfkV+6len/IT9p/M+uq/9ff2L6+tg33ervrf8/WO/T92Z73P+D1fUaoHm3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+j0oR8UAkpYlWulSamIgYiYhHYrhUvTC/8OypC++cn03L6t//X2p+0+9oI580v/9/rC0/vSx/ICIejojPykP1/MTJC9XZvE8eAAAAAAAAAAAAAAAAAAAAtoiRLuv/U7+W824d0HeV7FW8Q/FU8m4AkBvxD8Ul/qG4xD8Ul/iH4tpg/HtcANuA/h+KaqC3w3b2ux1AHvT/AAAAAACwrdx46YVrSUQsvThU31KDWVnrweBQXq0D+qmUdwOA3JjDC8Vl6g8UV4+Tf4FtLGml/qp1Ku8++z/pT4MAAAAAAAAAAAAAgBX27L7x05rr/4Ftyfp/KC7r/6G4rP+H4nKND6y1it/6fwAAAAAAAAAAAADI3/zi5bMz1ercJQmJrZYYiIgt0IwcEoP5h2fOb0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDLfwEAAP//9AIl1g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) [ 75.179991][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.195633][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 75.210717][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 11:03:58 executing program 3: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0xa08000, &(0x7f00000000c0)={[{@gid}, {@creator={'creator', 0x3d, "6cc32b3a"}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@dir_umask={'dir_umask', 0x3d, 0xc9}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {}, {@type={'type', 0x3d, "66a5646f"}}]}, 0x4, 0x334, &(0x7f0000000180)="$eJzs3U1r1EAYB/D/ZF+6a0uNbaXgsVrwVNp6UESwSPHiF/AgxdpuoTRW0AoqiKsXLyLeBMGjN8+iX0Ev4hfQUw/Fk16KiCMzk2wm25nsdvuSlv5/0HazmWfmmSSTZLa0AREdWVdmv787t66+RAVACcBFIABQA8oATmK0dn91bXktaizmVVTSEepLwESKLWUWVhuuUBWnI2KhWipjwH6P9oaUUv7oWOrXvuRCxRFm7G8RAH3x6NTra/ue2d5omn4dLdYeFpvYxAMMFpkOEREVL77+B/FVYiC+fw8CYDy+Dz/s1//M/c1mcXkcCK3rf2CWpVDb57helc739BRO7f0gmSW66nIeEzLd3FWYIyuzA0SnWaXOJagvLUeNiaau4Bkux6xiI6bw80ysL9uq+THmmJtaKm3LeX3P16/7UFF9qHjyH3bF5bb4aQOv3c3NfekiJ/FZfBVzIsQbLLbu/8pSqI2jt08I1O0Ak/+kv0bdy9CUyvQynb+f0I2cSvbAx/dpL+u+7VpDSeXiomoR7ffvYZLnq6o/CkPIfqxgejfl752OGnZGTbeW/zijRtIoPcyC+lIlakws3IlyP0rZNc4ZnXgprosx/MQHzFr3/4EqPQ7/yMyMcqFLxkdGbn/KuqRnP2boTXQ7d2SS01Xnjs73ArdwAYP3Hj5amY+ixt3iXyRD5YDkYw7E+HBU76ifVhnU1At1rdi1Rv9JKZ2ryuiynj500ZYvZ3PdO/+21WV9mm2axZ11EE2zDa1VM/7C6WlTvZOcEXpp/UkrSl0tthP+W7c+o/a7s4ywMqzu7QGZNJVZVUJfVyOl3kOj1x6vzEfbP6XQ4ZPudIze2LhUdDq0/9R9lzDzP2u+MqnPOupbmDMbkZ0qt2qc8syAhvT3Y0imolqHOVe/fwbXn7yIGtN5c67TZ4EzbS0GSFp82l5tGOeJg/hbSeevMup5EWIW33CTn/8TERERERERERERERERERERERERER022/1rhF7+nCDb4voR/McbREREREREREREREREREREREREREREREQ7Yz3/FyjpJ8ZUC3/+byn7/N+/0sgEJc+lIKKe/Q8AAP//iPNjmA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001640)=""/4111, 0x100f) [ 75.240836][ T5099] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 75.262036][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.286225][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.309166][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.321416][ T5208] loop2: detected capacity change from 0 to 1024 [ 75.321517][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.338361][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.362124][ T5208] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 75.365535][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.374403][ T5210] loop3: detected capacity change from 0 to 64 [ 75.392160][ T5208] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) [ 75.398806][ T5099] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 75.416124][ T5208] EXT4-fs (loop2): invalid journal inode [ 75.421888][ T5099] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 75.430710][ T5208] EXT4-fs (loop2): can't get journal size 11:03:59 executing program 2: r0 = socket$inet(0x2, 0xa, 0x0) ioctl$AUTOFS_IOC_READY(r0, 0x5450, 0x0) [ 75.451856][ T5208] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. 11:03:59 executing program 3: r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x7ff, 0x0) read$snapshot(r0, 0x0, 0x0) [ 75.495689][ T5099] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 75.520081][ T5103] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.561871][ T5143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.570147][ T5143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 75.623531][ T5099] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.646496][ T5099] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.656323][ T5214] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) 11:03:59 executing program 3: r0 = socket$inet6(0x18, 0x2, 0x0) sendmsg(r0, &(0x7f0000000680)={&(0x7f0000000040)=@in6={0x18, 0x2}, 