last executing test programs: 20.928655983s ago: executing program 1 (id=1021): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, 0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) syz_usb_connect(0x0, 0x17f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000b2c6d9400a1a0201b17a0102030109026d0101000000000904"], 0x0) 19.105873775s ago: executing program 1 (id=1030): r0 = socket$inet6(0x10, 0x3, 0x0) read(r0, &(0x7f0000000340)=""/254, 0xfe) sendto$inet6(r0, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0) r1 = socket(0x10, 0x80003, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={'sit0\x00'}) recvfrom$inet6(r0, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0x0) 18.51360718s ago: executing program 1 (id=1032): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r2 = fcntl$dupfd(r1, 0x406, r1) write$sndseq(r2, &(0x7f0000000200)=[{0x0, 0xff, 0x0, 0x0, @tick, {0x80}, {}, @quote={{0xf7}, 0x2}}, {0x20, 0x0, 0x0, 0x0, @time, {}, {0x1}, @ext={0x0, 0x0}}], 0x38) 17.93862673s ago: executing program 1 (id=1035): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x336) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) close(r0) 15.642159989s ago: executing program 4 (id=1040): sched_setscheduler(0x0, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x11000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r2, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) 14.762938951s ago: executing program 2 (id=1045): openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000740)='./bus\x00', 0x40000582) r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fallocate(r1, 0x0, 0x0, 0x1000f4) copy_file_range(r1, 0x0, r1, &(0x7f0000000080)=0x32, 0x1, 0x0) 14.435926397s ago: executing program 4 (id=1047): r0 = timerfd_create(0x9, 0x0) timerfd_settime(r0, 0x3, &(0x7f00000001c0)={{0x77359400}, {0x0, 0x989680}}, 0x0) timerfd_gettime(r0, 0x0) socket$packet(0x11, 0x2, 0x300) process_vm_readv(0x0, &(0x7f0000000140), 0x100000000000028b, 0x0, 0x12, 0x0) sendmsg$IEEE802154_SET_MACPARAMS(0xffffffffffffffff, 0x0, 0x3c2eca31b7461d1) 14.209643528s ago: executing program 0 (id=1048): socket$igmp6(0xa, 0x3, 0x2) r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x4, @random="a93db39a9d27", 'tunl0\x00'}}, 0x1e) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000100)=0x1) ioctl$PPPIOCCONNECT(r1, 0x7434, 0x0) 14.037859933s ago: executing program 2 (id=1050): syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/3\x00') read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "78e114100985a79874342a70e113343972d01f"}) write$UHID_INPUT(r0, &(0x7f00000043c0)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305dbd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32e7f50aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5f41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623d060000009d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46362e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f40200dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801de38416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b641a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x1000}}, 0x971) 14.013282589s ago: executing program 4 (id=1051): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000001240)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000900)="fe", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000640)="a6", 0x1}], 0x1}}], 0x2, 0x0) recvmmsg(r0, &(0x7f0000000680)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)=""/225, 0xe1}], 0x1}, 0x5f}], 0x1, 0x20000002, 0x0) 13.820858914s ago: executing program 0 (id=1052): r0 = socket$key(0xf, 0x3, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x28, &(0x7f00000004c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018", @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) recvmmsg(r0, &(0x7f0000000440), 0x6f5, 0x2000000022, &(0x7f0000000480)={0x77359400}) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0) r1 = epoll_create(0x80) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x10000000}) 13.578146471s ago: executing program 4 (id=1053): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x17, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, r1, 0x12}, 0x10) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_recovery\x00', 0x1, 0x0) sendfile(r3, r2, 0x0, 0x23b) 13.361809054s ago: executing program 0 (id=1056): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='tlb_flush\x00', r2}, 0x18) syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0) 13.202101936s ago: executing program 2 (id=1057): socket$vsock_stream(0x28, 0x1, 0x0) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x2e71, 0x0, 0x800000}, &(0x7f00000002c0)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r0, 0x11af, 0xdfd2, 0x1, 0x0, 0x0) 13.200939609s ago: executing program 4 (id=1058): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[], 0xa0}}, 0x0) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f00000000000000000a000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0) 12.430094437s ago: executing program 2 (id=1061): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000080), 0x4) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './bus'}, 0x9) 12.115588926s ago: executing program 2 (id=1062): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x17}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'bond_slave_1\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, r2, 0x25, 0x0, @void}, 0x10) r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r3, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc7, 0x0, 0x0, 0x0}, 0x40) 8.734075524s ago: executing program 1 (id=1065): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000540)=@v1={0x0, @adiantum, 0x4, @desc3}) openat$cgroup_ro(r1, &(0x7f0000000280)='blkio.bfq.io_service_time\x00', 0x275a, 0x0) 8.733815923s ago: executing program 4 (id=1066): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) 8.609235601s ago: executing program 2 (id=1068): syz_mount_image$hfsplus(&(0x7f00000003c0), &(0x7f0000000380)='./file1\x00', 0x10410, &(0x7f0000000540)=ANY=[], 0x11, 0x6a0, &(0x7f0000004200)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVRQIxI7VgrhkoAQClKFqnDgbDVOY8VJg+OitAfiAhJXDvwB5RAucAIhJCSkSOUMt4qbxakSEpee0h4YNLOz9trd9UvebMPnE80+zzPPzDO/+c3LvkTWBPi/delU2vfTyaVTr9+p2mv35pbW7s3d6NWTjCdpJe1ukeJmUnyYXEx3yheqmc1wxbDt/Grx/OWPPln7uNtqZ2O86qUzPMD2bvZitZkynWSkKR/BpvHefLjxxjeqxXpmqoSd7CUO9ttoknKTHx3f6BmkHOlrDL3egcOj6L5v9ule/1PJkSQTvTe01W5n6+lHuKM93YtWn1wcAAAAcGAcfXA3uZPJ/Y4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpPm+f9FM7V69ekUvef/j/U9Y39sn8MdbvvIJnqV+62nEQwAAAAAAAAAPFlfepDfXi7LyV67LOr/83+5bhyrX5/JO7mdhSzndO5kPitZyXJmk0z1DTR2Z35lZXm2t+ZnZVkOWfPswDXP7jLgzuPYawAAAAAAAAD4n3GhKX+aS5nc51gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCTIhnpFvV0rFefSqudZCLJWLXcavL3Xv0wu7/fAQAAAMBTcPRBHuROJnvtsqi/8x+vv/dP5J3czEoWs5KlLORK/VtA91t/a+3e3NLavbkb1fT5cb/17436HyZ3DKMeMd3fHgZv+US9RCdXs1jPOZ0383aWciWtes3KiV48g+N6v4qpuNBVlrtL0JWmrPb8l015MEzVGRldz8hME1uVjWe3z0T/0XmILc2mtf7Lz7E95PzCtlsp/tM7Jkd6c5Jnvrdzzkf3tDOPZGsmzvadfce3z0TylT/+7ofXlm5ev1asnjo4p9EejP9z46rZmom5vky8uOtMXL19ODOxVSsvrNcv5bv5QU5lOm9kOYv5ceazkoVM5zt1bb45n6vXqe0zdXFT642dohhrjsvIlpi+fLRbbhfTy/W6k1nM9/N2rmQhr9X/zmY2X8+5nMv5viP8wi6u+taAq/5Pw4M/+dWm0knyi6Y8GKq8PtuX1/577lTd1z+nlXK8u95zj+3euK79xaZSHYmfNeXBsJ6Jiay/S/Sie76XgdGBmfh1fVu5vXTz+vK1+Vtbxi1WB2/vlWze/T3dSEb2svBeVefLc9XBqlubz46q7/mBfbN137H1vtbWvt901vt2ulLHms9wnx/pbN334sC+ubrvRF/fxuetz8qy7H7eAuDAO/LqkbHOvzp/63zQ+XnnWuf1iW+Pf2P8pbGM/nX0m+2ZkVdaLxW/zwf5SXb+hg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzo9rvvXZ9fWlpY3lIpy/LukK4nUkk72TTnL3/uWyZJ/TCg3Q9YLX2xldRz2mkqewvs7sPtzvsPm4R/NMfkqST8sVQmhp4/WyuflmV5MGLeTaVsHJR4nkDl1bIst11mX29LwFNwZuXGrTO3333va4s35t9aeGvh5vlz587PnD/32tyZq4tLCzPd1/2OEngS+j6BAwAAAAAAAAAAAIfE7v44p3i0v+0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeASXTqV9P0VmZ07PVO21e3NL1dSrbyz5aZJWkmI6KT5MLqY7ZapvuGLYdlaTyx99svZxt9Vupnr51nbr7c5qM2U6yUhTDjAxaGZ5d9h4RT3OreHjbTFsL4r1viphJ3uJg/323wAAAP//H4wcFQ==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) unlinkat(r1, &(0x7f0000000280)='./file1\x00', 0x0) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc) dup3(r1, r0, 0x0) 8.122970396s ago: executing program 0 (id=1071): r0 = epoll_create1(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xb0000004}) 7.539348513s ago: executing program 1 (id=1074): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac14141008"], 0x48}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a8170088a8", 0x33fe0}], 0x1}, 0x0) 5.852202095s ago: executing program 3 (id=1076): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, 0x0) 4.262510566s ago: executing program 3 (id=1077): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r1}, 0x10) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r0) sendmsg$NFC_CMD_GET_SE(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x14, r3, 0xf15}, 0x14}}, 0x0) 3.994770233s ago: executing program 3 (id=1078): r0 = syz_io_uring_setup(0x2ddd, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x259b, &(0x7f0000000280), &(0x7f0000000040)=0x0, &(0x7f0000000180)) ioprio_set$pid(0x1, 0x0, 0x6000) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000008c0)=[{0x0}], 0x1) syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index}) io_uring_enter(r0, 0xa3d, 0x0, 0x0, 0x0, 0x0) 3.743367378s ago: executing program 3 (id=1079): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0) recvmmsg(r1, &(0x7f0000005d80)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000340)=""/4096, 0x34000}], 0x1}}], 0x1, 0x0, 0x0) 2.707478075s ago: executing program 3 (id=1080): bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000632000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000500)='inet_sock_set_state\x00', r0}, 0x10) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) 2.311494953s ago: executing program 3 (id=1081): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4d, 0xffffffff, 0x8, 0x3, 0xff, 0x0, 0x0, 0x0, 0x0, 0x4, [0x0, 0x0, 0x40000]}}) r1 = socket$kcm(0x10, 0x2, 0x0) socket$phonet_pipe(0x23, 0x5, 0x2) recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x2043, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0) 1.834292142s ago: executing program 0 (id=1083): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) close(r0) open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) io_setup(0x7f, &(0x7f0000000100)=0x0) r2 = fsopen(&(0x7f0000000040)='ramfs\x00', 0x0) io_submit(r1, 0x2, &(0x7f0000000380)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2, 0x0, r2, 0x0}]) 1.557356311s ago: executing program 5 (id=1084): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15) ioctl$UI_ABS_SETUP(r0, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) write$uinput_user_dev(r0, &(0x7f0000000800)={'syz1\x00'}, 0x45c) ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3) ioctl$UI_DEV_CREATE(r0, 0x5501) 1.517351676s ago: executing program 0 (id=1085): recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="7c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000540012800e000100697036677265746170000000400002800400120005000b000700000008000100", @ANYRES32, @ANYBLOB="05000800000000000800040000040000060011004e24000008000100", @ANYRES32, @ANYBLOB="060011004e24000008000300", @ANYRES32], 0x7c}, 0x1, 0x8}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.218384331s ago: executing program 5 (id=1086): r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140)=0x0) syz_io_uring_setup(0x24fa, &(0x7f0000000340), &(0x7f0000000440)=0x0, &(0x7f00000000c0)) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast1}, 0x1c) syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000000)=@un=@file={0x0, './file0\x00'}}) io_uring_enter(r1, 0x4d92, 0x0, 0x0, 0x0, 0x3c000000) 833.748605ms ago: executing program 5 (id=1087): r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000280)={0x0, 0x0, 0x10180, 0x3, 0xffffffff}, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB='\r', @ANYRES8=r2, @ANYRES64=r0], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 518.72673ms ago: executing program 5 (id=1088): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000140)=0xfff, 0x4) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0) 226.048259ms ago: executing program 5 (id=1089): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) prlimit64(0x0, 0x0, &(0x7f0000000140)={0x3, 0xffffffffffffffff}, 0x0) syz_clone3(&(0x7f0000000700)={0x2000a0080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0) syz_emit_ethernet(0x86, &(0x7f0000000280)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2b}}, {0x0, 0x883e, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x1, "b439b1b30195ab72ebcc5c569456a93dac9b409f715a8d47a9c8905344699e43", "30622f8dbeb5f78dd23059b73a2488c6", {"8a8c2d18ad385261345aa405b14785e5", "3245bb22bbb07238b7345170336c0430"}}}}}}}, 0x0) 0s ago: executing program 5 (id=1090): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, 0x0, {}, [@NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8}, @NL80211_ATTR_TXQ_QUANTUM={0x8}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0) kernel console output (not intermixed with test programs): ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.637" name=2F6E6577726F6F742F36362F66696C65312FA814F6F2377BCFC78E2E86368C138510A04CEDF7175AF8C2034FAE7413E3ACE8C71AB9A0AF1CA7042011A6ED028E205648535DABF3B2F85196AE18D36B839E3CD54AE4933AD529888FDAC7BB8A70C72BC0FC81BA06506F2D5BC7686E219BBE5283959CBEF9950E071CB6D9F341FC624A5110341F26CEBD71 dev="loop4" ino=26 res=1 errno=0 [ 251.254957][ T12] hfsplus: b-tree write err: -5, ino 4 [ 251.634599][ T53] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 251.960554][ T7860] veth0_macvtap: entered promiscuous mode [ 252.102685][ T4622] Bluetooth: hci0: command tx timeout [ 252.165039][ T8162] loop4: detected capacity change from 0 to 4096 [ 252.174019][ T8126] chnl_net:caif_netlink_parms(): no params data found [ 252.213654][ T7860] veth1_macvtap: entered promiscuous mode [ 252.427468][ T8168] Illegal XDP return value 1645855284 on prog (id 85) dev N/A, expect packet loss! [ 252.679569][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.705491][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.726985][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.737588][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.747614][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.758598][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.768929][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.779488][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.789434][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 252.799936][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 252.811743][ T7860] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 253.291054][ T8176] loop0: detected capacity change from 0 to 32768 [ 253.396656][ T29] audit: type=1800 audit(1729412278.881:201): pid=8176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.643" name="file1" dev="loop0" ino=4 res=0 errno=0 [ 253.446722][ T8180] netlink: 5312 bytes leftover after parsing attributes in process `syz.4.644'. [ 253.604771][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.621099][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.663116][ T8183] loop4: detected capacity change from 0 to 128 [ 253.669611][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.693683][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.720512][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.736487][ T8183] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 253.770982][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.783407][ T8183] syz.4.645: attempt to access beyond end of device [ 253.783407][ T8183] loop4: rw=2049, sector=2066843070, nr_sectors = 1 limit=128 [ 253.799166][ T8184] sysv_count_free_blocks: free block count was -2041545938, correcting to 0 [ 253.819348][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.845027][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.855435][ T8183] Buffer I/O error on dev loop4, logical block 2066843070, lost async page write [ 253.865130][ T7860] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 253.881315][ T8183] syz.4.645: attempt to access beyond end of device [ 253.881315][ T8183] loop4: rw=2049, sector=8767744, nr_sectors = 1 limit=128 [ 253.895233][ T7860] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 253.900177][ T8184] sysv_count_free_inodes: unable to read inode table [ 253.906900][ T7860] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 253.929570][ T8183] Buffer I/O error on dev loop4, logical block 8767744, lost async page write [ 253.977996][ T8183] syz.4.645: attempt to access beyond