last executing test programs: 34.936212576s ago: executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000002840)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bff57002c1097f92e91002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8096d5742db41bd61080dcbe40e0f802fc12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00"/3261], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000001440)=[{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)="9ddfc5a2c87fe3", 0xfffffdef}], 0x1}], 0x1, 0x0) sendmsg$unix(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="fd", 0x1}], 0x1}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={0x0}}, 0x0) 33.993674696s ago: executing program 0: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20}, 0x1c) listen(r0, 0x80080400) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @remote}, 0x10) getsockopt$inet_int(r1, 0x10d, 0xa4, &(0x7f0000000000), &(0x7f0000000080)=0x4) 33.781397033s ago: executing program 0: syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000006440)='./file1\x00', 0x80, &(0x7f00000001c0)={[{@type={'type', 0x3d, "629bfeaa"}}, {@creator={'creator', 0x3d, "799f90f0"}}, {@nodecompose}, {@barrier}, {@force}, {@nls={'nls', 0x3d, 'maccroatian'}}]}, 0x1, 0x6e4, &(0x7f0000000240)="$eJzs3U1sHGcZAOB31uu1N5XcbZu0BSHFakQEDSS2l5IgIREQQj5UKBKXXk3iNFbWbmRvkRMhsgUKRzihHHooQubQE+oBqYgDIpyRkLii3CNxjziwaGZn1rtre72b+CcJzyON55uZ7+ed1zOfd2cTbQD/txbficlWJLF47u3NdPvBVr3xYKu+WpQjYioiShHlziqStYjkfsTl6CzxuXRn3l2y1zhvPfzso7P3Pql3tsr5ktUvDWu3rT1khFa+xGxETOTrMZX36u/qLv3dHavrpBt3mrAzReLguLV3aI3TfIT7Fnja3Y2YmNxlfy3iRERM568DIp8dSkcc3oEba5YDAACAp9PEfhVefBSPYjNmjiYcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeD4kne8MTPKlVJRnIym+/7+S70tVKscc73Bf2ef4h9ePKBAAAAAAAAAAOBSf5h/cn34Uj2IzZor97ST7zP+NbONk9vOFeD82YjnW43xsxlI0oxnrMR8xOdPTYWVzqdlcn9/Z8jeRtmy323fzlgsRUdvRcuEIThoAAAAAAAAAnl8/jcWYOe4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgVxIx0Vlly8miXItSOSKmI6KS1mtF/LkoP8v+ctwBAAAAwOGr5uuZ5L+dQjvJ3vO/mr3vn473Yy2asRLNaMRyXMueBXTe9Zf+0ao3HmzVV9NlZ8ff/vdYcWQ9RsREfLDHyHNZjVPdFovxvfhBnIvZuBLrsRI/iqVoxnLMRjU9iViKJGrVztOLWhHn7vFe7tu6Mhjb6YHt17NIqnE9VrLYzsfVSnQem2TnkI75es9of6xEDIz4QZqd5Fu5EXN0ref39ev8uUyu/eKIfRyOWnbmk92MzKW5z7Px0vDcj3mdDI40H6XuM6iT26Okm4MjFTn/4Tg5P5Gv01z/oj/nB23MR2mDmViIUn71Rbzan/NbX7z3cn/jL//zr1dulNZu3ri+ce4QT+lQTRaFwUzUezLx2vCrL89EI81Ea/RMTA7umH6C8zhAlTwb2VQ04mz53ay0FG/0XILvxbVYjosxF/NxKebiG7EQ9b4r7FRfXsv11f6cZPdaaef8Vh0S/Jkv9VT65T6Vj1aal5d68to709WyY/mey7+KuZ4svTz86hv7r0A6/ufzcjrGz7p/cZ4GfZnI5+YiuleGZ+K37fTnRmPt5vqNpVsjjnc2X6e37Yf9c/PvDuJ8Hl96vaQzbjnbynJSLa6X9Ngr3Wj781XJP3HptCvtOHaqe6wWM7ES39/zTq3kr+F29tQ59lrvsX9tz5yV/PVNcazvVU68F43sVciA2aPJKgAjO/HmiUr1YfXv1Y+rP6/eqL49/Z2pS1NfqMTk38p/mvhD6felbyZvxsfxk5g57kgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB5sHH7zs2lRmN5vVuI6cE9T1qo7DnW8EKU9q2z9cJoHUYtYvhYSV6oHOy5P4uFahxSz59GxJA6lSceIhn7Ghu7kF7IB9Jh8cVp2Z72xBjNy0Wr3euUY2N6r9/g1PZdELWbS43/tPvqVKPnlgGecxeaq7cubNy+89WV1aV3l99dXlu4dPHSxfrX57924fpKY3mu8/O4owQOw8btOxPHHQMAAAAAAAAAAAAwnvxf/zcf+z8zlPepU1nf2H3k00d9qgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAzavGdmGxFEvNz5+fS7Qdb9Ua6FOXtmuWIKEVE8uOI5H7E5egsUevpLtlrnLcefvbR2Xuf1Lf7Khf1S8PajaaVLzEbERP5en9Tu3Szs7+rPf21Hiu8pHuGacLOFImD4/a/AAAA//+vgfmP") r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) mkdirat(r0, &(0x7f0000000000)='./bus\x00', 0x0) fdatasync(r0) 33.36550392s ago: executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_adj\x00') read$alg(r0, 0x0, 0x28) 33.041004861s ago: executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1]) 2.12971487s ago: executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000500)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540), 0x4, r2}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f00000002c0)=[r2], &(0x7f00000000c0), &(0x7f0000001440)=[r3], &(0x7f0000000240)}) 2.021426974s ago: executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f00000000c0), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x1d, r1}, 0x10, &(0x7f0000000400)={&(0x7f0000000380)={0x1, 0x840, 0x0, {}, {0x77359400}, {}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "ef1d62ee7e923b0ad9cda5b28dd4753620a2f0271768a8284c18a4e2b5e44dc77098b18fd964df81213608ec503db52d42f1a78c97322f4ae4c8dc89cf2b1440"}}, 0x80}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x1d, r1}, 0x10, &(0x7f00000002c0)={&(0x7f0000000240)={0x1, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "ce2a4fa77baa108b"}}, 0x48}}, 0x0) sendmsg$can_bcm(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000480)=ANY=[@ANYBLOB="0200"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB=' '], 0x48}}, 0x0) 1.889467477s ago: executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f0000006280)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) chmod(&(0x7f0000000040)='./file0\x00', 0x0) removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=@random={'trusted.', '/dev/fuse\x00'}) syz_fuse_handle_req(r0, &(0x7f0000004280)="746742ca1b148a3d4a1d266df0e05721d3b36ffebab0a9750bf000dbdd0e2400445d3671239cb6e17c4e73c69319ff1319860a6a935682a8864763ca0fc3bb37a2570d6015d8148f349d76492ea77fa9c64f9a8d5f6f97ffcec860277cc20118c8ee9c18356b8b0c7182ae1b94c02875db65b3cda135a4be464f474d055a181153444cf6bf7c65c6cea7e9faf223a0aa9eecfeebef4a53414f7bbf33b238dd348197b7b645843b9c61e24b2dc115cf829b59eeba3bfb077434af9e8ce746957cb083b09b21a72d1c7a898b074710106196a1ac73f08bdd5c3f6eb270182fee4eb2a59512c8ac969aaae92b6b72d870e62d95c5ac3be4e987a8e0126ad9b8a72e737654c6637d55aabfd59949fe8962f61a42084cb4b381c7e845d36c9719dde0c21b1bf087d11ac73dec59d59492afdbe4560e4073e591b03f36ca7b674b2ecc29963626770c7e1c90cc7a9d5709e10c6d5414405c50dfe1c165a2b5aa99a4e50c854aeeac2a756ea6ca14bb68536476ec0397811f0b9e4759b2934cbb4cfc13cded31863c39633c3d79d11fecd01d831c1cb089d518500733b702627c48b9fa0202783896b267b22e84ee7ce3492ec5f212ba60c119a408cd9ba2a95c5bfd233e518a5f10ed6acc504b65592f1f43927b57e1deea98e4a1ac6ada92cd74afa7da3f4ab8f3947f69dceacffa4328ee06aebcbfaa0116f247c830d72e2cd7c03b011a374eeffffea06d6558026531e312a2e67da6fd9b5db77fa5e2583f5c0dbde326d9ad1c8c1bbe063a622781c8472583fc63edf049a93a27eec6422f31cbc7b9593b478648a51d6a2e96d6ce3949cced10708d432c73544023a9a3fceee55574af1e3054e68e2afee8d3939601ba78987c84059f559f815fa7a6f1ca8d54a9d32375ba1dd6ec1b95cd782666bb60169ad758c5dcbfe1e983a043e0e2a707bfdb297cc562e9a784a4a901310afcf27f499c90d7a82eb2367a8eab6b3fe461f7b48e2bf0cb4d26168a7cb6366a84d1d889f21e2b95b5acb01c98996ab4483197d6c84ea15a505fb3499664cdb66d1e4d94d92b390247d5cfe49c1e8233215d709e6573052f3cb35429145e9943fb595c95efd5734af77333500bf14049faad939553829e4e2ab8d7400aad2a6850bea35f909aca38fae95a2cb8ab7b567017f9cb190e2c9987e353235259391a9f18f85d7e06772b70cf4efe7c99708e7568bc4242d6d40b98d7322ada6da82d5ee5ff977dfbd3e4d6ae776fd1546aad74e27d93b46c0cd6b91ddd6db97c3a8479683800e163e89faf862c516048df71958789add1fecfd25bdb72b6fe3e9be9c4b47414ef69d81642ca69ea475fabcbaee1fe05948b3c021d9d59008e4a13bea45b4efa4b104afb6a947fc81ec8728366989fc6ba785b64f8f1e92aeeb8853ad2cb4db3875124b9ab57926a4bf9e0156f6821500c12c1ec6af90353d31801cb61e64f8258c5351ed34581f0cbbebbf4411f98ad1f4ee660b4c4c47fb56521608c8c29eb77316d3633cc65411b9d7a9f17f798e3aa498d5eb863c545fbb3efa34576c5b68bc410438cceac84fb808510dbdb191295cdf6762a103cb3567efea172870ba2bfe9d370685056d80c32ac053a1cc926712a185fff94b4b2d2f8d533f499667af7a15d5580f444cb34fbab6b4f4121923c29e93145cdf05be7361619ba6175991e5e41fb45af1b965fa13a89ce192923331fbebea46cc951bddaf6ad86277a7b8a992a92a29ffc00a68014a1134d2f716f062e20e7852a4c40442f2de37d32771f80551a46e2758a6dce9b2c4191a7772f4cb40d612ffc3c6c7d03dc08efb2bee1e4baef9ea07391fe3e57e62d589adeae48918244eacffda6022840c619a88acc4ae49b0d65e05d181f1969912363f13a188cbd96e615fca6e853e8be658c720ee34bd433874762637ee61000b5142a2990f34cf6e0f8c1e294c4816a377008e80817edea5d6048a497c8f84f061d5e255d37fe293f916086379afdc3de7b59c03b6312485ac16c5e4e4f454aed657f88243be439d31797246d164b83479f9f99b354590193cb6df458c58c8276a3b870f269dad278d9f50308ce996eceb1a61f0703946c1cdc9ba528876a8f03ba2fe7966fe4af800cb57ce1048e094b4d11d458a5dea614d68a9420b6c4b46d2a0375ee52b1f6b89873c808b85fe1b6a697e10762f6d8ca1a449c1848b2be07f446491ee7d88cf7a102dc12fdfb417b53e6eff843fb17c4b2eec619858ed866e0630327aedc8cf68fce159d5aeb35dfd6ea435ed13715285161f586fec250dfb69984d0cfb5ce36da1b7a654a47f750386df05fafc79277d0c47f9d8905a103e59057ce69cbb1aedd16adc6f7548579f2949092946bcb8e81acfd00d6b1f45cc226a24e991b760e9fbd1f4df195bc10a3f0439967c7b2e5571218aa7ef1269c5a346c8f2a7f6a3d4722ecf3fa37138d1963a14463d12a2851e628b00d09b537f422d13767032921ceaf947b5b7b04f67db2d044ecefd8f34b40b1284d54d02ade8a3abe89ebab9770bec1ab3a712529074862b6ea9861124ff815039287790bdadab79fc60762a11bd71e92c5cfd938827edf74b0897789f84883f0b3104970edc2ec1e192b804210f333f546680c0bddffe45942f5bf0281fc9db1ca9c7ddd570636f76c32671265bddef96307b1029e977e3ec06e5642c8d959d14b77a0922fe6b581e1f3b1627577c6a7de4f1f498eb1da3b697630920cf536c72f8978e86b2cac1d502a51e08b279551e9941781ced109ee23cca3be70033b065df24bd13bcd8136e65da8aaa63aa6dc2ce92996a5433d847d14dccb86ecb9b4eb493d31ec3ec0d9438c11bb89d71dc2add1e73191b55d344ab05eea8d2cfde3c1a5696a7506d60c2925c3ef8a70aec773d09c6fca773d8e178a7f760564178637bce8c8e1783bcb90bc113a085201e39d01552ab1f9e1bb3433233f3cc1ffa5fd55d294676a154f595f09833e7529887fbd5c9782c11b92fcc04057cda413e9b9fad6360f52ee370a38ae58754a055510ac522474380e99ee44fc815601d527ab220ea648e7b665164c66f744a4ec57cd8df3f3781edff97cf9b863503b904b36b7b500ad91d98918f66dc061219390b265694fd3ae8b7d546553a24281ae93133974cd1b52a1d9a4f2037ed9eb68854e5542833e2b2c30fd78d5796f26d82fe2cdec0e27fd11a7502fc3b9e133b2b00970c330c57cd154440f1b936887d8f474a22da9573403f650c0bffda8ad79ef797db60c5bb99f3dd3dc0b1b02a21b2db9996df7a43706680d82c8c698f15711be4a4a022b83bd9e9dbbe5622130030fed5239494d833149be5d54f2eed03c5a21024b504638af013f315255c4ef9d76dc4fe83a21bc7fa47ea758b0158e4f4d5bdf24dd7f7109d8cf6b4bfd518a4e98dc8ab72dff2bd8d4a050e5185975949bf7855a9125275c66ef8ed55e40c895a06716fee0b6653df925fd3bc8568331d7b442c2930092eb1b7ed8f8efbdfed25d2d3042c0550aa6f7afbc78b960217a119ac53c126499916147fb34cb5732bdb4fdeee7716af4ad0e24afda4af135cdb67f01177ac001387b1e81c1cfaf17fae23a81592e5c7199217f95efa7bafed8c1888b24fc7a612327c3f37e3000e3b3d7e1c44ef1dadcf0869b7b87b255a87f4716e230133ae2bc837cea4d4eb251a6435bfc7b3641ec5c002bae776f393ff2b0e0d484cbfeaab77bf91c48e11eecb4fd008a6cc1571d44d8270221ddc673b6104779beb3b15f4b972ffd1e5d152c15870a43a80655ba3d9a95e1a65350526eeb9932b56826e1e60c07c49022d9581a92f1ca19c2fb3b77b6c6f81114d36a50145dc4ae80a2d1f839b96555086d6a6debd28a79d2e6eec9f5542d306e39c254e3098055b6f863a3943bac3dcebb35482633a96c84fa1bfea8aeaef3796f448a8a42f0e25f904aee2907dc122a868280036d3502c50c998b51718c4123f142a8ad47a3d12cdce8efee86d33831286991ecfbfc583f4e1c3bc719c672571b6968012c24488d1d070ceefe71f4f6d82dd8611503f157104c890cb240a42f826502afb31e2c41b21241a10f4742e0f6123466530e7edcff02a1083bb81af08f98db2e7bb797c77bf75a18b5321d2480e1a06fa9b57063ebb8c7591af7c4b74f6d3ed3d25446d48a1259da567b43c88353625b3ed27b02eb572aa56a5bb67ef316b33b943d1a60fbaa3db6e8194ed60371e12d6345fecf3d227676e112156a97bdb8c8caf668f843f0c799619f2a82f8875b316ec1ad54e2d03844e521c596444fd140ab8e3a92ac5682ed36830c334104e4f2a141d099c5cd44132742a468aeb759344630c80257f7b50a2a6a7bfe22c4a0d6de8a63263683df9faaff8c9852a27b2cb1370fbdd8e07d82c24e92c98ad81d65f01396b381ca15309dd8bbe52ba6e458632c7eb15849c8a88d740f53477d473c310c4c89b24c33c137ffeefddecfd4bcf2770af93e222a65fcbae81bd44270bcf2c9a871a36b7df6943ce573cdff29b752d9c8ab45a73c434368467708f5b099cf4e8a87c0e7138589cdea7d0776034330c29d7aada3d324c2b33dd46ba714b4c600ff717d408364b809f61549ba8128a621f8b02e88baa574ff6f2a97ac44c20c72fdbdb3808a5c7a07f37ad56772f463232ad435c9dd3f0875449eef5ee1c30ac55135cd230d48e64898e09d911941b64fc1736bbd07fe787c4b11d21ba22bbebf02aff020ed09375bd8b5c176a7aa5633415c8ad9171b4ce7ce47ce9bc9afd61ebb09d8d6892c31b5c7020e14635f56d37326fe6ff41c0caf034267aba9518d66f18b4ae49b3a34ce970095f02b8fe002392971a23aba946f31166670bbcfb94ab6591679ea442b6e1104843d449ce13b57c678b05a7b678832bea1a5613eba4331d9f8cfb3ef84e897c9dc0ba464b8fc8f3d99028823cdcbade18f3bdd5751af9f9d7d4eac0edcdca3cd6d46d58f6b5dc87a68d8593897d62e77f6e92a2add1784e369f5e1d49d39b6be97d67f1616524687d00d5be0d8bdcf77cd37c2b1c7df25162c5f6e479bbef437b5a29a750024264de00adaf561351e9c517ebe7c87b51ffe95e133e8108de7e2cf8ae36c2226b8469fb7ba4ea961ddd13d1ca8166b0488232cc21dfd3d117e1297a0db743e10b068605ac4bfb03de90807f20604a0276c39f442831b5fb118b1f9c1e0f08156684882ffeec5a4b0cdbac536c6091943296fac5041e5b9200884b9e19d6d06c8088e3994fcad92be389bdca1a234b077eed8908ee1f754236e5e6485fdc56a39f48a22c0774063933bdf462448d5710485428acdc3bf23bbc88bb163f8cfce5ba8ddc0a8b3a8c8c5f77710dd03c85914ce6be6e5cfed757c4afb7720a17d04a6c2ca8ba539253ce4b0bfb4486f4f64a1da076ee492e4aec23bd7eed17bf274655ad2b9ff8430fad9935fdfca576076ff96a38e646f92ff584a6857d3a7659e80664d874f87a8e87fb87f8e134df0df20e46cc62a1434559ddcb338b0110c3995d8bdec0a02267381af6d707863e53a90467d8c6da3ab08481e869a2034bc54629ad7f6fb40fb98aac3ebcc9cec9fb084055869700925207d658e306de01d3d5a9fb348c46b8dcd8768d7208290738bc2d2e065c3c02d6359c046b03f01f908249eec4884aaeea75766d6090ed68b2b5cc43f6ebdfaab0ffb94d1cf72b328d8aa2df6e4c487572f54d22efc6d33b21a84b5bf57abecdf16dac97bb4547ae403b0da471c40613776a83beba0d95e5cc0357fbb993e95bd0dd4ad8dcb58ac274bf3df7309f7075faf5ba4cb13cb28cca11303d821660e600d9ea601a6b459c3be3e7aff7ce79d06692dd0415281fd857c2264cf43682424e19f3e50550d2a644325a7b579210aecf22514aaebfa61d9eb5fab051d5b519ee567b865100bee630a60dd2788666205e026e47005599cbb72736130b92ae45089808c9275b0080fc668caa51023beb386fe4ea2abd9834b22c57ecc7666c1a99e4b99ff77fcf7cf833c2b323b2a83706b4c62c738b744a120745d922fcba0099fc0085f97e9fe58e194a5473f5c839e5bdcb55907967ccd6c0119da4626aa407838d98c1099da397b2213ee5353587e9d4f76a61d57892a5cf2896bd5fd38b55be4069f709e9ec995b5bfa17b107ff95148b3f3b2142e1d2cd0366940ccb72b1b77e7562f0c9bf7284af1c480d50ed7260516b6dea97db3d88daa60e54cd51283b3284761f3fe022b3fedef757d8d6108915ff298c55d8e051d2d16990c06b8af2dfc027b66edd53f46326504a18c4c7779c7972f686c6563a0046c8cf7f9615e2a8f3b43acbe3a3bd8c0e88040d2cdd041ff1aa6c3a1e82faad590cf2457145062b18752bce5bce1fb836bd6798d342a4eb90a78dae2325fcabab79fdfd58bb889d3fde76c739804ba4c548e6fc739b463abd5fb8489aedce7ec0eb74881a41cc16ae6c6e8b3b9280cb5629eb2b477c8e10ff90fa10c66fc4d0378b21380bcd85e9526e61e51914ffadfd2ef80ebe00dc1bb0fad4729ca265af42e5f75bc8ef4e51a8366653c06c759c71a2ec824e67feea6e3c362beb67bdd09486f6db425b1f081cb0b588e8063b2d5c6a146834bbbbe9fc920c04fbf38aafa862d0a3b9a36b51f2b4b44eda882e491360da16cb51454f810cea4328ee9421e53cb13029aeb1d7a6d4c892b2aa3dd9f815329fe638e2e6be1bd41313a5d9fa80451a464b46d0f925528d027e40ed6604eb2da104939650d9c81b496d11b8d00a1c72817729ce3b4ca15673eec933cf1421e01e4b5b29dfad8568428e60b65ea057f72c050b940f6218604934f17a68cfd3175fc08a26a6416c04933d67fa6d92bc9605b52c361e086f5077090a3277f3fa23584eb083a25cedd2ac07106ad8c0e9e908a8ba0162053f9ab9f0b5ecba1348ae314186baa3f221ae232a907e0340d41d8099c1e597bb77c9e9b39d98ecc5d9cc8eb527428979e229483ea73ed1daac4d9fcde30c15e0f67bf8ae575f84c7596ad038de3eaa9d13f7a621979b94ed103c4cc882dfcaa271c6a9b5ad9da079f29daea299f01d45917c93c03b84d3e84cd283c8117b676cdd4bc435d7a4a8e1d82de066d45cd022a1a855f2c013bedfa5bb992c077366888026f89d5174df2044253758fec647be33282cca18d98a97d39176342e041d93d8515bf63becc4e6a4551409192b95b9de427ecc2faec375c2189894c6b54f1b6d2a50615d10312afa5569586a17c6c5960d73acf5a5ddf1e1e77c03d75db370d3b51c3c42c52011a7e65c93eef4beb1cd7825a7cf34bd9587c0c8730d9d691060ace9c5ab5bd43d2c0f54fd17e2e528a5889059887dc077e701c84c4b0094f7dbc7326d2e452c00d2bb0b9099febd00b57918ab03f6926aceb533cf873fe6d0f377c80297340d47c9a27ab4c76d3df6d89da201738e323760cdeff9c1920ccdfb1a64aa0b68d14dfcb5074f740b680968d247b7c0874d1bc28be793c2365f84e6f082ee2119271fa9bc76ea7147046362d35fe721836a1be1745ed60ac66d2c86c5ead707f2d19fca7377bf1714c22967fb7501c0267d19f0faa05aea0240f846d0b0bfa995a3bea3632d3c3b278f1736a687721a2d1a4d9d8bcc93169554782c09ec4cd0c4c9ffd20032d72da6fb48e916338cf2a1758808d3eb6837fe56c71206bd271237f490bce79152a9a3dec514f3ea41c018ee90c321c4712335eb44892c919a8bf061ca9b3f5088dffd6d82da87de52c7f71615e9eb53b591fc03fcab7f69ce97be09eb18fff6ba7a3b22087f26a25880aa74e1554a3c4caa5f18b5c0c2514f9a50440bf3ff73073c4b0bfef743590bd8dd438d8b9c72fa4b89ec6e7561809f07454e968692b4b5d26cd3738c8d121a89b5f6474bf68509ba3be9762a0c990d74d1fd5ca98026e8d6281c0e992a96265bdbdb2e625e4b992a8e71af652c314ca679184547e16184b7ba34f2a09cd380d36865497a3c9f24af91a01f4e2f43d8e6f94d6e72c4e4cb595e53979048d405165b5cad91583460eb4b3ad3aa351c6f69b78829ed2cecf493cda8250990d2ecc5e5adc6b9457c5807e8cf4bef75653751f133e8e62c7a3e98f9fb81520cc9874059e253b2173327d6937e4137f6b41117e818bdfc467f42aa50bdc174d1173903555391bbd162f457e34b82a558ec5db454d7a0f0aa47542f8f87ce3e511bd9bd6ad82b1dcc3bce17d132e7c639a0775104de2638873d1ce9089aa1d79e1c8485a9a01d4bba624be5b94dd6eb449fb94e86fdcff9c6bb5c76f832c213dc0e0c8ba7195e1a8989e88ae2f607290dc4918f2d29d7d3799dbfa49287ea71ace3f1c3e384dad12f8523cb174f1be3238b04aa0a781f05f127106ba3f502f29e06756c51153ed2d1aaff91c67ada6d8b2fdc07f7eb271119075b75ad6492cf1f36dc95d6d189149d87c706d4c5ef05ca408c8269a45129d671a77f96f005f276e78f646c4ec174b2cf90d3ed62279b3e499a5c0a59c463e4fe60ced1dc57676b73b6b28d701191e7beb7310117dfd821f83960f7e600794d240ca836a860869f9aac66a2e5aad2c52b7a8a1ad410eacffba7da2f25736a6e450bbb85540d6f949c687e671ac8018c4cdf18fcf54611416ca4429f84b90d4274ec7707b1ccfd9dad2063c378530a260355bb9fbe0384751ba86ccfb31d4d9d90c62386d1fd4a7219ad7ed2aaa5745663e94990f10d4bf24bfb37128a0b7d95d567909e8acb99053e04caa051c4159afae14c552a2f1f8b9b8b5759adcebef9ba7117add513f4f3a17bb7d3165d855ca231d9e74cd9cef06bdd55ae2c197a76124f713bc7668be94b23e4f7b31e9dc90b21391fb63e25465fde78b1cac196597e28ff278502707f436fe5b8a7eb1c9845d9ac09a5869c73caed6e3aa75d4e7edc4284e9262160bb1ece2f1ece9f55e5953bf5777297e5ebd6ecadaa9bdbd75cf3b464859c261da4573bf1bc72d78aad962b9f29c68c0423a5a4508725171e80def72fd6be6a27387a60099621309a7046cccfc29a6715e9eb61754b6468fd517a22e5335dec64a04ed90334fac0e9895bb897666e9826eaf96ab25cf8e33ca1735ce1e432c8ab6886c194e72fd5c5efd1bb10de65761038be8c9bc8604b9ac0e761e98f273e0b2d88173270a7b85848e235541db4fe11c98530a8d1baf9d7231c56c461c1ce86a2e23fc0da88fd38ffa9dd66c047ba8a16edf53e6d06b90fb4d976d53e22a8dc3bbbbc3f9de0ad9341590fff6a01e28d904b4b57d0dfc8f423f3bb8710ac74a5c34050c44fc3cbead645e3274ac83bfbb1379127c37ff875d79d14d2f57d751edd6b3b58fc7c008e96edc7a1d6ad3764574eb3365b80e6cc891e650d7b812de777da6831c0a8b6fecd380ff847b6969c2f61eb67efa69a8dce8ceef368232106b08652046ae6372e18cc043db94448bc604828f828a8653f2e95073dfb73de3cb35377d1cd150a7f79708c49d73a441a081cc95129a02d183acc58c2d29b6303bd592240041b7a719e1692f19792bba316c5e4e6e58df545e90f15cc360aff603b77040353872f504b0c65e7b56f1dc0c29e29524ae606830e673a6be18be0bfb82bb89580312c53faa625dbff6d322467b70305dd5cafa75dc270adc48e06d62f1c032e7e3e5525a655cda2d3ea7b6511a0a60ee0593e41fd15b71efea1541546e52c88ead20db180f8d634893392bb6eabe3ed13be1269fccfdcff26d91da6a7c7246bee369d8f0262ca6ea3021d91b2554892e91df735cb1fbce92e692741aaed80fa268efc70130a725675f0191cddad340c9036bd8421dd2089d9df61ed139c49d57b003302c55a2431048777f1d267a3fef6d4338b4e60a0630841517c8478166f726a4aad5ef78c1b6d49b14cff2ede6db47d18cbebc10bd65f84075bf1ffc929e1b6677ea1a1a67c3ade31ea69a629510c36c3d0c397ee5a1a8e1a76578433107220bbe664c97808d167ac197e44b780f5dbcbed3b6c8fb4f33d685fac8ee983bd95a4e88993168e52b2afc06b5fc4e4d978157841fd1a3f64a2611e5741618097ed923dfbda7c8766a92b6b033c13899fa3d1c28b07de1467220fde772aeb81cdc15153c30cbf47011956bde1f31f053bb73ab172cdf9db0b17a7d0e213198866b4f8cd7bbe36f7b15a54d8893c05446a2ef4c41d37dd77d3eb1ee68809062078a0c55471f98f07370143b92bc6d2956651ccbc112a57afb2227eefdc3a9974a7bdd2f0b34e68e8199edd70ee6fd006060ce8092a4dfae44e8e4061c341233953fb9b3187effeb52a983067a41ae7e1c246e59613a8ef91f0090ae54dd177f67606a63d415fe1c5846e98129310e56cc0af38e6a2bd9c5aa4347b59629094cb9c704d5a03de5e1747aee08f159175df01b2eb9de79f5f5c895222db476f63186c08c85084a7d4df9e827333bc8093bc669e70a09526466e035768e386bbc193cabbf7dc68b0d3dd71995677857a30b8de6d68af1633aa73c507ef75c9f5119d4390dcd1173060cdc5768cb971881209e1a4f6f5e332cd3599056f9bcda5c4f02677d075cce37c66ab66a67d926be619de9b1ac2144ee8b5d054a7fb805022c0dbf3d0df2edb990aa1cfc4214514dd82929ef39e007037875130e0785e7f6a0685028d0b13aca460e4579b1e1f075dc370017fcd1eb879d8948c8553f3fdf062f1f559baf037d9e429780aed5cf1d07edaa991f4adf1c2ea16d5eb2c8aa98067c70b4c97ee2ec8f99455716a8840fe4938b53c291b0fb4bd9b4f0ae27eeebb578579318d3f8e1b8a2acb4c8c7160c06f5f2fd99bf872f1ff5da908cac7ff9115dd2274d56a1d3f17d5af60d7284e4cc76f86a93338e865c70ae9f8f3067efdee4e8345f2323cb20d3674d85ad58ed9fb0559191ece216fd5603694d40ae308b9e773d2e2d05fba33dec47062d7d13f5494083a6b7daaf7d398bb351da87dfdb3eb2feeddced395f9cf370299ee9f656e7806b5439d18b6a42259a0b6445ead44379b5c6f5c4767e8d1a61979b463c3c42579c6aa42f114785bf33e13271527c6743565e1b69dbfb0d9e845b11ad69356b4beb16ad557e79c169867e727f666783cadaa554316d9dc88e446d99c6aaf8674af0476e5d9131787d4c744bbbb7a4234d3e6c41919c4ef45dba6aefd66c08dae7b0f45261f200b9335a08a6df9674676056d2afbda48866df5cb9bebad5c51b5160927930667d35c4108d367bd09d937ace0ad11970fad75fb691e947c5e0fa12a113d8191894b6f59401fba38a73603dda99dc6a3010e57e36a5154ae9f7f486814781916cdcd8b47b7f72e9974fa108bd4931c5178797cef32ca97d926cc2143df050179475af1bebcdc8f003ca90f44e7cc840de67c2aaf13223e66689ee93e913fa2197d00fe3141d72f7953ea4c05ff938dbf57cfeef270c08f1d3f06618f078a30af53900581d3c6014d976f5a958de0467e52995bdac9ad0c05790907204bbac57a9e2b1d796ca548f661348901ba28138a49f76f22f2d64c098efa53b490f58c92f2697bdb2faaacfdc9b282f8360f8", 