last executing test programs: 3.042386962s ago: executing program 4: prctl$PR_SET_SECUREBITS(0x1c, 0x25) setresuid(0xee01, 0xee01, 0x0) setreuid(0x0, 0x0) 2.948873316s ago: executing program 4: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0x42, 0x4, 0x2e0, 0xffffffff, 0x130, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x248, 0x248, 0x248, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @private, 0x0, 0x0, 'dvmrp0\x00', 'bond_slave_1\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x122}}, @REJECT={0x28}}, {{@ip={@broadcast, @loopback, 0x0, 0x0, 'ip6gre0\x00', 'bridge0\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}, @common=@addrtype={{0x30}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340) pipe(&(0x7f0000000040)) 2.785472121s ago: executing program 4: r0 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0) open$dir(&(0x7f0000000600)='./file0\x00', 0x1, 0x100) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x5, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) r2 = eventfd(0x0) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0}) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000180)={0x1, r2}) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000080)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74, 0x100000}) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001c80)={0x2, 0x0, [{0x86956090991702cc, 0x91, &(0x7f0000001e80)=""/145}, {0x0, 0xa, &(0x7f0000000500)=""/10}]}) setsockopt$inet6_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000280)=0x3, 0x4) ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f0000000140)={0x1, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) read(r3, &(0x7f00000002c0)=""/196, 0xc4) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0845658, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x4a) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {r4, 0xffff}}, 0x10) write$RDMA_USER_CM_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4, 0xfa00, {r4}}, 0xc) r5 = socket$kcm(0x11, 0x5, 0x0) sendmsg$kcm(r5, &(0x7f00000003c0)={&(0x7f0000000000)=@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x80, 0x0}, 0x20048004) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) socket$rds(0x15, 0x5, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f00000098c0), 0x0, 0x0) ioctl$TIOCGRS485(0xffffffffffffffff, 0x5418, &(0x7f0000000200)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 1.721230075s ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000080)={[{@grpquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@resuid}, {@i_version}, {@data_ordered}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x648}}, {@barrier_val={'barrier', 0x3d, 0x7}}]}, 0x1, 0x5de, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSlMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIxQMnPXnw4smQEDXEk4lrZjtTuu1sS0vbqcznkyx9894O70233763r+/NBlBZA+k/tYg9ETGVRPQmcwtl7ZEVDsw/7+5fH51KH0nU66/9kUSS5eXPT7KvPdnJXRHx0w9J9Lctr3d69vK5scnJiUvZ8dDM+amh6dnLB86eHzszcWbiwsgLI0ePHD5ydPjguq7rSkHeiWvvvt/7yeib33z1TzL87a+jSRyLl7MnLr6OjTIQA43vSbK8qOfoRldWkrbs52TxS5y0l9gg1iR//Toi4onojba49+L1xsevlNo4YFPVk4g6UFGJ+IeKyscB+Xv7pe+Da6WMSoCtcOf4/ATA8vhvn58bjK7G3MDOu0ksntZJImJ9M3PNdkXErZuj107fHL0WmzQPBxSbuxoRTxbFf9KI/77oir5G/Nea4j8dF5zMvqb5r66z/qVTxeIfts58/HetGP/RIv7fWhT/b6+z/oF7yXe6m+K/e72XBAAAAAAAAJV143hEPF/09//awvqfKFj/0xMRxzag/oElx8v//l+7vQHVAAXuHI94qXD9by1f/dvXlqUeaawH6EhOn52cOBgRj0b0R3TsSI+HV6jjwKf9X7YqG8jW/+WPtP5b2VrArB2323c0nzM+NjP2oNcNRNy5GvFU4frfZKH/Twr6//T3wdR91tH/7PWTrcpWj39gs9S/jthX2P/fu2tFsvL9OYYa44GhfFSw3NMffvZdq/rXG/9uMQEPLu3/d64c/33J4vv1TK+9jkOz7fVWZesd/3cmrzduOdOZ5X0wNjNzaTiiMznRluY25Y+svc3wMMrjIY+XNP73P7Py/F/R+L87IuaW/N/Jn817inOP/9vzW6v2GP9DedL4H19T/7/2xMj1vu9b1X9//f/hRl+/P8sx/wfzvsjDtLM5vyAc24uKtrq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAwqEXErkhqgwvpWm1wMKInIh6LnbXJi9Mzz52++N6F8bSs8fn/tfyTfnvnj5P88//7Fh2PLDk+FBG7I+Lztu7G8eCpi5PjZV88AAAAAAAAAAAAAAAAAAAAbBM9Bfv///5xvuz3trJbB2y69rIbAJSmIP5/LqMdwNbT/0N1iX+oLvEP1SX+obrEP1SX+IfqEv9QXeIfAAAAAAAeKrv33vgliYi5F7sbj1RnVtZRasuAzVYruwFAadziB6rL0h+oLu/xgWSV8q6WJ6125kqmTj3AyQAAAAAAAAAAAABQOfv22P8PVWX/P1SX/f9QXfn+/70ltwPYet7jA7HKTv7C/f+rngUAAAAAAAAAAAAAbKTp2cvnxiYnJy5JvLE9mrGViXq9fiX9Kdgu7fmfJ/Kl8NulPUsS+V6/+zurvN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//wZJJhA=") chdir(&(0x7f0000000000)='./file0\x00') creat(0x0, 0x0) r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) lseek(r1, 0x0, 0x2) getdents(r1, 0x0, 0x0) 1.671162113s ago: executing program 1: sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)={0xd4, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_STATUS_CODE={0x6}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_IE={0x8f, 0x2a, [@link_id={0x65, 0x12, {@from_mac, @device_a, @broadcast}}, @perr={0x84, 0x75, {0x0, 0x7, [{{0x0, 0x1}, @device_a, 0x0, @value=@broadcast}, {}, {{}, @device_b}, {{}, @device_b}, {{0x0, 0x1}, @device_a, 0x0, @value=@broadcast}, {{0x0, 0x1}, @device_a, 0x0, @value=@device_b}, {{}, @broadcast}]}}]}]}, 0xd4}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250) 1.62646876s ago: executing program 0: prctl$PR_SET_SECUREBITS(0x1c, 0x25) setresuid(0xee01, 0xee01, 0x0) setreuid(0x0, 0x0) 1.613450462s ago: executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b6f8dc33cdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe6123e638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95b6c87850bfb70897c1fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bb96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e88261fb260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee50400000000000000251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730bc27d42c1ce01bbbb003e1e6e458a29ec6e9b4be6e1df4774d4d2d22f153a76179434a5ac05f62bcb895f4bf620161cf4016c2bdcd2c3f66c4800eed3e3ba2883c978854c53890ecd22a22a5e82efc1aa3da86cb084faddcf3e87c963ac90686c571103c3613c726ba70381be87ab717096739aa9623fff8de37eac6e3577135587951642bb0c5117518017be9737d5bd19"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0xe40, 0x0, &(0x7f0000000200)="e460cdfbef2408002900119386dd6a00000000072feb3014cd3ec8a755c1e1380081ffad000000e8d50000000100000014000005002433106558d320d98a61a90021c9bf", 0x0, 0x400, 0x0, 0x0, 0x0, &(0x7f0000000b80)}, 0x22) 1.583981526s ago: executing program 0: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@filter={'filter\x00', 0x42, 0x4, 0x2e0, 0xffffffff, 0x130, 0x0, 0x98, 0xffffffff, 0xffffffff, 0x248, 0x248, 0x248, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr, @private, 0x0, 0x0, 'dvmrp0\x00', 'bond_slave_1\x00', {}, {}, 0x6}, 0x0, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@uncond, 0x0, 0x70, 0x98, 0x0, {0x122}}, @REJECT={0x28}}, {{@ip={@broadcast, @loopback, 0x0, 0x0, 'ip6gre0\x00', 'bridge0\x00'}, 0x0, 0xf0, 0x118, 0x0, {}, [@common=@osf={{0x50}, {'syz1\x00'}}, @common=@addrtype={{0x30}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x340) pipe(&(0x7f0000000040)) 1.546797362s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x6, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000200)={r1}, 0xc) 1.484039662s ago: executing program 0: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000100)={'syztnl1\x00', 0x0}) socket$packet(0x11, 0x3, 0x300) r1 = io_uring_setup(0x667f, &(0x7f00000001c0)={0x0, 0x14bb, 0x0, 0x0, 0x1}) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r2 = shmget$private(0x0, 0x4000, 0x8, &(0x7f0000000000/0x4000)=nil) shmat(r2, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCSETSW(r3, 0x5403, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2, 0x0, "30afb028ffffb75e0100000000ffffffffffff"}) r4 = dup(r3) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000001300)={0x0, 0x4, 0x3, 0xfffffffffffffe00}) shmctl$IPC_RMID(r2, 0x0) r5 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil) r6 = syz_open_dev$sndmidi(&(0x7f0000000280), 0x2, 0x141101) r7 = dup(r6) shmat(0x0, &(0x7f0000ffa000/0x4000)=nil, 0x4000) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x4, 0x20010, r4, 0xd916b000) set_mempolicy(0x3, &(0x7f00000003c0)=0xb7, 0x1f) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) sendmsg$inet(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="e80d1a98dbcad58397e08039961ceab7", 0x10}, {&(0x7f0000000cc0)="f560e3c338c43e0565d79b367d601bffc60b20a2f7f8c762df7c38e8cd4d498bcf49e9a397407162c087f5fb08958a641d1176cc5ed5aee301b518f24f16d78134f9a8e6a636ab1c5efa83228f5aa120c670990c2f5d30299f27a6b3ffb4ea1d4fd695363011eaa6eab68ad47aaf11adaebff82a9dfba8139768f048deeb242f3b24f744dfd303d339df1078f07679190ddda7ecf3676d0efee35913b42c0d632bf60c719ca98ac549168ae0c883dbf7e30edd9e4d52f4180348cf23a4a350707a55480cd70808ac7b873697397e3c850048a997864dff295b8c6cac6933a8f74eefcefa7377a175e467b42b30cd86324cf78c1c59cd52cd55c14529a19adc231848d40d31f774ba132d325afec85071457b4262a925bfddac52e4294fdbd780124c764e76ab5257d778992955d81001ec821629c427987ab1b04897e57cb0300e3bdf52199acf5ae856fcadd9fb35f5a55c6338d55267f2ff2d8ebf05b1de572306917812f22935e4417f88ac57cd6335d303a762d67c0cdf7c4a5d29841f4eea57cda25b8be61697b1abab8545edcca3391bd61db9f393f3e2d9a8ad47819f334a4eb6084869c511702e84ff51dd9073323f6d626db87c2ff2ef55ab009fefc857abcccd9624c91543d6709c156a4f7ce1127d761cf3931752c9fbbd93734ebd6ea2e102c28fe9dd5b658eada7fb942838ca7e5945bf6524a3d3ee297e15dabd63a3e5df00b9cccd623e2bfc32621e53a6bf847b5e0e2ea42cd443e48ad27bab20f6bbab4d2b3022c70ec667ca724d58066bd93683c6eb32a24d1cc136584a97086dbb13cf9032aea2c199969587a0613d98f489e24d2d66cddef3c6a8242b5688209cfc1458ccca9a630c2020b0a56344a98971d95509b21c294cd5f5e39dad1e769be8d3393d94d57852f2b4e83c6060242b770a6fe8cbb0a3fbc25cc722c54b1fc10dc9d6518d760468024e674810cd567d14397209edb8232d38ea6e2c6608696f7f4c14a333b9c76905bdae4eafc18249c775aabc31058cb55cc144a5737425f1507aef2c7227caba7237ac812b655b96496fd18ecc376f19bbbb0a278a35aa6727e40a087bae839c720476f8e99b01f038d419bd149d86e2ce4ca2dc749bb2968c840a8ab5dac30dc2200fd3c454b77c09ab7787bc8e7478f90fc1c03c2700df50d8f9ab53e7cd7eea4769a4412425c688669ce5f3f4cb623373b9a0e9354acaecfd9d605a9827ddbb161a6aa699eac9c2bcf1041faec4b3e8f7a1c2f2da921f35c4302d824b467f24e5f7cf20c3473bc2804eeaeedd6c5dcfa3e4f77840b33dc64664573ec75e7df6f7526c7e2983f51474bcd57f1c35091ae1a68b4fa14568703d6f574a6c40cf85064da30069b0cb45fc59f41f7d16f1ed240b98a57d63ddd4ae8b426dddb111fb4a8de8de8f4a43ab430de20f4ccf7802f3d6e0cb7a1c63deb335e2fefbbc6e6b984b7d59c9a20cd4df613afb6a032f9c11f43f509468ce875c9d2e00eb0e22f8389c1fbd871829b27f1721dc7ed681a0366fcd426736b93f989455e2221d211ff5a3eaf907a55a240f3d1e4e26d6f7fdff222608e40a04c742336a48311fc89496920c46a8bac628fa2b428d2fdc0b678e92c58a9c559617eeec13cc2d742b7d5a44f9c95eb3c9a3fbaf62d0d06807b57d308ed88d7f5b0b53b2fc8daf7603f35743453411343c201474cb241dbb24251a22a9f59ec6800a6c418670e329552aca8709cff82bb742c646217474b815c568a4fbc27704989f7e39eec997cf09a5d6616cf9c9a8dae7439657f211d8746ec26c5233fe51580c81959b5813b4d2c6693ce6ad21f7309d51bc229b2128f558d9c5b286c2392259e98294f3c2d408ec4a5fa400d2dd2f443119cf348ca06ae33cde0f93e37969a3a2ac8a49a73948b94db79b339dfd7f291027618c513cd8dd291c2e1fa46ecd3f2e18b9ccd2c348fc73f80cc209d542d9e0ff4708ce14ee15377207a7f93f464b3385e01c513c9f2c7761571a41195e428e75a9a240a56d3a3f1b8021ca3d03a19ca702499d4e524f1e2272b3fd5408c2a839a6f15912aa77acf72c7b7fdb213abd75ce634cfa773b4084c842df68883cfb7160343496114dcb8d79e36217607b72f3c86dbaf3ddfbbc38c4bf0ab3c718ed6927cb36f59fac89cddaacac076f214c9bd51f518ecf6cc02fea7cb7f465cdc85615b88e1dcfb36cf58b88f38a686e0da8078edbf1adfba67dc51c378d7e1eb2dda2110ab3c12df8e3052163afb2ded07386ade69e9bb47025bc9fde2724adb184bbd6191f3b3c8f2e83154f01dc335ef3255d48c0a77129a775f7c2b043aca0681323d001605af1b248a02ad85c9e770fff3316f10c27b157308ec022f1c66254615ff3d3ddd59c44a4be50fb59f6d7e357cbc062c562dd2a1588c6246113dfbaf5291f954b5272452a57bd021b4af61382d81121a64009b93dd53545041b65ff02fd40586205ce050f6597767f77290f3d8ea85f136c91c557d7972bbb5c2bd5c398d5c2a95a2b4b10523e66be1bcbeaf6d74139e8f6f0ce01ebe1e927839517c0f2db76b4e98f6924894338fed20e4ec7f8e2e447993a76c583b4aacc2eb42f1c7c47f1b616a0a23f3d21cf2cfd58a0a739e11458988f64dccfca3e97f675276697855a0c5e20c358baf03634a5424dddcf8bebe5a57876dba40d809e2def808e46853e198136dc2e3831e5092c2f345cd6f7d9eeaaba95b21a7e5a1c8db847448cd480d54906c1ea140729c69373ed9e08993b8c2b8d377841bcd0256a1d396fa907993fee7f0b4ab9f69363902b9887c7ed6891bf4a7e08342c00dcfb493d1b51ecff36deb3106136147c9037a1461c543adf84d9672520517ff5b80decd2b27d341699538712e621159acd58032d1f61e72812c87d9dff0ea64629665472db4fe9ecb095ed1d4a81c60223e5f9647b0cec52b1f46e58ac04f1cc75f9446f83fb8ef3311327b45a279b15253f217d9cd77024ec734e646149f0e9e81a67806cdd2f80c0e265691189d63a5fe3914a46b72654c7cd8d0b4010ae5603fcfc57066ced5a9f529a04ffcf2f76efacd6f70f6a37333ac0fefcf865c5b003bc0ad2456789b907e68ebfb616ca3039ed013ef42a2b6f35466ec261c93c2bd678182ec3b728d5781b59104dc8429803835d4396b86aaf0a6996f4030c6a394003f93fbc58c94dc28271931f330c889f530b49713242f927e835e49f21590642f38c02a50f2718b5201e0be4704cd9ec8ff1439e72e0f979777d9c9aad4677aeac13f9573ff6327b840da7f4bd10c1911f7ad64aec71902dba4e2bf27fc6cb1e89e5fb62bb644f587ffa7dbd447a71439e0881fd2b5aa160c3d87f8cf15356715015e516729a197f18be5fb6a0b0ae04b4045d57ae161777b1b16754f273febef5fa513c212dda3e5637b2948348ad29124bc34fe85035f4d9c95f87b379fca4a4dbf373565bee4ada623e391a35f2ad5b5db10b267be252964b6a8e81546127ae1467d67a8537ce560ac77d52ff70d119c5f5fe4fa30e7af19235b55a48e1c6f304ec8a1bf784304045c52c34f1736670385515b431b7f77c1824ad9e8d2916579b4fd545b218422daa20f9a64b1f99b5e02a0b3f4bb3434258964da04171430ac861eda60c20e8f882c7569141aa08da459ac044a787f2c50316db21bdecbdda5c952837eca76ee0cbaf6207fb5702bfcf02509d9be928c0a51ace3d3a327f2f71bbff3242f4f4e8d6bfa0a18c20af757e3447fd9bace2fcb6be6d5de7d9155926e0ad409ac7ac65cffbe81bf496e4b759765e2974dfcfadaee3b6864fbea66d82cebfdedc82481c8e238723c89f3cc62177cbe37a4861983ec48829031e0d15dbc98e3ba73cc4b8ff5cf465bbb445b8f85b1efccf4c055c614ad72ca8036cce71cb61eba9426015f59104e4d0378d9dea1356c14f31442e3c3e2af2e4f53070427dbd9f6d389e863bcf3b78cec71617958f7a01b5e85eb1f00ce935d22297b2e4a4e13314c3cf9d52a55e903945f5a14d5e1a575516897eed86d4c0cb82ad011901f38a91690a63582249e7aa5c40c823cdc76a301490a4c56ad0bb0d3e4b8ec1751277b5500946cc8a8b1b1726c27073102ddf2bbb6b7285716de6193acdc26ed6743d301630f0a3ab7b7d1e78f88f3071cd1ed0c782fb90c17bafe61320cab2bc31c278cd5fc92a6c2730f7925cafef7ffa197f3c45219b1a14da7a3af051ac37ea65fdf96120f8f56438d808d212723377a5521eed761f544f676479a93f0a347d4cd70ea33c0ef5ce20d9d216b892c1b4b1209d1c29747c457ee175db68905e69b2b0990ba76c765860e592518d224ea33881c0cfeaf0ca508fdaf6752b7e6c0aff38833e68786d5ee9a5a43b5da7e2f384418eb462d20700a771ff38f98dd87a11dc8557ce431abbc63432f3e5572fb5244289e5228806c0d711c0b3db17f9137a8373423bc4be111cdba7f42cb8cdb45d2bf99362dd192bcd8d5a318bd160b6390013b4ee39db02ae902115125d2f1a1bc522dc34067fcc396adb52552558a8b9c63fa84daaf3c97607e8d2efcc0359cdaba18d05e4f9a9616377c2ce6aeeb13c0e74251ce13bbca0fb29b06f86f3358511dff617df65534b11ed62f9f22073126dff83bc71086f43fe493003b5685ef22ba6bb511fc57c1dde7f409886519f903469baaa4dfca00e1d1e3bfde05c42e4fa12324a6bf49f5c7ef2a82d57b1894b744678ce47e4300b431fae6e869d69d94c3edf9fb34f9906ec1273ad2909ce9cc7a2a3a9f4d7ecd1dfff9d230de49aca4220b3940d6e0ca0bb64a3366314ce235de00f21f1c37e8f9e27d8496b91fac862e1243247aef3e43e7359d9d09a00c821fa96e5073ca9641282fb7fe9ebb80b508992a1750e9bce303e222e1350baac85cf8634564f677795aba47623edc3d9ce57e46db87bafd6b553769464de7a0f1db5e7598f7014c18826e735df98ceddf879e7aa8d4e22d5dbc8eb1e45fb30659b42cf99c35ae371c4097d936abf3e44d9effa147eecb855561e13e3bfe72bd6bf8b6fe5bd47f674b03b2f2f18816b1fcd798a55c562d71a480e6fe735cac13fde5b322a40cf2c786551051a60cf56dc6962bc9822964c9485ec5fb9a204ea40e7f07aee95817072d903ca066eddbaee3ae3cc18263955ce46bb682d8177964a634dc7200a65cff2330cf2c584074d50e32ccb00eb42535885145257b57591334ba04a9ca0a59799897ad000bcc31f4156d65c69ed07e31b634b7c895764fc9491a858d6bc30d4d00024247a5ec875fc356bf20f3b172778", 0xeb1}], 0x2}, 0x0) write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0x1) ioctl$TCSETSF(r7, 0x5404, &(0x7f0000001380)={0x1, 0x9, 0x7fffffff, 0x1, 0x15, "a3740f2bec84fea724884b93d8a65a2c9f9079"}) shmat(r5, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) shmat(r5, &(0x7f0000ffb000/0x1000)=nil, 0x0) shmat(r2, &(0x7f0000ff9000/0x4000)=nil, 0x3000) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f00000013c0)={0x9, 0x0, &(0x7f0000001340)=[{&(0x7f00000000c0)=""/197, 0xc5}, {&(0x7f0000000300)=""/4096, 0x1000}, {&(0x7f0000000240)=""/95, 0x5f}], &(0x7f0000001380), 0x3}, 0x20) 1.480959942s ago: executing program 1: socketpair$unix(0x1, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='block_split\x00'}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.359062281s ago: executing program 4: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xa, [@datasec={0x7, 0x1, 0x0, 0xf, 0x1, [{}], "aa"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "c2c8e9"}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x265ba7d1d57f753b]}}, &(0x7f0000000580)=""/223, 0x4a, 0xdf, 0x1}, 0x20) 1.123723757s ago: executing program 4: bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100)) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB="24000000040805ed00000000000000000000000005000300110000000600024000000000"], 0x24}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYRES64], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'veth0_vlan\x00', 0x0}) unshare(0x62040200) r5 = getegid() syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x759, &(0x7f00000004c0)={[{@noload}, {@noblock_validity}, {@discard}, {@errors_remount}, {@inode_readahead_blks, 0x0}, {@noauto_da_alloc}, {@noload}, {@journal_checksum}, {@mblk_io_submit}, {@minixdf}, {@usrjquota}, {@nolazytime}, {@journal_dev={'journal_dev', 0x3d, 0x765}}, {@norecovery}, {@nobarrier}, {@data_writeback}, {@resgid={'resgid', 0x3d, r5}}], [{@audit}, {@uid_lt={'uid<', 0xee01}}], 0x2c}, 0xa, 0x4f8, &(0x7f0000000700)="$eJzs3EtvVGUfAPD/mbaUvtC3fXm9cVFG0dhopLRcFy6AaMLGxERjcFnbQpAChtYESCPFGEhcaPgEXnYmfgJXujFqXGjcStwaE2K6AV2YY87MmTrt6fTGtGPp75fM8JzbPM//nPMwz2VOA9iwytlbErE1In6OiJ7q4uwdytV/7k5PDv8xPTmcRJq+8ntS2e/O9ORwbdfacVvyhb5SROm9JHYWs+0cv3zl7NDY2OjFfEX/RClPnRs6PXp69PzgkSMH9ncdPjR4sClxZmW6s+OdC7u2n3j95kvDJ2++8e3nWXnTfHt9HFW9lfdNS86hrbCmHOXZ57LOU0sv+rrQXZdO2rP3UusKw5Jld212uToq9b8n2ipLVT3x4rstLRywqtI0TTsLa2e+y6bSeklSPSBNr6XAfSCJVpcAaI3aF/2d6aynOjlc7Aff324fi0oPKIv7bv6qbmmv9GDLvdW+Uccq5f9ARJyc+vOj7BXzjkMAADTXl8cibhyvtjtqr+qWUjxUt99/87mh3oj4X0Rsi4j/5+2XByMq+z4cEY/UHdO9hFmA8pzlYvvnx648Ud9cbZqs/fd8Prc1u/03U/LetnypuxJ/R3LqzNjovvyc9EVHZ7Y8UPzomWG1r1746cNG+Zfr2n/ZK8u/1hbMy/Fb+5wBupGhiaF7jbvm9rXKib1ajD+J9qSWitgeETtW8PnZOTvzzGe7Gm2fFX8WZyH+Dxp/ePsKCjRH+knE09XrPxVz4o98/i+pzE+ee6t//PKV587Uz08OHD40eLB/c4yN7uuv3RVF3/1w/eU8WehGLHD9a1VjVSfSsuv/n3nv/5mZy94sNTNfO778PK7futGwT7PS+39T8molXZufvTQ0MXFxIGJTMlVcP/jPsZeGumbtn8Xft2f++r8t4q+P8+N2RkR2Ez8aEY9FxO687I9HxBMRsWeB+L85/uSbjbqQi8e/urL4R5Z1/Rsljn4fMf+mtrNff1HI+P1yIf6OaHT9D1RSffmakaGJzYvFtVBJ6xP3fAIBAABgHdgdEVsjKe3NB5q2Rqm0d2/ElpkRlPGJZ09dePv8SPUZgd7oKNVGunrqxkMH8rHhbDk7arBuOdu+vzJunKZp2pUtZ/33se7Whg4b3pYG9T/za/GRFuB+s6x5tEZPtAHr0tz6f2vJRzb/BxnA2mrC72iAdUr9h41ryfV/tZ6CA1pmvvp/NeJuC4oCrLH56v9rhTVH16QswNrS/4eNa+X1348BYL3z/Q8b0pIekl9BYtuJBfZJ2lcn08aJUiz8VwB6I2pram2ahT/wl1JEc0rY1tRIu2Zd09K8+2yOZuQVpUX3aV/GH2JY20Tp31GMaqIzIha5e2dutqu1xJXVLlilEnza2v+dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7t3fAQAA///tUdPr") sched_setscheduler(0xffffffffffffffff, 0x5, &(0x7f0000000180)) statfs(0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r6 = gettid() sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r4, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r6], 0x28}}, 0x0) 1.062320987s ago: executing program 0: r0 = io_uring_setup(0x1098, &(0x7f0000000240)) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080), 0xc) read(r1, &(0x7f0000000040)=""/49, 0x31) writev(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)="7578b3da4e2a98e34d9fe47082f9738a020d0f351a314b31e86a5c970e23b021656a122186082d8d097d81db40017b32e288f15c9269cef92b24201504b54a981cd595399628d58f6334792795", 