end of device [ 253.977996][ T8183] loop4: rw=2049, sector=13269809, nr_sectors = 1 limit=128 [ 254.006313][ T8183] Buffer I/O error on dev loop4, logical block 13269809, lost async page write [ 254.024003][ T7860] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.043008][ T7860] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.060748][ T8183] syz.4.645: attempt to access beyond end of device [ 254.060748][ T8183] loop4: rw=2049, sector=1157, nr_sectors = 1 limit=128 [ 254.087976][ T7860] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.099478][ T8183] Buffer I/O error on dev loop4, logical block 1157, lost async page write [ 254.108476][ T7860] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 254.117695][ T4622] Bluetooth: hci0: command tx timeout [ 254.125347][ T8183] syz.4.645: attempt to access beyond end of device [ 254.125347][ T8183] loop4: rw=2049, sector=3211264, nr_sectors = 1 limit=128 [ 254.145623][ T8183] Buffer I/O error on dev loop4, logical block 3211264, lost async page write [ 254.167043][ T8126] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.175367][ T8126] bridge0: port 1(bridge_slave_0) entered disabled state [ 254.183307][ T8126] bridge_slave_0: entered allmulticast mode [ 254.190557][ T8183] syz.4.645: attempt to access beyond end of device [ 254.190557][ T8183] loop4: rw=2049, sector=8768635, nr_sectors = 1 limit=128 [ 254.206793][ T8126] bridge_slave_0: entered promiscuous mode [ 254.217430][ T8126] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.224657][ T8183] Buffer I/O error on dev loop4, logical block 8768635, lost async page write [ 254.240954][ T8126] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.248204][ T8126] bridge_slave_1: entered allmulticast mode [ 254.270137][ T8126] bridge_slave_1: entered promiscuous mode [ 254.276702][ T8183] syz.4.645: attempt to access beyond end of device [ 254.276702][ T8183] loop4: rw=2049, sector=13466417, nr_sectors = 1 limit=128 [ 254.299769][ T8183] Buffer I/O error on dev loop4, logical block 13466417, lost async page write [ 254.308894][ T8183] syz.4.645: attempt to access beyond end of device [ 254.308894][ T8183] loop4: rw=2049, sector=209285, nr_sectors = 1 limit=128 [ 254.339807][ T8183] Buffer I/O error on dev loop4, logical block 209285, lost async page write [ 254.457183][ T6758] sysv_free_block: trying to free block not in datazone [ 254.479516][ T8174] loop2: detected capacity change from 0 to 32768 [ 254.507493][ T6758] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 254.519974][ T8174] XFS: ikeep mount option is deprecated. [ 254.564195][ T8174] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 254.641848][ T29] audit: type=1326 audit(1729412280.141:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 254.686124][ T29] audit: type=1326 audit(1729412280.141:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 254.800173][ T8174] XFS (loop2): Ending clean mount [ 254.847200][ T8174] XFS (loop2): Quotacheck needed: Please wait. [ 254.890889][ T29] audit: type=1326 audit(1729412280.141:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 254.932761][ T29] audit: type=1326 audit(1729412280.141:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 254.998498][ T29] audit: type=1326 audit(1729412280.141:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 255.033233][ T8174] XFS (loop2): Quotacheck: Done. [ 255.038315][ T29] audit: type=1326 audit(1729412280.141:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 255.072675][ T8202] loop0: detected capacity change from 0 to 16 [ 255.121647][ T53] bridge_slave_1: left allmulticast mode [ 255.150048][ T8202] erofs: (device loop0): mounted with root inode @ nid 36. [ 255.171434][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.177802][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.240099][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 255.311530][ T8203] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 255.381008][ T29] audit: type=1326 audit(1729412280.141:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 255.405501][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 255.440901][ T29] audit: type=1326 audit(1729412280.141:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 255.471803][ T8203] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 255.511275][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3604 @ nid 36 [ 255.531454][ T29] audit: type=1326 audit(1729412280.141:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8192 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7d79d7dff9 code=0x7ffc0000 [ 255.554457][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 255.585228][ T6762] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 255.747181][ T53] bridge_slave_1: left promiscuous mode [ 255.769267][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 255.874596][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3603 @ nid 36 [ 255.917465][ T53] bridge_slave_0: left allmulticast mode [ 255.938135][ T53] bridge_slave_0: left promiscuous mode [ 255.952361][ T8203] erofs: (device loop0): z_erofs_read_folio: read error -95 @ 8200 of nid 36 [ 255.971068][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 256.000270][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 256.072945][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3602 @ nid 36 [ 256.111083][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 256.162060][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3601 @ nid 36 [ 256.221121][ T4622] Bluetooth: hci0: command tx timeout [ 256.226617][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 256.343240][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3600 @ nid 36 [ 256.370044][ T8202] erofs: (device loop0): z_erofs_fill_inode_lazy: unknown HEAD1 format 4 for nid 36, please upgrade kernel [ 256.397141][ T8202] erofs: (device loop0): z_erofs_readahead: readahead error at folio 3599 @ nid 36 [ 256.660210][ T8205] loop4: detected capacity change from 0 to 32768 [ 256.791984][ T8205] ERROR: (device loop4): diWrite: ixpxd invalid [ 256.791984][ T8205] [ 256.803636][ T8205] ERROR: (device loop4): remounting filesystem as read-only [ 256.811042][ T8205] ERROR: (device loop4): txCommit: [ 256.811042][ T8205] [ 256.822301][ T8206] ERROR: (device loop4): dtSearch: stack overrun! [ 256.822301][ T8206] [ 256.847060][ T8206] ERROR: (device loop4): remounting filesystem as read-only [ 256.865555][ T8206] btstack dump: [ 256.869047][ T8206] bn = 0, index = 0 [ 256.879243][ T8206] bn = 2c, index = 0 [ 256.883748][ T8206] bn = 0, index = 0 [ 256.887581][ T8206] bn = 2c, index = 0 [ 256.906928][ T8206] bn = 0, index = 0 [ 256.910775][ T8206] bn = 2c, index = 0 [ 256.921017][ T8206] bn = 0, index = 0 [ 256.945920][ T8206] bn = 0, index = 0 [ 256.964101][ T8206] jfs_lookup: dtSearch returned -5 [ 257.136914][ T8205] ERROR: (device loop4): dtReadFirst: btstack overrun [ 257.136914][ T8205] [ 257.161313][ T8205] btstack dump: [ 257.166047][ T8205] bn = 0, index = 0 [ 257.177842][ T8205] bn = 2c, index = 0 [ 257.181827][ T8205] bn = 0, index = 0 [ 257.185652][ T8205] bn = 2c, index = 0 [ 257.189560][ T8205] bn = 0, index = 0 [ 257.193474][ T8205] bn = 2c, index = 0 [ 257.197392][ T8205] bn = 0, index = 0 [ 257.201301][ T8205] bn = 0, index = 0 [ 257.205128][ T8205] jfs_readdir: unexpected rc = -5 from dtReadNext [ 257.902237][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 257.961450][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 258.014517][ T53] bond0 (unregistering): Released all slaves [ 258.211098][ T53] tipc: Disabling bearer [ 258.221929][ T53] tipc: Left network mode [ 258.454136][ T8126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 258.469125][ T8126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 258.649690][ T8126] team0: Port device team_slave_0 added [ 258.707560][ T8126] team0: Port device team_slave_1 added [ 258.852928][ T8126] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 258.859916][ T8126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.016316][ T8213] loop4: detected capacity change from 0 to 32768 [ 259.270017][ T8211] loop2: detected capacity change from 0 to 40427 [ 259.311170][ T8126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.324164][ T8126] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 259.361803][ T8211] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x7 [ 259.372567][ T8126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.424665][ T8211] F2FS-fs (loop2): invalid crc value [ 259.466412][ T8211] F2FS-fs (loop2): Found nat_bits in checkpoint [ 259.483590][ T8126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.684980][ T8126] hsr_slave_0: entered promiscuous mode [ 259.703420][ T8126] hsr_slave_1: entered promiscuous mode [ 259.709722][ T8126] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.728835][ T8126] Cannot create hsr debugfs directory [ 259.762809][ T8211] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 259.836482][ T8213] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 259.918641][ T8215] loop0: detected capacity change from 0 to 32768 [ 260.152956][ T6762] syz-executor: attempt to access beyond end of device [ 260.152956][ T6762] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 260.177296][ T6762] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 260.344590][ T8213] XFS (loop4): Ending clean mount [ 260.475195][ T8213] XFS (loop4): Quotacheck needed: Please wait. [ 260.905450][ T8213] XFS (loop4): Quotacheck: Done. [ 260.957653][ T8215] XFS (loop0): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 260.977279][ T8215] workqueue: Failed to create a rescuer kthread for wq "xfs-cil/loop0": -EINTR [ 260.981508][ T8215] XFS (loop0): log mount failed [ 261.021266][ T6758] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 261.710236][ T53] hsr_slave_0: left promiscuous mode [ 261.749488][ T53] hsr_slave_1: left promiscuous mode [ 261.786106][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 261.823237][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 262.116512][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 262.130896][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 262.207196][ T8241] input: syz1 as /devices/virtual/input/input12 [ 262.257250][ T53] veth1_macvtap: left promiscuous mode [ 262.291983][ T53] veth0_macvtap: left promiscuous mode [ 262.329991][ T53] veth1_vlan: left promiscuous mode [ 262.371180][ T53] veth0_vlan: left promiscuous mode [ 262.570354][ T8248] loop2: detected capacity change from 0 to 128 [ 262.685251][ T8248] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 262.804187][ T8248] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 263.176461][ T6762] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 263.880263][ T29] kauditd_printk_skb: 3 callbacks suppressed [ 263.880285][ T29] audit: type=1326 audit(1729412289.381:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8266 comm="syz.2.666" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7cdd17dff9 code=0x0 [ 264.298730][ T53] team0 (unregistering): Port device team_slave_1 removed [ 264.412389][ T53] team0 (unregistering): Port device team_slave_0 removed [ 265.373355][ T8271] loop2: detected capacity change from 0 to 32768 [ 265.380598][ T8271] btrfs: Deprecated parameter 'usebackuproot' [ 265.416869][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 265.424841][ T8271] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 265.451696][ T8271] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.667 (8271) [ 265.470971][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 265.519015][ T8271] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 265.571597][ T8271] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 265.611146][ T8271] BTRFS info (device loop2): using free-space-tree [ 265.836089][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 265.873679][ T8285] loop0: detected capacity change from 0 to 2048 [ 265.880869][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 266.028269][ T7913] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 266.045171][ T7913] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 266.117307][ T8285] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 266.160735][ T2940] BTRFS warning (device loop2): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0 [ 266.194106][ T8285] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found [ 266.251161][ T8285] UDF-fs: Scanning with blocksize 512 failed [ 266.267739][ T8271] BTRFS warning (device loop2): couldn't read tree root [ 266.284840][ T8271] BTRFS warning (device loop2): try to load backup roots slot 1 [ 266.300328][ T7913] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 266.327177][ T8285] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 266.336981][ T2940] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0 [ 266.359658][ T8271] BTRFS warning (device loop2): couldn't read tree root [ 266.368668][ T8271] BTRFS warning (device loop2): try to load backup roots slot 2 [ 266.418240][ T12] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 266.438523][ T8271] BTRFS warning (device loop2): couldn't read tree root [ 266.455546][ T29] audit: type=1800 audit(1729412291.951:215): pid=8285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.669" name="file1" dev="loop0" ino=838 res=0 errno=0 [ 266.461505][ T8271] BTRFS warning (device loop2): try to load backup roots slot 3 [ 266.476941][ T29] audit: type=1804 audit(1729412291.951:216): pid=8285 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.669" name="/newroot/67/file0/file1" dev="loop0" ino=838 res=1 errno=0 [ 266.557262][ T8126] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 266.650408][ T8297] netlink: 4 bytes leftover after parsing attributes in process `syz.4.670'. [ 266.693811][ T8271] BTRFS info (device loop2): rebuilding free space tree [ 266.713129][ T8271] BTRFS info (device loop2): checking UUID tree [ 266.732081][ T8297] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.741109][ T8297] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.749819][ T8297] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.758816][ T8297] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 266.852767][ T8297] vxlan0: entered promiscuous mode [ 266.894906][ T7913] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 266.926118][ T29] audit: type=1804 audit(1729412292.431:217): pid=8271 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.667" name="/newroot/71/file1/bus" dev="loop2" ino=257 res=1 errno=0 [ 266.981655][ T8126] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 267.013421][ T8126] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 267.040577][ T29] audit: type=1804 audit(1729412292.541:218): pid=8314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.667" name="/newroot/71/file1/bus" dev="loop2" ino=257 res=1 errno=0 [ 267.109714][ T8126] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 267.369597][ T6762] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 267.573287][ T8126] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.613642][ T8126] 8021q: adding VLAN 0 to HW filter on device team0 [ 267.749134][ T8324] loop2: detected capacity change from 0 to 64 [ 267.773458][ T7913] 8021q: adding VLAN 0 to HW filter on device bond0 [ 267.824433][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 267.831668][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 267.913774][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 267.921006][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.043407][ T7913] 8021q: adding VLAN 0 to HW filter on device team0 [ 268.126167][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.133330][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 268.192708][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.199855][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.300050][ T8126] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 268.662734][ T8310] loop0: detected capacity change from 0 to 32768 [ 269.005539][ T8310] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 269.036921][ T7913] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.088261][ T8363] loop2: detected capacity change from 0 to 64 [ 269.133426][ T7913] veth0_vlan: entered promiscuous mode [ 269.146405][ T7913] veth1_vlan: entered promiscuous mode [ 269.229545][ T8365] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0 [ 269.299976][ T8310] XFS (loop0): Ending clean mount [ 269.333182][ T8126] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 269.360721][ T7913] veth0_macvtap: entered promiscuous mode [ 269.416058][ T8310] XFS (loop0): Quotacheck needed: Please