0x2000, &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)={0x78}, 0x0, 0x0, 0x0, 0x0, 0x0}) 1.853438672s ago: executing program 3: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01) write$sndseq(r0, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0xfd, @tick, {}, {}, @connect={{0xe9}}}], 0x1c) 1.809491922s ago: executing program 4: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x1b, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@getqdisc={0x21, 0x26, 0x129, 0x0, 0x0, {}, [{0x4}, {0x4}]}, 0x2c}}, 0x0) 1.67718309s ago: executing program 4: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendto$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) listen(r0, 0x0) 1.669667602s ago: executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000004000)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000100)="03de5446fed1fb17b282e3872f600d4f16360de255b41bc385dd0a6bcc27a0617392be3a51adcfaa819b027200b19f9b5fc466d52a8299935df28c9f85e48a8ca3c3c47bcb381f2e22a8504ef6f31e5ca7910dfc8e81ea0dd479570a46bbb3196f25d93ea40f0c8ab30c2fcff8628f17c1c7f2e8fd616910197965dd083ffad4d04fbfa3276cf0d2f803a360e5172d4ca51517bf45a2f0ce92f39f97bd01294ca4fe8fbb4e587830105f880105dca27c784f5e75b16f4249b27ad1a7a3526d154f849be08ab26e95d4da4af59e4e", 0xce}, {&(0x7f0000000200)="7ae3d1d22d5d2134a35f76555bc3c305fccc59b57b02aaaaa346d72a7da91f2d50bf3a2e8b53ad8fa56ffebe3b88f111805729f809c42b641d3b818e00ff524a4c91e691ddb0c3e58f7a330a7b994c4948e9be28cf9e217409d6b2cfdecfff756a620a0e419a532ceae8d6dc112fa214cfd194ed191157eee6a7dc6907c1aa81696bc406816a295327e6f53b4aea", 0x8e}, {&(0x7f00000002c0)="3b6cfde96259fd8f471eb44381d86dfe8184ff61faba8aac357f6aadae9f125ac8793f90adef67844e2d41dec46e2d917d48dfbf8daa72b4f073cba0edc3a930689095ad7a1bc585a8119bd3b1b31747884fc482ad692db841c98a4fdee62c2b4208625fa0377bd2c923802416d54898e64272dc", 0x74}, {&(0x7f0000000040)="ac5328aeead6", 0x6}, {&(0x7f00000003c0)="af699502991dab36ae1655499901ced5d6912118ace83607fb134654a5f56a2b39d231ce0c7b568d1e353109480e64792ff2fbd9230be2f423d412cc6b6731f20d4981ffeeb052c303e766eafd9554b62cf6127fbb4f941d90eecc4eed21d8f1862c5fd00c60765c88392b19679fad1f133f6acc70bab1e0afd2627bf8e724083b0eaf63ae0e194c18b2136217ea13eec446ab67988b909e80a0ef80b01af8eb08a4e556f630621f009b634c6687d538440379c5de5927a79cc8bab0fa711416004f9ba0af07a53155d4f3e548a0e835b6732288a7", 0xd5}, {&(0x7f00000004c0)="8f38babbcc9f9f5d5c2aadbb", 0xc}, {&(0x7f0000000500)="076946fc7ccabd0e9baa9d0ffff3328fa72c138da2429406fb16", 0x1a}, {&(0x7f0000000800)="d77ff3422de128ae3c20111abc404646c67eac266ab991ef95e349b894fe61bf3921f10db9caf216541a5fcc364713cc2138663e63fb4660ab5ddd360e1d0b0c3112f28ad08ddbd376ecd19db614cbeb2842d839b83e315082c58990232ae074d8b8dfdc3b44324e275b1f5a75858e598b960cabdcf3e7dab979f9759853d018bbd83fff0df0b027e92678a2", 0x8c}, {&(0x7f0000000600)="3c0d21c30abfe3530026c01a7c7e59f426835e1138af1b74a133c862803bcc2692bf23e9a3e88beb413393b31740a66319fd592bf1ca1cedd186420afb58732bb2b759bf722e8b9f38e31fa5e93e2d3e1b24a7d1a0fbe69c30b528ecf5ea3af0cdbd3da2b08e13300c02a48c60a52c32b5abc927b40f6ff8b032bdb4cbe449ee2257bfdf29e738683a1c8f05b20fe6c7fb6074978f8462c22c9126e6beea4cfb5a36fbb20d8c8c7683d4318ace51e28cb6b65a66bb907d4dc9e64f4ab81cd6c926e138bf45b27e77b198fec280", 0xcd}, {&(0x7f0000000700)="6409d479874f0e88cb51519a6022", 0xe}], 0xa}}], 0x1, 0x0) 1.590670528s ago: executing program 5: syz_mount_image$erofs(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', 0xc, &(0x7f0000000040)=ANY=[], 0x3, 0x1ac, &(0x7f0000000380)="$eJzsmD9LI0EYxp+Z3WzIVXftcXAHF7hccZvdzd1xcAimSmEjiIqNGMwaohsjyRYmIMTSys/gRxB7sbC1E2xVEGwsrVdmd+KOxvwRkiD4/oo3z8y8mT/vJs/AgiCId8v11f3lzt7NJw60U0gjKftvtTiHK/n1w5nMl7OCfbx8+v/iqHD+fL5vAIJg+PXF3Cd5Db5sB8HTb6ejj4TaNw+On1IvgsGUegUcC1K7YFiSel3RNZFvmmsVzzVXa15JCEsEWwRHhJy6lg7gbpehpOyPKeONZmuj6HluvVsYvYdeJ/rVL9xfnmMKCOQjC5gej3dqY4F3agkbHLbUOTDMSf0PSVkb3nX+z3p8fm24849SiOffN2d/fKvrmMABSQwQaEciiXiIT+rnNx4h/j9vYBtjErF/BAcMPxT/VOwJWb+6Nd1otn5VqsWyW3Y3HSf31/ptWX+cbOjNUezjf6nQnz4o8yd65BrMwHbR9+t2FB/bThRfclwj9D+OzPeozWSfSngffGTi6kNGk22CIAiCIAiCIAiCIAiCIIiR8xUsfAs6AGc2zH4IAAD//yr7bKQ=") mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 1.528706658s ago: executing program 1: syz_mount_image$fuse(0x0, &(0x7f0000000c40)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000002c0), 0x0, 0x0) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x200035, &(0x7f0000000280)={[{@nr_inodes={'nr_inodes', 0x3d, [0x37]}}]}) 1.513309008s ago: executing program 4: connect$qrtr(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null-generic\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0) recvmmsg(r2, &(0x7f0000006100), 0x49f, 0x0, 0x0) 1.408485644s ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000003100)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000b0000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad03c22624c9f87f9793f50bb546040677b2db431fc79db0c5077da90fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3a4d6926b81e3b59c95c25a573dc0edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288c9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6aba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf20600000000000000ffffff0000ec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f34d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a636c3b0e69102d1567f2e4d9dc080466c51bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea139302000000000000009cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf790842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc9da71c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d60d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1b3be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808feba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b0842bd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920386f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945eceda26b8471d42645288d7226bbd9ccd628ab84875f2c50b537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9f96756ea5cce7daac4be29bcf58ff30159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e3c78b2a78f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397dacafa86966d7ba10413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d452340000d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d2cd1fe21ba8eaab827624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b29637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000002b77000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae4ffffffffb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a73efb16d4b2db6421fd4e343fa23bad8240e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2d7a510000a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7f090000001551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab0300d0f0aa565431b6abe585d75db04d1c9ba0b9de0ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fbaf2b0ec28486f514d7c05b6b4c77c866926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c7a1b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e64701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ede1b7d3af320888588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a20ffffffff682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee53a3996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c51966504652ff871e0f6dfff9f7d34ecf04be0a58c354fb7388ff7796d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb3627bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e37ae52aacaff0f1dc8ea70b68c25072e20586b19127d75fa71577f265c51000000000000000000000000003bba840af65aff3d8261bc163b57a23d3e3ab2d8bbd314cd5c7699bd08f58b83c07e8c3d36261609e8d5461e2e7633e8377627ccf0613308155aaf7d746c08a685ea9ae0ab702ee4edc393d76a73d00452b1cc6eeadd186f549b56308cea77c416a4b2cbcfe37fc778621a3178baae78ff1b7ded218a3366712b3feb9415141ecb23abfb37f43a1c6dd6354a104b2cb17b90757b6a71459cc758463be2ca2d80aa285ff00fff4381bfcf659dd02147b74f784d06d0c3be24f26405ce09fb31688dbc5430c8a02079d2d128a6b72cc54d6c859d9a2fd8e87f87cd096ec92440c5c6d6905955d0e74a80385011e16f05d3eb815b65d3ca5f6d3cf82962a4ed240ef1bcd2ad552c00e10fb9dd9f0ea7987eb6187aa310dfc3d5e63c31118d284b253d8a52d0081eb36e502b6de0ae05836469bf82b5057feaeef92a3e07446d86a971bcfdd7ed1b1cb44ac59faa9fc81d405c65cf0b74709a000000001283bf8f1df0acd0edffa16ed206042809d15ca101afda8a461d1f0f48e08e8a5c8ccccc0d86a9ec1fac367a2b7c6879000000000000000000000000000000000000da408de957a3b509882b212e0169d0a4194b21a144d9c08f5c0800ff45701d0a8db27d34fe973fab987d6ceb2e8524b84f6aedb811c048f5d8e7f8f5879f4a430fa4275f2cb50e0575dacb04b510d19d1a3b21b937f85ec9948cd3efedff8c886ce01119c36e76088b4e452f94b7a45421058132cc74a21b37c587dccdc209ff86840d75e58a806f90a2436653ceedfc2d915f6f4f6047390c9ac78bb7bf8f01a08d0000000000000000e0b83d05f0f95dcf11370c6f8dad4e466a356d73a0aa067a675b220e3648e85aab81597b009ea17c2c392e56b14caa7b35a674c3ce3816bd07ca8c7be2ec1e244bef6218c5130522926cc10d049811af13cbed2241f038436dd49f6c159ed4069b01b8b7fb51611d69b4de7c1d836e7f9f166cd56f1928f4cebd918278de482f8df2f86ca65b0e4f015ec1fa1d419490d534719aea2e046732034d6bcb9553497ffd1f782f15ba7f3b88c20a5992d7c2193f09fe4d00"/4590], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x7, &(0x7f0000000640)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}, @map_fd, @exit, @exit, @ringbuf_query]}, &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x1}, 0x80) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a0702839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b282f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4de517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1bdb58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000041dcc4cabfc4a21604f0b80da4ec5500000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae6e5c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace201020875c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2f95b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fca4d97a0ae75ccf11e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35e9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f65918192fb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435477faf93015b57417d84b8bc8662e097d5ba55d02d48e150695ffae3a676555b10da11751865126d19336116a1e58ab727dda6b343cc97f9479136a66f552abf8fe3d134f6d69df1cffe6740f90735f66ca54fd87800b4bda4db5e68aaccf44d24e09f8a769e3ae7bf246673f15e3d1adae4384bdb7cd30a33e30466b421feb96006c810fd3830a1c75af2580727ffc604d2b04f476acc21419fad9b1baec88974da2db29b8085b0ad5396d3179c71b1dc43291e450ce9b8d7d80fcb44966d7ad4691a37870000000000000000000000000000000000000000000000000000000000000000000083a5765d06da91165d24bc316607e2d69344aa1c07ff7cd7bc3d17f122478b6e81077782b9c298edc2546045feff90e7aa7da88d2489fb000a4aa838f911c1a869fa55e979e033b7707df75b93cf5b8d25242741a88f2d54a7107375b25911aa11efa3a4f87fc14f180e353615b3cb9a5cf5ea843014a277c3694a5a83266f73ef039dd739187923715548d58ff43be997e357e07f9581b40470a7c2fa89cc3ef72a19760b89ded2e546f4966b51c2985101f2248f60ad8119e4db4ade09ebd23fdb750ffccba20bc0e0f52c3316767bb9f67f7e714df5e462bcfc35f3a79147f62f9227441cb3ffb35f4e4c69b04b1399efbeb4b682d6facea9fe1c456a1fb9173833107a38991abac8b0e616f11a2c3e265c484fbc6522e9894dc3b5989b7d585c56778c77c6595b7482dfa90bb818ebd3b0b352d3f48ab947a1240842d592fd9c2f13df205e8974919162421548357a8823bd322e6562fa3e7fb7c56ee00e246a98710b9a710103b3df69655b38dcc196156a16fcc14d8ddb4acf3506adc95c742919b83fd57c8b52956e93104cddd1226ca85a29542b9ea606c72d5339a7d30f23ffcd665b85e4c90d526b33ed854543c2a1d189cd6f319644146c5fe91639d50f2083d46fd82e41bc7d528f18be618904d683726e3eee93388cc78d0df624361bb80afc96b823971fcbbb859d4c2de31f03f884ea774e4abe011389557b2429c85cf795e0a82c94ffc11616d7c8b6939eed3f0e8df5dcc75984430b2a497d78824e539e8f7944b459ae45e7ce803495686984aa91745b8cfb1f80c07c194c4a4327e02cea5fd2ef6041cf053ee5f9829410d150"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x2c, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac14141686089ffe4d2f8702860c", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') r4 = openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0) read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002640)={0x6, 0x12, &(0x7f0000002700)=ANY=[@ANYBLOB="03ffffff7f00000000000100010000001811000051dfc082e1fc444b3d401ff59cda6dee1c29e6", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018120000", @ANYRES32=r3, @ANYBLOB="000000000000000085000000ab000000bf91000000000000b7020000020000008500000085000000b700"], &(0x7f0000002240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41100, 0x50, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f00000024c0)={0x6, 0x2}, 0x8, 0x10, &(0x7f0000002500)={0x5, 0xe, 0x100, 0x7}, 0x10, 0x0, 0x0, 0x3, &(0x7f00000025c0)=[r3, r4, 0x1, 0xffffffffffffffff], &(0x7f0000002600)=[{0x4, 0x5, 0x9}, {0x0, 0x5, 0xb, 0x6}, {0x0, 0x5, 0x0, 0x7}], 0x10, 0x8}, 0x90) syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000001040)={'tunl0\x00', 0x0, 0x80, 0x10, 0x10000, 0xfffffffb, {{0x26, 0x4, 0x0, 0x23, 0x98, 0x67, 0x0, 0x7f, 0x29, 0x0, @rand_addr=0x64010101, @remote, {[@timestamp_addr={0x44, 0x14, 0xa, 0x1, 0xf, [{@dev={0xac, 0x14, 0x14, 0x41}, 0x3}, {@rand_addr=0x64010102, 0x1}]}, @rr={0x7, 0x2b, 0x52, [@empty, @broadcast, @rand_addr=0x64010100, @local, @local, @rand_addr=0x64010102, @multicast1, @local, @multicast1, @dev={0xac, 0x14, 0x14, 0x35}]}, @cipso={0x86, 0x37, 0x0, [{0x2, 0xf, "882120c38446d771de2a103e25"}, {0x1, 0x12, "10da2ad757191a8a38c37fcb536a8d3b"}, {0x1, 0x9, "c70e9234c41e7c"}, {0x0, 0x7, "688628510b"}]}, @timestamp_addr={0x44, 0xc, 0x4b, 0x1, 0xb, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8000}]}, @noop, @end]}}}}}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f008004c6ce6b18987f7c57ee005000000000002", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 1.406186398s ago: executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000001c0)={0x0, 0x17, 0x0, 0x4}, 0xc) 1.265771955s ago: executing program 1: r0 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f0000000500)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000540), 0x4, r2}) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000380)={0x0, &(0x7f0000000240)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f00000002c0)=[r2], &(0x7f00000000c0), &(0x7f0000001440)=[r3], &(0x7f0000000240)}) 1.180922104s ago: executing program 3: r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000100)=0x14) mount$9p_fd(0x0, &(0x7f0000000780)='./file0\x00', 0x0, 0x0, 0x0) r2 = socket$isdn_base(0x22, 0x3, 0x0) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) 1.152490906s ago: executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000000540), 0x1f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000052"], 0x1c}}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc1205531, &(0x7f0000000040)) 1.064627567s ago: executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) capset(&(0x7f0000000100)={0x20071026}, 0x0) write$binfmt_script(r0, &(0x7f0000000040), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0xfe2a}, 0x90) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) capset(&(0x7f00000000c0), 0x0) 954.437039ms ago: executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x80480, 0x0) fcntl$getflags(r0, 0x401) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000080)={0x7a0, 0x40, [0x1, 0x0, 0x6, 0xff], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r1 = mq_open(&(0x7f00000000c0)='/dev/net/tun\x00', 0x1, 0x100, &(0x7f0000000100)={0x95, 0xffffffffffffff80, 0x7, 0x8000}) ioctl$FITHAW(r1, 0xc0045878) ioctl$BTRFS_IOC_INO_PATHS(r0, 0xc0389423, &(0x7f0000000180)={0x20, 0x8, [0x3, 0x7, 0x5c, 0x8001], &(0x7f0000000140)=[0x0]}) ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000200)={0x5, 0x20, [0x1000000000, 0x100000000, 0x1, 0x401], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_DEFRAG_RANGE(r1, 0x40309410, &(0x7f0000000240)={0x6, 0x9, 0x2, 0x95ff, 0x0, [0xffffffff, 0xffff, 0x1, 0x7ff]}) ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f00000002c0)={0x81, 0x8, [0x0, 0x0, 0x7], &(0x7f0000000280)=[0x0]}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_timeval(r2, 0x1, 0x43, &(0x7f0000000340), &(0x7f0000000380)=0x10) r4 = mq_open(&(0x7f00000003c0)='-([\x00', 0x40, 0x950f38315e156e2d, &(0x7f0000000400)={0xffffffffffffffff, 0x7, 0x100, 0xffffffffffffff01}) r5 = fcntl$dupfd(r3, 0x406, r2) splice(r4, &(0x7f0000000440)=0x6, r5, &(0x7f0000000480)=0x1000, 0x5, 0x1f) socket(0x5, 0x800, 0x3f) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000004c0)={'ip6erspan0\x00', 0x2}) ioctl$BTRFS_IOC_START_SYNC(r5, 0x80089418, &(0x7f0000000500)=0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000540)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r2, 0xc0c89425, &(0x7f0000000740)={"efb9667c2c30d699e275f1e20753fc77", r6, 0x0, {0x5}, {0x32, 0x100}, 0x1, [0x18, 0x4, 0x7, 0x1, 0x0, 0x0, 0x8, 0x5, 0x1, 0x188, 0x8001, 0x4e, 0x1, 0x0, 0x200, 0x1ce9]}) ioctl$BTRFS_IOC_TREE_SEARCH_V2(r3, 0xc0709411, &(0x7f0000001840)={{0x0, 0xe4, 0x9, 0x0, 0x63, 0x0, 0x80000001, 0xbf08, 0x3, 0x83f, 0x1c2, 0x9, 0x2, 0x7f, 0x8000}, 0x30, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f0000001900)={"3f32f3b25740e2ea43b63c120f628692", r8, r7, {0x53c, 0x100}, {0x5, 0x101}, 0x9, [0xffff, 0x87, 0x90, 0x7c5, 0x9, 0x6, 0x8000, 0x80000001, 0x39, 0xfffffffffffffffb, 0x8, 0xfffffffffffffffd, 0x4, 0x8000000000000, 0x256, 0x401]}) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000001a00)='ns/ipc\x00') fstatfs(r4, &(0x7f0000001ac0)=""/217) fcntl$lock(r1, 0x7, &(0x7f0000001e00)={0x1, 0x4, 0x5f86, 0x81}) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f00000020c0)) close(r5) 819.705683ms ago: executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x1b, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@getqdisc={0x21, 0x26, 0x129, 0x0, 0x0, {}, [{0x4}, {0x4}]}, 0x2c}}, 0x0) 798.441131ms ago: executing program 2: r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xa8c01) write$sndseq(r0, &(0x7f0000000080)=[{0x0, 0x0, 0x0, 0xfd, @tick, {}, {}, @connect={{0xe9}}}], 0x1c) 654.597222ms ago: executing program 5: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) unshare(0x2000400) r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8) 548.297978ms ago: executing program 1: r0 = getuid() syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x200012, &(0x7f00000002c0)=ANY=[@ANYRES8=r0, @ANYRESDEC=r0, @ANYRES16=r0, @ANYRES16], 0x1, 0x522, &(0x7f0000000a80)="$eJzs1b1u01AYBuCvaSiBqTNiOBILU1XYmAhCqVRhCQmUASYiNSwxQooXJ1MvgQvgwhi4CJSpW1BlF2jFWP+oeZ4ln/LaPuc9g/3p8ZfF2dfi849v32M03ovBOB4MLvbiMAZx5TwAgLvkYruNX9tK13sBANrh+w8Au+f9h49vXmXZ5F1Ko4jNeTktp9VvlZ+cZpPjdOngn7s2ZTnd/5M/S5Xr+b14WOfP/5sfxNMnVX6ZvX6b3cjvx1nj7QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYLcdpTSMiJRSOvz776Ysp/tVfpSu3Mir6eQ0mxzXF1zPh/Fo2FoNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BYUq/Vilufz5R0bIn5Gy4uO6iNtuem4XrYvJ9/k8LKJJ7+IiL4U7NHQ4UsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVLFaL2Z5Pl8WXe8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiLYrVezPJ8vmxw6LojAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0I3fAQAA///PCC46") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000020240), 0x10010) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 517.318284ms ago: executing program 2: r0 = socket$rxrpc(0x21, 