last executing test programs: 1m4.827309373s ago: executing program 1: ioctl$SNDRV_PCM_IOCTL_TTSTAMP(0xffffffffffffffff, 0x40044103, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00') r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) mkdir(0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) pipe(&(0x7f0000000240)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000080)=[{&(0x7f0000000180)="1a", 0x1}], 0x1, 0x0) 1m2.648610122s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 1m1.408331511s ago: executing program 1: r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f0000000640)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB, @ANYRESOCT], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) fsetxattr(r3, &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000ec0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r4}, 0x10) r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073790101000000000000000000000000000af7f4f0c55de8ca0000000000000000000000000000000000000000f3c800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000020000000000000030000000000000000000000004119202532aeecfcdb"], 0x138) write$UHID_DESTROY(r5, &(0x7f0000000340), 0x4) fgetxattr(r3, &(0x7f0000000000)=@known='trusted.overlay.upper\x00', 0x0, 0x0) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0xfe44, 0x0) r6 = syz_open_dev$usbfs(&(0x7f00000005c0), 0x76, 0x40a02) ioctl$USBDEVFS_FREE_STREAMS(r6, 0x802c550a, &(0x7f0000000000)=ANY=[]) 1m0.529077399s ago: executing program 1: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x2008082, &(0x7f00000000c0)=ANY=[@ANYBLOB="706172746974696f6e3d30303030303030303030303030303030303030322c696f636861727365743d6575632d6a702c6769643d666f726765742c6e6f7374726963742c646d6f64653d30303030303030303030303030303030303030303030362c706172746974696f6e3d30303030303030303030303030303030303030372c766f6c756d653d30303030303030303030303030303030303030372c6c6f6e6761642c00a99d4bc4263c5e81a484a85bbe9993a007cf30b171b4a51e96e5dc3657a4e73975b046ac45f4d646a73764ecf48aec2a967453a5957da3ce777871b0cf49440e8ad4ddb1d23f6c6272b53730e7796dcc70e512e030b0d0608f73b8b34ea0a21a581f3bf479f730836c3085bb067edca04908e2c8b0242d5f1f7f753b06dfb9c748f2b3558abb78ad7f43aa7703eef9d1cba154b0b824ca641d6770f769634a8d6b092a3d1b6834effc0244dfc71e30436fcba0bfe736481b85b0dd3c6c20a62bd1ad2dd59c94004307d30708d67a"], 0xfc, 0xc3d, &(0x7f0000001ac0)="$eJzs3U9sHNd9B/DfGy5FUm4rJk5Uu42LTVskMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkN22YXnroIUBR9JATgdYokKKB0RRFj2zrAsnFh8KnnogWNoKiB7YIkFPAYGbfiqu/lkJSpKzPx6a+s7Pvzbw3M56RBb15AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE/O6r5068kPa7FQDAw3Rh8isnTnr+A8Bj5aL//wcAAAAAAAAAAAAAgIMuRRFPRorFC5tpuvrcMXi+PX/t+tTY+J2rDaWqZl9VvvwZfOHkqdNffHH0TDfvXX+3PR2vT148V39l4eriUmt5uTVbn5pvzyzMtu57Czutf6uR6gDUr75xbfby5eX6yedP3fT19eEPB544Onx29Nnjz3TLTo2Nj0/2lKn1/9x7v83dRngciiKOR4rnvvej1IyIInZ+LD7i2tlrQ1UnRqpOTI2NVx2ZazfnV8ovJ7oHooio91RqdI/RQzgXO9KIWC2bXzZ4pOze5GJzqXlprlWfaC6ttFfaC/MTqdPasj/1KOJMiliLiI2B2zfXH0XUIsV3jmymSxHR1z0OX6gGBt+9HcUe9vE+lO2s90esFY/AOTvABqKI1yLFj98tYqY8ZvknPhfxWpn/FPF2mS9HpPLCOB3xQXUdDe1zy9kNtSjiz8vzf3YzzVb3g+595fxX61+ev7zQU7Z7X3nknw8P0z3vTfs/7nIwimhW7dhMD/ibnf1vPAAAAAAAAAAAAAAAAMDH2FAU8XSkePU//rAaVxzVuPQjZ0d/b/gXewd4PfUR2ynLPh8Rq8X9jck9lIcQT6SJlPZ5LPHjbDCK+OM8/u9b+90YAAAAAAAAAAAAAAAAAACAx1oR70eKl947ltaid07x9vyV+sXmpbnOrLDduX+7c6ZvbW1t1VMnGzmnc67mXMu5nnMjZxS5fs5GzumcqznXcq7n3MgZfbl+zkbO6ZyrOddyrufcyBm1XD9nI2ct9201f17LuZ5zI2eYVxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNcVUcRPI8W3v76ZIkVEI2I6Ork+0C0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyngVTE9yNF/fcbN9bVIiJV/3YcK385HY1DZX4yGqNlvhyNczmbVdYa39qH9rMz/amIH0aKgcF3bpzwfP77O59uXAbx9je2P/1KrZN93S+HPxx44uiRs6Pjv/bU3ZbTnRowcr49f+16fWpsfHyyZ3Ut7/2TPeuG836L3ek6EbH85ltvNOfmWksWHo+FWmehFru65aGI3d3g7i3UOgv5fhX73p67LDQORjO2F6K699/xns3HRvn8/yBS/NZ7/9l94Hef/7/Q+XTjCR8/+ZPt5/9Lt25oj57/T/aseyn/bqS/FjG4cnWx/2jE4PKbbx1vX21eaV1pzZ8+ceJLo6NfOnWi/1DE4OX2XKtnaceHCgAAAAAAAAAAAAAAAODhSkX8TqRo/nAz1SPiejVea/js6LPHn+mLvmq81U3jtl6fvHiu/srC1cWl1vJya7Y+Nd+eWZht3e/uBqvhXlNj43vSmY80tMftHxp8ZWHxzaX2lT9YueP3hwfPXVpeWWrO3PnrGIoiotG7ZqRq8NTYeNXouXZzvqo6sUsDM/tTEf8VKWZO19Nn87o8/q+M9/t7yvaO/1/tWV8t79H4v0/csp+UivhJpPj8XzwVn63aeThuO2a53N9EipEzn8nl4lBZrtuGznsFOiMDy7L/Fyn+4ac3l+32/cntsi882NE9+MrzfyRSfP/Pvhu/ntfd/P6H7fGfvef/8K0b2qPz/6medYdvel/BjrtOPv/HI8XLT74Tv5HX3ev9H0VsbW19M+JYLnzj/Rx7dP4/3bNuODr7/c3d6z4AAAAAAAAAAMAjqz8V8beR4pnxWnoxr7ufv/83e+uG9ujvf/1yz7rZhzRf0Y4PKgAAAAAcEP2piPcjxZWVd26Moe4Z/33z+M/f3p57fSzd8m3153y/VL03YDf//K/XcN7v9M67DQAAAAAAAAAAAAAAAAAAAAdKSkW8GCk+v/VUNa7+XvOpr0eKV//nuVwuHS3LdeeBH65+HbywMH/83NzcwkxzpXlprlWfXGzOtMq6n4oUm3/9mVy3qOZX784335njfXCrOxf7UqQY/7tu2c5c7N25yTvzgXfmYi/LfiJS/Pff31y2O4/1p7fLnizL/lWk+No/37ns0e2yp8qy340UP/havVv2cFm2+37UzjtJB2sx13p+ZmHutlehAgAAAAAAAAAAAAAAAAAAwIPqT0X8aaT436trsZqH/ef5/7sz8Ne6Zd/+Rs98/7e4Xs3zP1zN/3+35Z9n/v/hXespAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OlIU8VakWLywmdYHys8dg+fb89euT42N37naUKpq9lXly5/BF06eOv3FF0fPdPPe9Xfb0/H65MVz9VcWri4utZaXW7P1qfn2zMJs6763sNP624euY6Q6APWrb1ybvXx5uX7y+VM3fX19+MOBJ44Onx199vgz3bJTY+Pjkz1lav0PsPcHaty2Q1HEX0aK5773o/QvAxFF7PxYfMS1s9eGqk6MVJ2YGhuvOjLXbs6vlF9OdA9EEVHvqdToHqOHcC52pBGxWja/bPBI2b3JxeZS89Jcqz7RXFppr7QX5idSp7Vlf+pRxJkUsRYRGwO3b64/ingjUnznyGb614GIvu5x+MKFya+cOHn3dhR72Mf7ULaz3h+xVjwC5+wAG4gi/jFS/PjdY/FvAxG16PzE5yJe6y34ckQqL4zTER/c4Tri0VSLIv6/PP9nN9O7A+X9oHtfOf/V+pfnLy/0lO3eVw7S82Hrwa/FoV3Y7f074PemwSjiB9UdfzP9u/+uAQAAAAAAAAAAAAAAAA6QIn41Urz03rFUjQ++Maa4PX+lfrF5aa4zrK879q8e8Udlbm1tbdVTJxs5p3Ou5lzLuZ5zI2cUuX7ORs7pnKs513Ku59zIGX25fs5GzumcqznXcq7n3MgZtSq2tra+2alfy/VzruZcq0UUZf38eSNnHJCxewAAAAAAAAAAAAAAAAAAwMdLUf2T4ttf30zVXKqNiOno5Lr5QD/2fhYAAP//SsP61w==") openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) fchdir(r0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 59.270244464s ago: executing program 1: ioctl$SNDRV_PCM_IOCTL_TTSTAMP(0xffffffffffffffff, 0x40044103, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00') r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) mkdir(0x0, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) pipe(&(0x7f0000000240)={0xffffffffffffffff}) vmsplice(r3, &(0x7f0000000080)=[{&(0x7f0000000180)="1a", 0x1}], 0x1, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) symlinkat(&(0x7f0000000140)='mnt/encrypted_dir\x00', 0xffffffffffffffff, &(0x7f0000000180)='./bus\x00') socket$inet_udplite(0x2, 0x2, 0x88) 29.091922273s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000f00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000b00)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549d277ed7fab6b0be29df17f888ccab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fef3eb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9de8d3739a94bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b93fd5ee36c02aa4628511442992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e623667e3b65e4c487055a2e5cd64402a4de537bf113fc7370099e4faebe6ea9d4f155f8f5f4c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2", @ANYRES64], 0xd, 0x2a0, &(0x7f0000000840)="$eJzs3c9qM1UUAPAzSZpGXSSIG0VwQBeuyle3bhrlE8SulAjqQoNtQZJQaCFgBWNXfQKXvoeP4MaNbyC4Fdy1i8rIZGaahKZ/qDGF+vutDnPnnHsyt6SrnPnq9dFg7zCJ0/Pfo9VKorYTO3GRRCdqUfkhGgEAPB0XWRZ/ZQ/JbNRW3w0AsA7F///CY/cCAKzHJ599/lF3d/f5x2nailfbZ+NeEhGjs3GvWO8exDcxjP14Fu24jMiuFPEHH+4+j0aa68Rbo8m4l2eOvvy1rN/9M2Kavx3t6CzP304Lc/mTcW8jXow0ugcbVavteGV5/jtL8qPXjLffnOt/K9rx29dxGMPYizx3lv/9dpq+n/14/t0X+TZ5flKL3ub0vpmsvs5zAQAAAAAAAAAAAAAAAAAAAADgadtK06QY3zOd35NfKufv1C+n61tppbM4n6fIT6pCxXygLMoRPZMsfqrm6zxL0zQrb5zlN+K1hhcLAAAAAAAAAAAAAAAAAAAAQO7425NBfzjcP1pJUE0DqH7W/9A6O3NX3oiTQb9+c8HN++81P20g7/XWm6PRiBU9lruCF/J+Vl55c3a4n0YRVAez0r1efq8oejLop+VS9ZAH/eSuvVrVwf08v9SMf9tYNv2TuMwWz7R11epiVnNFT6P50tKlv7Msu1+dd/8ozqi8kkxHbNxv940yWPoB86B1/Sx+ubngjV8Z9ZV88QAAAAAAAAAAAAAAAAAAANfMfvS7ZPH01tTaf9YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKzZ7P3/VdCKiMUr14JJmXzbPWXQjKPjR/6IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/A/8EwAA//9s0FAH") mkdir(&(0x7f0000000540)='./file0\x00', 0x0) 12.128421019s ago: executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x2}, 0x8) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x20000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 11.220102415s ago: executing program 4: r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ipvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r1], 0x20}}, 0x0) 9.35659618s ago: executing program 4: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@getqdisc={0x24}, 0x24}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 8.838768485s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="18020000fcffffff00000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)=ANY=[@ANYBLOB='\b\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010800000000000000000c00000008000300", @ANYRES32=r1, @ANYBLOB="0a00060008021100000100000c0050800500020000000000"], 0x34}}, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c560906338", 0x3d, 0x0, 0x0, 0x0) socket(0x10, 0x3, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) unshare(0x62040200) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r2, 0x29, 0x41, &(0x7f00000000c0)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000004"], 0x68) 8.741831136s ago: executing program 3: bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x48) 8.335709543s ago: executing program 0: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 7.779047763s ago: executing program 0: r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x48) 7.571592054s ago: executing program 2: socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$unix(r0, &(0x7f0000000a80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=[@rights={{0x10}}], 0x10}, 0x0) 7.546333239s ago: executing program 3: socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'ipvlan0\x00', 0x0}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r0], 0x20}}, 0x0) 7.045597607s ago: executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x1, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffad, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000800), 0x80000002, r0, 0x0, 0x8}, 0x38) 6.885891699s ago: executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @broadcast}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10) r1 = dup(r0) sendmsg$nl_route_sched_retired(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000980)={0x0}}, 0x8040) 6.396618963s ago: executing program 3: mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = socket$inet6(0xa, 0x3, 0x6) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt$inet6_opts(r0, 0x29, 0x45, 0x0, &(0x7f0000000080)) 5.977526179s ago: executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=@getqdisc={0x24}, 0x24}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400}) 5.577004381s ago: executing program 0: r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, 0xffffffffffffffff, 0x0, 0x8ec0, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0xffffffffffffff3e) dup2(0xffffffffffffffff, 0xffffffffffffffff) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000014c0), 0x8e0}}, 0x0) memfd_create(&(0x7f0000000500)='sched_switch\x00', 0x2) r3 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={r4, @in6={{0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0xc}, 0x4}}}, &(0x7f0000000000)=0x84) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_RANGE_OP={0x8}, @NFTA_RANGE_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_NEWOBJ={0x1c, 0x12, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x4}, @NFT_OBJECT_CONNLIMIT=@NFTA_OBJ_TYPE={0x8}}], {0x14}}, 0x98}}, 0x0) 4.998168236s ago: executing program 0: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000600)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) fchdir(r0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 4.200505681s ago: executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080)={0x0, 0x2}, 0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x4}, 0x8) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x20000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 4.118690065s ago: executing program 2: bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='kfree_skb\x00', r2}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000800)='kfree_skb\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, 0x0}, 0x0) 3.897344573s ago: executing program 0: mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x0, &(0x7f0000ffd000/0x1000)=nil) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) semctl$IPC_INFO(0x0, 0x1, 0x3, 0x0) 3.670355725s ago: executing program 4: fcntl$getown(0xffffffffffffffff, 0x9) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) mlockall(0x1) mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ff5000/0x3000)=nil) openat$sysfs(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/class/power_supply', 0x0, 0x0) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETPERSIST(r0, 0x400454ca, 0x0) 3.58284054s ago: executing program 2: openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$unix(0x1, 0x0, 0x0) r0 = mq_open(&(0x7f0000000200)='\\\xa5\xafx\xe6\x04', 0x40, 0x0, 0x0) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x48) capset(0x0, &(0x7f0000000040)) msgrcv(0x0, 0x0, 0x0, 0x0, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PIO_CMAP(0xffffffffffffffff, 0x5450, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r0, 0x8902, &(0x7f0000001440)) 3.057249776s ago: executing program 2: socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'ipvlan0\x00', 0x0}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100000000020000000000000000", @ANYRES32=r0], 0x20}}, 0x0) 2.54183153s ago: executing program 2: timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838) write$P9_RREADDIR(r0, 0x0, 0x0) 539.952191ms ago: executing program 3: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0) write$tun(r0, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0, @ANYRESDEC], 0x15) 0s ago: executing program 3: r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r1, 0x0, 0x0) syz_usb_disconnect(r0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.25' (ED25519) to the list of known hosts. 