wait. [ 269.501849][ T8379] loop4: detected capacity change from 0 to 512 [ 269.502080][ T8376] netlink: 'syz.5.680': attribute type 28 has an invalid length. [ 269.521235][ T8377] syz.2.678: attempt to access beyond end of device [ 269.521235][ T8377] loop2: rw=2049, sector=268435468, nr_sectors = 2 limit=64 [ 269.545949][ T7913] veth1_macvtap: entered promiscuous mode [ 269.595045][ T8376] netlink: 160 bytes leftover after parsing attributes in process `syz.5.680'. [ 269.655000][ T8379] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 269.658231][ T8126] veth0_vlan: entered promiscuous mode [ 269.673374][ T8310] XFS (loop0): Quotacheck: Done. [ 269.724994][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.769236][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.780126][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.791547][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.806166][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.817363][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.836536][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.858693][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.877419][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 269.889341][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 269.907940][ T7913] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 269.910548][ T6754] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 269.944648][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 269.960696][ T8379] loop4: detected capacity change from 512 to 64 [ 269.970988][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.038242][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.052460][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.070957][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.090882][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.110474][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.130872][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.140718][ T7913] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 270.218094][ T7913] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.285724][ T7913] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 270.297411][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.313609][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.331596][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.358462][ T8126] veth1_vlan: entered promiscuous mode [ 270.384582][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.384691][ T7913] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.402563][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.457647][ T7913] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.483873][ T7913] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.500527][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.513259][ T7913] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 270.538719][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.634317][ T8126] veth0_macvtap: entered promiscuous mode [ 270.670209][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.727517][ T8126] veth1_macvtap: entered promiscuous mode [ 270.733639][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.799119][ T6758] EXT4-fs warning (device loop4): ext4_empty_dir:3117: inode #11: lblock 1: comm syz-executor: error -12 reading directory block [ 270.885853][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 270.911712][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 270.953614][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.006906][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.071030][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.103230][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.133744][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.176214][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.187905][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.198854][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.210573][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 271.222020][ T8415] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 271.234399][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.278280][ T8126] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 271.311829][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.338066][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.369015][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.431414][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.487649][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.524809][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.560968][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.587777][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.618937][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.644688][ T8428] loop2: detected capacity change from 0 to 256 [ 271.651454][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.677422][ T8126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 271.720912][ T8126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 271.752590][ T8126] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 271.827946][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 271.871750][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 271.973956][ T8126] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 271.991045][ T8126] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.008208][ T8126] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.030308][ T8126] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 272.100263][ T6758] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 272.246705][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 272.276471][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 272.637981][ T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 272.701442][ T53] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 272.787059][ T8448] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 273.081204][ T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 273.149256][ T53] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.502078][ T5246] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 273.529091][ T5246] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 273.538540][ T5246] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 273.545894][ T53] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 273.545969][ T53] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.598514][ T5251] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 273.615744][ T5251] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 273.623499][ T5251] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 273.624448][ T5238] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 273.646819][ T5238] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 273.693611][ T5251] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 273.706205][ T5251] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 273.716453][ T5251] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 273.724242][ T5251] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 273.738440][ T8474] loop2: detected capacity change from 0 to 256 [ 273.771713][ T8472] loop1: detected capacity change from 0 to 2048 [ 273.836990][ T8472] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 273.872556][ T8472] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 273.960727][ T8476] loop0: detected capacity change from 0 to 1024 [ 274.091598][ T8474] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d) [ 274.130717][ T53] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 274.142022][ T53] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 274.278253][ T7913] UDF-fs: warning (device loop1): udf_evict_inode: Inode 1367 (mode 120777) has inode size 4 different from extent length 512. Filesystem need not be standards compliant. [ 274.367112][ T8476] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 274.708399][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.730725][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.867720][ T8481] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 275.040332][ T53] bridge_slave_1: left allmulticast mode [ 275.055304][ T53] bridge_slave_1: left promiscuous mode [ 275.066146][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 275.092985][ T53] bridge_slave_0: left allmulticast mode [ 275.098759][ T53] bridge_slave_0: left promiscuous mode [ 275.119140][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 275.386016][ T6754] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 275.790990][ T55] Bluetooth: hci1: command tx timeout [ 276.111124][ T55] Bluetooth: hci3: command tx timeout [ 277.797193][ T5246] Bluetooth: hci6: command 0x0406 tx timeout [ 277.810933][ T5251] Bluetooth: hci10: command 0x0406 tx timeout [ 277.817049][ T5251] Bluetooth: hci9: command 0x0406 tx timeout [ 277.940919][ T5238] Bluetooth: hci1: command tx timeout [ 278.197711][ T5238] Bluetooth: hci3: command tx timeout [ 278.664079][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 278.743288][ T8490] loop2: detected capacity change from 0 to 40427 [ 278.784989][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 278.861935][ T53] bond0 (unregistering): Released all slaves [ 279.970928][ T5238] Bluetooth: hci1: command tx timeout [ 280.290650][ T5238] Bluetooth: hci3: command tx timeout [ 280.454022][ T8490] F2FS-fs (loop2): Unable to read 1th superblock [ 280.460657][ T8490] F2FS-fs (loop2): Unable to read 2th superblock [ 280.889388][ T53] hsr_slave_0: left promiscuous mode [ 281.034942][ T53] hsr_slave_1: left promiscuous mode [ 281.048996][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 281.059478][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 281.077825][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 281.094235][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 281.122712][ T53] veth1_macvtap: left promiscuous mode [ 281.128337][ T53] veth0_macvtap: left promiscuous mode [ 281.134088][ T53] veth1_vlan: left promiscuous mode [ 281.139441][ T53] veth0_vlan: left promiscuous mode [ 282.036218][ T5238] Bluetooth: hci1: command tx timeout [ 282.351757][ T5238] Bluetooth: hci3: command tx timeout [ 282.399994][ T53] team0 (unregistering): Port device team_slave_1 removed [ 282.499434][ T53] team0 (unregistering): Port device team_slave_0 removed [ 282.550931][ T5293] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 282.714407][ T5293] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 282.723975][ T5293] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 282.732517][ T5293] usb 2-1: Product: syz [ 282.736898][ T5293] usb 2-1: Manufacturer: syz [ 282.741948][ T5293] usb 2-1: SerialNumber: syz [ 282.752196][ T5293] usb 2-1: config 0 descriptor?? [ 282.997632][ T5293] usb 2-1: USB disconnect, device number 7 [ 283.341186][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 283.360360][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 283.520143][ T8533] loop0: detected capacity change from 0 to 256 [ 283.788472][ T1107] kworker/u8:8: attempt to access beyond end of device [ 283.788472][ T1107] loop0: rw=1, sector=256, nr_sectors = 12 limit=256 [ 283.841604][ T8540] loop3: detected capacity change from 0 to 256 [ 283.997166][ T8462] chnl_net:caif_netlink_parms(): no params data found [ 284.051074][ T1107] kworker/u8:8: attempt to access beyond end of device [ 284.051074][ T1107] loop0: rw=1, sector=288, nr_sectors = 16 limit=256 [ 284.585509][ T8550] loop2: detected capacity change from 0 to 256 [ 284.729402][ T8557] overlayfs: missing 'lowerdir' [ 284.912389][ T8464] chnl_net:caif_netlink_parms(): no params data found [ 285.155637][ T8566] loop1: detected capacity change from 0 to 128 [ 285.177743][ T8567] input: syz1 as /devices/virtual/input/input13 [ 285.298988][ T8566] VFS: Found a Xenix FS (block size = 512) on device loop1 [ 285.734808][ T8574] loop2: detected capacity change from 0 to 2048 [ 285.859173][ T7913] sysv_free_block: trying to free block not in datazone [ 285.901219][ T7913] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 286.031446][ T8581] dccp_invalid_packet: pskb_may_pull failed [ 286.079259][ T8577] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 286.310935][ T8574] loop2: detected capacity change from 2048 to 0 [ 286.715718][ C1] I/O error, dev loop2, sector 84 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 286.725629][ T8587] NILFS (loop2): I/O error reading meta-data file (ino=3, block-offset=0) [ 286.742269][ T8464] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.791183][ T8464] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.798478][ T8464] bridge_slave_0: entered allmulticast mode [ 286.840636][ T8464] bridge_slave_0: entered promiscuous mode [ 286.910536][ T8462] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.970918][ T8462] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.993298][ T6762] syz-executor: attempt to access beyond end of device [ 286.993298][ T6762] loop2: rw=0, sector=92, nr_sectors = 2 limit=0 [ 287.031244][ T8462] bridge_slave_0: entered allmulticast mode [ 287.054281][ T8462] bridge_slave_0: entered promiscuous mode [ 287.080776][ T6762] NILFS (loop2): I/O error reading meta-data file (ino=3, block-offset=130) [ 287.123566][ T8462] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.133167][ T6762] syz-executor: attempt to access beyond end of device [ 287.133167][ T6762] loop2: rw=0, sector=92, nr_sectors = 2 limit=0 [ 287.188545][ T8462] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.209517][ T5335] libceph: connect (1)[c::]:6789 error -101 [ 287.244364][ T5335] libceph: mon0 (1)[c::]:6789 connect error [ 287.252913][ T8462] bridge_slave_1: entered allmulticast mode [ 287.265260][ T6762] NILFS (loop2): I/O error reading meta-data file (ino=3, block-offset=130) [ 287.274191][ T6762] NILFS error (device loop2): nilfs_readdir: bad page in #12 [ 287.282637][ T6762] syz-executor: attempt to access beyond end of device [ 287.282637][ T6762] loop2: rw=395265, sector=2040, nr_sectors = 2 limit=0 [ 287.296673][ T6762] Buffer I/O error on dev loop2, logical block 1020, lost sync page write [ 287.305321][ T6762] NILFS (loop2): unable to write superblock: err=-5 [ 287.312257][ T8462] bridge_slave_1: entered promiscuous mode [ 287.320920][ T6762] syz-executor: attempt to access beyond end of device [ 287.320920][ T6762] loop2: rw=395265, sector=2, nr_sectors = 2 limit=0 [ 287.389908][ T8590] ceph: No mds server is up or the cluster is laggy [ 287.482224][ T5335] libceph: connect (1)[c::]:6789 error -101 [ 287.488310][ T5335] libceph: mon0 (1)[c::]:6789 connect error [ 287.520655][ T6762] Buffer I/O error on dev loop2, logical block 1, lost sync page write [ 287.547515][ T8586] loop0: detected capacity change from 0 to 32768 [ 287.557547][ T6762] NILFS (loop2): unable to write superblock: err=-5 [ 287.614065][ T6762] Remounting filesystem read-only [ 287.817781][ T53] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 287.862172][ T8464] bridge0: port 2(bridge_slave_1) entered blocking state [ 287.873270][ T6762] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer [ 287.904798][ T8464] bridge0: port 2(bridge_slave_1) entered disabled state [ 287.954949][ T8464] bridge_slave_1: entered allmulticast mode [ 288.033567][ T8464] bridge_slave_1: entered promiscuous mode [ 288.149226][ T8586] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 288.650460][ T8464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.685885][ T8462] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 288.707898][ T8464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.886192][ T8462] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 288.897703][ T8586] XFS (loop0): Ending clean mount [ 288.975603][ T8586] XFS (loop0): Quotacheck needed: Please wait. [ 289.242492][ T8633] loop1: detected capacity change from 0 to 1024 [ 289.287276][ T8586] XFS (loop0): Quotacheck: Done. [ 289.546327][ T8464] team0: Port device team_slave_0 added [ 289.601910][ T6754] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 289.733216][ T8462] team0: Port device team_slave_0 added [ 290.135511][ T8464] team0: Port device team_slave_1 added [ 290.176851][ T8462] team0: Port device team_slave_1 added [ 290.513056][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 290.559664][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 290.767871][ T8464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 290.901572][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 290.949157][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.087919][ T8620] loop2: detected capacity