0xc, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0801000000000000ffff0000ff7f00007867f447f4972c5c4a7d3d900a6233397e26dc532f89cd32a937f2914c6b0fabbd5d358667af0460d694a66869e268d963986424ee4aa84adb57ff596789cc0db995370029a4f9d14f6b55efec22b0e9bf18469832c1a03936ab797995ed6e54a1d8670f49f9339d32caf4fffcfce778dc8ab491516063fff5b1b1855eca37a4424a5486b88381249bfdebbccc4b37a3690036fa288fb835287baf013437c685c10ad1b5789fc05f3cb5cfdebe06d4f4ddd44b4a9349fb976d7ae8760cf083b690cf73d04ad1ebab5e5ea6c80a6b592bc1135ebcb4389a0ea06045a63555c3c2bdda6fbe242d3c067e3e5445e2feb2844a00000000000000900000000000000001000000060000007f0147af4c6a2556f52f08b2b3164e29d63719dd9a1e53543c4a1097db8abef5f5beba6130c11c451952c8928675f350959a3be537b1a5dd69c79ab7f99426468047ef19494cd2fc3f7e2f8d78e3931d6680a3c7e99e214aa71a1a5953e6262aa3058b037cf7ce558a6a5e280f920b2b1af13d39309875a8a2876426649c0000e0"], 0x278}, 0x0) [ 75.669170][ T5099] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.678178][ T5099] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 11:03:59 executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) getdents64(r2, &(0x7f0000006600)=""/4096, 0x1000) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f00000005c0)={0x0, 0x0, r3, 0x0}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000ac0)={0x0, 0x1, &(0x7f0000000640)=[r4], 0x0, 0x0, 0x0}) 11:03:59 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r1, &(0x7f0000000340)='\n', 0x1, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000400)=""/4094, 0xffe}, {&(0x7f0000002400)=""/4101, 0x1005}], 0x2}, 0x40) [ 75.779102][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 75.786988][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:03:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @mss, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x80a, 0x0, 0x6) 11:03:59 executing program 2: r0 = socket(0x18, 0x1, 0x0) recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x1) 11:03:59 executing program 3: syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000a40)=ANY=[@ANYBLOB="73623d3078303030303030303030303030303030312c6175746f5f64615f616c6c6f633d3078303030303030303030303030346530302c6e6f6c6f61642c6175746f5f64615f616c6c6f633d3078303030303030303030303030303030392c008371c54f19cd70f60626f74eb07f285580b77cd00344a00a43af12360c2d7634bf27b6786dd9f1c21386e884d43daf784bb796205b009fed304bc6bc2adfa404a3b172ba2dc39d7e2637e5ab7d2503abccfee450913dd7b84cfb4222ece70f5b2e8163a2c104f50dc0236ac9d2e263bee3eb7415f59ee6c65d2f61b71cfa9336231e85c42e527d7a8eebd65d4700a92681a1d52dfb438679bbd7617d80ce97f79d4fb573eccd3cf639de1723d6", @ANYRES16, @ANYRES64, @ANYRES32, @ANYRESOCT], 0x0, 0x5aa, &(0x7f0000000180)="$eJzs3c9vFFUcAPDv7G4LbdVWYlQ8mEZjIFFaWsDgjwPcCcEfNy9WWgiy/Ait0aKJJcGLifHigcSTB/G/UKJXTyYePHjxZEjQGC4ao2tmd3ZZ2t12W7pM7Xw+ybDvzZv2vQG++97MvLcbQGGNp3+UInZHxMUkYrStrBJZ4XjjuNt/fHAy3ZKo1V77PYkk29c8PsleR7If/mc04odvk9hVXlnv/OLlszPV6tylLD+5cO7i5Pzi5X1nzs2cnjs9d376+enDhw4eOjy1/57Or9SWPnb17XdHPz7+xpef/51MffXz8SSOxG+nGmXt57FZxmM8/qzVPly+P/17PbzZleWk3Pp/ckeyfAdbV9KIkYGIeCxGo9z2rzkaH72Sa9uAvqolETWgoBLxDwXVHAc0r+17uw4u9XlUAtwPt45G/ep/ZfxXGvcGY6x+b2D4dnLXfZ4Ot/Q2JK3j+++OX0236NN9OKCzpSs7stTy+E/qsTkWO+u54dulu+I/HQGcyF7T/a9usP7xZXnxD/fP0pWIeLzT+H/t+H+zLf7f2mD94h8AAAAAAAA2z42jEfFcp+d/pezZ3M54qn3+z493Vgge2YT6137+V7q5CdUAHdw6GvFyx/m/rTm+Y+Us92BjNmBy6kx1bn9EPBQRe2NgR5qfWqWOfZ/sutatrH3+X7ql9TfnAmbtuFnZcffPzM4szNzLOQMNt65EPFHpPv8n7f+TDvN/0/eDiz3WseuZ6ye6la0d/0C/1L6I2NOx/09axySrfz7HZH08MNkcFaz05Pufft2tfvEP+Un7/+HV438saf+8nvn1/f7BiDiwWKl1K9/o+H8web3c/P2p92YWFi5NRQwmx1bun15fm2G7asZDM17S+N/79Or3/1rj/7Y4HIqIpR7rfPTfkV+6len/IT9p/M+uq/9ff2L6+tg33ervrf8/WO/T92Z73P+D1fUaoHm3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+j0oR8UAkpYlWulSamIgYiYhHYrhUvTC/8OypC++cn03L6t//X2p+0+9oI580v/9/rC0/vSx/ICIejojPykP1/MTJC9XZvE8eAAAAAAAAAAAAAAAAAAAAtoiRLuv/U7+W824d0HeV7FW8Q/FU8m4AkBvxD8Ul/qG4xD8Ul/iH4tpg/HtcANuA/h+KaqC3w3b2ux1AHvT/AAAAAACwrdx46YVrSUQsvThU31KDWVnrweBQXq0D+qmUdwOA3JjDC8Vl6g8UV4+Tf4FtLGml/qp1Ku8++z/pT4MAAAAAAAAAAAAAgBX27L7x05rr/4Ftyfp/KC7r/6G4rP+H4nKND6y1it/6fwAAAAAAAAAAAADI3/zi5bMz1ercJQmJrZYYiIgt0IwcEoP5h2fOb0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDLfwEAAP//9AIl1g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) [ 75.930048][ T53] Bluetooth: hci1: command tx timeout 11:03:59 executing program 0: syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000100)='./file0\x00', 0x800048, &(0x7f00000001c0)=ANY=[], 0x1, 0x4b1, &(0x7f0000000a40)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x14b042, 0x0) pwritev2(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x5407, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[], 0xc0) read$FUSE(r0, &(0x7f0000000f00)={0x2020}, 0x2020) 11:03:59 executing program 2: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0xa08000, &(0x7f00000000c0)={[{@gid}, {@creator={'creator', 