2024/06/11 16:43:13 fuzzer started 2024/06/11 16:43:14 dialing manager at 10.128.0.169:30024 [ 164.368237][ T5048] cgroup: Unknown subsys name 'net' [ 164.560774][ T5048] cgroup: Unknown subsys name 'rlimit' 2024/06/11 16:44:01 starting 5 executor processes [ 210.379084][ T5043] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 213.684645][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 213.701819][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 213.724738][ T5074] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 213.736188][ T5074] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 213.755826][ T5074] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 213.765569][ T5077] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 213.765582][ T5074] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 213.773447][ T5074] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 213.793551][ T5074] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 213.802100][ T5074] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 213.811425][ T5074] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 213.823382][ T5074] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 213.874714][ T5077] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 213.887737][ T5077] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 213.901723][ T5077] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 213.921906][ T4427] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 213.953995][ T4427] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 213.970812][ T4427] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 213.990738][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 214.031119][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 214.074585][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 214.146595][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 214.172419][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 214.183319][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 214.337292][ T5077] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 214.351678][ T5077] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 214.397302][ T5077] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 214.503247][ T5077] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 214.563080][ T5077] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 214.602203][ T5077] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 214.934424][ T5073] chnl_net:caif_netlink_parms(): no params data found [ 215.558243][ T5070] chnl_net:caif_netlink_parms(): no params data found [ 215.837524][ T5073] bridge0: port 1(bridge_slave_0) entered blocking state [ 215.845335][ T5073] bridge0: port 1(bridge_slave_0) entered disabled state [ 215.852959][ T5073] bridge_slave_0: entered allmulticast mode [ 215.861723][ T5073] bridge_slave_0: entered promiscuous mode [ 215.887014][ T5073] bridge0: port 2(bridge_slave_1) entered blocking state [ 215.894810][ T5073] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.903017][ T5073] bridge_slave_1: entered allmulticast mode [ 215.911930][ T5073] bridge_slave_1: entered promiscuous mode [ 215.951406][ T5077] Bluetooth: hci0: command tx timeout [ 215.951439][ T50] Bluetooth: hci1: command tx timeout [ 215.977992][ T5078] chnl_net:caif_netlink_parms(): no params data found [ 216.051815][ T5077] Bluetooth: hci2: command tx timeout [ 216.280856][ T5077] Bluetooth: hci3: command tx timeout [ 216.296312][ T5073] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 216.331135][ T5081] chnl_net:caif_netlink_parms(): no params data found [ 216.357570][ T5073] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 216.583062][ T5073] team0: Port device team_slave_0 added [ 216.593666][ T5087] chnl_net:caif_netlink_parms(): no params data found [ 216.627118][ T5073] team0: Port device team_slave_1 added [ 216.751978][ T5077] Bluetooth: hci4: command tx timeout [ 216.868902][ T5073] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 216.877822][ T5073] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 216.905410][ T5073] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 217.044945][ T5073] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 217.052334][ T5073] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 217.078755][ T5073] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 217.109441][ T5070] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.119198][ T5070] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.127056][ T5070] bridge_slave_0: entered allmulticast mode [ 217.135995][ T5070] bridge_slave_0: entered promiscuous mode [ 217.197819][ T5078] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.205745][ T5078] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.213752][ T5078] bridge_slave_0: entered allmulticast mode [ 217.223120][ T5078] bridge_slave_0: entered promiscuous mode [ 217.248448][ T5078] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.256235][ T5078] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.264077][ T5078] bridge_slave_1: entered allmulticast mode [ 217.272998][ T5078] bridge_slave_1: entered promiscuous mode [ 217.317433][ T5070] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.325366][ T5070] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.333224][ T5070] bridge_slave_1: entered allmulticast mode [ 217.342178][ T5070] bridge_slave_1: entered promiscuous mode [ 217.557061][ T5073] hsr_slave_0: entered promiscuous mode [ 217.565814][ T5073] hsr_slave_1: entered promiscuous mode [ 217.586728][ T5078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.657624][ T5081] bridge0: port 1(bridge_slave_0) entered blocking state [ 217.665683][ T5081] bridge0: port 1(bridge_slave_0) entered disabled state [ 217.673502][ T5081] bridge_slave_0: entered allmulticast mode [ 217.682517][ T5081] bridge_slave_0: entered promiscuous mode [ 217.707994][ T5070] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 217.730714][ T5078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 217.745590][ T5081] bridge0: port 2(bridge_slave_1) entered blocking state [ 217.753469][ T5081] bridge0: port 2(bridge_slave_1) entered disabled state [ 217.761179][ T5081] bridge_slave_1: entered allmulticast mode [ 217.770284][ T5081] bridge_slave_1: entered promiscuous mode [ 217.796317][ T5070] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.044775][ T5077] Bluetooth: hci0: command tx timeout [ 218.050577][ T5077] Bluetooth: hci1: command tx timeout [ 218.115061][ T50] Bluetooth: hci2: command tx timeout [ 218.127366][ T5081] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.227471][ T5078] team0: Port device team_slave_0 added [ 218.241303][ T5070] team0: Port device team_slave_0 added [ 218.258709][ T5081] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.274798][ T5070] team0: Port device team_slave_1 added [ 218.325739][ T5087] bridge0: port 1(bridge_slave_0) entered blocking state [ 218.333611][ T5087] bridge0: port 1(bridge_slave_0) entered disabled state [ 218.341417][ T5087] bridge_slave_0: entered allmulticast mode [ 218.350169][ T50] Bluetooth: hci3: command tx timeout [ 218.350297][ T5087] bridge_slave_0: entered promiscuous mode [ 218.372469][ T5078] team0: Port device team_slave_1 added [ 218.380340][ T5087] bridge0: port 2(bridge_slave_1) entered blocking state [ 218.388001][ T5087] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.398086][ T5087] bridge_slave_1: entered allmulticast mode [ 218.407087][ T5087] bridge_slave_1: entered promiscuous mode [ 218.578647][ T5070] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.585958][ T5070] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.612368][ T5070] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 218.644363][ T5070] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 218.651695][ T5070] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.678074][ T5070] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 218.697642][ T5081] team0: Port device team_slave_0 added [ 218.714123][ T5081] team0: Port device team_slave_1 added [ 218.838088][ T50] Bluetooth: hci4: command tx timeout [ 218.856646][ T5087] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 218.877595][ T5087] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 218.889776][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 218.897196][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 218.923540][ T5078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.053438][ T5078] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.061404][ T5078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.102521][ T5078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.104657][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 219.120796][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 219.167144][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.174453][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.200855][ T5081] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.221866][ T5087] team0: Port device team_slave_0 added [ 219.231266][ T5081] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.238404][ T5081] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.264866][ T5081] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.354363][ T5087] team0: Port device team_slave_1 added [ 219.452826][ T5070] hsr_slave_0: entered promiscuous mode [ 219.463859][ T5070] hsr_slave_1: entered promiscuous mode [ 219.473980][ T5070] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.481903][ T5070] Cannot create hsr debugfs directory [ 219.536406][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.543772][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.570158][ T5087] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.597512][ T5087] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.605054][ T5087] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.631473][ T5087] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.783007][ T5081] hsr_slave_0: entered promiscuous mode [ 219.793405][ T5081] hsr_slave_1: entered promiscuous mode [ 219.803083][ T5081] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.810876][ T5081] Cannot create hsr debugfs directory [ 219.885164][ T5078] hsr_slave_0: entered promiscuous mode [ 219.895477][ T5078] hsr_slave_1: entered promiscuous mode [ 219.904430][ T5078] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.912459][ T5078] Cannot create hsr debugfs directory [ 220.110273][ T50] Bluetooth: hci1: command tx timeout [ 220.115943][ T5077] Bluetooth: hci0: command tx timeout [ 220.190147][ T50] Bluetooth: hci2: command tx timeout [ 220.211318][ T5073] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 220.298167][ T5087] hsr_slave_0: entered promiscuous mode [ 220.306861][ T5087] hsr_slave_1: entered promiscuous mode [ 220.314921][ T5087] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 220.322893][ T5087] Cannot create hsr debugfs directory [ 220.329255][ T5073] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.363154][ T5073] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.453529][ T50] Bluetooth: hci3: command tx timeout [ 220.463062][ T5073] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.917592][ T50] Bluetooth: hci4: command tx timeout [ 221.248831][ T5078] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 221.357204][ T5078] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 221.377674][ T5078] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 221.453578][ T5078] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 221.651531][ T5070] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 221.701314][ T5070] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 221.737082][ T5070] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 221.756602][ T5081] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 