0x4d}, {&(0x7f0000000400)="ab953cc699a8e3a35b61ebfeab99ba9e81093f1446fb08f2f29d2824644200e62363226d9e5a0cc3121a1ad360af9268f6d6ee8f45b250ea673a45e8fe7dedc9028ecbc43775f17e5f62432aea95857d4a08fe03456c4a863069f5a888112002b186e1887317093dce5f6dffd3f11f47517a39e5f1d44824cdf5a2db4907cb0ab63206331abcf8848fd6ef62c4dfe086c259485f397bf47203519c8f55ea5b75b8d7fd14135bbca3652f46e023a4285bd28d8158478af86261d0680786a23c7d83f04d5f04ae14351c9db77ebb0166c4ec588c45a551891c2b1934eeb50bba487254ca5592da01cecff9f1e4421a8e779795c86583abde68d38bccf5edfa52d553331f5b914eea0ad3e7e16add704f3c8b46a5d1a9a3432d790257d9d96c24801d6800204ddbab7cc0ed08335b3c2c73b0cea0c1157166e60228b86cdc5c21495c3780d03edd3b063edd0cf4769c2bd94da1f6ae5f64982f685edcb376d27e4846f64dfbda9aee139a3a0cffbaace5025d42da44683d9558d23a792f198a0db45ebca5b6b80e76a15641e737568f70761d9c6f46582c182992dcdf0c992980038dc4f62574b5e3cb531c1a8c9090744fefdbd50881585b095af1edecf23b6efee2092011c64dc998df7ed698ad6d708fda1dda4347e8fc5b19fccba826360586fdc3473656f393d5b922e3700577b21b815c25d8da91d278d85f5a379983f0dfc12d64f416355ef9751388151e6a48c84e060d6d85293137a9b858646350fb51499a7bc003f5d52c98d59a65fc898e89eb2f8987297b68b5fa41c84834d76f0efca22b322ae46b910b233dbc2226f53d1ef17017f8146c9e3bb805a16d6235d76e896890564307f391535c884c3071ff52860a93f6e38de0b1c35e7041ba93086580b0799e7400a872ec0ddadfacf3038a4c4beb6809f8dddb9c2ae6b543597305e960a6bb4aaa788cd606caa11fa7cb0c8bc73b92be3b143548c4a39eb19326d5d06449208a962a69c7f0c0de1182bf781bef12e60f72978e815a1fa0797826c1e150f5ff406c8c31095f908807bcc7df452380b24b66962755b2395a60ec6af27e703833963538a71e407ddbc2dfc36c4285ac7e0e98c0cade1b0fb85ae8ccb89c66121c9a5e4dd461361466ca15e8a9d6df21128c110046ccc44f70b7d201ddb5851b612b4a38aeeb260a63c34e06a4c407aedd094c3e1dd7192bb774fc48703e4c0265e31e40861d22e212bc9ec01d145b11349a7180f5e82d36f470b18e6752a7586ea2604dcdb9f6baad6d2d44d70641c6ea055b03d12b59ea3700f64f3b0b1d89c8a40f37bbe890a182e11da614fc98c00a537913d668897d9d2068edc15987a2d681d1d64f41477f5083b3f169b015cc87b6e36864e2f70a4bebc5e07b1ed2a7205db1c8d875b9b0af10f096c33027a9211869fe681116f8ba090b4a8bd56b98359617b9b342e243c9cfb0dc46c886f2918f9f9029950b32b84ac0c1cd8d544cf947a7773fa077c97d29eac2e992e0aefa19f5784aa0095d4a6b5112acf00d3615a562ca23293cc9c623d2545d038e5fad34a322970822c08e53a3103409b81de33c02c252a6ed3796003c4a4f7dabd12b971ac8f8de8186330e0de85b98d55e0709c60956904d29c083fa9cbef1d9d0d4d7575a8f96022b911c7b29e602386cab569766270fe87b102c3d1541ac23159d35424befc089fe03b7b88b2f7c8cef0311470a6633f1d6ad0e20ba74ccec7e8663618299aeb2883ae38c19721929b341875e565472bdd6b63eef502dc70a3ab0193b8c64035c6ef40883f58023d7e2f3cb90f6d56fdcb81861d417d65311fe5770ab4c0278e580f45df686acaa11a77d28b909581955e9443b0938dcbc9f3b5b6cdf35f999c01742f550aba43a87e0ef67a52782a931926507323058d070c0827b3c8a20d562972ab38dc5d2ce3cc1f5e36c4b41d785fe826d160f53b9b5372c7cfccda16eb5a5927eccf4e7b690c86b8ae5ef292ff2e75048f6b7be3bbae7eb190a0cd51adfbee19384d852430c3bfc1e0f0545b6a165efe0221feeedb11675f795b43e403ba0f00c74ae538dae89f9bc76c86812a39cbba277d5a08b8ec08975923df29369e5475f9d880d1b245b20e6b12f3c90685ff66827631fb3e014b89c8b3081ae5cf4d6ac8e2a5b4a50d3dec051f674f5a4de4f12ae98f218e3e1366dde665f5eec79d8804f96705df6e77f2847fb8e49f73504a84e5f36c177985d60901eeb4f23a1d5091c8457ae63bf990c34b8abb24a7027338c13dccbe3a9f859660d3998a2eb9c7051be06c468a6579934efcc02182c67da8fd48d59c0ce51957395e04c0a3e48422ee39ca805af7fd4f33b6d183733ce7c41b587c7648ae161032f90338c3d52a25ba2a8cc71cf8d4ee42d3612e4a5e1b4e7e2dbe0a3ba6f9f41a70d68762fb992f05729a70b955278bae85a2b78d1a02c57c32cff5fd92014846fa7ea98d7aac98bd26e75ea96ca507ee8cd40bd2a6941fb5b79e6ecf932774040c53ebbfa7b71920d6658208b6b5003b23f6a296d2014c2cfd67e60ee09210c40b7fef4a896079dde157e07e7f37d78459a50349a87f83ac3625ddb7c4be1abe1a941d2311991c1c1796075b920bcb6e590a925dae0c55a494b62e914d9d49999bb08203f78ab290c36b3add774884f3b7d1550ba4c7188271217c2bf1702e63667b2820d8a5d603c7f9f003df60a9ecbaf36364e79527b0ba03be3611b5e0aecd52e307a291e28e5f00fa753f2878885d9c2c5f14485d2b372198cf34ac9d8040299a90e596e79b9b018a2999ddceb827e9367f89ccfa14410dede38114f455b5610d10a4f6d213e79bcc8cb640504ad9e99d1e91fa1804a0e285cd5afd45d5403adfe9ebded194e9f8622e817417d85f767a3aada9e9180fb176e9683000442f37a0a197995c2155d840759aa7fea75535b9baf4b0edd3e69a43f905c86ba6bd904367cf9258047df87b8fc62fc11e77111a1c89941f5e17559742e56acec3893ed9efc876ef0b5949c35c8d52aca0e8f60e7705126441b241995e34553eeae9a698f283a9c07f98408ff42e85efd74805ee887b5d9bd97fef6385d9e86288a1ad3d80c5896d7d3ba03fb7c6e5016b69f209e58adb53104b0d4b89fad5895c11d7bad62629544d877dbbfe38d7fb8a4061bc610e9e843071371e6f32f1072cccf89d2b03bcbb33eec168d5e0c048bb3748d43a0879123a906de47a92d673494e02bd6248b7a4328167ff7ea2393019366e752df53a4cff52e4240918859e88bee6d965c3ccbf5ba2707acc10f3ee85e6d6b4cab46d159ee14bd5e286d2eee915feb324578d7e14bb3533a09e0da6f88ab962e9fbdf580f92ecb80eb74a23dd6262c0c1c3a2b4f5b3995e5df7e595e2ba2bd5abe10493ec634f48a3eeae16b820d83097d78ef0559992b018961bd9989ffcf031721755f6a5660844b23943fa7b652900118779a37f773af5919556bb93440aeb8d1b2df2235a418d45108e9d2bec05f1703d6c168b85eab2d27fc9412d76d36fad3eabc56f03a9ad6e673b61f568928506e4924c2a713afdcfdcedb210205d84c02b7d6537acf78a8bc17f161e2a4076cbfaf7613b9ad323931b5ed0d56a61c1aa95e2eb642a27342b3fb98042d0ff6ab4ecc5e800dd0dcdd6d73db671e5566332cde0f0698063fbd1154993e6f3f769b186810d2aadc89c32d71db8c2b30d552e7f921ef731029eade3d2e7235a935ec8cd7431f8050b4982cf128343ec9d7e7bbcbac4a72a82c68e0839b52a6acd7d453d25f9c4b3c4e35bed556bedda833558b552d6efdd9bc5d0f1c28728d354bfc3ca1bd3ff20f5de647347bb1b9571b2a430d590f916ca20605068dffa7d23c3627c26874bf6a6dedfe1b167932a530b13d47f2e5814d42f08116ab2e7b66967196dbe3415ff07c8235e4e8377e3f10de292be122b8df714d622659f6f5da1231e2d98a9157754ce6f8d3cd908181fcb521f0b427e7724ddf92c6770a8904087fb0ee37a691018600c16ba09e20f320df9491d371f1f3c30beddf3faaf1f105a2ffe01cfb1d26644cc29d080eccb3dffd2d3b1216b1f186b62b6206bcb7025461cc2a22386e6bfa4d7ee0d1945a888988905ccc7162c0e23cf1157c16a2d42613b3b185d3511f6a3ba6c8e209bef2581ea6adc0745aaa64bc64ad66b5aa10eeab2c6ca1e1c238e39d387ea4d308bbd409f2bc9beb0b73fad189850ba1ddc5745556926993a4764c205f643230bc01914c7f65899c694aa957cf6a9d24fd3c23a9a042a18c1183d6a3ae1a9faafd7f7db7e6f6453aa2e33ba016758b9e8a0f402956c363d99668398ba2cedf8d36a393e4e3c2fcbf35704a9defe2a68c51e198008ce3596c86939f75dc26d94e78c0fedb6a6c4427e02cd86c74788bf72749448e29b8537b85a0cfc1dac90142b0c93d0859d53396cb95ce2163b4feeab3d41f9eada34ecbc4e32ab86c18705d62d41dfebffbe164dbe2adad4916e5fea45034d855efddda423e9d4fb0cd7d9b6c080852f2c2b71ed991dd7b8f40075148348e7086b67f6b51e36e912e403992e67f62d5a54e5b14f1ec23c1db67f1d97d3ea761e035dc1b3bbf0b27c2b1b9496bb4ac2f2002dddc3bd0df2da3fbb7d8dd93d6e51edf02d5d8b77f672c26287bcd3091aefecdb19f65cee0e6bfd68c2ddf487cba59a335384affca83d5922644f5a5398437afd3f445386e3f9130cd865f72dabaa64c36bb2aa25d48b9065bd9328192d5487ec8dbbac884218b885455b50f3195b64eaea3185dae0d505caf0a3638276dba0adb0c5af6ee32e733c0f61dc3fa1fe1e4678b0c187cc7f43145806bb089418f62cb363d12c3bc7ee322fa616b54cdecf6a1726561e36f19eab505f2c430c8692961cecd064a8b2fef786e8c72aa07320fbed5443edd9f18974fd3042832bbac98cd315cd89a99f435fcf1943be02f00c786ca80ec3aa2a1adfc4b6107c638beada63fdb1efcfd3c3fc85b1e91c85fe1a6d52ffba50b86f6850575cb35b17c92df535c7f3d74e41493dbd28bbbdcbd1a9faf74d7486b186564aa95e9b4516e76f48f40ab44d05308e134030969fa8f16a042776a9259cea4c3608988f1be5a202fe99f06d4fa2db3572a5815552a3218e90ada5e906c323c2b3351d433c7188bfc88508754fec583dbfb391977617d311de4717594829100c7c0f69ab0a7dee2dea49cfb56b56ba99bbd966103b01524e8ce51c9dd87a0e358329bba6046be39311e829e3ecd57e7a5e1dc4e36535981bda4e66f9dc7245530322838c97a04dd66a68a6a135f4054168202a824c7e05ffa639214879006b164925fc6b139a02ae12b61ac2d9a83b886aba09c96df1c289b88e97d796daccab9da346426e4ba2299c5afc0d8219bc7fdd74daa5aa53833114aa440eecfa2244e25c252ed91810c76b4a161fb09477f563d28d4901532a35310cb00b66b9305c12ba0b8b6991b92f37c7e4849bffdca5b9c3d1d5fd6dd392304c257863c2653dbd2f788a7042900ca886fa83e762c09c959129a50ed20bbc134d24f51d7d458a91ff1df53fb982d04112aaae4d313c1ce4e2068746b4d2b189ace3f599f6f710574f018f3d9f993edc388194dfe132837ade7aaebf6fd0ce7d536e04d4c1eb497af181476a40e645dcafedd5dd0af5715274feb32e95ce844f1b2a2e7db53729997eeb2316556422a31a1a4d8440fe9d35ef4ca1b7e2696cc5491c2909db36d6e8c9e65cd5e4945896a56efc8059d9c422867a60f2d17c9e16e0a", 0x1000}, {&(0x7f0000000340)="393316d1db76dc1651d00143a77cda87c3d72040b9fd331c92489240358d9b9dabf47ca29f2f9bc9d3e04a92ece9fcb3a8d2cd1d4a3180167bc26822782454d0b583cfd06872cfdc68bd8c7f84ffcc6a51ba2fae5eb365641ec9af3f60b81457db90b35e42c7ecbe64154a01df1720a5dfb68dad295bd9e3", 0x78}], 0x3) close_range(r0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0xd79, &(0x7f00000035c0), 0x0, 0x0) r2 = socket$inet6(0xa, 0x1000080002, 0x100000000000088) bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e23}, 0x1c) r3 = socket$inet6(0xa, 0x802, 0x88) syz_open_dev$audion(&(0x7f00000000c0), 0x8, 0x100) setsockopt$inet6_udp_int(r3, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4) sendto$inet6(r3, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @mcast1}, 0x1c) syz_emit_ethernet(0xa6, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x70, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "bd3e6d4706598080a80300378927fc503b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "000000050000000026000400"}]}}}}}}, 0x0) sendto$inet6(r3, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0) 834.660092ms ago: executing program 3: r0 = socket$kcm(0x29, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0) sendmmsg(r0, &(0x7f0000003c80)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003b80)=[{&(0x7f0000002680)="bb", 0x1}], 0x1}}], 0x2, 0x0) 774.230211ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b6f8dc33cdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe6123e638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95b6c87850bfb70897c1fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bb96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e88261fb260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee50400000000000000251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730bc27d42c1ce01bbbb003e1e6e458a29ec6e9b4be6e1df4774d4d2d22f153a76179434a5ac05f62bcb895f4bf620161cf4016c2bdcd2c3f66c4800eed3e3ba2883c978854c53890ecd22a22a5e82efc1aa3da86cb084faddcf3e87c963ac90686c571103c3613c726ba70381be87ab717096739aa9623fff8de37eac6e3577135587951642bb0c5117518017be9737d5bd19"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0xe40, 0x0, &(0x7f0000000200)="e460cdfbef2408002900119386dd6a00000000072feb3014cd3ec8a755c1e1380081ffad000000e8d50000000100000014000005002433106558d320d98a61a90021c9bf", 0x0, 0x400, 0x0, 0x0, 0x0, &(0x7f0000000b80)}, 0x22) 757.255604ms ago: executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x6, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000200)={r1}, 0xc) 649.7869ms ago: executing program 2: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x5) write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 643.233691ms ago: executing program 3: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r4, r3, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) recvmsg$unix(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000800)=[{&(0x7f00000002c0)=""/139, 0x8b}, {0x0, 0x3}], 0x2, &(0x7f0000000880)}, 0x0) sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000900)="19e68e40252bd033ece4ddc385b2ce7deb712114e84eb211decbe479030dbd6e075e7016975b459d49924e625a7af46759bd889844eb4d3acbac163a42950a6264242e8d1ae3a65f8fc53f8e14797a994c8560707bfff6d13110d4666fd47ca671af710ecc97769be0bb2d64e036a06ac887805f85042be200a3732980a289a8bbbbf17468a683fc3aadc9380a088e550985a6d422009204bc4f48ed34fc42da21b8e17d28b479e3e327d92afddcd57863c78c5a09d57682e3b5ca7dc8b89fea360075db2c721ba6bc6cc890d97e6d1094d3d621f258d6a97fee886a78b07b92f3f77b7a97bfb116d257188caf41786b07c70177e1ec5e50a54db3a13e15264f4099873154693fcffaadbbc105ecfeab37a2d8b9", 0xfffffd10}], 0x1}, 0x800) 396.116169ms ago: executing program 1: bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0xa, [@datasec={0x7, 0x1, 0x0, 0xf, 0x1, [{}], "aa"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "c2c8e9"}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x265ba7d1d57f753b]}}, &(0x7f0000000580)=""/223, 0x4a, 0xdf, 0x1}, 0x20) 348.188307ms ago: executing program 2: sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000005c0)={0xd4, 0x0, 0x0, 0x0, 0x0, {{}, {@void, @val={0xc}}}, [@NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_STATUS_CODE={0x6}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5}, @NL80211_ATTR_IE={0x8f, 0x2a, [@link_id={0x65, 0x12, {@from_mac, @device_a, @broadcast}}, @perr={0x84, 0x75, {0x0, 0x7, [{{0x0, 0x1}, @device_a, 0x0, @value=@broadcast}, {}, {{}, @device_b}, {{}, @device_b}, {{0x0, 0x1}, @device_a, 0x0, @value=@broadcast}, {{0x0, 0x1}, @device_a, 0x0, @value=@device_b}, {{}, @broadcast}]}}]}]}, 0xd4}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0) r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01) write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250) 307.530583ms ago: executing program 1: syz_mount_image$hfs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f0000001600)=ANY=[], 0x3, 0x2a7, &(0x7f0000000700)="$eJzs3U9u004UwPE3U7d1fq36M20REmKBCpUQC0TLBrEBoR6CFQKaIFVYRWqLoN1QWCMOwJ4rcAhWiAuwghUHyAqjGU9iJ7HjhPwZGr4fKakdz7PfxP/mRaosAP5Z93e+fbz1w7yUyJzMicgdES2JhCKBiJyXC+GL/aO9o7hR77eiOTER5qUkjVQ9bZQ0ikJNnI1wIjMXyHI4hv6hvzBZrLnJhWFjk9Tr8WeFabNnf8FJq0UW3dlpl8/KOXnqOwHPVFOa8kpWfOcBAPDL3f+1u88vu6GA1iKb7rY/U/f/pu8EPMvd/23llSizf/+3i7J6z44GzXLdqhL/ZFu2sNDuAGonUFVV2lx07ele3Lix+zyua3krd51cs3X7Xk8P3RaXrT1Y3/SueqOgNu1j8L7Pd80v2T7Mmz5sl+S/NtoWh6c+qy/qoYrkg9Tb478gUWY32T0Vde2pNP+b5Wu0vYzSViW9PGc3crGzyKzoZZim8cuVmflFC26dQT7VqCpPG7Xa8VNDq3dbFVFrhVHbFVHr3VHto/m7mY3LwydIvVcP1Ib8lE+ykxv/a/NNbsogZ6ZpY1vq+Zr5xs3ZWdoysC2j/Eenlwpb6gE+wcjcpe+dPJHbsnJ4fLLwOI4bB4fHJ8+Y6D/hrkTJxLcVTLg7rWPhr/hWR52QqHHQTJLEdz73Lst4V2juIf664/EShanJdrrvTOCJGWWptP5bCrPxvh0nmLeozzg96ZztLatyFdBWVhtIvjZYte//ZcO96y/Tv3abtcKcl8oruEFrrivXRK5mny1XVCORy3NGqB35Ko/4/R8AAAAAAAAAAAAAAAAAAOCsmca/E/juIwAAAAAAAAAAAAAAAAAAAAAAZ13Z839lEs//3d0f6vm/nQ/PATBuvwMAAP//oISLtQ==") r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r0, &(0x7f0000000980)='./file0\x00', 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000400), 0x400010000000089, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f00000001c0)={0xf, 0x0, 0x0, "8eb8a828e93b07f1dd06d87a41bfeae7800400b159fbba176fb1de26098d68d9"}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10) syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xa50c25, &(0x7f00000002c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) 269.996509ms ago: executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000880)=ANY=[@ANYBLOB="fc000000190001000000000000000000fe800000000000000000000000000000fc02000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000005f4fdd5b3d7b2b24000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000f8ffffffffffff"], 0xfc}}, 0x0) syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x200) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$sock_cred(r1, 0x1, 0x29, 0x0, &(0x7f0000000240)) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x0, 0x0, 0xd6e}}) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000001900)={0x2, {0x2, 0x0, 0x0, 0x101}}) 167.222955ms ago: executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r0, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x40}, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x203, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x401}], {0x14}}, 0x7c}}, 0x0) 134.18915ms ago: executing program 3: r0 = socket$inet_sctp(0x2, 0x1, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000100)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r4 = dup2(r1, r0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x84, &(0x7f00000003c0)={r3, @in={{0x2, 0x0, @private}}}, &(0x7f0000000340)=0x90) 103.457924ms ago: executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$SOUND_OLD_MIXER_INFO(r0, 0x400448c9, 0xfffffffffffffffe) 40.771224ms ago: executing program 3: r0 = userfaultfd(0x80001) r1 = userfaultfd(0x80001) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f0000fef000/0x11000)=nil, 0x11000}, 0x1}) 32.068945ms ago: executing program 0: sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x12}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0) syz_usb_connect(0x0, 0x10e, &(0x7f0000000280)=ANY=[@ANYBLOB="120100004d80f44021042f04febc000000010902fc00010000000009048400000202ff000724"], 0x0) 23.468397ms ago: executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f000000d000)={0xa, 0x3, &(0x7f0000000b40)=ANY=[@ANYBLOB="850000002200000007000000000000089500000000000000e26c9bd1a6361b6f8dc33cdf00000000000869045aac0000659f55df08f9b90788ff7f00000010000029c21ebbcde61d8ab5920aef6c3e007fe6123e638962cf0b89ef506cfd3f1d4163d3cfca3733b30070a7cf53021a95b6c87850bfb70897c1fdaf3c7220a0e23db436659a8c54328a702688f92b6b71569d65e33d46f8d8ae24ba69c657afac04379cb536008c219991704f11c51b1d076f03b0f917c766f3a7598bbc00feb3bc8e88f79df517b37b56bcbc290080000000000000e675458a43b8a8935bf9cf0be7d0aeaac41405e341cd0ba0d6fd562489dad595712a4051bb6cf826ab757193fc09d305f95c55d5746419000000000000007b61803bd430ef06000000000000001e93f640f159320c8b088f4d6497682eb312d4967aff9e4c14c66c90000054ed82c7cba4c81f91d6dfed18767bf0df584b4b6c4204df411f921e3aa02a67dd324b8176020e9c024751e539c05727f82c92046bfe64babb6d7ba86526b7886a0c2481c5812812a6fa3fca3758cbd8c32b25c28be225bd1f16297baa065f5bb96330fad0aaa4388c06c0eb2ecdf829af9577fcd868cc269b740000b7ad193c5e5850df01aff96877d73a63246ce6f0467167626329ab910b7a13d9ec9a64e7f6b56aeab8c38f69a213c96e2d2ad7978c9d721c270f27e7025d576535198742d403ec43572d7d0baf00e88261fb260627805ca44200335ea4363066944d0aa6feb9705b09ba40d4642519281151f875cbf13a582f90ad719f0eccf02a473dd508a16138904933689ea6050041206473075eaeff2b69c2f2bf6f691c3560e068743a08e9771280da61fd8fdc3f7a35ea352e35753c59ebc1bd27ab6603e6afb1b3f057fbb7ed3aabe702b3c6301d3f5c295d1d69d1541d0e64631c95d6c0999e27e8d1a58f6a00f19102d2bfaf53f25a45637b1c577ae50c4c5669b13a4ed999dd10d2f091dcda39d9abc40c64a20c14ff0b1bf4d23fe07ae90fa0eba9c64bf89b26e7d8d70710b04f9ece5969023acadbb4582272e5b3a0429a5645b0c824ad36f7cc8be12b3874d5a19349b0ede845e9dddcab4a78b08ed60104002aabb17eb1840bc8e0ed1dd8b9b7eeaf32a185d80250a7f2252775905eeeb756eadafe20bbc616bc44b347abc8caf722b2c3b06884c1d3690f23b06fa4541bb2a81073b452764f04bd39008b65ee222cf697ac21b087548e9708dffaff2859e973b1e88668c8022cc6dac8548167e5798ec9c7d288a7fa7749f07513187cd8f060abbbc5e37dd1ba3aab927be1b409be733b7408534e5b0951e9ecfd0a1c77e3a29be4c4093330124615056e3ce0ce6ac91b1242d3bb2e787a186dc2ec284d60e9d8a03884a22eeaa1efa497ee88c6cb565b164a260afb5157e392b1ebb1a4d4f992011ecbac4a0a7ff5bdcef7994a422bb2761edd2d8f20f5f879a88f89d48b8314f862585e4b7a9d6a6681f40e8b82cc6555dce2db951d164cc9a70e640ac8974faa2587a6e3af3b9458f7d4b4077b3002536b10ea24d73307a33090c4c270909a5322eac32cb175e68fa83457b21465c08c02dcefccc0c714c2862ddbe567755f05c1e671328d160d3752345ca1db6e74c720e42afca982ba6befd96c5575f1dd8f87ff6606301c0000000000000000000000000000000000000004d0d54b4caf78018766cdb971e8b168d4763c1f00000003d4e1d842caf457797f93db93e4f38a9dbd79f6bf5dc40b55fdbf9b856665061b2e2924f27eb2d2b5a181ccfd9eeb11dec165b6f12433f00bb06124041ffdcdcdc91f3b3b76635a689c9249cf69bcae654bfa81e75b7c7002b883c56026d83520395b7d511f607cf2f899c7b1c75e2192f775d72247167285857588ace1115fbebfee3c16b84cf7036d41c493a63c09f2ce46c1f5995c2d7fe58c15e64bb4cb7e7f336cc22fa1ea1363bce375bd3d579be1dddb08ed5147b629e4b3f0e65783ee5e20d9270802f2a7500738d95216743bc36a04ba8d486fb26252d684b84fa24639089064ca7b93057c041f12d544dab4d24a4f952b4f265a69ba279929959991b7ac63786055b3c029a0e8b6e42ad33cba2661957cff0700000000000029bb61462623a58556cd62844d4d23cc738ee50400000000000000251d5806000b1ade92dd9f441468967c052aecd9de81b4b55d06670597991f37ddc4fa19a6369d5bf76c474633a337f676ad255869881da5cadcf49ce9188129cc978977f87b32bd4945717075cbb4d3e01e67ff087644f52fcf0a3c732b0586cb87972c43d2616bf4e521dc3126bf1760243d51a197d3ecfd74bd625e9f496175cfeaaa020817d33d513f3e97854ea76e26e96a8639a297871485a8609f8ca842b3321932c4d9e224a0cec5946cec9e359fd3687415cad5fb8c678136f36d9f781fade9f2469477748f4dfa0f56c326c89bb5d07f35aaf95303b5a620fc84e1c73557b2277831f8f633f0d293c0e3f4f93149887271e645f50a4e57010a9b76457f6ad73231a905206bbb1b95248aed85a9df9dea64cc1fd1f06a98530000000000000045fcc1fb138fce0faec0a423e860d5b308d7849381b294106af25f15fec047d5b844a99f36e342165df728e381b48c20e0900f8d265157467d3494f2b93c7f3c817688cec2d226f50edb115c2e075f3c663a4b4169bc6fd7d4fbce205f2a1ae263ae0db900fa0a13cf796e0d7a9dad86953c13ed6241206d682e194c64c491de6a531e9bd45abe705f07000a82ccd41a2c1b23bac44b7371a3a0aeab3647c56f0680cd30ca260189dffed79c2cfae39d8160d3fac695b75654a4a5695b9edec673e75d97950fd4d80bdf8e2d83a3232768b1231b09ef4d995a783eb8f731523e9f6c2ee9119d567acd471bc391bd4f07600d5b04b71c1f1fd7e219b8df5123e4c529db3ce74353e8a39e2d21ce0954334951d509cdce531fb14230fa3b7331a943e7223b0ac8725a0d45a213fa249a8801959480ecdc5999c9df72debe8510d0620fce7be7086d5b72e857243f0a7883d9749b1f40936b51631e0060a0d9901d730bc27d42c1ce01bbbb003e1e6e458a29ec6e9b4be6e1df4774d4d2d22f153a76179434a5ac05f62bcb895f4bf620161cf4016c2bdcd2c3f66c4800eed3e3ba2883c978854c53890ecd22a22a5e82efc1aa3da86cb084faddcf3e87c963ac90686c571103c3613c726ba70381be87ab717096739aa9623fff8de37eac6e3577135587951642bb0c5117518017be9737d5bd19"], &(0x7f0000014ff5)='GPL\x00', 