0x3d, "6cc32b3a"}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@dir_umask={'dir_umask', 0x3d, 0xc9}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {}, {@type={'type', 0x3d, "66a5646f"}}]}, 0x4, 0x334, &(0x7f0000000180)="$eJzs3U1r1EAYB/D/ZF+6a0uNbaXgsVrwVNp6UESwSPHiF/AgxdpuoTRW0AoqiKsXLyLeBMGjN8+iX0Ev4hfQUw/Fk16KiCMzk2wm25nsdvuSlv5/0HazmWfmmSSTZLa0AREdWVdmv787t66+RAVACcBFIABQA8oATmK0dn91bXktaizmVVTSEepLwESKLWUWVhuuUBWnI2KhWipjwH6P9oaUUv7oWOrXvuRCxRFm7G8RAH3x6NTra/ue2d5omn4dLdYeFpvYxAMMFpkOEREVL77+B/FVYiC+fw8CYDy+Dz/s1//M/c1mcXkcCK3rf2CWpVDb57helc739BRO7f0gmSW66nIeEzLd3FWYIyuzA0SnWaXOJagvLUeNiaau4Bkux6xiI6bw80ysL9uq+THmmJtaKm3LeX3P16/7UFF9qHjyH3bF5bb4aQOv3c3NfekiJ/FZfBVzIsQbLLbu/8pSqI2jt08I1O0Ak/+kv0bdy9CUyvQynb+f0I2cSvbAx/dpL+u+7VpDSeXiomoR7ffvYZLnq6o/CkPIfqxgejfl752OGnZGTbeW/zijRtIoPcyC+lIlakws3IlyP0rZNc4ZnXgprosx/MQHzFr3/4EqPQ7/yMyMcqFLxkdGbn/KuqRnP2boTXQ7d2SS01Xnjs73ArdwAYP3Hj5amY+ixt3iXyRD5YDkYw7E+HBU76ifVhnU1At1rdi1Rv9JKZ2ryuiynj500ZYvZ3PdO/+21WV9mm2axZ11EE2zDa1VM/7C6WlTvZOcEXpp/UkrSl0tthP+W7c+o/a7s4ywMqzu7QGZNJVZVUJfVyOl3kOj1x6vzEfbP6XQ4ZPudIze2LhUdDq0/9R9lzDzP2u+MqnPOupbmDMbkZ0qt2qc8syAhvT3Y0imolqHOVe/fwbXn7yIGtN5c67TZ4EzbS0GSFp82l5tGOeJg/hbSeevMup5EWIW33CTn/8TERERERERERERERERERERERERER022/1rhF7+nCDb4voR/McbREREREREREREREREREREREREREREREQ7Yz3/FyjpJ8ZUC3/+byn7/N+/0sgEJc+lIKKe/Q8AAP//iPNjmA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001640)=""/4111, 0x100f) [ 76.009758][ T53] Bluetooth: hci3: command tx timeout [ 76.013175][ T5095] Bluetooth: hci4: command tx timeout [ 76.019436][ T5098] Bluetooth: hci2: command tx timeout [ 76.026337][ T53] Bluetooth: hci0: command tx timeout 11:03:59 executing program 1: r0 = socket(0x1e, 0x3, 0x0) readv(r0, &(0x7f0000000140)=[{0x0}], 0x1) [ 76.155830][ T5130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.170636][ T5227] loop2: detected capacity change from 0 to 64 [ 76.179922][ T5130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.183801][ T5230] loop0: detected capacity change from 0 to 128 [ 76.244519][ T5230] ======================================================= [ 76.244519][ T5230] WARNING: The mand mount option has been deprecated and [ 76.244519][ T5230] and is ignored by this kernel. Remove the mand [ 76.244519][ T5230] option from the mount to silence this warning. [ 76.244519][ T5230] ======================================================= [ 76.290284][ T5233] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.312428][ T5233] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 11:03:59 executing program 2: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) timer_create(0x0, 0x0, &(0x7f0000bbdffc)) timer_gettime(0x0, &(0x7f00000000c0)) 11:03:59 executing program 1: r0 = socket$inet6(0x18, 0x1, 0x0) sendto$inet6(r0, &(0x7f0000000000)="cc2e0bd7792a6c9a25caa83429ce7866d8fed6db91cf3442fa49ae04caf6c11f0b0c7c2c2019c982a160273586194914e2a91163c3006317bad6318f98d93a612949f110cdc63949f9a9c087edb6c538e780e71b7afa6eb045df8ff61922c0f5142a135545fdc4cdc10521322159fcc9b0a9fbfc82625d8ac7bf592780f0bac29a37ee940871c132e2ccc883d33aefc4307a6c", 0x93, 0xc00, &(0x7f00000000c0)={0x18, 0x3}, 0xffffffffffffffd4) [ 76.338571][ T5231] loop3: detected capacity change from 0 to 1024 [ 76.386400][ T5231] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 76.402157][ T5230] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256 [ 76.433230][ T5231] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869) 11:04:00 executing program 1: r0 = socket$inet6(0x18, 0x3, 0x0) bind(r0, &(0x7f0000000080)=@un=@abs, 0x8) 11:04:00 executing program 4: bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48) [ 76.499904][ T5231] EXT4-fs (loop3): invalid journal inode [ 76.538344][ T5230] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 76.544791][ T5231] EXT4-fs (loop3): can't get journal size [ 76.593724][ T29] audit: type=1326 audit(1712055840.127:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 11:04:00 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x8, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000010000000000000000000000850000005300000085000000050000009500000000000000a94be0c51261be6a99e5e06bb0a232d5fef59f18f845f82e9a7bde9e8f4b9197701b547edf612a03f1737d951d7a617558b674e1c4fdfdd91ebe7c33af3e4917be59ac67f0bbabcb8f41c23ba8f91633a8b9c70e70e28b18b04a804744dc081ac69cfea08e4e5a06f70c6792f2888d6fd95f20202866b18c3c3771bc3f325a6386a9d49e3c13b32461acf0be4b31638c29187d748841f490719346a2fbef83d20287cecf4773eae823cb39547bcdac15e52a4b6a2981eb4afadbbdf9157fa588f475c4cd2e44e2129dc6b9"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000000140)=""/192}, 0x80) [ 76.651858][ T5231] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. 