221.829422][ T5070] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 221.850298][ T5081] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 221.922098][ T5081] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 221.962971][ T5081] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 222.001640][ T5087] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 222.064870][ T5087] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 222.195994][ T50] Bluetooth: hci1: command tx timeout [ 222.201953][ T5087] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 222.212134][ T50] Bluetooth: hci0: command tx timeout [ 222.234536][ T5087] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 222.271434][ T5077] Bluetooth: hci2: command tx timeout [ 222.362583][ T5073] 8021q: adding VLAN 0 to HW filter on device bond0 [ 222.513522][ T5077] Bluetooth: hci3: command tx timeout [ 222.731321][ T5073] 8021q: adding VLAN 0 to HW filter on device team0 [ 222.768609][ T780] bridge0: port 1(bridge_slave_0) entered blocking state [ 222.776423][ T780] bridge0: port 1(bridge_slave_0) entered forwarding state [ 222.893183][ T780] bridge0: port 2(bridge_slave_1) entered blocking state [ 222.901053][ T780] bridge0: port 2(bridge_slave_1) entered forwarding state [ 222.998596][ T5077] Bluetooth: hci4: command tx timeout [ 223.067115][ T5073] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 223.078285][ T5073] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 223.294264][ T5081] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.315706][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.542539][ T5070] 8021q: adding VLAN 0 to HW filter on device bond0 [ 223.565474][ T5081] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.582732][ T5078] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.658529][ T4609] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.666322][ T4609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.774404][ T4609] bridge0: port 1(bridge_slave_0) entered blocking state [ 223.782274][ T4609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 223.799069][ T4609] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.806813][ T4609] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.822590][ T4609] bridge0: port 2(bridge_slave_1) entered blocking state [ 223.830383][ T4609] bridge0: port 2(bridge_slave_1) entered forwarding state [ 223.910357][ T5070] 8021q: adding VLAN 0 to HW filter on device team0 [ 223.985904][ T5087] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.122829][ T4609] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.130599][ T4609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.168651][ T4609] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.176521][ T4609] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.306371][ T5078] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 224.317087][ T5078] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 224.425420][ T5087] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.844512][ T4609] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.852371][ T4609] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.867868][ T4609] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.875646][ T4609] bridge0: port 2(bridge_slave_1) entered forwarding state [ 225.146613][ T5087] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 225.157325][ T5087] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 225.218591][ T5073] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.836343][ T5073] veth0_vlan: entered promiscuous mode [ 225.938917][ T5073] veth1_vlan: entered promiscuous mode [ 226.264276][ T5073] veth0_macvtap: entered promiscuous mode [ 226.325030][ T5078] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.357652][ T5073] veth1_macvtap: entered promiscuous mode [ 226.613127][ T5073] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.694880][ T5070] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 226.744751][ T5073] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.816717][ T5073] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.825857][ T5073] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.835010][ T5073] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.844173][ T5073] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.903864][ T5081] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.172504][ T5087] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 227.378146][ T5070] veth0_vlan: entered promiscuous mode [ 227.591715][ T5081] veth0_vlan: entered promiscuous mode [ 227.601959][ T5070] veth1_vlan: entered promiscuous mode [ 227.748272][ T5081] veth1_vlan: entered promiscuous mode [ 227.885554][ T5087] veth0_vlan: entered promiscuous mode [ 228.067008][ T5087] veth1_vlan: entered promiscuous mode [ 228.191747][ T5081] veth0_macvtap: entered promiscuous mode [ 228.213588][ T5070] veth0_macvtap: entered promiscuous mode [ 228.284724][ T5070] veth1_macvtap: entered promiscuous mode [ 228.334478][ T5081] veth1_macvtap: entered promiscuous mode [ 228.497092][ T5087] veth0_macvtap: entered promiscuous mode [ 228.512364][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.523807][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.538860][ T5070] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.614572][ T5087] veth1_macvtap: entered promiscuous mode [ 228.745905][ T5070] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.756807][ T5070] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.772529][ T5070] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.786333][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.797133][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.807351][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.818227][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.845760][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.936092][ T5070] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.945390][ T5070] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.955593][ T5070] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.964685][ T5070] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.998428][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.010632][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.021014][ T5081] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.031789][ T5081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.046633][ T5081] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.059265][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.070704][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.080799][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.092399][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.102700][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 229.113407][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.128706][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 229.195449][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.206188][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.216327][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.227381][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.237478][ T5087] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 229.248189][ T5087] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 229.263124][ T5087] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.320184][ T5081] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.329227][ T5081] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.338508][ T5081] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.347707][ T5081] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.474961][ T5087] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.484226][ T5087] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.493437][ T5087] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.502619][ T5087] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.686241][ T5078] veth0_vlan: entered promiscuous mode [ 229.848905][ T5078] veth1_vlan: entered promiscuous mode [ 230.212908][ T5078] veth0_macvtap: entered promiscuous mode [ 230.302267][ T5078] veth1_macvtap: entered promiscuous mode [ 230.533179][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.545461][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.557065][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.569035][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.579993][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.592797][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.602876][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 230.613598][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.628757][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 230.951389][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.963691][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.973898][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 230.984599][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 230.996718][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.008864][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.018967][ T5078] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 231.029749][ T5078] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 231.044911][ T5078] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 231.285986][ T5078] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.295388][ T5078] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.304643][ T5078] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 231.315602][ T5078] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.041475][ T4245] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.049559][ T4245] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 234.257587][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.265845][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.160820][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.168865][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.489168][ T43] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.497326][ T43] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.614363][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.622611][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.700784][ T2933] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.708743][ T2933] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.940512][ T4420] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 236.948578][ T4420] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.985991][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.006224][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 237.946837][ T8] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 237.959087][ T8] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 238.170317][ T8] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 238.178471][ T8] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 239.153801][ T5274] loop1: detected capacity change from 0 to 8192 [ 239.309523][ T5274] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 241.483212][ C1] net_ratelimit: 2 callbacks suppressed [ 241.483287][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 242.707864][ C0] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies. [ 245.626697][ T5358] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 248.754975][ T5419] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 248.764203][ T5419] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 248.773439][ T5419] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 248.782635][ T5419] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 248.792015][ T5419] vxlan0: entered promiscuous mode [ 248.797356][ T5419] vxlan0: entered allmulticast mode [ 248.977223][ T5419] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 248.987617][ T5419] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 248.997069][ T5419] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 249.006398][ T5419] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 250.673907][ T5445] usb usb5: usbfs: process 5445 (syz-executor.2) did not claim interface 0 before use [ 251.738752][ T5455] loop2: detected capacity change from 0 to 2048 [ 251.937269][ T5455] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 252.227880][ T5463] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 252.282619][ T5463] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 186 with error 28 [ 252.301817][ T5463] EXT4-fs (loop2): This should not happen!! Data will be lost [ 252.301817][ T5463] [ 252.313707][ T5463] EXT4-fs (loop2): Total free blocks count 0 [ 252.320119][ T5463] EXT4-fs (loop2): Free/Dirty block details [ 252.326228][ T5463] EXT4-fs (loop2): free_blocks=2415919104 [ 252.332384][ T5463] EXT4-fs (loop2): dirty_blocks=192 [ 252.337794][ T5463] EXT4-fs (loop2): Block reservation details [ 252.344097][ T5463] EXT4-fs (loop2): i_reserved_data_blocks=12 [ 252.656018][ T5081] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 254.207488][ T5489] Cannot find add_set index 0 as target [ 254.527847][ T5491] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 260.921450][ T5558] syz-executor.1[5558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 260.928932][ T5558] syz-executor.1[5558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.067943][ T5558] syz-executor.1[5558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 261.177733][ T5558] syz-executor.1[5558] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 262.037565][ T5565] syz-executor.2 (pid 5565) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 262.840797][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 262.942722][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 262.951152][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 263.151920][ T43] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 263.183519][ T5570] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 263.405008][ T5572] syz-executor.2 uses obsolete (PF_INET,SOCK_PACKET) [ 263.422404][ T43] usb 2-1: Using ep0 maxpacket: 8 [ 263.447026][ T5572] loop2: detected capacity change from 0 to 16 [ 263.459169][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 263.498899][ T5572] erofs: (device loop2): mounted with root inode @ nid 36. [ 263.803522][ T5576] loop0: detected capacity change from 0 to 256 [ 263.985021][ T5576] ======================================================= [ 263.985021][ T5576] WARNING: The mand mount option has been deprecated and [ 263.985021][ T5576] and is ignored by this kernel. Remove the mand [ 263.985021][ T5576] option from the mount to silence this warning. [ 263.985021][ T5576] ======================================================= [ 264.190573][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 264.202019][ T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 264.212348][ T43] usb 2-1: New USB device found, idVendor=056a, idProduct=4135, bcdDevice= 0.cc [ 264.221803][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 264.255752][ T43] usb 2-1: config 0 descriptor?? [ 264.267267][ T5576] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d) [ 264.543167][ T29] audit: type=1326 audit(1718124296.039:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.672787][ T29] audit: type=1326 audit(1718124296.079:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.699795][ T29] audit: type=1326 audit(1718124296.079:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.724033][ T29] audit: type=1326 audit(1718124296.149:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.747323][ T29] audit: type=1326 audit(1718124296.159:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.770602][ T29] audit: type=1326 audit(1718124296.159:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.796739][ T29] audit: type=1326 audit(1718124296.159:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000 [ 264.821314][ T29] audit: type=1326 audit(1718124296.159:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3bcde7cea9 code=0x7ffc0000 [ 264.844472][ T29] audit: type=1326 audit(1718124296.159:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3bcde7cc0b code=0x7ffc0000 [ 264.867612][ T29] audit: type=1326 audit(1718124296.159:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5567 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3bcde7cc0b code=0x7ffc0000 [ 264.908374][ T5576] syz-executor.0: attempt to access beyond end of device [ 264.908374][ T5576] loop0: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 265.131114][ T43] usbhid 2-1:0.0: can't add hid device: -71 [ 265.138006][ T43] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 265.235464][ T43] usb 2-1: USB disconnect, device number 2 [ 265.378668][ T5584] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 266.363875][ T5586] No such timeout policy "syz0" [ 268.786138][ T5611] loop2: detected capacity change from 0 to 16 [ 268.806453][ T5611] erofs: (device loop2): mounted with root inode @ nid 36. [ 270.172365][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 275.578941][ T5656] loop2: detected capacity change from 0 to 512 [ 275.628045][ T781] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 275.670254][ T5656] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 275.683954][ T5656] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 275.906948][ T5656] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2847: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 275.951413][ T781] usb 4-1: Using ep0 maxpacket: 8 [ 275.976588][ T5656] EXT4-fs (loop2): 1 truncate cleaned up [ 275.982730][ T5656] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 276.249143][ T781] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 276.262137][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 276.275335][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 276.286758][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 276.401139][ T781] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 276.409475][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 276.422398][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 276.433851][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 276.520983][ T781] usb 4-1: config 168 descriptor has 1 excess byte, ignoring [ 276.528619][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 276.540342][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 276.551689][ T781] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 276.561381][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!! [ 276.752702][ T5081] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 276.878320][ T781] usb 4-1: string descriptor 0 read error: -22 [ 276.886340][ T781] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 276.895954][ T781] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 276.961146][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 276.974170][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 277.049101][ T781] adutux 4-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 277.198886][ T5679] loop0: detected capacity change from 0 to 256 [ 277.215437][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 277.235410][ T5679] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 277.257863][ T780] usb 4-1: USB disconnect, device number 2 [ 277.267512][ T5679] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 277.319743][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 277.492718][ T4609] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 277.880595][ T4609] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 277.893475][ T4609] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 277.969624][ T4609] usb 3-1: config 0 descriptor?? [ 279.050994][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 280.250911][ T4609] usb 3-1: Cannot set autoneg [ 280.256249][ T4609] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 280.285885][ T4609] usb 3-1: USB disconnect, device number 2 [ 280.332979][ T5715] loop3: detected capacity change from 0 to 256 [ 280.376554][ T5715] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 280.406880][ T5715] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 280.545106][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 280.552552][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 281.262842][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 285.558463][ T5772] loop0: detected capacity change from 0 to 1024 [ 285.600919][ T5772] hfsplus: unable to parse mount options [ 286.520430][ T4609] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 286.790249][ T4609] usb 1-1: Using ep0 maxpacket: 32 [ 286.940654][ T4609] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 286.949160][ T4609] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 287.191588][ T4609] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 287.201112][ T4609] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 287.212646][ T4609] usb 1-1: Product: syz [ 287.217776][ T4609] usb 1-1: Manufacturer: syz [ 287.222835][ T4609] usb 1-1: SerialNumber: syz [ 287.272776][ T4609] usb 1-1: config 0 descriptor?? [ 287.330530][ T4609] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 287.348097][ T4609] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 287.376767][ T5780] loop3: detected capacity change from 0 to 16 [ 287.457758][ T5780] erofs: (device loop3): mounted with root inode @ nid 36. [ 287.511769][ T5077] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[9000] [ 287.531718][ T5780] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -41 in[4096, 0] out[8192] [ 287.628594][ T29] kauditd_printk_skb: 9 callbacks suppressed [ 287.628666][ T29] audit: type=1800 audit(1718124319.129:21): pid=5780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file3" dev="loop3" ino=89 res=0 errno=0 [ 289.374096][ T5145] usb 1-1: USB disconnect, device number 2 [ 289.448814][ T5145] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 290.218357][ T5145] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 290.520572][ T5145] usb 4-1: Using ep0 maxpacket: 8 [ 290.702573][ T5145] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 290.713514][ T5145] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 290.842909][ T5145] usb 4-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 290.852578][ T5145] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 290.860983][ T5145] usb 4-1: SerialNumber: syz [ 290.982647][ T5145] hub 4-1:1.0: bad descriptor, ignoring hub [ 290.988720][ T5145] hub 4-1:1.0: probe with driver hub failed with error -5 [ 290.996828][ T5145] usb 4-1: bad CDC descriptors [ 291.966079][ T5807] loop0: detected capacity change from 0 to 1024 [ 292.009696][ T5807] ext4: Unknown parameter 'fsuuid' [ 292.150024][ T5798] No such timeout policy "syz0" [ 292.164823][ T5798] netlink: 232 bytes leftover after parsing attributes in process `syz-executor.2'. [ 293.580543][ T780] usb 4-1: USB disconnect, device number 3 [ 295.447981][ T4609] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 295.718296][ T4609] usb 1-1: Using ep0 maxpacket: 32 [ 295.871995][ T4609] usb 1-1: config index 0 descriptor too short (expected 156, got 27) [ 295.880773][ T4609] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 296.090733][ T4609] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 296.100530][ T4609] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 296.109222][ T4609] usb 1-1: Product: syz [ 296.113828][ T4609] usb 1-1: Manufacturer: syz [ 296.120484][ T4609] usb 1-1: SerialNumber: syz [ 296.199115][ T4609] usb 1-1: config 0 descriptor?? [ 296.330244][ T4609] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 296.366860][ T4609] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 296.871267][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 298.163350][ T4609] usb 1-1: USB disconnect, device number 3 [ 298.209952][ T4609] ldusb 1-1:0.0: LD USB Device #0 now disconnected [ 300.723112][ T5926] loop0: detected capacity change from 0 to 256 [ 302.579196][ T5922] sched: RT throttling activated [ 308.066720][ T5953] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 308.477153][ T5957] loop3: detected capacity change from 0 to 512 [ 308.510657][ T5957] EXT4-fs: Ignoring removed oldalloc option [ 308.516857][ T5957] ext4: Unknown parameter 'dont_measure' [ 308.757622][ T780] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 309.040298][ T780] usb 2-1: Using ep0 maxpacket: 32 [ 309.541054][ T780] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 309.552706][ T780] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 309.562912][ T780] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 309.572411][ T780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 309.766388][ T780] hub 2-1:4.0: USB hub found [ 309.974333][ T780] hub 2-1:4.0: config failed, hub has too many ports! (err -19) [ 310.291318][ T4609] usb 2-1: USB disconnect, device number 3 [ 311.260781][ T5957] Cannot find add_set index 0 as target [ 312.565609][ T5980] loop3: detected capacity change from 0 to 512 [ 312.684659][ T5980] Quota error (device loop3): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 312.695801][ T5980] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 312.708270][ T5980] EXT4-fs error (device loop3): ext4_acquire_dquot:6882: comm syz-executor.3: Failed to acquire dquot type 1 [ 312.767069][ T5980] EXT4-fs (loop3): 1 truncate cleaned up [ 312.773183][ T5980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 312.786765][ T5980] ext4 filesystem being mounted at /root/syzkaller-testdir2373590576/syzkaller.yhHjvp/49/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 312.847568][ T5980] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 248: padding at end of block bitmap is not set [ 312.909368][ T5980] Quota error (device loop3): do_check_range: Getting dqdh_entries 1536 out of range 0-14 [ 312.922984][ T5980] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 