last executing test programs: 5.140532751s ago: executing program 4: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f80)='./file0\x00', 0x4000, &(0x7f0000002480)=ANY=[], 0x2, 0xc47, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3FlYxWTJwoThoXm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuSEpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfUkuatBlRlCjp+2zqtzv73sx789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN9/5dKZ59ODbgUAcD9dGfvKmbPu/wDwWLnq//8BAAAAAAAAAAAAAOCwS1HEk5Fi/sp6mqjed9Qvt/tu3R4fHtm52rFU1TxSlS9/6s+fPXf+iy8MXejm5fbsh9S/1z4Tr41dvdR4ee7m/ML04uL0VGN8tj05NzW95z3st/52g9UJaNx8/dbU9euLjbPPndvy8e2B9/ufODlwceiZ0093y44Pj4yM3SlS7y1fu+uGdOw2w+NoFHE6Ujz73Z+kVkQUsf9zUb+/Y7/dsaoTg1UnxodHqo7MtFuzS+WHo90TUUQ0eio1u+do57GIWt997cPumhHLZfPLBg+W3Rubby20rs1MN0ZbC0vtpfbc7GjqtLbsTyOKuJAiViJirf+Du+uLImqR4tsn1tO1iDjSPQ9fqCYG796O4gD7uAdlOxt9ESvFQzBmh1h/FPFqpPjpO6diMl9nqmvN5yNeLfP7EW+V+VJEKr8Y5yPe2+F7xMOpFkX8ZTn+F9fTVHU96F5XLn+18eXZ63M9ZbvXlV/y/vCBK8UDuj8c25b3xyG/NtWjiFZ1xV9Pd/+bHQAAAAAAAAAAAAAAAADutWNRxKcjxSv/8cfVvOKo5qWfuDj0BwO/0jtn/KmP2E9Z9rmIWC72Nif3aJ4YOJpGU3rAc4kfZ/Uo4k/y/L9vPujGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdU2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXOlnN+6/qF7l+zomcyzlXcq7mXMsZR3L9nM2cEzmXc67kXM25ljNquX7OZs6JnMs5V3Ku5lzLGYdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdJEUX8PFJ86+vrKVJENCMmopOr/Q+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fjD5ua2WkSk6t+OU+Uv56N5tMyPR3OozJeieSlnq8pa85sPoP3sT18q4keRor/+9uaA5/Hv67zb/BrEW9+48+4ztU4e6X448H7/EydPXBwa+fWndnuddmrA4OX27K3bjfHhkZGxns21fPSP92wbyMct7k3XiYjFN958vTUzM71w9y/Kr8AuH21sbPxZeZT9HuKQvEi1XXv6WL4oh/YQNOMAO1g7FM14YIPLo668/78XKX7n3f/s3vCr+39ts8TmHT5+9qd37v8vbt/RHu//te318v2/vKfvdP9/smfbi/l3I321iPrSzfm+kxH1xTfePN2+2boxfWN69vyZM18aGvrSuTN9RyPq19sz0z2v9n+uAAAAAAAAAAAAAAAAAO6rVMTvRYrWj9ZTIyJuV/O1Bi4OPXP66SNxpJpvtWXe9mtjVy81Xp67Ob8wvbg4PdUYn21Pzk1N7/Vw9Wq61/jwyIF05iMdO+D2H6u/PDf/xkL7xh8t7fj58fqla4tLC63JnT+OY1FENHu3DFYNHh8eqRo9027NVlVHd5xM/8vrS0X8V6SYPN9In8vb8vz/7TP8t8z/X96+owOa//+xnm3lMVMq4meR4rf/6qn4XNXO4/GBc5bL/V2kGLzw2Vwujpblum3oPFegMzOwLPt/keKffr61bHc+5JN3yj6/5xP7kCjH/0Sk+N5ffCd+I2/b+vyHncf/+PYdHdD4f6Jn2/EtzyvYd9fJ4386Urz05Nvxm3nbhz3/o/vsjVO58ObzOQ5o/D/Zs20gH/e37k3XAQAAAAAAAAAAHmp9qYi/jxQ/GKmlF/K2vfz9v6ntOzqgv//1qZ5tU/dmvaKPfLHvkwoAAAAAh0RfKuLHkeLG0tubc6i3zv/umf/5u3fmfw6nbZ9Wf873q9VzA+7ln//1GsjHndh/twEAAAAAAAAAAAAAAAAAAOBQSamIF/J66hPVfP6pXddTX40Ur/zPs7lcOlmW664DP1D9Wr8yN3v60szM3GRrqXVtZroxNt+anC7rfiJSrP/tZ3PdolpfvbvefGeN93otIqq12Bcixcg/dMt21mLvrk3eWQ+8sxZ7WfZjkeK//3Fr2e461p+8U/ZsWfZvIsXX/mXnsifvlD1Xlv1OpPjh1xrdssfLst3no37qTtnnJueKAxgVAAAAAAAAAAAAAAAAAAAAHjd9qYg/jxT/e3Nlcy5/Xv+/r+dt5a1v9Kz3v83tap3/gWr9/91e3836/9VzBZZ3OyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyaUhTxZqSYv7KeVvvL9x31y+3ZW7fHh0d2rnYsVTWPVOXLn/rzZ8+d/+ILQxe6+eH177VPx2tjVy81Xp67Ob8wvbg4PdUYn21Pzk1N73kPu9ev31WLBqsT0Lj5+q2p69cXG2efO7fl49sD7/c/cXLg4tAzp5/ulh0fHhkZ6ylT67urI+8o7bL9aBTx15Hi2e/+JP2gP6KIDz0Xe/IR352DdqzqxGDVifHhkaojM+3W7FL54Wj3RBQRjZ5Kze45ug9jsS/NiOWy+WWDB8vujc23FlrXZqYbo62FpfZSe252NHVaW/anEUVcSBErEbHW/8Hd9UURr0eKb59YT//aH3Gkex6+cGXsK2fO7t6O4gD7uAdlOxt9ESvFQzBmh1h/FPHPkeKn75yKf+uPqEXnJz4f8WqZ3494KzrjncovxvmI93b4HvFwqkUR/1+O/8X19E5/eT3oXlcuf7Xx5dnrcz1lu9eVh/7+cD8d8mtTPYr4YXXFX0//7r9rAAAAAAAAAAAAAAAAgEOkiF+LFC++eypV84M35xS3Z280rrauzXSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjSK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs545DM3QMAAAAAAAAAAAAAAAAAAB4tRfVPim99fT1t9HfWl56ITq5aD/SR94sAAAD//8or9Fc=") r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0) pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) lseek(r0, 0x0, 0x4) sendfile(r0, r0, &(0x7f00000001c0), 0x7fa) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 4.290398335s ago: executing program 3: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x220000, 0x0) openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = creat(&(0x7f00000015c0)='./file0\x00', 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfecc) r3 = memfd_secret(0x0) fcntl$setlease(r3, 0x400, 0x0) fremovexattr(r3, &(0x7f0000000000)=@known='system.posix_acl_access\x00') ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) clock_nanosleep(0x4, 0x0, &(0x7f00000000c0), &(0x7f0000000140)) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={0x0}}, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) 4.141805101s ago: executing program 3: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001280)=@mangle={'mangle\x00', 0x2, 0x6, 0x750, 0x1b0, 0x0, 0x290, 0x290, 0x0, 0x680, 0x680, 0x680, 0x680, 0x680, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [], 'pimreg0\x00', 'macvtap0\x00', {}, {}, 0x21}, 0x0, 0x188, 0x1b0, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @mcast2, @private2}}, @common=@inet=@multiport={{0x50}}]}, @HL={0x28}}, {{@ipv6={@mcast2, @dev, [], [], 'veth1_macvtap\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@ipv6={@ipv4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0, 0x48000000}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @mcast2, @private1, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7b0) 3.982935241s ago: executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x2}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 3.90147615s ago: executing program 2: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x6000, 0x1) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x5}, 0x8) close(r1) chdir(&(0x7f00000003c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x25, 0x11, @void}, 0x10) ioctl$FS_IOC_SETVERSION(r3, 0x40087602, &(0x7f0000000240)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mlock2(&(0x7f0000131000/0x3000)=nil, 0x3000, 0x0) 3.900558731s ago: executing program 0: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_QUERY(0x4, &(0x7f0000000440)={@cgroup=r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 3.651917537s ago: executing program 4: r0 = open(&(0x7f0000000140)='./bus\x00', 0x400145042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r0, 0x0) r1 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0) fallocate(r1, 0x0, 0x0, 0x950e) r2 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$inet_int(r2, 0x10d, 0x2, &(0x7f0000003780), &(0x7f00000000c0)=0x4) 3.647387042s ago: executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) getsockopt$inet6_int(r0, 0x29, 0x1, 0x0, &(0x7f0000001e80)) 3.561038781s ago: executing program 2: syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000240)='./file0\x00', 0x80000c, &(0x7f0000000280)=ANY=[@ANYBLOB="63726561746f723d7fcbf4272c6e6c733d6d61636761656c69632c626172726965722c706172743d3078303030303030303030303030303030332c756d61736b3d30303030303030303030303030303030303030303030312c756d61736b3d30303030303030303030303030303030303030303031312c666f7263652c6465636f6d706f73652c6769643d", @ANYRESHEX=0x0, @ANYBLOB="2c007610c9d02936ecf13dfa65a82daf8a6e42aee9fe0000000000000005e9deeb942b0905425944c592a1d2fce9065b9f7643fd9ca2c85f2143f0f9d494f1a9bcd3ecd0ea87a97597231bd9a15a59e0dea0e6"], 0x2, 0x6da, &(0x7f0000000580)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054ZAyVXHQCGXnHRTmdmZ1Ur7lKzHJv39xMx8M99z/rMzsw/EBPB/a3k2ys8iieXZN7fS9d2dhebEzsJUnt2MiEpElCLKrUUka5Hl3smn+Ha6MS+f9Ovnw9Wltz//aveL1lo5n7LypUH1eqh0b9rOp6hHxES+7DbZp8VPjnZ/qL27fdsbVdLewzRgN4rAxV+eq1V4bvtdttt5H/8nmw+qfpzzFhhTSeu+2WUmYjoiqhGtu35+dSid7+hO3/ZFDwAAAACOq3b8Ki/sxV5sxaWzGA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8U+XP/0/yqVSk65EUz/+v5NsiT4+h4Q9C/GyqtXx29oMBAAAAAAAAgDP36l7sxVZcKtb3k+w3/9c6fuP/VrwXG7ES63EztqIRm7EZ6zEfETMdDVW2Gpub6/NZzYgrA2rejk971Lzdf4x3TnmfAQAAAAAAAGDMVYfkP5zs3vb7WD74/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZBEjHRWmTTlSI9E6VyRFQjopKW2474tEh/TSS9Nj47/3EAAADAc6keXk2qI9R54f3Yi624VKzvJ9ln/mvZ5+VqvBdrsRmrsRnNWIl7+Wfo9FN/aXdnobm7s/Aonbrb/emXxxp61mK0vnvo3fPLWYla3I/VbMvNuBtJ7GdKeSsv7+4spMtHvcf1QTqm5Ce5AaOZ6EjfS2fXP8nSfz78LUL5WLt4QqW+OTNZ7mQ7InP52NIal4sI9I7E0KNTHtjTfJTa3/xcGdxT75h/MLj36SOlen5zcyGORuJ2lNpH6NrgSER89x8f//pBc+3hg/sbs+OzSz29P7TE0UgsdETi+jcoEsPNZZG42l5fjl/Er2I2vpx6K9ZjNX4TjdiMlXqR38hfz+l8ZnCkPpvuXHtr2EjSc7Levn71GlM9Do0p6vHzLNWI17JjeilWI4nHEbESb2R/t2O+fTU4OMJXRzjrSyNcaTvc+F62aIcpav3L/m20Jk9LGtfLHXHtvObOZHmdWw6i9GLPKBX3utHvRx3K38kTaQt/GHh/OG9HIzHfEYmX+r1eWiH9634632iuPVx/0Hh3xP5ez5fpefSnsbpLpEf4xajmO3c5myfZOTWX5b3UvsMejlcl/8WlpdSVd7Vdr3Wm/jIex71DZ+oPYzEWYykrfS0rPdl1x0rzrrdbOnwNT/PSd1rl9g87ne+3Hkez9X4IgPE2/f3pSu2/tX/XPqr9sfag9mb1Z1M/mnqlEpP/mvxxeW7i9dIryd/jo/jdwed/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg5DaePH3YaDZX1nsnSr2zksG1Gs394kFiA8ocSiT5o3JGKJxsPHm6P7TBwYmpfHgnrH6aieJpjcML189wGMn20eNVHX4siqc8jdBF0hXwtPKJx1z0fLBlcgwO5dFE/fQaLF6wHVnHf/XWeh2viYjoVXjIhWPiNK4+wEW6tfno3VsbT57+YPVR452Vd1bWJhcXl+aWFt9YuHV/tbky15p3VDiXh98C56Hz7URbJSJeHV53wINaAQAAAAAAAAAAgDN0Hv8LcdH7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHy9Lc9G+VkkMT93cy5d391ZaKZTkT4oWY6IUkQkv41I/hlxJ1pTzHQ0l/Tr58PVpbc//2r3i4O2ykX5UsR233qj2c6nqEfERL48rfbuDm+vcpCc6pGdtCOTBuxGETi4aP8LAAD//7co7JU=") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000000880)=""/150, 0x96) 3.504790087s ago: executing program 0: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10) open(&(0x7f00000000c0)='./file0\x00', 0x1afbc2, 0x0) signalfd(0xffffffffffffffff, &(0x7f0000001100)={[0xfffffffffffffffc]}, 0x8) signalfd(0xffffffffffffffff, &(0x7f0000000100), 0x8) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) readlinkat(0xffffffffffffff9c, 0x0, 0x0, 0x0) pselect6(0x33, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0xff}, 0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) 3.325689088s ago: executing program 1: r0 = socket$inet(0x2, 0x2, 0x1) sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="96bc1480bb58", 0x6}], 0x2, &(0x7f0000000040)=[@ip_retopts={{0x18, 0x0, 0x7, {[@cipso={0x86, 0x8, 0x3, [{0x0, 0x2}]}]}}}], 0x18}, 0x0) 3.275843137s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000002a000103000000000000000006"], 0x2c}}, 0x0) 3.176702505s ago: executing program 2: ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x3ff, 0x0, 0x0, 0x0, 0x0, "fffffffffffff1ff"}) r0 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000001a80)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.dequeue\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0xfea7) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000980), &(0x7f0000000080)=0x8) 3.127169685s ago: executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001280)=@mangle={'mangle\x00', 0x2, 0x6, 0x750, 0x1b0, 0x0, 0x290, 0x290, 0x0, 0x680, 0x680, 0x680, 0x680, 0x680, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [], 'pimreg0\x00', 'macvtap0\x00', {}, {}, 0x21}, 0x0, 0x188, 0x1b0, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @mcast2, @private2}}, @common=@inet=@multiport={{0x50}}]}, @HL={0x28}}, {{@ipv6={@mcast2, @dev, [], [], 'veth1_macvtap\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@ipv6={@ipv4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0, 0x48000000}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @mcast2, @private1, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7b0) 3.041472437s ago: executing program 4: r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r1, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @loopback}, 0x4}}, 0x2e) syz_emit_ethernet(0x46, &(0x7f00000001c0)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0) 2.950776675s ago: executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x8, &(0x7f00000003c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000000000)="e06921e8682d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 2.949290076s ago: executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = socket$kcm(0x10, 0x2, 0x4) sendmsg$kcm(r1, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400c0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0) 2.858018606s ago: executing program 4: syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f80)='./file0\x00', 0x4000, &(0x7f0000002480)=ANY=[], 0x2, 0xc47, &(0x7f0000000fc0)="$eJzs3UFsHNd9B+D/Gy3FlYxWTJwoThoXm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuSEpdmCIJkmpkI22ZXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfUkuatBlRlCjp+2zqtzv73sx789YzsqA3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiN9/5dKZ59ODbgUAcD9dGfvKmbPu/wDwWLnq//8BAAAAAAAAAAAAAOCwS1HEk5Fi/sp6mqjed9Qvt/tu3R4fHtm52rFU1TxSlS9/6s+fPXf+iy8MXejm5fbsh9S/1z4Tr41dvdR4ee7m/ML04uL0VGN8tj05NzW95z3st/52g9UJaNx8/dbU9euLjbPPndvy8e2B9/ufODlwceiZ0093y44Pj4yM3SlS7y1fu+uGdOw2w+NoFHE6Ujz73Z+kVkQUsf9zUb+/Y7/dsaoTg1UnxodHqo7MtFuzS+WHo90TUUQ0eio1u+do57GIWt997cPumhHLZfPLBg+W3Rubby20rs1MN0ZbC0vtpfbc7GjqtLbsTyOKuJAiViJirf+Du+uLImqR4tsn1tO1iDjSPQ9fqCYG796O4gD7uAdlOxt9ESvFQzBmh1h/FPFqpPjpO6diMl9nqmvN5yNeLfP7EW+V+VJEKr8Y5yPe2+F7xMOpFkX8ZTn+F9fTVHU96F5XLn+18eXZ63M9ZbvXlV/y/vCBK8UDuj8c25b3xyG/NtWjiFZ1xV9Pd/+bHQAAAAAAAAAAAAAAAADutWNRxKcjxSv/8cfVvOKo5qWfuDj0BwO/0jtn/KmP2E9Z9rmIWC72Nif3aJ4YOJpGU3rAc4kfZ/Uo4k/y/L9vPujGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdU2kletcUb8/eaFxtXZvprArbXfu3u2b6xsbGRiN1splzIudyzpWcqznXOlnN+6/qF7l+zomcyzlXcq7mXMsZR3L9nM2cEzmXc67kXM25ljNquX7OZs6JnMs5V3Ku5lzLGYdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEdJEUX8PFJ86+vrKVJENCMmopOr/Q+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fjD5ua2WkSk6t+OU+Uv56N5tMyPR3OozJeieSlnq8pa85sPoP3sT18q4keRor/+9uaA5/Hv67zb/BrEW9+48+4ztU4e6X448H7/EydPXBwa+fWndnuddmrA4OX27K3bjfHhkZGxns21fPSP92wbyMct7k3XiYjFN958vTUzM71w9y/Kr8AuH21sbPxZeZT9HuKQvEi1XXv6WL4oh/YQNOMAO1g7FM14YIPLo668/78XKX7n3f/s3vCr+39ts8TmHT5+9qd37v8vbt/RHu//te318v2/vKfvdP9/smfbi/l3I321iPrSzfm+kxH1xTfePN2+2boxfWN69vyZM18aGvrSuTN9RyPq19sz0z2v9n+uAAAAAAAAAAAAAAAAAO6rVMTvRYrWj9ZTIyJuV/O1Bi4OPXP66SNxpJpvtWXe9mtjVy81Xp67Ob8wvbg4PdUYn21Pzk1N7/Vw9Wq61/jwyIF05iMdO+D2H6u/PDf/xkL7xh8t7fj58fqla4tLC63JnT+OY1FENHu3DFYNHh8eqRo9027NVlVHd5xM/8vrS0X8V6SYPN9In8vb8vz/7TP8t8z/X96+owOa//+xnm3lMVMq4meR4rf/6qn4XNXO4/GBc5bL/V2kGLzw2Vwujpblum3oPFegMzOwLPt/keKffr61bHc+5JN3yj6/5xP7kCjH/0Sk+N5ffCd+I2/b+vyHncf/+PYdHdD4f6Jn2/EtzyvYd9fJ4386Urz05Nvxm3nbhz3/o/vsjVO58ObzOQ5o/D/Zs20gH/e37k3XAQAAAAAAAAAAHmp9qYi/jxQ/GKmlF/K2vfz9v6ntOzqgv//1qZ5tU/dmvaKPfLHvkwoAAAAAh0RfKuLHkeLG0tubc6i3zv/umf/5u3fmfw6nbZ9Wf873q9VzA+7ln//1GsjHndh/twEAAAAAAAAAAAAAAAAAAOBQSamIF/J66hPVfP6pXddTX40Ur/zPs7lcOlmW664DP1D9Wr8yN3v60szM3GRrqXVtZroxNt+anC7rfiJSrP/tZ3PdolpfvbvefGeN93otIqq12Bcixcg/dMt21mLvrk3eWQ+8sxZ7WfZjkeK//3Fr2e461p+8U/ZsWfZvIsXX/mXnsifvlD1Xlv1OpPjh1xrdssfLst3no37qTtnnJueKAxgVAAAAAAAAAAAAAAAAAAAAHjd9qYg/jxT/e3Nlcy5/Xv+/r+dt5a1v9Kz3v83tap3/gWr9/91e3836/9VzBZZ3OyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyaUhTxZqSYv7KeVvvL9x31y+3ZW7fHh0d2rnYsVTWPVOXLn/rzZ8+d/+ILQxe6+eH177VPx2tjVy81Xp67Ob8wvbg4PdUYn21Pzk1N73kPu9ev31WLBqsT0Lj5+q2p69cXG2efO7fl49sD7/c/cXLg4tAzp5/ulh0fHhkZ6ylT67urI+8o7bL9aBTx15Hi2e/+JP2gP6KIDz0Xe/IR352DdqzqxGDVifHhkaojM+3W7FL54Wj3RBQRjZ5Kze45ug9jsS/NiOWy+WWDB8vujc23FlrXZqYbo62FpfZSe252NHVaW/anEUVcSBErEbHW/8Hd9UURr0eKb59YT//aH3Gkex6+cGXsK2fO7t6O4gD7uAdlOxt9ESvFQzBmh1h/FPHPkeKn75yKf+uPqEXnJz4f8WqZ3494KzrjncovxvmI93b4HvFwqkUR/1+O/8X19E5/eT3oXlcuf7Xx5dnrcz1lu9eVh/7+cD8d8mtTPYr4YXXFX0//7r9rAAAAAAAAAAAAAAAAgEOkiF+LFC++eypV84M35xS3Z280rrauzXSm9XXn/nXnTG9sbGw0UiebOSdyLudcybmacy1nFLl+zmaZ9Y2Nifx+OedKztWcaznjSK6fs5lzIudyzpWcqznXckYt18/ZzDmRcznnSs7VnGs545DM3QMAAAAAAAAAAAAAAAAAAB4tRfVPim99fT1t9HfWl56ITq5aD/SR94sAAAD//8or9Fc=") r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0) pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0) lseek(r0, 0x0, 0x4) sendfile(r0, r0, &(0x7f00000001c0), 0x7fa) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 2.786302178s ago: executing program 2: mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) bpf$BPF_PROG_QUERY(0x4, &(0x7f0000000440)={@cgroup=r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) 2.758461084s ago: executing program 1: mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) mknodat$loop(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x6000, 0x1) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x5}, 0x8) close(r1) chdir(&(0x7f00000003c0)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r3 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x25, 0x11, @void}, 0x10) ioctl$FS_IOC_SETVERSION(r3, 0x40087602, &(0x7f0000000240)=0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mlock2(&(0x7f0000131000/0x3000)=nil, 0x3000, 0x0) 2.7244017s ago: executing program 3: r0 = openat$smackfs_ipv6host(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="10000000000101"], 