11:04:00 executing program 4: bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) 11:04:00 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000300)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @mss, @sack_perm], 0x8) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x80a, 0x0, 0x6) 11:04:00 executing program 3: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0xa08000, &(0x7f00000000c0)={[{@gid}, {@creator={'creator', 0x3d, "6cc32b3a"}}, {@dir_umask={'dir_umask', 0x3d, 0x6}}, {@dir_umask={'dir_umask', 0x3d, 0xc9}}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {}, {@type={'type', 0x3d, "66a5646f"}}]}, 0x4, 0x334, &(0x7f0000000180)="$eJzs3U1r1EAYB/D/ZF+6a0uNbaXgsVrwVNp6UESwSPHiF/AgxdpuoTRW0AoqiKsXLyLeBMGjN8+iX0Ev4hfQUw/Fk16KiCMzk2wm25nsdvuSlv5/0HazmWfmmSSTZLa0AREdWVdmv787t66+RAVACcBFIABQA8oATmK0dn91bXktaizmVVTSEepLwESKLWUWVhuuUBWnI2KhWipjwH6P9oaUUv7oWOrXvuRCxRFm7G8RAH3x6NTra/ue2d5omn4dLdYeFpvYxAMMFpkOEREVL77+B/FVYiC+fw8CYDy+Dz/s1//M/c1mcXkcCK3rf2CWpVDb57helc739BRO7f0gmSW66nIeEzLd3FWYIyuzA0SnWaXOJagvLUeNiaau4Bkux6xiI6bw80ysL9uq+THmmJtaKm3LeX3P16/7UFF9qHjyH3bF5bb4aQOv3c3NfekiJ/FZfBVzIsQbLLbu/8pSqI2jt08I1O0Ak/+kv0bdy9CUyvQynb+f0I2cSvbAx/dpL+u+7VpDSeXiomoR7ffvYZLnq6o/CkPIfqxgejfl752OGnZGTbeW/zijRtIoPcyC+lIlakws3IlyP0rZNc4ZnXgprosx/MQHzFr3/4EqPQ7/yMyMcqFLxkdGbn/KuqRnP2boTXQ7d2SS01Xnjs73ArdwAYP3Hj5amY+ixt3iXyRD5YDkYw7E+HBU76ifVhnU1At1rdi1Rv9JKZ2ryuiynj500ZYvZ3PdO/+21WV9mm2axZ11EE2zDa1VM/7C6WlTvZOcEXpp/UkrSl0tthP+W7c+o/a7s4ywMqzu7QGZNJVZVUJfVyOl3kOj1x6vzEfbP6XQ4ZPudIze2LhUdDq0/9R9lzDzP2u+MqnPOupbmDMbkZ0qt2qc8syAhvT3Y0imolqHOVe/fwbXn7yIGtN5c67TZ4EzbS0GSFp82l5tGOeJg/hbSeevMup5EWIW33CTn/8TERERERERERERERERERERERERER022/1rhF7+nCDb4voR/McbREREREREREREREREREREREREREREREQ7Yz3/FyjpJ8ZUC3/+byn7/N+/0sgEJc+lIKKe/Q8AAP//iPNjmA==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000001640)=""/4111, 0x100f) [ 76.746114][ T29] audit: type=1326 audit(1712055840.157:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 11:04:00 executing program 2: r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000009000000dfa2bff372df8cdbeb318ab2bec8fc36903c0ec359caa1af3c914019395cc154010c693709800000000000000016a85adef34bf78c76e6222337923e1bea6ef682cc4375f594425d408ccc58187feb0e3d43347f989007a7c63f6dae2acb4af936461f34a8a32a50bbbb69ec85168947b86df9f2609bf93f7a1be259621818c3c75da31290bce645451b851111dd98ac4d8da9317c2c082020e0b2d634086785f3fe41a3053645cc413790faf7e229c782845b5bb774f7f154263178151ea93ff2cac4b181332c9c9a1c7d85616c8100000000000000d8300d19d585000000fc005774b56a7142047326f940e95b8489e1c5650f5c61299a295f39c88456391cffdef93e29f10f4a11f0cfbfc0ff976b20fef6033495b9b94777db9bb9b678ffc1130000009faa798226a080c01e47151268a02dc1a557cfdcf76305fbf6643df66b1b4d2d5e7bf698fc5a18d984ecb91e6683a5f522d536e2f3c43b89823659d1945258fc668950e5aacfffffffffffffff7f7a266c90e64efc8d8f730867202a9ee94e6a00"], &(0x7f0000000080)='GPL\x00', 0x5, 0x1f6, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x1, 0x0, 0xffffffffffffffff, 0xf5010000}, 0x6d) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000340)={@map, r1, 0x3, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) [ 76.849407][ T5092] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.879250][ T29] audit: type=1326 audit(1712055840.157:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 11:04:00 executing program 0: bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000500)=ANY=[@ANYBLOB="611566000000000061138c0000000000bfa00000000000001503000008004e003d3501000000000095004100000000006916000000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf590000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf664e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb845129361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386ba3b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f44fc00b69151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cbe8d23810052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a299fa176018054e9149a1c9d20a809ce3000000000000000000000000f6fad8476470bf4bb79d2ba2c0f7147577466f4229b364d6900ad22583c0ec630ea0c6177ad88014b074d88fea473d5ef91ed786bbd3371f0dfcc5ccf4aa82927192aa94fe70a261f1899e1f2f62d50b027f7e7cac8fe3691aa323e71d5e479d466512d1df57633a9006016322978a795431c745f0502e37b8884c368a3f9d5c05a7fb5bd25d95442d09f79c5bd656dccb450cb19c6df406ffcfc414334021df3e4654f84f10070846d3b0679544"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48) 11:04:00 executing program 4: bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x9}, 