312.934661][ T5980] EXT4-fs error (device loop3): ext4_acquire_dquot:6882: comm syz-executor.3: Failed to acquire dquot type 1 [ 313.027197][ T5980] EXT4-fs error (device loop3): ext4_lookup:1858: inode #2: comm syz-executor.3: deleted inode referenced: 12 [ 313.060317][ T5980] EXT4-fs error (device loop3): ext4_lookup:1858: inode #2: comm syz-executor.3: deleted inode referenced: 12 [ 313.082445][ T5980] EXT4-fs error (device loop3): ext4_lookup:1858: inode #2: comm syz-executor.3: deleted inode referenced: 12 [ 313.381620][ T5087] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 313.578554][ T5989] loop4: detected capacity change from 0 to 128 [ 313.645338][ T5989] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 313.705991][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.705991][ T5988] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 313.720619][ T5988] Buffer I/O error on dev loop4, logical block 8767744, async page read [ 313.729218][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.729218][ T5988] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 313.748357][ T5988] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 313.757761][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.757761][ T5988] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 313.772660][ T5988] Buffer I/O error on dev loop4, logical block 1157, async page read [ 313.781470][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.781470][ T5988] loop4: rw=0, sector=3211264, nr_sectors = 1 limit=128 [ 313.795990][ T5988] Buffer I/O error on dev loop4, logical block 3211264, async page read [ 313.805431][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.805431][ T5988] loop4: rw=0, sector=8768635, nr_sectors = 1 limit=128 [ 313.820099][ T5988] Buffer I/O error on dev loop4, logical block 8768635, async page read [ 313.828797][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.828797][ T5988] loop4: rw=0, sector=13466417, nr_sectors = 1 limit=128 [ 313.847035][ T5988] Buffer I/O error on dev loop4, logical block 13466417, async page read [ 313.856263][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.856263][ T5988] loop4: rw=0, sector=209285, nr_sectors = 1 limit=128 [ 313.870447][ T5988] Buffer I/O error on dev loop4, logical block 209285, async page read [ 313.880285][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.880285][ T5988] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128 [ 313.894462][ T5988] Buffer I/O error on dev loop4, logical block 8767744, async page read [ 313.903360][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.903360][ T5988] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128 [ 313.917540][ T5988] Buffer I/O error on dev loop4, logical block 13269809, async page read [ 313.926191][ T5988] syz-executor.4: attempt to access beyond end of device [ 313.926191][ T5988] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128 [ 313.941773][ T5988] Buffer I/O error on dev loop4, logical block 1157, async page read [ 314.026455][ T5988] syz-executor.4 (5988) used greatest stack depth: 4664 bytes left [ 314.055614][ T29] audit: type=1800 audit(1718124345.459:22): pid=5988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="/" dev="loop4" ino=2 res=0 errno=0 [ 314.234177][ T5078] sysv_free_block: trying to free block not in datazone [ 314.243887][ T5078] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 320.881634][ T6055] loop3: detected capacity change from 0 to 1024 [ 322.793010][ T6071] loop1: detected capacity change from 0 to 764 [ 322.903423][ T6071] Symlink component flag not implemented [ 322.909288][ T6071] Symlink component flag not implemented (101) [ 323.488889][ T6079] usb usb9: usbfs: process 6079 (syz-executor.1) did not claim interface 0 before use [ 323.838704][ T6085] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.1'. [ 324.899191][ T6095] loop4: detected capacity change from 0 to 764 [ 324.968943][ T6099] loop3: detected capacity change from 0 to 128 [ 324.997059][ T29] audit: type=1800 audit(1718124356.459:23): pid=6099 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file1" dev="sda1" ino=1965 res=0 errno=0 [ 325.029295][ T6095] Symlink component flag not implemented [ 325.043230][ T6095] Symlink component flag not implemented (101) [ 325.044908][ T6099] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x61417272 (sector = 1) [ 325.803572][ T6111] usb usb9: usbfs: process 6111 (syz-executor.4) did not claim interface 0 before use [ 326.796818][ T6123] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.4'. [ 327.386200][ T6137] loop1: detected capacity change from 0 to 512 [ 327.467493][ T6137] EXT4-fs: Ignoring removed mblk_io_submit option [ 327.568041][ T6137] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 327.655625][ T6137] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002e118, mo2=0002] [ 327.725775][ T6137] System zones: 1-12 [ 327.788665][ T6137] EXT4-fs (loop1): 1 truncate cleaned up [ 327.795009][ T6137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 327.795276][ T6145] usb usb9: usbfs: process 6145 (syz-executor.4) did not claim interface 0 before use [ 328.081780][ T5145] libceph: connect (1)[c::]:6789 error -101 [ 328.088190][ T5145] libceph: mon0 (1)[c::]:6789 connect error [ 328.264982][ T6137] ceph: No mds server is up or the cluster is laggy [ 328.994153][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 329.409301][ T3442] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 329.933104][ T3442] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.051067][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 330.063313][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 330.072887][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 330.102464][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 330.128827][ T50] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 330.148126][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 330.174237][ T3442] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.405685][ T3442] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 330.566880][ T6179] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.0'. [ 331.015619][ T3442] bridge_slave_1: left allmulticast mode [ 331.021867][ T3442] bridge_slave_1: left promiscuous mode [ 331.028450][ T3442] bridge0: port 2(bridge_slave_1) entered disabled state [ 331.121036][ T3442] bridge_slave_0: left allmulticast mode [ 331.126987][ T3442] bridge_slave_0: left promiscuous mode [ 331.133769][ T3442] bridge0: port 1(bridge_slave_0) entered disabled state [ 331.331592][ T6192] usb usb9: usbfs: process 6192 (syz-executor.4) did not claim interface 0 before use [ 331.642628][ T6195] loop4: detected capacity change from 0 to 512 [ 331.681114][ T6195] EXT4-fs: Ignoring removed mblk_io_submit option [ 331.696342][ T6195] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 331.725434][ T6195] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002e118, mo2=0002] [ 331.746394][ T6195] System zones: 1-12 [ 331.768346][ T6195] EXT4-fs (loop4): 1 truncate cleaned up [ 331.774739][ T6195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 331.830956][ T781] libceph: connect (1)[c::]:6789 error -101 [ 331.837523][ T781] libceph: mon0 (1)[c::]:6789 connect error [ 332.152806][ T5145] libceph: connect (1)[c::]:6789 error -101 [ 332.159197][ T5145] libceph: mon0 (1)[c::]:6789 connect error [ 332.369248][ T50] Bluetooth: hci3: command tx timeout [ 332.383363][ T6195] ceph: No mds server is up or the cluster is laggy [ 332.416349][ T3442] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 332.454528][ T3442] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 332.491645][ T3442] bond0 (unregistering): Released all slaves [ 332.604114][ T5078] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 333.394766][ T6216] loop0: detected capacity change from 0 to 16 [ 333.459738][ T6216] erofs: (device loop0): mounted with root inode @ nid 36. [ 333.545820][ T6176] chnl_net:caif_netlink_parms(): no params data found [ 334.097428][ T3442] hsr_slave_0: left promiscuous mode [ 334.138042][ T3442] hsr_slave_1: left promiscuous mode [ 334.167198][ T3442] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 334.175200][ T3442] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 334.194765][ T3442] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 334.202865][ T3442] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 334.343012][ T3442] veth1_macvtap: left promiscuous mode [ 334.348881][ T3442] veth0_macvtap: left promiscuous mode [ 334.355052][ T3442] veth1_vlan: left promiscuous mode [ 334.360739][ T3442] veth0_vlan: left promiscuous mode [ 334.430339][ T50] Bluetooth: hci3: command tx timeout [ 334.544402][ T29] audit: type=1326 audit(1718124365.999:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.568887][ T29] audit: type=1326 audit(1718124365.999:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.592738][ T29] audit: type=1326 audit(1718124366.009:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.616657][ T29] audit: type=1326 audit(1718124366.029:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.641525][ T29] audit: type=1326 audit(1718124366.029:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.653016][ T6228] loop1: detected capacity change from 0 to 512 [ 334.664994][ T29] audit: type=1326 audit(1718124366.039:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.694810][ T29] audit: type=1326 audit(1718124366.039:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.718432][ T29] audit: type=1326 audit(1718124366.049:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.719639][ T6228] EXT4-fs: Ignoring removed bh option [ 334.742579][ T29] audit: type=1326 audit(1718124366.119:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.742812][ T29] audit: type=1326 audit(1718124366.149:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 334.906124][ T6228] EXT4-fs (loop1): blocks per group (71) and clusters per group (32768) inconsistent [ 335.820938][ T6234] usb usb9: usbfs: process 6234 (syz-executor.1) did not claim interface 0 before use [ 335.826570][ T3442] team0 (unregistering): Port device team_slave_1 removed [ 335.966744][ T3442] team0 (unregistering): Port device team_slave_0 removed [ 336.514705][ T50] Bluetooth: hci3: command tx timeout [ 336.957320][ T6232] netlink: 6 bytes leftover after parsing attributes in process `syz-executor.3'. [ 338.590259][ T6242] Bluetooth: hci3: command tx timeout [ 338.808571][ T6176] bridge0: port 1(bridge_slave_0) entered blocking state [ 338.816507][ T6176] bridge0: port 1(bridge_slave_0) entered disabled state [ 338.827670][ T6176] bridge_slave_0: entered allmulticast mode [ 338.839723][ T6176] bridge_slave_0: entered promiscuous mode [ 338.931369][ T6176] bridge0: port 2(bridge_slave_1) entered blocking state [ 338.938886][ T6176] bridge0: port 2(bridge_slave_1) entered disabled state [ 338.946763][ T6176] bridge_slave_1: entered allmulticast mode [ 338.954880][ T6176] bridge_slave_1: entered promiscuous mode [ 338.990496][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 338.996971][ T5077] Bluetooth: hci0: command 0x0406 tx timeout [ 339.003400][ T6242] Bluetooth: hci4: command 0x0406 tx timeout [ 339.013364][ T6242] Bluetooth: hci2: command 0x0406 tx timeout [ 339.205709][ T6250] loop3: detected capacity change from 0 to 512 [ 339.237306][ T6250] EXT4-fs: Ignoring removed mblk_io_submit option [ 339.271184][ T6176] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 339.288127][ T6250] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 339.314127][ T6176] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 339.376368][ T6250] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002e118, mo2=0002] [ 339.449442][ T6250] System zones: 1-12 [ 339.484622][ T6250] EXT4-fs (loop3): 1 truncate cleaned up [ 339.491356][ T6250] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 339.540939][ T6176] team0: Port device team_slave_0 added [ 339.563816][ T6176] team0: Port device team_slave_1 added [ 339.677598][ T8] libceph: connect (1)[c::]:6789 error -101 [ 339.685892][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 339.845482][ T6176] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 339.852889][ T6176] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 339.879244][ T6176] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 339.933014][ T6250] ceph: No mds server is up or the cluster is laggy [ 339.963892][ T5126] libceph: connect (1)[c::]:6789 error -101 [ 339.970918][ T5126] libceph: mon0 (1)[c::]:6789 connect error [ 340.067123][ T6176] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 340.074571][ T6176] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 340.100912][ T6176] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 340.214035][ T5087] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 340.612765][ T6176] hsr_slave_0: entered promiscuous mode [ 