last executing test programs: 4.577173546s ago: executing program 5: r0 = syz_mount_image$msdos(&(0x7f0000002280), &(0x7f0000000200)='./file0\x00', 0x8, &(0x7f00000022c0)=ANY=[], 0x1, 0x206, &(0x7f0000002040)="$eJzs289qE10UAPAzbdpv+nVhF65EYcCNq6A+gUEqiAEhkoWuDFQ3rQjpJgpin8e1D+HLuOlCsotMZmj+tAXTMZkQfz8Y7uGeueHcRXLu4ubt3Q/HRx9P3+98OY80yWIr4kkMIw7yqJSUYzqOd2NGElX8qrQaALiRTqfXqrsGlqvfb/VuR8T+pUz3Wy0FAQAAAAAAAAAAUNki9/+3Ir7O3/8/W3G9AEB17v9vrr1y7PdbvXvF+W2O+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAfYaj0a1R/qTlWD7/RUQaEXsR8X9ENCIin6+7XgCguuFotu9f1/8jIokI/R8ANsCr129etNrtw06WpRE/zwbdQbcYi/yz5+3Dh9nYwWTV+WDQ3b7IPyry2Wx+Z3xuyPOPr8zvxoP7RT7PPX3Znsvvx9Hytw8A/6RmdmGqv2+XT0SzeVU+789FNHU+mOvfjbjTWNk2AIAFnH76fNw7OXnXrx7kHzc1kyy2fK8s6Pp3vjf+WqmCmwQ/krUoY22CNNaijMWD9E9ervd3CVi+yZd+MrdTZ0EAAAAAAAAAAAAAAMAlq/jLUd17BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg8/wOAAD//38uTsA=") syz_mount_image$vfat(&(0x7f0000000a40), &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYRES8, @ANYRES16, @ANYRESHEX=r0, @ANYRESOCT=0x0, @ANYRES16, @ANYRES64], 0x5, 0x35a, &(0x7f0000000b00)="$eJzs3c9rI2UYwPEnaTa/lm1yEEVB+qAXvQxt9KwG2QUx4NLdiLuCMLudaMiYlEyoRMTWk1fx5j8guOxxbwX1H+jFWwXx4q2XgqBFxJH51ebHJGnSlLTb7wdKnsn7PpP3TUJ43oF5e/DBN582ao5RMzuSzKokRESORIqSlEgifEz6cVp67cir1//cf/HOvfvvliuVm+uqt8p3Xyup6vLKj599kQu77WZkr/jRwWHpj71n954/+O/uJ3VH6442Wx019UHr9475wLZ0o+40DNXbtmU6ltabjtUO2ltBe81ubW521Wxu3Mhvti3HUbPZ1YbV1U5LO+2umh+b9aYahqE38nK1ZGfIqT5aXzfLM77gwxnzMG//uK47prndLptLIkZuqKX66FzHBQAALqSB+v+7qEYoSvK4oEz0rQWG6/8o9ut/b7FwUv8/funnzvX3nyyH9f9uOq7+f/3XIL+v/vdefe71/w8Dx8MV0aW3PU3nM9X/uBhW0kNPJfqOvPo/H67ffV99+HjVD6j/AQAAAAAAAAAAAAAAAAAAAAC4DI5ct+C6biF6jP5ObiEIj6OjcTca49IZ9flnwh0Fjr8PeCrduXdfsv6Ne6llEfvrrepWNXgM26OOq1KQf/3vQyjYcGLHb1RPUX6yt8P87a3qkt9SFlGxxZI1KUixL9+Pb71Tubmmgf78RCrv5dek7ueXpCDPxOeXYvPT8srLPfmGFOSXh9ISWzbC37Eo/8s11bffqwzk5/x+cd48/48FAAAAAIC5MlSz4fI5dv1uGKpx7d5aXnrX58PXB47X16ux6/NU4YXUYucOAAAAAMBV4aQ/b5i2bbWd7sggJ5P6ZMKzjT9PfJCaprMX7PvBtXF9lnpm2NsU7ZQal5UO/4PGFIMPziNHwQWP02T9lZHYNzN2YNkzvKumHc3/FJ2z034EbScZ+x5OCla88ehM0+kJostGo/rI7VnPPCqIds79bULn5779/u/ZXiIR7trb2/TGk+yEmfpBYuCZnQlf2kPXnTiea+f1ewMAAABgcaKiP+dEz7y12AEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAFzXWbtBHBoucIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXBT/BwAA//8L3Pjk") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002300)='memory.events\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000b80), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) 3.774167351s ago: executing program 5: r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$read(0xb, r0, &(0x7f0000000400)=""/115, 0x73) 3.231019323s ago: executing program 5: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f0000000340), 0x4) 3.043458232s ago: executing program 5: syz_emit_ethernet(0x96, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaa4c77b99cbb86dd60c61e0000000000000001a13b1000e01f00000000000000ff0200000000000000001a00000000010001c204438e9fe9c2e5a1a533ab2780f1b3b8ed06a7309cd57a9a249f63a797a1ba21dcb762b47e0516397e6c65a9896c22dec95df7816f582de0c34948f53c02f7dd20dc6413b0a69e778cff336413ee0f8affd0c98784142479a19020a75f510f5f8f183d16a0d004d9375569dc005b27338bb391528ccae257e601818116e410ac12ad5290aa0181ce67da9716689f5a66ced9532e81ed1ee1e1614cdf7c60a2cc34e42d87ce8f39121487766d78bd0187b56730e3c39ba229b89472bddd3d8b76948f2c3cbed2540c584f79"], 0x0) 2.897569883s ago: executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000140)=0x1, 0x4) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmsg$inet6(r1, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0xf}}, 0x1c, 0x0, 0x0, &(0x7f0000003700)=ANY=[@ANYBLOB="b0050000000000002900000036"], 0x5b0}, 0x20008001) sendmsg$inet6(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 2.791418369s ago: executing program 1: sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x15, 0x0, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}}, 0x1c}}, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) writev(r1, &(0x7f0000000140)=[{&(0x7f0000000080)="390000001300034700bb5be1c3fbfeff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f0000000100)={@multicast2, @loopback, @empty}, 0xc) 2.751821962s ago: executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@nat={'nat\x00', 0x1b, 0x5, 0x338, 0xf8, 0x0, 0xffffffff, 0xf8, 0x0, 0x440, 0x440, 0xffffffff, 0x440, 0x440, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @multicast1, @rand_addr, @icmp_id}}}}, {{@ip={@empty, @rand_addr, 0x0, 0x0, 'veth1_to_hsr\x00', 'veth0_to_bridge\x00'}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @private}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'veth1_to_hsr\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) 2.726116672s ago: executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4) sendmsg$inet6(r0, &(0x7f0000000580)={&(0x7f0000000080)={0xa, 0x4e22, 0x1000000080000, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000640)=[@rthdr_2292={{0x10, 0x29, 0x3}}], 0x18}, 0x0) 2.6684606s ago: executing program 5: r0 = socket(0x11, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="180100001c000000000000000000000085355634a5b240ceca710000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r1}, 0x10) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.stat\x00', 0x275a, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='signal_generate\x00', r4}, 0xf) write$cgroup_int(r3, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r3, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) getsockopt$bt_BT_SECURITY(r0, 0x107, 0xc, 0x0, 0x20000000) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000200), 0xfb, 0x496, &(0x7f0000000f40)="$eJzs3E1sFFUcAPD/7LagfLUifoCoVTQSP1ooKBxM/EhMPKgx0QMe11IIslBDayKkkWoIXkyUxLvReDHx7MGTJ6OeTLx40LshIYaL4GnN7M6s23Z3uyzbbkt/v2SY97Zv973/zryZN/OYDWDdGkn/SSK2RMQfETEUEYWFBUZqq2tXZyeuX52dSKJSeePvJH1b/HN1diIvmmTrzbXMQLoqXEji+Sb1Tp89d7JULk+eyfJjM6feHZs+e+6pE6dKxyePT54eP3z44IH9h54Zf7oncd6RtnXXB1O7d7781qVXJ45cevvnb5OGRjfG0RuDcb1SrH8nCz3a28r6bmtDOhloW7Sw7I2hYxsjqh11sNr/h6J4YVv9b0Px0kd9bRywrCqVSmW89Z/nKsAtLIl+twDoj/xEn17/5ssKDT1WhSsv1C6A0rivZUvtomegfqE6uOD6tpdmI+LI3L9fpEssy30IAID5fkjHP082G/8V4u6GctuyuaHhbC5le0TcGRE7IuKuiGrZeyLi3husf2RBfvH4p3C5q8A6lI7/ns3mtvIlqzcvMlzMclur8Q8mx06UJ/dl38neGNyY5vc3/fQkYi5d//Zpq/pHGsZ/6ZLWn48Fs3ZcHtg4/z1HSzOlmw48c+XDiF0DzeLPJvCyKbKdEbGryzpOPP7N7vmvFOuppeNvo/08U0cqX0Y8Vtv+c7Eg/lzSfn5y7LYoT+4by/eKxX759eLrreq/qfh7IN3+m5ru//X4h5PG+drpRR+xYak6Lv75cctrmpGI56KL/X9D8ua8yt8vzcyc2R+xIXll8esNN7jzfF4+jX/vnub9f3v8/03cFxHpTnx/RDwQEQ9m2+6hiHg4Iva0if+nFx95p038fd3+kR2hOtr++Xao7Qj1PWKpRPHkj9+3qryz49/Bampv9konx79OG9jldwYAAABrSiEitkRSGK2nC4XR0dr/4d8RmwrlqemZJ45NvXf6aO0ZgeEYLOR3uoayfGT3P4dr+erV93h1HXE+u196ILtv/Hnx9mp+dGKqfLTfwcM6t7lF/0/9Vex364Bl14N5NGCNatf/vzq0gg0BVlz3538jB1jrlujFfrABbmHO4rB+Nev/5/vQDmDltT7/TxoawC2u3sk/66Bww+NeCx/eBNYeJ3lYv5bu/68t1+9fAf3T+VP8qyWRJPNeia8j2r8r6X+bu0h8sjqa0ToRhVXRjK4TpdXRjBtIDHT8qxZnK+dL5fLv391Mpf0+MgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTGfwEAAP//DznkXA==") openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x109180, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='mem_connect\x00', r1}, 0x10) mount(&(0x7f0000000080)=@nullb, &(0x7f00000006c0)='./bus\x00', &(0x7f00000000c0)='ecryptfs\x00', 0x0, &(0x7f0000000040)=',l,io%bfq.io_serviced_recu\xd4\x0f\xe8rsi\x18\xc6\x8b\x8f\x1e\xa1}\xcd\x0f\xb8\xca\xbc(\xa9zm\xd4bE\x7f1\xf4\xc6\xac\b\xd0qd1\v\x98K') 2.583261301s ago: executing program 4: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f0000004d40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$overlay(0x0, &(0x7f00000022c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0) fsetxattr$security_capability(r0, &(0x7f00000000c0), &(0x7f0000000040)=@v2, 0x14, 0x0) ftruncate(r0, 0x0) 2.540025226s ago: executing program 2: syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000200)='./file0\x00', 0x1a10084, &(0x7f0000000280)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d31352c636f6465706167653d63703737352c0063f5bfec90c0575e51077ad31670644610d07fe6556d48fa2ba399def849276b27786a6583c1ea1b2272aab9f6febcf615e51830daf2cac20faf453604c70bb935ad6698f9ec48ce09f0f4681d3e4e495a87221e5cc2fd6546d0159177e315d8c9bf6cf60c811b2f"], 0x4, 0x34b, &(0x7f0000000340)="$eJzs3U9LFGEcB/DvMzuruyk2qSF0tIROonYouiQhEfQGOoRkuoI4GaRBCtHqOaJbEHTs1jnqLdQlegMFgYfoVBfp0MTzzPPMP5+Znd1WV/H7AdfZ2efvPPPMPr8Vd0BEJ9b1ua9vLu3KH1EFUAFwFXCAbQAugLMYqz1a21jZ8BtLRQVVgBrUj9A5xb40i2sNW1aZT+XQPPnMxWByHx2MIAiCby1T/TqUtlDviHDu7+MA/Xp2qtdr0St9h9i67muG/TpZEiMs9rCHxxjqZXOIiKj39Pu/o98lBvX63XGACb0Oz7z/Hzup9c1e79pxJETv/074PBDy+JxWL8Xxngrh5Og7Jkq0lWU9J4L4cKuVopMZANEqqlRtcerLK35jsqkK2ME1LZFsVD0uwXREyWutXrOOW2LTAkV9Lzag+lCVfZhxsFPXu5PtH2m7xg8/8NJe3fynEm0SH8VnMS88vMJStP5zAyEPjjo+XmakwvZP5ZeoeumFqVKjFMfvZ1Ql58wIvH8b97Ked1xrqMi22MhSRHb97pl2vsgJTdTuYaQ/Vgh7N53fO5VrxJprJnr+x5prNJurvlz1G5OLD/zCj1K6xhrRiefithjHT7zDXGL978jUE9g/M0UzTJCa5UKl1GdGYX9clTJnHFPUBL7f1swk5YZ1oG1ufjdbz3APVzC0vrm1uuD7jYelNly0kbjdDTNV4j3BgdVVYiM8EfXpKPfI34k0qMmNKoCuVfo3COxddrG55eCgu1xVXb38Ou7y1uqCmf4ts8sLRG4aNKMCzUuz+YkBzALQe8wVoZN+PY1y9ccFlsr+G6Y79nM+fZ3q+lhsJ/aYqlJpKugvNRnrHdR+68nqgt/JhYiOm8T8HbvT68ZQL8h1lwjjv0S8MqWuOvLBK4hGglaFJ0qczonghtXjqXIRXFRs7jpxwGyEMZetRhVznb8IXMjU6MDUuJ0t1tPtxFH8q2R7f8qQYaiYwxfc5ef/RERERERERERERERERERERERERETHzfqm29b/J3Ty7wTpGndP4BdvEBERERERERERERERERERERERERERERH9n8T9f4GKumNMX/hN3LXDv/+v/o5ur1Li/r/mvhRE1LF/AQAA//8wIFuI") syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000bc0)={[{@nobarrier}, {@nobarrier}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {@nls={'nls', 0x3d, 'cp437'}}, {@umask={'umask', 0x3d, 0x1f}}, {@nls={'nls', 0x3d, 'macromanian'}}]}, 0x3, 0x6a4, &(0x7f0000000100)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.swap.current\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000500), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) 2.214606678s ago: executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) syz_mount_image$iso9660(&(0x7f0000000780), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='map=acorn,sbsector=0x0000000000000000,uid=', @ANYRESDEC=r0, @ANYBLOB="0000b18eb0ea96e8437d91edf772ce16e8f4545927e1e38533740c5b1da10b839e273fa468d364205a63adda5262cda8e690c1049c88d615fd8362cd464a35e122ae29c203d5ce83fd7888eb1f09a8d2739a6ba7f55959926a7fd5ac27fd519b1ddcfd9072f503656169e720fdc2da8c998a8706232e5263a0", @ANYRESDEC=r0, @ANYBLOB="08f4d1e7019f90134bdb1dd1beb49cb85866e71a470ab1351734275ef856cb7fc5725c57a299ea0c9f9adf3e65de984a2db1f33814caea1867692f6dae21fa76fb5f08676a45bfe6200cdc89135f1def498acf2b84b4a29b016efd2680c7e085e735692c3e640dd4cd15dd6141d7e01e6aa392337c7b9aef58061254e8ab79674879fa967b3ba8b75a488eb3f240a42de704c83c9b4e55826d78eec641fdd2c160cdb56d8098f0b4efbd1fa4fe0b1c331a89898ecad342d731d73283c71e6a7777dd773b0c711019e9f08a3f8285dab70eb3f8a710bba7f5bfa1f8703f90dae6dc5956716c", @ANYRESDEC=r0, @ANYRESHEX=r0], 0x1, 0x65c, &(0x7f0000000f80)="$eJzs3VtrG+kdx/HfyLIsuxBKW5YQcniSdItDU0WSNw4ihVYdjezZShoxI7c2FJZ0Yy8hcrZNUmh8s+SmB9i+gb3bm6X0RRR63XfRy8LS3hV6M2VOlm0dnSh2N/v9iFiPZv4zz/+ZcebPWNKMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALLtRLlcstdzO1rYZz274XnvC/GRti7qVNG6N6OqLY/1KVvRPxaIuJpMufmcw+53oxw1dTl5dVjF6KurgG+988/6387ls+QkJvQqF0gzrLKRJGvPsxcHjB/3+7tM5J3LuPKPcDGEbTscNvO+16xuOcQPP1NbXy3c2m4FpugUFO0HPaRvbd3I9zzer9i1TqdXWjFPa8bY6G416y8km3vtBtVxeN+8vpVv2zvulwN50Wy23sxHHRLOjmHvm018kIU69bczeo/7u2rQko6DKLEHVaUHVcrVaqVSrlfW7tbv3yuX80ITyCRqKmPsvLb5i5nfwBl5TLqr//7CklorqaEvbMiMfthry5ak9Yt6iDn+ps/r/7h1nYr9H639W5S8OZl9SXP+vJq+ujqv/Y3I1MvECo+ZYY6a/2uOZXuhAj/VAffW1q6fzWe+1+WX4Zh8bUl5yFciTq7bq2pAjk04xqmld6yrrA22qqUBGTblqyVGgHQXqyVE73ie+HNXjVmRVtm7JqKKaalqTkaOSduRpSx1tqKG6/hOG4Z4exdt9bUKOyoIqswRVJwSNq/+//CTJemr9t0T9f6tlx69ZYoBzF6bn/6d07c1kAwAAAAAA3gQr/uu7Fb93f0VSqKbbcsrnnRYAAAAAAJij+J3/y9HTYtS6ImvM+X949rkBAAAAAID5sOLv2FmSVuIP9VuDb0LN8iGAhTNIEQAAAAAAvKb4/f+rBSmMr712Tdapzv8BAAAAAMBXwB+OXGM/n11jN8ze1s9JCrpL1l//tSR/0XrZ3f6utV+P5tT305ihTwD0mpesC+mFeuOngqT4le1ctq4kQelFMK3kwr7Sl3vTrvVv+ScSKCxkf76YlsB6Pn2lT3U9ibme9vvwIKd4TtLLStNtOSXba92vqF6/kOs5273fPHn0W8k/HOfeo/5u6cOP+w/jXF5Gk17uR3l8ciyd3LRcnivdFldGjnhZzazLP3baK1bcbzkb/4Lq+7mjHc02/t/pRhJzYyV5XjnI9kA8/mI0/kop3mWD0Uej+uzPg9FXTo581I4Yk0UxzuJmEnNz9WbylOWXZvH9BalaGt4H/qI12BbVo1lM3xbWv4e2xZQsom2xFmXxt2hFY7JYO10WQ3sEAM7L3qAKxRcxH77G/sm6+ypHuenV/cfHe3n+WZh84XBByqfvTUzspajoiL4ar1sFxQfW/KXDo+z+9eyIXk7rSlFjjujl16huUV9/GdwDKU17qK78NwzD+5W43z8d9ptU1c+jBT4f22/Qqi5EI7zzfP9X8QXwIx/tfrT7pFpdWy+/Vy7frWoxHkb6RO0BAIww/R47UyOs9w7Pqh/+892kdazifevwIwUlfaiP1ddD3c5uIXBt9FpXjnwM4fbwWWsUuyydjK3o9tizuriWJrE/3yn8KAmKfy4qW+R4pR6sd+2N7gMAAM7ajVraGFOHZ6n/t+Pzbkmrl06ed4+o5SfvEDwutnK2GwIAgK8Rx//SWun93vJ9t/tBpVar1HubjvE9+6fGdxsbjnE7Pce3N+udDcd0fa/n2V7LdH0tuQ0nMMFWt+v5PdP0fNP1AnfbNN2WY9JbvwdOu97puXbQbTn1wDG21+nV7Z5puIFtuls/abnBpuPHCwddx3abrl3vuV7HBN6WbzslYwLHORLoNpxOz226UbNjur7brvs75mdea6vtmIYT2L7b7XnJCrO+3E7T89vxaksKT32jQwAA3kbPXhw8ftDv7z4d14jP6KfEDBqFUSvM+uIdZwAA/j8MV+mximeSEAAAAAAAAAAAAAAAAAAAAAAAGDL9K32nbCyO+rKgdDjl1xdmWo+leSd2mkbu1Rf/+4SY5cMp2eY/GvPyHEaqpJGf/5qXT/O10RGN5XQLzbrUD/eS+LEx0cyRs5YO90V+/v8dosaTL8bMCsMwnLz40vFtWJg0wOONvKSnhdfYBWd/LAJwtv4XAAD//xuxPaM=") syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000640)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 2.099138572s ago: executing program 4: r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[], 0x3c}}, 0x0) write$binfmt_script(r1, &(0x7f0000000100), 0xfecc) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x4000}) 1.636172522s ago: executing program 2: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x14172, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0xf, 0x0, &(0x7f0000000540)) 1.563797415s ago: executing program 1: syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @rand_addr, @remote, {[@timestamp_prespec={0x44, 0x1c, 0x0, 0x3, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}, {@broadcast}]}, @cipso={0x86, 0x6}, @timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}}}}}, 0x0) 1.475290549s ago: executing program 4: socket$inet6(0xa, 0x2, 0x3a) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5) preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000030c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcff7ffa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67e6ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4510555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cace339f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d000000009682e24b92533ac2a997d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f18215523167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3037ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cb8846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966f08294cd6f496e5dee734fe7da3770845cf442d488afd80e170000000000000000000000000000000000000000000000000000052007563885a1105000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb9aaa57a8abef8b64237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2c09000000bfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07000000ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbcbf2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00a40e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2add58ffb25f339297729a7a51810134d3dfbf71f651600eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47547f164391c673b6079e65d7295eed164ca63e4ea26d65f6b3ce0f6591d80dfb8f386bb74b5589829b6b067903000000000000003d9950d48c774eaa35b24fce696af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c80c57ed04dbc574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff559973c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511732f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db55474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a8340000000000000008029be3788dd8422b1ab7b4c9d5b7d8682fd750947109c713108e1386f5843a9ee29af30ecbeb26ff81f0921be501ade32a81aa175f4f8f117fc23b2adb38200f0f360e213534e14fae98502f92017d32f29777b6890ad5a103352dd80f036db18220932a2d26e0f9f807c4eb9ae9ba0b77c54bcf501873ce30286cdd633346bc11ed2259ab31f0bc2630a23738a646833b4d03f0028835f71cee1a5bafec9de0cfe4b5f0197fa9c7f5bcac99dbd85fb924db68d7384d4c5ab1087e4464592f278036d2b81e02a3be90a6b8757ece967569d66c8399796825e80f4dc6b3920ed9813a259de560000000000000000000000000000aeecc3447c907474d2129496fc6f6bc804965f8caaac7e2ef733f77708d618dbeae5352a5bc32d826a1b62cd698b4cfdc74ba5e8f18e808783fd5f32ef793a3069ac0906609aa9ca7dca982d6e903aea749f60beb35e2bee8eb43b8c65f4526c61281d6517f1f6e9741365acdaf8ae916575459f7d14087f826f97c94b09cd1275e576d17f76b39a6ac9e33030d67262209a52012dd9c9c60e45c51dd06ee7ba3d0c53a16070536d583ab8639d4fafe62997819033338a5ea4a5d2b61d05de4d5ad4c8dd0de3b98a1f4d6142851571b8d61715c7cb557373854f7eaf2f4e4bfd3dcb6c1d2e7b0bcb4d896092e90f95a61df4ffeeb64dee29de77fba312943bc53efb61138a5a82f7a828c04faf679edf2fa31cdfc57a2cb7ce03f3cdc40a1a20e82e54d10ce35579d7e065a8840abf4ce792ced89bd4288c8d427000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe0c, 0xffe0, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847fe884700121100632f77fbac14141dac1414", 0x0, 0x71, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.459787985s ago: executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)={0x28, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x3c, 0x0, 0x0, @ipv4=@private}]}, 0x28}], 0x1}, 0x0) 1.447328084s ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000120a0900000000000004000002000000080003520000001608000440000000000900010073797a30000000000800034000000001140000001100010000000000000000000000800ad08022f285bd82b772cb7ba3926de0194ea96c6549c18ff5770740b8e8a9cc1b79a3e7ababa17fe4c7c9abb6b2ef47afd32a5e4107c2808362d3e32a070a418827f7d4271ccddb208a62f44a911e60e0fe0820aa9bed4a4434373db16664835c06a614252df078725a55dd63c36e867dbdfdbad55905e74e000019bfdf81169d66a9"], 0x60}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x68, &(0x7f0000000000)={&(0x7f0000001940)=ANY=[@ANYBLOB="140000001000010000000000e80000000000000a50000000120a09020000000000000000020000000900020073797a3100000000080004400000000f0900010073797a30000000000800034000000001"], 0x74}}, 0x0) unshare(0x400) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000540)={r1, &(0x7f0000000340)="2e411aac06ebd3c67e44cf09dc88f0b7eb35cd12edadbff007e731d2001e55dddface30985122ed1b8504f7ca38c8ac4c519cbce5f6ce9c47c30e315c8733cfbbf897974bd7077abd3805ce4185691", 0x0}, 0x20) r2 = socket$l2tp6(0xa, 0x2, 0x73) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x715101, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000000300)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x1014}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x9, 0x0, r4}, 0x48) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, &(0x7f00000000c0), &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r5}, 0x10) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)) ioctl$SIOCSIFHWADDR(r6, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="010000000100"}) 1.356035368s ago: executing program 1: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x3, 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000140)=[@in6={0xa, 