0x2, 0x103a, &(0x7f0000014000)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2a3}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x0, 0xe40, 0x0, &(0x7f0000000200)="e460cdfbef2408002900119386dd6a00000000072feb3014cd3ec8a755c1e1380081ffad000000e8d50000000100000014000005002433106558d320d98a61a90021c9bf", 0x0, 0x400, 0x0, 0x0, 0x0, &(0x7f0000000b80)}, 0x22) 0s ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x28088c3, &(0x7f0000000800), 0x0, 0x5e5, &(0x7f00000000c0)="$eJzs3U1sI1cdAPC/Jx92dpNmC0UqCNjQFhaEmmyy7WpVDm2FhARVBdLCqYdtlDhRFGe9SpzShEjNnjhwRaIS4gBnThyKOCD1hBA3Dkhw41IOSBWKQLtIsBrk8ThrO/Ymu/kwSX4/yfGbec/v/944M2M/2/MCOLcmImI7IoYj4u2IGI9Ctr6Q3+K1xm0iKxERO1tzhUjTm/8YzGvYqgx21HkxIn7YXNh+uL7YUmZtY3N5tlIpr+bLU7WVO1NrG5svLq3MLpYXy7dnZq5PX79649rLM0fW18srv/r4G0tvfO+3v/ncR3/c/soP6v17Nc+7t7M111K0kKbp4QO+mm/DGIrRGMlSSUTUt9cbh6/9/8JA3p/hLnmlPrSHx1P/f/xERDyXp3d58gDgzErT8UjHW5cfStqW0rTQpQwAcPrU3/OPRiGZzN//j0aSTE5mY3ilZ+JCUqmu1b66UF2/PV/Pi7gUQ8nCUqV8NRsrjCjGUKG+PJ3lZfnZ8kzH8rWIeDoiflwcyZYn56qV+X696AGAc+5ix/n/X8Uk6fZZThc+IQCA0+zxzuTpe0fx3RgAoL/2nv+H+tIOAODkGMkHgPOn5fxf7FnoQf6NwZNpEgBwzEodv/3vZt8CAMCp0nX8/62xh+lndy8HBgCcET7/B4Bz5Ttvvlm/paUoZNe/nn9nY325+s6L8+W15cmV9bnJuerqpwYWq9XF7Jo9K12quNu6UKlW70y/FOvvTtXKa7WptY3NWyvV9du1W9l1vW+VD3htAQDgGD19+cO/FCJi+5WR7BbNuRx83g9nXvfdvHNGH+AsGuh3A4C+caaH88uFfoAeX+7d/Tlw168IjUTE+73rHDmCdgHH58qne4z/d742aB8ofOAyAHD65bu1YQA4hw43/m/0AE6zR5/4/TAIzrI0LZjPHwDOmc538L/+056XCL4iCGfcfhf3MhIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe41mt0Iymc8FPhpJMjkZMRYRl2KosLD0tf+macRTEfHn4lBxYen1P/S7zQDAYSV/L+Tzf10Zf2G0M3e48O9idh8R3//pzYFsyuCG3fW192/+5N3ZWm11pmuAYvzs+HsBAOwa7FzRPE9n99P5yiS/39mau7ezNdeztq8ffQM/fr0xuWg97v2drbmh7AVDa+PHszmKL/yz0NaZwhFNTLx9OSKebcS/t9v/ZDf/Uj7zaWf8euyxo4h/tyX+82PZc9DIKWRjMw/jF9sel2R5jfv6tvjkyAHjHUGb4az4sH78ea1z/49sz5rI7vP9b7D9YFqKH+09uD6B5vHvfto4/t1viV+v/9tjpexY0+34N3HQGC/97ps98+4OpJ8ZjGjGvt9y/GkoZalu8V84YPy/fvbzz/XaWOnPI67cyBe6xm+kpmord6bWNjZ/+a0Pfr9YXizfnpm5Pn396o1rL89MLSxVylcbf9srb05u/8rwU737H3Ehuve/tE//v5in9/s/+MV/3n7rC4+I/+Xnu8VP4plHxK937Uv7xG2avfBBz+m76/Hne/R/sC3+cNvj6uve66ysxz/kR3/bnD9gUwGAE7C2sbk8W2m+361UyquNNV0TSWwuzzbfaPYos09i5IkedcBEHFvN3RNDbRuhdFyxLu5ZM3yw52tPYih211w+yQ2VJ0ae9OF3H6Nw8bh6kbTtMp1lBqLSHI/at8K83HYfnoJGYuLRZbJOnNwxCOiP9p2+h56jBwAAAAAAAAAAAAAAwElY+25+yb8j/qVRafVAvywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQ/lfAAAA//+kmbZ7") kernel console output (not intermixed with test programs): ETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 186.312294][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 186.343246][ T6538] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.350366][ T6538] bridge0: port 1(bridge_slave_0) entered forwarding state [ 186.373231][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 186.382152][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 186.413391][ T6538] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.420540][ T6538] bridge0: port 2(bridge_slave_1) entered forwarding state [ 186.432218][ T7033] loop1: detected capacity change from 0 to 32768 [ 186.439343][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 186.449657][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 186.458810][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 186.468358][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 186.477191][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 186.490280][ T7033] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7033) [ 186.510717][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 186.519728][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 186.528520][ T6538] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 186.541622][ T6848] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 186.575542][ T6370] XFS (loop2): Unmounting Filesystem [ 186.581247][ T7033] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 186.593730][ T6848] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 186.603073][ T7033] BTRFS info (device loop1): using free space tree [ 186.615366][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 186.642134][ T7033] BTRFS info (device loop1): has skinny extents [ 186.651558][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 186.668260][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 186.680032][ T13] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 186.923510][ T7033] BTRFS info (device loop1): enabling ssd optimizations [ 186.997765][ T7069] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 187.067282][ T6877] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 187.087899][ T6877] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 187.124627][ T6848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.384579][ T7080] loop2: detected capacity change from 0 to 512 [ 187.439559][ T7080] EXT4-fs (loop2): Ignoring removed mblk_io_submit option [ 187.458244][ T7080] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 187.498696][ T7080] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b016c118, mo2=0002] [ 187.523670][ T7080] System zones: 1-12 [ 187.550660][ T7080] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.2: corrupted in-inode xattr [ 187.575700][ T7080] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz-executor.2: couldn't read orphan inode 15 (err -117) [ 187.588588][ T3542] Bluetooth: hci0: command 0x0419 tx timeout [ 187.604623][ T7080] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue. Quota mode: writeback. [ 187.688894][ T3542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 187.699360][ T3542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 187.728090][ T3542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 187.748057][ T3542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 187.764609][ T6848] device veth0_vlan entered promiscuous mode [ 187.799280][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 187.821467][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 187.849646][ T6848] device veth1_vlan entered promiscuous mode [ 187.950173][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 187.962028][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 187.980537][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 187.990517][ T4046] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 188.008981][ T6848] device veth0_macvtap entered promiscuous mode [ 188.040088][ T6848] device veth1_macvtap entered promiscuous mode [ 188.099377][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.127457][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.145721][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.160244][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.171025][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.183088][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.193411][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 188.220544][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.234993][ T6848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 188.255783][ T6539] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 188.274862][ T6539] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 188.288970][ T6539] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 188.298434][ T6539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 188.310302][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.322154][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.344802][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.355538][ T26] audit: type=1800 audit(1718100675.640:33): pid=7107 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1940 res=0 errno=0 [ 188.384197][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.403604][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.415490][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.425701][ T6848] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 188.436339][ T6848] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 188.449286][ T6848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 188.459670][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 188.481936][ T7113] loop2: detected capacity change from 0 to 64 [ 188.486007][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 188.509050][ T6848] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.528699][ T6848] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.560174][ T6848] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.581032][ T6848] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.836525][ T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.869323][ T3688] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 188.931233][ T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.954171][ T3688] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.970899][ T7123] loop2: detected capacity change from 0 to 32768 [ 188.994365][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 189.009689][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 189.024420][ T7123] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (7123) [ 189.075736][ T7123] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm [ 189.084628][ T7123] BTRFS info (device loop2): using free space tree [ 189.091180][ T7123] BTRFS info (device loop2): has skinny extents [ 189.095950][ T7132] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 189.203082][ T4195] BTRFS warning (device loop2): checksum verify failed on 5341184 wanted 0x0a5a7a5ae10eed219743b156b36184dc5a58d72503dc57b157a62f9528df24e9 found 0x7f89ac308603ca141853aa36b4c114e55a1a3b5f9f8f224e8686af0afa6f1e80 level 0 [ 189.227944][ T7123] BTRFS warning (device loop2): failed to read root (objectid=10): -5 [ 189.294621][ T6539] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 189.493021][ T7123] BTRFS error (device loop2): open_ctree failed [ 189.513355][ T7159] x_tables: ip_tables: udp match: only valid for protocol 17 [ 189.697473][ T7166] loop2: detected capacity change from 0 to 64 [ 189.729738][ T7168] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 189.739742][ T7168] netlink: 'syz-executor.0': attribute type 3 has an invalid length. [ 189.763147][ T6539] usb 2-1: config index 0 descriptor too short (expected 45, got 36) [ 189.775657][ T6539] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 189.803764][ T6539] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 189.818553][ T6539] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 189.835275][ T6539] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 189.872710][ T6539] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 189.887717][ T6539] usb 2-1: config 0 descriptor?? [ 189.913371][ T7129] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 189.972574][ T7176] batadv_slave_0: mtu less than device minimum [ 189.984318][ T7178] loop2: detected capacity change from 0 to 64 [ 190.038084][ T7178] hfs: bad allocation block size 4095 [ 190.053317][ T7178] hfs: can't find a HFS filesystem on dev loop2 [ 190.370681][ T6539] plantronics 0003:047F:FFFF.0004: unknown main item tag 0xd [ 190.384866][ T6539] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 190.445887][ T6539] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 190.590176][ T7198] loop2: detected capacity change from 0 to 32768 [ 190.633945][ T7198] XFS: attr2 mount option is deprecated. [ 190.640074][ T7198] XFS: noikeep mount option is deprecated. [ 190.661650][ T7198] XFS (loop2): Mounting V5 Filesystem [ 190.670645][ T6539] usb 2-1: USB disconnect, device number 8 [ 190.713377][ T7198] XFS (loop2): Ending clean mount [ 190.724922][ T7198] XFS (loop2): Quotacheck needed: Please wait. [ 190.769403][ T7198] XFS (loop2): Quotacheck: Done. [ 190.816203][ T6370] XFS (loop2): Unmounting Filesystem [ 190.967461][ T7221] loop0: detected capacity change from 0 to 64 [ 191.032097][ T7221] hfs: bad allocation block size 4095 [ 191.065297][ T7221] hfs: can't find a HFS filesystem on dev loop0 [ 191.296167][ T7231] loop1: detected capacity change from 0 to 64 [ 192.437846][ T7223] sched: RT throttling activated [ 192.810229][ T7238] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 193.117377][ T7248] device bridge_slave_0 left promiscuous mode [ 193.148014][ T7248] bridge0: port 1(bridge_slave_0) entered disabled state [ 193.245887][ T7261] loop1: detected capacity change from 0 to 64 [ 193.309008][ T7261] hfs: bad allocation block size 4095 [ 193.314990][ T7261] hfs: can't find a HFS filesystem on dev loop1 [ 193.345606][ T7268] loop0: detected capacity change from 0 to 2048 [ 193.398368][ T7268] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 193.679688][ T7282] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 193.862754][ T3542] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 194.001327][ T7291] loop0: detected capacity change from 0 to 2048 [ 194.119761][ T7291] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 194.223056][ T3542] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 194.240610][ T3542] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 194.265308][ T3542] usb 2-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 194.285472][ T3542] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.308222][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.314648][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.343779][ T3542] usb 2-1: config 0 descriptor?? [ 194.387804][ T7309] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'. [ 194.567512][ T7312] loop0: detected capacity change from 0 to 4096 [ 194.600489][ T7321] device macsec0 entered promiscuous mode [ 194.610353][ T7321] device macsec1 entered promiscuous mode [ 194.688020][ T26] audit: type=1804 audit(1718100681.980:34): pid=7327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="file0" dev="sda1" ino=1939 res=1 errno=0 [ 194.835948][ T3542] wacom 0003:056A:00F8.0005: unbalanced delimiter at end of report description [ 194.858665][ T3542] wacom 0003:056A:00F8.0005: parse failed [ 194.871334][ T3542] wacom: probe of 0003:056A:00F8.0005 failed with error -22 [ 194.994570][ T7345] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'. [ 195.051594][ T4046] usb 2-1: USB disconnect, device number 9 [ 195.665602][ T26] audit: type=1804 audit(1718100682.960:35): pid=7364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="file0" dev="sda1" ino=1945 res=1 errno=0 [ 195.692868][ T6621] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 195.778064][ T7368] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 195.855808][ T7372] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 196.012145][ T7374] loop1: detected capacity change from 0 to 4096 [ 196.032412][ T7356] loop4: detected capacity change from 0 to 32768 [ 196.075428][ T7356] XFS: noikeep mount option is deprecated. [ 196.091675][ T7356] XFS: attr2 mount option is deprecated. [ 196.102948][ T6621] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 196.123113][ T6621] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 196.168197][ T6621] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 196.182965][ T6621] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 196.191056][ T7356] XFS (loop4): Mounting V5 Filesystem [ 196.192067][ T6621] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 196.208533][ T6621] usb 1-1: config 0 descriptor?? [ 196.280064][ T7391] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 196.332340][ T7356] XFS (loop4): Ending clean mount [ 196.350968][ T7356] XFS (loop4): Quotacheck needed: Please wait. [ 196.408442][ T7356] XFS (loop4): Quotacheck: Done. [ 196.458969][ T6848] XFS (loop4): Unmounting Filesystem [ 196.610950][ T26] audit: type=1326 audit(1718100683.900:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7395 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6066ce6f69 code=0x0 [ 196.694646][ T6621] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0 [ 196.709462][ T6621] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving [ 196.732265][ T6621] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 196.818980][ T7400] loop1: detected capacity change from 0 to 256 [ 196.945861][ T7400] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 197.392549][ T7414] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 197.552546][ T7397] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.560998][ T7397] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.969129][ T7423] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 198.093408][ T7425] loop4: detected capacity change from 0 to 4096 [ 198.137857][ T7425] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512) [ 198.289316][ T7425] ntfs3: loop4: ntfs_sync_fs r=1a failed, -22. [ 198.318324][ T7425] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 198.350498][ T7428] ntfs3: loop4: ntfs_sync_fs r=1a failed, -22. [ 198.405110][ T7397] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 198.413126][ T6848] ntfs3: loop4: ntfs_sync_fs r=1a failed, -22. [ 198.429739][ T6848] ntfs3: loop4: ntfs_evict_inode r=1a failed, -22. [ 198.446147][ T7397] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.765729][ T7438] loop0: detected capacity change from 0 to 512 [ 198.776203][ T7437] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 198.810976][ T7437] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 198.822447][ T4045] usb 1-1: USB disconnect, device number 7 [ 198.862542][ T26] audit: type=1804 audit(1718100686.150:37): pid=7437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir3112217498/syzkaller.kfE2UA/25/cgroup.controllers" dev="sda1" ino=1966 res=1 errno=0 [ 198.883735][ T7438] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 198.920306][ T7438] ext4 filesystem being mounted at /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/290/file0 supports timestamps until 2038 (0x7fffffff) [ 199.002864][ T7442] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 199.061337][ T7446] program syz-executor.4 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 199.349576][ T7397] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.359813][ T7397] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.369139][ T7397] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.378136][ T7397] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.720242][ T7397] device macsec1 left promiscuous mode [ 199.745270][ T7411] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'. [ 199.784103][ T7449] €Â: renamed from pim6reg1 [ 200.695807][ T7480] loop1: detected capacity change from 0 to 256 [ 200.769083][ T7480] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 200.798110][ T26] audit: type=1326 audit(1718100688.090:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7481 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a7d026f69 code=0x0 [ 200.853291][ T7484] loop4: detected capacity change from 0 to 64 [ 200.865025][ T7480] exFAT-fs (loop1): hint_cluster is invalid (17) [ 200.911933][ T7484] hfs: unable to parse mount options [ 201.130985][ T7496] loop1: detected capacity change from 0 to 512 [ 201.230853][ T7496] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz-executor.1: bg 0: block 5: invalid block bitmap [ 201.269076][ T7496] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6184: Corrupt filesystem [ 201.285780][ T7496] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 3 (level 2) [ 201.310171][ T7496] EXT4-fs (loop1): 1 orphan inode deleted [ 201.317387][ T7496] EXT4-fs (loop1): 1 truncate cleaned up [ 201.359260][ T7496] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 201.469907][ T7496] EXT4-fs error (device loop1): ext4_inlinedir_to_tree:1439: inode #12: block 7: comm syz-executor.1: path /root/syzkaller-testdir1129659750/syzkaller.PkTrxS/68/file0/file0: bad entry in directory: rec_len % 4 != 0 - offset=259, inode=4278190093, rec_len=255, size=60 fake=0 [ 201.867946][ T7513] loop4: detected capacity change from 0 to 256 [ 201.919504][ T7513] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xc14df490, utbl_chksum : 0xe619d30d) [ 201.938585][ T26] audit: type=1800 audit(1718100689.230:39): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1968 res=0 errno=0 [ 202.642836][ T4264] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 202.920646][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 202.979651][ T7491] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.043054][ T4264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 203.056533][ T4264] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.069391][ T4264] usb 5-1: New USB device found, idVendor=056a, idProduct=00f8, bcdDevice= 0.00 [ 203.078485][ T4264] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 203.101439][ T4264] usb 5-1: config 0 descriptor?? [ 203.467869][ T7543] loop1: detected capacity change from 0 to 64 [ 203.517245][ T7543] hfs: unable to parse mount options [ 203.592340][ T4264] wacom 0003:056A:00F8.0007: unbalanced delimiter at end of report description [ 203.609012][ T4264] wacom 0003:056A:00F8.0007: parse failed [ 203.620717][ T4264] wacom: probe of 0003:056A:00F8.0007 failed with error -22 [ 203.777763][ T7491] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.790299][ T7491] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.799672][ T7491] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.809875][ T7491] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 203.811818][ T4264] usb 5-1: USB disconnect, device number 5 [ 204.249328][ T26] audit: type=1804 audit(1718100691.540:40): pid=7549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1957 res=1 errno=0 [ 204.431727][ T26] audit: type=1804 audit(1718100691.620:41): pid=7552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1957 res=1 errno=0 [ 205.508336][ T26] audit: type=1326 audit(1718100692.800:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7571 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x0 [ 206.145698][ T7603] loop4: detected capacity change from 0 to 64 [ 206.202787][ T7603] hfs: unable to parse mount options [ 206.385834][ T7586] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.393426][ T7586] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.317783][ T7586] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 207.386072][ T7586] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.131015][ T7586] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.143554][ T7586] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.161011][ T7586] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.177195][ T7586] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.479887][ T26] audit: type=1326 audit(1718100695.770:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 208.512922][ T7597] device bond0 entered promiscuous mode [ 208.608879][ T26] audit: type=1326 audit(1718100695.770:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 208.655092][ T26] audit: type=1326 audit(1718100695.770:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 208.697777][ T26] audit: type=1326 audit(1718100695.800:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 208.756314][ T150] block nbd1: Attempted send on invalid socket [ 208.764631][ T150] blk_update_request: I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 208.773375][ T26] audit: type=1326 audit(1718100695.810:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 208.889570][ T7632] loop0: detected capacity change from 0 to 64 [ 209.110174][ T26] audit: type=1326 audit(1718100695.810:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x7ffc0000 [ 210.700044][ T7628] sctp: failed to load transform for md5: -4 [ 210.739568][ T26] audit: type=1326 audit(1718100695.810:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb0dff576e7 code=0x7ffc0000 [ 210.795896][ T26] audit: type=1326 audit(1718100695.810:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fb0dff1d3d9 code=0x7ffc0000 [ 210.895418][ T7650] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 210.912709][ T26] audit: type=1326 audit(1718100695.810:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0dff58b60 code=0x7ffc0000 [ 210.947326][ T26] audit: type=1326 audit(1718100695.810:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7614 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fb0dff576e7 code=0x7ffc0000 [ 211.302420][ T7672] loop1: detected capacity change from 0 to 4096 [ 211.658820][ T7662] loop0: detected capacity change from 0 to 32768 [ 211.742254][ T7662] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (7662) [ 211.784622][ T7691] nfs4: Unknown parameter 'ntfs3' [ 212.575701][ T7662] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 212.606663][ T7662] BTRFS info (device loop0): using free space tree [ 212.673365][ T7662] BTRFS info (device loop0): has skinny extents [ 212.734614][ T7707] loop1: detected capacity change from 0 to 128 [ 212.953577][ T7662] BTRFS info (device loop0): enabling ssd optimizations [ 212.983241][ T7738] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 213.022305][ T7738] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 213.121762][ T7738] netlink: 'syz-executor.2': attribute type 29 has an invalid length. [ 213.720695][ T7741] loop1: detected capacity change from 0 to 32768 [ 213.780447][ T7769] loop4: detected capacity change from 0 to 64 [ 213.787532][ T7771] process 'syz-executor.3' launched './file0' with NULL argv: empty string added [ 213.808849][ T7741] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7741) [ 213.813320][ T7774] loop0: detected capacity change from 0 to 164 [ 213.870846][ T7741] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 213.900209][ T7774] rock: directory entry would overflow storage [ 213.907651][ T7741] BTRFS info (device loop1): setting nodatacow, compression disabled [ 213.942776][ T7774] rock: sig=0x4f50, size=4, remaining=3 [ 213.948540][ T7774] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 213.958784][ T7741] BTRFS info (device loop1): setting datacow [ 213.970610][ T7741] BTRFS info (device loop1): doing ref verification [ 213.978397][ T7741] BTRFS info (device loop1): force clearing of disk cache [ 214.020524][ T7741] BTRFS info (device loop1): enabling ssd optimizations [ 214.048978][ T7741] BTRFS info (device loop1): using spread ssd allocation scheme [ 214.067158][ T7741] BTRFS info (device loop1): using free space tree [ 214.077322][ T7741] BTRFS info (device loop1): has skinny extents [ 214.202031][ T7800] netlink: 'syz-executor.3': attribute type 3 has an invalid length. [ 215.024446][ T7741] BTRFS info (device loop1): clearing free space tree [ 215.061988][ T7741] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 215.089158][ T7741] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 215.153093][ T7741] BTRFS info (device loop1): creating free space tree [ 215.264263][ T7741] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 215.342465][ T7741] BTRFS info (device loop1): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 215.543275][ T7842] loop4: detected capacity change from 0 to 164 [ 215.715004][ T7842] rock: directory entry would overflow storage [ 215.727718][ T7842] rock: sig=0x4f50, size=4, remaining=3 [ 215.748500][ T7842] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 217.104829][ T7864] loop1: detected capacity change from 0 to 16 [ 217.183779][ T7864] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 217.451386][ T7871] loop0: detected capacity change from 0 to 4096 [ 218.155623][ T4052] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 218.466149][ T4052] Bluetooth: hci1: Injecting HCI hardware error event [ 218.483940][ T3531] Bluetooth: hci1: hardware error 0x00 [ 218.644284][ T7880] loop1: detected capacity change from 0 to 32768 [ 218.732164][ T7880] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7880) [ 218.842619][ T7893] loop4: detected capacity change from 0 to 32768 [ 218.895160][ T7893] resize option for remount only [ 218.909994][ T7880] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 218.949145][ T7880] BTRFS info (device loop1): using free space tree [ 218.968203][ T7880] BTRFS info (device loop1): has skinny extents [ 219.026830][ T7907] loop0: detected capacity change from 0 to 2048 [ 219.293221][ T7880] BTRFS info (device loop1): enabling ssd optimizations [ 219.587418][ T7959] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 219.738255][ T7956] loop4: detected capacity change from 0 to 32768 [ 219.804408][ T26] kauditd_printk_skb: 148 callbacks suppressed [ 219.804426][ T26] audit: type=1804 audit(1718100707.100:201): pid=7960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file0" dev="sda1" ino=1962 res=1 errno=0 [ 219.835057][ T7956] resize option for remount only [ 219.976838][ T26] audit: type=1804 audit(1718100707.150:202): pid=7960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file0" dev="sda1" ino=1962 res=1 errno=0 [ 221.597125][ T7994] loop0: detected capacity change from 0 to 512 [ 221.637942][ T7994] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 221.673793][ T7994] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended [ 221.702938][ T7994] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz-executor.0: iget: bad extended attribute block 19 [ 221.722831][ T7994] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz-executor.0: couldn't read orphan inode 15 (err -117) [ 221.738318][ T7994] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 221.790377][ T7999] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.3'. [ 221.834678][ T7999] netem: incorrect gi model size [ 221.846946][ T7999] netem: change failed [ 222.046619][ T7985] loop1: detected capacity change from 0 to 32768 [ 222.101482][ T8008] xt_l2tp: v2 tid > 0xffff: 4294967295 [ 222.123137][ T7985] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (7985) [ 222.214712][ T7985] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 222.242564][ T7989] loop4: detected capacity change from 0 to 32768 [ 222.258336][ T7985] BTRFS info (device loop1): enabling auto defrag [ 222.266088][ T7985] BTRFS info (device loop1): doing ref verification [ 222.277648][ T7985] BTRFS info (device loop1): max_inline at 0 [ 222.285720][ T7985] BTRFS info (device loop1): setting nodatasum [ 222.294836][ T7985] BTRFS info (device loop1): turning on sync discard [ 222.311217][ T7985] BTRFS info (device loop1): allowing degraded mounts [ 222.318387][ T7985] BTRFS info (device loop1): disabling free space tree [ 222.331481][ T7985] BTRFS error (device loop1): cannot disable free space tree [ 222.483041][ T7985] BTRFS error (device loop1): open_ctree failed [ 222.489983][ T7989] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (7989) [ 222.823913][ T8028] usb usb8: usbfs: process 8028 (syz-executor.0) did not claim interface 0 before use [ 223.135136][ T7989] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 223.144847][ T7989] BTRFS info (device loop4): using free space tree [ 223.151676][ T7989] BTRFS info (device loop4): has skinny extents [ 223.282842][ T8049] loop1: detected capacity change from 0 to 16 [ 223.324242][ T8049] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 223.393036][ T7989] BTRFS info (device loop4): enabling ssd optimizations [ 223.723739][ T8091] loop0: detected capacity change from 0 to 256 [ 223.764984][ T8091] FAT-fs (loop0): Unrecognized mount option "nonë}umtail=0" or missing value [ 223.786410][ T8094] loop1: detected capacity change from 0 to 24 [ 223.834931][ T8094] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 223.853743][ T8094] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 224.274038][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 224.453403][ T8110] loop0: detected capacity change from 0 to 2048 [ 225.640605][ T8110] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 225.670876][ T8135] loop1: detected capacity change from 0 to 24 [ 225.687742][ T8110] ext4 filesystem being mounted at /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/317/file0 supports timestamps until 2038 (0x7fffffff) [ 225.754266][ T8135] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 225.769922][ T8135] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 225.777914][ T8110] fs-verity: sha256 using implementation "sha256-avx2" [ 225.807612][ T8147] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 225.817301][ T8110] fs-verity: sha512 using implementation "sha512-avx2" [ 226.961342][ T8166] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 228.234181][ T26] audit: type=1800 audit(1718100715.520:203): pid=8194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1949 res=0 errno=0 [ 228.264239][ T8192] sock: sock_timestamping_bind_phc: sock not bind to device [ 229.126998][ T8224] loop0: detected capacity change from 0 to 4096 [ 229.212202][ T8224] NILFS (loop0): invalid segment: Checksum error in segment payload [ 229.221529][ T8224] NILFS (loop0): trying rollback from an earlier position [ 229.279410][ T8224] NILFS (loop0): recovery complete [ 229.300005][ T8238] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 229.858396][ T8244] hub 9-0:1.0: USB hub found [ 229.869229][ T8244] hub 9-0:1.0: 8 ports detected [ 230.255566][ T8256] loop4: detected capacity change from 0 to 128 [ 230.558689][ T8256] VFS: unable to find oldfs superblock on device loop4 [ 230.855085][ T8266] xt_CT: You must specify a L4 protocol and not use inversions on it [ 231.502408][ T8272] loop0: detected capacity change from 0 to 1024 [ 231.540776][ T8256] loop4: detected capacity change from 0 to 4096 [ 231.658705][ T8256] ntfs3: Bad value for 'dmask' [ 232.446626][ T4195] hfsplus: b-tree write err: -5, ino 4 [ 232.991078][ T8309] hub 9-0:1.0: USB hub found [ 232.998460][ T8309] hub 9-0:1.0: 8 ports detected [ 234.563292][ T8335] can: request_module (can-proto-0) failed. [ 234.657612][ T8345] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 234.668327][ T8345] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 234.677668][ T8345] overlayfs: missing 'lowerdir' [ 234.736200][ T8347] loop0: detected capacity change from 0 to 256 [ 234.893848][ T8351] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 235.064246][ T8377] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore [ 235.075908][ T8377] overlayfs: option "index=on" is useless in a non-upper mount, ignore [ 235.085683][ T8377] overlayfs: missing 'lowerdir' [ 235.624078][ T8381] loop4: detected capacity change from 0 to 32768 [ 235.668486][ T8381] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8381) [ 235.731293][ T8381] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 235.745820][ T8381] BTRFS info (device loop4): setting nodatacow, compression disabled [ 235.771620][ T8381] BTRFS info (device loop4): doing ref verification [ 235.786375][ T8381] BTRFS info (device loop4): turning on flush-on-commit [ 235.801436][ T8381] BTRFS info (device loop4): max_inline at 1398 [ 235.814834][ T8381] BTRFS info (device loop4): turning on sync discard [ 235.830126][ T8381] BTRFS info (device loop4): turning off barriers [ 235.848214][ T8381] BTRFS info (device loop4): using free space tree [ 235.862898][ T8381] BTRFS info (device loop4): has skinny extents [ 236.223847][ T8421] loop0: detected capacity change from 0 to 32768 [ 236.268010][ T8421] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz-executor.0 (8421) [ 236.652791][ T8431] can: request_module (can-proto-0) failed. [ 237.370321][ T8462] loop4: detected capacity change from 0 to 32768 [ 237.446170][ T8462] find_entry called with index = 0 [ 237.460082][ T8462] read_mapping_page failed! [ 237.465072][ T8462] ERROR: (device loop4): txCommit: [ 237.465072][ T8462] [ 237.485898][ T8462] ERROR: (device loop4): remounting filesystem as read-only [ 237.570555][ T26] audit: type=1800 audit(1718100724.860:204): pid=8480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1957 res=0 errno=0 [ 237.671775][ T26] audit: type=1804 audit(1718100724.910:205): pid=8480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="file1" dev="sda1" ino=1957 res=1 errno=0 [ 238.010425][ T8492] device team0 entered promiscuous mode [ 238.025350][ T8492] device team_slave_0 entered promiscuous mode [ 238.031722][ T8492] device team_slave_1 entered promiscuous mode [ 238.045223][ T8492] device bond0 entered promiscuous mode [ 238.052221][ T8492] device bond_slave_0 entered promiscuous mode [ 238.062955][ T8492] device bond_slave_1 entered promiscuous mode [ 238.069435][ T8492] device batadv0 entered promiscuous mode [ 238.089806][ T8483] chnl_net:caif_netlink_parms(): no params data found [ 238.106445][ T8495] device team_slave_0 left promiscuous mode [ 238.126362][ T8495] team0: Port device team_slave_0 removed [ 238.191427][ T4195] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.251884][ T8502] xt_CT: You must specify a L4 protocol and not use inversions on it [ 238.270228][ T4195] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.298509][ T8483] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.307980][ T8483] bridge0: port 1(bridge_slave_0) entered disabled state [ 238.322876][ T8483] device bridge_slave_0 entered promiscuous mode [ 238.353161][ T8483] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.379772][ T8483] bridge0: port 2(bridge_slave_1) entered disabled state [ 238.411056][ T8483] device bridge_slave_1 entered promiscuous mode [ 238.439471][ T8502] overlayfs: failed to clone upperpath [ 238.464931][ T4195] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.490969][ T8483] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 238.506729][ T8483] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 238.546388][ T4195] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.609217][ T8483] team0: Port device team_slave_0 added [ 238.642308][ T8483] team0: Port device team_slave_1 added [ 238.689871][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 238.700902][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.736454][ T8483] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 238.737901][ T8508] loop0: detected capacity change from 0 to 32768 [ 238.758517][ T8483] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 238.765662][ T8483] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 238.791644][ C1] vkms_vblank_simulate: vblank timer overrun [ 238.798841][ T8483] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 238.856546][ T8508] find_entry called with index = 0 [ 238.872210][ T8508] read_mapping_page failed! [ 238.874730][ T8483] device hsr_slave_0 entered promiscuous mode [ 