0x2, 0xa) sendto$rxrpc(r0, 0x0, 0x0, 0x0, 0x0, 0x0) listen(r0, 0x0) 461.537745ms ago: executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="6400000002060108000000000000000000b5000016000300686173683a6e65742c706f72742c6e65740000000900020073797a30000000000500040000000000140007800800124000000000080008400000000005000500020000000500010006"], 0x64}}, 0x0) 448.470636ms ago: executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$inet6(r1, &(0x7f0000004000)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000100)="03de5446fed1fb17b282e3872f600d4f16360de255b41bc385dd0a6bcc27a0617392be3a51adcfaa819b027200b19f9b5fc466d52a8299935df28c9f85e48a8ca3c3c47bcb381f2e22a8504ef6f31e5ca7910dfc8e81ea0dd479570a46bbb3196f25d93ea40f0c8ab30c2fcff8628f17c1c7f2e8fd616910197965dd083ffad4d04fbfa3276cf0d2f803a360e5172d4ca51517bf45a2f0ce92f39f97bd01294ca4fe8fbb4e587830105f880105dca27c784f5e75b16f4249b27ad1a7a3526d154f849be08ab26e95d4da4af59e4e", 0xce}, {&(0x7f0000000200)="7ae3d1d22d5d2134a35f76555bc3c305fccc59b57b02aaaaa346d72a7da91f2d50bf3a2e8b53ad8fa56ffebe3b88f111805729f809c42b641d3b818e00ff524a4c91e691ddb0c3e58f7a330a7b994c4948e9be28cf9e217409d6b2cfdecfff756a620a0e419a532ceae8d6dc112fa214cfd194ed191157eee6a7dc6907c1aa81696bc406816a295327e6f53b4aea", 0x8e}, {&(0x7f00000002c0)="3b6cfde96259fd8f471eb44381d86dfe8184ff61faba8aac357f6aadae9f125ac8793f90adef67844e2d41dec46e2d917d48dfbf8daa72b4f073cba0edc3a930689095ad7a1bc585a8119bd3b1b31747884fc482ad692db841c98a4fdee62c2b4208625fa0377bd2c923802416d54898e64272dc", 0x74}, {&(0x7f0000000040)="ac5328aeead6", 0x6}, {&(0x7f00000003c0)="af699502991dab36ae1655499901ced5d6912118ace83607fb134654a5f56a2b39d231ce0c7b568d1e353109480e64792ff2fbd9230be2f423d412cc6b6731f20d4981ffeeb052c303e766eafd9554b62cf6127fbb4f941d90eecc4eed21d8f1862c5fd00c60765c88392b19679fad1f133f6acc70bab1e0afd2627bf8e724083b0eaf63ae0e194c18b2136217ea13eec446ab67988b909e80a0ef80b01af8eb08a4e556f630621f009b634c6687d538440379c5de5927a79cc8bab0fa711416004f9ba0af07a53155d4f3e548a0e835b6732288a7", 0xd5}, {&(0x7f00000004c0)="8f38babbcc9f9f5d5c2aadbb", 0xc}, {&(0x7f0000000500)="076946fc7ccabd0e9baa9d0ffff3328fa72c138da2429406fb16", 0x1a}, {&(0x7f0000000800)="d77ff3422de128ae3c20111abc404646c67eac266ab991ef95e349b894fe61bf3921f10db9caf216541a5fcc364713cc2138663e63fb4660ab5ddd360e1d0b0c3112f28ad08ddbd376ecd19db614cbeb2842d839b83e315082c58990232ae074d8b8dfdc3b44324e275b1f5a75858e598b960cabdcf3e7dab979f9759853d018bbd83fff0df0b027e92678a2", 0x8c}, {&(0x7f0000000600)="3c0d21c30abfe3530026c01a7c7e59f426835e1138af1b74a133c862803bcc2692bf23e9a3e88beb413393b31740a66319fd592bf1ca1cedd186420afb58732bb2b759bf722e8b9f38e31fa5e93e2d3e1b24a7d1a0fbe69c30b528ecf5ea3af0cdbd3da2b08e13300c02a48c60a52c32b5abc927b40f6ff8b032bdb4cbe449ee2257bfdf29e738683a1c8f05b20fe6c7fb6074978f8462c22c9126e6beea4cfb5a36fbb20d8c8c7683d4318ace51e28cb6b65a66bb907d4dc9e64f4ab81cd6c926e138bf45b27e77b198fec280", 0xcd}, {&(0x7f0000000700)="6409d479874f0e88cb51519a6022", 0xe}], 0xa}}], 0x1, 0x0) 408.196798ms ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f1be3f74001000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00122800014007030cd8024004009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 335.576871ms ago: executing program 2: capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040)) r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$inet6(r0, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e22, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@dstopts_2292={{0x18}}], 0x18}, 0x0) 269.990851ms ago: executing program 5: syz_mount_image$erofs(&(0x7f0000000080), &(0x7f00000000c0)='./bus\x00', 0xc, &(0x7f0000000040)=ANY=[], 0x3, 0x1ac, &(0x7f0000000380)="$eJzsmD9LI0EYxp+Z3WzIVXftcXAHF7hccZvdzd1xcAimSmEjiIqNGMwaohsjyRYmIMTSys/gRxB7sbC1E2xVEGwsrVdmd+KOxvwRkiD4/oo3z8y8mT/vJs/AgiCId8v11f3lzt7NJw60U0gjKftvtTiHK/n1w5nMl7OCfbx8+v/iqHD+fL5vAIJg+PXF3Cd5Db5sB8HTb6ejj4TaNw+On1IvgsGUegUcC1K7YFiSel3RNZFvmmsVzzVXa15JCEsEWwRHhJy6lg7gbpehpOyPKeONZmuj6HluvVsYvYdeJ/rVL9xfnmMKCOQjC5gej3dqY4F3agkbHLbUOTDMSf0PSVkb3nX+z3p8fm24849SiOffN2d/fKvrmMABSQwQaEciiXiIT+rnNx4h/j9vYBtjErF/BAcMPxT/VOwJWb+6Nd1otn5VqsWyW3Y3HSf31/ptWX+cbOjNUezjf6nQnz4o8yd65BrMwHbR9+t2FB/bThRfclwj9D+OzPeozWSfSngffGTi6kNGk22CIAiCIAiCIAiCIAiCIIiR8xUsfAs6AGc2zH4IAAD//yr7bKQ=") mknod(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) 215.034635ms ago: executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000680)={0x4c, r1, 0x601, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_RATE_TX_MAX={0xc}, @DEVLINK_ATTR_RATE_TX_SHARE={0xc}]}, 0x4c}}, 0x0) 97.797884ms ago: executing program 3: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000) write$vhost_msg_v2(r0, &(0x7f0000000680)={0x2, 0x0, {&(0x7f0000000e40)=""/141, 0x8d, 0x0, 0x0, 0x2}}, 0x48) write$vhost_msg_v2(r0, &(0x7f0000000980)={0x2, 0x0, {0x0, 0xfffffffffffffde6, 0x0, 0x0, 0x2}}, 0x67) write$vhost_msg_v2(r0, &(0x7f00000003c0)={0x2, 0x0, {0x0, 0x2, 0x0, 0x0, 0x3}}, 0x48) 83.738353ms ago: executing program 2: syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f00000001c0)={[{@fat=@sys_immutable}, {@numtail}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@shortname_mixed}, {@uni_xlateno}, {@fat=@flush}, {@fat=@codepage={'codepage', 0x3d, '949'}}, {@uni_xlate}, {@rodir}, {@shortname_lower}, {@utf8no}]}, 0x3, 0x35c, &(0x7f00000004c0)="$eJzs3U9om/UbAPAne9OkHezXHn4wFIRXb4KWteJBTy2jg2EuKsE/BzG4TqWpgwaD3aFZvYhHwaOevHnQg4edRVDEmwevTpCpeNDdBg5fSd6kedMkXSd2s/j5HMKT5/s8+37f5aV5+4Z8+/JKbFyYiYs3blyP2dlSlFfOrsTNUixEEgNXYlxlQg4AOB5uZln8nuUO2VI64iUBAEes9/7/6qlC5u0vD6rPvPsDwLHX//1/Ln+WTKyZndZ86ciWBQAcobH7/w+NDFdGP+ovT7lCAACOk2dfePGp1VrEM2k6G7H5TrverseTw/HVi/F6NGM9zsR83IrILxS6D6Xe47nztbUzaZp24qeFqHc72vWIzU67nl8prCa9/mosxXws9Pv7VxtZliXnPqutLaVpmvY+V7jS6c0fm6V2fSZO9uf//mSsx3Kk8f+x/ojztbXlNBf1zUF/J2J3eN+iu/7FmI9vX4lL0YwL0e0dXNbU1naW0vRsVhvpb9ervbrc1DsgAAAAAAAAAAAAAAAAAAAAAADwtyymexb29r/Jhvv3LC5OGO/tj5P39/cH2s33B8qqWWTZb289Wn83iZH9gfbvz9Oul+PEvT10AAAAAAAAAAAAAAAAAAAA+NdobVei0Wyub7W2L28Ug85Wa/tERHQzb3z9yRdzMV5zm6Dcn6MwlPZTlzcaWTIozpK8Zm6kPelOPsh8fHVvxcWa6t5RTFxGdfpQs3nqwR8/GGYeSAb/8p/DmiQmH2CybxnFYPN/+ZLu5D9qL1i+Tc21LMumte+8NN4VpYjynb9wBwdZN/jq+mv3PdY6/Xgv83mWe/iR+eeuvf/RLxuNZnfm6L2Cla3WrWyj0X8++WSbHiSF86cUeVAqngnlg9p3RzON5Ltfn7//vW8ON3tWzLw5oSbJD+fT/UOVPOguc9/Q3KS5ZqJ88Gn8zwSnP1xpXN354efDdhV+SNioAwAAAAAAAAAAAAAAAAAA7orCd8X7+l/2nTmo64mnj35lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD3DP/+fyHYHcuMB9XYn/mjE+PF1fWtVkTlXh8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/cX8FAAD//76aaas=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000000300)=""/273, 0x111) 0s ago: executing program 4: r0 = syz_open_dev$sndctrl(&(0x7f0000000540), 0x1f, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000052"], 0x1c}}, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc1205531, &(0x7f0000000040)) kernel console output (not intermixed with test programs): 3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 570.580364][T13436] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 570.604298][T13436] netlink: 168864 bytes leftover after parsing attributes in process `syz-executor.0'. [ 570.775605][T13442] input: syz0 as /devices/virtual/input/input23 [ 570.784015][T13440] loop4: detected capacity change from 0 to 2048 [ 570.799362][T13404] loop5: detected capacity change from 0 to 32768 [ 570.816971][T13440] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 570.855304][T13440] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 570.880735][T13447] netlink: 128124 bytes leftover after parsing attributes in process `syz-executor.1'. [ 570.897991][T13440] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 570.919862][T13424] loop2: detected capacity change from 0 to 32768 [ 570.928485][T13404] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 570.936245][T13424] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (13424) [ 570.961855][T13440] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002] [ 570.979716][T13440] System zones: 0-19 [ 570.994667][T13440] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.042086][T13424] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 571.053213][T13424] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 571.076932][T13424] BTRFS info (device loop2): using free-space-tree [ 571.233242][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 571.241589][T13404] XFS (loop5): Ending clean mount [ 571.259187][T13467] loop0: detected capacity change from 0 to 1024 [ 571.358841][T13467] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 571.518212][T13467] EXT4-fs error (device loop0): ext4_acquire_dquot:6860: comm syz-executor.0: Failed to acquire dquot type 0 [ 571.724143][T11155] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 571.855298][T12147] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 572.957853][T11217] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 573.139552][T13500] loop4: detected capacity change from 0 to 512 [ 573.241094][T13500] EXT4-fs: Ignoring removed mblk_io_submit option [ 573.278477][T13500] EXT4-fs error (device loop4): __ext4_iget:4906: inode #11: block 1: comm syz-executor.4: invalid block [ 573.337898][T13500] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 11 (err -117) [ 573.418898][T13500] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 573.641699][T13500] serio: Serial port pts0 [ 573.658543][T13513] Bluetooth: hci3: invalid length 0, exp 2 for type 24 [ 573.887315][T13522] loop1: detected capacity change from 0 to 2048 [ 573.925643][T13530] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 574.586840][T13536] overlayfs: missing 'lowerdir' [ 575.196051][T13540] loop0: detected capacity change from 0 to 64 [ 575.340076][T13540] Trying to free block not in datazone [ 575.364560][T13546] loop1: detected capacity change from 0 to 512 [ 575.371742][T13545] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 575.384000][T13546] EXT4-fs: Ignoring removed orlov option [ 575.434395][T13546] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature [ 575.490485][T13546] EXT4-fs (loop1): Remounting filesystem read-only [ 575.495531][T13552] loop5: detected capacity change from 0 to 64 [ 575.525050][T13546] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 575.558436][T13546] ext4 filesystem being mounted at /root/syzkaller-testdir1031193102/syzkaller.CSFGFE/187/file5 supports timestamps until 2038-01-19 (0x7fffffff) [ 575.692339][T11182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 575.770061][T13529] loop3: detected capacity change from 0 to 32768 [ 575.783037][T13529] btrfs: Deprecated parameter 'usebackuproot' [ 575.799836][T13529] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 575.811590][T13529] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (13529) [ 575.870976][T13529] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 575.898844][T13529] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 575.901661][T13563] loop2: detected capacity change from 0 to 764 [ 575.925120][T13529] BTRFS info (device loop3): using free-space-tree [ 575.975597][T13563] rock: directory entry would overflow storage [ 575.991681][T13563] rock: sig=0x4654, size=5, remaining=4 [ 576.066590][T13529] BTRFS info (device loop3): rebuilding free space tree [ 576.459544][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 576.565157][T13597] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 576.573615][T13597] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 576.580454][T13597] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 576.586976][T13597] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 576.596616][T13597] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 576.599002][T13600] loop4: detected capacity change from 0 to 64 [ 576.605987][T13597] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 576.615699][T13597] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 576.622255][T13597] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 576.628785][T13597] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 576.635337][T13597] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 576.687123][ T29] kauditd_printk_skb: 30 callbacks suppressed [ 576.687173][ T29] audit: type=1800 audit(1717488943.988:973): pid=13601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=1964 res=0 errno=0 [ 576.714398][ C0] vkms_vblank_simulate: vblank timer overrun [ 576.755589][T13601] Bluetooth: hci3: invalid length 0, exp 2 for type 24 [ 577.044705][T11254] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 577.095768][T13615] loop4: detected capacity change from 0 to 764 [ 577.119946][T13616] trusted_key: encrypted_key: keyword 'ne)ê»!0¤Lt' not recognized [ 577.191941][T13615] rock: directory entry would overflow storage [ 577.199687][T13615] rock: sig=0x4654, size=5, remaining=4 [ 577.316156][T13612] loop0: detected capacity change from 0 to 4096 [ 577.358358][T13612] ntfs3: loop0: ino=3, Correct links count -> 2. [ 577.437812][ T29] audit: type=1326 audit(1717488944.680:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13619 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f89a9e7cf69 code=0x0 [ 577.509657][T13622] loop4: detected capacity change from 0 to 1024 [ 577.593024][T13618] loop5: detected capacity change from 0 to 8192 [ 577.604443][T13622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 577.686760][T13627] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 577.754578][T13618] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 577.896738][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 577.911613][T13630] netlink: 'syz-executor.3': attribute type 7 has an invalid length. [ 577.936838][T13630] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.3'. [ 577.949209][T13630] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'. [ 577.978306][T13630] netlink: 872 bytes leftover after parsing attributes in process `syz-executor.3'. [ 578.029114][T13630] netlink: 'syz-executor.3': attribute type 7 has an invalid length. [ 578.048259][T13630] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.3'. [ 578.086188][ T29] audit: type=1800 audit(1717488945.280:975): pid=13637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="/" dev="fuse" ino=1 res=0 errno=0 [ 578.942502][T13660] loop5: detected capacity change from 0 to 4096 [ 578.977547][T13660] ntfs3: loop5: ino=3, Correct links count -> 2. [ 579.262820][T13685] loop1: detected capacity change from 0 to 64 [ 579.757999][T13708] loop4: detected capacity change from 0 to 256 [ 579.878206][T13714] loop3: detected capacity change from 0 to 512 [ 579.909136][T13714] EXT4-fs: Ignoring removed nomblk_io_submit option [ 579.946054][T13715] pim6reg1: entered promiscuous mode [ 579.973043][T13714] EXT4-fs (loop3): orphan cleanup on readonly fs [ 579.999363][T13715] pim6reg1: entered allmulticast mode [ 580.019258][T13717] loop1: detected capacity change from 0 to 4096 [ 580.022155][T13714] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 580.042254][T13717] ntfs3: loop1: ino=3, Correct links count -> 2. [ 580.054602][T13714] EXT4-fs (loop3): 1 truncate cleaned up [ 580.139289][T13714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 580.234786][T13714] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 580.461253][T11254] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 580.483450][T13731] loop0: detected capacity change from 0 to 256 [ 580.623380][T13731] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 580.701585][T13743] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 581.677119][T13780] netlink: 'syz-executor.4': attribute type 21 has an invalid length. [ 581.753820][T13780] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.4'. [ 581.785718][T13781] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 582.108828][T13785] loop0: detected capacity change from 0 to 256 [ 582.118305][T13786] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 582.161805][T13785] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 582.432267][T13790] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 582.456239][T13790] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.4'. [ 582.481927][T13790] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 582.491866][T13790] netlink: 872 bytes leftover after parsing attributes in process `syz-executor.4'. [ 582.508699][T13796] sp0: Synchronizing with TNC [ 582.556985][T13790] netlink: 'syz-executor.4': attribute type 7 has an invalid length. [ 582.576002][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 582.596470][T13790] netlink: 15 bytes leftover after parsing attributes in process `syz-executor.4'. [ 582.608409][T13795] [U] è [ 582.619855][T13802] loop1: detected capacity change from 0 to 512 [ 582.628574][T13800] loop0: detected capacity change from 0 to 128 [ 582.649615][T13802] EXT4-fs error (device loop1): ext4_get_journal_inode:5752: comm syz-executor.1: inode #196608: comm syz-executor.1: iget: illegal inode # [ 582.668052][T13800] ufs: Invalid option: "¾" or missing value [ 582.674932][T13800] ufs: wrong mount options [ 582.681788][T13802] EXT4-fs (loop1): Remounting filesystem read-only [ 582.703538][T13802] EXT4-fs (loop1): no journal found [ 582.715834][T13802] EXT4-fs (loop1): can't get journal size [ 582.728233][T13802] EXT4-fs (loop1): failed to initialize system zone (-22) [ 582.737129][T13802] EXT4-fs (loop1): mount failed [ 582.767488][T13765] loop2: detected capacity change from 0 to 32768 [ 582.876576][T13811] loop0: detected capacity change from 0 to 512 [ 582.884728][T13811] EXT4-fs: Ignoring removed mblk_io_submit option [ 582.903986][T13765] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 582.946938][T13811] EXT4-fs error (device loop0): __ext4_iget:4906: inode #11: block 1: comm syz-executor.0: invalid block [ 583.017752][T13811] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 11 (err -117) [ 583.040214][T13811] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 583.156356][T13811] serio: Serial port pts0 [ 583.173137][T13765] XFS (loop2): Ending clean mount [ 583.179127][T13826] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg2, syncid = 2, id = 0 [ 583.190993][T13765] XFS (loop2): Quotacheck needed: Please wait. [ 583.201939][T13822] loop5: detected capacity change from 0 to 256 [ 583.220204][T13822] exfat: Unknown parameter 'ë ©' [ 583.394207][T13765] XFS (loop2): Quotacheck: Done. [ 583.623884][T11217] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 584.421361][T13854] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 584.446905][T13855] loop5: detected capacity change from 0 to 128 [ 584.455971][T13855] ufs: Invalid option: "¾" or missing value [ 584.474574][T13855] ufs: wrong mount options [ 584.632166][T13820] loop4: detected capacity change from 0 to 32768 [ 584.680441][T13820] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 584.693172][T13865] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 584.769545][T13820] XFS (loop4): Ending clean mount [ 584.977758][T12378] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 585.014580][T13879] net_ratelimit: 102 callbacks suppressed [ 585.014604][T13879] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 585.018975][T13868] loop2: detected capacity change from 0 to 8192 [ 585.020525][T13879] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 585.039617][T13879] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 585.046057][T13879] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 585.052624][T13879] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 585.059076][T13879] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 585.064145][T13868] REISERFS warning (device loop2): sh-2021 reiserfs_fill_super: can not find reiserfs on loop2 [ 585.065602][T13879] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 585.082544][T13879] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 585.089132][T13879] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 585.095731][T13879] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 585.476205][T13892] loop1: detected capacity change from 0 to 1024 [ 585.611188][T13894] loop2: detected capacity change from 0 to 47 [ 585.669392][T13892] Invalid option length (0) for dns_resolver key [ 