change from 0 to 40427 [ 291.142973][ T8462] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 291.171365][ T8620] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 291.228048][ T8620] F2FS-fs (loop2): Image doesn't support compression [ 291.276530][ T8462] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.288693][ T8620] F2FS-fs (loop2): Image doesn't support compression [ 291.341053][ T8462] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.385425][ T8620] F2FS-fs (loop2): invalid crc value [ 291.440411][ T8620] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4) [ 291.532528][ T8462] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 291.615760][ T8464] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 291.654215][ T8464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 291.712782][ T8631] loop3: detected capacity change from 0 to 32768 [ 291.776617][ T8631] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.743 (8631) [ 291.866964][ T8464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 292.003963][ T8642] Zero length message leads to an empty skb [ 292.746354][ T8464] hsr_slave_0: entered promiscuous mode [ 292.922580][ T8464] hsr_slave_1: entered promiscuous mode [ 293.050955][ T8464] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.058744][ T8464] Cannot create hsr debugfs directory [ 293.101509][ T8668] input: syz0 as /devices/virtual/input/input14 [ 293.203780][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 293.321096][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.335526][ T53] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.371323][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.381439][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 293.410095][ T8462] hsr_slave_0: entered promiscuous mode [ 293.418406][ T8462] hsr_slave_1: entered promiscuous mode [ 293.421268][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.432809][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.435050][ T8662] delete_channel: no stack [ 293.561270][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 293.810976][ T8462] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 293.822021][ T8462] Cannot create hsr debugfs directory [ 293.894175][ T8678] loop1: detected capacity change from 0 to 32768 [ 294.352097][ T8678] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.754 (8678) [ 294.461784][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.761'. [ 294.834243][ T8696] loop3: detected capacity change from 0 to 256 [ 294.977549][ T53] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 295.330230][ T8696] FAT-fs (loop3): IO charset cpush not found [ 295.370645][ T8696] smb3: Unexpected value for 'acl' [ 295.621338][ T8699] netlink: 4272 bytes leftover after parsing attributes in process `syz.3.763'. [ 295.630494][ T8699] netlink: 'syz.3.763': attribute type 3 has an invalid length. [ 295.691427][ T8699] netlink: 113 bytes leftover after parsing attributes in process `syz.3.763'. [ 295.940725][ T8685] loop0: detected capacity change from 0 to 32768 [ 296.143260][ T8685] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 296.355850][ T53] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 296.761424][ T6754] ocfs2: Unmounting device (7,0) on (node local) [ 297.302943][ T53] bridge_slave_1: left allmulticast mode [ 297.324285][ T53] bridge_slave_1: left promiscuous mode [ 297.330152][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.438190][ T53] bridge_slave_0: left allmulticast mode [ 297.481112][ T53] bridge_slave_0: left promiscuous mode [ 297.522015][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.669752][ T8720] loop0: detected capacity change from 0 to 1024 [ 297.801272][ T8720] hfsplus: request for non-existent node 2048 in B*Tree [ 297.808921][ T8720] hfsplus: request for non-existent node 2048 in B*Tree [ 298.748003][ T8715] loop3: detected capacity change from 0 to 32768 [ 298.864528][ T8715] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 299.197334][ T8721] loop2: detected capacity change from 0 to 32768 [ 299.282596][ T8126] ocfs2: Unmounting device (7,3) on (node local) [ 299.571378][ T8726] ERROR: (device loop2): dbAlloc: the hint is outside the map [ 299.571378][ T8726] [ 299.631591][ T8726] ERROR: (device loop2): remounting filesystem as read-only [ 299.677043][ T8726] ERROR: (device loop2): diWrite: ixpxd invalid [ 299.677043][ T8726] [ 299.741070][ T8726] ERROR: (device loop2): txCommit: [ 299.741070][ T8726] [ 300.165372][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 300.202418][ T8678] BTRFS error (device loop1): open_ctree failed [ 300.231056][ T8721] loop0: detected capacity change from 1024 to 895 [ 300.249563][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 300.321696][ T53] bond0 (unregistering): Released all slaves [ 300.539650][ T53] IPVS: stopping backup sync thread 8365 ... [ 301.179375][ T8728] loop3: detected capacity change from 0 to 32768 [ 301.214604][ T8728] XFS: noikeep mount option is deprecated. [ 301.304509][ T8728] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 301.481526][ T8728] XFS (loop3): Ending clean mount [ 301.571785][ T8728] XFS (loop3): Quotacheck needed: Please wait. [ 301.677019][ T8732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.775'. [ 301.733535][ T8732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.775'. [ 301.742646][ T8728] XFS (loop3): Quotacheck: Done. [ 301.852592][ T29] audit: type=1800 audit(1729412327.351:219): pid=8728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.773" name="bus" dev="loop3" ino=4426 res=0 errno=0 [ 302.130097][ T8126] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd [ 302.651136][ T53] hsr_slave_0: left promiscuous mode [ 302.679847][ T53] hsr_slave_1: left promiscuous mode [ 302.693066][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 302.721126][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 302.739664][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 302.763322][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 302.848444][ T8] kworker/0:0: attempt to access beyond end of device [ 302.848444][ T8] loop0: rw=2049, sector=1022, nr_sectors = 1 limit=895 [ 302.877183][ T53] veth1_macvtap: left promiscuous mode [ 302.903264][ T53] veth0_macvtap: left promiscuous mode [ 302.923457][ T53] veth1_vlan: left promiscuous mode [ 302.935512][ T8] hfsplus: delayed sync fs err -5 [ 302.950382][ T53] veth0_vlan: left promiscuous mode [ 303.848206][ T8755] loop1: detected capacity change from 0 to 512 [ 303.903134][ T8755] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 303.958177][ T8755] EXT4-fs (loop1): 1 truncate cleaned up [ 303.988715][ T8755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 304.860658][ T53] team0 (unregistering): Port device team_slave_1 removed [ 304.982871][ T53] team0 (unregistering): Port device team_slave_0 removed [ 306.398604][ T8759] loop3: detected capacity change from 0 to 32768 [ 306.474289][ T8759] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode. [ 306.641063][ T29] audit: type=1800 audit(1729412332.141:220): pid=8762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.778" name="bus" dev="loop3" ino=17059 res=0 errno=0 [ 306.773649][ T8759] syz.3.778 (8759) used greatest stack depth: 17240 bytes left [ 306.948478][ T8126] ocfs2: Unmounting device (7,3) on (node local) [ 307.612437][ T8765] input: syz0 as /devices/virtual/input/input15 [ 307.763052][ T5251] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 307.773341][ T5251] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 307.782267][ T5251] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 307.790218][ T5251] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 307.798347][ T5251] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 307.805734][ T5251] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 308.070068][ T7913] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 308.228269][ T8462] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 308.335541][ T8462] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 308.752778][ T8462] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 308.816797][ T8462] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 309.874741][ T5251] Bluetooth: hci2: command tx timeout [ 309.960059][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 309.973345][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 309.981924][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 309.990447][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 310.000703][ T5238] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 310.009494][ T5238] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 310.141157][ T53] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.484562][ T8462] 8021q: adding VLAN 0 to HW filter on device bond0 [ 310.511765][ T8784] loop3: detected capacity change from 0 to 1024 [ 310.566712][ T8784] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869) [ 310.630027][ T8784] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 310.682209][ T8784] EXT4-fs error (device loop3): ext4_get_journal_inode:5762: inode #32: comm syz.3.791: iget: special inode unallocated [ 310.703874][ T53] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.730291][ T8784] EXT4-fs (loop3): no journal found [ 310.773829][ T8784] EXT4-fs (loop3): can't get journal size [ 310.809514][ T8784] EXT4-fs error (device loop3): ext4_protect_reserved_inode:160: inode #32: comm syz.3.791: iget: special inode unallocated [ 310.908639][ T8784] EXT4-fs (loop3): failed to initialize system zone (-117) [ 310.960084][ T8784] EXT4-fs (loop3): mount failed [ 311.229704][ T53] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.319504][ T8793] loop3: detected capacity change from 0 to 512 [ 311.458978][ T8464] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 311.529477][ T8462] 8021q: adding VLAN 0 to HW filter on device team0 [ 311.544868][ T81] bridge0: port 1(bridge_slave_0) entered blocking state [ 311.552074][ T81] bridge0: port 1(bridge_slave_0) entered forwarding state [ 311.595787][ T8793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 311.636375][ T8800] loop2: detected capacity change from 0 to 2048 [ 311.650382][ T53] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.669975][ T8793] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 311.694816][ T8800] Alternate GPT is invalid, using primary GPT. [ 311.717428][ T8464] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 311.721124][ T8800] loop2: p1 p2 p3 [ 311.752768][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 311.759921][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 311.837155][ T8766] chnl_net:caif_netlink_parms(): no params data found [ 311.952318][ T5251] Bluetooth: hci2: command tx timeout [ 312.055966][ T8464] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 312.073281][ T7077] udevd[7077]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 312.086144][ T6893] udevd[6893]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory [ 312.111746][ T6977] udevd[6977]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 312.119222][ T8464] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 312.121846][ T5251] Bluetooth: hci4: command tx timeout [ 312.225616][ T8462] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 312.236113][ T8462] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 312.439983][ T8126] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 312.745587][ T8462] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 312.921057][ T29] audit: type=1326 audit(1729412338.401:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 312.981827][ T29] audit: type=1326 audit(1729412338.401:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 313.004239][ T29] audit: type=1326 audit(1729412338.401:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 313.032453][ T29] audit: type=1326 audit(1729412338.541:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 313.064900][ T29] audit: type=1326 audit(1729412338.571:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8823 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd8c95b00e5 code=0x7ffc0000 [ 313.087749][ T29] audit: type=1326 audit(1729412338.571:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8818 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 313.268618][ T29] audit: type=1326 audit(1729412338.741:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8823 comm="syz.3.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fd8c957dff9 code=0x7ffc0000 [ 313.275369][ T8766] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.301665][ T8766] bridge0: port 1(bridge_slave_0) entered disabled state [ 313.340211][ T8766] bridge_slave_0: entered allmulticast mode [ 313.372196][ T8766] bridge_slave_0: entered promiscuous mode [ 313.443032][ T8831] ptrace attach of "./syz-executor exec"[8126] was attempted by ""[8831] [ 313.468630][ T8464] 8021q: adding VLAN 0 to HW filter on device bond0 [ 313.490412][ T8464] 8021q: adding VLAN 0 to HW filter on device team0 [ 313.531063][ T8781] chnl_net:caif_netlink_parms(): no params data found [ 313.569815][ T8766] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.601909][ T8766] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.637162][ T8766] bridge_slave_1: entered allmulticast mode [ 313.651008][ T8766] bridge_slave_1: entered promiscuous mode [ 313.694690][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 313.701868][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 313.723364][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.730500][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 314.197124][ T8839] loop3: detected capacity change from 0 to 40427 [ 314.220408][ T8839] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 314.253588][ T8839] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 314.305670][ T8839] F2FS-fs (loop3): Found nat_bits in checkpoint [ 314.333976][ T8841] netlink: 24 bytes leftover after parsing attributes in process `syz.2.807'. [ 314.417855][ T8766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 314.427309][ T5251] Bluetooth: hci2: command tx timeout [ 314.435860][ T5251] Bluetooth: hci4: command tx timeout [ 314.534658][ T53] bridge_slave_1: left allmulticast mode [ 314.540357][ T53] bridge_slave_1: left promiscuous mode [ 314.550318][ T8839] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 314.567424][ T8839] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 314.581073][ T53] bridge0: port 2(bridge_slave_1) entered disabled state [ 314.639450][ T8851] loop2: detected capacity change from 0 to 512 [ 314.666080][ T53] bridge_slave_0: left allmulticast mode [ 314.672499][ T53] bridge_slave_0: left promiscuous mode [ 314.678249][ T53] bridge0: port 1(bridge_slave_0) entered disabled state [ 314.682723][ T8851] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 314.696203][ T29] audit: type=1800 audit(1729412340.201:228): pid=8853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.808" name="bus" dev="loop3" ino=10 res=0 errno=0 [ 314.775163][ T29] audit: type=1800 audit(1729412340.261:229): pid=8853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.808" name="file0" dev="loop3" ino=11 res=0 errno=0 [ 314.781179][ T8839] syz.3.808: attempt to access beyond end of device [ 314.781179][ T8839] loop3: rw=2049, sector=77824, nr_sectors = 704 limit=40427 [ 315.859102][ T53] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 315.879551][ T53] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 315.905174][ T53] bond0 (unregistering): Released all slaves [ 315.946757][ T8766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 316.036089][ T8464] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 316.183654][ T8781] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.191157][ T8781] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.198362][ T8781] bridge_slave_0: entered allmulticast mode [ 316.231585][ T8781] bridge_slave_0: entered promiscuous mode [ 316.443920][ T8766] team0: Port device team_slave_0 added [ 316.512844][ T5238] Bluetooth: hci4: command tx timeout [ 316.519501][ T5251] Bluetooth: hci2: command tx timeout [ 316.528457][ T8766] team0: Port device team_slave_1 added [ 316.612161][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.618524][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.705939][ T8781] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.728360][ T8781] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.751413][ T8781] bridge_slave_1: entered allmulticast mode [ 316.772371][ T8781] bridge_slave_1: entered promiscuous mode [ 316.799995][ T8766] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 