0x4, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x23}, @in6={0xa, 0x4, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}], 0x38) 1.269937824s ago: executing program 2: syz_mount_image$udf(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x100c4, &(0x7f0000000140)=ANY=[], 0x1, 0xbf2, &(0x7f0000000c40)="$eJzs3U9sHNd9B/DfG5IiZbcVEzuK3cbFpi1SmbFc/YupWIW7qmm2AWSZCMXcAnBFrtSFqSVBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokW1dILn4UOTUE9HCRlD0wBYBcgoYzOxbcilRlmyKEml/Pjb13Z19b+a9N+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/cvHU6fSoWwEAPEyXJ7966oz7PwB8olzx//8AAAAAAAAAAAAAAHDQpSjiiUixcHkjTVfvO4Yutdo3b02Nje9e7WiqavZV5cufodNnzp770guj57v5wfUftKfjtckrF2svz99YWGwuLTVna1Pt1sz8bPO+97DX+rcbqQagduP1m7PXri3Vzjx/dsfHt4bfH3z8+PCF0WdPPtMtOzU2Pj7ZU6Z/4CMf/Q53m+FxJIo4GSme+95PUiMiitj7WNzju7PfjladGKk6MTU2XnVkrtVoL5cfTnQHooio9VSqd8foIZyLPalHrJTNLxs8UnZvcqGx2Lg616xNNBaXW8ut+fZE6rS27E8tijifIlYjYn3wzt0NRBH9keI7xzbS1Yjo647DF6uJwXdvR7GPfbwPZTtrAxGrxSE4ZwfYYBTxaqT46TtFzJRjln/iCxGvlvmDiLfKfCkilV+McxHv7fI94nDqjyL+ojz/FzbSbHU96F5XLn2t9pX2tfmest3ryqG/PzxMB/zaNBRFNKor/kb66L/ZAQAAAAAAAAAAAAAAAOBBOxpFPB0pXvmPP67mFUc1L/3YhdE/GP7l3jnjT91jP2XZ5yNipbi/OblH8hTiiTSR0iOeS/xJNhRF/Eme//etR90YAAAAAAAAAAAAAAAAAACAT7QifhwpXnz3RFqN3jXFW+3rtSuNq3OdVWG7a/9210zf3NzcrKVO1nNO51zJuZpzLed6zihy/Zz1nNM5V3Ku5lzLuZ4z+nL9nPWc0zlXcq7mXMu5njP6c/2c9ZzTOVdyruZcy7meMw7I2r0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8nRRTx80jx7W9spEgRUY+Yjk6uDT7q1gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAApcFUxPcjRe0P61vb+iMiVf92nCh/ORf1I2V+OuqjZb4U9Ys5G1X217/1CNrP3gykIn4UKQaH3t464fn8D3TebX0N4q1vbr/71f5O9nU/HH5/8PHjxy6Mjv/6U3d7nXZrwMilVvvmrdrU2Pj4ZM/m/nz0T/dsG87HLR5M14mIpTfefL0xN9dc9MILL7zYevGor0w8DOX9/71I8Tvv/mf3ht+9//9S593WHT5+9qfb9/8Xb9/RPt3/n+jZ9mL+3chAf8TQ8o2FgeMRQ0tvvHmydaNxvXm92T536tSXR0e/fPbUwJGIoWutuWbPqz0PFQAAAAAAAAAAAAAAAMDDlYr4vUjR+NFGqkXErWq+1vCF0WdPPtMXfdV8qx3ztl6bvHKx9vL8jYXF5tJSc7Y21W7NzM827/dwQ9V0r6mx8X3pzD0d3ef2Hx16eX7hjcXW9T9a3vXzx4YuXl1aXmzM7P5xHI0iot67ZaRq8NTYeNXouVajXVWd2HUy3Yc3kIr4r0gxc66WPp+35fl/t8/w3zH/f+X2He3T/L9P9Wwrj5lSET+LFL/9l0/F56t2PhZ3jFku97eRYuT853K5OFKW67ah81yBzszAsuz/RYp//PnOst35kE9slz193wN7SJTn/1ik+P6ffzd+I2/b+fyH3c//Y7fvaJ/O/5M92x7b8byCPXedfP5PRoqXnng7fjNv+6Dnf3SfvXEiF956Psc+nf/P9Gwbzsf9rQfTdQAAAAAAAAAAgENtIBXxd5HimfH+9ELedj9//2/29h3t09//+mzPttmHtF7RngcVAAAAAA6IgVTEjyPF9eW3t+ZQ75z/3TP/83e353+Opds+rf6c71eq5wY8yD//6zWcjzu9924DAAAAAAAAAAAAAAAAAADAgZJSES/k9dSn77Ge+lqkeOV/nsvl0vGyXHcd+OHq16HL8+2TF+fm5mcay42rc83a5EJjplnWfTJSbPzN53LdolpfvbvefGeN9+212Bcjxfjfd8t21mLvrk3+5HbZ02XZT0WK//6HnWW761h/ZrvsmbLsX0eKr//z7mWPb5c9W5b9bqT44ddr3bKPlWW7z0f97HbZ52fm5+54FCoAAAAAAAAAAAAAAAAAAAB8WAOpiD+LFP97Y3VrLn9e/3+g523lrW/2rPd/m1vVOv/D1fr/d3v9Udb/H34w3QQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEMlRRFvRoqFyxtpbbB83zF0qdW+eWtqbHz3akdTVbOvKl/+DJ0+c/bcl14YPd/ND67/oD0dr01euVh7ef7GwmJzaak5W5tqt2bmZ5v3vYe91t8euo6RagBqN16/OXvt2lLtzPNnd3x8a/j9wcePD18YffbkM92yU2Pj45M9ZfoHPsTRP1Tjth2JIv4qUjz3vZ+kfxmMKGLvY3GP785+O1p1YqTqxNTYeNWRuVajvVx+ONEdiCKi1lOp3h2jh3Au9qQesVI2v2zwSNm9yYXGYuPqXLM20Vhcbi235tsTqdPasj+1KOJ8iliNiPXBO3c3EEW8Him+c2wj/etgRF93HL54efKrp87cvR3FPvbxPpTtrA1ErBaH4JwdYINRxD9Fip++cyL+bTCiPzo/8YWIV8v8QcRbZb4UkcovxrmI93b5HnE49UcR/1+e/wsb6Z3B8nrQva5c+lrtK+1r8z1lu9eVQ39/eJgO+LVpKIr4YXXF30j/7r9rAAAAAAAAAAAAAAAAgAOkiF+LFC++eyJV84O35hS32tdrVxpX5zrT+rpz/7pzpjc3NzdrqZP1nNM5V3Ku5lzLuZ4zilw/Zz3ndM6VnKs513Ku54y+XD9nPed0zpWcqznXcq7njP5cP2c953TOlZyrOddyrueMAzJ3DwAAAAAAAAAAAAAAAAAA+Hgpqn9SfPsbG2lzsLO+9HR0cs16oB97vwgAAP//1k7+eg==") r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x12, r0, 0x0) 1.260487329s ago: executing program 3: r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0xff69) sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x1c, 0x5a, 0x1, 0x0, 0x0, {}, [@nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4}]}]}, 0x1c}}, 0x0) 1.147198703s ago: executing program 1: r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000340), &(0x7f0000000080)=0x8) 1.038983837s ago: executing program 3: r0 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000300)=@nat={'nat\x00', 0x1b, 0x5, 0x338, 0xf8, 0x0, 0xffffffff, 0xf8, 0x0, 0x440, 0x440, 0xffffffff, 0x440, 0x440, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @multicast1, @rand_addr, @icmp_id}}}}, {{@ip={@empty, @rand_addr, 0x0, 0x0, 'veth1_to_hsr\x00', 'veth0_to_bridge\x00'}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @local, @private}}}}, {{@uncond, 0x0, 0x70, 0xb8}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'veth1_to_hsr\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffd}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x398) 973.284903ms ago: executing program 0: r0 = socket$inet6(0xa, 0x3, 0xff) connect$inet6(r0, &(0x7f0000000480)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) r1 = dup2(r0, r0) sendmmsg$unix(r1, &(0x7f0000001e80)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="12f8a2b2236d539f42b67e083fcd9b5de2cb490c038d25210290c4cc3afacede0f7d823ef5968c9a", 0x28}], 0x1}}, {{&(0x7f0000000440)=@abs, 0x18, 0x0}}], 0x2, 0x0) 838.278221ms ago: executing program 4: syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) syz_read_part_table(0x640, &(0x7f0000000800)="$eJzs1D2IXUUbB/D/Ofcb3pcNEhE06IKQKiZgKsHFBI0hitlFTRA7G0G0CixoIXvzUWtjawRJsVgYLEwV0UJ2BYkabSSVSLBWC2UhMHLOPXdNESTg+gW/X/XcmWeemcM8c8N/3OlDpVSTjIbd74V730/6pZS1ZNrvBocpSXpNOEgyboLF5MT06ceeeXLlcFXNqy3u+V+b3wxM2tykSpUPMls/L1gWHrzaxNNcuf/rzd4srZdcrpuxPDKvN8/POL23L3xXdYeA1sWljYWzdRklSy8Nk2paSh6qprPJk3c9/FxdVbMuHA63Fx38uO28lFLKbe4z+YP92+av3n013etIUjfh5tWt7XeRJvqhjcZduTuPz19SO7m2nTq4uce7CsObz7H54aUko9s8On+htv/OnRp+0s+hTHL9nd3fXzuzdXzv+uqBOnVzqb+WUvqze7xRxsl9i017+BcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB22sWljYVhkkmSb4++fv3giw8cuefN+lCawa/alIPtZJLTSXpJvqi6xW89tSP7nz13apJRV3SQZLj80/n/7/9yc5Dl88m4Gd7XTNfdomkyPtlGwz99AP5R3f0ffeO1pV8G3diZreN711cP7Lvj2qdr8wseZby2e7VtxGnXEo0TL/9eqkqq/nbYGdxiz3nNJxZ2/HMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+BI48fW1w5XD+b1FV/nKTedWGjJCmz+VKSuz96fv2Vzw5/00uyPLqU5EaOVXmhfP7oz+/tujLOJFkZzfIv1xllT7K/3/wapj/faLG3vWeVH//27+TWfgsAAP//6ct0pQ==") socket$phonet_pipe(0x23, 0x5, 0x2) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) accept4$phonet_pipe(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x80800) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000400)='afs_cb_miss\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2800000076000c0b00000000000000000300"], 0x28}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYRESDEC], 0x15) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket(0x0, 0x80002, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x60600, 0x0) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ac0000001200010500"/56, @ANYRES32=0x0, @ANYBLOB="00000000000000feffffff0000000000040002005c0001000058"], 0xac}}, 0x0) 817.230614ms ago: executing program 1: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000200)={0xffffffffffffffff}) splice(r2, 0x0, r1, 0x0, 0x7f, 0x0) 806.852131ms ago: executing program 0: syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000008740)={[{@shortname_winnt}, {@uni_xlate}, {@shortname_win95}, {@numtail}, {@shortname_lower}, {@utf8no}, {@uni_xlate}, {@fat=@uid}, {@fat=@check_strict}, {@uni_xlate}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@fat=@codepage={'codepage', 0x3d, '855'}}, {@shortname_lower}, {@utf8}, {@fat=@dmask={'dmask', 0x3d, 0x40}}, {@uni_xlateno}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-6'}}, {@shortname_lower}, {@nonumtail}, {@shortname_win95}, {@rodir}, {@utf8no}, {@nonumtail}, {@shortname_lower}, {@shortname_mixed}, {@utf8}], [{@appraise}, {@pcr={'pcr', 0x3d, 0x10}}]}, 0x6, 0x2d3, &(0x7f0000000a40)="$eJzs3b1rJGUYAPBnNrMfarFbWInggBZWx+Vamw1yB2Iqjy1OCw3eHUh2ES4Q8QPXq8TOxtK/QBD8Q2zsLAVbwc4IgZGZncl+ZNhsJBvx8vsVyZuZ55n3ed+ZJNPkyQcvTw4fZvH46Re/Ra+XRGvYjThJYhCtqH0VS4bfBgDwf3aS5/FnPtNw+tdv1uT2tlgXALA9F/z+r6TlxwdFxE/XVxsAsB33H7z79t7+/t13sqwX9yZfH4+SiCg+z87vPY6PYhyP4nb04zSifFFoR/m2UAzv5Xk+TbPCIF6bTI9HRebk/Z+r6+/9EVHm70Y/BuWhs7eNMv+t/bu72cxC/rSo4/lq/mGRfyf68eJZ8lL+nYb8GHXi9VcX6r8V/fjlw/g4xvGwLGKe/+Vulr2Zf/fX5+8V5RX5yfR41C3j5vKdevLpNd8jAAAAAAAAAAAAAAAAAAAAAACePbeq3jndKPv3FIeq/js7p8UX7chqg+X+PLP8pL7QvD9QtPI8n+bxfd1f53aWZXkVOM9P46W0aiwIAAAAAAAAAAAAAAAAAAAAN9zRp58dHozHj55cyaDuBpBGxN/3I/7tdYYLR16J9cHdas6D8bhVDZdj0sUjsVPHJBFryygWcUXbctHguXM1V4MffmzMKlZ0lEbTqd7Fk7ab57rk4JP2bB8bY+qn6/Agad7D7lnxveLGxeqN60Tz7O1YOdKp7+dqcP0obracTuOp/qW3pfNCOZiuiYlk3ffFG78vLSeJleBO2XGjMb1dDZp2Y/ZsbPQ8R2+Wfv5nRaJbBwAAAAAAAAAAAAAAAAAAbNX8r38bTj5dm9rKu1srCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACu1fz//28ySJeTN8jqxJOj/2ptAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Bz/BAAA//8a6VGq") bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0) 782.941629ms ago: executing program 3: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x4001, 0x3, 0x458, 0x300, 0xb, 0x148, 0x308, 0x148, 0x3c0, 0x230, 0x242, 0x3c0, 0x215, 0x3, 0x0, {[{{@ip={@local, @remote, 0x0, 0x0, 'batadv_slave_0\x00', 'macvtap0\x00', {}, {}, 0x73}, 0x0, 0x2d0, 0x300, 0x0, {0xff0f000000000000}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0x8}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0xe, 0x0, 0x6, './file0\x00'}}]}, @common=@inet=@SET2={0x30}}, {{@uncond, 0xec010000, 0xa0, 0xc0, 0x0, {}, [@common=@ah={{0x30}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4b8) 607.526642ms ago: executing program 2: r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) recvmmsg(r0, &(0x7f0000004f80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 586.780705ms ago: executing program 0: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x9, &(0x7f0000000000)=@raw=[@printk={@lu={0x18, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x78}}, @exit], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) 501.40248ms ago: executing program 3: r0 = open(&(0x7f0000000100)='./bus\x00', 0xa1840, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000005b00)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0) ftruncate(r1, 0x2007ffd) sendfile(r1, r2, 0x0, 0x1000000201005) ftruncate(r2, 0x10001) 332.606674ms ago: executing program 0: iopl(0x3) keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000002180)=""/4089, 0xfffffffffffffd79) 94.878134ms ago: executing program 2: mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x14172, 0xffffffffffffffff, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) getsockopt$packet_int(r0, 0x107, 0xf, 0x0, &(0x7f0000000540)) 25.667676ms ago: executing program 3: openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000dd897b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, &(0x7f00000004c0), &(0x7f0000000540)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 18.973396ms ago: executing program 0: bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x2d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x330) syz_extract_tcp_res$synack(&(0x7f00000002c0), 0x1, 0x0) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1=0xe0000010}}, 0x1c, 0x0}}], 0x6c00, 0x0) r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4}) r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000080)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x3, r6, 0x0, 0x0, 0xa, 0x1ff, 0x1}) 0s ago: executing program 4: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'nr0\x00'}) ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000340)=ANY=[]) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'nr0\x00', 0x6132}) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000002c0)={'caif0\x00', 0x10}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@o_path={0x0, 0x0, 0x4000}, 0x18) ioctl$TUNSETOFFLOAD(r2, 0x400454d0, 0x18) fcntl$setpipe(r2, 0x407, 0x3) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x3}, 0x48) r5 = dup3(r1, r3, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000100)={'tunl0\x00', &(0x7f00000000c0)={'erspan0\x00', 0x0, 0x700, 0x20, 0xdbb, 0x6, {{0x8, 0x4, 0x3, 0x24, 0x20, 0x64, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x23}, {[@noop, @lsrr={0x83, 0xb, 0x26, [@local, @dev={0xac, 0x14, 0x14, 0x2c}]}]}}}}}) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xa, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, 0x1, r5, 0x8, &(0x7f0000000000)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, r5}, 0x90) write$cgroup_subtree(r3, &(0x7f0000000000)=ANY=[], 0xfe3a) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_BT_POWER(r7, 0x112, 0xa, 0x0, 0x0) r8 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r8, &(0x7f0000000480)={0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}, 0x1c) connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r8, 0x29, 0x1, &(0x7f0000000040), 0x4) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6) close(r0) io_setup(0x80, &(0x7f0000000100)) kernel console output (not intermixed with test programs): node #2: comm syz-executor.1: Corrupt directory, running e2fsck is recommended [ 1036.809242][T19961] syz-executor.0[19961] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1036.809440][T19961] syz-executor.0[19961] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1036.892150][T19907] team0: Port device team_slave_0 added [ 1036.920896][T19907] team0: Port device team_slave_1 added [ 1037.197008][T19907] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1037.208965][T19907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1037.256559][T18631] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.293000][T19907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1037.338510][ T5117] Bluetooth: hci2: command tx timeout [ 1037.427168][T19907] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1037.448298][T19980] netlink: 'syz-executor.0': attribute type 2 has an invalid length. [ 1037.469250][T19907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1037.551599][T19907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1037.773384][T19997] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem [ 1037.822306][T19907] hsr_slave_0: entered promiscuous mode [ 1037.835782][T19993] loop1: detected capacity change from 0 to 2048 [ 1037.850557][T19907] hsr_slave_1: entered promiscuous mode [ 1037.869313][T19907] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1037.888779][T19907] Cannot create hsr debugfs directory [ 1037.894423][T20002] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1038.012007][T19993] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1038.077496][T16367] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 1038.321951][T16367] usb 1-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd [ 1038.335671][T16367] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1038.360137][T16367] usb 1-1: Product: syz [ 1038.377739][T16367] usb 1-1: Manufacturer: syz [ 1038.388193][T16367] usb 1-1: SerialNumber: syz [ 1038.436966][T16367] usb 1-1: config 0 descriptor?? [ 1038.455287][ T5117] Bluetooth: hci1: urb ffff888060252800 submission failed (2) [ 1038.519228][T20018] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1038.697499][T16367] usb 1-1: USB disconnect, device number 18 [ 1038.952238][ T2401] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.249861][T20035] loop4: detected capacity change from 0 to 2048 [ 1039.324812][ T2401] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.326449][T20038] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1039.396878][ T5117] Bluetooth: hci2: command tx timeout [ 1039.450522][T20035] netlink: 277 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1039.660957][T20020] loop3: detected capacity change from 0 to 32768 [ 1039.685293][ T2401] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1039.796504][T16367] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 1039.901853][T20048] loop0: detected capacity change from 0 to 256 [ 1039.936994][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1039.959720][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1039.973438][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1039.986607][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1039.996875][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1040.004777][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1040.012022][T16367] usb 3-1: Using ep0 maxpacket: 8 [ 1040.019777][T16367] usb 3-1: config index 0 descriptor too short (expected 301, got 45) [ 1040.055848][T16367] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 1040.078338][T16367] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 1040.088439][T16367] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 1040.101702][T16367] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 1040.115580][T16367] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 1040.124677][T16367] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1040.137911][ T2401] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1040.473478][T16367] usb 3-1: usb_control_msg returned -32 [ 1040.483001][T16367] usbtmc 3-1:16.0: can't read capabilities [ 1041.498182][ T5117] Bluetooth: hci2: command tx timeout [ 1041.695958][ T2401] bridge_slave_1: left allmulticast mode [ 1041.703600][ T2401] bridge_slave_1: left promiscuous mode [ 1041.719677][ T2401] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.783635][ T2401] bridge_slave_0: left allmulticast mode [ 1041.790817][ T2401] bridge_slave_0: left promiscuous mode [ 1041.809724][ T2401] bridge0: port 1(bridge_slave_0) entered disabled state [ 1042.002068][T20072] futex_wake_op: syz-executor.3 tries to shift op by 144; fix this program [ 1042.115989][ T5117] Bluetooth: hci1: command tx timeout [ 1042.272703][T20065] loop0: detected capacity change from 0 to 2048 [ 1042.309489][T20065] EXT4-fs: Ignoring removed nobh option [ 1042.400775][ T5125] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1042.429387][ T5125] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1042.444768][ T5125] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1042.469796][ T5125] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1042.478032][ T5125] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 1042.488157][ T5125] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1042.533051][T20065] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1042.586020][T18767] usb 3-1: USB disconnect, device number 13 [ 1043.304829][T20091] loop3: detected capacity change from 0 to 256 [ 1043.436213][ T29] audit: type=1800 audit(2000000349.069:1543): pid=20091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1961 res=0 errno=0 [ 1043.675791][ T5117] Bluetooth: hci2: command tx timeout [ 1043.854600][T20091] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d) [ 1043.873955][T20091] exFAT-fs (loop3): error, invalid access to FAT bad cluster (entry 0x00000005) [ 1043.885835][T20091] exFAT-fs (loop3): Filesystem has been set read-only [ 1043.897455][T20091] exFAT-fs (loop3): failed to initialize root inode [ 