0x48) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x6, 0x8, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r1}, &(0x7f0000000180), &(0x7f0000000100)=r0}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000740)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x1000000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000b00)='sched_switch\x00', r2}, 0x10) 11:04:00 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'macvtap0\x00', 0x1}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) recvmsg$unix(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYRES32=r1], 0xfffffdc8}, 0x0) ioctl$TUNSETNOCSUM(r3, 0x8914, 0x20000000) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x7a, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}, {}], 0x38, 0x10, &(0x7f00000006c0), &(0x7f0000000700), 0x8, 0xfc, 0x8, 0x8, &(0x7f0000000740)}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a80)={0xffffffffffffffff, 0x20, &(0x7f0000000a40)={&(0x7f0000000900)=""/58, 0x3a, 0x0, &(0x7f0000000940)=""/126, 0x7e}}, 0x10) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000ac0)={0xffffffffffffffff}, 0x4) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b00)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x1a, 0x13, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x5}, [@tail_call, @call={0x85, 0x0, 0x0, 0x65}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @func={0x85, 0x0, 0x1, 0x0, 0x4}]}, &(0x7f0000000280)='GPL\x00', 0x4, 0xd, &(0x7f0000000300)=""/13, 0x0, 0x20, '\x00', 0x0, 0x36, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x1}, 0x8, 0x10, 0x0, 0x0, r5, r6, 0x2, &(0x7f0000000b80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r7, 0xffffffffffffffff], &(0x7f0000000bc0)=[{0x5, 0x1, 0x6}, {0x3, 0x3, 0x0, 0xa}], 0x10, 0x5}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='qdisc_reset\x00', r4}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0) close(r0) [ 76.997348][ T29] audit: type=1326 audit(1712055840.157:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 [ 77.020596][ C0] vkms_vblank_simulate: vblank timer overrun [ 77.063281][ T29] audit: type=1326 audit(1712055840.167:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=224 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 11:04:00 executing program 1: munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) [ 77.105945][ T29] audit: type=1326 audit(1712055840.167:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 [ 77.137264][ T5255] loop3: detected capacity change from 0 to 64 11:04:00 executing program 0: preadv(0xffffffffffffffff, &(0x7f0000000080)=[{0x0, 0xfffffffffffffd74}], 0x100000000000018f, 0x0, 0x0) [ 77.190422][ T29] audit: type=1326 audit(1712055840.167:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5237 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5e7b27dda9 code=0x7ffc0000 11:04:00 executing program 3: syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000a40)=ANY=[@ANYBLOB="73623d3078303030303030303030303030303030312c6175746f5f64615f616c6c6f633d3078303030303030303030303030346530302c6e6f6c6f61642c6175746f5f64615f616c6c6f633d3078303030303030303030303030303030392c008371c54f19cd70f60626f74eb07f285580b77cd00344a00a43af12360c2d7634bf27b6786dd9f1c21386e884d43daf784bb796205b009fed304bc6bc2adfa404a3b172ba2dc39d7e2637e5ab7d2503abccfee450913dd7b84cfb4222ece70f5b2e8163a2c104f50dc0236ac9d2e263bee3eb7415f59ee6c65d2f61b71cfa9336231e85c42e527d7a8eebd65d4700a92681a1d52dfb438679bbd7617d80ce97f79d4fb573eccd3cf639de1723d6", @ANYRES16, @ANYRES64, @ANYRES32, @ANYRESOCT], 0x0, 0x5aa, &(0x7f0000000180)="$eJzs3c9vFFUcAPDv7G4LbdVWYlQ8mEZjIFFaWsDgjwPcCcEfNy9WWgiy/Ait0aKJJcGLifHigcSTB/G/UKJXTyYePHjxZEjQGC4ao2tmd3ZZ2t12W7pM7Xw+ybDvzZv2vQG++97MvLcbQGGNp3+UInZHxMUkYrStrBJZ4XjjuNt/fHAy3ZKo1V77PYkk29c8PsleR7If/mc04odvk9hVXlnv/OLlszPV6tylLD+5cO7i5Pzi5X1nzs2cnjs9d376+enDhw4eOjy1/57Or9SWPnb17XdHPz7+xpef/51MffXz8SSOxG+nGmXt57FZxmM8/qzVPly+P/17PbzZleWk3Pp/ckeyfAdbV9KIkYGIeCxGo9z2rzkaH72Sa9uAvqolETWgoBLxDwXVHAc0r+17uw4u9XlUAtwPt45G/ep/ZfxXGvcGY6x+b2D4dnLXfZ4Ot/Q2JK3j+++OX0236NN9OKCzpSs7stTy+E/qsTkWO+u54dulu+I/HQGcyF7T/a9usP7xZXnxD/fP0pWIeLzT+H/t+H+zLf7f2mD94h8AAAAAAAA2z42jEfFcp+d/pezZ3M54qn3+z493Vgge2YT6137+V7q5CdUAHdw6GvFyx/m/rTm+Y+Us92BjNmBy6kx1bn9EPBQRe2NgR5qfWqWOfZ/sutatrH3+X7ql9TfnAmbtuFnZcffPzM4szNzLOQMNt65EPFHpPv8n7f+TDvN/0/eDiz3WseuZ6ye6la0d/0C/1L6I2NOx/09axySrfz7HZH08MNkcFaz05Pufft2tfvEP+Un7/+HV438saf+8nvn1/f7BiDiwWKl1K9/o+H8web3c/P2p92YWFi5NRQwmx1bun15fm2G7asZDM17S+N/79Or3/1rj/7Y4HIqIpR7rfPTfkV+6len/IT9p/M+uq/9ff2L6+tg33ervrf8/WO/T92Z73P+D1fUaoHm3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+j0oR8UAkpYlWulSamIgYiYhHYrhUvTC/8OypC++cn03L6t//X2p+0+9oI580v/9/rC0/vSx/ICIejojPykP1/MTJC9XZvE8eAAAAAAAAAAAAAAAAAAAAtoiRLuv/U7+W824d0HeV7FW8Q/FU8m4AkBvxD8Ul/qG4xD8Ul/iH4tpg/HtcANuA/h+KaqC3w3b2ux1AHvT/AAAAAACwrdx46YVrSUQsvThU31KDWVnrweBQXq0D+qmUdwOA3JjDC8Vl6g8UV4+Tf4FtLGml/qp1Ku8++z/pT4MAAAAAAAAAAAAAgBX27L7x05rr/4Ftyfp/KC7r/6G4rP+H4nKND6y1it/6fwAAAAAAAAAAAADI3/zi5bMz1ercJQmJrZYYiIgt0IwcEoP5h2fOb0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDLfwEAAP//9AIl1g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) ioctl$FITRIM(r0, 