585.697178][T13894] MINIX-fs: deleted inode referenced: 9 [ 585.718475][T13894] MINIX-fs: deleted inode referenced: 9 [ 585.738433][T13894] MINIX-fs: deleted inode referenced: 9 [ 585.779657][T13894] MINIX-fs: deleted inode referenced: 9 [ 586.203431][T12147] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 586.357877][T13888] loop3: detected capacity change from 0 to 32768 [ 586.626845][T13933] sp0: Synchronizing with TNC [ 587.041390][T13951] netlink: 'syz-executor.5': attribute type 1 has an invalid length. [ 587.876909][T13990] loop1: detected capacity change from 0 to 512 [ 588.075533][T13990] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 588.090011][T13990] ext4 filesystem being mounted at /root/syzkaller-testdir1031193102/syzkaller.CSFGFE/215/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 588.455342][T14025] loop3: detected capacity change from 0 to 512 [ 588.489517][T14025] EXT4-fs: Ignoring removed nomblk_io_submit option [ 588.539368][T14025] EXT4-fs (loop3): orphan cleanup on readonly fs [ 588.545833][T14025] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 588.604354][T14025] EXT4-fs (loop3): 1 truncate cleaned up [ 588.622116][T14025] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 588.665093][T14035] loop5: detected capacity change from 0 to 47 [ 588.750087][T14035] MINIX-fs: deleted inode referenced: 9 [ 588.769005][T14035] MINIX-fs: deleted inode referenced: 9 [ 588.782035][T14025] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 588.794920][T14035] MINIX-fs: deleted inode referenced: 9 [ 588.806700][T14035] MINIX-fs: deleted inode referenced: 9 [ 588.918053][T11254] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 588.970328][T11182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 589.055535][T14044] bridge0: port 3(vlan2) entered blocking state [ 589.069721][T14044] bridge0: port 3(vlan2) entered disabled state [ 589.091116][T14044] vlan2: entered allmulticast mode [ 589.118482][T14044] vlan2: left allmulticast mode [ 589.180689][T14047] sp0: Synchronizing with TNC [ 589.349915][ T29] audit: type=1800 audit(1717488955.664:976): pid=14060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=1956 res=0 errno=0 [ 589.437565][ T29] audit: type=1804 audit(1717488955.747:977): pid=14060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir911500426/syzkaller.71n3sw/193/file0" dev="sda1" ino=1956 res=1 errno=0 [ 589.496262][T14067] loop2: detected capacity change from 0 to 4096 [ 589.541140][T14067] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512). [ 589.602030][ T29] audit: type=1326 audit(1717488955.895:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14069 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x0 [ 589.645717][T14074] xt_TCPMSS: Only works on TCP SYN packets [ 589.671477][ T29] audit: type=1800 audit(1717488955.941:979): pid=14075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1973 res=0 errno=0 [ 589.731845][ T29] audit: type=1326 audit(1717488955.996:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14072 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa50a27cf69 code=0x0 [ 590.051536][T14083] loop4: detected capacity change from 0 to 512 [ 590.224212][T14083] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 590.237424][T14083] ext4 filesystem being mounted at /root/syzkaller-testdir1103801858/syzkaller.c0VUIr/74/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 591.076282][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 591.113679][ T29] audit: type=1800 audit(1717488957.297:981): pid=14116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1955 res=0 errno=0 [ 591.369294][ T29] audit: type=1800 audit(1717488957.537:982): pid=14123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1954 res=0 errno=0 [ 591.406736][T14129] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.4'. [ 591.426783][ T29] audit: type=1804 audit(1717488957.547:983): pid=14123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir2162416366/syzkaller.54Nel6/127/file0" dev="sda1" ino=1954 res=1 errno=0 [ 591.462766][T14129] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.4'. [ 591.503745][T14128] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.4'. [ 591.708099][T14142] net_ratelimit: 48 callbacks suppressed [ 591.708127][T14142] netlink: get zone limit has 4 unknown bytes [ 592.279432][T14167] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 592.448142][T14178] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 593.278602][T14213] loop5: detected capacity change from 0 to 1024 [ 593.322184][T14218] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.0'. [ 593.361592][T14213] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 593.566804][T14231] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.4'. [ 593.634511][T11155] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 594.737532][T14237] bridge0: port 3(vlan2) entered blocking state [ 594.796480][T14237] bridge0: port 3(vlan2) entered disabled state [ 595.073124][T14237] vlan2: entered allmulticast mode [ 595.162434][T14237] vlan2: left allmulticast mode [ 595.219848][T14246] loop1: detected capacity change from 0 to 512 [ 595.363617][T14246] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 595.421572][T14246] ext4 filesystem being mounted at /root/syzkaller-testdir1031193102/syzkaller.CSFGFE/231/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 595.748328][T14265] loop0: detected capacity change from 0 to 2048 [ 595.820785][T14270] loop4: detected capacity change from 0 to 1024 [ 595.864429][T14212] loop2: detected capacity change from 0 to 32768 [ 595.920683][T14265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 595.934420][T14274] loop3: detected capacity change from 0 to 1024 [ 595.998617][T14274] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 596.046857][T14270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 596.144088][T14212] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 596.166853][T11182] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.193843][T11254] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.208689][T14270] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.4: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 596.305922][T12147] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.416915][T14212] XFS (loop2): Ending clean mount [ 596.422375][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 596.491682][T11217] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 597.039061][T14320] loop4: detected capacity change from 0 to 16 [ 597.226858][T14328] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.5'. [ 597.262685][T14328] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.5'. [ 597.310192][T14324] netlink: 4083 bytes leftover after parsing attributes in process `syz-executor.5'. [ 597.426881][T14333] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.2'. [ 597.820725][T14342] loop5: detected capacity change from 0 to 512 [ 597.875222][T14342] EXT4-fs error (device loop5): ext4_xattr_inode_iget:436: comm syz-executor.5: Parent and EA inode have the same ino 15 [ 597.950745][T14342] EXT4-fs (loop5): 1 orphan inode deleted [ 597.976118][T14352] loop2: detected capacity change from 0 to 128 [ 598.000648][T14342] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 598.015586][T14352] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 598.049653][T14352] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 598.279922][T11155] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 598.805012][T14373] loop1: detected capacity change from 0 to 512 [ 598.834069][T14373] ext3: Unknown parameter 'uid<00000000000000000000' [ 598.844447][ T2801] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 600.098414][ T5176] usb 2-1: new high-speed USB device number 13 using dummy_hcd [ 600.354298][ T5176] usb 2-1: Using ep0 maxpacket: 8 [ 600.384990][ T5176] usb 2-1: config 0 has an invalid interface number: 52 but max is 0 [ 600.397026][ T5176] usb 2-1: config 0 has an invalid descriptor of length 88, skipping remainder of the config [ 600.431062][ T5176] usb 2-1: config 0 has no interface number 0 [ 600.448363][ T5176] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 82, changing to 10 [ 600.498193][ T5176] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid maxpacket 1703, setting to 1024 [ 600.540132][ T5176] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 600.597845][ T5176] usb 2-1: config 0 interface 52 has no altsetting 0 [ 600.615260][ T5176] usb 2-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 600.629827][ T5176] usb 2-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 600.644635][ T5176] usb 2-1: Product: syz [ 600.649543][ T5176] usb 2-1: SerialNumber: syz [ 600.664053][ T5176] usb 2-1: config 0 descriptor?? [ 600.665151][T14413] loop5: detected capacity change from 0 to 16 [ 600.791061][T14417] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 600.924429][ T5176] input: syz (Stick) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input26 [ 601.154125][ T5217] usb 2-1: USB disconnect, device number 13 [ 601.268568][T14433] tmpfs: Bad value for 'mpol' [ 601.628864][ T29] audit: type=1326 audit(1717488967.007:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14445 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x0 [ 601.833503][T14451] loop0: detected capacity change from 0 to 128 [ 601.935897][T14451] loop0: detected capacity change from 0 to 256 [ 602.095737][T14421] loop4: detected capacity change from 0 to 32768 [ 602.155516][T14421] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 602.292349][T14421] XFS (loop4): Ending clean mount [ 602.472449][T12378] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 602.507057][ T29] audit: type=1326 audit(1717488967.820:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14481 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa50a27cf69 code=0x0 [ 602.516578][T14480] netlink: 'syz-executor.2': attribute type 1 has an invalid length. [ 602.763170][T14441] loop5: detected capacity change from 0 to 32768 [ 602.873888][T14496] loop2: detected capacity change from 0 to 128 [ 603.103733][T14496] loop2: detected capacity change from 0 to 256 [ 604.517575][T14511] loop2: detected capacity change from 0 to 32768 [ 604.656317][T14511] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 604.842818][T14511] XFS (loop2): Ending clean mount [ 604.928618][T14555] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 604.967016][T14553] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 605.094644][T11217] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 605.151668][T14558] loop5: detected capacity change from 0 to 64 [ 605.326543][T14568] loop4: detected capacity change from 0 to 128 [ 605.382529][T14568] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 605.430819][T14568] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 605.478930][T14574] loop5: detected capacity change from 0 to 512 [ 605.498344][T14574] EXT4-fs (loop5): blocks per group (71) and clusters per group (32768) inconsistent [ 605.587789][T14574] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 605.650637][T14545] loop3: detected capacity change from 0 to 32768 [ 605.686228][T14545] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 2859f616 should be 29d2fb78 [ 605.761561][T14586] loop5: detected capacity change from 0 to 64 [ 605.864027][T14589] loop0: detected capacity change from 0 to 8192 [ 605.905674][T14545] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names [ 605.918419][T14545] bcachefs (loop3): recovering from clean shutdown, journal seq 7 [ 606.004645][T14545] bcachefs (loop3): alloc_read... done [ 606.035359][T14545] bcachefs (loop3): stripes_read... done [ 606.041220][T14545] bcachefs (loop3): snapshots_read... done [ 606.099707][T14594] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 606.120620][ T1272] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1) [ 606.125749][T14545] bcachefs (loop3): going read-write [ 606.166379][T14545] bcachefs (loop3): journal_replay... done [ 606.243891][T14545] bcachefs (loop3): resume_logged_ops... done [ 606.250336][T14545] bcachefs (loop3): delete_dead_inodes... done [ 606.312126][T14545] bcachefs (loop3): done starting filesystem [ 606.406422][T14600] netlink: 'syz-executor.0': attribute type 11 has an invalid length. [ 606.450474][T14600] overlayfs: failed to create directory ./file2/work (errno: 28); mounting read-only [ 606.525085][T14600] overlayfs: failed to set uuid (/file1, err=-28); falling back to uuid=null. [ 606.577437][ T29] audit: type=1804 audit(1717488971.567:986): pid=14545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3866243446/syzkaller.nUPCcQ/218/file1/bus" dev="loop3" ino=4100 res=1 errno=0 [ 606.917985][T14615] loop4: detected capacity change from 0 to 512 [ 606.968652][T14615] EXT4-fs (loop4): blocks per group (71) and clusters per group (32768) inconsistent [ 606.985308][T11254] bcachefs (loop3): shutting down [ 607.003196][T11254] bcachefs (loop3): going read-only [ 607.057320][T11254] bcachefs (loop3): finished waiting for writes to stop [ 607.094825][T11254] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11 [ 607.122457][T11254] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 11 [ 607.157620][T11254] bcachefs (loop3): shutdown complete, journal seq 12 [ 607.173385][T14615] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 607.208879][T11254] bcachefs (loop3): marking filesystem clean [ 607.307237][T11254] bcachefs (loop3): shutdown complete [ 607.340243][T14592] loop5: detected capacity change from 0 to 32768 [ 607.425600][T14592] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 607.550874][T14592] XFS (loop5): Ending clean mount [ 607.778898][T11155] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 607.846981][T14651] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 607.890917][T14649] loop4: detected capacity change from 0 to 2048 [ 607.948177][T14649] udf: Unknown parameter 'adiç1Ë"czrÇo¨9¾­«nicb' [ 608.522855][T14663] netlink: 'syz-executor.4': attribute type 2 has an invalid length. [ 608.545930][T14663] netlink: 'syz-executor.4': attribute type 8 has an invalid length. [ 608.587654][T14663] netlink: 'syz-executor.4': attribute type 1 has an invalid length. [ 608.628456][T14663] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.4'. [ 608.827835][T14666] loop5: detected capacity change from 0 to 512 [ 608.871581][T14666] EXT4-fs (loop5): Encoding requested by superblock is unknown [ 609.176726][T14647] loop2: detected capacity change from 0 to 40427 [ 609.245487][T14647] F2FS-fs (loop2): invalid crc value [ 609.270068][T14672] loop3: detected capacity change from 0 to 2048 [ 609.312344][T14672] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024) [ 609.326731][T14647] F2FS-fs (loop2): Found nat_bits in checkpoint [ 609.413888][T14680] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 609.575263][T14655] loop1: detected capacity change from 0 to 32768 [ 609.598438][T14655] btrfs: Deprecated parameter 'usebackuproot' [ 609.623490][T14647] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 609.640619][T14655] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 609.653083][T14655] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (14655) [ 609.759438][T14655] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 609.790739][T14655] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 611.248013][T14708] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 612.600113][T14714] loop4: detected capacity change from 0 to 2048 [ 612.650373][ T29] audit: type=1326 audit(1717488977.142:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14715 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x0 [ 612.750364][T14714] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 612.777896][T14655] BTRFS error (device loop1): open_ctree failed [ 613.637680][T14730] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.5'. [ 613.689110][T14730] openvswitch: netlink: IP tunnel attribute has 3060 unknown bytes. [ 613.807202][T14733] loop0: detected capacity change from 0 to 2048 [ 613.846827][T14734] loop3: detected capacity change from 0 to 2048 [ 613.874669][T14734] udf: Unknown parameter 'adiç1Ë"czrÇo¨9¾­«nicb' [ 613.914290][T14733] GPT:first_usable_lbas don't match. [ 613.919884][T14733] GPT:34 != 290 [ 613.955992][T14733] GPT: Use GNU Parted to correct GPT errors. [ 614.000037][T14733] loop0: p1 p2 p3 [ 614.314867][T14747] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 614.328942][T14739] loop4: detected capacity change from 0 to 4096 [ 614.384084][T14739] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 614.531715][T14752] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 614.599718][T14739] ntfs3: loop4: Mark volume as dirty due to NTFS errors [ 614.907236][T14759] Error parsing options; rc = [-22] [ 614.952669][T14755] loop3: detected capacity change from 0 to 4096 [ 614.996139][T14755] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512). [ 615.102404][T14763] Unknown options in mask 7f00 [ 615.149466][ T29] audit: type=1800 audit(1717488979.486:988): pid=14755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 615.214396][ T29] audit: type=1800 audit(1717488979.486:989): pid=14755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=33 res=0 errno=0 [ 615.476138][T14768] loop0: detected capacity change from 0 to 4096 [ 615.511364][T14769] loop1: detected capacity change from 0 to 2048 [ 615.517915][T14768] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 615.558418][T14772] loop3: detected capacity change from 0 to 256 [ 615.578067][T14769] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 615.671735][T14768] ntfs3: loop0: mft corrupted [ 615.693362][T14768] ntfs3: loop0: Failed to load $Extend (-22). [ 615.716572][T14768] ntfs3: loop0: Failed to initialize $Extend. [ 615.736971][T14741] loop5: detected capacity change from 0 to 32768 [ 615.780644][T14741] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 615.905202][T14753] loop2: detected capacity change from 0 to 40427 [ 615.937626][T14741] XFS (loop5): Ending clean mount [ 615.952200][T14753] F2FS-fs (loop2): invalid crc value [ 616.024408][T14753] F2FS-fs (loop2): Found nat_bits in checkpoint [ 616.069991][T14786] loop3: detected capacity change from 0 to 1024 [ 616.124469][T14786] hfsplus: unable to change nls mapping [ 616.207256][T11155] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 616.221376][T14786] hfsplus: unable to parse mount options [ 616.353671][T14753] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 616.928554][T14797] loop4: detected capacity change from 0 to 8192 [ 616.964744][T14805] Unknown options in mask 7f00 [ 617.199284][T14812] loop1: detected capacity change from 0 to 256 [ 617.563762][T14817] loop5: detected capacity change from 0 to 4096 [ 618.031163][T14817] ntfs3: loop5: failed to convert "0080" to cp869 [ 618.066430][T14817] ntfs3: loop5: failed to convert name for inode 1e. [ 618.373731][ T29] audit: type=1326 audit(1717488982.458:990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14818 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7fc00000 [ 618.582320][T14843] loop5: detected capacity change from 0 to 1024 [ 618.650426][T14843] hfsplus: unable to change nls mapping [ 618.718446][T14851] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 618.744127][T14843] hfsplus: unable to parse mount options [ 618.894774][ T4485] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 618.909032][ T58] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 618.916697][T10806] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 618.928871][ T4485] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 618.952038][ T4485] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 618.977389][ T4485] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 618.989937][ T4485] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 619.005359][ T4485] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 619.112647][ T5164] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 619.135372][ T58] usb 1-1: Using ep0 maxpacket: 32 [ 