1044.005147][T19453] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz-executor.0: bg 0: block 2: invalid block bitmap [ 1044.029136][T19453] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 1044.049358][T19453] EXT4-fs error (device loop0): ext4_read_inline_dir:1560: inode #12: block 5: comm syz-executor.0: path /root/syzkaller-testdir2142429006/syzkaller.WA8rnp/19/file1/file0/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 1044.082809][T19453] EXT4-fs error (device loop0): ext4_read_inline_dir:1560: inode #12: block 5: comm syz-executor.0: path /root/syzkaller-testdir2142429006/syzkaller.WA8rnp/19/file1/file0/file0: bad entry in directory: directory entry overrun - offset=24, inode=13, rec_len=7952, size=80 fake=0 [ 1044.215973][ T5117] Bluetooth: hci1: command tx timeout [ 1044.425027][T20097] loop3: detected capacity change from 0 to 256 [ 1044.601628][ T5117] Bluetooth: hci3: command tx timeout [ 1044.805886][ T2401] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1044.824834][ T2401] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1044.838768][ T2401] bond0 (unregistering): Released all slaves [ 1044.866807][T20085] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 1044.882514][T20085] netlink: 'syz-executor.2': attribute type 39 has an invalid length. [ 1044.931072][T20087] netlink: 'syz-executor.2': attribute type 7 has an invalid length. [ 1044.939608][T20087] netlink: 'syz-executor.2': attribute type 39 has an invalid length. [ 1046.162710][T19453] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1046.291609][ T5117] Bluetooth: hci1: command tx timeout [ 1046.496224][T20113] loop3: detected capacity change from 0 to 128 [ 1046.566436][T20113] syz-executor.3: attempt to access beyond end of device [ 1046.566436][T20113] loop3: rw=2051, sector=128, nr_sectors = 913 limit=128 [ 1046.623432][T20115] futex_wake_op: syz-executor.2 tries to shift op by 144; fix this program [ 1046.679430][ T5117] Bluetooth: hci3: command tx timeout [ 1046.865755][T19907] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 1047.005731][ T2401] hsr_slave_0: left promiscuous mode [ 1047.014948][ T2401] hsr_slave_1: left promiscuous mode [ 1047.029973][ T2401] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1047.045685][ T2401] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1047.069177][ T2401] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1047.088991][ T2401] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1047.162072][ T2401] veth1_macvtap: left promiscuous mode [ 1047.184270][ T2401] veth0_macvtap: left promiscuous mode [ 1047.200511][ T2401] veth1_vlan: left promiscuous mode [ 1047.215735][ T2401] veth0_vlan: left promiscuous mode [ 1047.305768][T20133] loop2: detected capacity change from 0 to 2048 [ 1047.314435][T20133] udf: Unknown parameter 'u' [ 1047.462323][ T5125] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1047.479713][ T5125] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1047.494970][ T5125] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1047.507765][ T5125] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1047.515791][ T5125] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1047.523454][ T5125] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1047.825077][T20150] loop3: detected capacity change from 0 to 128 [ 1047.850937][T20150] syz-executor.3: attempt to access beyond end of device [ 1047.850937][T20150] loop3: rw=2051, sector=128, nr_sectors = 913 limit=128 [ 1048.064559][T20155] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1048.064592][T20155] nbd: illegal input index 875837489 [ 1048.345721][T16367] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 1048.357696][ T5117] Bluetooth: hci1: command tx timeout [ 1048.395531][T20161] netlink: 4100 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1048.549124][T16367] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1048.591119][T16367] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1048.603647][T16367] usb 3-1: New USB device found, idVendor=06cb, idProduct=73f5, bcdDevice= 0.00 [ 1048.615766][T16367] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1048.655883][T16367] usb 3-1: config 0 descriptor?? [ 1048.755924][ T5117] Bluetooth: hci3: command tx timeout [ 1049.081136][ T2401] team0 (unregistering): Port device team_slave_1 removed [ 1049.905913][ T5117] Bluetooth: hci0: command tx timeout [ 1050.045510][T16367] usbhid 3-1:0.0: can't add hid device: -71 [ 1050.053583][T16367] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 1050.078187][ T2401] team0 (unregistering): Port device team_slave_0 removed [ 1050.098217][T16367] usb 3-1: USB disconnect, device number 14 [ 1050.250973][T20179] loop3: detected capacity change from 0 to 2048 [ 1050.260113][T20179] udf: Unknown parameter 'u' [ 1050.840746][ T5117] Bluetooth: hci3: command tx timeout [ 1051.704525][T20194] loop2: detected capacity change from 0 to 512 [ 1051.717309][T20194] EXT4-fs: Ignoring removed oldalloc option [ 1051.795336][T20194] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 1051.810818][T20194] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 1051.843074][T20194] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1051.937639][T19907] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 1051.956397][ T5117] Bluetooth: hci0: command tx timeout [ 1052.043597][T19907] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 1052.091065][T20049] chnl_net:caif_netlink_parms(): no params data found [ 1052.134382][T19907] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 1052.520146][T18326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1052.844084][T20049] bridge0: port 1(bridge_slave_0) entered blocking state [ 1052.873254][T20049] bridge0: port 1(bridge_slave_0) entered disabled state [ 1052.905010][T20049] bridge_slave_0: entered allmulticast mode [ 1052.922895][T20049] bridge_slave_0: entered promiscuous mode [ 1052.971395][T20049] bridge0: port 2(bridge_slave_1) entered blocking state [ 1052.982106][T20049] bridge0: port 2(bridge_slave_1) entered disabled state [ 1052.993181][T20219] loop2: detected capacity change from 0 to 256 [ 1053.005436][T20049] bridge_slave_1: entered allmulticast mode [ 1053.080368][T20049] bridge_slave_1: entered promiscuous mode [ 1053.091321][T20219] exfat: Deprecated parameter 'namecase' [ 1053.110013][T20219] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 1053.481720][T20049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1053.574958][T20049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1053.680051][T20222] loop2: detected capacity change from 0 to 4096 [ 1053.789792][T20049] team0: Port device team_slave_0 added [ 1053.824658][T20222] ntfs3: Cannot use different iocharset when remounting! [ 1053.843602][T20076] chnl_net:caif_netlink_parms(): no params data found [ 1053.931241][T20049] team0: Port device team_slave_1 added [ 1054.036078][ T5117] Bluetooth: hci0: command tx timeout [ 1054.132271][ T1235] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.204707][T20049] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1054.230275][T20049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1054.266658][T20049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1054.357522][T20049] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1054.364994][T20049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1054.402317][T20049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1054.571679][T20246] loop3: detected capacity change from 0 to 1024 [ 1054.615243][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1054.687835][T20247] loop2: detected capacity change from 0 to 512 [ 1054.700073][T20247] EXT4-fs: Ignoring removed oldalloc option [ 1054.815952][T20247] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature [ 1054.831190][T20247] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 1054.851016][T20076] bridge0: port 1(bridge_slave_0) entered blocking state [ 1054.870281][T20247] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1054.877621][T20076] bridge0: port 1(bridge_slave_0) entered disabled state [ 1054.886389][T20250] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1054.893060][T20076] bridge_slave_0: entered allmulticast mode [ 1054.906669][T20076] bridge_slave_0: entered promiscuous mode [ 1054.930383][T20076] bridge0: port 2(bridge_slave_1) entered blocking state [ 1054.941732][T20076] bridge0: port 2(bridge_slave_1) entered disabled state [ 1054.956755][T20076] bridge_slave_1: entered allmulticast mode [ 1054.972586][T20076] bridge_slave_1: entered promiscuous mode [ 1055.005330][T20138] chnl_net:caif_netlink_parms(): no params data found [ 1055.032642][T20252] loop3: detected capacity change from 0 to 256 [ 1055.132671][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1055.153969][T20252] FAT-fs (loop3): Directory bread(block 64) failed [ 1055.164867][T20252] FAT-fs (loop3): Directory bread(block 65) failed [ 1055.175663][T20252] FAT-fs (loop3): Directory bread(block 66) failed [ 1055.186559][T20252] FAT-fs (loop3): Directory bread(block 67) failed [ 1055.195072][T20252] FAT-fs (loop3): Directory bread(block 68) failed [ 1055.214294][T20252] FAT-fs (loop3): Directory bread(block 69) failed [ 1055.235808][T20252] FAT-fs (loop3): Directory bread(block 70) failed [ 1055.254940][T20252] FAT-fs (loop3): Directory bread(block 71) failed [ 1055.275047][T20252] FAT-fs (loop3): Directory bread(block 72) failed [ 1055.296371][T20252] FAT-fs (loop3): Directory bread(block 73) failed [ 1055.495066][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1055.533219][T20049] hsr_slave_0: entered promiscuous mode [ 1055.541810][T18326] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1055.552366][T20049] hsr_slave_1: entered promiscuous mode [ 1055.611108][T20049] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1055.619018][T20049] Cannot create hsr debugfs directory [ 1055.634209][T20076] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1055.763872][ C1] vkms_vblank_simulate: vblank timer overrun [ 1055.829096][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1055.859095][T20076] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1056.117421][ T5117] Bluetooth: hci0: command tx timeout [ 1056.149293][T20138] bridge0: port 1(bridge_slave_0) entered blocking state [ 1056.161340][T20138] bridge0: port 1(bridge_slave_0) entered disabled state [ 1056.170251][T20138] bridge_slave_0: entered allmulticast mode [ 1056.198315][T20138] bridge_slave_0: entered promiscuous mode [ 1056.286737][T20076] team0: Port device team_slave_0 added [ 1056.308841][T20076] team0: Port device team_slave_1 added [ 1056.358337][T20138] bridge0: port 2(bridge_slave_1) entered blocking state [ 1056.369906][T20138] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.390745][T20138] bridge_slave_1: entered allmulticast mode [ 1056.399189][T20138] bridge_slave_1: entered promiscuous mode [ 1056.480427][T19907] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1056.542069][T19907] 8021q: adding VLAN 0 to HW filter on device team0 [ 1056.618265][T20076] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1056.631209][T20076] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1056.668871][T20076] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1057.270908][T20285] loop2: detected capacity change from 0 to 1024 [ 1057.589173][T20076] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1057.597814][T20076] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1057.631973][T20076] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1057.703766][T20138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1057.777023][T12024] bridge0: port 1(bridge_slave_0) entered blocking state [ 1057.784341][T12024] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1058.050744][T12024] bridge0: port 2(bridge_slave_1) entered blocking state [ 1058.058087][T12024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1059.074539][T20138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1059.231310][T20138] team0: Port device team_slave_0 added [ 1059.270202][T20138] team0: Port device team_slave_1 added [ 1059.278794][T20301] loop2: detected capacity change from 0 to 64 [ 1059.345331][T20076] hsr_slave_0: entered promiscuous mode [ 1059.363552][T20301] syz-executor.2: attempt to access beyond end of device [ 1059.363552][T20301] loop2: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 1059.390622][T20076] hsr_slave_1: entered promiscuous mode [ 1059.415724][T20076] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1059.423341][T20076] Cannot create hsr debugfs directory [ 1059.464561][T20295] loop3: detected capacity change from 0 to 40427 [ 1059.473660][T20295] F2FS-fs (loop3): Invalid Fs Meta Ino: node(0) meta(2) root(0) [ 1059.490572][T20295] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 1059.501339][T20295] F2FS-fs (loop3): invalid crc value [ 1059.513701][T20295] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1059.524101][T20138] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1059.539140][T20138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1059.595660][T20138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1059.640301][T20295] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 1059.648034][T20295] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 1059.773681][ T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1059.797026][T20306] loop2: detected capacity change from 0 to 64 [ 1059.828169][T20306] hfs: unable to parse mount options [ 1059.865499][T19532] syz-executor.3: attempt to access beyond end of device [ 1059.865499][T19532] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1059.915780][T19532] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1059.923657][T20138] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1059.934307][T20138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1059.960317][ C1] vkms_vblank_simulate: vblank timer overrun [ 1059.968823][T20138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1060.111671][ T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1060.356577][ T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1060.512795][T20138] hsr_slave_0: entered promiscuous mode [ 1060.547577][T20138] hsr_slave_1: entered promiscuous mode [ 1060.575015][T20138] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1060.596545][T20138] Cannot create hsr debugfs directory [ 1060.655417][ T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.435807][T20329] loop3: detected capacity change from 0 to 1024 [ 1063.989297][ T29] audit: type=1800 audit(2000000369.679:1544): pid=20336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=25 res=0 errno=0 [ 1064.601919][T20335] loop2: detected capacity change from 0 to 4096 [ 1064.661288][T20335] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 1064.705797][T20335] ntfs3: loop2: It is recommened to use chkdsk. [ 1064.763367][T20335] ntfs3: loop2: Failed to load $MFT. [ 1064.896433][T20049] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1064.948472][T20049] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1065.031629][T20049] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1065.064372][T20049] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1065.164224][ T12] bridge_slave_1: left allmulticast mode [ 1065.187756][ T12] bridge_slave_1: left promiscuous mode [ 1065.193688][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1065.269104][ T12] bridge_slave_0: left allmulticast mode [ 1065.274837][ T12] bridge_slave_0: left promiscuous mode [ 1065.299959][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1065.324174][ T12] bridge_slave_1: left allmulticast mode [ 1065.339929][ T12] bridge_slave_1: left promiscuous mode [ 1065.361062][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1065.417443][ T12] bridge_slave_0: left allmulticast mode [ 1065.423172][ T12] bridge_slave_0: left promiscuous mode [ 1065.451422][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1065.568802][ T29] audit: type=1326 audit(2000000371.369:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20358 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff8487cf69 code=0x7ffc0000 [ 1065.622402][ T29] audit: type=1326 audit(2000000371.369:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20358 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7eff8487cf69 code=0x7ffc0000 [ 1065.670623][ T29] audit: type=1326 audit(2000000371.369:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20358 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff8487cf69 code=0x7ffc0000 [ 1065.747055][ T29] audit: type=1326 audit(2000000371.369:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20358 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff8487cf69 code=0x7ffc0000 [ 1066.023557][T20368] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1066.083924][T20370] loop2: detected capacity change from 0 to 64 [ 1066.166591][T20370] syz-executor.2: attempt to access beyond end of device [ 1066.166591][T20370] loop2: rw=2049, sector=129, nr_sectors = 1 limit=64 [ 1066.181989][T20370] Buffer I/O error on dev loop2, logical block 129, lost async page write [ 1066.384527][T20372] loop2: detected capacity change from 0 to 1024 [ 1067.547192][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1067.563587][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1067.580012][ T12] bond0 (unregistering): Released all slaves [ 1067.812145][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1067.824623][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1067.845117][ T12] bond0 (unregistering): Released all slaves [ 1067.983602][T19907] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1068.167472][T20383] tmpfs: Unknown parameter 'íÒÿÅfÀ’üæd·Øa+;Gõh0"Ú]LoÕx€5MŽO'' [ 1068.600785][ T29] audit: type=1326 audit(2000000374.399:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20392 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff8487cf69 code=0x0 [ 1068.621576][T20049] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1068.845091][T20049] 8021q: adding VLAN 0 to HW filter on device team0 [ 1068.948394][T18762] bridge0: port 1(bridge_slave_0) entered blocking state [ 1068.955697][T18762] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1068.980075][T18762] bridge0: port 2(bridge_slave_1) entered blocking state [ 1068.987386][T18762] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1069.112912][T20406] loop3: detected capacity change from 0 to 512 [ 1069.137347][T20406] EXT4-fs: Ignoring removed mblk_io_submit option [ 1069.167210][T20406] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a064e01c, mo2=0002] [ 1069.222154][T20406] System zones: 1-12 [ 1069.239679][T20406] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz-executor.3: casefold flag without casefold feature [ 