238.878207][ T8508] ERROR: (device loop0): txCommit: [ 238.878207][ T8508] [ 238.893101][ T8483] device hsr_slave_1 entered promiscuous mode [ 238.894354][ T8508] ERROR: (device loop0): remounting filesystem as read-only [ 238.906714][ T8483] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 238.916370][ T8483] Cannot create hsr debugfs directory [ 239.304672][ T8528] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 239.317302][ T8528] netlink: 'syz-executor.3': attribute type 13 has an invalid length. [ 239.325716][ T8528] netlink: 'syz-executor.3': attribute type 11 has an invalid length. [ 239.345017][ T8528] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 239.354454][ T8528] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 239.363475][ T8528] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 239.372185][ T8528] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 239.385052][ T8528] device vxlan0 entered promiscuous mode [ 240.671290][ T8531] loop0: detected capacity change from 0 to 32768 [ 240.705551][ T4270] Bluetooth: hci5: command 0x0409 tx timeout [ 240.732904][ T8483] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 240.751930][ T8531] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (8531) [ 240.767391][ T8483] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 240.797809][ T8483] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 240.808316][ T8531] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 240.821474][ T8483] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 240.828624][ T8531] BTRFS info (device loop0): metadata ratio 4 [ 240.842058][ T8531] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 240.856090][ T8531] BTRFS info (device loop0): force lzo compression, level 0 [ 240.863822][ T8531] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 240.874513][ T8531] BTRFS info (device loop0): trying to use backup root at mount time [ 240.903380][ T8531] BTRFS info (device loop0): doing ref verification [ 240.910084][ T8531] BTRFS info (device loop0): disabling tree log [ 240.937900][ T8531] BTRFS info (device loop0): using free space tree [ 240.945399][ T8531] BTRFS info (device loop0): has skinny extents [ 241.038842][ T8483] 8021q: adding VLAN 0 to HW filter on device bond0 [ 241.090057][ T8483] 8021q: adding VLAN 0 to HW filter on device team0 [ 241.108159][ T4195] device hsr_slave_0 left promiscuous mode [ 241.116724][ T4195] device hsr_slave_1 left promiscuous mode [ 241.129185][ T4195] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 241.130160][ T3688] BTRFS warning (device loop0): checksum verify failed on 5332992 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 241.141009][ T4195] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 241.156752][ T8531] BTRFS warning (device loop0): couldn't read tree root [ 241.165277][ T6222] BTRFS warning (device loop0): checksum verify failed on 5324800 wanted 0x9f73850b found 0x78ca8373 level 0 [ 241.179688][ T4195] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 241.180518][ T8531] BTRFS warning (device loop0): couldn't read tree root [ 241.192892][ T4195] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 241.199636][ T8531] BTRFS error (device loop0): parent transid verify failed on 5255168 wanted 5 found 7 [ 241.211747][ T8531] BTRFS warning (device loop0): couldn't read tree root [ 241.214074][ T4195] device bridge_slave_1 left promiscuous mode [ 241.225759][ T4195] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.234914][ T4195] device bridge_slave_0 left promiscuous mode [ 241.241843][ T8531] BTRFS info (device loop0): enabling ssd optimizations [ 241.241939][ T4195] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.259281][ T8531] BTRFS info (device loop0): clearing free space tree [ 241.266656][ T8531] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 241.280853][ T8531] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 241.292471][ T4195] device veth1_macvtap left promiscuous mode [ 241.298851][ T4195] device veth0_macvtap left promiscuous mode [ 241.305150][ T4195] device veth1_vlan left promiscuous mode [ 241.310996][ T4195] device veth0_vlan left promiscuous mode [ 241.321371][ T8531] BTRFS info (device loop0): creating free space tree [ 241.334388][ T8531] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 241.344627][ T8531] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 241.855983][ T4195] team0 (unregistering): Port device team_slave_1 removed [ 241.878422][ T4195] team0 (unregistering): Port device team_slave_0 removed [ 241.893295][ T4195] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 241.908684][ T4195] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 241.989963][ T4195] bond0 (unregistering): Released all slaves [ 242.053594][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 242.062418][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 242.070759][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 242.079922][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 242.089108][ T4270] bridge0: port 1(bridge_slave_0) entered blocking state [ 242.096350][ T4270] bridge0: port 1(bridge_slave_0) entered forwarding state [ 242.126381][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 242.141965][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 242.158202][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 242.186492][ T4270] bridge0: port 2(bridge_slave_1) entered blocking state [ 242.193661][ T4270] bridge0: port 2(bridge_slave_1) entered forwarding state [ 242.207941][ T8581] loop0: detected capacity change from 0 to 1024 [ 242.213781][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 242.225530][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 242.246968][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 242.260174][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 242.268771][ T8581] hfsplus: unable to find HFS+ superblock [ 242.300253][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 242.309320][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 242.318463][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 242.331730][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 242.341438][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 242.351460][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 242.367647][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 242.408623][ T8483] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 242.588845][ T8595] device team0 entered promiscuous mode [ 242.609620][ T8595] device team_slave_0 entered promiscuous mode [ 242.611700][ T8585] loop0: detected capacity change from 0 to 8192 [ 242.622870][ T8595] device team_slave_1 entered promiscuous mode [ 242.633353][ T8595] device team_slave_0 left promiscuous mode [ 242.664318][ T8595] team0: Port device team_slave_0 removed [ 242.692040][ T8585] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 242.702360][ T8585] REISERFS (device loop0): using ordered data mode [ 242.721507][ T8585] reiserfs: using flush barriers [ 242.729776][ T8585] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 242.748096][ T8585] REISERFS (device loop0): checking transaction log (loop0) [ 242.776622][ T8483] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 242.792763][ T4270] Bluetooth: hci5: command 0x041b tx timeout [ 242.802365][ T8585] REISERFS (device loop0): Using r5 hash to sort names [ 242.824790][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 242.832404][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 243.259109][ T6542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 243.279246][ T6542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 243.344787][ T6542] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 243.362382][ T6542] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 243.384128][ T8483] device veth0_vlan entered promiscuous mode [ 243.401533][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 243.420206][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 243.448601][ T8483] device veth1_vlan entered promiscuous mode [ 243.527325][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 243.554041][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 243.572963][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 243.603676][ T4345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 243.635430][ T8483] device veth0_macvtap entered promiscuous mode [ 243.668871][ T8483] device veth1_macvtap entered promiscuous mode [ 243.729422][ T8483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 243.763751][ T8483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.795594][ T8483] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 243.835683][ T8483] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 243.891151][ T8483] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 243.931113][ T8483] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 243.952675][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 243.961452][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 243.980354][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 244.008642][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 244.039531][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 244.066257][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 244.091846][ T8483] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.133079][ T8483] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.157405][ T8483] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.176569][ T8483] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 244.479049][ T6221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 244.493169][ T6221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 244.690276][ T6542] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 245.229097][ T6221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 245.306070][ T6221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 245.584685][ T6542] Bluetooth: hci5: command 0x040f tx timeout [ 245.734368][ T26] audit: type=1800 audit(1718100733.030:206): pid=8630 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1935 res=0 errno=0 [ 245.778077][ T4264] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 245.965696][ T8663] loop4: detected capacity change from 0 to 4096 [ 246.059221][ T8678] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 246.270623][ T8692] loop4: detected capacity change from 0 to 1024 [ 246.393041][ T8692] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 246.827319][ T8720] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 246.848242][ T8704] loop0: detected capacity change from 0 to 32768 [ 246.906098][ T8704] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (8704) [ 246.976562][ T8704] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 246.994978][ T8704] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8) [ 247.033264][ T8704] BTRFS info (device loop0): force lzo compression, level 0 [ 247.050965][ T8704] BTRFS info (device loop0): force clearing of disk cache [ 247.162885][ T8704] BTRFS info (device loop0): using free space tree [ 247.172316][ T8704] BTRFS info (device loop0): has skinny extents [ 247.690975][ T8704] BTRFS info (device loop0): enabling ssd optimizations [ 247.755890][ T8704] BTRFS info (device loop0): clearing free space tree [ 248.203120][ T8704] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 248.228180][ T4264] Bluetooth: hci5: command 0x0419 tx timeout [ 248.246527][ T8704] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 248.295297][ T8766] netlink: 'syz-executor.2': attribute type 4 has an invalid length. [ 248.307806][ T8704] BTRFS info (device loop0): creating free space tree [ 248.317090][ T8704] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 248.331185][ T8704] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 248.389198][ T8704] BTRFS error (device loop0): balance: invalid convert metadata profile raid1 [ 248.551724][ T8772] loop4: detected capacity change from 0 to 4096 [ 248.659101][ T8782] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 248.753783][ T8785] xt_CT: You must specify a L4 protocol and not use inversions on it [ 248.977733][ T8785] overlayfs: failed to clone upperpath [ 249.422806][ T7] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 250.193008][ T7] usb 5-1: New USB device found, idVendor=0733, idProduct=0401, bcdDevice=be.ef [ 250.218741][ T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 250.256487][ T7] usb 5-1: config 0 descriptor?? [ 250.269556][ T8806] loop0: detected capacity change from 0 to 1024 [ 250.314922][ T7] gspca_main: spca501-2.14.0 probing 0733:0401 [ 250.331428][ T8806] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 250.522866][ T7] gspca_spca501: reg write: error -71 [ 250.528295][ T7] spca501 5-1:0.0: Reg write failed for 0x00,0xaa,0x00 [ 250.535446][ T7] spca501: probe of 5-1:0.0 failed with error -22 [ 250.545797][ T7] usb 5-1: USB disconnect, device number 6 [ 251.595538][ T8828] device bridge_slave_1 left promiscuous mode [ 251.595688][ T8828] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.600438][ T8828] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check. [ 251.691361][ T8841] overlayfs: unrecognized mount option "fsname=/$\+" or missing value [ 251.914240][ T8852] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 252.258251][ T8859] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 252.291611][ T8859] netlink: 52 bytes leftover after parsing attributes in process `syz-executor.2'. [ 252.309587][ T8859] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 252.479258][ T8850] loop4: detected capacity change from 0 to 40427 [ 252.506438][ T8865] fscrypt (sda1, inode 1965): Reserved bits set in encryption policy [ 252.533484][ T8850] F2FS-fs (loop4): invalid crc value [ 252.553638][ T8850] F2FS-fs (loop4): Mismatch valid blocks 0 vs. 4 [ 252.560992][ T8850] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117) [ 252.581977][ T8870] overlayfs: unrecognized mount option "fsname=/$\+" or missing value [ 252.783547][ T8869] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 253.242972][ T8902] loop0: detected capacity change from 0 to 1024 [ 253.283180][ T8902] EXT4-fs (loop0): Ignoring removed oldalloc option [ 253.295725][ T8902] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 253.324748][ T8902] EXT4-fs (loop0): Unrecognized mount option "fsuuid=cf79116S-e0d7-d1c2-3c3-" or missing value [ 253.576050][ T8913] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 38981 - 0 [ 253.602951][ T8913] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 38981 - 0 [ 253.639140][ T8913] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 38981 - 0 [ 253.651870][ T8913] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 38981 - 0 [ 253.661827][ T8913] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 60924 - 0 [ 253.682000][ T8913] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 60924 - 0 [ 253.692429][ T8913] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 60924 - 0 [ 253.701768][ T8913] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 60924 - 0 [ 253.711342][ T8913] device geneve2 entered promiscuous mode [ 253.741049][ T8913] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 60924 - 0 [ 253.769486][ T8913] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 60924 - 0 [ 253.791604][ T8913] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 60924 - 0 [ 253.808464][ T8913] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 60924 - 0 [ 253.844268][ T8913] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 38981 - 0 [ 253.872486][ T8913] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 38981 - 0 [ 253.899600][ T8913] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 38981 - 0 [ 253.930926][ T8913] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 38981 - 0 [ 254.291378][ T8927] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 254.510562][ T8943] loop0: detected capacity change from 0 to 1024 [ 254.631557][ T8943] EXT4-fs (loop0): Ignoring removed oldalloc option [ 254.723148][ T8943] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 254.732668][ T8943] EXT4-fs (loop0): Unrecognized mount option "fsuuid=cf79116S-e0d7-d1c2-3c3-" or missing value [ 255.144959][ T8967] loop0: detected capacity change from 0 to 2048 [ 255.204448][ T8967] UDF-fs: bad mount option "" or missing value [ 255.381622][ T8978] loop4: detected capacity change from 0 to 8192 [ 255.446398][ T8954] chnl_net:caif_netlink_parms(): no params data found [ 255.588314][ T8978] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 255.784266][ T1381] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.800622][ T8978] REISERFS (device loop4): using ordered data mode [ 255.810118][ T1381] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.197029][ T8978] reiserfs: using flush barriers [ 256.217478][ T8978] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 256.283074][ T8978] REISERFS (device loop4): checking transaction log (loop4) [ 256.348222][ T8978] REISERFS (device loop4): Using r5 hash to sort names [ 256.365296][ T8978] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 256.553372][ T8954] bridge0: port 1(bridge_slave_0) entered blocking state [ 256.592800][ T8954] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.601074][ T8954] device bridge_slave_0 entered promiscuous mode [ 256.641813][ T9011] loop0: detected capacity change from 0 to 512 [ 256.670156][ T8954] bridge0: port 2(bridge_slave_1) entered blocking state [ 256.694623][ T8954] bridge0: port 2(bridge_slave_1) entered disabled state [ 256.709670][ T9011] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 256.731666][ T8954] device bridge_slave_1 entered promiscuous mode [ 256.750383][ T9008] netlink: 'syz-executor.2': attribute type 13 has an invalid length. [ 256.808162][ T9011] EXT4-fs (loop0): 1 truncate cleaned up [ 256.850321][ T9011] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 256.908043][ T8954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 256.987379][ T8954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 256.996101][ T4055] Bluetooth: hci0: command 0x0409 tx timeout [ 257.117104][ T9020] loop4: detected capacity change from 0 to 164 [ 257.258669][ T8954] team0: Port device team_slave_0 added [ 257.293176][ T8954] team0: Port device team_slave_1 added [ 257.406418][ T8954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 257.432716][ T8954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.550067][ T8954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 257.598449][ T9033] loop0: detected capacity change from 0 to 8192 [ 257.605933][ T8954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 257.617865][ T8954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 257.673192][ T8954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 257.694534][ T9033] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal [ 257.722899][ T9033] REISERFS (device loop0): using ordered data mode [ 257.729624][ T9033] reiserfs: using flush barriers [ 257.760323][ T9033] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 257.791100][ T9033] REISERFS (device loop0): checking transaction log (loop0) [ 257.826068][ T6633] Bluetooth: hci4: command 0x0406 tx timeout [ 257.838917][ T9042] loop4: detected capacity change from 0 to 256 [ 257.846785][ T9033] REISERFS (device loop0): Using r5 hash to sort names [ 257.862406][ T8954] device hsr_slave_0 entered promiscuous mode [ 257.863472][ T9033] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage. [ 257.887820][ T8954] device hsr_slave_1 entered promiscuous mode [ 257.924085][ T9042] exfat: Bad value for 'gid' [ 257.939161][ T8954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 257.959997][ T8954] Cannot create hsr debugfs directory [ 258.311476][ T8954] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.448112][ T8954] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.540888][ T9048] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 258.577090][ T8954] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.727100][ T8954] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.403471][ T6621] Bluetooth: hci0: command 0x041b tx timeout [ 259.509802][ T8954] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 259.601561][ T8954] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 259.627606][ T8954] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 259.667662][ T8954] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 259.699114][ T9069] loop0: detected capacity change from 0 to 256 [ 259.699915][ T9070] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 259.764734][ T9069] exfat: Bad value for 'gid' [ 259.808847][ T9072] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 56657 - 0 [ 259.818004][ T9072] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 56657 - 0 [ 259.835801][ T9072] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 56657 - 0 [ 259.862063][ T9072] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 56657 - 0 [ 259.882464][ T9072] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 57608 - 0 [ 259.894198][ T9072] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 57608 - 0 [ 259.913230][ T9072] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 57608 - 0 [ 259.922603][ T9072] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 57608 - 0 [ 259.940078][ T9072] device geneve3 entered promiscuous mode [ 259.954339][ T9072] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 57608 - 0 [ 259.971006][ T9072] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 57608 - 0 [ 259.981593][ T9072] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 57608 - 0 [ 259.996360][ T9072] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 57608 - 0 [ 260.009567][ T9072] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 56657 - 0 [ 260.023196][ T9072] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 56657 - 0 [ 260.032348][ T9072] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 56657 - 0 [ 260.048693][ T9072] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 56657 - 0 [ 260.102217][ T9075] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 260.204604][ T8954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.251169][ T8954] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.286544][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.299036][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.350157][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 260.368097][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 260.381857][ T3571] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.388998][ T3571] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.404675][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 260.418704][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 260.430527][ T3571] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.437933][ T3571] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.453582][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 260.497591][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 260.515354][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 260.543788][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 260.561967][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 260.596523][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 260.608045][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 260.617248][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 260.629803][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 260.638703][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 260.660533][ T8954] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 260.695901][ T8954] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 260.724195][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 260.751751][ T7] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 261.060350][ T9096] loop0: detected capacity change from 0 to 256 [ 261.103769][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 261.111336][ T4049] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 261.156880][ T8954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.195924][ T9096] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 261.281629][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 261.316481][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 261.342427][ T9105] No such timeout policy "syz0" [ 261.370130][ T9096] FAT-fs (loop0): FAT read failed (blocknr 64) [ 261.374031][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 261.420265][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 261.428497][ T9110] nvme_fabrics: missing parameter 'transport=%s' [ 261.452816][ T9110] nvme_fabrics: missing parameter 'nqn=%s' [ 261.454767][ T6621] Bluetooth: hci0: command 0x040f tx timeout [ 261.467317][ T8954] device veth0_vlan entered promiscuous mode [ 261.508661][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 261.517907][ T3684] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 261.545072][ T6621] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 261.576526][ T8954] device veth1_vlan entered promiscuous mode [ 261.713682][ T8954] device veth0_macvtap entered promiscuous mode [ 261.740792][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 261.750310][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 261.760301][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 261.769130][ T23] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 261.783671][ T8954] device veth1_macvtap entered promiscuous mode [ 261.803482][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 261.829421][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.852785][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.863183][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 261.873972][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.886784][ T8954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 261.920422][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 261.937717][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 261.954050][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.966434][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.976766][ T8954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 261.987947][ T8954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 261.999716][ T8954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.023509][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 262.033820][ T6633] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 262.046075][ T8954] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.075862][ T8954] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.087035][ T8954] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.095977][ T8954] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.135533][ T4195] device hsr_slave_0 left promiscuous mode [ 262.144501][ T4195] device hsr_slave_1 left promiscuous mode [ 262.151300][ T4195] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 262.159644][ T4195] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.169335][ T4195] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.178432][ T4195] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.188710][ T4195] device bridge_slave_1 left promiscuous mode [ 262.195858][ T4195] bridge0: port 2(bridge_slave_1) entered disabled state [ 262.210783][ T4195] device veth1_macvtap left promiscuous mode [ 262.217163][ T4195] device veth0_macvtap left promiscuous mode [ 262.228560][ T4195] device veth1_vlan left promiscuous mode [ 262.237033][ T4195] device veth0_vlan left promiscuous mode [ 262.315637][ T26] audit: type=1800 audit(1718100749.610:207): pid=9134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0 [ 262.479974][ T4195] team0 (unregistering): Port device team_slave_1 removed [ 262.495491][ T4195] team0 (unregistering): Port device team_slave_0 removed [ 262.509110][ T4195] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 262.526826][ T4195] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 262.608603][ T4195] bond0 (unregistering): Released all slaves [ 262.701649][ T9137] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 262.814125][ T9144] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 262.869737][ T9144] syz-executor.2 (9144) used greatest stack depth: 18360 bytes left [ 262.893282][ T6221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.907627][ T6221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.958333][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 262.963134][ T3684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.990306][ T3684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.012543][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 263.491914][ T9161] loop1: detected capacity change from 0 to 1024 [ 263.512826][ T6621] Bluetooth: hci0: command 0x0419 tx timeout [ 263.570515][ T9161] EXT4-fs (loop1): Ignoring removed oldalloc option [ 263.592038][ T9161] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled [ 263.618996][ T9161] EXT4-fs (loop1): Unrecognized mount option "fsuuid=cf79116S-e0d7-d1c2-3c3-" or missing value [ 263.794333][ T9165] loop0: detected capacity change from 0 to 256 [ 263.862191][ T9165] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 263.883914][ T9172] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 263.907193][ T9165] FAT-fs (loop0): FAT read failed (blocknr 64) [ 263.982390][ T9165] nvme_fabrics: missing parameter 'transport=%s' [ 264.003220][ T9165] nvme_fabrics: missing parameter 'nqn=%s' [ 264.061332][ T3684] FAT-fs (loop0): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 264.331466][ T9198] netlink: 9424 bytes leftover after parsing attributes in process `syz-executor.2'. [ 264.347891][ T9198] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 264.359036][ T9198] netlink: 72 bytes leftover after parsing attributes in process `syz-executor.2'. [ 265.671159][ T9216] loop4: detected capacity change from 0 to 256 [ 265.729635][ T9216] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 265.825089][ T9222] loop1: detected capacity change from 0 to 128 [ 265.879044][ T9216] FAT-fs (loop4): FAT read failed (blocknr 64) [ 265.970039][ T9229] nvme_fabrics: missing parameter 'transport=%s' [ 265.987043][ T9229] nvme_fabrics: missing parameter 'nqn=%s' [ 266.148401][ T6222] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 267.315099][ T26] audit: type=1800 audit(1718100754.600:208): pid=9257 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0 [ 267.409697][ T26] audit: type=1804 audit(1718100754.700:209): pid=9267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2237568131/syzkaller.PR9zFD/33/bus" dev="sda1" ino=1957 res=1 errno=0 [ 267.688139][ T9280] loop0: detected capacity change from 0 to 4096 [ 267.755841][ T9280] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 267.769708][ T9292] loop4: detected capacity change from 0 to 1764 [ 267.784802][ T9280] ntfs3: loop0: Failed to load $MFT. [ 267.832136][ T9301] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 267.965588][ T9292] loop4: detected capacity change from 0 to 64 [ 267.981263][ T9280] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 268.004786][ T9306] batman_adv: batadv0: Adding interface: macvlan1 [ 268.011252][ T9306] batman_adv: batadv0: The MTU of interface macvlan1 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560. [ 268.088493][ T9306] batman_adv: batadv0: Not using interface macvlan1 (retrying later): interface not active [ 268.457921][ T9349] batman_adv: batadv0: Adding interface: macvlan1 [ 268.479184][ T9349] batman_adv: batadv0: The MTU of interface macvlan1 is too small (1500) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1560. [ 268.519550][ T9349] batman_adv: batadv0: Interface activated: macvlan1 [ 268.576806][ T9353] syz-executor.3[9353] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.576920][ T9353] syz-executor.3[9353] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.629519][ T9353] syz-executor.3[9353] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 268.676871][ T9353] syz-executor.3[9353] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 269.107325][ T26] audit: type=1800 audit(1718100756.280:210): pid=9375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1951 res=0 errno=0 [ 269.825748][ T26] audit: type=1804 audit(1718100756.290:211): pid=9375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3351951660/syzkaller.TMJw9V/418/file0" dev="sda1" ino=1951 res=1 errno=0 [ 270.458285][ T9383] loop0: detected capacity change from 0 to 1764 [ 270.590031][ T9391] loop4: detected capacity change from 0 to 128 [ 270.779578][ T9383] loop0: detected capacity change from 0 to 64 [ 271.356099][ T26] audit: type=1800 audit(1718100758.380:212): pid=9413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="file0" dev="sda1" ino=1969 res=0 errno=0 [ 271.952829][ T26] audit: type=1804 audit(1718100758.420:213): pid=9413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="file0" dev="sda1" ino=1969 res=1 errno=0 [ 272.047440][ T9426] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 272.095489][ T9429] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 272.799608][ T9434] loop1: detected capacity change from 0 to 32768 [ 272.814315][ T9458] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'. [ 272.858944][ T9434] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (9434) [ 272.962557][ T9434] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 272.991935][ T9434] BTRFS info (device loop1): using free space tree [ 273.009018][ T9434] BTRFS info (device loop1): has skinny extents [ 273.026966][ T9464] overlayfs: invalid redirect (./file1) [ 273.235545][ T9434] BTRFS info (device loop1): enabling ssd optimizations [ 273.515042][ T9509] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 273.985359][ T9526] EXT4-fs warning (device sda1): verify_group_input:168: Reserved blocks too high (4096) [ 274.048453][ T9527] loop0: detected capacity change from 0 to 512 [ 274.156362][ T9527] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 274.177919][ T9527] ext4 filesystem being mounted at /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/429/file0 supports timestamps until 2038 (0x7fffffff) [ 274.660183][ T9554] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.1'. [ 275.597111][ T9543] loop4: detected capacity change from 0 to 64 [ 275.664918][ T9543] hfs: unable to parse mount options [ 275.685243][ T9562] loop1: detected capacity change from 0 to 2048 [ 275.711360][ T9557] loop0: detected capacity change from 0 to 8192 [ 275.771089][ T9557] REISERFS warning (device loop0): super-6502 reiserfs_getopt: unknown mount option "" [ 275.830061][ T9571] tmpfs: Bad value for 'mpol' [ 275.984219][ T9557] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 276.005929][ T9557] overlayfs: overlapping lowerdir path [ 276.101368][ T9581] EXT4-fs warning (device sda1): verify_group_input:168: Reserved blocks too high (4096) [ 276.346228][ T9586] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.1'. [ 277.181095][ T9593] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 277.185164][ T9579] loop4: detected capacity change from 0 to 32768 [ 277.254794][ T9579] XFS: noikeep mount option is deprecated. [ 277.263410][ T9579] XFS: attr2 mount option is deprecated. [ 277.359848][ T9579] XFS (loop4): Mounting V5 Filesystem [ 277.434175][ T9579] XFS (loop4): Ending clean mount [ 277.448222][ T9579] XFS (loop4): Quotacheck needed: Please wait. [ 277.511297][ T9579] XFS (loop4): Quotacheck: Done. [ 277.576395][ T8483] XFS (loop4): Unmounting Filesystem [ 277.697615][ T9626] EXT4-fs warning (device sda1): verify_group_input:168: Reserved blocks too high (4096) [ 277.828902][ T9631] loop0: detected capacity change from 0 to 512 [ 277.852470][ T9632] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'. [ 278.325013][ T9635] loop1: detected capacity change from 0 to 8 [ 278.356178][ T9635] SQUASHFS error: lzo decompression failed, data probably corrupt [ 278.364833][ T9635] SQUASHFS error: Failed to read block 0x91: -5 [ 278.371459][ T9635] SQUASHFS error: Unable to read metadata cache entry [8f] [ 278.379714][ T9635] SQUASHFS error: Unable to read inode 0x11f [ 278.402079][ T9631] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 278.425162][ T9631] ext4 filesystem being mounted at /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/434/file0 supports timestamps until 2038 (0x7fffffff) [ 278.469358][ T9644] loop4: detected capacity change from 0 to 256 [ 278.507954][ T9635] loop1: detected capacity change from 0 to 512 [ 278.570929][ T9644] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 278.573084][ T9635] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 278.661757][ T9653] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 278.661757][ T9653] The task syz-executor.4 (9653) triggered the difference, watch for misbehavior. [ 278.694608][ T9635] EXT4-fs (loop1): 1 truncate cleaned up [ 278.700335][ T9635] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,nouid32,nobarrier,stripe=0x00000000000007fe,,errors=continue. Quota mode: none. [ 278.766640][ T9635] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 278.785736][ T9635] EXT4-fs warning (device loop1): ext4_xattr_set_entry:1745: inode #15: comm syz-executor.1: unable to update i_inline_off [ 278.798876][ T9635] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 278.817535][ T9658] EXT4-fs error (device loop1): ext4_xattr_ibody_list:748: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 278.831250][ T9635] EXT4-fs error (device loop1): ext4_xattr_ibody_get:603: inode #15: comm syz-executor.1: corrupted in-inode xattr [ 279.118550][ T9678] EXT4-fs warning (device sda1): verify_group_input:168: Reserved blocks too high (4096) [ 279.159360][ T9678] loop0: detected capacity change from 0 to 512 [ 279.265607][ T9678] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 279.309454][ T9678] ext4 filesystem being mounted at /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/439/file0 supports timestamps until 2038 (0x7fffffff) [ 279.860914][ T9735] MTD: Attempt to mount non-MTD device "/dev/nbd4" [ 279.896854][ T9731] loop1: detected capacity change from 0 to 8192 [ 279.909480][ T150] block nbd4: Attempted send on invalid socket [ 279.916811][ T150] blk_update_request: I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 280.041505][ T9731] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option "" [ 280.079685][ T9745] sctp: [Deprecated]: syz-executor.2 (pid 9745) Use of struct sctp_assoc_value in delayed_ack socket option. [ 280.079685][ T9745] Use struct sctp_sack_info instead [ 280.166418][ T9745] netlink: 'syz-executor.2': attribute type 3 has an invalid length. [ 280.177937][ T9745] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'. [ 280.354841][ T9731] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 280.417374][ T9731] overlayfs: overlapping lowerdir path [ 280.770957][ T9773] loop1: detected capacity change from 0 to 512 [ 280.855612][ T9773] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 280.884486][ T9773] EXT4-fs (loop1): invalid journal inode [ 280.942361][ T26] audit: type=1804 audit(1718100768.230:214): pid=9790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir3351951660/syzkaller.TMJw9V/447/bus" dev="sda1" ino=1962 res=1 errno=0 [ 280.967610][ C1] vkms_vblank_simulate: vblank timer overrun [ 281.067280][ T9773] sctp: [Deprecated]: syz-executor.1 (pid 9773) Use of struct sctp_assoc_value in delayed_ack socket option. [ 281.067280][ T9773] Use struct sctp_sack_info instead [ 281.103551][ T26] audit: type=1326 audit(1718100768.400:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1a7d026f69 code=0x0 [ 281.149163][ T9788] overlayfs: failed to clone upperpath [ 281.157771][ T9773] netlink: 'syz-executor.1': attribute type 3 has an invalid length. [ 281.189091][ T9773] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 281.945241][ T9803] loop1: detected capacity change from 0 to 32768 [ 282.009057][ T9803] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (9803) [ 282.086454][ T9803] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 282.135292][ T9803] BTRFS info (device loop1): turning on flush-on-commit [ 282.195015][ T9803] BTRFS info (device loop1): turning off barriers [ 282.222038][ T9803] BTRFS info (device loop1): doing ref verification [ 282.237559][ T9803] BTRFS info (device loop1): force clearing of disk cache [ 282.259308][ T9803] BTRFS info (device loop1): enabling disk space caching [ 282.297745][ T9803] BTRFS info (device loop1): turning on sync discard [ 282.337062][ T9803] BTRFS info (device loop1): using default commit interval 30s [ 282.366999][ T9803] BTRFS info (device loop1): disk space caching is enabled [ 282.383363][ T9803] BTRFS info (device loop1): has skinny extents [ 282.419472][ T26] audit: type=1800 audit(1718100769.710:216): pid=9860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1962 res=0 errno=0 [ 282.469747][ T9866] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 282.471020][ T26] audit: type=1800 audit(1718100769.740:217): pid=9860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1962 res=0 errno=0 [ 282.506190][ T9866] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 282.690711][ T9803] BTRFS info (device loop1): enabling ssd optimizations [ 282.716928][ T9803] BTRFS info (device loop1): clearing free space tree [ 282.732905][ T9803] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 282.767264][ T9845] loop0: detected capacity change from 0 to 32768 [ 282.767544][ T9803] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 282.834861][ T9845] XFS: noikeep mount option is deprecated. [ 282.968628][ T9845] XFS (loop0): Mounting V5 Filesystem [ 283.458293][ T26] audit: type=1804 audit(1718100770.750:218): pid=9915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="bus" dev="sda1" ino=1961 res=1 errno=0 [ 283.478599][ C1] vkms_vblank_simulate: vblank timer overrun [ 283.487818][ T9845] XFS (loop0): Ending clean mount [ 283.518946][ T9845] XFS (loop0): Quotacheck needed: Please wait. [ 283.567818][ T26] audit: type=1326 audit(1718100770.840:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9914 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb0dff59f69 code=0x0 [ 283.671325][ T9845] XFS (loop0): Quotacheck: Done. [ 283.771974][ T3835] XFS (loop0): Unmounting Filesystem [ 283.777149][ T9924] loop4: detected capacity change from 0 to 512 [ 283.788140][ T9923] loop1: detected capacity change from 0 to 128 [ 283.835337][ T9910] chnl_net:caif_netlink_parms(): no params data found [ 283.894950][ T9924] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 283.946531][ T9924] EXT4-fs (loop4): invalid journal inode [ 284.020676][ T9910] bridge0: port 1(bridge_slave_0) entered blocking state [ 284.027975][ T9910] bridge0: port 1(bridge_slave_0) entered disabled state [ 284.038018][ T9910] device bridge_slave_0 entered promiscuous mode [ 284.049180][ T9910] bridge0: port 2(bridge_slave_1) entered blocking state [ 284.056725][ T9910] bridge0: port 2(bridge_slave_1) entered disabled state [ 284.096763][ T9910] device bridge_slave_1 entered promiscuous mode [ 284.109969][ T9924] sctp: [Deprecated]: syz-executor.4 (pid 9924) Use of struct sctp_assoc_value in delayed_ack socket option. [ 284.109969][ T9924] Use struct sctp_sack_info instead [ 284.188801][ T9910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 284.190056][ T9924] netlink: 'syz-executor.4': attribute type 3 has an invalid length. [ 284.227747][ T9910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 284.240902][ T9924] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. [ 284.371218][ T9910] team0: Port device team_slave_0 added [ 284.393147][ T9910] team0: Port device team_slave_1 added [ 284.524475][ T9942] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 284.540416][ T9910] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 284.553492][ T9946] loop4: detected capacity change from 0 to 512 [ 284.556597][ T9910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.624249][ T9910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 284.673347][ T9946] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 284.679889][ T9946] EXT4-fs (loop4): mount failed [ 284.701271][ T9910] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 284.753563][ T9910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 284.779542][ C1] vkms_vblank_simulate: vblank timer overrun [ 284.831452][ T9958] loop0: detected capacity change from 0 to 1024 [ 284.856302][ T9910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 284.873095][ T9933] loop1: detected capacity change from 0 to 32768 [ 285.018716][ T9971] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. [ 285.019160][ T9910] device hsr_slave_0 entered promiscuous mode [ 285.060515][ T9933] XFS (loop1): Mounting V5 Filesystem [ 285.070235][ T9910] device hsr_slave_1 entered promiscuous mode [ 285.080128][ T9910] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 285.119848][ T9910] Cannot create hsr debugfs directory [ 285.160106][ T9977] loop4: detected capacity change from 0 to 128 [ 285.246122][ T9933] XFS (loop1): Ending clean mount [ 285.281481][ T9933] XFS (loop1): Quotacheck needed: Please wait. [ 285.302147][ T9977] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 285.313789][ T9977] ext4 filesystem being mounted at /root/syzkaller-testdir2237568131/syzkaller.PR9zFD/83/mnt supports timestamps until 2038 (0x7fffffff) [ 285.343129][ T7] Bluetooth: hci2: command 0x0409 tx timeout [ 285.529699][ T9933] XFS (loop1): Quotacheck: Done. [ 285.690654][ T9997] loop4: detected capacity change from 0 to 512 [ 285.782360][ T9997] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 285.810544][ T9997] EXT4-fs (loop4): mount failed [ 285.865511][ T8954] XFS (loop1): Unmounting Filesystem [ 285.944720][ T6221] device hsr_slave_0 left promiscuous mode [ 286.002751][ T6221] device hsr_slave_1 left promiscuous mode [ 286.024803][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 286.089892][ T6221] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 286.122344][ T6221] batman_adv: batadv0: Removing interface: macvlan1 [ 286.145460][ T6221] device bridge_slave_1 left promiscuous mode [ 286.151928][ T6221] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.358534][ T6221] device bridge_slave_0 left promiscuous mode [ 286.438562][ T6221] bridge0: port 1(bridge_slave_0) entered disabled state [ 287.147771][ T6221] device team_slave_1 left promiscuous mode [ 287.168528][ T6221] team0 (unregistering): Port device team_slave_1 removed [ 287.195183][ T6221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 287.216968][ T6221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 287.372215][ T6221] bond0 (unregistering): Released all slaves [ 287.423033][ T3601] Bluetooth: hci2: command 0x041b tx timeout [ 287.427415][T10029] loop1: detected capacity change from 0 to 32768 [ 287.441815][T10014] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 287.564104][ T9910] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 287.586272][ T9910] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 287.614711][ T9910] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 287.632183][T10029] XFS (loop1): Mounting V5 Filesystem [ 287.659692][ T9910] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 287.809949][T10052] "syz-executor.0" (10052) uses obsolete ecb(arc4) skcipher [ 287.830853][T10029] XFS (loop1): Ending clean mount [ 287.921362][T10029] XFS (loop1): Quotacheck needed: Please wait. [ 288.042384][ T9910] 8021q: adding VLAN 0 to HW filter on device bond0 [ 288.073097][T10029] XFS (loop1): Quotacheck: Done. [ 288.109443][ T4061] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 288.120358][ T4061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 288.140511][ T9910] 8021q: adding VLAN 0 to HW filter on device team0 [ 288.157970][ T4061] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 288.177412][ T4061] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 288.197938][ T4061] bridge0: port 1(bridge_slave_0) entered blocking state [ 288.205109][ T4061] bridge0: port 1(bridge_slave_0) entered forwarding state [ 288.240005][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 288.248591][T10044] loop4: detected capacity change from 0 to 32768 [ 288.256861][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 288.266967][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 288.442420][ T8954] XFS (loop1): Unmounting Filesystem [ 288.600136][T10044] XFS: noikeep mount option is deprecated. [ 288.765505][T10063] loop0: detected capacity change from 0 to 256 [ 289.000099][T10063] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 289.001569][ T4055] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.020268][ T4055] bridge0: port 2(bridge_slave_1) entered forwarding state [ 289.033794][ T4055] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 289.049768][T10044] XFS (loop4): Mounting V5 Filesystem [ 289.147596][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 289.183587][T10044] XFS (loop4): Ending clean mount [ 289.184255][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 289.191719][T10044] XFS (loop4): Quotacheck needed: Please wait. [ 289.275437][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 289.330067][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 289.379022][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 289.420751][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 289.458723][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 289.463686][T10044] XFS (loop4): Quotacheck: Done. [ 289.470246][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 289.486589][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 289.500171][ T9910] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 289.508386][ T3601] Bluetooth: hci2: command 0x040f tx timeout [ 289.544541][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 289.711701][ T8483] XFS (loop4): Unmounting Filesystem [ 289.866418][T10092] netlink: 'syz-executor.3': attribute type 10 has an invalid length. [ 289.907818][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 289.923110][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 289.959074][ T9910] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 290.013150][ T26] audit: type=1800 audit(1718100777.310:220): pid=10101 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1959 res=0 errno=0 [ 290.052183][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 290.096110][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 290.131808][ T9910] device veth0_vlan entered promiscuous mode [ 290.162073][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 290.185653][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 290.209267][ T9910] device veth1_vlan entered promiscuous mode [ 290.218315][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 290.233602][ T3567] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 290.291741][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 290.301682][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 290.334969][ T9910] device veth0_macvtap entered promiscuous mode [ 290.349477][ T9910] device veth1_macvtap entered promiscuous mode [ 290.402045][ T9910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.433238][ T9910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.453078][ T9910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 290.475205][ T9910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.515116][ T9910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 290.524365][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 290.543345][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 290.563606][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 290.593135][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 290.629619][ T9910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.641473][ T9910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.682096][ T9910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 290.713730][ T9910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 290.753784][ T9910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 290.785902][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 290.796285][ T3571] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 290.826652][ T9910] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.845145][ T9910] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.873013][ T9910] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.902269][ T9910] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.907047][T10096] loop0: detected capacity change from 0 to 32768 [ 291.136704][T10096] XFS (loop0): Mounting V5 Filesystem [ 291.142352][ T4195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.212881][ T4195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.234953][ T3601] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 291.284121][T10096] XFS (loop0): Ending clean mount [ 291.308268][ T4195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 291.318215][T10096] XFS (loop0): Quotacheck needed: Please wait. [ 291.332883][ T4195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 291.396724][ T3601] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 291.467015][T10096] XFS (loop0): Quotacheck: Done. [ 291.526868][T10109] loop4: detected capacity change from 0 to 32768 [ 291.583042][ T4267] Bluetooth: hci2: command 0x0419 tx timeout [ 291.628596][T10109] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (10109) [ 291.662324][ T3835] XFS (loop0): Unmounting Filesystem [ 291.688845][T10135] loop1: detected capacity change from 0 to 256 [ 291.701901][T10109] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm [ 291.732423][T10109] BTRFS info (device loop4): using free space tree [ 291.753997][T10135] exfat: Deprecated parameter 'namecase' [ 291.770012][T10135] exfat: Deprecated parameter 'namecase' [ 291.799193][T10109] BTRFS info (device loop4): has skinny extents [ 291.803153][T10135] exfat: Deprecated parameter 'namecase' [ 292.176882][T10135] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011e5d, chksum : 0x63a11b78, utbl_chksum : 0xe619d30d) [ 293.014981][T10109] BTRFS info (device loop4): enabling ssd optimizations [ 293.032534][T10109] fs-verity (loop4, inode 258): Unknown hash algorithm number: 0 [ 293.136730][T10177] loop2: detected capacity change from 0 to 256 [ 293.140878][T10179] IPVS: set_ctl: invalid protocol: 47 10.1.1.0:20001 [ 293.226779][T10177] exfat: Deprecated parameter 'utf8' [ 293.283422][T10177] /dev/loop2: Can't open blockdev [ 293.438737][T10183] loop1: detected capacity change from 0 to 4096 [ 293.536260][T10183] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 293.583781][T10183] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel. [ 293.688395][T10183] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match. Run ntfsfix or chkdsk. [ 293.740172][T10183] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT. Mounting read-only. Run ntfsfix and/or chkdsk. [ 293.786099][T10205] loop2: detected capacity change from 0 to 512 [ 293.803143][T10183] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn. [ 293.825042][T10183] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5. Marking corrupt inode 0xa as bad. Run chkdsk. [ 293.857370][T10183] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default. [ 293.891688][T10183] ntfs: volume version 3.1. [ 293.913892][ T26] audit: type=1800 audit(1718100781.210:221): pid=10205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1954 res=0 errno=0 [ 293.925479][T10183] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty. [ 294.089540][T10219] tmpfs: Bad value for 'mpol' [ 294.195935][T10228] loop4: detected capacity change from 0 to 1024 [ 294.216931][T10231] loop2: detected capacity change from 0 to 512 [ 294.409336][T10237] netlink: 'syz-executor.1': attribute type 12 has an invalid length. [ 294.523884][T10243] ax25_connect(): syz-executor.4 uses autobind, please contact jreuter@yaina.de [ 294.533496][T10237] loop1: detected capacity change from 0 to 8192 [ 294.590443][T10237] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal [ 294.611425][T10246] loop2: detected capacity change from 0 to 256 [ 294.630945][T10237] REISERFS (device loop1): using ordered data mode [ 294.645187][T10237] reiserfs: using flush barriers [ 294.669390][T10237] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 294.708303][T10246] exfat: Deprecated parameter 'utf8' [ 294.723774][T10237] REISERFS (device loop1): checking transaction log (loop1) [ 294.757403][T10237] REISERFS (device loop1): Using r5 hash to sort names [ 294.763114][T10246] /dev/loop2: Can't open blockdev [ 294.765241][T10237] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 294.794768][T10237] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage. [ 294.834122][T10237] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2) [ 294.978881][T10259] device macsec1 entered promiscuous mode [ 294.999928][T10259] device syz_tun entered promiscuous mode [ 295.015454][T10259] device syz_tun left promiscuous mode [ 295.074381][T10265] loop2: detected capacity change from 0 to 1024 [ 295.328682][T10281] netlink: 'syz-executor.2': attribute type 12 has an invalid length. [ 295.419053][T10286] overlayfs: failed to resolve './file0': -2 [ 295.472505][T10281] loop2: detected capacity change from 0 to 8192 [ 295.473107][ T1066] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 295.853522][ T1066] usb 1-1: config 0 has an invalid interface number: 132 but max is 0 [ 295.882217][ T1066] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.891652][T10304] loop2: detected capacity change from 0 to 64 [ 295.907149][ T1066] usb 1-1: config 0 has no interface number 0 [ 295.932754][ T1066] usb 1-1: New USB device found, idVendor=0421, idProduct=042f, bcdDevice=bc.fe [ 295.962245][ T1066] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.970811][T10305] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 296.001693][ T1066] usb 1-1: config 0 descriptor?? [ 296.093262][ T1066] rndis_wlan 1-1:0.132: skipping garbage [ 296.098971][ T1066] usb 1-1: bad CDC descriptors [ 296.174278][ T1066] rndis_host 1-1:0.132: skipping garbage [ 296.213675][ T1066] usb 1-1: bad CDC descriptors [ 296.466073][T10310] loop4: detected capacity change from 0 to 32768 [ 296.473147][ T1066] cdc_acm 1-1:0.132: skipping garbage [ 296.481783][ T1066] usb 1-1: USB disconnect, device number 8 [ 296.527826][T10310] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (10310) [ 296.606688][T10310] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 296.615664][T10310] BTRFS info (device loop4): using free space tree [ 296.622455][T10310] BTRFS info (device loop4): has skinny extents [ 296.647208][T10314] loop2: detected capacity change from 0 to 4096 [ 296.762872][T10310] BTRFS info (device loop4): enabling ssd optimizations [ 296.781515][T10325] netlink: 'syz-executor.3': attribute type 12 has an invalid length. [ 296.830433][T10310] BTRFS info (device loop4): setting incompat feature flag for DEFAULT_SUBVOL (0x2) [ 297.154323][ T7] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 297.177107][T10349] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 297.179972][T10351] loop0: detected capacity change from 0 to 64 [ 297.573142][ T7] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 297.585512][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 297.597278][ T7] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 297.607471][ T7] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 297.691838][T10366] loop4: detected capacity change from 0 to 8192 [ 297.703264][ T7] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 297.712881][ T7] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 297.721917][ T7] usb 2-1: Manufacturer: syz [ 297.728956][ T7] usb 2-1: config 0 descriptor?? [ 297.755328][T10366] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal [ 297.770695][T10366] REISERFS (device loop4): using ordered data mode [ 297.787835][T10366] reiserfs: using flush barriers [ 297.799662][T10371] overlayfs: failed to resolve './file0': -2 [ 297.801169][T10366] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 297.857123][T10366] REISERFS (device loop4): checking transaction log (loop4) [ 297.901878][T10366] REISERFS (device loop4): Using r5 hash to sort names [ 297.967319][T10366] reiserfs: enabling write barrier flush mode [ 297.998917][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 297.998934][ T26] audit: type=1326 audit(1718100785.290:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10372 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5391aaff69 code=0x0 [ 298.026799][T10366] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 298.224625][ T7] appleir 0003:05AC:8243.0008: unknown main item tag 0x0 [ 298.232264][ T7] appleir 0003:05AC:8243.0008: No inputs registered, leaving [ 298.246584][ T7] appleir 0003:05AC:8243.0008: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 298.700968][T10379] loop4: detected capacity change from 0 to 64 [ 298.791391][T10383] netlink: 'syz-executor.3': attribute type 12 has an invalid length. [ 298.825698][T10386] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 299.026152][ T4046] usb 2-1: USB disconnect, device number 10 [ 299.098170][T10390] loop2: detected capacity change from 0 to 4096 [ 299.224504][T10403] loop1: detected capacity change from 0 to 4096 [ 299.276789][T10403] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512) [ 299.346404][T10403] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 299.424191][ T1066] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 299.431411][T10428] netlink: 'syz-executor.2': attribute type 12 has an invalid length. [ 299.451485][T10403] netlink: 'syz-executor.1': attribute type 49 has an invalid length. [ 299.472796][T10403] netlink: 'syz-executor.1': attribute type 49 has an invalid length. [ 299.626856][T10421] loop2: detected capacity change from 0 to 8192 [ 299.793001][ T1066] usb 5-1: config 0 has an invalid interface number: 132 but max is 0 [ 299.805036][T10451] tmpfs: Unknown parameter 'usrquota' [ 299.812730][ T1066] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 299.819878][T10453] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 299.848918][ T1066] usb 5-1: config 0 has no interface number 0 [ 299.857432][ T1066] usb 5-1: New USB device found, idVendor=0421, idProduct=042f, bcdDevice=bc.fe [ 299.894315][ T1066] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.916798][ T1066] usb 5-1: config 0 descriptor?? [ 300.002431][ T1066] rndis_wlan 5-1:0.132: skipping garbage [ 300.032769][ T1066] usb 5-1: bad CDC descriptors [ 300.050173][ T1066] rndis_host 5-1:0.132: skipping garbage [ 300.073051][ T1066] usb 5-1: bad CDC descriptors [ 300.078306][ T1066] cdc_acm 5-1:0.132: skipping garbage [ 300.096692][T10465] loop2: detected capacity change from 0 to 512 [ 300.177738][T10451] loop0: detected capacity change from 0 to 32768 [ 300.196244][ T1066] usb 5-1: USB disconnect, device number 7 [ 300.217521][T10466] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 300.226712][T10466] netlink: 'syz-executor.3': attribute type 49 has an invalid length. [ 300.238771][T10451] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz-executor.0 (10451) [ 300.296820][T10451] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm [ 300.305923][T10451] BTRFS info (device loop0): using free space tree [ 300.313178][T10451] BTRFS info (device loop0): has skinny extents [ 300.340160][T10451] BTRFS info (device loop0): enabling ssd optimizations [ 301.054774][T10503] loop4: detected capacity change from 0 to 32768 [ 301.101834][T10503] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (10503) [ 301.127543][T10520] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 301.157904][T10516] block nbd1: shutting down sockets [ 301.176741][T10503] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm [ 301.185674][T10503] BTRFS info (device loop4): using free space tree [ 301.192215][T10503] BTRFS info (device loop4): has skinny extents [ 301.340107][T10503] BTRFS info (device loop4): enabling ssd optimizations [ 301.359669][T10503] BTRFS info (device loop4): setting incompat feature flag for DEFAULT_SUBVOL (0x2) [ 301.413274][ T3567] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 301.431001][T10551] overlayfs: failed to clone upperpath [ 301.554162][ T26] audit: type=1800 audit(1718100788.850:223): pid=10552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1970 res=0 errno=0 [ 301.780223][ T3567] usb 1-1: config 0 has an invalid interface number: 132 but max is 0 [ 301.791155][ T3567] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 301.807567][ T3567] usb 1-1: config 0 has no interface number 0 [ 301.814267][ T3567] usb 1-1: New USB device found, idVendor=0421, idProduct=042f, bcdDevice=bc.fe [ 301.846543][ T3567] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.861222][ T3567] usb 1-1: config 0 descriptor?? [ 301.913182][ T3567] rndis_wlan 1-1:0.132: skipping garbage [ 301.921323][ T3567] usb 1-1: bad CDC descriptors [ 301.941620][ T3567] rndis_host 1-1:0.132: skipping garbage [ 301.985488][ T3567] usb 1-1: bad CDC descriptors [ 302.018656][ T3567] cdc_acm 1-1:0.132: skipping garbage [ 302.140529][ T3567] usb 1-1: USB disconnect, device number 9 [ 302.323872][T10580] loop1: detected capacity change from 0 to 32768 [ 302.368340][T10580] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (10580) [ 302.409355][T10580] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm [ 302.410514][ T26] audit: type=1800 audit(1718100789.700:224): pid=10567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.4" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0 [ 302.418539][T10580] BTRFS info (device loop1): using free space tree [ 302.446398][T10580] BTRFS info (device loop1): has skinny extents [ 302.509972][T10580] BTRFS info (device loop1): enabling ssd optimizations [ 302.531444][T10580] BTRFS info (device loop1): setting incompat feature flag for DEFAULT_SUBVOL (0x2) [ 302.628442][T10617] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 302.721708][T10619] x_tables: ip_tables: osf match: only valid for protocol 6 [ 302.905398][T10625] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_vlan, syncid = 0, id = 0 [ 303.018938][T10631] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.0'. [ 303.172943][T10637] loop0: detected capacity change from 0 to 1024 [ 303.287957][T10637] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled [ 303.318956][T10645] smc: adding net device pimreg with user defined pnetid SYZ1 [ 303.350184][T10637] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000003,resuid=0x0000000000000000,i_version,data=ordered,jqfmt=vfsold,barrier=0x0000000000000648,barrier=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 303.472907][T10652] smc: removing net device pimreg with user defined pnetid SYZ1 [ 303.501415][T10637] EXT4-fs error (device loop0): ext4_read_inline_dir:1596: inode #12: block 16: comm syz-executor.0: path /root/syzkaller-testdir3351951660/syzkaller.TMJw9V/497/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=916 fake=0 [ 303.556531][T10659] syz-executor.1[10659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 303.556627][T10659] syz-executor.1[10659] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 303.639783][ T26] audit: type=1800 audit(1718100790.930:225): pid=10640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.2" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 303.951131][T10686] loop4: detected capacity change from 0 to 1024 [ 303.999715][T10686] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled [ 304.021023][T10688] loop2: detected capacity change from 0 to 2048 [ 304.048039][T10698] x_tables: ip_tables: osf match: only valid for protocol 6 [ 304.072459][T10686] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,journal_ioprio=0x0000000000000003,resuid=0x0000000000000000,i_version,data=ordered,jqfmt=vfsold,barrier=0x0000000000000648,barrier=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 304.191992][T10686] EXT4-fs error (device loop4): ext4_read_inline_dir:1596: inode #12: block 16: comm syz-executor.4: path /root/syzkaller-testdir2237568131/syzkaller.PR9zFD/113/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=40, inode=301989902, rec_len=0, size=916 fake=0 [ 304.398838][ T26] audit: type=1800 audit(1718100791.690:226): pid=10704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=5 res=0 errno=0 [ 304.806443][T10716] loop4: detected capacity change from 0 to 512 [ 304.907959][T10716] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 304.961941][T10716] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e12c, mo2=0002] [ 304.986513][T10716] EXT4-fs (loop4): orphan cleanup on readonly fs [ 305.006341][T10716] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 361: padding at end of block bitmap is not set [ 305.070541][T10733] input: syz1 as /devices/virtual/input/input10 [ 305.110135][T10716] EXT4-fs (loop4): Remounting filesystem read-only [ 305.148947][T10716] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6184: Corrupt filesystem [ 305.179314][T10716] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz-executor.4: attempt to clear invalid blocks 33619980 len 1 [ 305.235874][T10716] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 1811939328 (level 0) [ 305.302132][T10716] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 2185560079 (level 1) [ 305.345135][T10716] EXT4-fs (loop4): 1 truncate cleaned up [ 305.358901][T10716] EXT4-fs (loop4): mounted filesystem without journal. Opts: noload,noblock_validity,discard,errors=remount-ro,inode_readahead_blks=0x0000000000000000. Quota mode: none. [ 305.359329][T10742] loop1: detected capacity change from 0 to 64 [ 305.393693][T10744] netlink: 68 bytes leftover after parsing attributes in process `syz-executor.2'. [ 305.460141][T10742] hfs: request for non-existent node 16777216 in B*Tree [ 305.538842][T10742] hfs: request for non-existent node 16777216 in B*Tree [ 305.616248][T10742] [ 305.618802][T10742] ====================================================== [ 305.625931][T10742] WARNING: possible circular locking dependency detected [ 305.633060][T10742] 5.15.160-syzkaller #0 Not tainted [ 305.638366][T10742] ------------------------------------------------------ [ 305.645484][T10742] syz-executor.1/10742 is trying to acquire lock: [ 305.652004][T10742] ffff8880153b60b0 (&tree->tree_lock#2/1){+.+.}-{3:3}, at: hfs_find_init+0x16a/0x1e0 [ 305.661638][T10742] [ 305.661638][T10742] but task is already holding lock: [ 305.669024][T10742] ffff88807eb7a178 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x1440 [ 305.680029][T10742] [ 305.680029][T10742] which lock already depends on the new lock. [ 305.680029][T10742] [ 305.690447][T10742] [ 305.690447][T10742] the existing dependency chain (in reverse order) is: [ 305.699491][T10742] [ 305.699491][T10742] -> #1 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}: [ 305.708753][T10742] lock_acquire+0x1db/0x4f0 [ 305.711861][T10760] overlayfs: failed to clone upperpath [ 305.713796][T10742] __mutex_lock_common+0x1da/0x25a0 [ 305.713828][T10742] mutex_lock_nested+0x17/0x20 [ 305.713847][T10742] hfs_extend_file+0xfb/0x1440 [ 305.713868][T10742] hfs_bmap_reserve+0xd5/0x3f0 [ 305.713887][T10742] __hfs_ext_write_extent+0x22e/0x4f0 [ 305.713907][T10742] __hfs_ext_cache_extent+0x6a/0x990 [ 305.713927][T10742] hfs_extend_file+0x340/0x1440 [ 305.713946][T10742] hfs_get_block+0x3e0/0xb60 [ 305.713964][T10742] __block_write_begin_int+0x60b/0x1650 [ 305.713986][T10742] cont_write_begin+0x5d6/0x840 [ 305.714005][T10742] hfs_write_begin+0x92/0xd0 [ 305.714026][T10742] generic_perform_write+0x2bf/0x5b0 [ 305.714047][T10742] __generic_file_write_iter+0x243/0x4f0 [ 305.714070][T10742] generic_file_write_iter+0xa7/0x1b0 [ 305.714092][T10742] vfs_write+0xacf/0xe50 [ 305.714112][T10742] ksys_write+0x1a2/0x2c0 [ 305.714131][T10742] do_syscall_64+0x3b/0xb0 [ 305.714151][T10742] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 305.714172][T10742] [ 305.714172][T10742] -> #0 (&tree->tree_lock#2/1){+.+.}-{3:3}: [ 305.714217][T10742] validate_chain+0x1649/0x5930 [ 305.714237][T10742] __lock_acquire+0x1295/0x1ff0 [ 305.714254][T10742] lock_acquire+0x1db/0x4f0 [ 305.714271][T10742] __mutex_lock_common+0x1da/0x25a0 [ 305.714292][T10742] mutex_lock_nested+0x17/0x20 [ 305.714313][T10742] hfs_find_init+0x16a/0x1e0 [ 305.714332][T10742] hfs_extend_file+0x317/0x1440 [ 305.864156][T10742] hfs_bmap_reserve+0xd5/0x3f0 [ 305.869447][T10742] hfs_cat_move+0x1b7/0x1050 [ 305.874563][T10742] hfs_rename+0x242/0x320 [ 305.879580][T10742] vfs_rename+0xd32/0x10f0 [ 305.884511][T10742] do_renameat2+0xe0f/0x1700 [ 305.889619][T10742] __x64_sys_renameat2+0xce/0xe0 [ 305.895075][T10742] do_syscall_64+0x3b/0xb0 [ 305.900008][T10742] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 305.906518][T10742] [ 305.906518][T10742] other info that might help us debug this: [ 305.906518][T10742] [ 305.916736][T10742] Possible unsafe locking scenario: [ 305.916736][T10742] [ 305.924177][T10742] CPU0 CPU1 [ 305.929534][T10742] ---- ---- [ 305.935149][T10742] lock(&HFS_I(tree->inode)->extents_lock); [ 305.941132][T10742] lock(&tree->tree_lock#2/1); [ 305.948515][T10742] lock(&HFS_I(tree->inode)->extents_lock); [ 305.957133][T10742] lock(&tree->tree_lock#2/1); [ 305.961991][T10742] [ 305.961991][T10742] *** DEADLOCK *** [ 305.961991][T10742] [ 305.970125][T10742] 8 locks held by syz-executor.1/10742: [ 305.975669][T10742] #0: ffff8880609ac460 (sb_writers#20){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80 [ 305.984907][T10742] #1: ffff8880609ac748 (&type->s_vfs_rename_key#6){+.+.}-{3:3}, at: do_renameat2+0x5b7/0x1700 [ 305.995351][T10742] #2: ffff88807eb7b6a8 (&type->i_mutex_dir_key#12/1){+.+.}-{3:3}, at: do_renameat2+0x644/0x1700 [ 306.005892][T10742] #3: ffff88807eb7b028 (&type->i_mutex_dir_key#12/5){+.+.}-{3:3}, at: do_renameat2+0x67e/0x1700 [ 306.016429][T10742] #4: ffff88807eb782a8 (&sb->s_type->i_mutex_key#27){+.+.}-{3:3}, at: lock_two_nondirectories+0xde/0x130 [ 306.027834][T10742] #5: ffff88807eb78928 (&sb->s_type->i_mutex_key#27/4){+.+.}-{3:3}, at: vfs_rename+0x7e4/0x10f0 [ 306.038371][T10742] #6: ffff8880153b80b0 (&tree->tree_lock#2){+.+.}-{3:3}, at: hfs_find_init+0x16a/0x1e0 [ 306.048125][T10742] #7: ffff88807eb7a178 (&HFS_I(tree->inode)->extents_lock){+.+.}-{3:3}, at: hfs_extend_file+0xfb/0x1440 [ 306.059438][T10742] [ 306.059438][T10742] stack backtrace: [ 306.065417][T10742] CPU: 0 PID: 10742 Comm: syz-executor.1 Not tainted 5.15.160-syzkaller #0 [ 306.074004][T10742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 306.084071][T10742] Call Trace: [ 306.087360][T10742] [ 306.090289][T10742] dump_stack_lvl+0x1e3/0x2d0 [ 306.094974][T10742] ? io_uring_drop_tctx_refs+0x1a0/0x1a0 [ 306.100613][T10742] ? print_circular_bug+0x12b/0x1a0 [ 306.105820][T10742] check_noncircular+0x2f8/0x3b0 [ 306.110764][T10742] ? add_chain_block+0x850/0x850 [ 306.115699][T10742] ? lockdep_lock+0x11f/0x2a0 [ 306.120455][T10742] validate_chain+0x1649/0x5930 [ 306.125318][T10742] ? reacquire_held_locks+0x660/0x660 [ 306.130726][T10742] ? mark_lock+0x98/0x340 [ 306.135081][T10742] ? lockdep_hardirqs_on_prepare+0x438/0x7a0 [ 306.141074][T10742] ? mark_lock+0x98/0x340 [ 306.145406][T10742] __lock_acquire+0x1295/0x1ff0 [ 306.150268][T10742] lock_acquire+0x1db/0x4f0 [ 306.154844][T10742] ? hfs_find_init+0x16a/0x1e0 [ 306.160135][T10742] ? read_lock_is_recursive+0x10/0x10 [ 306.165511][T10742] ? ____kasan_kmalloc+0xd1/0xf0 [ 306.170451][T10742] ? __might_sleep+0xc0/0xc0 [ 306.175044][T10742] ? hfs_cat_move+0x1b7/0x1050 [ 306.179814][T10742] ? hfs_rename+0x242/0x320 [ 306.184316][T10742] ? vfs_rename+0xd32/0x10f0 [ 306.188903][T10742] ? do_renameat2+0xe0f/0x1700 [ 306.193664][T10742] ? __x64_sys_renameat2+0xce/0xe0 [ 306.198775][T10742] ? do_syscall_64+0x3b/0xb0 [ 306.203367][T10742] ? entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 306.209442][T10742] __mutex_lock_common+0x1da/0x25a0 [ 306.214650][T10742] ? hfs_find_init+0x16a/0x1e0 [ 306.219421][T10742] ? hfs_find_init+0x16a/0x1e0 [ 306.224187][T10742] ? mutex_lock_io_nested+0x60/0x60 [ 306.229395][T10742] ? __kmalloc+0x168/0x300 [ 306.233815][T10742] ? hfs_find_init+0x8c/0x1e0 [ 306.238498][T10742] mutex_lock_nested+0x17/0x20 [ 306.243268][T10742] hfs_find_init+0x16a/0x1e0 [ 306.247859][T10742] hfs_extend_file+0x317/0x1440 [ 306.252720][T10742] ? hfs_get_block+0xb60/0xb60 [ 306.257499][T10742] ? __mutex_lock_common+0x444/0x25a0 [ 306.262878][T10742] ? mutex_lock_io_nested+0x60/0x60 [ 306.269070][T10742] hfs_bmap_reserve+0xd5/0x3f0 [ 306.275636][T10742] hfs_cat_move+0x1b7/0x1050 [ 306.281320][T10742] ? rcu_is_watching+0x11/0xa0 [ 306.286418][T10742] ? asm_sysvec_apic_timer_interrupt+0x16/0x20 [ 306.292587][T10742] ? hfs_cat_delete+0x880/0x880 [ 306.297449][T10742] ? preempt_schedule_common+0xa6/0xd0 [ 306.302912][T10742] ? preempt_schedule+0xd9/0xe0 [ 306.307768][T10742] ? rcu_is_watching+0x11/0xa0 [ 306.312535][T10742] ? __mark_inode_dirty+0x3dd/0xd60 [ 306.317746][T10742] hfs_rename+0x242/0x320 [ 306.322100][T10742] vfs_rename+0xd32/0x10f0 [ 306.326535][T10742] ? tomoyo_path_link+0x150/0x170 [ 306.331560][T10742] ? __ia32_sys_link+0x90/0x90 [ 306.336351][T10742] ? security_path_rename+0x207/0x2a0 [ 306.341732][T10742] do_renameat2+0xe0f/0x1700 [ 306.346348][T10742] ? fsnotify_move+0x4f0/0x4f0 [ 306.351113][T10742] ? __virt_addr_valid+0x39e/0x450 [ 306.356252][T10742] ? __phys_addr_symbol+0x2b/0x70 [ 306.361285][T10742] ? 0xffffffff81000000 [ 306.365451][T10742] ? getname_flags+0x1ec/0x4e0 [ 306.370224][T10742] __x64_sys_renameat2+0xce/0xe0 [ 306.375163][T10742] do_syscall_64+0x3b/0xb0 [ 306.379581][T10742] ? clear_bhb_loop+0x15/0x70 [ 306.384257][T10742] entry_SYSCALL_64_after_hwframe+0x66/0xd0 [ 306.390152][T10742] RIP: 0033:0x7f95e8b8ff69 [ 306.394604][T10742] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 2024/06/11 10:13:13 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 306.414733][T10742] RSP: 002b:00007f95e77090c8 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 306.423149][T10742] RAX: ffffffffffffffda RBX: 00007f95e8cc6f80 RCX: 00007f95e8b8ff69 [ 306.431145][T10742] RDX: 0000000000000004 RSI: 0000000020000080 RDI: ffffffffffffff9c [ 306.439383][T10742] RBP: 00007f95e8bed6fe R08: 0000000000000000 R09: 0000000000000000 [ 306.447359][T10742] R10: 0000000020000980 R11: 0000000000000246 R12: 0000000000000000 [ 306.455362][T10742] R13: 000000000000000b R14: 00007f95e8cc6f80 R15: 00007ffd4da9df28 [ 306.463354][T10742] [ 306.492846][T10742] hfs: request for non-existent node 16777216 in B*Tree [ 306.509933][ T26] audit: type=1800 audit(1718100793.800:227): pid=10762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1973 res=0 errno=0 [ 306.548621][T10742] hfs: request for non-existent node 16777216 in B*Tree [ 306.560936][T10711] device veth0_vlan left promiscuous mode [ 306.573666][T10711] device veth0_vlan entered promiscuous mode [ 306.632677][ T4056] usb 1-1: new high-speed USB device number 10 using dummy_hcd