316.817306][ T8766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 316.847167][ T8766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 316.978071][ T8886] loop3: detected capacity change from 0 to 64 [ 317.209854][ T8766] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 317.237369][ T8766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 317.287498][ T8888] loop2: detected capacity change from 0 to 32768 [ 317.305875][ T8766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 317.315289][ T8888] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.821 (8888) [ 317.336486][ T8888] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 317.345031][ T8781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 317.346887][ T8888] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 317.364599][ T8888] BTRFS info (device loop2): using free-space-tree [ 317.430189][ T8781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 317.654338][ T8905] netlink: 'syz.3.823': attribute type 1 has an invalid length. [ 317.682882][ T8781] team0: Port device team_slave_0 added [ 317.693730][ T8464] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 317.768585][ T53] hsr_slave_0: left promiscuous mode [ 317.779926][ T53] hsr_slave_1: left promiscuous mode [ 317.851593][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 317.859089][ T53] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 317.901767][ T53] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 317.909219][ T53] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 318.013957][ T53] veth1_macvtap: left promiscuous mode [ 318.019538][ T53] veth0_macvtap: left promiscuous mode [ 318.075305][ T53] veth1_vlan: left promiscuous mode [ 318.080678][ T53] veth0_vlan: left promiscuous mode [ 318.095176][ T6762] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 318.593053][ T5238] Bluetooth: hci4: command tx timeout [ 319.299421][ T8920] loop2: detected capacity change from 0 to 4096 [ 319.342446][ T8920] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512). [ 320.491411][ T53] team0 (unregistering): Port device team_slave_1 removed [ 320.705930][ T53] team0 (unregistering): Port device team_slave_0 removed [ 320.939364][ T8926] loop2: detected capacity change from 0 to 32768 [ 320.958132][ T8926] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.831 (8926) [ 320.992290][ T8926] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 321.003317][ T8926] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 321.012164][ T8926] BTRFS info (device loop2): using free-space-tree [ 321.527040][ T6762] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 322.045230][ T8960] loop2: detected capacity change from 0 to 2048 [ 322.570825][ T29] audit: type=1326 audit(1729412348.051:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8965 comm="syz.3.839" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x0 [ 322.684320][ T8960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 322.825711][ T8781] team0: Port device team_slave_1 added [ 322.847381][ T8766] hsr_slave_0: entered promiscuous mode [ 322.854467][ T8766] hsr_slave_1: entered promiscuous mode [ 322.927022][ T8462] veth0_vlan: entered promiscuous mode [ 323.097652][ T8781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 323.161079][ T8781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.204184][ T6762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 323.281466][ T8781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 323.370996][ T8781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 323.378001][ T8781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 323.548319][ T8781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 323.844128][ T8781] hsr_slave_0: entered promiscuous mode [ 323.882218][ T8781] hsr_slave_1: entered promiscuous mode [ 323.933996][ T8781] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 323.970481][ T8781] Cannot create hsr debugfs directory [ 324.014342][ T8462] veth1_vlan: entered promiscuous mode [ 324.608691][ T8766] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.633053][ T29] audit: type=1326 audit(1729412350.141:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8984 comm="syz.3.843" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd8c957dff9 code=0x0 [ 324.730247][ T8766] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.779849][ T8462] veth0_macvtap: entered promiscuous mode [ 324.808219][ T8464] veth0_vlan: entered promiscuous mode [ 324.820576][ T8464] veth1_vlan: entered promiscuous mode [ 324.845885][ T8464] veth0_macvtap: entered promiscuous mode [ 324.855555][ T8462] veth1_macvtap: entered promiscuous mode [ 324.862395][ T3319] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 324.907986][ T8766] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 324.939393][ T8464] veth1_macvtap: entered promiscuous mode [ 325.037650][ T3319] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c [ 325.051434][ T3319] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.065718][ T3319] usb 3-1: config 0 descriptor?? [ 325.077035][ T8766] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 325.105444][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.116196][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.126875][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.149448][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.170115][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.196344][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.218866][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.232563][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.255341][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 325.275983][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.305810][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.324432][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.344182][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.360165][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.379795][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.389694][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.413476][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.430954][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 325.449675][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.476250][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 325.497228][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.547775][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.590919][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.606992][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.618698][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.629360][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.639477][ T8464] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.650091][ T8464] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.661774][ T8464] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.673283][ T8464] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.682122][ T8464] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.690877][ T8464] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.699599][ T8464] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.755709][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.766805][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.777291][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.787980][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.798039][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.808674][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.818582][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.829196][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.839150][ T8462] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 325.849721][ T8462] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 325.862281][ T8462] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 325.930695][ T8766] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 325.955701][ T8462] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.964612][ T8462] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.973768][ T8462] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 325.982913][ T8462] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 326.058472][ T8766] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 326.080918][ T5293] usb 4-1: new full-speed USB device number 11 using dummy_hcd [ 326.155070][ T8766] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 326.171106][ T8766] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 326.195002][ T1057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.203115][ T1057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.356716][ T3319] pegasus 3-1:0.0: can't reset MAC [ 326.362887][ T3319] pegasus 3-1:0.0: probe with driver pegasus failed with error -5 [ 326.374508][ T3319] usb 3-1: USB disconnect, device number 8 [ 326.382943][ T5293] usb 4-1: config 0 has an invalid interface number: 20 but max is 0 [ 326.398224][ T5293] usb 4-1: config 0 has no interface number 0 [ 326.404528][ T5293] usb 4-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64 [ 326.449282][ T8766] 8021q: adding VLAN 0 to HW filter on device bond0 [ 326.469762][ T8766] 8021q: adding VLAN 0 to HW filter on device team0 [ 326.512831][ T3008] bridge0: port 1(bridge_slave_0) entered blocking state [ 326.520041][ T3008] bridge0: port 1(bridge_slave_0) entered forwarding state [ 326.532277][ T3008] bridge0: port 2(bridge_slave_1) entered blocking state [ 326.539574][ T3008] bridge0: port 2(bridge_slave_1) entered forwarding state [ 326.563681][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.570145][ T5293] usb 4-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00 [ 326.580966][ T5293] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 326.581002][ T5293] usb 4-1: Product: syz [ 326.591375][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.593889][ T5293] usb 4-1: Manufacturer: syz [ 326.605936][ T5293] usb 4-1: SerialNumber: syz [ 326.624190][ T5293] usb 4-1: config 0 descriptor?? [ 326.646471][ T8989] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 326.657924][ T5293] usb-storage 4-1:0.20: USB Mass Storage device detected [ 326.699040][ T1057] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.709253][ T1057] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.736146][ T5293] usb-storage 4-1:0.20: Quirks match for vid 04e6 pid 000b: 4 [ 326.854273][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 326.891480][ T5293] scsi host1: usb-storage 4-1:0.20 [ 326.911419][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 326.999323][ T8781] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 327.057450][ T8781] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 327.067978][ T8781] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 327.094743][ T8999] loop2: detected capacity change from 0 to 128 [ 327.111272][ T8781] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 327.280733][ T5293] usb 4-1: USB disconnect, device number 11 [ 327.528571][ T8999] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 327.575851][ T8999] ext4 filesystem being mounted at /128/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 327.627069][ T8781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 327.647314][ T8781] 8021q: adding VLAN 0 to HW filter on device team0 [ 327.660611][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 327.667931][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 327.772810][ T6762] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 327.798271][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 327.805428][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 327.955173][ T8781] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 327.967108][ T8781] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 327.999068][ T8766] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 328.029674][ T9007] loop2: detected capacity change from 0 to 2048 [ 328.068687][ T9007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 328.130196][ T9007] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 328.201130][ T5293] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 328.221211][ T9007] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28 [ 328.253714][ T8766] veth0_vlan: entered promiscuous mode [ 328.272482][ T9007] EXT4-fs (loop2): This should not happen!! Data will be lost [ 328.272482][ T9007] [ 328.291568][ T9007] EXT4-fs (loop2): Total free blocks count 0 [ 328.305272][ T8766] veth1_vlan: entered promiscuous mode [ 328.319403][ T9007] EXT4-fs (loop2): Free/Dirty block details [ 328.341141][ T9007] EXT4-fs (loop2): free_blocks=2415919104 [ 328.361878][ T9007] EXT4-fs (loop2): dirty_blocks=48 [ 328.371276][ T9007] EXT4-fs (loop2): Block reservation details [ 328.373094][ T5293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 328.388018][ T9007] EXT4-fs (loop2): i_reserved_data_blocks=3 [ 328.410166][ T5293] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 328.424645][ T8766] veth0_macvtap: entered promiscuous mode [ 328.456640][ T5293] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 328.473817][ T8766] veth1_macvtap: entered promiscuous mode [ 328.483982][ T5293] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 328.511841][ T5293] usb 5-1: config 0 descriptor?? [ 328.542558][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.581364][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.610900][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.641164][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.660904][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.680876][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.691019][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.701582][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.711862][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.722424][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.732404][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 328.743638][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.756583][ T8766] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 328.771127][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.779612][ T81] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 328.781699][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.804382][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.815061][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.825114][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.836169][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.846873][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.857937][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.868080][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.878618][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.888541][ T8766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 328.899153][ T8766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 328.911849][ T8766] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 328.989624][ T8766] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.024840][ T8766] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.075266][ T8766] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.131543][ T8766] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 329.182493][ T8781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 329.372749][ T9013] loop3: detected capacity change from 0 to 32768 [ 329.426210][ T5293] usb 5-1: language id specifier not provided by device, defaulting to English [ 329.494527][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.509502][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.556284][ T9013] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 329.633904][ T8781] veth0_vlan: entered promiscuous mode [ 329.641238][ T5293] uclogic 0003:256C:006D.000A: failed retrieving Huion firmware version: -71 [ 329.651588][ T5293] uclogic 0003:256C:006D.000A: failed probing parameters: -71 [ 329.660375][ T5293] uclogic 0003:256C:006D.000A: probe with driver uclogic failed with error -71 [ 329.713978][ T81] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 329.725022][ T5293] usb 5-1: USB disconnect, device number 8 [ 329.730841][ T81] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 329.747577][ T8781] veth1_vlan: entered promiscuous mode [ 329.768720][ T29] audit: type=1800 audit(1729412355.271:232): pid=9013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.849" name="file1" dev="loop3" ino=17058 res=0 errno=0 [ 329.821088][ T5335] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 