1069.254642][T20406] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz-executor.3: couldn't read orphan inode 15 (err -117) [ 1069.308819][T20406] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1069.419898][T20076] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1069.599629][T20076] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1069.648739][T20076] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1069.710204][T20076] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1069.763861][T19907] veth0_vlan: entered promiscuous mode [ 1069.829310][ T12] hsr_slave_0: left promiscuous mode [ 1069.931608][ T12] hsr_slave_1: left promiscuous mode [ 1070.003967][T20419] loop2: detected capacity change from 0 to 4096 [ 1070.012307][T20419] ntfs3: Bad value for 'uid' [ 1070.333578][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1070.431916][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1070.593303][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1070.845760][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1070.888253][T18762] IPVS: starting estimator thread 0... [ 1070.931325][ T12] hsr_slave_0: left promiscuous mode [ 1070.961607][ T12] hsr_slave_1: left promiscuous mode [ 1070.979144][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1070.992507][T19532] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1070.996768][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1071.009981][T20421] IPVS: using max 17 ests per chain, 40800 per kthread [ 1071.029474][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1071.038364][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1071.112300][ T12] veth1_macvtap: left promiscuous mode [ 1071.118130][ T12] veth0_macvtap: left promiscuous mode [ 1071.127503][ T12] veth1_vlan: left promiscuous mode [ 1071.133090][ T12] veth0_vlan: left promiscuous mode [ 1071.156872][ T12] veth1_macvtap: left promiscuous mode [ 1071.162588][ T12] veth0_macvtap: left promiscuous mode [ 1071.168470][ T12] veth1_vlan: left promiscuous mode [ 1071.173804][ T12] veth0_vlan: left promiscuous mode [ 1071.271638][T20426] loop3: detected capacity change from 0 to 8192 [ 1071.292042][T20426] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1072.852611][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1072.979909][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1075.430867][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1075.537944][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1076.700972][T19907] veth1_vlan: entered promiscuous mode [ 1076.894002][T19907] veth0_macvtap: entered promiscuous mode [ 1076.955422][T19907] veth1_macvtap: entered promiscuous mode [ 1077.105080][T19907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1077.144117][T19907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.158108][T19907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1077.171296][T19907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.185309][T19907] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1077.244948][T20049] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1077.300235][T19907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1077.327220][T19907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.343170][T19907] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1077.361906][T19907] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1077.381418][T19907] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1077.710457][T19907] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.741769][T19907] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.771948][T19907] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.801286][T19907] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1078.051559][T20076] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1078.073368][T20138] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1078.142525][T20138] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1078.279068][T20138] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1078.400748][T20138] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1078.690181][T20076] 8021q: adding VLAN 0 to HW filter on device team0 [ 1078.803771][T20049] veth0_vlan: entered promiscuous mode [ 1079.034456][T18761] bridge0: port 1(bridge_slave_0) entered blocking state [ 1079.041800][T18761] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1079.140417][T12249] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1079.175963][T12249] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1079.196127][T20049] veth1_vlan: entered promiscuous mode [ 1079.245099][T18761] bridge0: port 2(bridge_slave_1) entered blocking state [ 1079.252499][T18761] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1079.588536][T20460] loop2: detected capacity change from 0 to 32768 [ 1079.604963][T11434] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1079.636657][T11434] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1079.705025][T20456] loop3: detected capacity change from 0 to 262144 [ 1079.723956][T20456] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (20456) [ 1079.765395][T20456] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 1079.776063][T20456] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm [ 1079.785383][T20456] BTRFS info (device loop3): using free-space-tree [ 1079.903159][T20049] veth0_macvtap: entered promiscuous mode [ 1079.908445][T20477] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1080.030413][T20049] veth1_macvtap: entered promiscuous mode [ 1080.112706][T20138] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1080.224648][T19532] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 1080.302871][T20138] 8021q: adding VLAN 0 to HW filter on device team0 [ 1080.415795][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1080.451342][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.471140][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1080.496821][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.509690][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1080.522976][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.569740][T20049] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1080.617859][T18820] bridge0: port 1(bridge_slave_0) entered blocking state [ 1080.625083][T18820] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1080.679631][T18820] bridge0: port 2(bridge_slave_1) entered blocking state [ 1080.686915][T18820] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1080.753002][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1080.775212][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.798791][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1080.809438][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.828960][T20049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1080.842578][T20499] loop2: detected capacity change from 0 to 256 [ 1080.861720][T20049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1080.909353][T20049] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1080.978410][T20499] loop2: detected capacity change from 256 to 11 [ 1080.987568][T20499] FAT-fs (loop2): Directory bread(block 3) failed [ 1081.021335][T20049] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1081.041549][T20049] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1081.063016][T20049] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1081.086848][T20049] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1081.171943][T18326] FAT-fs (loop2): Directory bread(block 3) failed [ 1081.207736][T20076] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1082.038431][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1082.351367][T11994] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1082.389715][T11994] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1082.452364][T20520] loop5: detected capacity change from 0 to 1024 [ 1082.528618][T20520] Cannot find add_set index 0 as target [ 1082.571986][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1082.663029][T20520] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 1082.730564][T18762] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1082.765904][T18762] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1082.826135][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1082.957916][T20138] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1083.058747][T20524] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1083.073231][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1083.190929][ T5125] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1083.204112][ T5125] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1083.252657][ T5125] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1083.276602][ T5125] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1083.284653][ T5125] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 1083.296250][ T5125] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1083.346769][T20076] veth0_vlan: entered promiscuous mode [ 1083.438141][T20076] veth1_vlan: entered promiscuous mode [ 1083.763479][ T12] bridge_slave_1: left allmulticast mode [ 1083.780529][ T12] bridge_slave_1: left promiscuous mode [ 1083.791165][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1084.015931][ T12] bridge_slave_0: left allmulticast mode [ 1084.104897][ T12] bridge_slave_0: left promiscuous mode [ 1084.122995][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1084.233591][T20547] loop1: detected capacity change from 0 to 256 [ 1084.248396][ T29] audit: type=1800 audit(2000000389.999:1550): pid=20548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1961 res=0 errno=0 [ 1086.283769][ T5125] Bluetooth: hci6: command tx timeout [ 1086.331568][T20547] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe9e488b, utbl_chksum : 0xe619d30d) [ 1086.348251][T20547] exFAT-fs (loop1): error, invalid access to FAT bad cluster (entry 0x00000005) [ 1086.358626][T20547] exFAT-fs (loop1): Filesystem has been set read-only [ 1086.365611][T20547] exFAT-fs (loop1): failed to initialize root inode [ 1086.578041][T20550] loop5: detected capacity change from 0 to 8 [ 1086.640326][T20550] SQUASHFS error: Unable to read inode 0x11f [ 1087.167774][ C0] vkms_vblank_simulate: vblank timer overrun [ 1087.435759][ C0] vkms_vblank_simulate: vblank timer overrun [ 1087.468321][ C0] vkms_vblank_simulate: vblank timer overrun [ 1087.725658][ C0] vkms_vblank_simulate: vblank timer overrun [ 1088.290394][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1088.309027][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1088.333159][ T12] bond0 (unregistering): Released all slaves [ 1088.355836][ T5125] Bluetooth: hci6: command tx timeout [ 1088.424851][T20569] loop3: detected capacity change from 0 to 64 [ 1088.464654][T20569] hfs: unable to parse mount options [ 1088.467248][ C0] vkms_vblank_simulate: vblank timer overrun [ 1088.667309][T20138] veth0_vlan: entered promiscuous mode [ 1088.693684][T20573] loop1: detected capacity change from 0 to 256 [ 1088.845816][T20573] loop1: detected capacity change from 256 to 11 [ 1088.874097][T20573] FAT-fs (loop1): Directory bread(block 3) failed [ 1088.922585][T20138] veth1_vlan: entered promiscuous mode [ 1088.986366][T20076] veth0_macvtap: entered promiscuous mode [ 1089.092997][T20049] FAT-fs (loop1): Directory bread(block 3) failed [ 1089.099284][T20076] veth1_macvtap: entered promiscuous mode [ 1089.583292][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1089.619586][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1089.629969][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1089.641685][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1089.651826][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1089.664278][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1089.674551][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1089.686488][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1089.705860][T20076] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1089.843924][ T12] hsr_slave_0: left promiscuous mode [ 1089.851588][ T12] hsr_slave_1: left promiscuous mode [ 1089.860229][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1089.888766][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1089.906918][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1089.914539][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1089.996145][ T12] veth1_macvtap: left promiscuous mode [ 1090.002503][ T12] veth0_macvtap: left promiscuous mode [ 1090.025999][ T12] veth1_vlan: left promiscuous mode [ 1090.031429][ T12] veth0_vlan: left promiscuous mode [ 1090.445135][ T5125] Bluetooth: hci6: command tx timeout [ 1090.585795][ C0] vkms_vblank_simulate: vblank timer overrun [ 1090.621619][ T29] audit: type=1326 audit(2000000396.419:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.670547][ C0] vkms_vblank_simulate: vblank timer overrun [ 1090.681414][ T29] audit: type=1326 audit(2000000396.419:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.738964][ C0] vkms_vblank_simulate: vblank timer overrun [ 1090.756273][ T29] audit: type=1326 audit(2000000396.419:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.780341][ T29] audit: type=1326 audit(2000000396.429:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.811852][ T29] audit: type=1326 audit(2000000396.429:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.817666][ C0] vkms_vblank_simulate: vblank timer overrun [ 1090.840167][ T29] audit: type=1326 audit(2000000396.449:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.875429][ T29] audit: type=1326 audit(2000000396.449:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1390a7cf69 code=0x7ffc0000 [ 1090.897440][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1090.908308][ T29] audit: type=1326 audit(2000000396.449:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1390a7a6e7 code=0x7ffc0000 [ 1090.925968][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1090.942647][ T29] audit: type=1326 audit(2000000396.449:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1390a403b9 code=0x7ffc0000 [ 1090.973800][ T29] audit: type=1326 audit(2000000396.449:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20594 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1390a7a6e7 code=0x7ffc0000 [ 1090.982642][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1091.022614][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1091.031451][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1091.039740][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1091.187063][ C0] vkms_vblank_simulate: vblank timer overrun [ 1091.645804][T20600] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1091.662680][T20600] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1091.730998][T20602] loop3: detected capacity change from 0 to 8 [ 1091.749840][T20602] SQUASHFS error: Unable to read inode 0x11f [ 1092.068016][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1092.083392][ T5117] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1092.133658][ T5117] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1092.156020][ T5117] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1092.187671][ T5117] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1092.195710][ T5117] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 1092.196992][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1092.210219][ T5117] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1092.517025][ T5117] Bluetooth: hci6: command tx timeout [ 1093.415913][T20525] chnl_net:caif_netlink_parms(): no params data found [ 1093.444890][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1093.458308][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1093.472279][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1093.483257][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1093.493155][T20076] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1093.503634][T20076] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1093.517395][T20076] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1093.605154][T20076] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1093.624325][T20076] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1093.635038][T20076] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1093.651569][T20076] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1093.682471][T20138] veth0_macvtap: entered promiscuous mode [ 1093.814718][T20138] veth1_macvtap: entered promiscuous mode [ 1094.097197][T20525] bridge0: port 1(bridge_slave_0) entered blocking state [ 1094.104703][T20525] bridge0: port 1(bridge_slave_0) entered disabled state [ 1094.118308][T20525] bridge_slave_0: entered allmulticast mode [ 1094.130872][T20525] bridge_slave_0: entered promiscuous mode [ 1094.145741][T20525] bridge0: port 2(bridge_slave_1) entered blocking state [ 1094.153028][T20525] bridge0: port 2(bridge_slave_1) entered disabled state [ 1094.170437][T20525] bridge_slave_1: entered allmulticast mode [ 1094.182072][T20525] bridge_slave_1: entered promiscuous mode [ 1094.286609][ T5117] Bluetooth: hci1: command tx timeout [ 1094.329899][ T12] IPVS: stop unused estimator thread 0... [ 1094.394792][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1094.419572][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.447334][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1094.467908][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.490131][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1094.494621][T20608] loop3: detected capacity change from 0 to 40427 [ 1094.511021][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.519368][T20608] F2FS-fs (loop3): invalid crc value [ 1094.534533][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1094.549076][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.561892][T20138] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1094.565009][T20608] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1094.582323][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1094.597214][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.607931][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1094.618824][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.628857][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1094.639634][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.649728][T20138] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1094.663641][T20138] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1094.695161][T20608] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1094.696928][T20138] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1094.778067][T20525] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1094.871827][T20622] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1094.882781][T20622] openvswitch: netlink: Geneve opt len 2 is not a multiple of 4. [ 1094.907667][T20525] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1094.967540][T20138] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.982837][T20138] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1094.998898][T20138] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.015004][T20138] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1095.213806][ T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.358302][T20525] team0: Port device team_slave_0 added [ 1095.375935][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1095.384818][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1095.517514][ T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.547155][T20525] team0: Port device team_slave_1 added [ 1095.764212][ T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1095.812721][T12024] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1095.835388][T12024] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1095.855198][T20525] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1095.862927][T20525] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1095.910035][T20525] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1095.959243][T20525] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1095.980402][T20525] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1096.009783][T20525] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1096.047131][ T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1096.093003][T20639] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 1096.195303][T20642] loop5: detected capacity change from 0 to 64 [ 1096.278212][T20605] chnl_net:caif_netlink_parms(): no params data found [ 1096.372479][ T5117] Bluetooth: hci1: command tx timeout [ 1096.393890][ T29] kauditd_printk_skb: 346 callbacks suppressed [ 1096.393912][ T29] audit: type=1804 audit(2000000402.189:1907): pid=20648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1191009606/syzkaller.6jb01U/1/bus" dev="sda1" ino=1949 res=1 errno=0 [ 1096.433894][T20525] hsr_slave_0: entered promiscuous mode [ 1096.463037][T20525] hsr_slave_1: entered promiscuous mode [ 1096.473383][ T29] audit: type=1804 audit(2000000402.189:1908): pid=20648 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1191009606/syzkaller.6jb01U/1/bus" dev="sda1" ino=1949 res=1 errno=0 [ 1096.473483][T20525] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1096.548064][T20525] Cannot create hsr debugfs directory [ 1097.086140][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1097.094016][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1097.218291][T20605] bridge0: port 1(bridge_slave_0) entered blocking state [ 1097.227749][T20665] loop4: detected capacity change from 0 to 8 [ 1097.237630][T20605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1097.245024][T20605] bridge_slave_0: entered allmulticast mode [ 1097.266466][T20665] SQUASHFS error: Failed to read block 0x4e8: -5 [ 1097.287694][T20605] bridge_slave_0: entered promiscuous mode [ 1097.288822][ T29] audit: type=1800 audit(2000000403.089:1909): pid=20665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 1097.485979][T20605] bridge0: port 2(bridge_slave_1) entered blocking state [ 1097.534910][T20605] bridge0: port 2(bridge_slave_1) entered disabled state [ 1097.566145][T20605] bridge_slave_1: entered allmulticast mode [ 1097.573781][T20605] bridge_slave_1: entered promiscuous mode [ 1097.694387][T20667] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1097.727060][T20667] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1097.740276][T20667] SQUASHFS error: Failed to read block 0xed04f1: -5 [ 1098.131120][T20605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1098.227018][T20605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1098.401757][ T5125] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1098.416085][ T5125] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1098.437527][T14508] Bluetooth: hci1: command tx timeout [ 1098.443345][ T5125] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1098.457689][ T5125] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1098.475683][ T5125] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 1098.483441][ T5125] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1098.662292][T20605] team0: Port device team_slave_0 added [ 1098.693813][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1098.702840][T20605] team0: Port device team_slave_1 added [ 1098.714519][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1098.900669][T20659] loop5: detected capacity change from 0 to 40427 [ 1098.921491][ T12] bridge_slave_1: left allmulticast mode [ 1098.935595][ T12] bridge_slave_1: left promiscuous mode [ 1098.938440][T20659] F2FS-fs (loop5): invalid crc value [ 1098.941582][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1098.953838][T20659] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1098.981419][ T12] bridge_slave_0: left allmulticast mode [ 1098.987599][ T12] bridge_slave_0: left promiscuous mode [ 1098.993460][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1099.068559][T20659] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1099.718082][T20687] loop4: detected capacity change from 0 to 32768 [ 1099.788290][T20687] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1100.350613][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1100.365149][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1100.384013][ T12] bond0 (unregistering): Released all slaves [ 1100.474443][T20694] netlink: 'syz-executor.5': attribute type 6 has an invalid length. [ 1100.523541][ T5117] Bluetooth: hci1: command tx timeout [ 1100.530634][T20605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1100.537831][T20605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1100.564669][T20605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1100.578878][T20605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1100.586926][T20605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1100.614300][ T5117] Bluetooth: hci4: command tx timeout [ 1100.679096][T20605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1100.759633][T20709] loop4: detected capacity change from 0 to 256 [ 1100.828464][T20709] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1aabf3fb, utbl_chksum : 0xe619d30d) [ 1101.075445][T20713] loop5: detected capacity change from 0 to 256 [ 1101.076497][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.187585][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.199294][T20718] loop4: detected capacity change from 0 to 1024 [ 1101.213286][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.236693][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.245347][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.279906][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.294253][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.311171][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.342263][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.377438][T20605] hsr_slave_0: entered promiscuous mode [ 1101.391711][T20717] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1101.406580][T20605] hsr_slave_1: entered promiscuous mode [ 1101.414169][T20720] loop5: detected capacity change from 0 to 1024 [ 1101.442841][T20605] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1101.492235][T20605] Cannot create hsr debugfs directory [ 1101.817449][ T29] audit: type=1800 audit(2000000407.499:1910): pid=20725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=25 res=0 errno=0 [ 1102.164414][ T62] hfsplus: b-tree write err: -5, ino 4 [ 1102.314389][T20727] sg_write: process 11 (syz-executor.0) changed security contexts after opening file descriptor, this is not allowed. [ 1102.477967][ T12] hsr_slave_0: left promiscuous mode [ 1102.502979][ T12] hsr_slave_1: left promiscuous mode [ 1102.526742][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1102.544239][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1102.577747][ T29] audit: type=1800 audit(2000000408.379:1911): pid=20735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1942 res=0 errno=0 [ 1102.601137][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1102.618263][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1102.675670][ T5117] Bluetooth: hci4: command tx timeout [ 1102.733432][ T12] veth1_macvtap: left promiscuous mode [ 1102.745774][ T12] veth0_macvtap: left promiscuous mode [ 1102.751537][ T12] veth1_vlan: left promiscuous mode [ 1102.765459][ T12] veth0_vlan: left promiscuous mode [ 1102.806766][T20744] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 1102.813468][T20744] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 1102.830724][ T29] audit: type=1326 audit(2000000408.629:1912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1102.866306][T20744] vhci_hcd vhci_hcd.0: Device attached [ 1102.904433][ T29] audit: type=1326 audit(2000000408.639:1913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1102.951219][T20750] loop0: detected capacity change from 0 to 2048 [ 1102.980586][ T29] audit: type=1326 audit(2000000408.639:1914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1103.042396][T20751] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1103.044908][ T29] audit: type=1326 audit(2000000408.639:1915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1103.158022][ T29] audit: type=1326 audit(2000000408.639:1916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1103.240644][T20746] usbip_core: unknown command [ 1103.245888][T20746] vhci_hcd: unknown pdu 0 [ 1103.251696][T20746] usbip_core: unknown command [ 1103.264060][ T35] vhci_hcd: stop threads [ 1103.270300][ T35] vhci_hcd: release socket [ 1103.284459][ T29] audit: type=1326 audit(2000000408.689:1917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803ce7cf69 code=0x7ffc0000 [ 1103.319954][ T35] vhci_hcd: disconnect device [ 1103.337004][ T29] audit: type=1326 audit(2000000408.689:1918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f803ce7a6e7 code=0x7ffc0000 [ 1103.369881][T20753] loop5: detected capacity change from 0 to 4096 [ 1103.379195][ T29] audit: type=1326 audit(2000000408.719:1919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20745 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f803ce403b9 code=0x7ffc0000 [ 1103.591306][T20753] ntfs3: loop5: Failed to load $Extend (-22). [ 1103.598023][T20753] ntfs3: loop5: Failed to initialize $Extend. [ 1104.567156][T20773] loop0: detected capacity change from 0 to 1024 [ 1104.788272][ T5117] Bluetooth: hci4: command tx timeout [ 1104.970403][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1105.087848][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1106.110215][T20782] loop0: detected capacity change from 0 to 64 [ 1106.676414][T12024] net_ratelimit: 14 callbacks suppressed [ 1106.676443][T12024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1106.725770][T18820] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 1106.781434][T20758] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1106.836337][ T5117] Bluetooth: hci4: command tx timeout [ 1106.972415][T18820] usb 1-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94 [ 1106.998750][T18820] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1107.011587][T18820] usb 1-1: Product: syz [ 1107.023801][T18820] usb 1-1: Manufacturer: syz [ 1107.085032][T18820] usb 1-1: SerialNumber: syz [ 1107.117546][T18820] usb 1-1: config 0 descriptor?? [ 1107.634564][T20525] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1107.660908][T20796] 9pnet_virtio: no channels available for device [ 1107.700607][T20525] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1107.754825][T12024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1107.764902][T20525] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1107.800539][T20525] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1107.842851][T20668] chnl_net:caif_netlink_parms(): no params data found [ 1107.950403][T18820] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 1107.973688][T18820] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 1107.997243][T18820] asix 1-1:0.0: probe with driver asix failed with error -71 [ 1108.017733][T18820] usb 1-1: USB disconnect, device number 19 [ 1108.197151][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1108.518898][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1108.535975][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1108.607370][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1108.687375][T20668] bridge0: port 1(bridge_slave_0) entered blocking state [ 1108.714088][T20668] bridge0: port 1(bridge_slave_0) entered disabled state [ 1108.737436][T20668] bridge_slave_0: entered allmulticast mode [ 1108.745371][T20668] bridge_slave_0: entered promiscuous mode [ 1108.760228][T20668] bridge0: port 2(bridge_slave_1) entered blocking state [ 1108.768389][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1108.783620][T20798] loop4: detected capacity change from 0 to 32768 [ 1108.805256][T20668] bridge0: port 2(bridge_slave_1) entered disabled state [ 1108.826046][T20668] bridge_slave_1: entered allmulticast mode [ 1108.847882][T20668] bridge_slave_1: entered promiscuous mode [ 1108.865071][ T29] kauditd_printk_skb: 516 callbacks suppressed [ 1108.865095][ T29] audit: type=1800 audit(2000000414.659:2436): pid=20814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file1" dev="sda1" ino=1960 res=0 errno=0 [ 1109.000427][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1109.159444][T20820] No such timeout policy "syz0" [ 1109.364780][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1109.501762][T20668] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1109.538298][T20668] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1109.744072][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1109.796160][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1109.826967][T12024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1109.853141][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1110.027623][T20668] team0: Port device team_slave_0 added [ 1110.060312][T20668] team0: Port device team_slave_1 added [ 1110.063465][T20818] loop5: detected capacity change from 0 to 40427 [ 1110.089531][T20818] F2FS-fs (loop5): Fix alignment : internally, start(4096) end(16896) block(12288) [ 1110.125903][T20818] F2FS-fs (loop5): invalid crc value [ 1110.133836][T20525] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1110.143465][T20818] F2FS-fs (loop5): invalid crc value [ 1110.149199][T20818] F2FS-fs (loop5): Failed to get valid F2FS checkpoint [ 1110.307966][T20668] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1110.314988][T20668] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1110.372566][T20668] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1110.410807][T20668] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1110.439229][T20668] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1110.505696][T20668] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1110.780449][T20525] 8021q: adding VLAN 0 to HW filter on device team0 [ 1110.836878][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1110.878081][T20840] loop4: detected capacity change from 0 to 32768 [ 1110.918464][T20668] hsr_slave_0: entered promiscuous mode [ 1110.952781][T20668] hsr_slave_1: entered promiscuous mode [ 1110.973059][T20668] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1111.001326][T20668] Cannot create hsr debugfs directory [ 1111.075184][T20605] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1111.156834][T20605] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1111.178514][T20605] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1111.199111][ T12] bridge_slave_1: left allmulticast mode [ 1111.204908][ T12] bridge_slave_1: left promiscuous mode [ 1111.220927][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 1111.236486][ T12] bridge_slave_0: left allmulticast mode [ 1111.243125][ T12] bridge_slave_0: left promiscuous mode [ 1111.258368][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 1111.632749][T20849] loop5: detected capacity change from 0 to 32768 [ 1111.888144][T18820] net_ratelimit: 1 callbacks suppressed [ 1111.888173][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1112.203526][T20879] input: syz0 as /devices/virtual/input/input31 [ 1112.666416][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1112.684736][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1112.709110][ T12] bond0 (unregistering): Released all slaves [ 1112.735020][T12028] bridge0: port 1(bridge_slave_0) entered blocking state [ 1112.742267][T12028] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1112.771250][T20605] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1112.926630][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1112.950054][T12028] bridge0: port 2(bridge_slave_1) entered blocking state [ 1112.957345][T12028] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1113.182207][T20885] loop0: detected capacity change from 0 to 512 [ 1113.276128][T20885] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz-executor.0: Parent and EA inode have the same ino 15 [ 1113.294628][T20885] EXT4-fs (loop0): 1 orphan inode deleted [ 1113.303575][T20885] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1113.386884][T20138] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1113.603818][T20893] No such timeout policy "syz0" [ 1113.626007][ T12] hsr_slave_0: left promiscuous mode [ 1113.633757][ T12] hsr_slave_1: left promiscuous mode [ 1113.657954][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1113.667556][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1113.677095][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1113.684642][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1113.752986][ T12] veth1_macvtap: left promiscuous mode [ 1113.765679][ T12] veth0_macvtap: left promiscuous mode [ 1113.771770][ T12] veth1_vlan: left promiscuous mode [ 1113.782796][ T12] veth0_vlan: left promiscuous mode [ 1113.956991][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1113.998782][T20889] loop4: detected capacity change from 0 to 32768 [ 1114.043465][T20899] loop0: detected capacity change from 0 to 2048 [ 1114.095730][T20905] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1114.220650][T20889] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,noshard_inode_numbers,noinodes_use_key_cache,gc_reserve_bytes=512 GiB,nojournal_transaction_names [ 1114.254552][ T29] audit: type=1800 audit(2000000420.019:2437): pid=20899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=2097152 res=0 errno=0 [ 1114.292651][T20889] bcachefs (loop4): recovering from clean shutdown, journal seq 8 [ 1114.490671][T20889] bcachefs (loop4): alloc_read... done [ 1114.496704][T20889] bcachefs (loop4): stripes_read... done [ 1114.502615][T20889] bcachefs (loop4): snapshots_read... done [ 1114.540835][T20889] bcachefs (loop4): journal_replay... done [ 1114.550585][T20889] bcachefs (loop4): resume_logged_ops... done [ 1114.564619][T20889] bcachefs (loop4): going read-write [ 1114.596217][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1114.613699][T20889] bcachefs (loop4): done starting filesystem [ 1114.762721][T20897] loop5: detected capacity change from 0 to 32768 [ 1114.804524][T20914] netlink: 232 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1114.841084][T20914] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1114.996200][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1115.560914][ T1235] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.033179][T20922] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 1116.041519][T20922] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 1116.068386][T20076] bcachefs (loop4): shutting down [ 1116.073503][T20076] bcachefs (loop4): going read-only [ 1116.104842][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1116.105829][T20076] bcachefs (loop4): finished waiting for writes to stop [ 1116.166225][T20076] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10 [ 1116.268119][T20076] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 12 [ 1116.284871][T20926] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 1116.313278][T20920] loop0: detected capacity change from 0 to 32768 [ 1116.325052][ T12] team0 (unregistering): Port device team_slave_1 removed [ 1116.334141][T20076] bcachefs (loop4): shutdown complete, journal seq 13 [ 1116.361773][T20076] bcachefs (loop4): marking filesystem clean [ 1116.422607][T20920] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1116.493175][T20076] bcachefs (loop4): shutdown complete [ 1116.549882][ T12] team0 (unregistering): Port device team_slave_0 removed [ 1116.589612][T20920] XFS (loop0): Ending clean mount [ 1116.829944][T20138] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1117.155997][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1117.527751][T20940] loop5: detected capacity change from 0 to 2048 [ 1117.555379][T20942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1117.580227][T20942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1117.596779][T20943] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1117.636117][T18763] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1117.644802][T20942] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1117.711280][ T29] audit: type=1800 audit(2000000423.509:2438): pid=20945 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=2097152 res=0 errno=0 [ 1118.109025][T20952] loop4: detected capacity change from 0 to 128 [ 1118.204449][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1118.218906][T20954] ALSA: seq fatal error: cannot create timer (-22) [ 1118.233842][T20954] ALSA: seq fatal error: cannot create timer (-22) [ 1118.682748][T20966] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 1118.770239][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1119.248527][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1119.279297][T20985] loop5: detected capacity change from 0 to 128 [ 1119.291959][T20970] tun0: tun_chr_ioctl cmd 1074030123 [ 1119.318889][T20987] input: syz1 as /devices/virtual/input/input32 [ 1119.413798][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1119.768636][T20605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1119.885349][T20995] loop5: detected capacity change from 0 to 512 [ 1119.923759][T20995] EXT4-fs: old and new quota format mixing [ 1119.928145][T20605] 8021q: adding VLAN 0 to HW filter on device team0 [ 1120.000203][T16367] bridge0: port 1(bridge_slave_0) entered blocking state [ 1120.007460][T16367] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1120.091679][T16367] bridge0: port 2(bridge_slave_1) entered blocking state [ 1120.098973][T16367] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1120.345413][T20525] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1120.383297][T21006] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1120.471529][T21010] loop5: detected capacity change from 0 to 512 [ 1120.520688][T21010] EXT4-fs (loop5): bad s_min_extra_isize: 65535 [ 1120.548849][T20668] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1120.574063][T20668] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1120.646854][T20668] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1120.674068][T21016] loop4: detected capacity change from 0 to 128 [ 1120.684236][T20668] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1120.924876][T20525] veth0_vlan: entered promiscuous mode [ 1120.930829][T21020] loop5: detected capacity change from 0 to 4096 [ 1120.978511][T21020] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1120.990302][T20525] veth1_vlan: entered promiscuous mode [ 1121.040929][T21027] loop4: detected capacity change from 0 to 16 [ 1121.079592][T21027] erofs: (device loop4): mounted with root inode @ nid 36. [ 1121.227806][T20525] veth0_macvtap: entered promiscuous mode [ 1121.273622][T21020] ntfs3: loop5: mft corrupted [ 1121.327425][T21020] ntfs3: loop5: Failed to load $Extend (-22). [ 1121.373861][T21020] ntfs3: loop5: Failed to initialize $Extend. [ 1121.386190][T20668] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1121.414349][T20525] veth1_macvtap: entered promiscuous mode [ 1122.174565][T21020] ntfs3: loop5: ino=1e, "file1" failed to parse mft record [ 1122.216544][T18767] net_ratelimit: 3 callbacks suppressed [ 1122.216570][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1122.237405][T21020] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 1122.300576][T21020] ntfs3: loop5: ino=1e, "file1" attr_set_size [ 1122.332597][T20605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1122.355202][T20668] 8021q: adding VLAN 0 to HW filter on device team0 [ 1122.393216][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.412903][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.440320][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.451538][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.461771][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1122.472551][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.482841][T12024] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1122.513701][T20525] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1122.553000][T12024] bridge0: port 1(bridge_slave_0) entered blocking state [ 1122.560292][T12024] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1122.608168][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.632469][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.662724][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.689557][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.704167][T20525] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1122.720644][T20525] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1122.763992][T20525] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1122.822927][T20525] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.852723][T20525] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.865591][T20525] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.874474][T20525] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1122.923750][T12024] bridge0: port 2(bridge_slave_1) entered blocking state [ 1122.931057][T12024] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1123.243674][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1123.950051][T21055] loop4: detected capacity change from 0 to 128 [ 1123.985986][ T2426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1124.013748][ T2426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1124.041332][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1124.077935][T21055] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1124.103477][T20605] veth0_vlan: entered promiscuous mode [ 1124.139671][T21055] ext4 filesystem being mounted at /root/syzkaller-testdir1191009606/syzkaller.6jb01U/49/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1124.160628][T20668] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1124.241210][T20668] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1124.344503][T21063] ALSA: seq fatal error: cannot create timer (-22) [ 1124.366438][T18761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1124.392055][T21063] ALSA: seq fatal error: cannot create timer (-22) [ 1124.399983][T18761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1124.424015][T20605] veth1_vlan: entered promiscuous mode [ 1124.526785][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1124.619673][T20605] veth0_macvtap: entered promiscuous mode [ 1124.628662][T20076] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1124.689356][T20605] veth1_macvtap: entered promiscuous mode [ 1124.820907][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1124.861985][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1124.879554][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1124.894724][T21077] loop5: detected capacity change from 0 to 64 [ 1124.943173][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1124.967514][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1125.006217][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.035797][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1125.065696][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.077064][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1125.108561][T20605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1125.156642][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1125.196131][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.222021][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1125.247423][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.261441][T21089] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 1125.272407][T21089] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1125.275654][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1125.282827][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1125.319776][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.350981][T20605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1125.378789][T20605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1125.406834][T20605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1125.443600][T20605] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.470955][T20605] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.490790][T20605] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.519059][T20605] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1125.714073][T20668] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1125.798276][T21101] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1125.866713][T21072] loop2: detected capacity change from 0 to 32768 [ 1126.122805][T20668] veth0_vlan: entered promiscuous mode [ 1126.130426][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1126.186276][ T2401] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1126.194147][ T2401] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1126.249546][T20668] veth1_vlan: entered promiscuous mode [ 1126.312887][T21111] loop5: detected capacity change from 0 to 256 [ 1126.380431][T18762] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1126.425703][T18762] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1126.486783][T20668] veth0_macvtap: entered promiscuous mode [ 1126.555805][T20668] veth1_macvtap: entered promiscuous mode [ 1126.587826][T11994] kernel write not supported for file 21112/task/21113/clear_refs (pid: 11994 comm: kworker/0:8) [ 1126.699475][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1126.765618][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1126.767974][T21117] loop2: detected capacity change from 0 to 64 [ 1126.775474][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1126.775500][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1126.802882][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1126.884618][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1126.912946][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1126.928487][T21122] loop4: detected capacity change from 0 to 164 [ 1126.959426][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1126.989906][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 1127.027863][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1127.091619][T20668] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1127.186247][T21132] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 1127.197364][T21129] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1127.212390][T21121] loop5: detected capacity change from 0 to 8192 [ 1127.222731][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1127.308153][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1127.332815][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1127.365775][T21138] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1127.389832][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1127.436526][ T29] audit: type=1800 audit(2000000433.239:2439): pid=21121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 1127.459340][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1127.495640][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1127.556789][T18762] net_ratelimit: 3 callbacks suppressed [ 1127.556818][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1127.622661][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1127.816209][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.127991][T20668] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 1128.245001][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1128.520553][T20668] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 1128.580912][T20668] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1128.669662][T20668] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1128.738054][T20668] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1128.813160][T20668] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1128.846844][T20668] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1128.919141][ T29] audit: type=1804 audit(2000000434.719:2440): pid=21154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2563350447/syzkaller.A1jBVc/74/bus" dev="sda1" ino=1958 res=1 errno=0 [ 1128.944316][ C1] vkms_vblank_simulate: vblank timer overrun [ 1129.081808][ T29] audit: type=1804 audit(2000000434.719:2441): pid=21154 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir2563350447/syzkaller.A1jBVc/74/bus" dev="sda1" ino=1958 res=1 errno=0 [ 1129.316898][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1129.320481][T21163] netlink: 'syz-executor.5': attribute type 11 has an invalid length. [ 1129.463740][ T2426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1129.496038][ T2426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1129.727735][ T29] audit: type=1804 audit(2000000435.529:2442): pid=21176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2411397227/syzkaller.innpHC/8/bus" dev="sda1" ino=1965 res=1 errno=0 [ 1129.828452][ T29] audit: type=1804 audit(2000000435.589:2443): pid=21180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2411397227/syzkaller.innpHC/8/bus" dev="sda1" ino=1965 res=1 errno=0 [ 1129.920704][T11994] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1129.951862][T11994] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1130.078406][T21178] loop5: detected capacity change from 0 to 8192 [ 1130.138919][T21186] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1130.234097][ T29] audit: type=1800 audit(2000000436.029:2444): pid=21178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=18 res=0 errno=0 [ 1130.336052][T18762] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 1130.366538][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1130.527038][T18762] usb 1-1: Using ep0 maxpacket: 32 [ 1130.554036][T18762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1130.599718][T18762] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1130.633895][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1130.659426][T18762] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00 [ 1130.678700][T18762] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1130.711692][T18762] usb 1-1: config 0 descriptor?? [ 1131.025085][T21169] loop1: detected capacity change from 0 to 40427 [ 1131.102692][T21169] F2FS-fs (loop1): Found nat_bits in checkpoint [ 1131.144308][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.171956][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.183267][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.202350][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.235903][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.243204][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.275755][T18762] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0 [ 1131.309811][T18762] koneplus 0003:1E7D:2D51.0017: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.0-1/input0 [ 1131.333559][T21169] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 1131.355325][T18762] usb 1-1: USB disconnect, device number 20 [ 1131.396893][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1131.442770][T21188] loop3: detected capacity change from 0 to 32768 [ 1131.458375][T20605] syz-executor.1: attempt to access beyond end of device [ 1131.458375][T20605] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1131.482356][T21188] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (21188) [ 1131.497210][T20605] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 1131.518222][T21188] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1131.538049][T21188] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 1131.560266][T21188] BTRFS info (device loop3): using free-space-tree [ 1131.931236][T20668] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1132.443699][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1132.679372][T21250] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 1132.809926][T21253] netlink: 'syz-executor.4': attribute type 11 has an invalid length. [ 1133.479225][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1133.628404][T21237] loop5: detected capacity change from 0 to 32768 [ 1133.636384][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1133.701852][T21237] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1134.144264][T21237] XFS (loop5): Ending clean mount [ 1134.190097][T21237] XFS (loop5): Quotacheck needed: Please wait. [ 1134.439628][T21247] loop2: detected capacity change from 0 to 40427 [ 1134.440521][T21237] XFS (loop5): Quotacheck: Done. [ 1134.488921][T21247] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1134.516448][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1134.644224][T19907] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1134.775111][T21247] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1134.788237][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1134.940978][T20525] syz-executor.2: attempt to access beyond end of device [ 1134.940978][T20525] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1135.011033][T21259] loop3: detected capacity change from 0 to 40427 [ 1135.012607][T20525] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1135.088643][T21259] F2FS-fs (loop3): invalid crc value [ 1135.165483][T21259] F2FS-fs (loop3): Found nat_bits in checkpoint [ 1135.258524][T21290] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 1135.372802][T21264] loop4: detected capacity change from 0 to 32768 [ 1135.450537][T21264] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (21264) [ 1135.467082][T21259] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 1135.480906][T21264] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1135.549435][T21264] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 1135.559120][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1135.616533][T21264] BTRFS info (device loop4): using free-space-tree [ 1135.664559][T21259] syz-executor.3: attempt to access beyond end of device [ 1135.664559][T21259] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1135.728911][T21303] syz-executor.3: attempt to access beyond end of device [ 1135.728911][T21303] loop3: rw=524288, sector=45072, nr_sectors = 24 limit=40427 [ 1135.780509][T21259] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 1135.818201][T21303] syz-executor.3: attempt to access beyond end of device [ 1135.818201][T21303] loop3: rw=0, sector=45072, nr_sectors = 8 limit=40427 [ 1135.861949][ T29] audit: type=1800 audit(2000000441.659:2445): pid=21303 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="/" dev="loop3" ino=8 res=0 errno=0 [ 1135.961505][T21323] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 1136.237702][T20076] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 1136.500534][T21332] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1136.596465][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1136.681774][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1137.141009][T21340] loop4: detected capacity change from 0 to 256 [ 1137.211353][T21340] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 1137.446770][T21313] loop1: detected capacity change from 0 to 32768 [ 1137.484858][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1137.925558][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1138.262844][T21313] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1138.490630][T21356] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1138.500827][T21356] unsupported nlmsg_type 40 [ 1138.645083][T21313] XFS (loop1): Ending clean mount [ 1138.750170][T21313] XFS (loop1): Quotacheck needed: Please wait. [ 1139.609202][T21313] XFS (loop1): Quotacheck: Done. [ 1139.739261][T20605] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 1139.754080][T12028] net_ratelimit: 1 callbacks suppressed [ 1139.754097][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1140.249346][T21376] loop3: detected capacity change from 0 to 2048 [ 1140.321216][T21376] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1140.769716][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1140.974940][T21389] loop1: detected capacity change from 0 to 512 [ 1140.983319][T21389] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 1140.997404][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1141.002697][T21389] EXT4-fs (loop1): orphan cleanup on readonly fs [ 1141.003077][T21389] EXT4-fs error (device loop1): __ext4_iget:4906: inode #15: block 1627517706: comm syz-executor.1: invalid block [ 1141.003688][T21389] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 1141.005387][T21389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1141.118968][T20605] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1141.391018][T21397] ntfs3: nbd1: try to read out of volume at offset 0x0 [ 1141.795497][T21373] loop5: detected capacity change from 0 to 40427 [ 1141.797172][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1141.900469][T21373] F2FS-fs (loop5): invalid crc value [ 1141.916324][T21373] F2FS-fs (loop5): Found nat_bits in checkpoint [ 1142.008258][T21407] mmap: syz-executor.1 (21407) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 1142.252697][T21373] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 1142.572857][T21390] loop3: detected capacity change from 0 to 32768 [ 1142.591375][T19907] syz-executor.5: attempt to access beyond end of device [ 1142.591375][T19907] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1142.705769][T19907] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 1142.820347][T21390] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 1142.860391][T21390] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 1142.883717][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1142.923824][T21390] bcachefs (loop3): alloc_read... done [ 1142.938812][T21390] bcachefs (loop3): stripes_read... done [ 1142.952888][T21390] bcachefs (loop3): snapshots_read... done [ 1142.979886][T21390] bcachefs (loop3): journal_replay... done [ 1142.996090][T21390] bcachefs (loop3): resume_logged_ops... done [ 1143.029669][T21390] bcachefs (loop3): going read-write [ 1143.039882][T21390] bcachefs (loop3): done starting filesystem [ 1143.935879][T20668] bcachefs (loop3): shutting down [ 1143.980226][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1143.980331][T20668] bcachefs (loop3): going read-only [ 1144.039582][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1144.052738][T20668] bcachefs (loop3): finished waiting for writes to stop [ 1144.430068][T20668] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [ 1144.724912][T20668] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 1144.796929][T20668] bcachefs (loop3): shutdown complete, journal seq 13 [ 1144.804710][T20668] bcachefs (loop3): marking filesystem clean [ 1145.009747][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1145.066028][T20668] bcachefs (loop3): shutdown complete [ 1145.193267][T21457] loop1: detected capacity change from 0 to 128 [ 1145.195946][T21453] loop4: detected capacity change from 0 to 512 [ 1145.258955][T21453] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 1145.340716][T21453] EXT4-fs (loop4): orphan cleanup on readonly fs [ 1145.429332][T21453] EXT4-fs error (device loop4): __ext4_iget:4906: inode #15: block 1627517706: comm syz-executor.4: invalid block [ 1145.498664][T21453] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 15 (err -117) [ 1145.509818][T21458] loop5: detected capacity change from 0 to 4096 [ 1145.538598][T21458] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 1145.552035][T21453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 1145.642389][T21458] ntfs3: loop5: Failed to initialize $Extend/$Reparse. [ 1145.707843][T20076] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1145.886072][T19907] ntfs3: loop5: ino=1a, ntfs_sync_fs failed, -22. [ 1146.087227][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1146.387436][T21459] loop2: detected capacity change from 0 to 40427 [ 1146.476195][T21459] F2FS-fs (loop2): invalid crc value [ 1146.517392][T21459] F2FS-fs (loop2): Found nat_bits in checkpoint [ 1146.751939][T21481] Bluetooth: MGMT ver 1.22 [ 1146.776553][T21459] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 1146.915384][T20525] syz-executor.2: attempt to access beyond end of device [ 1146.915384][T20525] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1146.919994][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1146.978489][T20525] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 1147.136713][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1147.184285][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1147.315130][T21468] loop1: detected capacity change from 0 to 32768 [ 1148.385231][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1148.400771][T21468] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 1148.520275][T21468] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 1148.591003][T21521] loop5: detected capacity change from 0 to 2048 [ 1148.674383][T21521] EXT4-fs: Ignoring removed bh option [ 1148.686594][T21521] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1148.696799][T21521] EXT4-fs: Ignoring removed nobh option [ 1148.720508][T21468] bcachefs (loop1): alloc_read... done [ 1148.726904][T21468] bcachefs (loop1): stripes_read... done [ 1148.757890][T21521] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1148.788169][T21468] bcachefs (loop1): snapshots_read... done [ 1148.825324][T21468] bcachefs (loop1): journal_replay... done [ 1148.895679][T21468] bcachefs (loop1): resume_logged_ops... done [ 1148.927553][T21468] bcachefs (loop1): going read-write [ 1148.968190][T21468] bcachefs (loop1): done starting filesystem [ 1149.099517][T20605] bcachefs (loop1): shutting down [ 1149.125022][T20605] bcachefs (loop1): going read-only [ 1149.147969][T20605] bcachefs (loop1): finished waiting for writes to stop [ 1149.178325][T19907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1149.206896][T20605] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 1149.239127][T20605] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 1149.261967][T21542] tipc: Enabling of bearer rejected, failed to enable media [ 1149.305683][T20605] bcachefs (loop1): shutdown complete, journal seq 11 [ 1149.313435][T20605] bcachefs (loop1): marking filesystem clean [ 1149.396520][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1149.486899][T20605] bcachefs (loop1): shutdown complete [ 1149.573184][T21553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1149.605799][T21553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1149.629400][T21554] vivid-004: ================= START STATUS ================= [ 1149.640950][T21552] loop5: detected capacity change from 0 to 2048 [ 1149.655888][T21553] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1149.681359][T21554] vivid-004: FM Deviation: 75000 [ 1149.685004][T21552] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024) [ 1149.700030][T21554] vivid-004: ================== END STATUS ================== [ 1149.736307][T21526] loop4: detected capacity change from 0 to 40427 [ 1149.775205][T21560] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 1149.879635][T21526] F2FS-fs (loop4): invalid crc value [ 1149.957198][T21526] F2FS-fs (loop4): Found nat_bits in checkpoint [ 1150.043531][T21569] xt_CT: You must specify a L4 protocol and not use inversions on it [ 1150.176482][T21526] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 1150.206334][T18761] net_ratelimit: 36 callbacks suppressed [ 1150.206362][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1150.245656][ C1] vkms_vblank_simulate: vblank timer overrun [ 1150.449493][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1150.490958][T20076] syz-executor.4: attempt to access beyond end of device [ 1150.490958][T20076] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 1150.541232][T20076] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 1150.795264][T21585] fscrypt (sda1, inode 1957): Mutually exclusive encryption flags (0x0c) [ 1151.412975][T21604] TCP: TCP_TX_DELAY enabled [ 1151.477305][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1151.581892][T21612] loop1: detected capacity change from 0 to 128 [ 1151.662904][T21615] loop5: detected capacity change from 0 to 256 [ 1151.690399][T21612] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1151.739788][T21612] ext4 filesystem being mounted at /root/syzkaller-testdir1115209695/syzkaller.upCM48/26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 1151.775963][ C1] vkms_vblank_simulate: vblank timer overrun [ 1151.912727][T21615] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb75ad3fb, utbl_chksum : 0xe619d30d) [ 1152.165805][T20605] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1152.175078][T21626] fscrypt (sda1, inode 1963): Mutually exclusive encryption flags (0x0c) [ 1152.262043][ C1] vkms_vblank_simulate: vblank timer overrun [ 1152.528242][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.042218][T21659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.064785][T21659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.096137][T21659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.176843][T21659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.211720][T21659] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.240775][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1153.489680][T21685] loop4: detected capacity change from 0 to 256 [ 1153.561849][T21685] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1153.601061][T21691] loop3: detected capacity change from 0 to 256 [ 1153.680229][T21691] exfat: Deprecated parameter 'utf8' [ 1153.730736][T21691] exfat: Deprecated parameter 'utf8' [ 1153.812997][T21691] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfa3b3837, utbl_chksum : 0xe619d30d) [ 1154.615216][T21696] loop2: detected capacity change from 0 to 4096 [ 1154.705918][ T29] audit: type=1800 audit(2000000460.429:2446): pid=21702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 1154.741153][ T29] audit: type=1800 audit(2000000460.439:2447): pid=21702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1969 res=0 errno=0 [ 1155.011145][T21710] fscrypt (sda1, inode 1952): Mutually exclusive encryption flags (0x0c) [ 1155.347923][T21714] loop4: detected capacity change from 0 to 4096 [ 1155.391371][T21714] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 1155.496978][T21729] loop2: detected capacity change from 0 to 256 [ 1155.550180][T21729] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1155.885768][ T8] net_ratelimit: 38 callbacks suppressed [ 1155.885796][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1155.989124][ T8] IPVS: starting estimator thread 0... [ 1156.006466][T21746] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1156.075789][T21749] IPVS: using max 17 ests per chain, 40800 per kthread [ 1156.277511][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1156.277940][T21756] loop3: detected capacity change from 0 to 512 [ 1156.318560][T21756] EXT4-fs: Ignoring removed nobh option [ 1156.348662][T21756] EXT4-fs (loop3): Test dummy encryption mode enabled [ 1156.375897][T21756] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent [ 1156.663508][T21772] loop2: detected capacity change from 0 to 256 [ 1156.706281][T21772] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 1156.916801][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1157.168774][T18761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1157.355210][T21790] loop1: detected capacity change from 0 to 512 [ 1157.387231][T21790] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 1157.476179][T21790] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: iget: bad i_size value: -67835469387268086 [ 1157.578256][T18761] IPVS: starting estimator thread 0... [ 1157.588596][T21790] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117) [ 1157.644923][T21790] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1157.676093][T21804] IPVS: using max 16 ests per chain, 38400 per kthread [ 1157.695705][T21790] ext2 filesystem being mounted at /root/syzkaller-testdir1115209695/syzkaller.upCM48/37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1157.956796][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1158.213853][T21828] loop5: detected capacity change from 0 to 512 [ 1158.285423][T21828] EXT4-fs error (device loop5): ext4_orphan_get:1394: inode #15: comm syz-executor.5: casefold flag without casefold feature [ 1158.290831][T20605] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000. [ 1158.308659][T21828] EXT4-fs error (device loop5): ext4_orphan_get:1399: comm syz-executor.5: couldn't read orphan inode 15 (err -117) [ 1158.373131][T21828] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1158.599875][ T5125] Bluetooth: hci2: command 0x0406 tx timeout [ 1158.996144][T19907] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1158.996850][T12028] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1159.099087][ C0] vkms_vblank_simulate: vblank timer overrun [ 1159.275336][T21820] loop2: detected capacity change from 0 to 32768 [ 1159.315779][T18820] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 1159.339392][T21820] ERROR: (device loop2): dbAllocNext: Corrupt dmap page [ 1159.339392][T21820] [ 1159.403703][T18767] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 1159.473910][T21855] loop5: detected capacity change from 0 to 256 [ 1159.542685][T18820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1159.554138][ T29] audit: type=1800 audit(2000000465.339:2448): pid=21855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="loop5" ino=1049050 res=0 errno=0 [ 1159.595160][T18820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1159.610865][T18820] usb 5-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 1159.615953][T18767] usb 4-1: Using ep0 maxpacket: 8 [ 1159.628345][T18820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1159.632464][T18767] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 1159.657096][T18820] usb 5-1: config 0 descriptor?? [ 1159.691708][T18767] usb 4-1: New USB device found, idVendor=05ac, idProduct=024e, bcdDevice= 0.40 [ 1159.735312][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1159.754766][T18767] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1159.775365][T18767] usb 4-1: Product: syz [ 1159.782058][T18767] usb 4-1: Manufacturer: syz [ 1159.787072][T18767] usb 4-1: SerialNumber: syz [ 1159.832075][T18767] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input33 [ 1160.020116][ T4529] bcm5974 4-1:1.0: could not read from device [ 1160.045861][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1160.064979][T18767] usb 4-1: USB disconnect, device number 16 [ 1160.072737][ T4529] bcm5974 4-1:1.0: could not read from device [ 1160.104074][ T4529] bcm5974 4-1:1.0: could not read from device [ 1160.166717][T18820] logitech-hidpp-device 0003:046D:C086.0018: unknown main item tag 0x0 [ 1160.208313][T18820] logitech-hidpp-device 0003:046D:C086.0018: unknown main item tag 0x0 [ 1160.208894][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1160.265786][T18820] logitech-hidpp-device 0003:046D:C086.0018: unknown main item tag 0x0 [ 1160.282892][ T29] audit: type=1804 audit(2000000466.079:2449): pid=21871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2411397227/syzkaller.innpHC/60/bus" dev="sda1" ino=1957 