340.653739][ T6176] hsr_slave_1: entered promiscuous mode [ 340.730088][ T6176] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 340.737872][ T6176] Cannot create hsr debugfs directory [ 342.026854][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 342.034078][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 342.377101][ T6176] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 342.453361][ T6176] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 342.555539][ T6176] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 342.634304][ T6176] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 342.653272][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 342.653344][ T29] audit: type=1326 audit(1718124374.159:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 342.770778][ T29] audit: type=1326 audit(1718124374.209:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 342.793956][ T29] audit: type=1326 audit(1718124374.229:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6272 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe817c7cea9 code=0x7ffc0000 [ 343.166895][ T6279] usb usb9: usbfs: process 6279 (syz-executor.3) did not claim interface 0 before use [ 343.932799][ T6176] 8021q: adding VLAN 0 to HW filter on device bond0 [ 344.093394][ T6176] 8021q: adding VLAN 0 to HW filter on device team0 [ 344.199625][ T5122] bridge0: port 1(bridge_slave_0) entered blocking state [ 344.207414][ T5122] bridge0: port 1(bridge_slave_0) entered forwarding state [ 344.267366][ T6288] loop1: detected capacity change from 0 to 512 [ 344.331891][ T5126] bridge0: port 2(bridge_slave_1) entered blocking state [ 344.339389][ T5126] bridge0: port 2(bridge_slave_1) entered forwarding state [ 344.376287][ T6288] EXT4-fs: Ignoring removed mblk_io_submit option [ 344.426701][ T6288] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 344.567677][ T6288] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002e118, mo2=0002] [ 344.662487][ T6288] System zones: 1-12 [ 344.768037][ T6288] EXT4-fs (loop1): 1 truncate cleaned up [ 344.775471][ T6288] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 344.992392][ T5126] libceph: connect (1)[c::]:6789 error -101 [ 344.998694][ T5126] libceph: mon0 (1)[c::]:6789 connect error [ 345.109753][ T6288] ceph: No mds server is up or the cluster is laggy [ 345.418340][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 346.634216][ T6176] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 346.978740][ T29] audit: type=1326 audit(1718124378.439:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.002822][ T29] audit: type=1326 audit(1718124378.439:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.027620][ T29] audit: type=1326 audit(1718124378.459:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.051224][ T29] audit: type=1326 audit(1718124378.469:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.086719][ T29] audit: type=1326 audit(1718124378.489:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.115695][ T29] audit: type=1326 audit(1718124378.489:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.227565][ T6176] veth0_vlan: entered promiscuous mode [ 347.250925][ T29] audit: type=1326 audit(1718124378.659:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6315 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecd27cea9 code=0x7ffc0000 [ 347.303824][ T6176] veth1_vlan: entered promiscuous mode [ 347.548271][ T6176] veth0_macvtap: entered promiscuous mode [ 347.580826][ T6176] veth1_macvtap: entered promiscuous mode [ 347.788819][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.799686][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.809788][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.820556][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.831889][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.842719][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.852754][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 347.863447][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 347.876789][ T6176] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 348.042751][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.053559][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.063776][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.074452][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.084446][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.095141][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.105184][ T6176] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 348.115855][ T6176] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 348.129170][ T6176] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 348.158473][ T6327] evm: overlay not supported [ 348.275298][ T6328] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 348.400342][ T6176] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.409364][ T6176] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.419119][ T6176] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.428126][ T6176] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 348.688528][ T6334] loop0: detected capacity change from 0 to 512 [ 348.772420][ T6334] EXT4-fs: Ignoring removed mblk_io_submit option [ 348.820468][ T6334] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 348.878260][ T6334] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002e118, mo2=0002] [ 348.908208][ T6334] System zones: 1-12 [ 349.014081][ T6334] EXT4-fs (loop0): 1 truncate cleaned up [ 349.020268][ T6334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 349.069249][ T6342] loop3: detected capacity change from 0 to 128 [ 349.212349][ T6342] loop3: detected capacity change from 128 to 0 [ 349.221561][ C0] I/O error, dev loop3, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 349.232638][ T4609] libceph: connect (1)[c::]:6789 error -101 [ 349.233070][ T6345] FAT-fs (loop3): Directory bread(block 3) failed [ 349.238874][ T4609] libceph: mon0 (1)[c::]:6789 connect error [ 349.245509][ T6345] bio_check_eod: 4 callbacks suppressed [ 349.245576][ T6345] syz-executor.3: attempt to access beyond end of device [ 349.245576][ T6345] loop3: rw=0, sector=4, nr_sectors = 1 limit=0 [ 349.245720][ T6345] FAT-fs (loop3): Directory bread(block 4) failed [ 349.245844][ T6345] syz-executor.3: attempt to access beyond end of device [ 349.245844][ T6345] loop3: rw=0, sector=5, nr_sectors = 1 limit=0 [ 349.245979][ T6345] FAT-fs (loop3): Directory bread(block 5) failed [ 349.246100][ T6345] syz-executor.3: attempt to access beyond end of device [ 349.246100][ T6345] loop3: rw=0, sector=6, nr_sectors = 1 limit=0 [ 349.319844][ T6345] FAT-fs (loop3): Directory bread(block 6) failed [ 349.328326][ T6345] syz-executor.3: attempt to access beyond end of device [ 349.328326][ T6345] loop3: rw=0, sector=1, nr_sectors = 1 limit=0 [ 349.342467][ T6345] FAT-fs (loop3): FAT read failed (blocknr 1) [ 349.358959][ T6342] syz-executor.3: attempt to access beyond end of device [ 349.358959][ T6342] loop3: rw=0, sector=3, nr_sectors = 1 limit=0 [ 349.375456][ T6342] FAT-fs (loop3): Directory bread(block 3) failed [ 349.382325][ T6342] syz-executor.3: attempt to access beyond end of device [ 349.382325][ T6342] loop3: rw=0, sector=4, nr_sectors = 1 limit=0 [ 349.395731][ T6342] FAT-fs (loop3): Directory bread(block 4) failed [ 349.402740][ T6342] syz-executor.3: attempt to access beyond end of device [ 349.402740][ T6342] loop3: rw=0, sector=5, nr_sectors = 1 limit=0 [ 349.416112][ T6342] FAT-fs (loop3): Directory bread(block 5) failed [ 349.422894][ T6342] syz-executor.3: attempt to access beyond end of device [ 349.422894][ T6342] loop3: rw=0, sector=6, nr_sectors = 1 limit=0 [ 349.436510][ T6342] FAT-fs (loop3): Directory bread(block 6) failed [ 349.460816][ T6334] ceph: No mds server is up or the cluster is laggy [ 349.651887][ T6348] syz-executor.3: attempt to access beyond end of device [ 349.651887][ T6348] loop3: rw=0, sector=3, nr_sectors = 1 limit=0 [ 349.665636][ T6348] FAT-fs (loop3): Directory bread(block 3) failed [ 349.675781][ T6348] syz-executor.3: attempt to access beyond end of device [ 349.675781][ T6348] loop3: rw=0, sector=4, nr_sectors = 1 limit=0 [ 349.930821][ T5073] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 350.041948][ T5087] FAT-fs (loop3): unable to read boot sector to mark fs as dirty [ 350.628056][ T4420] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.808550][ T4420] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.080713][ T4420] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.225587][ T4420] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 351.585484][ T4420] bridge_slave_1: left allmulticast mode [ 351.591406][ T4420] bridge_slave_1: left promiscuous mode [ 351.597710][ T4420] bridge0: port 2(bridge_slave_1) entered disabled state [ 351.649142][ T4420] bridge_slave_0: left allmulticast mode [ 351.655525][ T4420] bridge_slave_0: left promiscuous mode [ 351.661882][ T4420] bridge0: port 1(bridge_slave_0) entered disabled state [ 352.780157][ T4420] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 352.899102][ T4420] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 352.979344][ T4420] bond0 (unregistering): Released all slaves [ 353.750292][ T4420] hsr_slave_0: left promiscuous mode [ 353.787518][ T4420] hsr_slave_1: left promiscuous mode [ 353.820769][ T4420] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 353.828834][ T4420] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 353.903292][ T4420] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 353.912814][ T4420] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 353.954026][ T4427] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 353.971572][ T4427] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 353.989677][ T4427] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 353.999512][ T4420] veth1_macvtap: left promiscuous mode [ 354.005463][ T4420] veth0_macvtap: left promiscuous mode [ 354.011473][ T4420] veth1_vlan: left promiscuous mode [ 354.016882][ T4420] veth0_vlan: left promiscuous mode [ 354.027010][ T4427] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 354.038669][ T4427] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 354.048777][ T4427] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 355.312876][ T4420] team0 (unregistering): Port device team_slave_1 removed [ 355.359760][ T4420] team0 (unregistering): Port device team_slave_0 removed [ 355.557144][ T6405] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 356.125821][ T4427] Bluetooth: hci4: command tx timeout [ 356.781635][ T6397] chnl_net:caif_netlink_parms(): no params data found [ 358.191499][ T4427] Bluetooth: hci4: command tx timeout [ 359.035149][ T6397] bridge0: port 1(bridge_slave_0) entered blocking state [ 359.043114][ T6397] bridge0: port 1(bridge_slave_0) entered disabled state [ 359.050968][ T6397] bridge_slave_0: entered allmulticast mode [ 359.060107][ T6397] bridge_slave_0: entered promiscuous mode [ 359.137330][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.146182][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 359.209746][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 359.217954][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 359.380611][ T780] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 359.438913][ T6397] bridge0: port 2(bridge_slave_1) entered blocking state [ 359.447412][ T6397] bridge0: port 2(bridge_slave_1) entered disabled state [ 359.455253][ T6397] bridge_slave_1: entered allmulticast mode [ 359.464454][ T6397] bridge_slave_1: entered promiscuous mode [ 359.691892][ T780] usb 2-1: Using ep0 maxpacket: 8 [ 359.862768][ T6397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 359.884160][ T780] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11 [ 359.884304][ T6397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 359.896144][ T780] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16 [ 359.896301][ T780] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18 [ 360.032381][ T780] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 360.042329][ T780] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 360.050849][ T780] usb 2-1: SerialNumber: syz [ 360.211945][ T6434] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 360.254470][ T6397] team0: Port device team_slave_0 added [ 360.271938][ T4427] Bluetooth: hci4: command tx timeout [ 360.311972][ T780] hub 2-1:1.0: bad descriptor, ignoring hub [ 360.318225][ T780] hub 2-1:1.0: probe with driver hub failed with error -5 [ 360.332204][ T6397] team0: Port device team_slave_1 added [ 360.437617][ T6438] loop4: detected capacity change from 0 to 2048 [ 360.531904][ T6433] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 360.586957][ T6438] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 360.590351][ T6397] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 360.604531][ T6397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 