329.876997][ T8781] veth0_macvtap: entered promiscuous mode [ 329.901675][ T8781] veth1_macvtap: entered promiscuous mode [ 329.969255][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.001893][ T5335] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 330.042317][ T5335] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 330.050962][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.080477][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.102023][ T5335] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 330.121026][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.130882][ T5335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 330.130921][ T5335] usb 6-1: SerialNumber: syz [ 330.180908][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.212950][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.233289][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.294989][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.330889][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.361051][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.408581][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.477248][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.520880][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 330.579759][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 330.662757][ T8781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 331.114623][ T5335] usb 6-1: 0:2 : does not exist [ 331.331358][ T9031] loop2: detected capacity change from 0 to 32768 [ 331.337461][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.348566][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.360245][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.380917][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.390752][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.403114][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.414421][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.425271][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.435680][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.446650][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.457216][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.468279][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.478508][ T8781] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 331.489226][ T8781] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 331.502068][ T9031] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.853 (9031) [ 331.503277][ T8781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 331.525566][ T8781] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.534573][ T8781] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.543446][ T8781] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.552515][ T8781] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 331.581727][ T5335] usb 6-1: USB disconnect, device number 5 [ 331.620034][ T8126] ocfs2: Unmounting device (7,3) on (node local) [ 331.714194][ T9031] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 331.714625][ T9042] sctp: [Deprecated]: syz.0.858 (pid 9042) Use of struct sctp_assoc_value in delayed_ack socket option. [ 331.714625][ T9042] Use struct sctp_sack_info instead [ 331.735464][ T9031] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm [ 331.769247][ T9031] BTRFS info (device loop2): using free-space-tree [ 332.013973][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.078232][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.199464][ T2940] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 332.227932][ T2940] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 332.422249][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 332.469069][ T6762] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 332.529337][ T9072] loop1: detected capacity change from 0 to 256 [ 332.536687][ T9072] msdos: Bad value for 'gid' [ 332.541813][ T9072] msdos: Bad value for 'gid' [ 333.030624][ T9085] loop2: detected capacity change from 0 to 512 [ 333.088410][ T9085] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 333.175665][ T9085] EXT4-fs (loop2): 1 truncate cleaned up [ 333.197899][ T9085] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 333.306053][ T29] audit: type=1804 audit(1729412358.811:233): pid=9085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.860" name="/newroot/132/bus/bus" dev="loop2" ino=18 res=1 errno=0 [ 333.420033][ T6762] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 334.149656][ T9087] loop3: detected capacity change from 0 to 32768 [ 334.203600][ T9079] loop1: detected capacity change from 0 to 40427 [ 334.211770][ T9087] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 334.226276][ T9079] F2FS-fs (loop1): Invalid log blocks per segment (4278190089) [ 334.239818][ T9079] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 334.298295][ T9079] F2FS-fs (loop1): invalid crc value [ 334.349867][ T9079] F2FS-fs (loop1): Found nat_bits in checkpoint [ 334.533823][ T9079] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 334.538116][ T8126] ocfs2: Unmounting device (7,3) on (node local) [ 334.541189][ T9079] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 334.630239][ T9079] syz.1.865: attempt to access beyond end of device [ 334.630239][ T9079] loop1: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 334.853344][ T8781] syz-executor: attempt to access beyond end of device [ 334.853344][ T8781] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 334.910322][ T8781] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 335.281278][ T5294] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 335.491842][ T5294] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 335.504016][ T5294] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 335.543248][ T5294] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 335.559415][ T5294] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 335.591073][ T5294] usb 1-1: Product: syz [ 335.596420][ T5294] usb 1-1: Manufacturer: syz [ 335.634541][ T5294] usb 1-1: SerialNumber: syz [ 335.831084][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.4.887'. [ 335.841983][ T9143] loop1: detected capacity change from 0 to 8 [ 335.849079][ T9143] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 335.989332][ T9143] overlayfs: failed to resolve './file0': -2 [ 336.289023][ T29] audit: type=1326 audit(1729412361.791:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9149 comm="syz.4.890" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb93937dff9 code=0x0 [ 336.715983][ T5294] cdc_ncm 1-1:1.0: bind() failure [ 336.746910][ T5294] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71 [ 336.776464][ T5294] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71 [ 336.791689][ T9165] loop2: detected capacity change from 0 to 1024 [ 336.805853][ T5294] usbtest 1-1:1.1: probe with driver usbtest failed with error -71 [ 336.848098][ T5294] usb 1-1: USB disconnect, device number 12 [ 336.929905][ T35] hfsplus: b-tree write err: -5, ino 4 [ 337.319243][ T29] audit: type=1326 audit(1729412362.821:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9172 comm="syz.4.900" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb93937dff9 code=0x0 [ 337.637869][ T9158] loop1: detected capacity change from 0 to 40427 [ 337.676412][ T9158] F2FS-fs (loop1): Found nat_bits in checkpoint [ 337.861510][ T9158] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 337.927544][ T9167] loop3: detected capacity change from 0 to 40427 [ 337.979182][ T9167] F2FS-fs (loop3): invalid crc value [ 338.014059][ T9167] F2FS-fs (loop3): Found nat_bits in checkpoint [ 338.063045][ T9158] syz.1.893: attempt to access beyond end of device [ 338.063045][ T9158] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 338.100970][ T9158] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 338.128750][ T9169] loop2: detected capacity change from 0 to 32768 [ 338.166622][ T9169] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 338.216632][ T9167] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 338.331750][ T8126] syz-executor: attempt to access beyond end of device [ 338.331750][ T8126] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 338.362204][ T8126] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 338.467296][ T9169] XFS (loop2): Ending clean mount [ 338.477831][ T9169] XFS (loop2): Quotacheck needed: Please wait. [ 338.585040][ T9169] XFS (loop2): Quotacheck: Done. [ 339.423668][ T9212] loop1: detected capacity change from 0 to 32768 [ 340.055228][ T9212] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.163770][ T9216] loop4: detected capacity change from 0 to 32768 [ 340.171566][ T9216] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.908 (9216) [ 340.210378][ T6762] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 340.428072][ T9212] XFS (loop1): Ending clean mount [ 340.450017][ T9212] XFS (loop1): Quotacheck needed: Please wait. [ 341.172020][ T9216] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 341.186903][ T9212] XFS (loop1): Quotacheck: Done. [ 341.199136][ T9216] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 341.246841][ T9216] BTRFS info (device loop4): using free-space-tree [ 341.257077][ T29] audit: type=1804 audit(1729412366.741:236): pid=9212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.909" name="/newroot/6/file0/file0/file0" dev="loop1" ino=9284 res=1 errno=0 [ 341.543478][ T9232] loop3: detected capacity change from 0 to 2048 [ 341.575464][ T9232] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 341.847557][ T8781] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 341.922978][ T29] audit: type=1800 audit(1729412367.431:237): pid=9232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.912" name="bus" dev="loop3" ino=1441 res=0 errno=0 [ 342.087418][ T9216] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 342.100423][ T9216] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 342.118287][ T8126] UDF-fs: warning (device loop3): udf_evict_inode: Inode 1346 (mode 100000) has inode size 65549 different from extent length 66048. Filesystem need not be standards compliant. [ 342.146734][ T9216] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 342.147114][ T9216] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 342.178852][ T9216] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 342.810955][ T5293] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 343.080278][ T5293] usb 1-1: Using ep0 maxpacket: 8 [ 343.115768][ T5293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 343.181016][ T5293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 343.198640][ T9257] loop3: detected capacity change from 0 to 4096 [ 343.241046][ T5293] usb 1-1: New USB device found, idVendor=054c, idProduct=0ce6, bcdDevice= 0.00 [ 343.311943][ T9257] ntfs3(loop3): ino=0, Correct links count -> 1. [ 343.318433][ T9257] ntfs3(loop3): Mark volume as dirty due to NTFS errors [ 343.336046][ T5293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 343.422012][ T5293] usb 1-1: config 0 descriptor?? [ 343.428842][ T9257] ntfs3(loop3): Failed to load $MFT. [ 343.458494][ T9263] loop1: detected capacity change from 0 to 2048 [ 343.537147][ T9263] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 343.863437][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 343.920619][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 343.956414][ T9269] batman_adv: batadv0: Adding interface: ip6gretap1 [ 343.993093][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 344.024532][ T9269] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500. [ 344.046507][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 344.075605][ T9271] loop3: detected capacity change from 0 to 16 [ 344.092376][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 344.133234][ T9271] erofs: (device loop3): mounted with root inode @ nid 36. [ 344.151233][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 344.162461][ T9269] batman_adv: batadv0: Interface activated: ip6gretap1 [ 344.195767][ T5293] playstation 0003:054C:0CE6.000B: unknown main item tag 0x0 [ 344.256757][ T5293] playstation 0003:054C:0CE6.000B: hidraw0: USB HID v0.00 Device [HID 054c:0ce6] on usb-dummy_hcd.0-1/input0 [ 344.336310][ T8781] UDF-fs: warning (device loop1): udf_evict_inode: Inode 1346 (mode 100755) has inode size 134220898 different from extent length 134221312. Filesystem need not be standards compliant. [ 344.383806][ T5293] playstation 0003:054C:0CE6.000B: Invalid reportID received, expected 9 got 0 [ 344.419477][ T5293] playstation 0003:054C:0CE6.000B: Failed to retrieve DualSense pairing info: -22 [ 344.479516][ T5293] playstation 0003:054C:0CE6.000B: Failed to get MAC address from DualSense [ 344.534499][ T5293] playstation 0003:054C:0CE6.000B: Failed to create dualsense. [ 344.588688][ T5293] playstation 0003:054C:0CE6.000B: probe with driver playstation failed with error -22 [ 344.671613][ T5293] usb 1-1: USB disconnect, device number 13 [ 345.343029][ T9286] loop3: detected capacity change from 0 to 1024 [ 345.415870][ T9286] hfsplus: failed to load root directory [ 345.767768][ T9216] BTRFS error (device loop4): open_ctree failed [ 346.882505][ T9298] loop3: detected capacity change from 0 to 32768 [ 346.896672][ T9298] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.937 (9298) [ 346.943868][ T9298] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 346.973181][ T9298] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm [ 346.994956][ T9298] BTRFS info (device loop3): using free-space-tree [ 347.331050][ T5293] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 347.471284][ T81] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared) [ 347.491607][ T5293] usb 6-1: Using ep0 maxpacket: 32 [ 347.524492][ T5293] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 347.570315][ T5293] usb 6-1: config 0 has no interface number 0 [ 347.652523][ T5293] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 347.680398][ T5293] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 347.711306][ T5293] usb 6-1: Product: syz [ 347.715537][ T5293] usb 6-1: Manufacturer: syz [ 347.741019][ T5293] usb 6-1: SerialNumber: syz [ 347.746363][ T8126] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 347.761721][ T5293] usb 6-1: config 0 descriptor?? [ 347.782845][ T5293] smsc95xx v2.0.0 [ 348.072738][ T9370] loop2: detected capacity change from 0 to 2048 [ 348.155212][ T9370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 348.200942][ T5293] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32 [ 348.234372][ T5293] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD [ 348.317521][ T9377] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 348.419445][ T9357] loop1: detected capacity change from 0 to 32768 [ 348.432186][ T9377] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 174 with error 28 [ 348.455401][ T9357] (syz.1.952,9357,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 348.509312][ T9377] EXT4-fs (loop2): This should not happen!! Data will be lost [ 348.509312][ T9377] [ 348.529641][ T9357] (syz.1.952,9357,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 348.567610][ T9377] EXT4-fs (loop2): Total free blocks count 0 [ 348.598024][ T9377] EXT4-fs (loop2): Free/Dirty block details [ 348.612506][ T9357] JBD2: Ignoring recovery information on journal [ 348.654463][ T9377] EXT4-fs (loop2): free_blocks=66060288 [ 348.665353][ T9377] EXT4-fs (loop2): dirty_blocks=192 [ 348.680206][ T9357] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 348.712132][ T9363] loop4: detected capacity change from 0 to 32768 [ 348.720084][ T9377] EXT4-fs (loop2): Block reservation details [ 348.726556][ T9363] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.954 (9363) [ 348.739871][ T9377] EXT4-fs (loop2): i_reserved_data_blocks=12 [ 348.754912][ T9363] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 348.765867][ T9363] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 348.775067][ T9363] BTRFS info (device loop4): using free-space-tree [ 348.904618][ T5293] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71 [ 348.931463][ T5293] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71 [ 348.956844][ T5293] usb 6-1: USB disconnect, device number 6 [ 349.059425][ T53] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 188 with error 28 [ 349.116103][ T8781] ocfs2: Unmounting device (7,1) on (node local) [ 349.332191][ T8464] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 349.418384][ T9409] netlink: 12 bytes leftover after parsing attributes in process `syz.2.964'. [ 349.787916][ T9419] loop2: detected capacity change from 0 