619.137970][T10806] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.147958][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 619.179257][ T58] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 619.190307][ T58] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 619.232856][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 619.294062][ T58] usb 1-1: config 0 descriptor?? [ 619.343241][ T58] hub 1-1:0.0: USB hub found [ 619.348739][ T5164] usb 5-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=e5.0d [ 619.375749][ T5164] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 619.387080][ T5164] usb 5-1: Product: syz [ 619.398180][T10806] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.409816][ T5164] usb 5-1: Manufacturer: syz [ 619.414623][ T5164] usb 5-1: SerialNumber: syz [ 619.440020][ T5164] usb 5-1: config 0 descriptor?? [ 619.461005][ T5164] cypress_cy7c63 5-1:0.0: Cypress CY7C63xxx device now attached [ 619.570638][ T58] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19) [ 619.662585][T10806] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 619.707272][ T5217] usb 5-1: USB disconnect, device number 10 [ 619.714100][ T5217] cypress_cy7c63 5-1:0.0: Cypress CY7C63xxx device now disconnected [ 619.729059][T14869] loop1: detected capacity change from 0 to 8192 [ 619.778204][T14869] loop1: AHDI p1 p3 p4 [ 619.782682][T14869] loop1: p1 size 1048585 extends beyond EOD, truncated [ 619.794045][ T58] usbhid 1-1:0.0: can't add hid device: -71 [ 619.805541][ T58] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 619.817081][T14869] loop1: p3 start 65535 is beyond EOD, truncated [ 619.876851][ T58] usb 1-1: USB disconnect, device number 7 [ 620.274980][T10806] vlan2: left allmulticast mode [ 620.294729][T10806] vlan2: left promiscuous mode [ 620.322713][T10806] bridge0: port 3(vlan2) entered disabled state [ 620.350893][T10806] bridge_slave_1: left allmulticast mode [ 620.356614][T10806] bridge_slave_1: left promiscuous mode [ 620.372378][T10806] bridge0: port 2(bridge_slave_1) entered disabled state [ 620.399504][T10806] bridge_slave_0: left allmulticast mode [ 620.416943][T10806] bridge_slave_0: left promiscuous mode [ 620.429376][T10806] bridge0: port 1(bridge_slave_0) entered disabled state [ 620.922807][T14903] loop5: detected capacity change from 0 to 4096 [ 620.954874][T14903] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 621.079589][T14903] ntfs3: loop5: mft corrupted [ 621.085687][T14903] ntfs3: loop5: Failed to load $Extend (-22). [ 621.102599][T14903] ntfs3: loop5: Failed to initialize $Extend. [ 621.236165][ T5119] Bluetooth: hci0: command tx timeout [ 622.022480][T10806] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 622.089776][T10806] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 622.120344][T14925] loop5: detected capacity change from 0 to 32768 [ 622.133227][T10806] bond0 (unregistering): Released all slaves [ 622.182388][T14911] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 622.195477][T14925] jfs_lookup: iget failed on inum 4 [ 622.225371][T14930] netlink: 'syz-executor.2': attribute type 10 has an invalid length. [ 622.447096][T14925] jfs_lookup: iget failed on inum 4 [ 622.456286][T14930] geneve0: entered promiscuous mode [ 622.595089][T14930] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 623.350789][T10806] tipc: Disabling bearer [ 623.356930][T10806] tipc: Left network mode [ 623.388137][T14856] chnl_net:caif_netlink_parms(): no params data found [ 623.478769][ T5119] Bluetooth: hci0: command tx timeout [ 623.628611][ T29] audit: type=1800 audit(1717488987.304:991): pid=14950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 623.900161][ T29] audit: type=1326 audit(1717488987.563:992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 623.940662][ T29] audit: type=1326 audit(1717488987.563:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.002504][ T29] audit: type=1326 audit(1717488987.600:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.005155][T14856] bridge0: port 1(bridge_slave_0) entered blocking state [ 624.074276][ T29] audit: type=1326 audit(1717488987.600:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.081453][T14856] bridge0: port 1(bridge_slave_0) entered disabled state [ 624.144115][T14856] bridge_slave_0: entered allmulticast mode [ 624.146409][ T29] audit: type=1326 audit(1717488987.600:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.183834][T14856] bridge_slave_0: entered promiscuous mode [ 624.225291][ T29] audit: type=1326 audit(1717488987.600:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.263218][ T29] audit: type=1326 audit(1717488987.600:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.323204][ T29] audit: type=1326 audit(1717488987.600:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.349220][ T29] audit: type=1326 audit(1717488987.600:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.394568][ T29] audit: type=1326 audit(1717488987.600:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14958 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7c067cf69 code=0x7ffc0000 [ 624.435586][T14856] bridge0: port 2(bridge_slave_1) entered blocking state [ 624.462097][T14856] bridge0: port 2(bridge_slave_1) entered disabled state [ 624.495228][T14856] bridge_slave_1: entered allmulticast mode [ 624.508352][T14856] bridge_slave_1: entered promiscuous mode [ 624.705064][T14856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 624.884528][T10806] hsr_slave_0: left promiscuous mode [ 624.935713][T10806] hsr_slave_1: left promiscuous mode [ 624.957700][T14986] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 624.988053][T10806] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 624.991762][T14986] netlink: 9344 bytes leftover after parsing attributes in process `syz-executor.1'. [ 625.005538][T14986] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.1'. [ 625.015179][T10806] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 625.030758][T10806] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 625.038949][T10806] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 625.850520][ T5119] Bluetooth: hci0: command tx timeout [ 625.879378][T14991] loop4: detected capacity change from 0 to 2048 [ 625.909587][T14991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 625.914353][T10806] veth1_macvtap: left promiscuous mode [ 625.927389][T10806] veth0_macvtap: left promiscuous mode [ 625.933084][T10806] veth1_vlan: left promiscuous mode [ 625.938662][T10806] veth0_vlan: left promiscuous mode [ 626.009460][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 626.019314][ T5217] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 626.068824][T14997] loop1: detected capacity change from 0 to 8192 [ 626.086969][T14997] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 626.146750][T14997] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 626.166744][T14997] FAT-fs (loop1): Filesystem has been set read-only [ 626.245382][ T5217] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 626.263526][ T5217] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 626.282385][ T5217] usb 1-1: config 0 descriptor?? [ 626.747927][ T5217] gs_usb 1-1:0.0: Configuring for 1 interfaces [ 626.852440][T15014] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:16x16 (0x47524247, 8, 0, 0, 0) [ 627.200737][ T5217] gs_usb 1-1:0.0: Disabling termination support for channel 0 (-EPROTO) [ 627.651237][T15024] loop4: detected capacity change from 0 to 164 [ 627.697530][T15012] loop1: detected capacity change from 0 to 32768 [ 627.774682][T10806] team0 (unregistering): Port device team_slave_1 removed [ 627.941723][T10806] team0 (unregistering): Port device team_slave_0 removed [ 628.065272][T15030] loop0: detected capacity change from 0 to 4096 [ 628.072881][ T5119] Bluetooth: hci0: command tx timeout [ 628.089732][T15030] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 628.202126][T15030] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 628.268364][T15030] ntfs3: loop0: ino=1f, "cpuacct.usage_percpu_user" ntfs_iget5 [ 628.337839][T12147] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 628.939324][T14856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 629.043882][ T5217] usb 1-1: USB disconnect, device number 8 [ 629.127777][T15026] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 629.176222][T15026] geneve0: entered promiscuous mode [ 629.208362][T15026] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 629.474485][T14856] team0: Port device team_slave_0 added [ 629.541874][T14856] team0: Port device team_slave_1 added [ 629.785820][T14856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 629.814366][T14856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 629.899094][T15059] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 629.932789][T14856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 629.978962][T14856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 630.008206][T14856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 630.062874][T14856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 630.262114][T10806] IPVS: stop unused estimator thread 0... [ 630.370372][T14856] hsr_slave_0: entered promiscuous mode [ 630.446054][T14856] hsr_slave_1: entered promiscuous mode [ 630.545321][T14856] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 630.561078][T14856] Cannot create hsr debugfs directory [ 630.572866][T15077] x_tables: unsorted entry at hook 2 [ 631.686532][ T5119] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260 [ 631.725661][T15084] loop4: detected capacity change from 0 to 2048 [ 631.809067][T15084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 631.853870][T15084] ext4 filesystem being mounted at /root/syzkaller-testdir1103801858/syzkaller.c0VUIr/149/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 632.172483][ T4485] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 632.185012][ T4485] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 632.202053][ T4485] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 632.223014][ T4485] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 632.231089][ T4485] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 632.240436][ T4485] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 632.286034][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 632.736759][T15106] loop0: detected capacity change from 0 to 64 [ 633.691592][T15072] loop5: detected capacity change from 0 to 40427 [ 633.850723][T15072] F2FS-fs (loop5): invalid crc value [ 633.856813][T15072] F2FS-fs (loop5): Failed to start F2FS issue_checkpoint_thread (-4) [ 634.181848][T15095] chnl_net:caif_netlink_parms(): no params data found [ 634.486705][ T4485] Bluetooth: hci1: command tx timeout [ 635.524285][T15133] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 635.606643][T15129] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 635.635072][T15129] geneve0: entered promiscuous mode [ 635.701928][T15129] bond0: (slave geneve0): Enslaving as an active interface with an up link [ 635.848545][T15095] bridge0: port 1(bridge_slave_0) entered blocking state [ 635.876208][T15095] bridge0: port 1(bridge_slave_0) entered disabled state [ 635.884707][T15095] bridge_slave_0: entered allmulticast mode [ 635.892593][T15095] bridge_slave_0: entered promiscuous mode [ 635.934374][T15095] bridge0: port 2(bridge_slave_1) entered blocking state [ 635.950081][T15095] bridge0: port 2(bridge_slave_1) entered disabled state [ 635.957453][T15095] bridge_slave_1: entered allmulticast mode [ 635.983373][T15095] bridge_slave_1: entered promiscuous mode [ 636.006353][T14856] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 636.035353][T14856] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 636.052480][T15095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 636.063131][T14856] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 636.087308][T14856] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 636.105040][T15095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 636.195872][T15095] team0: Port device team_slave_0 added [ 636.223088][T15095] team0: Port device team_slave_1 added [ 636.290783][T15095] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 636.301129][T15095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 636.329490][T15095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 636.352274][T15095] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 636.361303][T15095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 636.388112][T15095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 636.572101][T15095] hsr_slave_0: entered promiscuous mode [ 636.586187][T15095] hsr_slave_1: entered promiscuous mode [ 636.594927][T15095] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 636.613188][T15095] Cannot create hsr debugfs directory [ 636.742127][ T4485] Bluetooth: hci1: command tx timeout [ 636.828853][T14856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 636.889458][T14856] 8021q: adding VLAN 0 to HW filter on device team0 [ 636.922660][ T5177] bridge0: port 1(bridge_slave_0) entered blocking state [ 636.929908][ T5177] bridge0: port 1(bridge_slave_0) entered forwarding state [ 637.046874][T15095] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.081180][ T58] bridge0: port 2(bridge_slave_1) entered blocking state [ 637.088435][ T58] bridge0: port 2(bridge_slave_1) entered forwarding state [ 637.165918][T15095] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.302790][T15095] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.424901][T15095] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 637.550136][T14856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 637.809237][T15095] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 637.854347][T14856] veth0_vlan: entered promiscuous mode [ 637.864393][T15095] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 637.906999][T14856] veth1_vlan: entered promiscuous mode [ 637.952370][T15095] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 638.001502][T15095] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 638.140410][T12541] bridge_slave_1: left allmulticast mode [ 638.146119][T12541] bridge_slave_1: left promiscuous mode [ 638.181522][T12541] bridge0: port 2(bridge_slave_1) entered disabled state [ 638.207899][T12541] bridge_slave_0: left allmulticast mode [ 638.213934][T12541] bridge_slave_0: left promiscuous mode [ 638.219735][T12541] bridge0: port 1(bridge_slave_0) entered disabled state [ 638.293233][T15166] MD5 Hash not found for [fe80::bb].0->[ff02::1].20002 [FSRP.]L3 index 0 [ 638.942348][T15154] loop0: detected capacity change from 0 to 32768 [ 638.995059][ T5119] Bluetooth: hci1: command tx timeout [ 639.561987][T15168] loop5: detected capacity change from 0 to 32768 [ 639.585282][T15168] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (15168) [ 639.607152][T15168] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 639.617913][T15168] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm [ 639.627481][T15168] BTRFS info (device loop5): using free-space-tree [ 640.445104][ T5119] Bluetooth: hci4: command 0x0406 tx timeout [ 640.591398][T15168] BTRFS info (device loop5): checking UUID tree [ 640.671838][T12541] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 640.718869][T12541] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 640.738530][T12541] bond0 (unregistering): Released all slaves [ 640.909712][T11155] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 641.011275][T14856] veth0_macvtap: entered promiscuous mode [ 641.247728][ T4485] Bluetooth: hci1: command tx timeout [ 641.330627][T14856] veth1_macvtap: entered promiscuous mode [ 641.678656][T15208] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 641.738594][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.764056][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.799565][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.832668][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.854455][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.878387][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.905607][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.929556][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.939475][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.952620][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 641.965969][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 641.976819][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 642.012574][T14856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 642.248414][T15223] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 642.318132][T12541] hsr_slave_0: left promiscuous mode [ 642.347927][T12541] hsr_slave_1: left promiscuous mode [ 642.365358][T12541] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 642.373059][T12541] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 642.402865][T12541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 642.421062][T12541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 642.487924][T12541] veth1_macvtap: left promiscuous mode [ 642.495651][T12541] veth0_macvtap: left promiscuous mode [ 642.501464][T12541] veth1_vlan: left promiscuous mode [ 642.518323][T12541] veth0_vlan: left promiscuous mode [ 642.702311][ T5119] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 642.714386][ T5119] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 642.726828][ T5119] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 642.741063][ T5119] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 642.749330][ T5119] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 642.769369][ T5119] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 643.137238][ T29] kauditd_printk_skb: 119 callbacks suppressed [ 643.137264][ T29] audit: type=1804 audit(1717489005.321:1121): pid=15244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1103801858/syzkaller.c0VUIr/164/file0" dev="sda1" ino=1956 res=1 errno=0 [ 643.902415][T15252] input: syz0 as /devices/virtual/input/input27 [ 644.105886][T15248] loop4: detected capacity change from 0 to 32768 [ 644.121492][T15248] XFS: ikeep mount option is deprecated. [ 644.225158][T15248] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 644.250638][T12541] team0 (unregistering): Port device team_slave_1 removed [ 644.358784][T12541] team0 (unregistering): Port device team_slave_0 removed [ 644.518871][T15248] XFS (loop4): Ending clean mount [ 644.562735][T15248] XFS (loop4): Quotacheck needed: Please wait. [ 644.726066][T15248] XFS (loop4): Quotacheck: Done. [ 644.803783][T12378] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 644.994283][ T5119] Bluetooth: hci4: command tx timeout [ 646.542352][T15284] loop5: detected capacity change from 0 to 4096 [ 646.557311][T15284] ntfs3: Invalid value for umask. [ 646.567027][T15286] : Can't lookup blockdev [ 646.690107][T15288] ieee802154 phy0 wpan0: encryption failed: -22 [ 646.792132][T15291] Bluetooth: MGMT ver 1.22 [ 647.102235][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.150000][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.184440][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.195754][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.216603][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.227628][ T5119] Bluetooth: hci4: command tx timeout [ 647.255710][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.288058][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.319501][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.331763][T14856] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 647.343625][T14856] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 647.359828][T14856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 647.448827][T14856] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.469302][T14856] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.479813][T14856] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.509166][T14856] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.633203][T15095] 8021q: adding VLAN 0 to HW filter on device bond0 [ 647.680875][T15313] input: syz0 as /devices/virtual/input/input28 [ 647.848005][T15315] : Can't lookup blockdev [ 647.927952][T15095] 8021q: adding VLAN 0 to HW filter on device team0 [ 648.138461][ T5174] bridge0: port 1(bridge_slave_0) entered blocking state [ 648.145684][ T5174] bridge0: port 1(bridge_slave_0) entered forwarding state [ 648.190819][ T5174] bridge0: port 2(bridge_slave_1) entered blocking state [ 648.198101][ T5174] bridge0: port 2(bridge_slave_1) entered forwarding state [ 648.276883][ T5174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 648.299678][ T5174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 649.481704][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 649.500922][ T5119] Bluetooth: hci4: command tx timeout [ 649.586514][ T5177] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 649.608967][ T5177] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 650.194357][T15321] loop5: detected capacity change from 0 to 32768 [ 650.270788][T12541] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.373284][T15321] bcachefs (loop5): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 651.422507][T15321] bcachefs (loop5): recovering from clean shutdown, journal seq 10 [ 651.455163][T15230] chnl_net:caif_netlink_parms(): no params data found [ 651.466978][T15321] bcachefs (loop5): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR [ 651.498396][T15321] bcachefs (loop5): bch2_fs_recovery(): error EINTR [ 651.519558][T15321] bcachefs (loop5): bch2_fs_start(): error starting filesystem EINTR [ 651.550356][T15321] bcachefs (loop5): shutting down [ 651.598771][T12541] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.637941][T15357] loop3: detected capacity change from 0 to 4096 [ 651.640024][T15321] bcachefs (loop5): shutdown complete [ 651.735245][ T5119] Bluetooth: hci4: command tx timeout [ 652.003846][T15367] input: syz0 as /devices/virtual/input/input29 [ 652.066393][T15366] overlayfs: invalid origin (000000790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 652.194627][T12541] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.513353][T12541] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 652.573065][T15377] loop3: detected capacity change from 0 to 512 [ 652.610664][T15377] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 652.711908][T15377] EXT4-fs (loop3): 1 truncate cleaned up [ 652.743939][T15377] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 652.768651][T15230] bridge0: port 1(bridge_slave_0) entered blocking state [ 652.802044][T15230] bridge0: port 1(bridge_slave_0) entered disabled state [ 652.832752][T15230] bridge_slave_0: entered allmulticast mode [ 652.848915][T15230] bridge_slave_0: entered promiscuous mode [ 652.864419][T15230] bridge0: port 2(bridge_slave_1) entered blocking state [ 652.877086][T15230] bridge0: port 2(bridge_slave_1) entered disabled state [ 652.888125][T15230] bridge_slave_1: entered allmulticast mode [ 652.911118][T15230] bridge_slave_1: entered promiscuous mode [ 653.047517][T14856] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 653.064581][T15095] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 653.379701][T15230] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 653.418466][T15230] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 653.533502][T12541] bridge_slave_1: left allmulticast mode [ 653.539227][T12541] bridge_slave_1: left promiscuous mode [ 653.595278][T12541] bridge0: port 2(bridge_slave_1) entered disabled state [ 653.654782][T12541] bridge_slave_0: left allmulticast mode [ 653.678083][T12541] bridge_slave_0: left promiscuous mode [ 653.698365][T12541] bridge0: port 1(bridge_slave_0) entered disabled state [ 653.719395][T15402] input: syz0 as /devices/virtual/input/input30 [ 654.304568][T15393] loop3: detected capacity change from 0 to 32768 [ 654.628763][T15393] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=crc64,background_compression=zstd,str_hash=crc32c,nojournal_transaction_names [ 654.663805][T15393] bcachefs (loop3): recovering from clean shutdown, journal seq 8 [ 654.755286][T15393] bcachefs (loop3): alloc_read... done [ 654.761335][T15393] bcachefs (loop3): stripes_read... done [ 654.767185][T15393] bcachefs (loop3): snapshots_read... done [ 654.823177][T15393] bcachefs (loop3): journal_replay... done [ 654.857661][T15393] bcachefs (loop3): resume_logged_ops... done [ 654.874169][T15393] bcachefs (loop3): going read-write [ 654.944124][T15393] bcachefs (loop3): done starting filesystem [ 655.040115][ T29] audit: type=1800 audit(1717489016.296:1122): pid=15393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=4102 res=0 errno=0 [ 655.086453][T12541] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 655.103461][ T29] audit: type=1800 audit(1717489016.351:1123): pid=15393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=4102 res=0 errno=0 [ 655.156026][T12541] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 655.184066][ T29] audit: type=1804 audit(1717489016.360:1124): pid=15393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2214843637/syzkaller.pQAv1t/4/bus/bus" dev="loop3" ino=4102 res=1 errno=0 [ 655.249532][T12541] bond0 (unregistering): Released all slaves [ 655.426554][T14856] bcachefs (loop3): shutting down [ 655.439835][T14856] bcachefs (loop3): going read-only [ 655.492166][T14856] bcachefs (loop3): finished waiting for writes to stop [ 655.511135][T15230] team0: Port device team_slave_0 added [ 655.527526][T15230] team0: Port device team_slave_1 added [ 655.548919][T14856] bcachefs (loop3): flushing journal and stopping allocators, journal seq 10 [ 655.655008][T14856] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 12 [ 655.669437][T15436] xt_l2tp: missing protocol rule (udp|l2tpip) [ 655.706023][T14856] bcachefs (loop3): shutdown complete, journal seq 13 [ 655.760667][T14856] bcachefs (loop3): marking filesystem clean [ 655.769685][T15230] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 655.794537][T15230] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 655.835542][T15230] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 655.867245][T15230] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 655.880700][T15230] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 655.910116][T14856] bcachefs (loop3): shutdown complete [ 655.967514][T15230] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 656.203496][T15095] veth0_vlan: entered promiscuous mode [ 656.318102][T12541] hsr_slave_0: left promiscuous mode [ 656.331249][T12541] hsr_slave_1: left promiscuous mode [ 656.343325][T12541] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 656.362424][T12541] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 656.381421][T12541] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 656.397805][T12541] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 656.467024][T12541] veth1_macvtap: left promiscuous mode [ 656.473574][T12541] veth0_macvtap: left promiscuous mode [ 656.523370][T12541] veth1_vlan: left promiscuous mode [ 656.544000][T12541] veth0_vlan: left promiscuous mode [ 656.772021][T15453] loop4: detected capacity change from 0 to 512 [ 656.847144][T15453] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 656.899764][T15453] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 1 (level 1) [ 656.935920][ T5124] Bluetooth: hci6: command 0x0406 tx timeout [ 656.965354][T15453] EXT4-fs (loop4): 1 truncate cleaned up [ 657.020323][T15453] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 657.232790][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 657.808404][T15470] [U] ^R [ 658.493966][T12541] team0 (unregistering): Port device team_slave_1 removed [ 658.577518][T12541] team0 (unregistering): Port device team_slave_0 removed [ 658.879307][T15486] loop4: detected capacity change from 0 to 512 [ 658.957316][T15486] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt. [ 658.983790][T15486] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 1 (level 1) [ 659.030898][T15486] EXT4-fs (loop4): 1 truncate cleaned up [ 659.066955][T15486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 659.142232][T15495] overlayfs: invalid origin (000000790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 659.194588][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 659.394353][T15497] loop4: detected capacity change from 0 to 256 [ 659.476949][ T29] audit: type=1804 audit(1717489020.403:1125): pid=15497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1103801858/syzkaller.c0VUIr/199/file1/bus" dev="loop4" ino=1048830 res=1 errno=0 [ 659.559398][ T29] audit: type=1804 audit(1717489020.449:1126): pid=15497 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1103801858/syzkaller.c0VUIr/199/file1/bus" dev="loop4" ino=1048830 res=1 errno=0 [ 660.129715][T15230] hsr_slave_0: entered promiscuous mode [ 660.233768][T15511] netlink: 'syz-executor.5': attribute type 3 has an invalid length. [ 660.267750][T15230] hsr_slave_1: entered promiscuous mode [ 660.350496][T15230] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 660.412508][T15230] Cannot create hsr debugfs directory [ 660.419932][T15515] [U] ^R [ 661.551051][T15095] veth1_vlan: entered promiscuous mode [ 661.625136][T15525] overlayfs: invalid origin (000000790000000000000000000000000000000000000000000000000000000000000000000000000000000000000000) [ 661.821891][ T2801] tipc: Subscription rejected, illegal request [ 661.847450][T15095] veth0_macvtap: entered promiscuous mode [ 661.923826][T15095] veth1_macvtap: entered promiscuous mode [ 662.102242][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.136382][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.156811][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.167325][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.200113][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.210627][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.231709][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.242708][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.255082][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 662.267979][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.301455][T15095] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 662.312636][T15543] netlink: 116 bytes leftover after parsing attributes in process `syz-executor.3'. [ 662.424996][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.480998][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.515785][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.527036][T15549] input: syz1 as /devices/virtual/input/input31 [ 662.546907][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.556839][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.603519][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.630831][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.666413][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.684042][T15554] loop4: detected capacity change from 0 to 256 [ 662.722749][T15095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 662.764214][T15095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 662.793263][T15095] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 662.976649][T15095] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.003078][T15095] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.021412][T15095] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.049735][T15095] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 663.082317][ T29] audit: type=1326 audit(1717489023.726:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.201254][T15571] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. [ 663.219508][ T29] audit: type=1326 audit(1717489023.726:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.260763][ T29] audit: type=1326 audit(1717489023.753:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.287226][ T29] audit: type=1326 audit(1717489023.753:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.354682][ T29] audit: type=1326 audit(1717489023.772:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.389060][ T29] audit: type=1326 audit(1717489023.772:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.619582][ T29] audit: type=1326 audit(1717489023.772:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.860421][ T29] audit: type=1326 audit(1717489023.772:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 663.918650][ T5174] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.004601][ T5174] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 664.044106][ T29] audit: type=1326 audit(1717489023.772:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15567 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2c667cf69 code=0x7ffc0000 [ 664.219092][T15623] netlink: 'syz-executor.2': attribute type 2 has an invalid length. [ 664.277293][T15626] dccp_invalid_packet: pskb_may_pull failed [ 664.329462][ T5173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 664.360374][ T5173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 664.685706][T15230] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 664.721821][T15230] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 664.765450][T15230] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 664.819261][T15230] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 665.264029][T15644] EXT4-fs (sda1): re-mounted 5941fea2-f5fa-4b4e-b5ef-9af118b27b95 r/w. Quota mode: none. [ 665.277538][T15649] loop1: detected capacity change from 0 to 4096 [ 665.300771][T15649] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 665.375317][T15230] 8021q: adding VLAN 0 to HW filter on device bond0 [ 665.465704][T15230] 8021q: adding VLAN 0 to HW filter on device team0 [ 665.487977][T15664] dccp_invalid_packet: pskb_may_pull failed [ 665.579770][ T5136] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.587053][ T5136] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.650962][T15649] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 665.671298][T15649] ntfs3: loop1: Failed to load $BadClus (-22). [ 665.683569][ T5136] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.690796][ T5136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 666.685984][T15673] netlink: 209852 bytes leftover after parsing attributes in process `syz-executor.5'. [ 666.735360][T15673] openvswitch: netlink: Multiple metadata blocks provided [ 667.065771][T15688] fuse: Bad value for 'fd' [ 667.109208][ T29] audit: type=1804 audit(1717489027.436:1136): pid=15688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2755392220/syzkaller.r8TFCA/345/file0" dev="sda1" ino=1962 res=1 errno=0 [ 667.329394][T15701] loop1: detected capacity change from 0 to 1024 [ 667.385818][T15701] EXT4-fs: Ignoring removed orlov option [ 667.392761][T15706] dccp_invalid_packet: pskb_may_pull failed [ 667.421503][T15701] EXT4-fs (loop1): Test dummy encryption mode enabled [ 667.515335][T15230] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 667.590333][T15701] EXT4-fs (loop1): stripe (7) is not aligned with cluster size (16), stripe is disabled [ 667.694420][T15701] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 668.730517][T15705] syzkaller0: entered promiscuous mode [ 668.742634][T15705] syzkaller0: entered allmulticast mode [ 668.752970][T15713] loop5: detected capacity change from 0 to 4096 [ 668.791037][T15713] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512). [ 668.849317][T15701] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 668.881139][T15713] ntfs3: loop5: Mark volume as dirty due to NTFS errors [ 668.937433][T15720] loop4: detected capacity change from 0 to 8192 [ 668.982428][T15701] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback. [ 669.205982][T15611] ntfs3: loop5: ino=5, ntfs3_write_inode failed, -22. [ 669.272803][T15095] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 669.326240][T15095] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.1: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 669.516375][ T29] audit: type=1800 audit(1717489029.670:1137): pid=15740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="bus" dev="sda1" ino=1966 res=0 errno=0 [ 669.577270][ T29] audit: type=1804 audit(1717489029.716:1138): pid=15736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir911500426/syzkaller.71n3sw/301/file0" dev="sda1" ino=1958 res=1 errno=0 [ 671.019519][T15743] loop5: detected capacity change from 0 to 32768 [ 674.047016][T15230] veth0_vlan: entered promiscuous mode [ 674.085242][T15230] veth1_vlan: entered promiscuous mode [ 674.174779][T15095] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.484540][T15611] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.765353][T15230] veth0_macvtap: entered promiscuous mode [ 674.916338][T15611] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 674.999950][T15784] loop3: detected capacity change from 0 to 2048 [ 675.042293][T15230] veth1_macvtap: entered promiscuous mode [ 675.108156][T15784] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 675.156331][T15784] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 675.242962][T15611] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 675.466116][T15611] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 675.672642][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.702517][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.741323][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.752662][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.771653][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.782644][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.804609][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.816908][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.834607][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.849778][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.866551][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 675.881826][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.912181][T15230] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 675.931916][T15797] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 675.953587][T15768] loop5: detected capacity change from 0 to 40427 [ 675.985903][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.011578][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.030758][T15768] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12 [ 676.049983][T15768] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock [ 676.072361][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.108667][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.142532][T15768] F2FS-fs (loop5): Found nat_bits in checkpoint [ 676.156311][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.213074][ T5124] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 676.227575][ T5124] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 676.239309][ T5124] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 676.246854][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.268515][ T5124] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 676.277019][ T5124] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 676.284620][ T5124] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 676.308849][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.355913][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.393017][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.419459][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.429590][T15230] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 676.431713][T15768] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0 [ 676.451141][T15230] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 676.467622][T15230] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 676.481763][T15230] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.490673][T15230] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.500468][T15230] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.524290][T15230] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 676.541477][T15768] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 677.114226][T15611] bridge_slave_1: left allmulticast mode [ 677.141657][T15611] bridge_slave_1: left