0xcc}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000340)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0xe, 0x9cc}]}}}]}, 0x3c}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x74, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}]}, 0x74}}, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x6, 0x756, &(0x7f00000002c0)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4") chdir(&(0x7f0000000240)='./file0\x00') r7 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000003d) fcntl$setsig(0xffffffffffffffff, 0xa, 0x21) truncate(0x0, 0x90000) ioctl$FS_IOC_ENABLE_VERITY(r7, 0x40806685, &(0x7f0000000b00)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x20, 0x3b, 0x107, 0x0, 0x0, {0x2, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x17, 0x0, 0x0, @str='\x06\xdd'}]}]}, 0x20}}, 0x0) r9 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r9, 0xc2604111, &(0x7f0000000040)={0x0, [[0x859], [0x0, 0x1], [0x9]], '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x20}]}) close_range(r0, r9, 0x0) 2.639930299s ago: executing program 2: socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x10) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[], 0x0, 0x37}, 0x20) socket(0xa, 0x0, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001080)=ANY=[@ANYBLOB="380000000314010000000000000000000900020053797a3100"], 0x38}}, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0xfff}, 0x38) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) statx(0xffffffffffffffff, 0x0, 0x6000, 0x0, &(0x7f0000000ec0)) 2.387239146s ago: executing program 0: r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b90402000000e8fe55a1180015000600142603600e1209000a0000000401a80016000a00114006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee0800089e408e8d8ef52b49816277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970100040000", 0xd8}], 0x1}, 0x0) 2.265169981s ago: executing program 0: syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x0, 0x5}, 0x48) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdir(&(0x7f00000001c0)='./control\x00', 0x0) socket$inet6(0xa, 0x0, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000940), 0xffffffffffffffff) sendmsg$IPVS_CMD_SET_SERVICE(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x44, r5, 0x605, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}, @IPVS_SVC_ATTR_PORT={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}]}]}, 0x44}}, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20840801}, 0xc, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000227bd7000fedbdf25110000001c000180090006006c626c63000000000c0007ad000000040000000062535be9b070fd26ba042dad7535ad4220c86b89f89e25d88be9d778e059b93a7caeb76b1112679f9b7e212d"], 0x30}, 0x1, 0x0, 0x0, 0x24004000}, 0x4004) r6 = msgget$private(0x0, 0x0) msgsnd(r6, 0x0, 0x0, 0x0) syz_emit_ethernet(0x32, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_STATION(0xffffffffffffffff, 0x0, 0x0) r7 = socket$igmp(0x2, 0x3, 0x2) setsockopt$MRT_INIT(r7, 0x0, 0xc8, 0x0, 0x0) setsockopt$MRT_FLUSH(r7, 0x0, 0xd4, &(0x7f0000000080)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b18, &(0x7f0000000000)={'wlan1\x00'}) 2.250692345s ago: executing program 4: r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'bond0\x00', 0x800}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000540)='kfree\x00', r0}, 0x10) r1 = socket$kcm(0x10, 0x2, 0x0) r2 = accept4$tipc(0xffffffffffffffff, &(0x7f0000000100)=@name, &(0x7f0000000140)=0x10, 0x80800) accept4$tipc(r2, &(0x7f0000000180), &(0x7f00000001c0)=0x10, 0x80800) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000bfa20000"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x48}}, 0x0) sendmsg$IPSET_CMD_DEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)={0x44, 0xa, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_ADT={0x14, 0x8, 0x0, 0x1, [{0x10, 0x7, 0x0, 0x1, @IPSET_ATTR_NAME={0x9, 0x12, 'syz2\x00'}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_LINENO={0x8}]}, 0x44}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) 1.234158233s ago: executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000003c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x2}) io_uring_enter(r2, 0x47f6, 0x0, 0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0) 1.223154522s ago: executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001280)=@mangle={'mangle\x00', 0x2, 0x6, 0x750, 0x1b0, 0x0, 0x290, 0x290, 0x0, 0x680, 0x680, 0x680, 0x680, 0x680, 0x6, 0x0, {[{{@ipv6={@mcast1, @private1, [], [], 'pimreg0\x00', 'macvtap0\x00', {}, {}, 0x21}, 0x0, 0x188, 0x1b0, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @mcast2, @private2}}, @common=@inet=@multiport={{0x50}}]}, @HL={0x28}}, {{@ipv6={@mcast2, @dev, [], [], 'veth1_macvtap\x00', 'veth1_vlan\x00'}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@ipv6={@ipv4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], '\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0xd0, 0x48000000}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @mcast2, @private1, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}}]}, @HL={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7b0) 1.073074374s ago: executing program 3: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000500a3d50000000d18116764", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000003000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x8, 0x10001, 0x9, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='ext4_free_blocks\x00', r1}, 0x10) bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0) write$cgroup_int(r2, &(0x7f0000000100), 0x1001) ioctl$SIOCSIFHWADDR(r2, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 219.431446ms ago: executing program 0: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xb0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x100, 0xfd, 0x9, 0x1, 0x1}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r3}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, &(0x7f0000000040)=""/141, &(0x7f0000000500), &(0x7f0000000280), 0x4, r3}, 0x38) 0s ago: executing program 1: accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8001, 0x20000008f}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_open_procfs(0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x4) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) quotactl_fd$Q_SETINFO(r3, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x5}) fanotify_init(0x0, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) fsopen(&(0x7f0000000100)='devtmpfs\x00', 0x0) r4 = socket(0x1d, 0x3, 0x1) getsockopt$nfc_llcp(r4, 0x65, 0x0, 0x0, 0x200000b1) r5 = syz_open_dev$dmmidi(&(0x7f0000000200), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r5, 0xc0305710, &(0x7f0000000000)={0x1, 0x1, 0x8000000000000000}) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$tty20(0xc, 0x4, 0x1) r6 = socket$nl_rdma(0x10, 0x3, 0x14) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x10, 0x140c, 0x329}, 0x10}, 0x1, 0x0, 0x0, 0x1}, 0x0) kernel console output (not intermixed with test programs): 4-1: USB disconnect, device number 12 [ 389.457457][ T45] kernel write not supported for file /vcsa1 (pid: 45 comm: kworker/1:1) [ 389.643422][ T9948] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 389.693888][ T9951] syz-executor.2: attempt to access beyond end of device [ 389.693888][ T9951] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0 [ 389.761133][ T9951] MINIX-fs: unable to read superblock [ 389.810182][ T9954] ebt_among: dst integrity fail: 101 [ 389.892525][ T9954] dummy0: entered promiscuous mode [ 389.916619][ T9956] loop4: detected capacity change from 0 to 256 [ 389.940195][ T9954] dummy0: left promiscuous mode [ 390.102409][ T9934] loop1: detected capacity change from 0 to 32768 [ 390.728637][ T9978] dccp_close: ABORT with 5 bytes unread [ 391.300849][ T9968] loop0: detected capacity change from 0 to 32768 [ 391.328228][ T9968] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section quota: wrong size (got 64 should be 80) [ 391.328228][ T9968] quota (size 64): [ 391.328228][ T9968] user: flags 0 space timelimit 0 warnlimit 0 inodes timelimit 711484258 warnlimit 2036689706 [ 391.328228][ T9968] group: flags aaea1671717e5b18 space timelimit 1518851844 warnlimit 3785740842 inodes timelimit 534930915 warnlimit 47155850 [ 391.328228][ T9968] project: flags 727ed5d04b39ebee space timelimit 5 warnlimit 9 inodes timelimit 9 warnlimit 0 [ 391.328228][ T9968] [ 391.840836][ T5158] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 391.879963][ T9985] loop1: detected capacity change from 0 to 32768 [ 392.059307][ T5158] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 392.076286][ T5158] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 392.109530][ T5158] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping [ 392.127835][ T9998] loop2: detected capacity change from 0 to 64 [ 392.147071][ T5158] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 392.156623][ T5158] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 392.164667][ T5158] usb 4-1: Product: syz [ 392.186244][ T5158] usb 4-1: Manufacturer: syz [ 392.196086][ T5158] usb 4-1: SerialNumber: syz [ 392.225446][ T29] kauditd_printk_skb: 23 callbacks suppressed [ 392.225502][ T29] audit: type=1800 audit(1719224417.503:577): pid=10000 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1967 res=0 errno=0 [ 392.271362][T10000] Bluetooth: MGMT ver 1.22 [ 392.275886][T10000] Bluetooth: hci3: invalid length 0, exp 2 for type 27 [ 392.280039][ T9998] MINIX-fs: bad superblock or unable to read bitmaps [ 392.355124][T10002] Bluetooth: hci3: service_discovery: too big uuid_count value 12839 [ 392.423944][ T5158] usb 4-1: 0:2 : does not exist [ 392.455093][T10006] loop4: detected capacity change from 0 to 64 [ 392.474336][ T5158] usb 4-1: USB disconnect, device number 13 [ 393.246816][T10005] loop0: detected capacity change from 0 to 32768 [ 393.707118][T10033] loop3: detected capacity change from 0 to 512 [ 394.367369][T10005] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=xxhash,data_checksum=none,compression=gzip,nojournal_transaction_names [ 394.393031][T10033] Quota error (device loop3): v2_read_file_info: Can't read info structure [ 394.401818][T10033] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 394.420092][T10033] EXT4-fs (loop3): mount failed [ 394.455595][T10005] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 394.565777][T10005] bcachefs (loop0): alloc_read... done [ 394.588652][T10005] bcachefs (loop0): stripes_read... done [ 394.619687][T10005] bcachefs (loop0): snapshots_read... done [ 394.667497][T10005] bcachefs (loop0): journal_replay... done [ 394.700792][T10005] bcachefs (loop0): resume_logged_ops... done [ 394.785606][T10005] bcachefs (loop0): going read-write [ 394.829234][T10005] bcachefs (loop0): done starting filesystem [ 395.177137][ T8298] bcachefs (loop0): shutting down [ 395.182240][ T8298] bcachefs (loop0): going read-only [ 395.192070][ T8298] bcachefs (loop0): finished waiting for writes to stop [ 395.216791][ T8298] bcachefs (loop0): flushing journal and stopping allocators, journal seq 11 [ 395.299862][ T8298] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 12 [ 395.519174][ T8298] bcachefs (loop0): shutdown complete, journal seq 13 [ 395.829222][ T8298] bcachefs (loop0): marking filesystem clean [ 396.357987][ T8298] bcachefs (loop0): shutdown complete [ 396.429274][T10061] Bluetooth: hci4: command 0x0406 tx timeout [ 396.712206][T10071] loop1: detected capacity change from 0 to 2048 [ 396.883285][T10071] loop1: detected capacity change from 0 to 512 [ 397.340211][T10079] loop3: detected capacity change from 0 to 512 [ 397.596887][T10079] Quota error (device loop3): v2_read_file_info: Can't read info structure [ 397.606176][T10079] EXT4-fs warning (device loop3): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix. [ 397.628710][T10079] EXT4-fs (loop3): mount failed [ 398.039750][T10087] loop2: detected capacity change from 0 to 512 [ 398.077139][T10087] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 398.301180][T10087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 398.316422][T10087] ext4 filesystem being mounted at /root/syzkaller-testdir2107695198/syzkaller.JiTrzx/68/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff) [ 398.464146][T10087] EXT4-fs error (device loop2): ext4_find_dest_de:2111: inode #2: block 3: comm syz-executor.2: bad entry in directory: directory entry overrun - offset=60, inode=15, rec_len=46528, size=2048 fake=0 [ 398.523676][T10102] syz-executor.2[10102] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.523980][T10102] syz-executor.2[10102] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.669412][ T29] audit: type=1326 audit(1719224423.953:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 398.703503][ C0] vkms_vblank_simulate: vblank timer overrun [ 398.710542][T10109] netlink: 'syz-executor.4': attribute type 6 has an invalid length. [ 398.711523][T10087] syz-executor.2[10087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.732718][ T29] audit: type=1326 audit(1719224423.953:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 398.745386][T10087] syz-executor.2[10087] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 398.778447][ T29] audit: type=1326 audit(1719224423.953:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 398.821737][T10102] Quota error (device loop2): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 398.861024][T10102] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 398.867649][T10109] loop4: detected capacity change from 0 to 736 [ 398.878850][ T29] audit: type=1326 audit(1719224423.953:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 398.902971][T10102] EXT4-fs error (device loop2): ext4_acquire_dquot:6860: comm syz-executor.2: Failed to acquire dquot type 0 [ 398.948590][ T29] audit: type=1326 audit(1719224423.953:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 398.970614][ C0] vkms_vblank_simulate: vblank timer overrun [ 399.061294][ T29] audit: type=1326 audit(1719224423.953:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 399.084112][ T29] audit: type=1326 audit(1719224423.953:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10108 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 399.106123][ C0] vkms_vblank_simulate: vblank timer overrun [ 399.135830][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 399.229153][T10119] loop3: detected capacity change from 0 to 512 [ 399.413360][T10119] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6 [ 399.764394][T10111] loop0: detected capacity change from 0 to 40427 [ 399.794487][T10111] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 399.807705][T10111] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 399.842609][T10137] loop2: detected capacity change from 0 to 4096 [ 399.860043][T10111] F2FS-fs (loop0): Found nat_bits in checkpoint [ 399.910388][T10143] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 399.995098][T10111] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 400.011022][T10111] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 400.188776][T10146] syz-executor.0: attempt to access beyond end of device [ 400.188776][T10146] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 400.293757][ T763] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.436528][ T5173] IPVS: starting estimator thread 0... [ 400.460200][T10151] IPVS: nq: TCP 172.20.20.170:0 - no destination available [ 400.599417][T10153] IPVS: using max 16 ests per chain, 38400 per kthread [ 400.646252][T10146] syz-executor.0: attempt to access beyond end of device [ 400.646252][T10146] loop0: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 400.665643][T10145] xt_CT: No such helper "syz0" [ 400.681107][T10150] loop4: detected capacity change from 0 to 4096 [ 400.699684][ T763] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 400.755002][T10155] syz-executor.0: attempt to access beyond end of device [ 400.755002][T10155] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 400.775954][T10155] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 400.871981][T10150] ntfs3: loop4: Inode r=5 is not in use! [ 400.906274][T10150] ntfs3: loop4: Failed to load root (-116). [ 400.993818][ T763] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.133108][T10158] loop2: detected capacity change from 0 to 2048 [ 401.160734][ T763] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 401.184585][T10158] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 401.395091][T10061] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 401.411257][T10061] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 401.425268][T10166] loop1: detected capacity change from 0 to 512 [ 401.438666][T10061] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 401.456959][T10061] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 401.468475][T10061] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 401.477734][T10061] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 401.572733][ T763] bridge_slave_1: left allmulticast mode [ 401.578632][ T763] bridge_slave_1: left promiscuous mode [ 401.584496][ T763] bridge0: port 2(bridge_slave_1) entered disabled state [ 401.634102][ T763] bridge_slave_0: left allmulticast mode [ 401.667328][ T763] bridge_slave_0: left promiscuous mode [ 401.692723][ T763] bridge0: port 1(bridge_slave_0) entered disabled state [ 403.090841][ T763] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 403.127716][ T763] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 403.150350][ T763] bond0 (unregistering): Released all slaves [ 403.526447][T10061] Bluetooth: hci3: command tx timeout [ 403.662017][T10186] loop2: detected capacity change from 0 to 40427 [ 403.697397][ T29] kauditd_printk_skb: 52 callbacks suppressed [ 403.697419][ T29] audit: type=1326 audit(1719224428.983:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f425587a827 code=0x7ffc0000 [ 403.703445][T10186] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 403.705077][ T29] audit: type=1326 audit(1719224428.983:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f42558404e9 code=0x7ffc0000 [ 403.748899][T10186] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 403.807113][ T29] audit: type=1326 audit(1719224428.983:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f425587a827 code=0x7ffc0000 [ 403.835481][ T29] audit: type=1326 audit(1719224428.983:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f42558404e9 code=0x7ffc0000 [ 403.884299][ T29] audit: type=1326 audit(1719224428.983:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f425587a827 code=0x7ffc0000 [ 403.965032][T10186] F2FS-fs (loop2): Found nat_bits in checkpoint [ 404.032531][ T29] audit: type=1326 audit(1719224428.983:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f42558404e9 code=0x7ffc0000 [ 404.106132][ T29] audit: type=1326 audit(1719224429.043:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x7ffc0000 [ 404.391772][ T29] audit: type=1326 audit(1719224429.043:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f425587a827 code=0x7ffc0000 [ 404.651839][T10186] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 404.671857][ T29] audit: type=1326 audit(1719224429.043:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f42558404e9 code=0x7ffc0000 [ 404.707030][T10186] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 404.811101][ T29] audit: type=1326 audit(1719224429.043:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10192 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f425587a827 code=0x7ffc0000 [ 405.023153][ T763] hsr_slave_0: left promiscuous mode [ 405.052286][ T763] hsr_slave_1: left promiscuous mode [ 405.083755][ T763] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 405.104310][ T763] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 405.111300][T10217] syz-executor.2: attempt to access beyond end of device [ 405.111300][T10217] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427 [ 405.156830][ T763] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 405.164387][ T763] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 405.255748][ T763] veth1_macvtap: left promiscuous mode [ 405.266126][ T5125] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 405.283584][T10220] syz-executor.2: attempt to access beyond end of device [ 405.283584][T10220] loop2: rw=2049, sector=45224, nr_sectors = 8 limit=40427 [ 405.286913][ T763] veth0_macvtap: left promiscuous mode [ 405.336324][ T763] veth1_vlan: left promiscuous mode [ 405.352530][ T763] veth0_vlan: left promiscuous mode [ 405.458485][ T5125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 405.493400][ T5125] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.515849][ T5125] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 405.541523][ T5125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 405.565379][T10217] syz-executor.2: attempt to access beyond end of device [ 405.565379][T10217] loop2: rw=2049, sector=45232, nr_sectors = 8 limit=40427 [ 405.573585][ T5115] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 405.587370][T10217] syz-executor.2: attempt to access beyond end of device [ 405.587370][T10217] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427 [ 405.587507][T10217] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 405.616504][ T5123] Bluetooth: hci3: command tx timeout [ 405.624093][ T5123] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 405.634980][ T5123] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 405.652080][ T5123] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 405.661497][ T5123] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 405.668939][ T5123] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 405.699137][T10217] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 405.710075][ T5125] usb 1-1: config 0 descriptor?? [ 405.712652][T10217] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 405.806263][ T5173] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 406.026125][ T5173] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 406.037033][ T5173] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 406.062639][ T5173] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 406.078170][ T5173] usb 5-1: config 0 descriptor?? [ 406.148256][ T5125] hid (null): bogus close delimiter [ 406.309984][ T786] usb 5-1: USB disconnect, device number 9 [ 406.352832][ T5125] usb 1-1: language id specifier not provided by device, defaulting to English [ 406.803801][ T5125] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0006/input/input15 [ 406.899857][ T763] team0 (unregistering): Port device team_slave_1 removed [ 406.978508][ T5125] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0006/input/input16 [ 407.019000][ T5125] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0006/input/input17 [ 407.044283][ T5125] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0006/input/input18 [ 407.075541][ T5125] uclogic 0003:256C:006D.0006: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 407.087098][ T763] team0 (unregistering): Port device team_slave_0 removed [ 407.090833][ T5125] usb 1-1: USB disconnect, device number 11 [ 407.304610][T10234] loop2: detected capacity change from 0 to 32768 [ 407.332143][T10234] find_entry called with index = 0 [ 407.350712][T10234] find_entry called with index = 0 [ 407.407068][T10234] find_entry called with index >= next_index [ 407.413128][T10234] find_entry called with index >= next_index [ 407.423725][T10234] find_entry called with index >= next_index [ 407.429850][T10234] find_entry called with index >= next_index [ 407.435875][T10234] find_entry called with index >= next_index [ 407.696724][ T5123] Bluetooth: hci3: command tx timeout [ 407.776302][ T5123] Bluetooth: hci4: command tx timeout [ 407.833739][T10240] loop0: detected capacity change from 0 to 4096 [ 407.893544][T10243] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 408.427331][T10251] xt_CT: No such helper "syz0" [ 408.739699][T10163] chnl_net:caif_netlink_parms(): no params data found [ 409.013694][T10262] loop4: detected capacity change from 0 to 2048 [ 409.084272][T10262] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 409.241261][T10163] bridge0: port 1(bridge_slave_0) entered blocking state [ 409.249130][T10163] bridge0: port 1(bridge_slave_0) entered disabled state [ 409.270325][T10163] bridge_slave_0: entered allmulticast mode [ 409.278290][T10163] bridge_slave_0: entered promiscuous mode [ 409.299891][T10163] bridge0: port 2(bridge_slave_1) entered blocking state [ 409.311155][T10163] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.319076][T10163] bridge_slave_1: entered allmulticast mode [ 409.348008][T10163] bridge_slave_1: entered promiscuous mode [ 409.643872][T10163] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 409.777276][T10061] Bluetooth: hci3: command tx timeout [ 409.990266][T10061] Bluetooth: hci4: command tx timeout [ 410.128292][T10163] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 410.573974][T10258] loop2: detected capacity change from 0 to 32768 [ 410.758133][T10258] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=xxhash,compression=zstd,nojournal_transaction_names [ 410.765338][T10163] team0: Port device team_slave_0 added [ 410.776224][T10258] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 410.822897][T10163] team0: Port device team_slave_1 added [ 410.848937][T10258] bcachefs (loop2): alloc_read... done [ 410.866122][T10258] bcachefs (loop2): stripes_read... done [ 410.884000][T10258] bcachefs (loop2): snapshots_read... done [ 410.912382][T10258] bcachefs (loop2): journal_replay... done [ 410.927005][T10258] bcachefs (loop2): resume_logged_ops... done [ 410.949197][T10163] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 410.965304][T10163] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.001967][T10258] bcachefs (loop2): going read-write [ 411.045117][T10163] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 411.045746][T10258] bcachefs (loop2): done starting filesystem [ 411.059252][T10163] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 411.069187][T10163] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 411.096459][T10163] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 411.117669][T10225] chnl_net:caif_netlink_parms(): no params data found [ 411.395578][ T763] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 411.864954][T10061] Bluetooth: hci0: command 0x0406 tx timeout [ 411.916519][ T29] kauditd_printk_skb: 37 callbacks suppressed [ 411.916571][ T29] audit: type=1800 audit(1719224436.883:684): pid=10302 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=4098 res=0 errno=0 [ 412.177499][T10061] Bluetooth: hci4: command tx timeout [ 412.205441][ T29] audit: type=1800 audit(1719224436.983:685): pid=10302 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=4098 res=0 errno=0 [ 412.361742][T10302] syz-executor.2 (10302) used greatest stack depth: 12816 bytes left [ 412.418293][ T8961] bcachefs (loop2): shutting down [ 412.423398][ T8961] bcachefs (loop2): going read-only [ 412.425028][T10163] hsr_slave_0: entered promiscuous mode [ 412.428945][ T8961] bcachefs (loop2): finished waiting for writes to stop [ 412.442186][ T8961] bcachefs (loop2): flushing journal and stopping allocators, journal seq 13 [ 412.474541][T10163] hsr_slave_1: entered promiscuous mode [ 412.491854][ T8961] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 16 [ 412.504670][T10163] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 412.522104][T10163] Cannot create hsr debugfs directory [ 412.536932][ T8961] bcachefs (loop2): shutdown complete, journal seq 17 [ 412.544767][ T8961] bcachefs (loop2): marking filesystem clean [ 412.643886][ T8961] bcachefs (loop2): shutdown complete [ 412.677841][ T763] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.877369][ T763] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 412.892885][T10225] bridge0: port 1(bridge_slave_0) entered blocking state [ 412.900468][T10225] bridge0: port 1(bridge_slave_0) entered disabled state [ 412.907927][ T7476] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 412.908184][T10225] bridge_slave_0: entered allmulticast mode [ 412.923424][T10225] bridge_slave_0: entered promiscuous mode [ 412.934634][T10225] bridge0: port 2(bridge_slave_1) entered blocking state [ 412.941901][T10225] bridge0: port 2(bridge_slave_1) entered disabled state [ 412.949490][T10225] bridge_slave_1: entered allmulticast mode [ 412.957812][T10225] bridge_slave_1: entered promiscuous mode [ 413.129457][ T763] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 413.131038][ T7476] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 413.182379][ T7476] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 413.218395][T10225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 413.227826][ T7476] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 413.260574][T10225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 413.266198][ T7476] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 413.296557][ T7476] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 413.311116][ T7476] usb 1-1: config 0 descriptor?? [ 413.515515][T10225] team0: Port device team_slave_0 added [ 413.638990][T10225] team0: Port device team_slave_1 added [ 413.788292][ T7476] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 413.795742][ T7476] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0 [ 413.836336][ T7476] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving [ 413.882914][ T7476] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 413.900553][T10225] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 413.918530][T10225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 413.996339][T10225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 414.083894][T10225] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 414.099831][T10225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 414.127425][T10225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 414.146723][ T763] bridge_slave_1: left allmulticast mode [ 414.158724][ T763] bridge_slave_1: left promiscuous mode [ 414.193438][ T5162] usb 1-1: USB disconnect, device number 12 [ 414.211045][ T763] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.246689][T10061] Bluetooth: hci4: command tx timeout [ 414.250655][ T763] bridge_slave_0: left allmulticast mode [ 414.259958][ T763] bridge_slave_0: left promiscuous mode [ 414.271590][ T763] bridge0: port 1(bridge_slave_0) entered disabled state [ 414.576265][ T5158] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 414.774456][ T5158] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 414.795192][ T5158] usb 3-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d [ 414.806794][ T5158] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 414.845184][ T5158] usb 3-1: config 0 descriptor?? [ 415.094160][ T763] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 415.114446][ T763] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 415.130650][ T5158] usb 3-1: USB disconnect, device number 10 [ 415.145297][ T763] bond0 (unregistering): Released all slaves [ 415.308770][T10225] hsr_slave_0: entered promiscuous mode [ 415.316313][T10225] hsr_slave_1: entered promiscuous mode [ 415.324380][T10225] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 415.332188][T10225] Cannot create hsr debugfs directory [ 415.456295][ T45] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 415.661353][ T763] hsr_slave_0: left promiscuous mode [ 415.668138][ T763] hsr_slave_1: left promiscuous mode [ 415.674273][ T763] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 415.682441][ T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 415.684036][ T763] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 415.700143][ T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 415.711062][ T45] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 415.720475][ T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 415.735610][ T763] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 415.752423][ T45] usb 1-1: config 0 descriptor?? [ 415.756209][ T763] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 415.797500][ T763] veth1_macvtap: left promiscuous mode [ 415.803112][ T763] veth0_macvtap: left promiscuous mode [ 415.809114][ T763] veth1_vlan: left promiscuous mode [ 415.814606][ T763] veth0_vlan: left promiscuous mode [ 415.969448][T10362] x_tables: unsorted entry at hook 2 [ 416.001629][T10362] loop2: detected capacity change from 0 to 512 [ 416.058975][T10362] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 416.116446][T10362] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended [ 416.183842][ T45] hid (null): bogus close delimiter [ 416.198396][T10362] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz-executor.2: bg 0: block 18: invalid block bitmap [ 416.223816][T10362] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 416.234066][T10362] EXT4-fs (loop2): 1 truncate cleaned up [ 416.242070][T10362] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 416.259540][T10362] ext2 filesystem being mounted at /root/syzkaller-testdir2107695198/syzkaller.JiTrzx/86/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 416.318462][T10362] EXT4-fs error (device loop2): ext4_map_blocks:580: inode #2: block 3: comm syz-executor.2: lblock 0 mapped to illegal pblock 3 (length 1) [ 416.383996][ T45] usb 1-1: language id specifier not provided by device, defaulting to English [ 416.790507][ T763] team0 (unregistering): Port device team_slave_1 removed [ 416.833084][ T45] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0008/input/input19 [ 416.877030][ T45] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0008/input/input20 [ 416.878110][ T763] team0 (unregistering): Port device team_slave_0 removed [ 416.902306][ T45] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0008/input/input21 [ 416.944751][ T45] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0008/input/input22 [ 416.963551][ T45] uclogic 0003:256C:006D.0008: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0 [ 417.072878][ T45] usb 1-1: USB disconnect, device number 13 [ 417.753388][T10357] netlink: 'syz-executor.4': attribute type 5 has an invalid length. [ 417.893832][T10163] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 417.906056][ T29] audit: type=1326 audit(1719224443.183:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10369 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x0 [ 417.944266][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 417.974734][T10163] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 418.308629][T10376] loop4: detected capacity change from 0 to 8 [ 418.415652][T10376] SQUASHFS error: Failed to read block 0x4e8: -5 [ 418.496273][T10376] SQUASHFS error: Failed to read block 0x6e6: -5 [ 418.503251][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.510988][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.518391][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.526879][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.534321][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.541575][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.548197][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.555581][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.562825][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.569706][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.577121][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.584253][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.590910][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.598349][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.605490][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.612381][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.620037][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.649004][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.655631][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.663063][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.670229][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.676901][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.684312][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.691571][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.698164][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.705579][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.712805][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.719576][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.727074][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.734271][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.741001][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.749404][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.756551][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.763233][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.770653][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.777878][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.784488][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.791956][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.798837][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.805518][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.813035][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.820411][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.826746][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.834237][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.841150][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.847446][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.854766][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.861651][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.867926][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.875264][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.882136][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.888470][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.895789][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.902677][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.908994][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.916361][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.923548][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.929914][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.937308][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.944207][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.950589][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.957958][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.964942][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.971744][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.979166][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 418.986061][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 418.992317][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 418.999681][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.006546][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.012826][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.020586][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.027475][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.033687][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.041001][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.047869][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.054115][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.061462][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.068320][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.074526][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.081866][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.088715][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.094968][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.102297][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.109176][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.115384][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.123104][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.129971][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.136259][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.143546][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.150390][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.156647][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.163937][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.170806][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.177095][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.184395][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.191247][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.197493][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.204781][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.211677][T10376] SQUASHFS error: Failed to read block 0x0: -5 [ 419.218535][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.226110][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.233239][T10376] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 419.240776][T10376] SQUASHFS error: read_indexes: reading block [6e4:0] [ 419.356162][ T29] audit: type=1800 audit(1719224443.713:687): pid=10376 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 419.434810][T10163] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 419.498980][T10163] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 419.721865][ T763] IPVS: stop unused estimator thread 0... [ 419.799361][T10163] 8021q: adding VLAN 0 to HW filter on device bond0 [ 419.861585][T10163] 8021q: adding VLAN 0 to HW filter on device team0 [ 419.876358][ T5158] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 419.897959][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 419.905144][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 419.939544][T10225] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 419.952690][T10225] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 419.967983][ T5190] bridge0: port 2(bridge_slave_1) entered blocking state [ 419.975224][ T5190] bridge0: port 2(bridge_slave_1) entered forwarding state [ 419.988383][T10225] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 420.004280][T10225] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 420.066285][ T5158] usb 3-1: Using ep0 maxpacket: 8 [ 420.086511][ T5158] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 420.100805][ T5158] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 420.114455][ T5158] usb 3-1: SerialNumber: syz [ 420.134479][ T5158] usb 3-1: config 0 descriptor?? [ 420.154784][ T5158] usb 3-1: Found UVC 0.00 device (05ac:8501) [ 420.168948][ T5158] usb 3-1: No valid video chain found. [ 420.255500][T10225] 8021q: adding VLAN 0 to HW filter on device bond0 [ 420.305922][T10225] 8021q: adding VLAN 0 to HW filter on device team0 [ 420.322566][ T5125] bridge0: port 1(bridge_slave_0) entered blocking state [ 420.329862][ T5125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 420.366168][ T5158] usb 3-1: USB disconnect, device number 11 [ 420.387470][ T5125] bridge0: port 2(bridge_slave_1) entered blocking state [ 420.394731][ T5125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 420.525691][T10163] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 420.631959][T10398] Bluetooth: MGMT ver 1.22 [ 420.694995][T10163] veth0_vlan: entered promiscuous mode [ 420.739734][T10163] veth1_vlan: entered promiscuous mode [ 420.823507][T10225] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 420.901342][T10163] veth0_macvtap: entered promiscuous mode [ 420.923140][T10163] veth1_macvtap: entered promiscuous mode [ 421.054846][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 421.087124][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 421.216139][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 421.254035][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 421.304159][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 421.351675][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 421.363619][T10163] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 421.433225][T10225] veth0_vlan: entered promiscuous mode [ 421.560408][T10423] binder: Unknown parameter 'eui18446744073709551615' [ 422.157887][T10225] veth1_vlan: entered promiscuous mode [ 422.222023][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.252178][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.269239][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.280135][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.290311][T10163] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 422.302389][T10163] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.314546][T10163] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 422.547272][T10163] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.571964][T10163] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.573699][T10416] loop2: detected capacity change from 0 to 32768 [ 422.582442][T10163] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.608361][T10163] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 422.672757][T10416] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 422.771524][T10225] veth0_macvtap: entered promiscuous mode [ 422.815733][T10417] loop4: detected capacity change from 0 to 32768 [ 422.826678][T10225] veth1_macvtap: entered promiscuous mode [ 422.830667][T10416] XFS (loop2): Ending clean mount [ 422.872618][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.888911][T10416] XFS (loop2): Quotacheck needed: Please wait. [ 422.914534][T10417] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 422.921411][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.933609][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.945393][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.955937][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 422.968023][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 422.986657][T10444] loop0: detected capacity change from 0 to 256 [ 422.999369][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 423.009183][T10416] XFS (loop2): Quotacheck: Done. [ 423.030862][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.042944][T10225] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 423.070948][ T29] audit: type=1800 audit(1719224448.353:688): pid=10416 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.2" name="file1" dev="loop2" ino=6150 res=0 errno=0 [ 423.121772][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.140697][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.150938][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.158617][T10417] XFS (loop4): Ending clean mount [ 423.161641][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.177732][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.188506][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.202236][T10225] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 423.236166][T10225] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 423.254745][T10225] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 423.284118][ T7358] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 423.328330][ T8961] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 423.366357][ T763] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 423.374950][ T763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 423.424286][T10225] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.435604][T10225] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.444999][T10225] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.454668][T10225] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 423.566966][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 423.574855][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 423.800599][ T29] audit: type=1326 audit(1719224449.083:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 423.886097][ T29] audit: type=1326 audit(1719224449.083:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 423.917227][T10452] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 423.938569][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 423.940457][ T29] audit: type=1326 audit(1719224449.113:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 423.966059][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.000034][ T29] audit: type=1326 audit(1719224449.113:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.043152][ T29] audit: type=1326 audit(1719224449.113:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.058376][T10452] loop3: detected capacity change from 0 to 736 [ 