to 512 [ 349.831657][ T5294] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 349.854390][ T9419] EXT4-fs: Ignoring removed mblk_io_submit option [ 349.884170][ T9419] EXT4-fs (loop2): unable to read superblock [ 350.055732][ T5294] usb 1-1: Using ep0 maxpacket: 16 [ 350.080279][ T5294] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 350.105308][ T5294] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 350.137237][ T5294] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00 [ 350.158677][ T9427] batadv_slave_1: entered promiscuous mode [ 350.160917][ T5294] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 350.214835][ T9426] batadv_slave_1: left promiscuous mode [ 350.221851][ T5294] usb 1-1: config 0 descriptor?? [ 350.624534][ T9437] sg_read: process 382 (syz.2.978) changed security contexts after opening file descriptor, this is not allowed. [ 350.708895][ T5294] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.000C/input/input16 [ 350.931267][ T5294] appleir 0003:05AC:8241.000C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0 [ 351.177751][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.207447][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.241851][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.247324][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.252856][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.258290][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.264736][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.270163][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.275634][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.281179][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.289730][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.295194][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.300612][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.306090][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.312307][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.317737][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.350892][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.356392][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.366543][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.376610][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.391161][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.396675][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.433348][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.438793][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.461110][ T5333] usb 1-1: USB disconnect, device number 14 [ 351.481013][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.496666][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.512608][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.540848][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.582684][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.588145][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.603872][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.609394][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.650989][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.666621][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.673714][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.679187][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.691090][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.696610][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.711114][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.716620][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.732945][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.738375][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.751096][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.756549][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.770971][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.777345][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.801396][ T9448] iou-wrk-9446 (9448): drop_caches: 0 [ 351.856539][ T9451] loop1: detected capacity change from 0 to 128 [ 351.971868][ T9441] loop3: detected capacity change from 0 to 32768 [ 352.004196][ T9441] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.979 (9441) [ 352.079904][ T9441] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 352.119575][ T9441] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm [ 352.171002][ T9441] BTRFS info (device loop3): using free-space-tree [ 352.315566][ T5294] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 352.492725][ T5294] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a [ 352.531051][ T5294] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 352.562748][ T8126] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 352.568729][ T5294] usb 5-1: Product: syz [ 352.590171][ T5294] usb 5-1: Manufacturer: syz [ 352.607827][ T5294] usb 5-1: SerialNumber: syz [ 352.625106][ T5294] usb 5-1: config 0 descriptor?? [ 352.940870][ T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 353.053321][ T5294] usb 5-1: Firmware: major: 15, minor: 97, hardware type: UNKNOWN (127) [ 353.084264][ T9453] loop2: detected capacity change from 0 to 40427 [ 353.125682][ T9453] F2FS-fs (loop2): Found nat_bits in checkpoint [ 353.134324][ T9] usb 1-1: config 0 has an invalid interface number: 2 but max is 0 [ 353.156471][ T9] usb 1-1: config 0 has no interface number 0 [ 353.180875][ T9] usb 1-1: too many endpoints for config 0 interface 2 altsetting 0: 32, using maximum allowed: 30 [ 353.242380][ T9] usb 1-1: config 0 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 32 [ 353.321018][ T9] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 353.330185][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 353.413376][ T9] usb 1-1: config 0 descriptor?? [ 354.020877][ T9453] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 354.621225][ T5294] usb 5-1: Read permanent extended address b8:2d:89:91:0c:26:13:04 from device [ 354.638155][ T9452] syz.2.983: attempt to access beyond end of device [ 354.638155][ T9452] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 354.639782][ T5294] usb 5-1: atusb_probe: initialization failed, error = -524 [ 354.661905][ T5294] atusb 5-1:0.0: probe with driver atusb failed with error -524 [ 354.693301][ T9] usb 1-1: can't set config #0, error -71 [ 354.716348][ T9] usb 1-1: USB disconnect, device number 15 [ 354.806967][ T6762] syz-executor: attempt to access beyond end of device [ 354.806967][ T6762] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 354.850955][ T6762] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 354.874255][ T4875] usb 5-1: USB disconnect, device number 9 [ 356.264226][ T9546] loop3: detected capacity change from 0 to 512 [ 356.353717][ T9546] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 356.424167][ T9546] EXT4-fs (loop3): invalid journal inode [ 356.469543][ T9546] EXT4-fs (loop3): can't get journal size [ 356.611862][ T9546] EXT4-fs (loop3): 1 truncate cleaned up [ 356.663714][ T9546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 356.819245][ T29] audit: type=1800 audit(1729412382.311:238): pid=9546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1011" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 356.987499][ T9558] netlink: 'syz.5.1015': attribute type 9 has an invalid length. [ 357.066805][ T9558] netlink: 134660 bytes leftover after parsing attributes in process `syz.5.1015'. [ 357.140979][ T29] audit: type=1804 audit(1729412382.441:239): pid=9560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1011" name="/newroot/81/file0/bus" dev="loop3" ino=18 res=1 errno=0 [ 357.439592][ T8126] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 357.841470][ T3319] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 357.951181][ T5333] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 358.006017][ T3319] usb 1-1: Using ep0 maxpacket: 8 [ 358.041992][ T3319] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d [ 358.084800][ T3319] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.120526][ T5333] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 358.160414][ T3319] usb 1-1: Product: syz [ 358.172242][ T5333] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=7a.b1 [ 358.200914][ T3319] usb 1-1: Manufacturer: syz [ 358.230565][ T3319] usb 1-1: SerialNumber: syz [ 358.239950][ T5333] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 358.274508][ T3319] usb 1-1: config 0 descriptor?? [ 358.297638][ T5333] usb 2-1: Product: syz [ 358.308424][ T3319] gspca_main: sonixj-2.14.0 probing 0c45:613a [ 358.326760][ T5333] usb 2-1: Manufacturer: syz [ 358.367276][ T5333] usb 2-1: SerialNumber: syz [ 358.415183][ T5333] usb 2-1: config 0 descriptor?? [ 358.486999][ T5333] usb_ehset_test 2-1:0.0: probe with driver usb_ehset_test failed with error -32 [ 358.687325][ T5333] usb 2-1: USB disconnect, device number 8 [ 359.461207][ T5291] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 359.528426][ T3319] gspca_sonixj: reg_w1 err -71 [ 359.611032][ T3319] sonixj 1-1:0.0: probe with driver sonixj failed with error -71 [ 359.672389][ T3319] usb 1-1: USB disconnect, device number 16 [ 359.685328][ T5291] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 359.744392][ T5291] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 359.810729][ T5291] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00 [ 359.872287][ T5291] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 359.973329][ T5291] usb 3-1: config 0 descriptor?? [ 360.456688][ T5291] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 360.536480][ T5291] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0 [ 360.597781][ T5291] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.000D/input/input17 [ 360.776972][ T5291] cm6533_jd 0003:0D8C:0022.000D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0 [ 361.076193][ T5291] usb 3-1: USB disconnect, device number 9 [ 361.503838][ T3319] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 361.696826][ T3319] usb 1-1: Using ep0 maxpacket: 8 [ 361.790137][ T3319] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 361.841534][ T3319] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 361.890452][ T9590] loop4: detected capacity change from 0 to 32768 [ 361.917376][ T3319] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 361.972970][ T3319] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 362.065047][ T9590] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 362.080930][ T3319] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 362.136023][ T2940] (kworker/u8:10,2940,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7 [ 362.166573][ T3319] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 362.254363][ T9590] (syz.4.1031,9590,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7 [ 362.339970][ T9590] (syz.4.1031,9590,1):ocfs2_prepare_dir_for_insert:4277 ERROR: status = -2 [ 362.386780][ T9590] (syz.4.1031,9590,1):__ocfs2_prepare_orphan_dir:2179 ERROR: status = -2 [ 362.446581][ T3319] usb 1-1: GET_CAPABILITIES returned 0 [ 362.457999][ T9590] (syz.4.1031,9590,1):ocfs2_prepare_orphan_dir:2223 ERROR: status = -2 [ 362.482060][ T3319] usbtmc 1-1:16.0: can't read capabilities [ 362.522316][ T9590] (syz.4.1031,9590,1):ocfs2_prepare_orphan_dir:2239 ERROR: status = -2 [ 362.580965][ T9590] (syz.4.1031,9590,1):ocfs2_rename:1463 ERROR: status = -2 [ 362.624977][ T9590] (syz.4.1031,9590,1):ocfs2_rename:1698 ERROR: status = -2 [ 362.665168][ T9602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 362.727952][ T9602] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 362.779192][ T5333] usb 1-1: USB disconnect, device number 17 [ 362.853340][ T8464] ocfs2: Unmounting device (7,4) on (node local) [ 362.952363][ T9595] loop3: detected capacity change from 0 to 40427 [ 362.995908][ T9595] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1fffff [ 363.059975][ T9595] F2FS-fs (loop3): invalid crc value [ 363.101620][ T9595] F2FS-fs (loop3): Found nat_bits in checkpoint [ 363.434845][ T9595] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 363.991236][ T9624] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 364.075830][ T9628] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 364.863577][ T9642] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 365.621741][ C1] IPv4: Oversized IP packet from 172.20.20.24 [ 365.690925][ T3319] usb 6-1: new high-speed USB device number 7 using dummy_hcd [ 365.898344][ T3319] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 365.957797][ T3319] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 366.029430][ T3319] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 366.106123][ T3319] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 366.166376][ T9655] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22 [ 366.250191][ T3319] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 366.547511][ T3319] usb 6-1: USB disconnect, device number 7 [ 368.011048][ T3319] usb 6-1: new high-speed USB device number 8 using dummy_hcd [ 368.241177][ T3319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 368.271091][ T3319] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 368.301597][ T3319] usb 6-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 368.336000][ T3319] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 368.394481][ T3319] usb 6-1: config 0 descriptor?? [ 368.949374][ T3319] wacom 0003:056A:00D0.000E: unknown main item tag 0x0 [ 368.999928][ T3319] wacom 0003:056A:00D0.000E: Unknown device_type for 'HID 056a:00d0'. Assuming pen. [ 369.036533][ T3319] wacom 0003:056A:00D0.000E: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.5-1/input0 [ 369.100284][ T3319] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:00D0.000E/input/input18 [ 369.311941][ T3319] usb 6-1: USB disconnect, device number 8 [ 369.980166][ T9677] loop1: detected capacity change from 0 to 128 [ 370.099442][ T9677] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 370.194690][ T9677] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 370.315982][ T9677] syz.1.1065 (pid 9677) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 370.760543][ T9677] fscrypt (loop1, inode 12): Error allocating 'adiantum(xchacha12,aes)' transform: -4 [ 370.956157][ T8781] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 375.005063][ T5238] Bluetooth: hci0: command 0x0406 tx timeout [ 376.002657][ T9692] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1069'. [ 376.163299][ T9692] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.172305][ T9692] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.181116][ T9692] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.189839][ T9692] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 376.386595][ T9692] vxlan0: entered promiscuous mode [ 378.131646][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.138275][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.635060][ T9739] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1090'. [ 382.054867][ T9720] netlink: 'syz.3.1081': attribute type 10 has an invalid length. [ 382.091051][ T9720] syz_tun: entered promiscuous mode [ 382.222958][ T9720] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 382.293775][ T9726] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ÿÿÿÿ [ 400.602044][ T5251] Bluetooth: hci1: command 0x0406 tx timeout [ 400.608293][ T5251] Bluetooth: hci3: command 0x0406 tx timeout [ 431.311139][ T5238] Bluetooth: hci2: command 0x0406 tx timeout [ 439.476137][ T1265] ieee802154 phy0 wpan0: encryption failed: -22 [ 439.482737][ T1265] ieee802154 phy1 wpan1: encryption failed: -22 [ 470.831133][ T30] INFO: task syz.0.769:8720 blocked for more than 143 seconds. [ 470.838768][ T30] Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 470.850969][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 470.859693][ T30] task:syz.0.769 state:D stack:23168 pid:8720 tgid:8719 ppid:6754 flags:0x00004004 [ 470.920968][ T30] Call Trace: [ 470.924327][ T30] [ 470.927287][ T30] __schedule+0x1895/0x4b30 [ 470.950964][ T30] ? __pfx___schedule+0x10/0x10 [ 470.955933][ T30] ? __pfx_lock_release+0x10/0x10 [ 470.982896][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 470.988459][ T30] ? schedule+0x90/0x320 [ 471.020915][ T30] schedule+0x14b/0x320 [ 471.025294][ T30] schedule_preempt_disabled+0x13/0x30 [ 471.050995][ T30] __mutex_lock+0x6a7/0xd70 [ 471.055582][ T30] ? __mutex_lock+0x52a/0xd70 [ 471.077962][ T30] ? exfat_sync_fs+0xb0/0x160 [ 471.095204][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 471.100274][ T30] ? super_lock+0x2d6/0x400 [ 471.130942][ T30] ? __pfx_super_lock+0x10/0x10 [ 471.135861][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 