360.634751][ T6397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 360.767853][ T6397] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 360.775274][ T6397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 360.801875][ T6397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 360.965773][ T6438] overlayfs: upper fs needs to support d_type. [ 361.133689][ T6397] hsr_slave_0: entered promiscuous mode [ 361.195725][ T6397] hsr_slave_1: entered promiscuous mode [ 361.264067][ T6397] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 361.272201][ T6397] Cannot create hsr debugfs directory [ 361.601095][ T780] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71 [ 361.702159][ T780] usb 2-1: USB disconnect, device number 4 [ 361.723335][ T6450] usb usb9: usbfs: process 6450 (syz-executor.2) did not claim interface 0 before use [ 362.324278][ T6457] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 362.351631][ T4427] Bluetooth: hci4: command tx timeout [ 362.707939][ T6397] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 362.759478][ T6397] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 362.856026][ T6397] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 362.933313][ T6397] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 363.850874][ T6397] 8021q: adding VLAN 0 to HW filter on device bond0 [ 363.970194][ T6397] 8021q: adding VLAN 0 to HW filter on device team0 [ 364.045768][ T780] bridge0: port 1(bridge_slave_0) entered blocking state [ 364.053606][ T780] bridge0: port 1(bridge_slave_0) entered forwarding state [ 364.142428][ T780] bridge0: port 2(bridge_slave_1) entered blocking state [ 364.150213][ T780] bridge0: port 2(bridge_slave_1) entered forwarding state [ 364.219190][ T6478] loop0: detected capacity change from 0 to 2048 [ 364.362601][ T6478] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 364.592441][ T6478] overlayfs: upper fs needs to support d_type. [ 365.167793][ T6486] usb usb9: usbfs: process 6486 (syz-executor.0) did not claim interface 0 before use [ 366.090644][ T6397] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 367.277860][ T6397] veth0_vlan: entered promiscuous mode [ 367.449679][ T6397] veth1_vlan: entered promiscuous mode [ 368.077703][ T6397] veth0_macvtap: entered promiscuous mode [ 368.195323][ T6397] veth1_macvtap: entered promiscuous mode [ 368.566205][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.577041][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.587269][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.598062][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.608212][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.620495][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.630668][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 368.641439][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.656597][ T6397] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 368.896567][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 368.937114][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.948004][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.958102][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.968802][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 368.978858][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 368.989617][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.002081][ T6397] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 369.013247][ T6397] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 369.033365][ T6397] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 369.139071][ T6397] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.148327][ T6397] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.161756][ T6397] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.171433][ T6397] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 369.693807][ T6520] usb usb9: usbfs: process 6520 (syz-executor.2) did not claim interface 0 before use [ 369.729746][ T6516] loop1: detected capacity change from 0 to 2048 [ 369.838301][ T6516] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 370.116513][ T6516] overlayfs: upper fs needs to support d_type. [ 373.162456][ T6550] pim6reg1: entered promiscuous mode [ 373.168149][ T6550] pim6reg1: entered allmulticast mode [ 373.921485][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4 [ 373.929462][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2 [ 373.937594][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.950893][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.958821][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.970361][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.978283][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.987866][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 373.995865][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.004351][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.012335][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.020317][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.028228][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.036269][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.048768][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.059320][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.067307][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.075283][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.083256][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.091222][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.099129][ T780] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 374.391161][ T780] hid-generic 0000:3000000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 374.398511][ T6562] usb usb9: usbfs: process 6562 (syz-executor.2) did not claim interface 0 before use [ 375.253426][ T6578] loop1: detected capacity change from 0 to 2048 [ 375.317685][ T6578] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 375.545972][ T6578] overlayfs: upper fs needs to support d_type. [ 376.532823][ T5145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.541108][ T5145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 376.753259][ T3442] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 376.761674][ T3442] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 379.672941][ T6605] usb usb9: usbfs: process 6605 (syz-executor.3) did not claim interface 0 before use [ 381.346926][ T6618] loop4: detected capacity change from 0 to 2048 [ 381.491586][ T6618] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 381.712043][ T6618] overlayfs: upper fs needs to support d_type. [ 383.032121][ T6638] usb usb9: usbfs: process 6638 (syz-executor.2) did not claim interface 0 before use [ 384.456042][ T6657] loop3: detected capacity change from 0 to 128 [ 386.994610][ T6667] loop3: detected capacity change from 0 to 2048 [ 387.170944][ T6667] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 387.374029][ T6667] overlayfs: upper fs needs to support d_type. [ 387.761136][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 387.761210][ T29] audit: type=1800 audit(1718124419.219:49): pid=6679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1951 res=0 errno=0 [ 388.035620][ T6683] usb usb9: usbfs: process 6683 (syz-executor.3) did not claim interface 0 before use [ 389.000030][ T6701] loop3: detected capacity change from 0 to 128 [ 393.224744][ T6717] loop4: detected capacity change from 0 to 2048 [ 393.328370][ T6717] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 393.671375][ T6717] overlayfs: upper fs needs to support d_type. [ 394.101127][ T6721] 9pnet_fd: Insufficient options for proto=fd [ 394.773090][ T6724] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 394.782177][ T6724] netlink: 'syz-executor.4': attribute type 39 has an invalid length. [ 394.929296][ T6724] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 394.942003][ T6724] netlink: 'syz-executor.4': attribute type 39 has an invalid length. [ 395.880639][ T6741] loop3: detected capacity change from 0 to 128 [ 398.516184][ T6755] loop2: detected capacity change from 0 to 2048 [ 398.610555][ T6755] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 398.830862][ T6755] overlayfs: upper fs needs to support d_type. [ 402.152486][ T6796] loop3: detected capacity change from 0 to 2048 [ 402.240008][ T6796] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 402.585326][ T6796] overlayfs: upper fs needs to support d_type. [ 403.462010][ T6810] loop0: detected capacity change from 0 to 16 [ 403.483187][ T1221] ieee802154 phy0 wpan0: encryption failed: -22 [ 403.489826][ T1221] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.514871][ T6810] erofs: (device loop0): mounted with root inode @ nid 36. [ 403.787588][ T6804] loop2: detected capacity change from 0 to 40427 [ 403.807074][ T6804] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 403.815370][ T6804] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 403.872503][ T6804] F2FS-fs (loop2): Found nat_bits in checkpoint [ 404.103010][ T6804] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 404.170282][ T6804] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 404.177803][ T6804] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 409.748371][ T6831] loop0: detected capacity change from 0 to 40427 [ 409.852334][ T6831] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 409.860460][ T6831] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 410.215448][ T6831] F2FS-fs (loop0): Found nat_bits in checkpoint [ 410.399518][ T6831] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 410.483190][ T6831] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 410.490667][ T6831] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 410.636029][ T29] audit: type=1326 audit(1718124442.009:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.659438][ T29] audit: type=1326 audit(1718124442.009:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.682926][ T29] audit: type=1326 audit(1718124442.019:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.918526][ T29] audit: type=1326 audit(1718124442.249:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.942198][ T29] audit: type=1326 audit(1718124442.259:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.965413][ T29] audit: type=1326 audit(1718124442.259:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 410.988618][ T29] audit: type=1326 audit(1718124442.259:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6835 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f206067cea9 code=0x7ffc0000 [ 412.993472][ T50] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 413.003375][ T50] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 413.013252][ T50] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 413.028052][ T50] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 413.040062][ T50] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 413.052081][ T50] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 413.509339][ T6846] loop3: detected capacity change from 0 to 1024 [ 413.984950][ T6846] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 414.064654][ T6846] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 414.204120][ T6846] EXT4-fs (loop3): orphan cleanup on readonly fs [ 414.253281][ T6846] EXT4-fs error (device loop3): ext4_free_blocks:6576: comm syz-executor.3: Freeing blocks not in datazone - block = 0, count = 4096 [ 414.532108][ T6846] EXT4-fs (loop3): 1 orphan inode deleted [ 414.538062][ T6846] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 414.815315][ T6397] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 415.164563][ T50] Bluetooth: hci5: command tx timeout [ 415.168026][ T6842] chnl_net:caif_netlink_parms(): no params data found [ 415.424164][ T6858] loop2: detected capacity change from 0 to 2048 [ 415.660712][ T6858] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 415.915897][ T6858] overlayfs: upper fs needs to support d_type. [ 416.964965][ T6842] bridge0: port 1(bridge_slave_0) entered blocking state [ 416.972884][ T6842] bridge0: port 1(bridge_slave_0) entered disabled state [ 416.980739][ T6842] bridge_slave_0: entered allmulticast mode [ 416.989838][ T6842] bridge_slave_0: entered promiscuous mode [ 417.092786][ T6842] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.100648][ T6842] bridge0: port 2(bridge_slave_1) entered disabled state [ 417.108512][ T6842] bridge_slave_1: entered allmulticast mode [ 417.117757][ T6842] bridge_slave_1: entered promiscuous mode [ 417.235409][ T50] Bluetooth: hci5: command tx timeout [ 417.468677][ T6842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 417.561693][ T6842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 417.921508][ T6842] team0: Port device team_slave_0 added [ 418.035476][ T4245] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.128297][ T6842] team0: Port device team_slave_1 added [ 418.209305][ T4245] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 418.918657][ T4245] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.316373][ T50] Bluetooth: hci5: command tx timeout [ 419.347871][ T4245] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 419.485271][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 419.492622][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 419.522838][ T6842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 419.980774][ T6842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 419.988111][ T6842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 420.014410][ T6842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 420.071362][ T4245] bridge_slave_1: left allmulticast mode [ 420.077396][ T4245] bridge_slave_1: left promiscuous mode [ 420.084218][ T4245] bridge0: port 2(bridge_slave_1) entered disabled state [ 420.283238][ T4245] bridge_slave_0: left allmulticast mode [ 420.289264][ T4245] bridge_slave_0: left promiscuous mode [ 420.296494][ T4245] bridge0: port 1(bridge_slave_0) entered disabled state [ 421.384347][ T6898] loop0: detected capacity change from 0 to 2048 [ 421.461584][ T4245] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 421.477416][ T50] Bluetooth: hci5: command tx timeout [ 421.521048][ T6898] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 421.604936][ T4245] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 421.789962][ T4245] bond0 (unregistering): Released all slaves [ 421.843338][ T6898] overlayfs: upper fs needs to support d_type. [ 422.832816][ T6842] hsr_slave_0: entered promiscuous mode [ 422.917952][ T6842] hsr_slave_1: entered promiscuous mode [ 423.007200][ T6842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 423.016359][ T6842] Cannot create hsr debugfs directory [ 423.568399][ T4245] hsr_slave_0: left promiscuous mode [ 423.621698][ T4245] hsr_slave_1: left promiscuous mode [ 423.670962][ T4245] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 423.678902][ T4245] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 423.767172][ T4245] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 423.775007][ T4245] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 423.862381][ T4245] veth1_macvtap: left promiscuous mode [ 423.868132][ T4245] veth0_macvtap: left promiscuous mode [ 423.875266][ T4245] veth1_vlan: left promiscuous mode [ 423.880953][ T4245] veth0_vlan: left promiscuous mode [ 424.981210][ T4245] team0 (unregistering): Port device team_slave_1 removed [ 425.092441][ T4245] team0 (unregistering): Port device team_slave_0 removed [ 426.171907][ T6931] loop2: detected capacity change from 0 to 2048 [ 426.287211][ T6931] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 426.437514][ T6931] overlayfs: upper fs needs to support d_type. [ 427.737495][ T6842] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 427.850083][ T6842] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 427.911189][ T6842] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 427.974655][ T6842] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 429.520853][ T6842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 429.701822][ T6842] 8021q: adding VLAN 0 to HW filter on device team0 [ 429.802802][ T43] bridge0: port 1(bridge_slave_0) entered blocking state [ 429.810599][ T43] bridge0: port 1(bridge_slave_0) entered forwarding state [ 429.928519][ T43] bridge0: port 2(bridge_slave_1) entered blocking state [ 429.936637][ T43] bridge0: port 2(bridge_slave_1) entered forwarding state [ 432.139513][ T6842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 432.583606][ T6842] veth0_vlan: entered promiscuous mode [ 432.728579][ T6842] veth1_vlan: entered promiscuous mode [ 433.080579][ T6842] veth0_macvtap: entered promiscuous mode [ 433.196126][ T6842] veth1_macvtap: entered promiscuous mode [ 433.343476][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 433.354554][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.364687][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 433.375442][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.385646][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 433.396496][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.406650][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 433.417395][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.432396][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 433.637113][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.651022][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.662018][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.672789][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.683035][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.693806][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.703923][ T6842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 433.714682][ T6842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 433.729606][ T6842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 433.962420][ T6842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.971638][ T6842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.980884][ T6842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 433.990019][ T6842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 434.928522][ T6992] kernel profiling enabled (shift: 25) [ 435.755855][ T781] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 435.949910][ C0] ===================================================== [ 435.957127][ C0] BUG: KMSAN: uninit-value in profile_tick+0x1ae/0x1b0 [ 435.964176][ C0] profile_tick+0x1ae/0x1b0 [ 435.968877][ C0] tick_nohz_handler+0x588/0x690 [ 435.974006][ C0] __hrtimer_run_queues+0x56f/0xe40 [ 435.979403][ C0] hrtimer_interrupt+0x3ab/0x1490 [ 435.984612][ C0] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 435.990713][ C0] sysvec_apic_timer_interrupt+0x7e/0x90 [ 435.996547][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.002725][ C0] _raw_spin_unlock_irqrestore+0x33/0x60 [ 436.008513][ C0] folio_batch_move_lru+0x634/0x6a0 [ 436.013888][ C0] lru_add_drain_cpu+0xb9/0x510 [ 436.018908][ C0] lru_add_drain+0x46/0xc0 [ 436.023486][ C0] unmap_region+0x83/0x390 [ 436.028059][ C0] do_vmi_align_munmap+0x113d/0x1ae0 [ 436.033508][ C0] do_vmi_munmap+0x421/0x4a0 [ 436.038250][ C0] mmap_region+0x94d/0x4320 [ 436.042903][ C0] do_mmap+0xd8f/0x1960 [ 436.047215][ C0] vm_mmap_pgoff+0x226/0x4e0 [ 436.051959][ C0] ksys_mmap_pgoff+0x16e/0x7a0 [ 436.056876][ C0] __x64_sys_mmap+0x1a8/0x240 [ 436.061716][ C0] x64_sys_call+0x1bbf/0x3b50 [ 436.066575][ C0] do_syscall_64+0xcf/0x1e0 [ 436.071336][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.077406][ C0] [ 436.079798][ C0] Local variable tmp_list created at: [ 436.085244][ C0] uprobe_mmap+0x44/0x24d0 [ 436.089801][ C0] vma_complete+0x140a/0x14e0 [ 436.094627][ C0] [ 436.097046][ C0] CPU: 0 PID: 6997 Comm: modprobe Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 436.106659][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 436.116834][ C0] ===================================================== [ 436.123843][ C0] Disabling lock debugging due to kernel taint [ 436.130073][ C0] Kernel panic - not syncing: kmsan.panic set ... [ 436.136577][ C0] CPU: 0 PID: 6997 Comm: modprobe Tainted: G B 6.9.0-syzkaller-02707-g614da38e2f7a #0 [ 436.147670][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 436.157849][ C0] Call Trace: [ 436.161219][ C0] [ 436.164151][ C0] dump_stack_lvl+0x216/0x2d0 [ 436.169017][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.174994][ C0] dump_stack+0x1e/0x30 [ 436.179318][ C0] panic+0x4e2/0xcd0 [ 436.183387][ C0] ? kmsan_get_metadata+0xf1/0x1d0 [ 436.188672][ C0] kmsan_report+0x2d5/0x2e0 [ 436.193329][ C0] ? update_load_avg+0x1a35/0x29b0 [ 436.198602][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.203955][ C0] ? __msan_warning+0x95/0x120 [ 436.208856][ C0] ? profile_tick+0x1ae/0x1b0 [ 436.213713][ C0] ? tick_nohz_handler+0x588/0x690 [ 436.218996][ C0] ? __hrtimer_run_queues+0x56f/0xe40 [ 436.224533][ C0] ? hrtimer_interrupt+0x3ab/0x1490 [ 436.229897][ C0] ? __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 436.236153][ C0] ? sysvec_apic_timer_interrupt+0x7e/0x90 [ 436.242131][ C0] ? asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.248472][ C0] ? _raw_spin_unlock_irqrestore+0x33/0x60 [ 436.254441][ C0] ? folio_batch_move_lru+0x634/0x6a0 [ 436.259998][ C0] ? lru_add_drain_cpu+0xb9/0x510 [ 436.265191][ C0] ? lru_add_drain+0x46/0xc0 [ 436.269951][ C0] ? unmap_region+0x83/0x390 [ 436.274712][ C0] ? do_vmi_align_munmap+0x113d/0x1ae0 [ 436.280347][ C0] ? do_vmi_munmap+0x421/0x4a0 [ 436.285275][ C0] ? mmap_region+0x94d/0x4320 [ 436.290101][ C0] ? do_mmap+0xd8f/0x1960 [ 436.294588][ C0] ? vm_mmap_pgoff+0x226/0x4e0 [ 436.299505][ C0] ? ksys_mmap_pgoff+0x16e/0x7a0 [ 436.304607][ C0] ? __x64_sys_mmap+0x1a8/0x240 [ 436.309631][ C0] ? x64_sys_call+0x1bbf/0x3b50 [ 436.314665][ C0] ? do_syscall_64+0xcf/0x1e0 [ 436.319521][ C0] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.325772][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.331748][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.337098][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.343065][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.348411][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.354383][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.359731][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.365699][ C0] __msan_warning+0x95/0x120 [ 436.370426][ C0] profile_tick+0x1ae/0x1b0 [ 436.375103][ C0] ? folio_batch_move_lru+0x634/0x6a0 [ 436.380664][ C0] tick_nohz_handler+0x588/0x690 [ 436.385792][ C0] ? __pfx_tick_nohz_handler+0x10/0x10 [ 436.391432][ C0] __hrtimer_run_queues+0x56f/0xe40 [ 436.396830][ C0] hrtimer_interrupt+0x3ab/0x1490 [ 436.402036][ C0] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 436.407676][ C0] ? __pfx_hrtimer_interrupt+0x10/0x10 [ 436.413310][ C0] __sysvec_apic_timer_interrupt+0xa6/0x3a0 [ 436.419407][ C0] sysvec_apic_timer_interrupt+0x7e/0x90 [ 436.425220][ C0] [ 436.428236][ C0] [ 436.431256][ C0] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 436.437466][ C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x33/0x60 [ 436.444072][ C0] Code: 56 53 49 89 f6 48 89 fb e8 ca 48 bf f2 48 89 df e8 d2 3a bf f2 c6 00 00 c6 03 00 41 f7 c6 00 02 00 00 74 01 fb be 04 00 00 00 <48> c7 c7 08 5d 0a 00 e8 e1 3c bf f2 65 ff 0d 92 95 85 70 74 09 5b [ 436.463856][ C0] RSP: 0018:ffff8880412c7648 EFLAGS: 00000206 [ 436.470061][ C0] RAX: ffff8880bb9ba050 RBX: ffff8881005ba050 RCX: 00000001001ba050 [ 436.478163][ C0] RDX: ffff8881001ba050 RSI: 0000000000000004 RDI: ffff8881005ba050 [ 436.486261][ C0] RBP: ffff8880412c7658 R08: ffffea000000000f R09: 0000000000000000 [ 436.494357][ C0] R10: ffff8880bb9ba050 R11: ffffffff8207fb10 R12: ffffea00015fd4c0 [ 436.502463][ C0] R13: 0000000000000000 R14: 0000000000000282 R15: 0000000000000282 [ 436.510559][ C0] ? __pfx_lru_add_fn+0x10/0x10 [ 436.515606][ C0] ? _raw_spin_unlock_irqrestore+0x1e/0x60 [ 436.521587][ C0] folio_batch_move_lru+0x634/0x6a0 [ 436.526972][ C0] ? __pfx_lru_add_fn+0x10/0x10 [ 436.531991][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.537356][ C0] lru_add_drain_cpu+0xb9/0x510 [ 436.542380][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.547733][ C0] lru_add_drain+0x46/0xc0 [ 436.552324][ C0] unmap_region+0x83/0x390 [ 436.556929][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.562277][ C0] ? kmsan_get_shadow_origin_ptr+0x4d/0xb0 [ 436.568244][ C0] do_vmi_align_munmap+0x113d/0x1ae0 [ 436.573739][ C0] do_vmi_munmap+0x421/0x4a0 [ 436.578505][ C0] mmap_region+0x94d/0x4320 [ 436.583214][ C0] do_mmap+0xd8f/0x1960 [ 436.587542][ C0] vm_mmap_pgoff+0x226/0x4e0 [ 436.592303][ C0] ksys_mmap_pgoff+0x16e/0x7a0 [ 436.597222][ C0] ? kmsan_get_metadata+0x146/0x1d0 [ 436.602582][ C0] __x64_sys_mmap+0x1a8/0x240 [ 436.607442][ C0] x64_sys_call+0x1bbf/0x3b50 [ 436.612303][ C0] do_syscall_64+0xcf/0x1e0 [ 436.616993][ C0] ? clear_bhb_loop+0x25/0x80 [ 436.621852][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 436.627927][ C0] RIP: 0033:0x7f255dc9bb74 [ 436.632469][ C0] Code: 63 08 44 89 e8 5b 41 5c 41 5d c3 41 89 ca 41 f7 c1 ff 0f 00 00 74 0c c7 05 f5 46 01 00 16 00 00 00 eb 17 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 0c f7 d8 89 05 dc 46 01 00 48 83 c8 ff c3 0f [ 436.652242][ C0] RSP: 002b:00007ffd552ec898 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 436.660806][ C0] RAX: ffffffffffffffda RBX: 00007ffd552ec948 RCX: 00007f255dc9bb74 [ 436.668903][ C0] RDX: 0000000000000003 RSI: 0000000000001610 RDI: 00007f255d9f2000 [ 436.676991][ C0] RBP: 00007ffd552ecc70 R08: 00000000ffffffff R09: 0000000000000000 [ 436.685078][ C0] R10: 0000000000000032 R11: 0000000000000246 R12: 00007f255dc78fc0 [ 436.693168][ C0] R13: 00007ffd552eccf8 R14: 00007f255d9f3610 R15: 00007f255d9f2000 [ 436.701635][ C0] [ 436.704958][ C0] Kernel Offset: disabled [ 436.709330][ C0] Rebooting in 86400 seconds..