424.094378][ T29] audit: type=1326 audit(1719224449.113:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.115641][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 424.117094][ T29] audit: type=1326 audit(1719224449.113:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.124673][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 424.200337][ T29] audit: type=1326 audit(1719224449.113:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.223510][ T29] audit: type=1326 audit(1719224449.113:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10451 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317107d0a9 code=0x7ffc0000 [ 424.696289][T10479] loop4: detected capacity change from 0 to 256 [ 424.776124][ T5160] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 424.933915][T10488] loop4: detected capacity change from 0 to 16 [ 424.956671][T10488] erofs: (device loop4): mounted with root inode @ nid 36. [ 424.976134][ T5160] usb 4-1: Using ep0 maxpacket: 8 [ 424.997127][ T5160] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 425.011884][ T5160] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 425.030669][ T5160] usb 4-1: SerialNumber: syz [ 425.042865][ T5160] usb 4-1: config 0 descriptor?? [ 425.077206][ T5160] usb 4-1: Found UVC 0.00 device (05ac:8501) [ 425.084159][ T5160] usb 4-1: No valid video chain found. [ 425.102073][ T7358] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 46 [ 425.134259][T10465] loop1: detected capacity change from 0 to 32768 [ 425.145769][ T7358] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 425.157515][ T7358] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89 [ 425.242697][T10494] netlink: 256 bytes leftover after parsing attributes in process `syz-executor.2'. [ 425.330598][ T5173] usb 4-1: USB disconnect, device number 14 [ 425.556196][T10506] openvswitch: netlink: Missing key (keys=20040, expected=80) [ 425.692547][T10510] loop1: detected capacity change from 0 to 1024 [ 425.769188][ T5158] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 425.986924][T10516] syz-executor.2 (pid 10516) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 426.000641][T10516] fscrypt: key with description 'fscrypt:0000111122223333' has invalid payload [ 426.210140][ T5158] usb 5-1: Using ep0 maxpacket: 8 [ 426.245747][ T5158] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=b0.87 [ 426.258122][ T5158] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 426.325403][ T5158] usb 5-1: config 0 descriptor?? [ 426.413889][ T5158] pvrusb2: Hardware description: Terratec Grabster AV400 [ 426.475384][ T5158] pvrusb2: ********** [ 426.587054][ T5158] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 426.638161][ T5158] pvrusb2: Important functionality might not be entirely working. [ 426.676954][ T5158] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 426.743753][ T5158] pvrusb2: ********** [ 426.784970][ T1979] pvrusb2: Invalid write control endpoint [ 427.070902][T10503] loop4: detected capacity change from 0 to 1024 [ 427.093994][ T1979] pvrusb2: Invalid write control endpoint [ 427.136965][ T1979] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 427.137666][T10541] loop0: detected capacity change from 0 to 256 [ 427.165140][T10540] smb3: Unknown parameter ' ' [ 427.179125][ T1979] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 427.193943][ T7476] usb 5-1: USB disconnect, device number 10 [ 427.225766][ T1979] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 427.249510][ T1979] pvrusb2: Device being rendered inoperable [ 427.295102][ T1979] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 427.311711][ T1979] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 427.347509][ T1979] pvrusb2: Attached sub-driver cx25840 [ 427.354903][ T1979] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 427.371738][ T1979] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 427.500826][T10548] loop0: detected capacity change from 0 to 512 [ 427.541970][T10548] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 427.563036][T10548] System zones: 1-12 [ 427.569769][T10548] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 1 (level 1) [ 427.584064][T10548] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz-executor.0: invalid indirect mapped block 7 (level 2) [ 427.584960][T10553] cgroup: Unexpected value for 'cpuset_v2_mode' [ 427.634994][T10548] EXT4-fs (loop0): 1 truncate cleaned up [ 427.649347][T10548] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 427.811863][ T62] hfsplus: b-tree write err: -5, ino 4 [ 428.129164][ T8298] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.559252][T10596] loop3: detected capacity change from 0 to 512 [ 428.571174][T10596] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002] [ 428.581093][T10596] System zones: 1-12 [ 428.588783][T10596] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 1 (level 1) [ 428.596321][ T7476] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 428.614073][T10596] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 7 (level 2) [ 428.639743][T10596] EXT4-fs (loop3): 1 truncate cleaned up [ 428.648947][T10596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.854462][T10163] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.856311][ T7476] usb 5-1: Using ep0 maxpacket: 8 [ 428.894583][ T7476] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=b0.87 [ 428.909902][ T7476] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 428.942937][ T7476] usb 5-1: config 0 descriptor?? [ 428.957128][ T7476] pvrusb2: Hardware description: Terratec Grabster AV400 [ 428.964290][ T7476] pvrusb2: ********** [ 428.969350][ T7476] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 428.979707][ T7476] pvrusb2: Important functionality might not be entirely working. [ 428.987749][ T7476] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 428.999440][ T7476] pvrusb2: ********** [ 429.183468][ T1979] pvrusb2: Invalid write control endpoint [ 429.335584][ T1979] pvrusb2: Invalid write control endpoint [ 429.368888][ T1979] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 429.413833][ T1979] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 429.441680][ T1979] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 429.486111][ T1979] pvrusb2: Device being rendered inoperable [ 429.501537][T10583] loop4: detected capacity change from 0 to 1024 [ 429.513433][ T1979] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 429.543039][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 429.543062][ T29] audit: type=1800 audit(1719224454.823:736): pid=10613 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.1" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 429.546143][ T1979] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b) [ 429.569345][ C1] vkms_vblank_simulate: vblank timer overrun [ 429.654750][ T7476] usb 5-1: USB disconnect, device number 11 [ 429.667262][ T1979] pvrusb2: Attached sub-driver cx25840 [ 429.696219][ T1979] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 429.750577][ T1979] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 429.984542][T10623] loop1: detected capacity change from 0 to 16 [ 430.007584][T10623] erofs: (device loop1): mounted with root inode @ nid 36. [ 430.237948][ T62] hfsplus: b-tree write err: -5, ino 4 [ 430.273516][T10629] loop0: detected capacity change from 0 to 8 [ 430.287919][T10629] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 430.360153][T10606] loop2: detected capacity change from 0 to 32768 [ 430.391788][T10606] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 430.599519][T10606] XFS (loop2): Ending clean mount [ 430.755887][ T8961] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 430.802833][T10648] loop3: detected capacity change from 0 to 8 [ 430.992337][T10652] loop4: detected capacity change from 0 to 1024 [ 432.571213][T10671] loop1: detected capacity change from 0 to 8 [ 432.593489][T10671] MTD: Attempt to mount non-MTD device "/dev/loop1" [ 432.785564][ T29] audit: type=1326 audit(1719224458.063:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10676 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f425587d0a9 code=0x0 [ 433.159474][T10682] loop4: detected capacity change from 0 to 8 [ 433.246751][T10682] SQUASHFS error: Failed to read block 0x4e8: -5 [ 433.304147][T10682] SQUASHFS error: Failed to read block 0x6e6: -5 [ 433.310712][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.318161][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.325320][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.331998][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.339420][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.346629][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.353397][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.361906][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.370843][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.377456][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.384822][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.392146][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.399002][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.406457][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.413577][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.429039][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.436495][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.443645][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.471818][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.479367][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.486647][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.493244][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.500674][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.507887][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.514447][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.521884][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.529397][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.536005][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.543381][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.550669][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.557380][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.565777][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.573643][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.581261][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.588707][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.595821][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.602474][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.610465][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.617634][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.624213][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.631734][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.638691][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.644971][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.652399][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.659378][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.666431][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.673737][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.681124][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.687463][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.694764][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.701689][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.707945][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.715244][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.722187][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.728468][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.735758][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.742648][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.748913][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.756300][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.763686][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.771536][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.778976][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.786060][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.792931][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.800331][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.807206][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.813439][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.820794][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.827674][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.833927][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.841296][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.848220][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.854440][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.861792][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.869795][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.876104][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.883390][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.890250][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.896531][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.903816][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.910675][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.916994][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.924309][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.931254][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.937525][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.944811][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.951687][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.957965][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.965254][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.973193][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 433.979572][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 433.986917][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 433.993793][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 434.000088][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 434.007662][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 434.014474][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 434.020790][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 434.028111][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 434.034959][T10682] SQUASHFS error: Failed to read block 0x0: -5 [ 434.041265][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 434.048632][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 434.055474][T10682] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 434.065418][T10682] SQUASHFS error: read_indexes: reading block [6e4:0] [ 434.186101][ T29] audit: type=1800 audit(1719224458.543:738): pid=10682 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.4" name="file1" dev="loop4" ino=5 res=0 errno=0 [ 435.459827][T10702] loop3: detected capacity change from 0 to 1024 [ 435.499040][T10702] hfsplus: inconsistency in B*Tree (31095,1,255,1,0) [ 435.524153][T10702] hfsplus: inconsistency in B*Tree (31095,1,255,1,0) [ 435.534610][T10702] hfsplus: xattr search failed [ 435.674078][T10712] loop3: detected capacity change from 0 to 164 [ 435.708877][T10712] trusted_key: encrypted_key: keylen parameter is missing [ 435.867225][T10681] loop1: detected capacity change from 0 to 32768 [ 435.867321][T10715] loop0: detected capacity change from 0 to 4096 [ 435.922075][T10720] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 436.010725][T10723] loop2: detected capacity change from 0 to 128 [ 436.031857][T10722] loop3: detected capacity change from 0 to 8 [ 437.515566][T10741] xt_CT: You must specify a L4 protocol and not use inversions on it [ 438.544849][T10738] loop0: detected capacity change from 0 to 4096 [ 438.572311][T10738] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 438.647153][T10061] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 438.656570][T10061] Bluetooth: hci0: Injecting HCI hardware error event [ 438.667574][ T5123] Bluetooth: hci0: hardware error 0x00 [ 438.774234][ T29] audit: type=1326 audit(1719224464.053:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10749 