0xc0185879, 0x0) [ 77.292435][ T5265] [ 77.295017][ T5265] ===================================================== [ 77.302056][ T5265] WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected [ 77.309859][ T5265] 6.9.0-rc2-next-20240402-syzkaller #0 Not tainted [ 77.316517][ T5265] ----------------------------------------------------- [ 77.323658][ T5265] syz-executor.4/5265 [HC0[0]:SC0[2]:HE0:SE0] is trying to acquire: [ 77.331657][ T5265] ffff88802e465568 (&htab->buckets[i].lock){+...}-{2:2}, at: sock_hash_delete_elem+0xb0/0x300 [ 77.341954][ T5265] [ 77.341954][ T5265] and this task is already holding: [ 77.349399][ T5265] ffff8880b943e698 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 77.359006][ T5265] which would create a new lock dependency: [ 77.364883][ T5265] (&rq->__lock){-.-.}-{2:2} -> (&htab->buckets[i].lock){+...}-{2:2} [ 77.373119][ T5265] [ 77.373119][ T5265] but this new dependency connects a HARDIRQ-irq-safe lock: [ 77.382585][ T5265] (&rq->__lock){-.-.}-{2:2} [ 77.382609][ T5265] [ 77.382609][ T5265] ... which became HARDIRQ-irq-safe at: [ 77.395446][ T5265] lock_acquire+0x1ed/0x550 [ 77.400037][ T5265] _raw_spin_lock_nested+0x31/0x40 [ 77.405241][ T5265] raw_spin_rq_lock_nested+0x2a/0x140 [ 77.410776][ T5265] sched_tick+0xa1/0x6e0 [ 77.415263][ T5265] update_process_times+0x202/0x230 [ 77.420666][ T5265] tick_periodic+0x190/0x220 [ 77.425345][ T5265] tick_handle_periodic+0x4a/0x160 [ 77.431016][ T5265] timer_interrupt+0x5c/0x70 [ 77.436053][ T5265] __handle_irq_event_percpu+0x29c/0xa80 [ 77.441773][ T5265] handle_irq_event+0x89/0x1f0 [ 77.446632][ T5265] handle_edge_irq+0x25f/0xc20 [ 77.451496][ T5265] __common_interrupt+0x13a/0x230 [ 77.456624][ T5265] common_interrupt+0xa5/0xd0 [ 77.461463][ T5265] asm_common_interrupt+0x26/0x40 [ 77.466819][ T5265] console_flush_all+0xaad/0xfd0 [ 77.471828][ T5265] console_unlock+0x13b/0x4d0 [ 77.476587][ T5265] vprintk_emit+0x5a6/0x770 [ 77.481332][ T5265] _printk+0xd5/0x120 [ 77.486182][ T5265] calibrate_delay+0x1597/0x16b0 [ 77.491202][ T5265] start_kernel+0x3fd/0x500 [ 77.495790][ T5265] x86_64_start_reservations+0x2a/0x30 [ 77.501499][ T5265] x86_64_start_kernel+0x99/0xa0 [ 77.506544][ T5265] common_startup_64+0x13e/0x147 [ 77.511649][ T5265] [ 77.511649][ T5265] to a HARDIRQ-irq-unsafe lock: [ 77.518965][ T5265] (&htab->buckets[i].lock){+...}-{2:2} [ 77.518985][ T5265] [ 77.518985][ T5265] ... which became HARDIRQ-irq-unsafe at: [ 77.532740][ T5265] ... [ 77.532748][ T5265] lock_acquire+0x1ed/0x550 [ 77.539980][ T5265] _raw_spin_lock_bh+0x35/0x50 [ 77.545008][ T5265] sock_hash_update_common+0x20c/0xa30 [ 77.550794][ T5265] sock_map_update_elem_sys+0x5a4/0x910 [ 77.556524][ T5265] map_update_elem+0x53a/0x6f0 [ 77.561709][ T5265] __sys_bpf+0x76f/0x810 [ 77.566244][ T5265] __x64_sys_bpf+0x7c/0x90 [ 77.570948][ T5265] do_syscall_64+0xfb/0x240 [ 77.575619][ T5265] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 77.581587][ T5265] [ 77.581587][ T5265] other info that might help us debug this: [ 77.581587][ T5265] [ 77.591947][ T5265] Possible interrupt unsafe locking scenario: [ 77.591947][ T5265] [ 77.600337][ T5265] CPU0 CPU1 [ 77.605790][ T5265] ---- ---- [ 77.611315][ T5265] lock(&htab->buckets[i].lock); [ 77.616424][ T5265] local_irq_disable(); [ 77.623288][ T5265] lock(&rq->__lock); [ 77.629895][ T5265] lock(&htab->buckets[i].lock); [ 77.637682][ T5265] [ 77.641222][ T5265] lock(&rq->__lock); [ 77.645623][ T5265] [ 77.645623][ T5265] *** DEADLOCK *** [ 77.645623][ T5265] [ 77.654373][ T5265] 2 locks held by syz-executor.4/5265: [ 77.659846][ T5265] #0: ffff8880b943e698 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 77.669861][ T5265] #1: ffffffff8e334da0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run4+0x244/0x580 [ 77.679447][ T5265] [ 77.679447][ T5265] the dependencies between HARDIRQ-irq-safe lock and the holding lock: [ 77.690215][ T5265] -> (&rq->__lock){-.-.