471.160944][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 471.166230][ T30] exfat_sync_fs+0xb0/0x160 [ 471.187150][ T30] iterate_supers+0xc8/0x190 [ 471.200830][ T30] ? __pfx_sync_fs_one_sb+0x10/0x10 [ 471.206094][ T30] ksys_sync+0xdb/0x1c0 [ 471.210290][ T30] ? __pfx_ksys_sync+0x10/0x10 [ 471.241012][ T30] ? do_syscall_64+0x100/0x230 [ 471.260908][ T30] ? do_syscall_64+0xb6/0x230 [ 471.265664][ T30] __do_sys_sync+0xe/0x20 [ 471.270027][ T30] do_syscall_64+0xf3/0x230 [ 471.305369][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.330837][ T30] RIP: 0033:0x7f7d79d7dff9 [ 471.335322][ T30] RSP: 002b:00007f7d7aaf2038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 471.370972][ T30] RAX: ffffffffffffffda RBX: 00007f7d79f35f80 RCX: 00007f7d79d7dff9 [ 471.395010][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 471.430919][ T30] RBP: 00007f7d79df0296 R08: 0000000000000000 R09: 0000000000000000 [ 471.438974][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 471.469302][ T30] R13: 0000000000000000 R14: 00007f7d79f35f80 R15: 00007fff1af1daa8 [ 471.505073][ T30] [ 471.508238][ T30] INFO: task syz.0.769:8722 blocked for more than 144 seconds. [ 471.538757][ T30] Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 471.559299][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 471.590784][ T30] task:syz.0.769 state:D stack:27392 pid:8722 tgid:8719 ppid:6754 flags:0x00004006 [ 471.621335][ T30] Call Trace: [ 471.624683][ T30] [ 471.627644][ T30] __schedule+0x1895/0x4b30 [ 471.671015][ T30] ? __pfx___schedule+0x10/0x10 [ 471.675964][ T30] ? __pfx_lock_release+0x10/0x10 [ 471.690805][ T30] ? __mutex_trylock_common+0x92/0x2e0 [ 471.710256][ T30] ? schedule+0x90/0x320 [ 471.721091][ T30] schedule+0x14b/0x320 [ 471.725318][ T30] schedule_preempt_disabled+0x13/0x30 [ 471.750833][ T30] __mutex_lock+0x6a7/0xd70 [ 471.755439][ T30] ? __mutex_lock+0x52a/0xd70 [ 471.760158][ T30] ? exfat_sync_fs+0xb0/0x160 [ 471.789795][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 471.819686][ T30] ? super_lock+0x2d6/0x400 [ 471.824353][ T30] ? __pfx_super_lock+0x10/0x10 [ 471.829262][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 471.860954][ T30] ? do_raw_spin_unlock+0x13c/0x8b0 [ 471.866317][ T30] exfat_sync_fs+0xb0/0x160 [ 471.892252][ T30] iterate_supers+0xc8/0x190 [ 471.896922][ T30] ? __pfx_sync_fs_one_sb+0x10/0x10 [ 471.920955][ T30] ksys_sync+0xdb/0x1c0 [ 471.925197][ T30] ? __pfx_ksys_sync+0x10/0x10 [ 471.930002][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 471.960784][ T30] ? do_syscall_64+0xb6/0x230 [ 471.965555][ T30] __do_sys_sync+0xe/0x20 [ 471.969923][ T30] do_syscall_64+0xf3/0x230 [ 472.020141][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.026210][ T30] RIP: 0033:0x7f7d79d7dff9 [ 472.030661][ T30] RSP: 002b:00007f7d7aad1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 472.060932][ T30] RAX: ffffffffffffffda RBX: 00007f7d79f36058 RCX: 00007f7d79d7dff9 [ 472.069074][ T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 472.100797][ T30] RBP: 00007f7d79df0296 R08: 0000000000000000 R09: 0000000000000000 [ 472.140049][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 472.159679][ T30] R13: 0000000000000001 R14: 00007f7d79f36058 R15: 00007fff1af1daa8 [ 472.180821][ T30] [ 472.187199][ T30] [ 472.187199][ T30] Showing all locks held in the system: [ 472.230785][ T30] 2 locks held by ksoftirqd/0/16: [ 472.235878][ T30] 1 lock held by khungtaskd/30: [ 472.258745][ T30] #0: ffffffff8e937e20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0 [ 472.289654][ T30] 2 locks held by getty/4983: [ 472.300622][ T30] #0: ffff88814bf960a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 472.330889][ T30] #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00 [ 472.360959][ T30] 1 lock held by syz-executor/5216: [ 472.366223][ T30] #0: ffff888063346098 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x17c/0x3d0 [ 472.410914][ T30] 3 locks held by syz.5.510/7637: [ 472.416631][ T30] 2 locks held by syz.0.769/8720: [ 472.440828][ T30] #0: ffff8880567e00e0 (&type->s_umount_key#70){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 472.469887][ T30] #1: ffff888011dc60e8 (&sbi->s_lock){+.+.}-{3:3}, at: exfat_sync_fs+0xb0/0x160 [ 472.499661][ T30] 2 locks held by syz.0.769/8722: [ 472.518546][ T30] #0: ffff8880567e00e0 (&type->s_umount_key#70){++++}-{3:3}, at: super_lock+0x27c/0x400 [ 472.560942][ T30] #1: ffff888011dc60e8 (&sbi->s_lock){+.+.}-{3:3}, at: exfat_sync_fs+0xb0/0x160 [ 472.570215][ T30] 2 locks held by syz-executor/8781: [ 472.599037][ T30] #0: ffffffff8e9eb3d0 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x282/0x1f40 [ 472.630925][ T30] #1: ffff888062e4e098 (&mm->mmap_lock){++++}-{3:3}, at: copy_mm+0x2a5/0x1f40 [ 472.640023][ T30] 1 lock held by syz.4.1066/9676: [ 472.679837][ T30] #0: ffff88801ac76098 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2bd/0xc40 [ 472.711182][ T30] 1 lock held by syz.2.1068/9680: [ 472.716268][ T30] #0: ffff8880565e1498 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x2bd/0xc40 [ 472.751598][ T30] [ 472.753984][ T30] ============================================= [ 472.753984][ T30] [ 472.780850][ T30] NMI backtrace for cpu 1 [ 472.785239][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 472.795769][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 472.805859][ T30] Call Trace: [ 472.809164][ T30] [ 472.812116][ T30] dump_stack_lvl+0x241/0x360 [ 472.816834][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 472.822072][ T30] ? __pfx__printk+0x10/0x10 [ 472.826706][ T30] nmi_cpu_backtrace+0x49c/0x4d0 [ 472.831686][ T30] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 472.837181][ T30] ? _printk+0xd5/0x120 [ 472.841363][ T30] ? __pfx__printk+0x10/0x10 [ 472.845977][ T30] ? __wake_up_klogd+0xcc/0x110 [ 472.850863][ T30] ? __pfx__printk+0x10/0x10 [ 472.855480][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.861146][ T30] ? __rcu_read_unlock+0xa1/0x110 [ 472.866211][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 472.872437][ T30] nmi_trigger_cpumask_backtrace+0x198/0x320 [ 472.878467][ T30] watchdog+0xff4/0x1040 [ 472.882747][ T30] ? watchdog+0x1ea/0x1040 [ 472.887209][ T30] ? __pfx_watchdog+0x10/0x10 [ 472.891920][ T30] kthread+0x2f2/0x390 [ 472.896013][ T30] ? __pfx_watchdog+0x10/0x10 [ 472.900722][ T30] ? __pfx_kthread+0x10/0x10 [ 472.905340][ T30] ret_from_fork+0x4d/0x80 [ 472.909792][ T30] ? __pfx_kthread+0x10/0x10 [ 472.914411][ T30] ret_from_fork_asm+0x1a/0x30 [ 472.919237][ T30] [ 472.923931][ T30] Sending NMI from CPU 1 to CPUs 0: [ 472.929172][ C0] NMI backtrace for cpu 0 [ 472.929186][ C0] CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 472.929217][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 472.929230][ C0] RIP: 0010:kernel_text_address+0x4/0xe0 [ 472.929261][ C0] Code: 92 c2 20 ca 08 c2 0f b6 c2 5b e9 22 70 90 0a 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 <55> 41 56 53 48 89 fb 48 c7 c0 00 00 00 81 bd 01 00 00 00 48 39 c7 [ 472.929280][ C0] RSP: 0018:ffffc90000156988 EFLAGS: 00000246 [ 472.929300][ C0] RAX: 0000000000000000 RBX: ffffffff815793d7 RCX: 0000000080000100 [ 472.929316][ C0] RDX: dffffc0000000000 RSI: ffffc90000150000 RDI: ffffffff815793d7 [ 472.929333][ C0] RBP: ffffc90000156a50 R08: ffffc90000157c70 R09: ffffc90000156a10 [ 472.929350][ C0] R10: dffffc0000000000 R11: fffff5200002ad44 R12: ffff88801ce85a00 [ 472.929368][ C0] R13: ffffffff8180a0e0 R14: dffffc0000000000 R15: 1ffff9200002ad41 [ 472.929388][ C0] FS: 0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 472.929407][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 472.929422][ C0] CR2: 00007f4bb180cfe0 CR3: 000000000e734000 CR4: 0000000000350ef0 [ 472.929440][ C0] Call Trace: [ 472.929448][ C0] [ 472.929457][ C0] ? nmi_cpu_backtrace+0x3c2/0x4d0 [ 472.929488][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 472.929526][ C0] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 472.929554][ C0] ? nmi_handle+0x2a/0x5a0 [ 472.929589][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 472.929621][ C0] ? nmi_handle+0x151/0x5a0 [ 472.929644][ C0] ? nmi_handle+0x2a/0x5a0 [ 472.929669][ C0] ? kernel_text_address+0x4/0xe0 [ 472.929694][ C0] ? default_do_nmi+0x63/0x160 [ 472.929726][ C0] ? exc_nmi+0x123/0x1f0 [ 472.929755][ C0] ? end_repeat_nmi+0xf/0x53 [ 472.929779][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 472.929808][ C0] ? handle_softirqs+0x2c7/0x980 [ 472.929842][ C0] ? handle_softirqs+0x2c7/0x980 [ 472.929871][ C0] ? kernel_text_address+0x4/0xe0 [ 472.929898][ C0] ? kernel_text_address+0x4/0xe0 [ 472.929925][ C0] ? kernel_text_address+0x4/0xe0 [ 472.929952][ C0] [ 472.929959][ C0] [ 472.929967][ C0] __kernel_text_address+0xd/0x40 [ 472.929993][ C0] unwind_get_return_address+0x4d/0x90 [ 472.930016][ C0] arch_stack_walk+0xfd/0x150 [ 472.930046][ C0] ? handle_softirqs+0x2c7/0x980 [ 472.930080][ C0] stack_trace_save+0x118/0x1d0 [ 472.930107][ C0] ? stack_trace_save+0x118/0x1d0 [ 472.930134][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 472.930163][ C0] ? __asan_memset+0x23/0x50 [ 472.930203][ C0] ? unwind_next_frame+0x193b/0x22d0 [ 472.930229][ C0] kasan_save_track+0x3f/0x80 [ 472.930251][ C0] ? kasan_save_track+0x3f/0x80 [ 472.930272][ C0] ? __kasan_slab_alloc+0x66/0x80 [ 472.930296][ C0] ? kmem_cache_alloc_node_noprof+0x16b/0x320 [ 472.930327][ C0] ? __alloc_skb+0x1c3/0x440 [ 472.930349][ C0] ? synproxy_send_client_synack_ipv6+0x1ba/0xc30 [ 472.930385][ C0] ? nft_synproxy_do_eval+0x739/0xa60 [ 472.930419][ C0] ? nft_do_chain+0x4af/0x1da0 [ 472.930439][ C0] ? nft_do_chain_inet+0x418/0x6b0 [ 472.930474][ C0] ? nf_hook_slow+0xc5/0x220 [ 472.930503][ C0] ? NF_HOOK+0x29e/0x450 [ 472.930525][ C0] ? NF_HOOK+0x3a6/0x450 [ 472.930546][ C0] ? __netif_receive_skb+0x1ea/0x650 [ 472.930575][ C0] ? process_backlog+0x662/0x15b0 [ 472.930605][ C0] ? __napi_poll+0xcd/0x490 [ 472.930632][ C0] ? net_rx_action+0x89b/0x1240 [ 472.930686][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.930718][ C0] __kasan_slab_alloc+0x66/0x80 [ 472.930745][ C0] ? __alloc_skb+0x1c3/0x440 [ 472.930769][ C0] kmem_cache_alloc_node_noprof+0x16b/0x320 [ 472.930806][ C0] __alloc_skb+0x1c3/0x440 [ 472.930833][ C0] ? __pfx___alloc_skb+0x10/0x10 [ 472.930858][ C0] ? __entry_text_end+0x1020c5/0x1020c9 [ 472.930892][ C0] synproxy_send_client_synack_ipv6+0x1ba/0xc30 [ 472.930935][ C0] ? lockdep_hardirqs_on+0x99/0x150 [ 472.930962][ C0] ? __pfx_synproxy_send_client_synack_ipv6+0x10/0x10 [ 472.930999][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931030][ C0] ? synproxy_pernet+0x45/0x270 [ 472.931067][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931098][ C0] nft_synproxy_do_eval+0x739/0xa60 [ 472.931140][ C0] ? __pfx_nft_synproxy_do_eval+0x10/0x10 [ 472.931184][ C0] ? __pfx_validate_chain+0x10/0x10 [ 472.931217][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 472.931257][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931290][ C0] nft_do_chain+0x4af/0x1da0 [ 472.931313][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931346][ C0] ? nf_nat_inet_fn+0xa30/0xd10 [ 472.931375][ C0] ? __pfx_nft_do_chain+0x10/0x10 [ 472.931414][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931441][ C0] ? nf_nat_ipv6_fn+0x2cb/0x3e0 [ 472.931475][ C0] ? __pfx_nf_nat_ipv6_fn+0x10/0x10 [ 472.931507][ C0] nft_do_chain_inet+0x418/0x6b0 [ 472.931547][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 472.931583][ C0] ? nf_nat_ipv6_local_in+0x1cd/0x620 [ 472.931615][ C0] ? __pfx_nf_nat_ipv6_local_in+0x10/0x10 [ 472.931641][ C0] ? nf_nat_ipv6_fn+0x2cb/0x3e0 [ 472.931673][ C0] ? __pfx_nft_do_chain_inet+0x10/0x10 [ 472.931707][ C0] nf_hook_slow+0xc5/0x220 [ 472.931740][ C0] ? __pfx_ip6_input_finish+0x10/0x10 [ 472.931764][ C0] ? __pfx_ip6_input_finish+0x10/0x10 [ 472.931789][ C0] NF_HOOK+0x29e/0x450 [ 472.931814][ C0] ? NF_HOOK+0x9a/0x450 [ 472.931836][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 472.931861][ C0] ? __pfx_ip6_input_finish+0x10/0x10 [ 472.931887][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931913][ C0] ? ip6_rcv_finish_core+0x1fb/0x410 [ 472.931937][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.931965][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 472.931988][ C0] NF_HOOK+0x3a6/0x450 [ 472.932009][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.932035][ C0] ? skb_orphan+0xae/0xd0 [ 472.932059][ C0] ? NF_HOOK+0x9a/0x450 [ 472.932082][ C0] ? __pfx_NF_HOOK+0x10/0x10 [ 472.932106][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 472.932134][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.932160][ C0] ? __pfx_ipv6_rcv+0x10/0x10 [ 472.932184][ C0] __netif_receive_skb+0x1ea/0x650 [ 472.932220][ C0] ? __pfx_lock_acquire+0x10/0x10 [ 472.932255][ C0] ? __pfx___netif_receive_skb+0x10/0x10 [ 472.932283][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 472.932319][ C0] ? __pfx_lock_release+0x10/0x10 [ 472.932355][ C0] ? _raw_spin_lock_irq+0xdf/0x120 [ 472.932397][ C0] process_backlog+0x662/0x15b0 [ 472.932432][ C0] ? process_backlog+0x33b/0x15b0 [ 472.932469][ C0] ? __pfx_process_backlog+0x10/0x10 [ 472.932500][ C0] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 472.932537][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 472.932574][ C0] __napi_poll+0xcd/0x490 [ 472.932605][ C0] net_rx_action+0x89b/0x1240 [ 472.932650][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 472.932683][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.932709][ C0] ? sched_clock+0x4a/0x70 [ 472.932749][ C0] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 472.932792][ C0] handle_softirqs+0x2c7/0x980 [ 472.932826][ C0] ? run_ksoftirqd+0xca/0x130 [ 472.932862][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 472.932892][ C0] ? preempt_schedule+0xe1/0xf0 [ 472.932929][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.932958][ C0] run_ksoftirqd+0xca/0x130 [ 472.932991][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 472.933024][ C0] ? __pfx_ksoftirqd_should_run+0x10/0x10 [ 472.933059][ C0] ? srso_alias_return_thunk+0x5/0xfbef5 [ 472.933086][ C0] ? __pfx_ksoftirqd_should_run+0x10/0x10 [ 472.933120][ C0] ? smpboot_thread_fn+0x2d3/0xa30 [ 472.933151][ C0] ? smpboot_thread_fn+0x4fb/0xa30 [ 472.933182][ C0] ? smpboot_thread_fn+0x656/0xa30 [ 472.933219][ C0] ? __pfx_run_ksoftirqd+0x10/0x10 [ 472.933252][ C0] smpboot_thread_fn+0x546/0xa30 [ 472.933285][ C0] ? smpboot_thread_fn+0x4e/0xa30 [ 472.933321][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 472.933354][ C0] kthread+0x2f2/0x390 [ 472.933376][ C0] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 472.933408][ C0] ? __pfx_kthread+0x10/0x10 [ 472.933430][ C0] ret_from_fork+0x4d/0x80 [ 472.933464][ C0] ? __pfx_kthread+0x10/0x10 [ 472.933486][ C0] ret_from_fork_asm+0x1a/0x30 [ 472.933529][ C0] [ 473.807878][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 473.814789][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc3-syzkaller-00420-g715ca9dd687f #0 [ 473.825312][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 473.835388][ T30] Call Trace: [ 473.838682][ T30] [ 473.841628][ T30] dump_stack_lvl+0x241/0x360 [ 473.846344][ T30] ? __pfx_dump_stack_lvl+0x10/0x10 [ 473.851573][ T30] ? __pfx__printk+0x10/0x10 [ 473.856184][ T30] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 473.862211][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 473.867869][ T30] ? vscnprintf+0x5d/0x90 [ 473.872238][ T30] panic+0x349/0x880 [ 473.876168][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 473.881828][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 473.888016][ T30] ? __pfx_panic+0x10/0x10 [ 473.892452][ T30] ? tick_nohz_tick_stopped+0x82/0xb0 [ 473.897863][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 473.903523][ T30] ? __irq_work_queue_local+0x137/0x410 [ 473.909101][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 473.914761][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 473.920164][ T30] ? nmi_trigger_cpumask_backtrace+0x244/0x320 [ 473.926349][ T30] ? nmi_trigger_cpumask_backtrace+0x2d4/0x320 [ 473.932538][ T30] ? srso_alias_return_thunk+0x5/0xfbef5 [ 473.938198][ T30] ? nmi_trigger_cpumask_backtrace+0x2d9/0x320 [ 473.944384][ T30] watchdog+0x1033/0x1040 [ 473.948749][ T30] ? watchdog+0x1ea/0x1040 [ 473.953206][ T30] ? __pfx_watchdog+0x10/0x10 [ 473.957915][ T30] kthread+0x2f2/0x390 [ 473.962007][ T30] ? __pfx_watchdog+0x10/0x10 [ 473.966725][ T30] ? __pfx_kthread+0x10/0x10 [ 473.971345][ T30] ret_from_fork+0x4d/0x80 [ 473.975794][ T30] ? __pfx_kthread+0x10/0x10 [ 473.980408][ T30] ret_from_fork_asm+0x1a/0x30 [ 473.985227][ T30] [ 473.988470][ T30] Kernel Offset: disabled [ 473.992789][ T30] Rebooting in 86400 seconds..