res=1 errno=0 [ 1160.307538][ C0] vkms_vblank_simulate: vblank timer overrun [ 1160.326606][T18820] logitech-hidpp-device 0003:046D:C086.0018: hidraw0: USB HID v0.00 Device [HID 046d:c086] on usb-dummy_hcd.4-1/input0 [ 1160.349688][ T29] audit: type=1804 audit(2000000466.079:2450): pid=21871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2411397227/syzkaller.innpHC/60/bus" dev="sda1" ino=1957 res=1 errno=0 [ 1160.352990][T21874] loop5: detected capacity change from 0 to 256 [ 1160.398772][T18820] usb 5-1: USB disconnect, device number 15 [ 1160.473275][T21874] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 1161.096018][ T8] net_ratelimit: 1 callbacks suppressed [ 1161.096043][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1161.277707][T21890] loop4: detected capacity change from 0 to 64 [ 1161.356668][T21894] loop2: detected capacity change from 0 to 256 [ 1161.434255][ C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies. [ 1161.612117][T21894] syz-executor.2: attempt to access beyond end of device [ 1161.612117][T21894] loop2: rw=2049, sector=256, nr_sectors = 4 limit=256 [ 1161.657194][T21905] netlink: 'syz-executor.3': attribute type 5 has an invalid length. [ 1161.703266][T21905] netlink: 105120 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1162.116257][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1162.206913][T21928] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 1162.375060][T21928] netlink: 'syz-executor.1': attribute type 4 has an invalid length. [ 1162.480229][T21942] loop2: detected capacity change from 0 to 64 [ 1162.848592][T21947] loop1: detected capacity change from 0 to 164 [ 1163.044764][T21947] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 1163.177366][T11994] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1163.236255][T18767] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1163.550089][T21966] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1163.605748][T21966] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 1163.671657][T21939] loop5: detected capacity change from 0 to 512 [ 1163.816850][T21939] EXT4-fs (loop5): bad s_min_extra_isize: 65528 [ 1163.826594][T21975] loop2: detected capacity change from 0 to 2048 [ 1163.901718][T21975] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 1163.941586][T21939] ecryptfs_parse_options: eCryptfs: unrecognized option [l] [ 1163.972059][T21939] ecryptfs_parse_options: eCryptfs: unrecognized option [io%bfq.io_serviced_recuÔèrsiÆ‹¡}͸ʼ(©zmÔbE1ôƬÐqd1 ˜K/dev/nullb0] [ 1164.011996][T21939] ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 1164.053973][T21975] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 1164.083456][T21939] Error parsing options; rc = [-22] [ 1164.155055][T21988] xt_bpf: check failed: parse error [ 1164.207606][T18820] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1164.211670][T21986] loop4: detected capacity change from 0 to 2048 [ 1164.276866][T21986] Dev loop4: RDB in block 1 has bad checksum [ 1164.550314][ T29] audit: type=1804 audit(2000000470.319:2451): pid=21994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2805781627/syzkaller.qOP5Ds/49/bus" dev="sda1" ino=1960 res=1 errno=0 [ 1164.657974][ T29] audit: type=1804 audit(2000000470.349:2452): pid=21994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2805781627/syzkaller.qOP5Ds/49/bus" dev="sda1" ino=1960 res=1 errno=0 [ 1228.196892][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1269.755470][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 1269.762490][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P21937/1:b..l [ 1269.771835][ C0] rcu: (detected by 0, t=10503 jiffies, g=159937, q=1123 ncpus=2) [ 1269.779865][ C0] task:syz-executor.5 state:R running task stack:23136 pid:21937 tgid:21936 ppid:19907 flags:0x00004006 [ 1269.794714][ C0] Call Trace: [ 1269.798044][ C0] [ 1269.801123][ C0] __schedule+0x17e8/0x4a20 [ 1269.805694][ C0] ? __pfx___schedule+0x10/0x10 [ 1269.810588][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1269.816625][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1269.822670][ C0] ? preempt_schedule_irq+0xf0/0x1c0 [ 1269.828013][ C0] preempt_schedule_irq+0xfb/0x1c0 [ 1269.833515][ C0] ? __pfx_preempt_schedule_irq+0x10/0x10 [ 1269.839295][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1269.845108][ C0] irqentry_exit+0x5e/0x90 [ 1269.849570][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1269.855677][ C0] RIP: 0010:lock_acquire+0xe5/0x550 [ 1269.860917][ C0] Code: 48 89 d8 48 c1 e8 06 48 8d 3c c5 68 47 ad 8f be 08 00 00 00 e8 9c 83 89 00 48 0f a3 1d 0c e2 3a 0e 73 16 e8 3d f1 09 00 84 c0 <75> 0d 80 3d 8d 52 25 0e 00 0f 84 f9 02 00 00 48 c7 c0 ac 79 ad 8f [ 1269.880615][ C0] RSP: 0018:ffffc9000a1f6dc0 EFLAGS: 00000202 [ 1269.886734][ C0] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff81726554 [ 1269.894755][ C0] RDX: 0000000000000000 RSI: ffffffff8c1ff320 RDI: ffffffff8c1ff2e0 [ 1269.902937][ C0] RBP: ffffc9000a1f6f08 R08: ffffffff8fad476f R09: 1ffffffff1f5a8ed [ 1269.911028][ C0] R10: dffffc0000000000 R11: fffffbfff1f5a8ee R12: 1ffff9200143edc0 [ 1269.919038][ C0] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffc9000a1f7060 [ 1269.927070][ C0] ? lock_acquire+0xd4/0x550 [ 1269.931796][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1269.936953][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1269.942027][ C0] ? __pfx_validate_chain+0x10/0x10 [ 1269.947297][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1269.952984][ C0] ? __pfx_validate_chain+0x10/0x10 [ 1269.958491][ C0] __pte_offset_map+0x9e/0x380 [ 1269.963298][ C0] ? __pte_offset_map+0x82/0x380 [ 1269.968264][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1269.973960][ C0] ? __pfx___pte_offset_map+0x10/0x10 [ 1269.979404][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1269.985218][ C0] __pte_offset_map_lock+0xc7/0x300 [ 1269.990470][ C0] ? handle_pte_fault+0x34b/0x7130 [ 1269.995655][ C0] ? __pfx_lock_release+0x10/0x10 [ 1270.000898][ C0] ? __pfx___pte_offset_map_lock+0x10/0x10 [ 1270.006923][ C0] ? __lock_acquire+0x1346/0x1fd0 [ 1270.011991][ C0] handle_pte_fault+0x265a/0x7130 [ 1270.017103][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.022870][ C0] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 1270.028641][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1270.033704][ C0] ? __pfx_handle_pte_fault+0x10/0x10 [ 1270.039557][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.045241][ C0] ? do_raw_spin_lock+0x14f/0x370 [ 1270.050415][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.056206][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.062329][ C0] ? follow_page_pte+0x292/0x1d90 [ 1270.067417][ C0] ? follow_page_pte+0x859/0x1d90 [ 1270.072564][ C0] ? __pfx_lock_release+0x10/0x10 [ 1270.077627][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.083508][ C0] ? do_raw_spin_unlock+0x13c/0x8b0 [ 1270.088784][ C0] handle_mm_fault+0x10df/0x1ba0 [ 1270.093817][ C0] ? __pfx_handle_mm_fault+0x10/0x10 [ 1270.099188][ C0] ? __get_user_pages+0x5c6/0x1590 [ 1270.104610][ C0] __get_user_pages+0x6ef/0x1590 [ 1270.109702][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.115385][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 1270.120810][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.126498][ C0] __gup_longterm_locked+0x1ff6/0x2a80 [ 1270.131989][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 1270.137038][ C0] ? __pfx___might_resched+0x10/0x10 [ 1270.142380][ C0] ? __pfx___gup_longterm_locked+0x10/0x10 [ 1270.148230][ C0] ? _copy_to_iter+0x4bb/0x1960 [ 1270.153204][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.158882][ C0] ? _copy_to_iter+0x557/0x1960 [ 1270.163858][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.169540][ C0] ? down_read+0x82b/0xa40 [ 1270.174164][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.179829][ C0] ? is_valid_gup_args+0x124/0x200 [ 1270.185153][ C0] pin_user_pages_remote+0x132/0x1f0 [ 1270.190486][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.196181][ C0] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 1270.202019][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.207738][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.213506][ C0] ? unpin_user_pages+0x376/0x3a0 [ 1270.218618][ C0] process_vm_rw+0x716/0xcf0 [ 1270.223259][ C0] ? __pfx_process_vm_rw+0x10/0x10 [ 1270.228441][ C0] ? __pfx___might_resched+0x10/0x10 [ 1270.233822][ C0] ? __might_fault+0xaa/0x120 [ 1270.238559][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 1270.244647][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1270.250993][ C0] __x64_sys_process_vm_readv+0xe0/0x100 [ 1270.256658][ C0] do_syscall_64+0xf3/0x230 [ 1270.261178][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.267082][ C0] RIP: 0033:0x7fe82327cf69 [ 1270.271501][ C0] RSP: 002b:00007fe823f820c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 1270.279966][ C0] RAX: ffffffffffffffda RBX: 00007fe8233b3f80 RCX: 00007fe82327cf69 [ 1270.288040][ C0] RDX: 0000000000000002 RSI: 0000000020008400 RDI: 0000000000000125 [ 1270.296312][ C0] RBP: 00007fe8232da6fe R08: 0000000000000286 R09: 0000000000000000 [ 1270.304298][ C0] R10: 0000000020008640 R11: 0000000000000246 R12: 0000000000000000 [ 1270.312276][ C0] R13: 000000000000000b R14: 00007fe8233b3f80 R15: 00007ffdd3b63638 [ 1270.320269][ C0] [ 1270.323285][ C0] rcu: rcu_preempt kthread starved for 10548 jiffies! g159937 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 [ 1270.334569][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 1270.344972][ C0] rcu: RCU grace-period kthread stack dump: [ 1270.350885][ C0] task:rcu_preempt state:R running task stack:25968 pid:17 tgid:17 ppid:2 flags:0x00004000 [ 1270.362668][ C0] Call Trace: [ 1270.365956][ C0] [ 1270.368893][ C0] __schedule+0x17e8/0x4a20 [ 1270.373441][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.379231][ C0] ? __pfx___schedule+0x10/0x10 [ 1270.384127][ C0] ? __pfx_lock_release+0x10/0x10 [ 1270.389177][ C0] ? __asan_memset+0x23/0x50 [ 1270.393785][ C0] ? __pfx_lockdep_init_map_type+0x10/0x10 [ 1270.399620][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1270.405980][ C0] ? schedule+0x90/0x320 [ 1270.410261][ C0] schedule+0x14b/0x320 [ 1270.414442][ C0] schedule_timeout+0x1be/0x310 [ 1270.419307][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 1270.424695][ C0] ? __pfx_process_timeout+0x10/0x10 [ 1270.429998][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.435651][ C0] ? prepare_to_swait_event+0x32e/0x350 [ 1270.441262][ C0] rcu_gp_fqs_loop+0x2df/0x1330 [ 1270.446139][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 1270.451103][ C0] ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10 [ 1270.457193][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 1270.462484][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1270.468490][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.474135][ C0] ? finish_swait+0xd4/0x1e0 [ 1270.478734][ C0] rcu_gp_kthread+0xa7/0x3b0 [ 1270.483335][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1270.488541][ C0] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 1270.494449][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.500095][ C0] ? __kthread_parkme+0x169/0x1d0 [ 1270.505134][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1270.510342][ C0] kthread+0x2f2/0x390 [ 1270.514432][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 1270.519638][ C0] ? __pfx_kthread+0x10/0x10 [ 1270.524245][ C0] ret_from_fork+0x4d/0x80 [ 1270.528679][ C0] ? __pfx_kthread+0x10/0x10 [ 1270.533284][ C0] ret_from_fork_asm+0x1a/0x30 [ 1270.538194][ C0] [ 1270.541303][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 1270.547702][ C0] Sending NMI from CPU 0 to CPUs 1: [ 1270.552905][ C1] NMI backtrace for cpu 1 [ 1270.552919][ C1] CPU: 1 PID: 22001 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00097-g2df0193e62cf #0 [ 1270.552944][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 1270.552958][ C1] RIP: 0010:smp_call_function_many_cond+0x1865/0x29d0 [ 1270.553004][ C1] Code: 89 e6 83 e6 01 31 ff e8 99 09 0c 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 44 05 0c 00 eb 38 f3 90 42 0f b6 04 23 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 28 05 0c 00 eb e4 44 [ 1270.553024][ C1] RSP: 0018:ffffc9000a3972a0 EFLAGS: 00000246 [ 1270.553046][ C1] RAX: 0000000000000000 RBX: 1ffff11017288c11 RCX: 0000000000040000 [ 1270.553062][ C1] RDX: ffffc90009c91000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1270.553079][ C1] RBP: ffffc9000a397480 R08: ffffffff818a2127 R09: 1ffffffff25f52b6 [ 1270.553096][ C1] R10: dffffc0000000000 R11: fffffbfff25f52b7 R12: dffffc0000000000 [ 1270.553114][ C1] R13: ffff8880b9446088 R14: ffff8880b953f900 R15: 0000000000000000 [ 1270.553134][ C1] FS: 00007f1bc75ff6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 1270.553155][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1270.553171][ C1] CR2: 0000001b2d221000 CR3: 0000000067426000 CR4: 0000000000350ef0 [ 1270.553189][ C1] Call Trace: [ 1270.553200][ C1] [ 1270.553209][ C1] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 1270.553244][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 1270.553274][ C1] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 1270.553305][ C1] ? nmi_handle+0x2a/0x5a0 [ 1270.553359][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 1270.553388][ C1] ? nmi_handle+0x151/0x5a0 [ 1270.553423][ C1] ? nmi_handle+0x2a/0x5a0 [ 1270.553460][ C1] ? smp_call_function_many_cond+0x1865/0x29d0 [ 1270.553494][ C1] ? default_do_nmi+0x63/0x160 [ 1270.553529][ C1] ? exc_nmi+0x123/0x1f0 [ 1270.553561][ C1] ? end_repeat_nmi+0xf/0x53 [ 1270.553597][ C1] ? smp_call_function_many_cond+0x1847/0x29d0 [ 1270.553638][ C1] ? smp_call_function_many_cond+0x1865/0x29d0 [ 1270.553673][ C1] ? smp_call_function_many_cond+0x1865/0x29d0 [ 1270.553708][ C1] ? smp_call_function_many_cond+0x1865/0x29d0 [ 1270.553743][ C1] [ 1270.553751][ C1] [ 1270.553762][ C1] ? lruvec_stat_sub_folio+0x1d2/0x3c0 [ 1270.553794][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.553829][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 1270.553862][ C1] ? __pfx_lruvec_stat_sub_folio+0x10/0x10 [ 1270.553904][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.553934][ C1] ? native_tlb_remove_table+0x3d/0x50 [ 1270.553961][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.553993][ C1] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 1270.554027][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554058][ C1] ? free_pgd_range+0xd57/0xdd0 [ 1270.554088][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554119][ C1] ? rcu_is_watching+0x15/0xb0 [ 1270.554146][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 1270.554182][ C1] on_each_cpu_cond_mask+0x3f/0x80 [ 1270.554217][ C1] flush_tlb_mm_range+0x329/0x5c0 [ 1270.554258][ C1] ? __pfx_flush_tlb_mm_range+0x10/0x10 [ 1270.554296][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554327][ C1] ? unlink_anon_vmas+0x5db/0x5f0 [ 1270.554355][ C1] tlb_flush_mmu+0x1aa/0x680 [ 1270.554386][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554421][ C1] tlb_finish_mmu+0xd4/0x200 [ 1270.554454][ C1] unmap_region+0x2df/0x350 [ 1270.554484][ C1] ? __pfx_unmap_region+0x10/0x10 [ 1270.554519][ C1] ? __pfx_mas_prev_range+0x10/0x10 [ 1270.554544][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554574][ C1] ? __mas_set_range+0x133/0x3c0 [ 1270.554604][ C1] do_vmi_align_munmap+0x1122/0x18c0 [ 1270.554652][ C1] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 1270.554683][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554713][ C1] ? mtree_range_walk+0x6fd/0x8e0 [ 1270.554762][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554792][ C1] ? mas_find+0x8c0/0xbb0 [ 1270.554813][ C1] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 1270.554842][ C1] do_vmi_munmap+0x261/0x2f0 [ 1270.554872][ C1] mmap_region+0x72f/0x2090 [ 1270.554922][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.554953][ C1] ? __lock_acquire+0x1346/0x1fd0 [ 1270.554979][ C1] ? __pfx_mmap_region+0x10/0x10 [ 1270.555012][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555042][ C1] ? mm_get_unmapped_area+0xa5/0xd0 [ 1270.555063][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555096][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555127][ C1] ? cap_mmap_addr+0x163/0x2c0 [ 1270.555158][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555188][ C1] ? __get_unmapped_area+0x2f0/0x360 [ 1270.555229][ C1] do_mmap+0x8ad/0xfa0 [ 1270.555272][ C1] ? __pfx_do_mmap+0x10/0x10 [ 1270.555304][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555336][ C1] ? __pfx_ima_file_mmap+0x10/0x10 [ 1270.555363][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555399][ C1] vm_mmap_pgoff+0x1dd/0x3d0 [ 1270.555430][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1270.555458][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 1270.555485][ C1] ? do_syscall_64+0x100/0x230 [ 1270.555511][ C1] ? ksys_mmap_pgoff+0xdf/0x720 [ 1270.555546][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555576][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 1270.555618][ C1] do_syscall_64+0xf3/0x230 [ 1270.555645][ C1] ? srso_alias_return_thunk+0x5/0xfbef5 [ 1270.555678][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1270.555706][ C1] RIP: 0033:0x7f1bc7a7cf69 [ 1270.555727][ C1] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 1270.555746][ C1] RSP: 002b:00007f1bc75ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1270.555768][ C1] RAX: ffffffffffffffda RBX: 00007f1bc7bb3f80 RCX: 00007f1bc7a7cf69 [ 1270.555807][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 1270.555826][ C1] RBP: 00007f1bc7ada6fe R08: ffffffffffffffff R09: 0000000000000000 [ 1270.555843][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 1270.555857][ C1] R13: 000000000000000b R14: 00007f1bc7bb3f80 R15: 00007ffe3b87a6a8 [ 1270.555887][ C1] [ 1271.236198][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.244774][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.257599][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.268569][ T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.406327][ T1235] ieee802154 phy0 wpan0: encryption failed: -22 [ 1271.427675][ T1235] ieee802154 phy0 wpan0: encryption failed: -22 [ 1271.566420][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.574709][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.584052][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.592364][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.600680][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 1271.609577][T18762] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog Connection to 10.128.1.78 closed by remote host.