}-{2:2} { [ 77.695286][ T5265] IN-HARDIRQ-W at: [ 77.699449][ T5265] lock_acquire+0x1ed/0x550 [ 77.705956][ T5265] _raw_spin_lock_nested+0x31/0x40 [ 77.712825][ T5265] raw_spin_rq_lock_nested+0x2a/0x140 [ 77.719943][ T5265] sched_tick+0xa1/0x6e0 [ 77.725946][ T5265] update_process_times+0x202/0x230 [ 77.733217][ T5265] tick_periodic+0x190/0x220 [ 77.739849][ T5265] tick_handle_periodic+0x4a/0x160 [ 77.746788][ T5265] timer_interrupt+0x5c/0x70 [ 77.753195][ T5265] __handle_irq_event_percpu+0x29c/0xa80 [ 77.760563][ T5265] handle_irq_event+0x89/0x1f0 [ 77.767290][ T5265] handle_edge_irq+0x25f/0xc20 [ 77.774061][ T5265] __common_interrupt+0x13a/0x230 [ 77.780925][ T5265] common_interrupt+0xa5/0xd0 [ 77.787267][ T5265] asm_common_interrupt+0x26/0x40 [ 77.793961][ T5265] console_flush_all+0xaad/0xfd0 [ 77.800760][ T5265] console_unlock+0x13b/0x4d0 [ 77.807204][ T5265] vprintk_emit+0x5a6/0x770 [ 77.813349][ T5265] _printk+0xd5/0x120 [ 77.819059][ T5265] calibrate_delay+0x1597/0x16b0 [ 77.825670][ T5265] start_kernel+0x3fd/0x500 [ 77.831926][ T5265] x86_64_start_reservations+0x2a/0x30 [ 77.839142][ T5265] x86_64_start_kernel+0x99/0xa0 [ 77.845733][ T5265] common_startup_64+0x13e/0x147 [ 77.852768][ T5265] IN-SOFTIRQ-W at: [ 77.856860][ T5265] lock_acquire+0x1ed/0x550 [ 77.863019][ T5265] _raw_spin_lock_nested+0x31/0x40 [ 77.869794][ T5265] raw_spin_rq_lock_nested+0x2a/0x140 [ 77.876839][ T5265] try_to_wake_up+0x7d3/0x1470 [ 77.883811][ T5265] call_timer_fn+0x18e/0x650 [ 77.890174][ T5265] __run_timer_base+0x66a/0x8e0 [ 77.897881][ T5265] run_timer_softirq+0xb7/0x170 [ 77.904512][ T5265] __do_softirq+0x2c6/0x980 [ 77.910797][ T5265] __irq_exit_rcu+0xf2/0x1c0 [ 77.917026][ T5265] irq_exit_rcu+0x9/0x30 [ 77.923172][ T5265] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 77.930894][ T5265] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 77.938567][ T5265] default_idle+0x13/0x20 [ 77.944624][ T5265] default_idle_call+0x74/0xb0 [ 77.951328][ T5265] do_idle+0x22f/0x5d0 [ 77.957133][ T5265] cpu_startup_entry+0x42/0x60 [ 77.963623][ T5265] rest_init+0x2dc/0x300 [ 77.970485][ T5265] start_kernel+0x47a/0x500 [ 77.976816][ T5265] x86_64_start_reservations+0x2a/0x30 [ 77.985059][ T5265] x86_64_start_kernel+0x99/0xa0 [ 77.992109][ T5265] common_startup_64+0x13e/0x147 [ 77.998902][ T5265] INITIAL USE at: [ 78.002917][ T5265] lock_acquire+0x1ed/0x550 [ 78.009172][ T5265] _raw_spin_lock_nested+0x31/0x40 [ 78.015936][ T5265] raw_spin_rq_lock_nested+0x2a/0x140 [ 78.024366][ T5265] rq_attach_root+0xee/0x540 [ 78.030821][ T5265] sched_init+0x64e/0xc30 [ 78.036817][ T5265] start_kernel+0x1ab/0x500 [ 78.043335][ T5265] x86_64_start_reservations+0x2a/0x30 [ 78.051068][ T5265] x86_64_start_kernel+0x99/0xa0 [ 78.057667][ T5265] common_startup_64+0x13e/0x147 [ 78.065233][ T5265] } [ 78.067863][ T5265] ... key at: [] sched_init.__key+0x0/0x20 [ 78.077103][ T5265] [ 78.077103][ T5265] the dependencies between the lock to be acquired [ 78.077112][ T5265] and HARDIRQ-irq-unsafe lock: [ 78.091991][ T5265] -> (&htab->buckets[i].lock){+...}-{2:2} { [ 78.098259][ T5265] HARDIRQ-ON-W at: [ 78.103357][ T5265] lock_acquire+0x1ed/0x550 [ 78.110312][ T5265] _raw_spin_lock_bh+0x35/0x50 [ 78.118175][ T5265] sock_hash_update_common+0x20c/0xa30 [ 78.127753][ T5265] sock_map_update_elem_sys+0x5a4/0x910 [ 78.136480][ T5265] map_update_elem+0x53a/0x6f0 [ 78.144362][ T5265] __sys_bpf+0x76f/0x810 [ 78.151840][ T5265] __x64_sys_bpf+0x7c/0x90 [ 78.158829][ T5265] do_syscall_64+0xfb/0x240 [ 78.165892][ T5265] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 78.175836][ T5265] INITIAL USE at: [ 78.180627][ T5265] lock_acquire+0x1ed/0x550 [ 78.187267][ T5265] _raw_spin_lock_bh+0x35/0x50 [ 78.195796][ T5265] sock_hash_update_common+0x20c/0xa30 [ 78.203975][ T5265] sock_map_update_elem_sys+0x5a4/0x910 [ 78.211862][ T5265] map_update_elem+0x53a/0x6f0 [ 78.218628][ T5265] __sys_bpf+0x76f/0x810 [ 78.226143][ T5265] __x64_sys_bpf+0x7c/0x90 [ 78.232852][ T5265] do_syscall_64+0xfb/0x240 [ 78.240326][ T5265] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 78.248876][ T5265] } [ 78.252238][ T5265] ... key at: [] sock_hash_alloc.