promiscuous mode [ 677.147504][T15611] bridge0: port 2(bridge_slave_1) entered disabled state [ 677.187077][T15611] bridge_slave_0: left allmulticast mode [ 677.202194][T15611] bridge_slave_0: left promiscuous mode [ 677.215278][T15611] bridge0: port 1(bridge_slave_0) entered disabled state [ 677.309596][T15828] loop3: detected capacity change from 0 to 2048 [ 677.360601][T15828] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found! [ 677.391296][T15828] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 677.474981][ T782] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 677.551403][T15831] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 677.682435][ T782] usb 5-1: Using ep0 maxpacket: 32 [ 677.699792][ T782] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 677.725265][ T782] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 677.754966][ T782] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 677.775548][ T782] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 677.808107][ T782] hub 5-1:4.0: USB hub found [ 677.820739][ T29] audit: type=1804 audit(1717489037.331:1139): pid=15835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir2755392220/syzkaller.r8TFCA/358/file0" dev="sda1" ino=1956 res=1 errno=0 [ 678.034903][ T782] hub 5-1:4.0: 7 ports detected [ 678.041938][ T782] hub 5-1:4.0: insufficient power available to use all downstream ports [ 678.255416][ T782] hub 5-1:4.0: hub_hub_status failed (err = -71) [ 678.275663][ T782] hub 5-1:4.0: config failed, can't get hub status (err -71) [ 678.366113][ T782] usb 5-1: USB disconnect, device number 11 [ 678.548675][ T5124] Bluetooth: hci1: command tx timeout [ 678.626458][ T5217] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 679.656662][ T5217] usb 4-1: Using ep0 maxpacket: 32 [ 679.712584][ T5217] usb 4-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice=81.8a [ 679.730537][ T5217] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 679.762719][ T5217] usb 4-1: Product: syz [ 679.818631][ T5217] usb 4-1: config 0 descriptor?? [ 679.833299][T15611] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 679.835727][ T5217] gspca_main: STV06xx-2.14.0 probing 046d:08f6 [ 679.855591][ T5217] gspca_stv06xx: st6422 sensor detected [ 679.864378][T15611] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 679.887070][T15611] bond0 (unregistering): Released all slaves [ 680.035176][T15613] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 680.043059][T15613] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 680.184502][ T5217] STV06xx 4-1:0.0: probe with driver STV06xx failed with error -71 [ 680.202634][ T5217] usb 4-1: USB disconnect, device number 8 [ 680.385987][T15881] loop5: detected capacity change from 0 to 64 [ 680.537451][T15884] netlink: 'syz-executor.4': attribute type 15 has an invalid length. [ 680.615809][T15616] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 680.650945][T15616] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 680.770883][ T5124] Bluetooth: hci1: command tx timeout [ 680.820728][T15803] chnl_net:caif_netlink_parms(): no params data found [ 681.850740][T15611] hsr_slave_0: left promiscuous mode [ 681.899421][T15611] hsr_slave_1: left promiscuous mode [ 681.919301][T15905] loop5: detected capacity change from 0 to 64 [ 681.972675][T15611] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 681.980187][T15611] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 682.010059][T15611] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 682.043136][T15611] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 682.054565][T15910] loop4: detected capacity change from 0 to 256 [ 682.078867][T15910] exfat: Deprecated parameter 'namecase' [ 682.113886][T15910] exfat: Deprecated parameter 'utf8' [ 682.127235][T15910] exfat: Deprecated parameter 'namecase' [ 682.151052][T15611] veth1_macvtap: left promiscuous mode [ 682.156687][T15611] veth0_macvtap: left promiscuous mode [ 682.189906][T15611] veth1_vlan: left promiscuous mode [ 682.195337][T15611] veth0_vlan: left promiscuous mode [ 682.197037][T15910] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d) [ 682.542251][T15925] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 682.600585][T15925] CIFS mount error: No usable UNC path provided in device string! [ 682.600585][T15925] [ 682.631974][T15925] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 683.024366][ T5124] Bluetooth: hci1: command tx timeout [ 683.086481][T15943] loop3: detected capacity change from 0 to 64 [ 683.346845][T15948] loop4: detected capacity change from 0 to 64 [ 683.529166][T15920] loop0: detected capacity change from 0 to 32768 [ 683.548214][T15920] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (15920) [ 683.586288][T15920] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 683.597061][T15920] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 683.652006][T15920] BTRFS info (device loop0): using free-space-tree [ 683.945807][T15920] BTRFS info (device loop0): rebuilding free space tree [ 683.972403][T15920] BTRFS info (device loop0): checking UUID tree [ 685.203118][T15230] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 685.289301][ T5124] Bluetooth: hci1: command tx timeout [ 686.048033][T15611] team0 (unregistering): Port device team_slave_1 removed [ 686.212066][T15611] team0 (unregistering): Port device team_slave_0 removed [ 686.767038][T16000] loop5: detected capacity change from 0 to 4096 [ 686.781205][T16000] ntfs3: loop5: Different NTFS sector size (4096) and media sector size (512). [ 686.853684][T16000] ntfs3: loop5: failed to convert "c46c" to default [ 687.102666][T16003] loop5: detected capacity change from 0 to 64 [ 687.706413][ T5119] Bluetooth: hci1: command 0x0405 tx timeout [ 688.313056][T15803] bridge0: port 1(bridge_slave_0) entered blocking state [ 688.320301][T15803] bridge0: port 1(bridge_slave_0) entered disabled state [ 688.363903][T15803] bridge_slave_0: entered allmulticast mode [ 688.408354][T15803] bridge_slave_0: entered promiscuous mode [ 688.444553][T15803] bridge0: port 2(bridge_slave_1) entered blocking state [ 688.476888][T15803] bridge0: port 2(bridge_slave_1) entered disabled state [ 688.500338][T15803] bridge_slave_1: entered allmulticast mode [ 688.523409][T15803] bridge_slave_1: entered promiscuous mode [ 688.649107][T16039] netlink: 'syz-executor.5': attribute type 10 has an invalid length. [ 688.779243][T15803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 688.839542][T15803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 689.000949][ T8] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 689.068122][T15803] team0: Port device team_slave_0 added [ 689.145393][T16052] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.5'. [ 689.171548][T15803] team0: Port device team_slave_1 added [ 689.243254][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 689.265229][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice=81.8a [ 689.274361][ T8] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 689.302316][ T8] usb 4-1: Product: syz [ 689.314322][ T8] usb 4-1: config 0 descriptor?? [ 689.343704][ T8] gspca_main: STV06xx-2.14.0 probing 046d:08f6 [ 689.350038][ T8] gspca_stv06xx: st6422 sensor detected [ 689.386496][T15803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 689.409858][T15803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 689.454327][T16058] xt_TCPMSS: Only works on TCP SYN packets [ 689.466731][T15803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 689.506807][T15803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 689.522976][T15803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 689.568590][T16029] loop0: detected capacity change from 0 to 32768 [ 689.571827][T15803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 689.665569][ T8] STV06xx 4-1:0.0: probe with driver STV06xx failed with error -71 [ 689.712407][ T8] usb 4-1: USB disconnect, device number 9 [ 689.783801][T15803] hsr_slave_0: entered promiscuous mode [ 689.794596][T15803] hsr_slave_1: entered promiscuous mode [ 689.801695][T15803] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 689.810286][T15803] Cannot create hsr debugfs directory [ 689.958608][ T5119] Bluetooth: hci1: command 0x0405 tx timeout [ 690.527385][T16081] 9pnet_fd: Insufficient options for proto=fd [ 690.630932][T16086] xt_TCPMSS: Only works on TCP SYN packets [ 690.930523][T16099] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 690.958454][T16101] loop0: detected capacity change from 0 to 1024 [ 691.172870][T15608] hfsplus: b-tree write err: -5, ino 4 [ 691.280776][T15803] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 691.306662][T16113] loop3: detected capacity change from 0 to 256 [ 691.320726][T16111] loop4: detected capacity change from 0 to 1024 [ 691.328524][T16109] loop5: detected capacity change from 0 to 2048 [ 691.332148][T15803] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 691.361123][T15803] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 691.385230][T16109] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 691.406352][T15803] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 691.521172][T16113] FAT-fs (loop3): Directory bread(block 64) failed [ 691.574580][T15611] hfsplus: b-tree write err: -5, ino 4 [ 691.582755][T16113] FAT-fs (loop3): Directory bread(block 65) failed [ 691.589426][T16113] FAT-fs (loop3): Directory bread(block 66) failed [ 691.590134][T15803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 691.625933][T16113] FAT-fs (loop3): Directory bread(block 67) failed [ 691.643566][T16113] FAT-fs (loop3): Directory bread(block 68) failed [ 691.662722][T16113] FAT-fs (loop3): Directory bread(block 69) failed [ 691.680618][T15803] 8021q: adding VLAN 0 to HW filter on device team0 [ 691.697967][T16113] FAT-fs (loop3): Directory bread(block 70) failed [ 691.705670][ T5217] bridge0: port 1(bridge_slave_0) entered blocking state [ 691.712945][ T5217] bridge0: port 1(bridge_slave_0) entered forwarding state [ 691.720518][T16113] FAT-fs (loop3): Directory bread(block 71) failed [ 691.746510][T16113] FAT-fs (loop3): Directory bread(block 72) failed [ 691.773677][T16113] FAT-fs (loop3): Directory bread(block 73) failed [ 691.794946][ T5217] bridge0: port 2(bridge_slave_1) entered blocking state [ 691.802202][ T5217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 692.031063][T16113] syz-executor.3: attempt to access beyond end of device [ 692.031063][T16113] loop3: rw=2049, sector=1352, nr_sectors = 128 limit=256 [ 692.036918][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 692.109112][T16125] syz-executor.3: attempt to access beyond end of device [ 692.109112][T16125] loop3: rw=2049, sector=1352, nr_sectors = 8 limit=256 [ 692.201861][T16125] syz-executor.3: attempt to access beyond end of device [ 692.201861][T16125] loop3: rw=2049, sector=1360, nr_sectors = 4 limit=256 [ 692.249079][T16125] Buffer I/O error on dev loop3, logical block 340, lost async page write [ 692.395776][T16112] syz-executor.3: attempt to access beyond end of device [ 692.395776][T16112] loop3: rw=2049, sector=1224, nr_sectors = 128 limit=256 [ 692.438050][T16133] xt_TCPMSS: Only works on TCP SYN packets [ 692.515655][T15803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 692.610645][ T29] audit: type=1800 audit(1717489050.973:1140): pid=16135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1961 res=0 errno=0 [ 692.736234][T15803] veth0_vlan: entered promiscuous mode [ 692.790244][T15803] veth1_vlan: entered promiscuous mode [ 692.968432][T15803] veth0_macvtap: entered promiscuous mode [ 693.025940][T15803] veth1_macvtap: entered promiscuous mode [ 693.045715][T11155] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 693.051057][T16145] loop0: detected capacity change from 0 to 1024 [ 693.131012][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.156976][T16149] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.4'. [ 693.174344][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.201622][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.238737][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.261859][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.272368][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.285611][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.297414][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.328494][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.343736][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.353828][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 693.364445][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.382580][T15606] hfsplus: b-tree write err: -5, ino 4 [ 693.410941][T15803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 693.472799][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.517760][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.570239][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.597131][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.608179][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.627207][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.644509][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.669993][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.683274][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.700583][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.715212][T15803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 693.749567][T15803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 693.764332][T15803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 693.803882][T16165] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 693.857405][T16172] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. [ 693.890857][T16172] netlink: 'syz-executor.0': attribute type 15 has an invalid length. [ 693.973110][ C0] TCP: request_sock_TCP: Possible SYN flooding on port [::ffff:0.0.0.0]:20002. Sending cookies. [ 694.022608][T15803] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 694.047196][T15803] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 694.071076][T15803] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 694.115657][T15803] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 694.463235][T15600] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 694.475405][T15600] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 694.539778][T16196] loop4: detected capacity change from 0 to 1024 [ 694.572161][ T5136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 694.585307][ T5136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 694.695966][T15600] hfsplus: b-tree write err: -5, ino 4 [ 695.384936][ T29] audit: type=1800 audit(1717489053.539:1141): pid=16227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="sda1" ino=1962 res=0 errno=0 [ 695.463519][ T29] audit: type=1800 audit(1717489053.566:1142): pid=16228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.1" name="file0" dev="sda1" ino=1964 res=0 errno=0 [ 695.757884][T16232] loop4: detected capacity change from 0 to 4096 [ 695.824506][T16232] ntfs3: loop4: Failed to load $MFT. [ 695.932729][T16250] loop0: detected capacity change from 0 to 1024 [ 696.135108][T15611] hfsplus: b-tree write err: -5, ino 4 [ 696.262471][ T29] audit: type=1800 audit(1717489054.351:1143): pid=16263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1948 res=0 errno=0 [ 696.869295][ T29] audit: type=1804 audit(1717489054.905:1144): pid=16284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3629696712/syzkaller.LqbibZ/8/file0/bus/bus" dev="overlay" ino=10 res=1 errno=0 [ 697.381655][ T29] audit: type=1800 audit(1717489055.385:1145): pid=16300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.5" name="file0" dev="sda1" ino=1951 res=0 errno=0 [ 697.519183][T16253] loop3: detected capacity change from 0 to 40427 [ 697.581839][T16253] F2FS-fs (loop3): invalid crc value [ 697.645396][T16276] loop4: detected capacity change from 0 to 32768 [ 697.662347][T16253] F2FS-fs (loop3): Found nat_bits in checkpoint [ 697.681178][T16276] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (16276) [ 697.732877][T16276] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 697.754844][T16276] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 697.757696][T16312] loop1: detected capacity change from 0 to 8 [ 697.779350][T16276] BTRFS info (device loop4): using free-space-tree [ 697.922330][T16253] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 698.000078][T16253] syz-executor.3: attempt to access beyond end of device [ 698.000078][T16253] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 698.020320][T16253] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 698.030991][T16253] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 698.249234][ T9002] usb 2-1: new high-speed USB device number 14 using dummy_hcd [ 698.397100][T12378] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 698.457504][ T9002] usb 2-1: config 0 has an invalid interface number: 18 but max is 0 [ 698.474499][ T9002] usb 2-1: config 0 has no interface number 0 [ 698.505978][ T9002] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 698.541101][T16339] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 698.570816][ T9002] usb 2-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 698.574430][T16339] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 698.593302][ T9002] usb 2-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10 [ 698.605067][ T9002] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0 [ 698.628827][ T9002] usb 2-1: Manufacturer: syz [ 698.664639][T16339] A link change request failed with some changes committed already. Interface batadv_slave_0 may have been left with an inconsistent configuration, please check. [ 698.685490][ T9002] usb 2-1: config 0 descriptor?? [ 699.053715][T16348] 9pnet_virtio: no channels available for device [ 699.283962][ T9002] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.18/0003:054C:03D5.000A/input/input34 [ 699.421193][ T9002] sony 0003:054C:03D5.000A: input,hidraw0: USB HID v0.00 Joystick [syz] on usb-dummy_hcd.1-1/input18 [ 699.475328][ T9002] usb 2-1: USB disconnect, device number 14 [ 699.702468][T16367] tmpfs: Bad value for 'mpol' [ 700.005659][T16377] misc userio: Invalid payload size [ 700.240887][T16385] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 700.860545][T16407] loop3: detected capacity change from 0 to 47 [ 700.970660][T16402] loop1: detected capacity change from 0 to 32768 [ 701.010691][T16402] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (16402) [ 701.018870][T16368] loop5: detected capacity change from 0 to 40427 [ 701.064846][T16402] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 701.075208][T16402] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 701.083683][T16402] BTRFS info (device loop1): using free-space-tree [ 701.093467][ T8] libceph: connect (1)[c::]:6789 error -101 [ 701.103095][T16368] F2FS-fs (loop5): invalid crc value [ 701.103242][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 701.124018][T16415] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.4'. [ 701.164154][T16368] F2FS-fs (loop5): Found nat_bits in checkpoint [ 701.393449][T16442] fuse: Bad value for 'fd' [ 701.413328][ T8] libceph: connect (1)[c::]:6789 error -101 [ 701.414398][ T29] audit: type=1804 audit(1717489059.104:1146): pid=16442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/root/syzkaller-testdir2755392220/syzkaller.r8TFCA/429/file0" dev="sda1" ino=1978 res=1 errno=0 [ 701.428305][ T8] libceph: mon0 (1)[c::]:6789 connect error [ 701.454897][T16368] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4 [ 701.586824][T16368] syz-executor.5: attempt to access beyond end of device [ 701.586824][T16368] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 701.617405][T15803] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 701.628040][T16368] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 701.680517][T16368] F2FS-fs (loop5): Stopped filesystem due to reason: 3 [ 701.773972][T16407] ceph: No mds server is up or the cluster is laggy [ 702.334175][T16457] misc userio: Invalid payload size [ 703.119028][T16450] loop4: detected capacity change from 0 to 32768 [ 703.231094][T16450] ERROR: (device loop4): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1 [ 703.231094][T16450] [ 703.277402][T16450] ERROR: (device loop4): remounting filesystem as read-only [ 703.338998][T16482] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 703.409264][T16486] loop5: detected capacity change from 0 to 512 [ 703.454268][T16486] EXT4-fs: test_dummy_encryption requires encrypt feature [ 703.973424][T16498] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.4'. [ 704.075225][T16500] loop3: detected capacity change from 0 to 1024 [ 704.234523][T16500] hfsplus: b-tree write err: -5, ino 3 [ 704.622891][T16488] loop1: detected capacity change from 0 to 32768 [ 704.710109][T16488] ialloc: diAlloc returned -5! [ 705.361750][T16532] netlink: 'syz-executor.1': attribute type 1 has an invalid length. [ 705.399663][T16532] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 705.736547][T16515] loop3: detected capacity change from 0 to 32768 [ 705.795632][T16515] ERROR: (device loop3): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1 [ 705.795632][T16515] [ 705.846708][T16515] ERROR: (device loop3): remounting filesystem as read-only [ 705.868138][T16542] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 706.416055][T16534] loop5: detected capacity change from 0 to 32768 [ 706.445920][T16534] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz-executor.5 (16534) [ 706.469747][ T29] audit: type=1326 audit(1717489063.766:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16549 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f89a9e7cf69 code=0x0 [ 706.514954][T16534] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 706.529676][T16554] loop1: detected capacity change from 0 to 16 [ 706.536732][T16534] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm [ 706.547084][T16534] BTRFS info (device loop5): using free-space-tree [ 706.564783][T16554] erofs: (device loop1): mounted with root inode @ nid 36. [ 706.754652][T16534] BTRFS info (device loop5): rebuilding free space tree [ 706.980359][T11155] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 707.538359][T16590] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.2'. [ 708.400005][T16579] loop3: detected capacity change from 0 to 40427 [ 708.400350][T16602] 9pnet_virtio: no channels available for device [ 708.440753][T16579] F2FS-fs (loop3): invalid crc value [ 708.502453][T16579] F2FS-fs (loop3): Found nat_bits in checkpoint [ 708.735699][T16579] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 708.758051][T16591] loop1: detected capacity change from 0 to 32768 [ 708.813909][T16579] syz-executor.3: attempt to access beyond end of device [ 708.813909][T16579] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 708.830230][T16579] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 708.837991][T16579] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 708.918365][T16591] ERROR: (device loop1): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1 [ 708.918365][T16591] [ 708.972753][T16591] ERROR: (device loop1): remounting filesystem as read-only [ 709.517163][T16625] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 710.388283][T16649] loop5: detected capacity change from 0 to 64 [ 711.843456][T16664] loop1: detected capacity change from 0 to 2048 [ 711.898637][T16664] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 712.025655][T16664] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 712.117044][T15803] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 712.329385][T16682] loop3: detected capacity change from 0 to 16 [ 712.351505][T16682] erofs: (device loop3): mounted with root inode @ nid 36. [ 712.542277][T16694] loop4: detected capacity change from 0 to 1024 [ 712.704568][T16694] hfsplus: b-tree write err: -5, ino 3 [ 712.965346][T16711] tmpfs: Bad value for 'mpol' [ 712.973121][T16707] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 713.137489][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 713.156417][T16716] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 713.178014][T16716] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 713.205838][T16716] block nbd0: Unsupported socket: shutdown callout must be supported. [ 713.458979][T16729] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.5'. [ 713.884233][T16753] loop1: detected capacity change from 0 to 256 [ 713.939653][T16751] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'. [ 713.953496][T16755] loop4: detected capacity change from 0 to 164 [ 714.045545][T16755] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 714.320771][T16771] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 714.933802][T16792] loop5: detected capacity change from 0 to 64 [ 715.045842][T16797] loop3: detected capacity change from 0 to 256 [ 715.073650][T16792] overlayfs: upper fs needs to support d_type. [ 715.268627][T16792] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 715.275981][T16792] overlayfs: failed to set xattr on upper [ 715.309567][T16792] overlayfs: ...falling back to redirect_dir=nofollow. [ 715.318870][T16792] overlayfs: ...falling back to index=off. [ 715.330929][T16792] overlayfs: ...falling back to uuid=null. [ 715.461022][T16808] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'. [ 715.702824][ T1243] ieee802154 phy0 wpan0: encryption failed: -22 [ 716.617649][T16842] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. [ 716.655205][T16844] loop4: detected capacity change from 0 to 256 [ 716.894238][T11155] Trying to free block not in datazone [ 716.910429][T11155] Trying to free block not in datazone [ 716.919695][T11155] Trying to free block not in datazone [ 716.932907][T11155] Trying to free block not in datazone [ 716.940788][T11155] Trying to free block not in datazone [ 716.946489][T11155] minix_free_block (loop5:6): bit already cleared [ 716.954899][T11155] Trying to free block not in datazone [ 716.967517][T11155] Trying to free block not in datazone [ 717.365597][T16871] loop4: detected capacity change from 0 to 1024 [ 717.409607][T16871] EXT4-fs: Ignoring removed nomblk_io_submit option [ 717.501634][T16871] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 718.662277][T16871] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 718.788522][T16887] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: none. [ 718.912309][T12378] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 719.105239][T16906] loop3: detected capacity change from 0 to 256 [ 719.152156][T16906] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 719.651697][T16931] loop3: detected capacity change from 0 to 256 [ 719.675504][T16931] exfat: Deprecated parameter 'namecase' [ 719.689412][T16931] exfat: Deprecated parameter 'namecase' [ 719.709411][T16931] exfat: Deprecated parameter 'namecase' [ 719.713967][T16929] loop5: detected capacity change from 0 to 4096 [ 719.744871][T16931] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 719.744922][T16929] ntfs3: Bad value for 'umask' [ 719.925744][T16939] loop1: detected capacity change from 0 to 64 [ 720.212406][T16929] loop5: detected capacity change from 0 to 2048 [ 720.466318][T16929] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 721.488136][T16961] loop5: detected capacity change from 0 to 2048 [ 721.604553][ T5136] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 721.827242][ T5136] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 721.860162][ T5136] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 895 [ 721.897010][ T5136] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0 [ 721.906882][ T5136] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0 [ 721.954091][ T5136] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice= 0.00 [ 721.968489][ T5136] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 721.983330][ T5136] usb 5-1: SerialNumber: syz [ 722.001503][ T5136] usb 5-1: config 0 descriptor?? [ 722.023809][T16954] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 722.071179][ C1] port100 5-1:0.0: NFC: Urb failure (status -71) [ 722.106690][ T5136] port100 5-1:0.0: NFC: Could not get supported command types [ 722.367102][ T5136] usb 5-1: USB disconnect, device number 12 [ 723.002934][T17000] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 723.011587][T17000] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 723.077545][T17000] netlink: 'syz-executor.1': attribute type 29 has an invalid length. [ 723.144145][T17006] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'gid' [ 723.144145][T17006] [ 723.573754][T16986] loop5: detected capacity change from 0 to 32768 [ 723.701484][T16986] XFS (loop5): DAX unsupported by block device. Turning off DAX. [ 723.718488][T16986] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 725.112052][T16986] XFS (loop5): Ending clean mount [ 725.144216][T16986] XFS (loop5): Quotacheck needed: Please wait. [ 725.151797][T17039] loop1: detected capacity change from 0 to 256 [ 725.373243][T16986] XFS (loop5): Quotacheck: Done. [ 725.388137][T17049] hugetlbfs: Bad value '0x00000000ffffffff' for mount option 'gid' [ 725.388137][T17049] [ 725.553596][T11155] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 725.864193][ C1] vkms_vblank_simulate: vblank timer overrun [ 726.070882][T17078] loop4: detected capacity change from 0 to 2048 [ 726.663355][T17108] loop1: detected capacity change from 0 to 256 [ 726.696163][T17108] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 727.253777][T17123] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.2'. [ 727.994196][T17162] loop5: detected capacity change from 0 to 16 [ 728.087583][T17162] erofs: (device loop5): EXPERIMENTAL EROFS subpage compressed block support in use. Use at your own risk! [ 728.126921][T17162] erofs: (device loop5): mounted with root inode @ nid 36. [ 728.172780][T17162] syz-executor.5: attempt to access beyond end of device [ 728.172780][T17162] loop5: rw=0, sector=131157, nr_sectors = 32 limit=16 [ 729.176827][T17196] loop1: detected capacity change from 0 to 2048 [ 729.340784][T17206] loop5: detected capacity change from 0 to 16 [ 729.390450][T17206] erofs: (device loop5): mounted with root inode @ nid 36. [ 729.431764][T17206] syz-executor.5: attempt to access beyond end of device [ 729.431764][T17206] loop5: rw=0, sector=131157, nr_sectors = 32 limit=16 [ 729.571232][ T9002] ================================================================== [ 729.579460][ T9002] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x8b/0x270 [ 729.587217][ T9002] Write of size 4 at addr ffff888025bc6080 by task kworker/0:8/9002 [ 729.595216][ T9002] [ 729.597551][ T9002] CPU: 0 PID: 9002 Comm: kworker/0:8 Not tainted 6.10.0-rc2-syzkaller-00010-g2ab795141095 #0 [ 729.607720][ T9002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 729.617794][ T9002] Workqueue: events sco_sock_timeout [ 729.623121][ T9002] Call Trace: [ 729.626412][ T9002] [ 729.629353][ T9002] dump_stack_lvl+0x241/0x360 [ 729.634063][ T9002] ? __pfx_dump_stack_lvl+0x10/0x10 [ 729.639293][ T9002] ? __pfx__printk+0x10/0x10 [ 729.643913][ T9002] ? _printk+0xd5/0x120 [ 729.648095][ T9002] ? __virt_addr_valid+0x183/0x520 [ 729.653408][ T9002] ? srso_alias_return_thunk+0x5/0xfbef5 [ 729.659089][ T9002] print_report+0x169/0x550 [ 729.663622][ T9002] ? __virt_addr_valid+0x183/0x520 [ 729.668768][ T9002] ? srso_alias_return_thunk+0x5/0xfbef5 [ 729.674443][ T9002] ? __virt_addr_valid+0x44e/0x520 [ 729.679612][ T9002] ? srso_alias_return_thunk+0x5/0xfbef5 [ 729.685292][ T9002] ? __phys_addr+0xba/0x170 [ 729.689840][ T9002] ? sco_sock_timeout+0x8b/0x270 [ 729.694802][ T9002] kasan_report+0x143/0x180 [ 729.699340][ T9002] ? __pfx_lock_acquire+0x10/0x10 [ 729.704402][ T9002] ? sco_sock_timeout+0x8b/0x270 [ 729.709378][ T9002] kasan_check_range+0x282/0x290 [ 729.714446][ T9002] sco_sock_timeout+0x8b/0x270 [ 729.719231][ T9002] ? process_scheduled_works+0x945/0x1830 [ 729.724965][ T9002] process_scheduled_works+0xa2e/0x1830 [ 729.730627][ T9002] ? __pfx_process_scheduled_works+0x10/0x10 [ 729.736616][ T9002] ? assign_work+0x364/0x3d0 [ 729.741216][ T9002] worker_thread+0x86d/0xd70 [ 729.745820][ T9002] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 729.751729][ T9002] ? __kthread_parkme+0x169/0x1d0 [ 729.756763][ T9002] ? __pfx_worker_thread+0x10/0x10 [ 729.761883][ T9002] kthread+0x2f2/0x390 [ 729.765963][ T9002] ? __pfx_worker_thread+0x10/0x10 [ 729.771199][ T9002] ? __pfx_kthread+0x10/0x10 [ 729.775803][ T9002] ret_from_fork+0x4d/0x80 [ 729.780234][ T9002] ? __pfx_kthread+0x10/0x10 [ 729.784832][ T9002] ret_from_fork_asm+0x1a/0x30 [ 729.789619][ T9002] [ 729.792632][ T9002] [ 729.794950][ T9002] Allocated by task 16856: [ 729.799369][ T9002] kasan_save_track+0x3f/0x80 [ 729.804051][ T9002] __kasan_kmalloc+0x98/0xb0 [ 729.808651][ T9002] kmalloc_trace_noprof+0x19c/0x2c0 [ 729.813864][ T9002] do_check_common+0x190/0x1dd0 [ 729.818727][ T9002] bpf_check+0x14222/0x192f0 [ 729.823335][ T9002] bpf_prog_load+0x1667/0x20f0 [ 729.828102][ T9002] __sys_bpf+0x4ee/0x810 [ 729.832365][ T9002] __x64_sys_bpf+0x7c/0x90 [ 729.836792][ T9002] do_syscall_64+0xf3/0x230 [ 729.841300][ T9002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.847203][ T9002] [ 729.849522][ T9002] Freed by task 16856: [ 729.853581][ T9002] kasan_save_track+0x3f/0x80 [ 729.858259][ T9002] kasan_save_free_info+0x40/0x50 [ 729.863295][ T9002] poison_slab_object+0xe0/0x150 [ 729.868244][ T9002] __kasan_slab_free+0x37/0x60 [ 729.873014][ T9002] kfree+0x149/0x360 [ 729.876918][ T9002] free_verifier_state+0xde/0x240 [ 729.881956][ T9002] do_check_common+0x14f5/0x1dd0 [ 729.886947][ T9002] bpf_check+0x14222/0x192f0 [ 729.891546][ T9002] bpf_prog_load+0x1667/0x20f0 [ 729.896312][ T9002] __sys_bpf+0x4ee/0x810 [ 729.900573][ T9002] __x64_sys_bpf+0x7c/0x90 [ 729.905005][ T9002] do_syscall_64+0xf3/0x230 [ 729.909514][ T9002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.915414][ T9002] [ 729.917731][ T9002] The buggy address belongs to the object at ffff888025bc6000 [ 729.917731][ T9002] which belongs to the cache kmalloc-2k of size 2048 [ 729.931795][ T9002] The buggy address is located 128 bytes inside of [ 729.931795][ T9002] freed 2048-byte region [ffff888025bc6000, ffff888025bc6800) [ 729.945704][ T9002] [ 729.948118][ T9002] The buggy address belongs to the physical page: [ 729.954616][ T9002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25bc0 [ 729.963381][ T9002] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 729.971888][ T9002] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 729.979887][ T9002] page_type: 0xffffefff(slab) [ 729.984567][ T9002] raw: 00fff00000000040 ffff888015042000 0000000000000000 dead000000000001 [ 729.993153][ T9002] raw: 0000000000000000 0000000000080008 00000001ffffefff 0000000000000000 [ 730.001747][ T9002] head: 00fff00000000040 ffff888015042000 0000000000000000 dead000000000001 [ 730.010422][ T9002] head: 0000000000000000 0000000000080008 00000001ffffefff 0000000000000000 [ 730.019104][ T9002] head: 00fff00000000003 ffffea000096f001 ffffffffffffffff 0000000000000000 [ 730.027784][ T9002] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 730.036545][ T9002] page dumped because: kasan: bad access detected [ 730.042957][ T9002] page_owner tracks the page as allocated [ 730.048686][ T9002] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 10412, tgid 10412 (syz-executor.2), ts 372275740459, free_ts 371891779709 [ 730.071813][ T9002] post_alloc_hook+0x1f3/0x230 [ 730.076601][ T9002] get_page_from_freelist+0x2e2d/0x2ee0 [ 730.082179][ T9002] __alloc_pages_noprof+0x256/0x6c0 [ 730.087399][ T9002] alloc_slab_page+0x5f/0x120 [ 730.092088][ T9002] allocate_slab+0x5a/0x2e0 [ 730.096598][ T9002] ___slab_alloc+0xcd1/0x14b0 [ 730.101279][ T9002] __slab_alloc+0x58/0xa0 [ 730.105616][ T9002] kmalloc_node_track_caller_noprof+0x281/0x440 [ 730.111873][ T9002] kmalloc_reserve+0x111/0x2a0 [ 730.116653][ T9002] pskb_expand_head+0x202/0x1390 [ 730.121600][ T9002] netlink_trim+0x183/0x220 [ 730.126120][ T9002] netlink_broadcast_filtered+0x76/0x1290 [ 730.131856][ T9002] nlmsg_notify+0xfb/0x1c0 [ 730.136277][ T9002] rtnetlink_event+0x21d/0x260 [ 730.141051][ T9002] notifier_call_chain+0x1a1/0x3e0 [ 730.146171][ T9002] __netdev_upper_dev_link+0x4c3/0x670 [ 730.151640][ T9002] page last free pid 10431 tgid 10431 stack trace: [ 730.158138][ T9002] free_unref_page+0xd22/0xea0 [ 730.162927][ T9002] __put_partials+0xeb/0x130 [ 730.167545][ T9002] put_cpu_partial+0x17c/0x250 [ 730.172327][ T9002] __slab_free+0x2ea/0x3d0 [ 730.176844][ T9002] qlist_free_all+0x9e/0x140 [ 730.181448][ T9002] kasan_quarantine_reduce+0x14f/0x170 [ 730.186913][ T9002] __kasan_slab_alloc+0x23/0x80 [ 730.191771][ T9002] kmalloc_trace_noprof+0x132/0x2c0 [ 730.196987][ T9002] ref_tracker_alloc+0x14b/0x490 [ 730.201934][ T9002] register_netdevice+0x1408/0x19e0 [ 730.207752][ T9002] veth_newlink+0x628/0xcd0 [ 730.212272][ T9002] rtnl_newlink+0x1591/0x20a0 [ 730.216955][ T9002] rtnetlink_rcv_msg+0x89d/0x10d0 [ 730.222003][ T9002] netlink_rcv_skb+0x1e5/0x430 [ 730.226773][ T9002] netlink_unicast+0x7ec/0x980 [ 730.231554][ T9002] netlink_sendmsg+0x8db/0xcb0 [ 730.236334][ T9002] [ 730.238652][ T9002] Memory state around the buggy address: [ 730.244278][ T9002] ffff888025bc5f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 730.252355][ T9002] ffff888025bc6000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 730.260420][ T9002] >ffff888025bc6080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 730.268488][ T9002] ^ [ 730.272562][ T9002] ffff888025bc6100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 730.280629][ T9002] ffff888025bc6180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 730.288707][ T9002] ================================================================== [ 730.299550][ T9002] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 730.306787][ T9002] CPU: 0 PID: 9002 Comm: kworker/0:8 Not tainted 6.10.0-rc2-syzkaller-00010-g2ab795141095 #0 [ 730.316980][ T9002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 730.327056][ T9002] Workqueue: events sco_sock_timeout [ 730.332364][ T9002] Call Trace: [ 730.335646][ T9002] [ 730.338577][ T9002] dump_stack_lvl+0x241/0x360 [ 730.343267][ T9002] ? __pfx_dump_stack_lvl+0x10/0x10 [ 730.348473][ T9002] ? __pfx__printk+0x10/0x10 [ 730.353065][ T9002] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 730.359061][ T9002] ? srso_alias_return_thunk+0x5/0xfbef5 [ 730.364707][ T9002] ? vscnprintf+0x5d/0x90 [ 730.369052][ T9002] panic+0x349/0x860 [ 730.372961][ T9002] ? check_panic_on_warn+0x21/0xb0 [ 730.378086][ T9002] ? __pfx_panic+0x10/0x10 [ 730.382516][ T9002] ? _raw_spin_unlock_irqrestore+0xd8/0x140 [ 730.388440][ T9002] ? srso_alias_return_thunk+0x5/0xfbef5 [ 730.394125][ T9002] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 730.400032][ T9002] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 730.406377][ T9002] check_panic_on_warn+0x86/0xb0 [ 730.411332][ T9002] ? sco_sock_timeout+0x8b/0x270 [ 730.416378][ T9002] end_report+0x77/0x160 [ 730.420631][ T9002] kasan_report+0x154/0x180 [ 730.425142][ T9002] ? __pfx_lock_acquire+0x10/0x10 [ 730.430174][ T9002] ? sco_sock_timeout+0x8b/0x270 [ 730.435121][ T9002] kasan_check_range+0x282/0x290 [ 730.440071][ T9002] sco_sock_timeout+0x8b/0x270 [ 730.444843][ T9002] ? process_scheduled_works+0x945/0x1830 [ 730.450574][ T9002] process_scheduled_works+0xa2e/0x1830 [ 730.456170][ T9002] ? __pfx_process_scheduled_works+0x10/0x10 [ 730.462169][ T9002] ? assign_work+0x364/0x3d0 [ 730.466778][ T9002] worker_thread+0x86d/0xd70 [ 730.471400][ T9002] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 730.477312][ T9002] ? __kthread_parkme+0x169/0x1d0 [ 730.482361][ T9002] ? __pfx_worker_thread+0x10/0x10 [ 730.487576][ T9002] kthread+0x2f2/0x390 [ 730.491670][ T9002] ? __pfx_worker_thread+0x10/0x10 [ 730.496793][ T9002] ? __pfx_kthread+0x10/0x10 [ 730.501397][ T9002] ret_from_fork+0x4d/0x80 [ 730.505822][ T9002] ? __pfx_kthread+0x10/0x10 [ 730.510418][ T9002] ret_from_fork_asm+0x1a/0x30 [ 730.515207][ T9002] [ 730.518509][ T9002] Kernel Offset: disabled [ 730.522846][ T9002] Rebooting in 86400 seconds..