__key+0x0/0x20 [ 78.262165][ T5265] ... acquired at: [ 78.266877][ T5265] lock_acquire+0x1ed/0x550 [ 78.272563][ T5265] _raw_spin_lock_bh+0x35/0x50 [ 78.278453][ T5265] sock_hash_delete_elem+0xb0/0x300 [ 78.284568][ T5265] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 78.290633][ T5265] bpf_trace_run4+0x334/0x580 [ 78.295705][ T5265] __schedule+0x2587/0x4a50 [ 78.301298][ T5265] preempt_schedule_common+0x84/0xd0 [ 78.307001][ T5265] preempt_schedule+0xe1/0xf0 [ 78.312231][ T5265] preempt_schedule_thunk+0x1a/0x30 [ 78.318431][ T5265] try_to_wake_up+0x9a8/0x1470 [ 78.323749][ T5265] wake_up_q+0xc8/0x120 [ 78.328361][ T5265] futex_wake+0x523/0x5c0 [ 78.333151][ T5265] do_futex+0x392/0x560 [ 78.337939][ T5265] __se_sys_futex+0x3f9/0x480 [ 78.344728][ T5265] do_syscall_64+0xfb/0x240 [ 78.350922][ T5265] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 78.357973][ T5265] [ 78.360752][ T5265] [ 78.360752][ T5265] stack backtrace: [ 78.367071][ T5265] CPU: 0 PID: 5265 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240402-syzkaller #0 [ 78.378423][ T5265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 [ 78.390930][ T5265] Call Trace: [ 78.394839][ T5265] [ 78.397784][ T5265] dump_stack_lvl+0x241/0x360 [ 78.402922][ T5265] ? __pfx_dump_stack_lvl+0x10/0x10 [ 78.408153][ T5265] ? __pfx__printk+0x10/0x10 [ 78.413197][ T5265] ? print_shortest_lock_dependencies+0xf2/0x160 [ 78.419657][ T5265] validate_chain+0x4dc7/0x58e0 [ 78.425449][ T5265] ? __pfx_validate_chain+0x10/0x10 [ 78.432059][ T5265] ? __pfx_validate_chain+0x10/0x10 [ 78.437354][ T5265] ? __pfx_validate_chain+0x10/0x10 [ 78.442655][ T5265] ? __pfx_lock_acquire+0x10/0x10 [ 78.447796][ T5265] ? __pfx_validate_chain+0x10/0x10 [ 78.453743][ T5265] ? __lock_acquire+0x1346/0x1fd0 [ 78.458851][ T5265] ? mark_lock+0x9a/0x350 [ 78.468035][ T5265] __lock_acquire+0x1346/0x1fd0 [ 78.473012][ T5265] lock_acquire+0x1ed/0x550 [ 78.477605][ T5265] ? sock_hash_delete_elem+0xb0/0x300 [ 78.483083][ T5265] ? __pfx_lockdep_softirqs_off+0x10/0x10 [ 78.488867][ T5265] ? __pfx_lock_acquire+0x10/0x10 [ 78.494026][ T5265] ? sock_hash_delete_elem+0xb0/0x300 [ 78.499652][ T5265] ? __pfx___local_bh_disable_ip+0x10/0x10 [ 78.506014][ T5265] ? __pfx_lock_acquire+0x10/0x10 [ 78.511546][ T5265] ? __pfx_lock_release+0x10/0x10 [ 78.516778][ T5265] ? sock_hash_delete_elem+0xb0/0x300 [ 78.522447][ T5265] _raw_spin_lock_bh+0x35/0x50 [ 78.527333][ T5265] ? sock_hash_delete_elem+0xb0/0x300 [ 78.533025][ T5265] sock_hash_delete_elem+0xb0/0x300 [ 78.539481][ T5265] ? bpf_trace_run4+0x244/0x580 [ 78.544449][ T5265] bpf_prog_2c29ac5cdc6b1842+0x42/0x46 [ 78.550367][ T5265] bpf_trace_run4+0x334/0x580 [ 78.555422][ T5265] ? __pfx_bpf_trace_run4+0x10/0x10 [ 78.560899][ T5265] ? psi_task_switch+0x3a7/0x770 [ 78.566403][ T5265] __schedule+0x2587/0x4a50 [ 78.572194][ T5265] ? kvm_sched_clock_read+0x11/0x20 [ 78.578766][ T5265] ? __pfx___schedule+0x10/0x10 [ 78.584685][ T5265] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 78.592400][ T5265] ? preempt_schedule+0xe1/0xf0 [ 78.597501][ T5265] preempt_schedule_common+0x84/0xd0 [ 78.603972][ T5265] preempt_schedule+0xe1/0xf0 [ 78.608885][ T5265] ? __pfx_preempt_schedule+0x10/0x10 [ 78.614453][ T5265] ? lockdep_hardirqs_on+0x99/0x150 [ 78.620060][ T5265] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 78.626537][ T5265] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 78.633742][ T5265] preempt_schedule_thunk+0x1a/0x30 [ 78.639199][ T5265] try_to_wake_up+0x9a8/0x1470 [ 78.644723][ T5265] ? __pfx_try_to_wake_up+0x10/0x10 [ 78.650145][ T5265] ? __pfx_lock_release+0x10/0x10 [ 78.655276][ T5265] ? plist_del+0x3f1/0x410 [ 78.660220][ T5265] ? do_raw_spin_unlock+0x13c/0x8b0 [ 78.665616][ T5265] wake_up_q+0xc8/0x120 [ 78.669875][ T5265] futex_wake+0x523/0x5c0 [ 78.674419][ T5265] ? __pfx_futex_wake+0x10/0x10 [ 78.679554][ T5265] do_futex+0x392/0x560 [ 78.684256][ T5265] ? bpf_raw_tracepoint_open+0x1d6/0x240 [ 78.690610][ T5265] ? __pfx_do_futex+0x10/0x10 [ 78.695508][ T5265] ? __pfx___sys_bpf+0x10/0x10 [ 78.700667][ T5265] __se_sys_futex+0x3f9/0x480 [ 78.705348][ T5265] ? __pfx___se_sys_futex+0x10/0x10 [ 78.711078][ T5265] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 78.718054][ T5265] ? do_syscall_64+0x10a/0x240 [ 78.722963][ T5265] ? __x64_sys_futex+0x21/0xf0 [ 78.727892][ T5265] do_syscall_64+0xfb/0x240 [ 78.732628][ T5265] entry_SYSCALL_64_after_hwframe+0x72/0x7a [ 78.738688][ T5265] RIP: 0033:0x7f301fc7dda9 [ 78.743110][ T5265] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 78.762980][ T5265] RSP: 002b:00007f3020973178 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 78.771685][ T5265] RAX: ffffffffffffffda RBX: 00007f301fdac058 RCX: 00007f301fc7dda9 [ 78.779772][ T5265] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f301fdac05c [ 78.787842][ T5265] RBP: 00007f301fdac050 R08: 00007f30209950b0 R09: 00007f30209736c0 [ 78.795826][ T5265] R10: 0000000000000007 R11: 0000000000000246 R12: 00007f301fdac05c [ 78.803809][ T5265] R13: 000000000000006e R14: 00007ffce8c8b8b0 R15: 00007ffce8c8b998 [ 78.811805][ T5265]