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe11a07d0a9 code=0x0 [ 439.148619][T10758] loop2: detected capacity change from 0 to 8 [ 439.174751][T10758] SQUASHFS error: Failed to read block 0x4e8: -5 [ 439.188662][T10758] SQUASHFS error: Failed to read block 0x6e6: -5 [ 439.196159][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.203485][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.211606][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.217952][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.225264][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.232214][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.238684][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.246665][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.253662][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.272409][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.280917][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.288266][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.294696][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.311357][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.318595][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.325090][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.332863][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.340137][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.346851][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.354304][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.361530][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.368587][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.376094][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.383162][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.389985][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.401636][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.409000][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.415504][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.423082][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.430413][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.436965][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.444451][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.452901][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.459580][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.470238][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.477428][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.483898][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.491734][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.498898][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.521604][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.531912][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.539176][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.545676][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.553358][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.560618][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.578493][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.586025][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.593081][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.599946][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.617030][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.624117][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.634245][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.641938][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.649133][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.655540][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.663268][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.670986][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.680123][T10760] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.689898][T10760] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.698184][T10760] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.720468][T10760] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.728194][T10760] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.735799][T10760] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.745378][T10760] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.753128][T10760] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.760670][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.773443][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.780572][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.787115][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.794543][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.802160][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.823620][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.831277][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.838421][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.844860][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.852427][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.871364][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.878153][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.885511][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.892577][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.899395][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.906973][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.920229][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.926986][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.934456][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.941699][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.948311][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.955792][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.963068][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.970317][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.977968][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 439.984969][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 439.991533][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 439.999315][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.006458][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 440.039102][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.046861][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.053915][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 440.060633][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.068448][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.075520][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 440.082213][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.089963][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.097320][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 440.103868][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.111631][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.132781][T10758] SQUASHFS error: Failed to read block 0x0: -5 [ 440.139667][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.147233][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.154286][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.162885][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.196364][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.203877][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.210983][T10758] SQUASHFS error: Unable to read metadata cache entry [6e4] [ 440.256476][T10758] SQUASHFS error: read_indexes: reading block [6e4:0] [ 440.326232][ T29] audit: type=1800 audit(1719224464.473:740): pid=10758 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz-executor.2" name="file1" dev="loop2" ino=5 res=0 errno=0 [ 440.496800][ T1251] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.503183][ T1251] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.726591][ T5123] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 440.802207][T10770] loop2: detected capacity change from 0 to 164 [ 440.822841][T10770] trusted_key: encrypted_key: keylen parameter is missing [ 440.973433][T10767] netlink: 'syz-executor.4': attribute type 298 has an invalid length. [ 441.164813][T10751] loop1: detected capacity change from 0 to 32768 [ 441.965045][ T1100] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.086707][T10781] netlink: 830 bytes leftover after parsing attributes in process `syz-executor.3'. [ 442.310881][T10788] loop2: detected capacity change from 0 to 2048 [ 442.342921][ T1100] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.392521][T10788] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 442.500949][T10798] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'. [ 442.557690][ T1100] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.588594][ T29] audit: type=1804 audit(1719224467.873:741): pid=10803 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2406408221/syzkaller.GDLXJi/265/bus" dev="sda1" ino=1945 res=1 errno=0 [ 442.666961][T10803] Invalid ELF header magic: != ELF [ 442.686258][ T29] audit: type=1804 audit(1719224467.913:742): pid=10803 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir2406408221/syzkaller.GDLXJi/265/bus" dev="sda1" ino=1945 res=1 errno=0 [ 442.834607][ T29] audit: type=1804 audit(1719224467.913:743): pid=10803 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir2406408221/syzkaller.GDLXJi/265/bus" dev="sda1" ino=1945 res=1 errno=0 [ 442.966607][ T1100] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.727494][T10821] netlink: 84 bytes leftover after parsing attributes in process `syz-executor.2'. [ 444.787347][T10061] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 444.801324][T10061] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 444.812489][T10061] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 444.840302][T10061] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 444.857058][T10061] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 444.872014][T10061] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 444.936415][ T1100] bridge_slave_1: left allmulticast mode [ 444.942118][ T1100] bridge_slave_1: left promiscuous mode [ 444.996409][ T1100] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.083664][ T1100] bridge_slave_0: left allmulticast mode [ 445.099215][ T1100] bridge_slave_0: left promiscuous mode [ 445.109298][ T1100] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.125724][T10838] loop3: detected capacity change from 0 to 64 [ 445.167018][T10838] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 445.628327][T10848] xt_CT: You must specify a L4 protocol and not use inversions on it [ 446.715128][T10857] loop1: detected capacity change from 0 to 8192 [ 446.802581][T10836] loop2: detected capacity change from 0 to 32768 [ 446.968457][T10061] Bluetooth: hci0: command tx timeout [ 447.631072][T10836] bcachefs (loop2): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 447.671845][T10836] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 447.774477][T10836] bcachefs (loop2): alloc_read... done [ 447.787439][T10836] bcachefs (loop2): stripes_read... done [ 447.800230][T10836] bcachefs (loop2): snapshots_read... done [ 447.847413][T10836] bcachefs (loop2): journal_replay... done [ 447.860331][T10836] bcachefs (loop2): resume_logged_ops... done [ 447.866984][T10836] bcachefs (loop2): going read-write [ 447.942274][T10836] bcachefs (loop2): done starting filesystem [ 448.054028][T10880] loop1: detected capacity change from 0 to 1024 [ 448.107729][ T8961] bcachefs (loop2): shutting down [ 448.123421][ T8961] bcachefs (loop2): going read-only [ 448.131715][ T8961] bcachefs (loop2): finished waiting for writes to stop [ 448.159461][ T8961] bcachefs (loop2): flushing journal and stopping allocators, journal seq 12 [ 448.203557][ T8961] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 13 [ 448.221225][ T8961] bcachefs (loop2): shutdown complete, journal seq 14 [ 448.234104][ T1100] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 448.237768][ T8961] bcachefs (loop2): marking filesystem clean [ 448.262039][ T1100] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 448.275620][ T8961] bcachefs (loop2): shutdown complete [ 448.290934][ T1100] bond0 (unregistering): Released all slaves [ 449.046345][ T5123] Bluetooth: hci0: command tx timeout [ 449.242167][T10822] chnl_net:caif_netlink_parms(): no params data found [ 449.347486][ T1100] hsr_slave_0: left promiscuous mode [ 449.402328][ T1100] hsr_slave_1: left promiscuous mode [ 449.449440][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 449.486347][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 449.499368][ T1100] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 449.526291][ T1100] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 449.541180][T10890] loop1: detected capacity change from 0 to 32768 [ 449.602457][ T1100] veth1_macvtap: left promiscuous mode [ 449.626346][ T1100] veth0_macvtap: left promiscuous mode [ 449.632094][ T1100] veth1_vlan: left promiscuous mode [ 449.658296][ T1100] veth0_vlan: left promiscuous mode [ 450.170833][T10898] loop3: detected capacity change from 0 to 32768 [ 450.208768][T10908] loop2: detected capacity change from 0 to 2048 [ 450.226192][T10908] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d [ 450.239387][T10908] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 450.272202][T10898] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 450.390846][T10898] XFS (loop3): Ending clean mount [ 450.431630][T10898] XFS (loop3): Quotacheck needed: Please wait. [ 450.582578][T10898] XFS (loop3): Quotacheck: Done. [ 450.830202][T10163] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 451.135531][ T5123] Bluetooth: hci0: command tx timeout [ 451.811917][T10935] loop3: detected capacity change from 0 to 1024 [ 451.923651][T10935] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 452.081540][T10935] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2856: Unable to expand inode 12. Delete some EAs or run e2fsck. [ 452.219051][T10935] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 452.934464][T10945] loop2: detected capacity change from 0 to 8 [ 452.985326][T10163] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.128003][T10947] loop1: detected capacity change from 0 to 2048 [ 453.235508][ T5123] Bluetooth: hci0: command tx timeout [ 453.316577][ T1100] team0 (unregistering): Port device team_slave_1 removed [ 453.448224][ T1100] team0 (unregistering): Port device team_slave_0 removed [ 454.709354][T10959] loop1: detected capacity change from 0 to 32768 [ 455.188697][T10963] loop3: detected capacity change from 0 to 32768 [ 455.341021][T10963] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=data_checksum=crc64,str_hash=crc64,nojournal_transaction_names,nocow [ 455.361542][T10963] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 455.506496][T10963] bcachefs (loop3): alloc_read... done [ 455.508979][ T29] audit: type=1800 audit(1719224480.793:744): pid=10977 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="sda1" ino=1946 res=0 errno=0 [ 455.512248][T10963] bcachefs (loop3): stripes_read... done [ 455.540539][T10963] bcachefs (loop3): snapshots_read... done [ 455.559013][T10963] bcachefs (loop3): journal_replay... done [ 455.591529][T10963] bcachefs (loop3): resume_logged_ops... done [ 455.614468][T10963] bcachefs (loop3): going read-write [ 455.645421][T10963] bcachefs (loop3): done starting filesystem [ 455.680146][T10980] loop2: detected capacity change from 0 to 1024 [ 455.734778][T10822] bridge0: port 1(bridge_slave_0) entered blocking state [ 455.742534][T10822] bridge0: port 1(bridge_slave_0) entered disabled state [ 455.750405][T10822] bridge_slave_0: entered allmulticast mode [ 455.758361][T10822] bridge_slave_0: entered promiscuous mode [ 455.771976][T10822] bridge0: port 2(bridge_slave_1) entered blocking state [ 455.780104][T10822] bridge0: port 2(bridge_slave_1) entered disabled state [ 455.788539][T10822] bridge_slave_1: entered allmulticast mode [ 455.816402][T10822] bridge_slave_1: entered promiscuous mode [ 455.851076][T10980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 455.882740][T10163] bcachefs (loop3): shutting down [ 455.900967][T10163] bcachefs (loop3): going read-only [ 455.915485][T10163] bcachefs (loop3): finished waiting for writes to stop [ 455.943232][T10163] bcachefs (loop3): flushing journal and stopping allocators, journal seq 12 [ 455.982611][T10980] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 455.995010][T10822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 456.032198][T10163] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 14 [ 456.057537][T10822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 456.077934][T10163] bcachefs (loop3): shutdown complete, journal seq 15 [ 456.117938][T10163] bcachefs (loop3): marking filesystem clean [ 456.176291][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.207671][T10163] bcachefs (loop3): shutdown complete [ 456.282616][T10822] team0: Port device team_slave_0 added [ 456.297047][T10822] team0: Port device team_slave_1 added [ 456.469434][T10822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 456.486079][T10822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 456.546126][T10822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 456.581915][T10822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 456.606142][T10822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 456.614501][T10991] loop4: detected capacity change from 0 to 32768 [ 456.651610][T10995] loop2: detected capacity change from 0 to 8192 [ 456.662644][T10822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 456.676727][T10997] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 456.685654][T10991] XFS: ikeep mount option is deprecated. [ 456.691848][T10991] XFS: ikeep mount option is deprecated. [ 456.761831][T10991] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 456.822179][T10822] hsr_slave_0: entered promiscuous mode [ 456.890104][T10822] hsr_slave_1: entered promiscuous mode [ 456.925086][T11007] loop1: detected capacity change from 0 to 512 [ 456.938871][T10822] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 456.986239][T10822] Cannot create hsr debugfs directory [ 456.994316][T10991] XFS (loop4): Ending clean mount [ 457.256388][T10991] XFS (loop4): Quotacheck needed: Please wait. [ 457.526468][T10991] XFS (loop4): Quotacheck: Done. [ 457.851739][ T7358] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 459.340787][T10822] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 459.417079][T10822] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 459.499350][T10822] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 459.562379][T10822] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 460.030880][T10822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 460.167047][T10822] 8021q: adding VLAN 0 to HW filter on device team0 [ 460.240782][ T5158] bridge0: port 1(bridge_slave_0) entered blocking state [ 460.248076][ T5158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 460.397971][ T5173] bridge0: port 2(bridge_slave_1) entered blocking state [ 460.405227][ T5173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 461.397194][T11041] loop3: detected capacity change from 0 to 32768 [ 461.409482][T11041] XFS: ikeep mount option is deprecated. [ 461.422700][T11041] XFS: ikeep mount option is deprecated. [ 461.474959][T11041] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 461.568355][T11041] XFS (loop3): Ending clean mount [ 461.576718][T11041] XFS (loop3): Quotacheck needed: Please wait. [ 461.640217][T11060] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 461.652168][T11060] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. [ 461.686585][T11041] XFS (loop3): Quotacheck: Done. [ 462.845505][T11079] loop4: detected capacity change from 0 to 8 [ 462.972461][T10163] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 463.135890][T10822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 463.366515][T10822] veth0_vlan: entered promiscuous mode [ 463.436621][T10822] veth1_vlan: entered promiscuous mode [ 463.555795][T11091] ptrace attach of "/root/syz-executor.1 exec"[10225] was attempted by "/root/syz-executor.1 exec"[11091] [ 463.691335][T10822] veth0_macvtap: entered promiscuous mode [ 463.723274][T10822] veth1_macvtap: entered promiscuous mode [ 463.801942][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 463.810376][ T29] audit: type=1326 audit(1719224489.083:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 463.844686][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 463.882904][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 463.895023][ T29] audit: type=1326 audit(1719224489.123:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 463.917495][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 463.933347][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 463.944111][ T29] audit: type=1326 audit(1719224489.123:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 463.970010][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 463.996162][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 464.016031][ T29] audit: type=1326 audit(1719224489.143:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 464.042178][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.062339][T10822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 464.072205][ T29] audit: type=1326 audit(1719224489.153:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 464.106918][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.118987][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.131917][ T29] audit: type=1326 audit(1719224489.153:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3607d0a9 code=0x7ffc0000 [ 464.154249][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.172039][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.183362][ T29] audit: type=1326 audit(1719224489.153:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fca3607a827 code=0x7ffc0000 [ 464.212153][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.222771][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.238603][ T29] audit: type=1326 audit(1719224489.183:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fca360404e9 code=0x7ffc0000 [ 464.250811][T11089] loop2: detected capacity change from 0 to 32768 [ 464.261603][T10822] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 464.290576][T10822] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 464.300627][ T29] audit: type=1326 audit(1719224489.183:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fca3607a827 code=0x7ffc0000 [ 464.324640][T10822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 464.358328][T10822] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.370949][T10822] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.370954][ T29] audit: type=1326 audit(1719224489.183:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11092 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fca360404e9 code=0x7ffc0000 [ 464.370992][T10822] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.420599][T10822] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 464.422968][T11089] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 464.599988][T11089] XFS (loop2): Ending clean mount [ 464.605501][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.642146][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 464.704353][T11102] bridge0: entered promiscuous mode [ 464.721796][T11102] bridge0: entered allmulticast mode [ 464.751787][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 464.772754][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 464.902317][ T8961] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 464.955861][T11120] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. [ 465.179032][T11126] loop0: detected capacity change from 0 to 64 [ 465.217091][T11126] MINIX-fs: mounting unchecked file system, running fsck is recommended [ 466.710121][T11156] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 466.719743][T11156] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 466.798799][T11117] loop4: detected capacity change from 0 to 40427 [ 466.834504][T11117] F2FS-fs (loop4): invalid crc value [ 466.848867][T11117] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root [ 466.913511][T11117] F2FS-fs (loop4): Found nat_bits in checkpoint [ 467.780193][T11117] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 467.956235][ T5125] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 468.087010][T10061] Bluetooth: hci1: command 0x0406 tx timeout [ 468.182998][ T5125] usb 4-1: Using ep0 maxpacket: 16 [ 468.337484][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 468.384153][ T5125] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 468.426197][ T5125] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 468.452213][ T5125] usb 4-1: config 0 descriptor?? [ 468.674694][T11191] loop1: detected capacity change from 0 to 512 [ 468.713540][T11191] EXT4-fs (loop1): ea_inode feature is not supported for Hurd [ 468.826595][T11191] Bluetooth: MGMT ver 1.22 [ 468.852615][T11191] Bluetooth: hci3: service_discovery: too big uuid_count value 7787 [ 468.935270][T11163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 468.957566][T11163] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 469.041290][ T5125] hid-generic 0003:0158:0100.0009: unknown main item tag 0x1 [ 469.054249][ T5125] hid-generic 0003:0158:0100.0009: unexpected long global item [ 469.070331][ T5125] hid-generic 0003:0158:0100.0009: probe with driver hid-generic failed with error -22 [ 469.213670][ T29] kauditd_printk_skb: 60 callbacks suppressed [ 469.213695][ T29] audit: type=1326 audit(1719224494.483:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 469.352842][ T25] usb 4-1: USB disconnect, device number 15 [ 469.359040][ T29] audit: type=1326 audit(1719224494.483:816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 469.436233][ T29] audit: type=1326 audit(1719224494.483:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 469.459348][ T29] audit: type=1326 audit(1719224494.523:818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 469.487719][ T29] audit: type=1326 audit(1719224494.543:819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 469.726672][ T29] audit: type=1326 audit(1719224494.553:820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 470.380231][ T29] audit: type=1326 audit(1719224494.553:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9011a7d0a9 code=0x7ffc0000 [ 470.409440][T11213] netlink: 'syz-executor.0': attribute type 4 has an invalid length. [ 470.547771][ T29] audit: type=1326 audit(1719224494.553:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9011a7a827 code=0x7ffc0000 [ 470.674307][ T29] audit: type=1326 audit(1719224494.553:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9011a404e9 code=0x7ffc0000 [ 470.777726][ T29] audit: type=1326 audit(1719224494.553:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11206 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9011a7a827 code=0x7ffc0000 [ 470.820964][T11231] loop1: detected capacity change from 0 to 512 [ 471.055808][T11194] loop4: detected capacity change from 0 to 32768 [ 471.254464][T11238] loop2: detected capacity change from 0 to 128 [ 471.407305][T11238] FAT-fs (loop2): Directory bread(block 32) failed [ 471.460797][T11243] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 471.471552][T11238] FAT-fs (loop2): Directory bread(block 33) failed [ 471.524009][T11238] FAT-fs (loop2): Directory bread(block 34) failed [ 471.561936][T11238] FAT-fs (loop2): Directory bread(block 35) failed [ 471.606192][T11238] FAT-fs (loop2): Directory bread(block 36) failed [ 471.612892][T11238] FAT-fs (loop2): Directory bread(block 37) failed [ 471.670284][T11238] FAT-fs (loop2): Directory bread(block 38) failed [ 471.702434][T11238] FAT-fs (loop2): Directory bread(block 39) failed [ 471.733108][T11238] FAT-fs (loop2): Directory bread(block 40) failed [ 471.769004][T11248] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'. [ 471.778498][T11238] FAT-fs (loop2): Directory bread(block 41) failed [ 471.983962][T11236] FAT-fs (loop2): Filesystem has been set read-only [ 472.009331][T11236] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 472.187308][T11263] netlink: 'syz-executor.3': attribute type 6 has an invalid length. [ 472.195844][T11263] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.3'. [ 472.263902][T11265] loop0: detected capacity change from 0 to 256 [ 472.455074][T11271] No control pipe specified [ 473.549119][T11284] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 473.973333][T11283] overlayfs: statfs failed on './file0' [ 474.191672][T11281] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 474.276697][T11281] gfs2: Unknown parameter 'fdinfo/3' [ 474.489139][ T25] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 474.640029][T11306] loop3: detected capacity change from 0 to 128 [ 474.696943][ T25] usb 5-1: Using ep0 maxpacket: 16 [ 474.714435][ T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 474.747282][T11306] FAT-fs (loop3): Directory bread(block 32) failed [ 474.764232][ T25] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9 [ 474.793948][T11306] FAT-fs (loop3): Directory bread(block 33) failed [ 474.817687][ T25] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00 [ 474.827558][T11306] FAT-fs (loop3): Directory bread(block 34) failed [ 474.835540][T11306] FAT-fs (loop3): Directory bread(block 35) failed [ 474.856146][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 474.866617][T11306] FAT-fs (loop3): Directory bread(block 36) failed [ 474.875004][T11306] FAT-fs (loop3): Directory bread(block 37) failed [ 474.906816][ T25] usb 5-1: config 0 descriptor?? [ 474.916676][T11306] FAT-fs (loop3): Directory bread(block 38) failed [ 474.923329][T11306] FAT-fs (loop3): Directory bread(block 39) failed [ 474.943049][T11306] FAT-fs (loop3): Directory bread(block 40) failed [ 474.951134][T11306] FAT-fs (loop3): Directory bread(block 41) failed [ 475.016793][T11317] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 475.137888][T11293] loop0: detected capacity change from 0 to 32768 [ 475.147761][T11301] FAT-fs (loop3): Filesystem has been set read-only [ 475.161665][T11293] btrfs: Deprecated parameter 'usebackuproot' [ 475.162568][T11301] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 475.178504][T11293] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 475.216124][T11293] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (11293) [ 475.266102][T11293] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 475.306332][T11293] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 475.344811][T11329] netlink: 'syz-executor.1': attribute type 6 has an invalid length. [ 475.353146][T11329] netlink: 140 bytes leftover after parsing attributes in process `syz-executor.1'. [ 475.849595][T11339] loop2: detected capacity change from 0 to 2048 [ 476.201728][T11339] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 476.281467][T11293] BTRFS info (device loop0): rebuilding free space tree [ 476.328560][T11293] BTRFS info (device loop0): disabling free space tree [ 476.335896][T11293] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 476.350199][T11293] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 476.511228][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.611789][T10822] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 476.669397][T11357] loop1: detected capacity change from 0 to 4096 [ 476.875176][T11357] loop1: detected capacity change from 0 to 256 [ 476.943886][ T25] usbhid 5-1:0.0: can't add hid device: -71 [ 476.966410][ T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71 [ 477.028878][ T25] usb 5-1: USB disconnect, device number 12 [ 477.756005][T11387] loop3: detected capacity change from 0 to 2048 [ 477.849640][T11384] loop2: detected capacity change from 0 to 1024 [ 477.984386][T11387] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 478.102153][T11384] EXT4-fs: Ignoring removed nomblk_io_submit option [ 478.132839][T11384] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 478.194868][T11384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 478.320490][ T5173] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 478.358190][T10163] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.484726][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.576601][ T5173] usb 2-1: Using ep0 maxpacket: 16 [ 478.587932][ T5173] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 478.618777][ T5173] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 478.638178][ T5173] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 478.671158][ T5173] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 478.688630][ T5173] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 478.697052][ T5173] usb 2-1: Product: syz [ 478.701251][ T5173] usb 2-1: Manufacturer: syz [ 478.705893][ T5173] usb 2-1: SerialNumber: syz [ 478.718059][ T5173] usb 2-1: selecting invalid altsetting 1 [ 478.836186][ T5125] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 478.934201][T11373] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 478.949761][T11411] loop2: detected capacity change from 0 to 4096 [ 478.955526][T11399] loop0: detected capacity change from 0 to 32768 [ 478.971547][T11399] btrfs: Deprecated parameter 'usebackuproot' [ 478.979364][T11399] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 478.989466][T11411] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512). [ 478.995234][T11399] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (11399) [ 479.046547][ T5125] usb 4-1: Using ep0 maxpacket: 16 [ 479.054525][T11399] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 479.065729][ T5125] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 479.086713][T11373] batman_adv: batadv0: Adding interface: team0 [ 479.093194][ T5125] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 479.102564][T11399] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 479.111796][T11373] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 479.121367][T11411] ntfs3: loop2: Failed to initialize $Extend/$Reparse. [ 479.139566][ T5125] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 479.154941][T11373] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 479.168367][ T5125] usb 4-1: config 0 descriptor?? [ 479.180653][T11380] netlink: 'syz-executor.1': attribute type 10 has an invalid length. [ 479.217471][T11380] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.1'. [ 479.233867][T11380] team0: entered promiscuous mode [ 479.239504][T11380] team_slave_0: entered promiscuous mode [ 479.246202][T11380] team_slave_1: entered promiscuous mode [ 479.303811][T11380] 8021q: adding VLAN 0 to HW filter on device team0 [ 479.327654][T11380] batman_adv: batadv0: Interface activated: team0 [ 479.337837][T11380] batman_adv: batadv0: Interface deactivated: team0 [ 479.344958][T11380] batman_adv: batadv0: Removing interface: team0 [ 479.353352][T11399] BTRFS info (device loop0): rebuilding free space tree [ 479.362463][T11380] bridge0: port 3(team0) entered blocking state [ 479.400042][T11380] bridge0: port 3(team0) entered disabled state [ 479.430364][T11380] team0: entered allmulticast mode [ 479.448800][T11399] BTRFS info (device loop0): disabling free space tree [ 479.467012][T11380] team_slave_0: entered allmulticast mode [ 479.473198][T11399] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 479.492971][T11380] team_slave_1: entered allmulticast mode [ 479.503089][T11399] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 479.526541][T11380] bridge0: port 3(team0) entered blocking state [ 479.533042][T11380] bridge0: port 3(team0) entered forwarding state [ 479.618942][ T8961] ntfs3: loop2: ino=1a, ntfs_sync_fs failed, -22. [ 479.621345][T11408] loop4: detected capacity change from 0 to 32768 [ 479.646755][T11408] BTRFS: device /dev/loop4 (7:4) using temp-fsid 94d9cce9-f7f3-4ccb-a7f7-dc63098db0b8 [ 479.664126][ T5173] cdc_ncm 2-1:1.0: bind() failure [ 479.664136][T11408] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (11408) [ 479.697931][ T5173] usb 2-1: USB disconnect, device number 10 [ 479.715408][T10822] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 479.742137][T11408] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 479.757855][T11408] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm [ 479.767403][T11408] BTRFS info (device loop4): using free-space-tree [ 479.825395][T11405] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 479.863621][T11405] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 479.923669][ T5125] hid-generic 0003:0158:0100.000A: unknown main item tag 0x1 [ 479.943940][ T5125] hid-generic 0003:0158:0100.000A: unexpected long global item [ 479.968294][ T5125] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22 [ 479.993569][T11408] BTRFS info (device loop4): checking UUID tree [ 480.008645][T11447] vxcan0: tx drop: invalid da for name 0x0000000000000004 [ 480.178708][ T5173] usb 4-1: USB disconnect, device number 16 [ 480.550811][ T7358] BTRFS info (device loop4): last unmount of filesystem 94d9cce9-f7f3-4ccb-a7f7-dc63098db0b8 [ 481.053781][T11465] loop0: detected capacity change from 0 to 2048 [ 481.195451][T11465] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 481.258276][ C0] vxcan0: j1939_tp_rxtimer: 0xffff888020206400: rx timeout, send abort [ 481.267922][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff888020206400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 481.653191][T10822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.137947][T11487] loop2: detected capacity change from 0 to 1024 [ 482.174315][T11487] EXT4-fs: Ignoring removed nomblk_io_submit option [ 482.203600][T11487] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 482.277763][T11487] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 482.302075][T11493] loop4: detected capacity change from 0 to 512 [ 482.308480][T11494] loop0: detected capacity change from 0 to 4096 [ 482.318095][T11494] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 482.353410][T11493] EXT4-fs: Ignoring removed nobh option [ 482.430529][T11493] fscrypt (loop4, inode 2): Error -61 getting encryption context [ 482.469251][T11493] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61 [ 482.471771][T11494] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 482.486338][T11493] EXT4-fs error (device loop4): ext4_orphan_get:1394: inode #13: comm syz-executor.4: casefold flag without casefold feature [ 482.515760][T11493] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz-executor.4: couldn't read orphan inode 13 (err -117) [ 482.547685][T11493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 482.576913][ T8961] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.664667][T11493] EXT4-fs: Ignoring removed orlov option [ 482.671957][T11471] loop3: detected capacity change from 0 to 32768 [ 482.688963][T11493] EXT4-fs error (device loop4): __ext4_remount:6503: comm syz-executor.4: Abort forced by user [ 482.715430][T10822] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 482.725422][T11493] EXT4-fs (loop4): Remounting filesystem read-only [ 482.736341][T11471] XFS (loop3): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 482.747078][ T5162] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 482.753615][T11508] vxcan0: tx drop: invalid da for name 0x0000000000000004 [ 482.762069][T11493] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: none. [ 482.802300][ T7358] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.873887][T11471] XFS (loop3): Ending clean mount [ 483.095366][ T5162] usb 2-1: Using ep0 maxpacket: 16 [ 483.103097][ T5162] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 483.296294][ T5162] usb 2-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 483.305669][ T5162] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 484.003236][ C0] vxcan0: j1939_tp_rxtimer: 0xffff88802c8cac00: rx timeout, send abort [ 484.009480][T11520] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 484.016047][ C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88802c8cac00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 484.034123][T11519] loop0: detected capacity change from 0 to 2048 [ 485.100541][ T5162] usb 2-1: config 0 descriptor?? [ 485.263064][T11519] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 485.465605][T10163] XFS (loop3): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6 [ 485.582089][T10822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.913366][T11501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 485.938993][T11501] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 486.282479][ T5162] hid-generic 0003:0158:0100.000B: unknown main item tag 0x1 [ 486.291207][ T5162] hid-generic 0003:0158:0100.000B: unexpected long global item [ 486.310236][ T5162] hid-generic 0003:0158:0100.000B: probe with driver hid-generic failed with error -22 [ 486.552589][ T5160] usb 2-1: USB disconnect, device number 11 [ 486.637135][T11548] loop2: detected capacity change from 0 to 512 [ 486.638374][T11544] loop4: detected capacity change from 0 to 4096 [ 486.654062][T11548] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 486.694427][T11548] EXT4-fs (loop2): can't mount with commit=3, fs mounted w/o journal [ 486.719254][T11551] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 486.735207][T11551] IPv6: NLM_F_CREATE should be set when creating new route [ 486.738423][T11544] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512). [ 486.979579][T11544] ntfs3: loop4: Failed to initialize $Extend/$Reparse. [ 489.036948][T11560] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.0'. [ 489.207146][ T7358] ntfs3: loop4: ino=1a, ntfs_sync_fs failed, -22. [ 489.224275][T11566] loop3: detected capacity change from 0 to 128 [ 489.357476][T11566] FAT-fs (loop3): Directory bread(block 32) failed [ 489.375020][T11566] FAT-fs (loop3): Directory bread(block 33) failed [ 489.405075][T11566] FAT-fs (loop3): Directory bread(block 34) failed [ 489.425486][T11566] FAT-fs (loop3): Directory bread(block 35) failed [ 489.463525][T11566] FAT-fs (loop3): Directory bread(block 36) failed [ 489.467858][T11575] loop4: detected capacity change from 0 to 764 [ 489.492351][T11566] FAT-fs (loop3): Directory bread(block 37) failed [ 489.505874][T11566] FAT-fs (loop3): Directory bread(block 38) failed [ 489.516075][T11566] FAT-fs (loop3): Directory bread(block 39) failed [ 489.522780][T11566] FAT-fs (loop3): Directory bread(block 40) failed [ 489.539351][T11566] FAT-fs (loop3): Directory bread(block 41) failed [ 489.738841][T11564] FAT-fs (loop3): Filesystem has been set read-only [ 489.745805][T11564] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 490.015276][T11590] loop1: detected capacity change from 0 to 4096 [ 490.266403][ T5190] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 490.486510][ T5190] usb 3-1: Using ep0 maxpacket: 16 [ 490.509077][ T5190] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 490.546254][ T5190] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 490.560911][ T5190] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 490.600598][ T5190] usb 3-1: config 0 descriptor?? [ 490.995910][T11592] loop4: detected capacity change from 0 to 40427 [ 491.041450][T11592] F2FS-fs (loop4): invalid crc value [ 491.093519][T11592] F2FS-fs (loop4): Found nat_bits in checkpoint [ 491.254095][T11595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 491.276774][T11592] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4 [ 491.295634][T11595] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 491.308611][T11616] f2fs_ckpt-7:4: attempt to access beyond end of device [ 491.308611][T11616] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 491.325775][T11626] loop0: detected capacity change from 0 to 4096 [ 491.362765][ T5190] hid-generic 0003:0158:0100.000C: unknown main item tag 0x1 [ 491.371481][T11626] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 491.384260][ T5190] hid-generic 0003:0158:0100.000C: unexpected long global item [ 491.396836][T11616] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 491.400693][ T5190] hid-generic 0003:0158:0100.000C: probe with driver hid-generic failed with error -22 [ 491.424430][T11631] loop1: detected capacity change from 0 to 512 [ 491.465593][T11626] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 491.758123][ T5160] usb 3-1: USB disconnect, device number 12 [ 491.839789][T10822] ntfs3: loop0: ino=1a, ntfs_sync_fs failed, -22. [ 492.302553][T11640] loop0: detected capacity change from 0 to 1024 [ 492.366769][T11640] hfsplus: bad catalog entry type [ 492.431157][T11642] loop4: detected capacity change from 0 to 2048 [ 492.454716][ T2860] hfsplus: b-tree write err: -5, ino 4 [ 492.483596][T11642] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 492.577642][T11648] Cannot find add_set index 0 as target [ 492.997795][T11667] loop1: detected capacity change from 0 to 1024 [ 493.195911][ T29] kauditd_printk_skb: 46 callbacks suppressed [ 493.236680][ T29] audit: type=1800 audit(1719224518.453:871): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 493.290291][T11673] loop2: detected capacity change from 0 to 1024 [ 493.308398][ T29] audit: type=1800 audit(1719224518.483:872): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 493.368936][T11673] hfsplus: bad catalog entry type [ 493.384219][ T29] audit: type=1800 audit(1719224518.483:873): pid=11671 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1945 res=0 errno=0 [ 493.456322][ T29] audit: type=1800 audit(1719224518.733:874): pid=11675 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz-executor.0" name="file0" dev="sda1" ino=1946 res=0 errno=0 [ 493.457755][ T51] hfsplus: b-tree write err: -5, ino 4 [ 493.605788][T11682] Cannot find add_set index 0 as target [ 493.965470][T11692] loop4: detected capacity change from 0 to 2048 [ 493.991337][T11698] netlink: 'syz-executor.3': attribute type 14 has an invalid length. [ 494.000064][T11698] bond0: option xmit_hash_policy: invalid value (204) [ 494.019363][T11692] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 494.129563][T11698] loop3: detected capacity change from 0 to 2048 [ 494.229686][T11698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 494.281225][T11698] ext4 filesystem being mounted at /root/syzkaller-testdir3779688144/syzkaller.er5Hq6/93/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 494.300768][T11707] netlink: 'syz-executor.0': attribute type 10 has an invalid length. [ 494.309242][T11707] netlink: 156 bytes leftover after parsing attributes in process `syz-executor.0'. [ 494.611197][T11711] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 495.531863][T10163] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 496.442092][T11725] netlink: 'syz-executor.4': attribute type 10 has an invalid length. [ 496.489100][T11725] netlink: 55 bytes leftover after parsing attributes in process `syz-executor.4'. [ 496.566072][T11731] Cannot find add_set index 0 as target [ 496.666867][T11734] [ 496.669264][T11734] ====================================================== [ 496.676376][T11734] WARNING: possible circular locking dependency detected [ 496.683441][T11734] 6.10.0-rc5-syzkaller #0 Not tainted [ 496.688860][T11734] ------------------------------------------------------ [ 496.695935][T11734] syz-executor.0/11734 is trying to acquire lock: [ 496.702410][T11734] ffff88801504e618 (&n->list_lock){-.-.}-{2:2}, at: get_partial_node+0x36/0x280 [ 496.711551][T11734] [ 496.711551][T11734] but task is already holding lock: [ 496.718938][T11734] ffff888061bdc1f8 (&trie->lock){-.-.}-{2:2}, at: trie_update_elem+0xc8/0xc00 [ 496.727879][T11734] [ 496.727879][T11734] which lock already depends on the new lock. [ 496.727879][T11734] [ 496.738317][T11734] [ 496.738317][T11734] the existing dependency chain (in reverse order) is: [ 496.747350][T11734] [ 496.747350][T11734] -> #1 (&trie->lock){-.-.}-{2:2}: [ 496.754673][T11734] lock_acquire+0x1ed/0x550 [ 496.759718][T11734] _raw_spin_lock_irqsave+0xd5/0x120 [ 496.765549][T11734] trie_delete_elem+0x96/0x6a0 [ 496.770855][T11734] bpf_prog_00798911c748094f+0x46/0x46 [ 496.776849][T11734] bpf_trace_run2+0x2ec/0x540 [ 496.782074][T11734] trace_contention_end+0x114/0x140 [ 496.787816][T11734] __pv_queued_spin_lock_slowpath+0xb81/0xdc0 [ 496.794443][T11734] queued_spin_lock_slowpath+0x42/0x50 [ 496.800467][T11734] do_raw_spin_lock+0x272/0x370 [ 496.805862][T11734] _raw_spin_lock_irqsave+0xe1/0x120 [ 496.811694][T11734] get_partial_node+0x36/0x280 [ 496.817002][T11734] ___slab_alloc+0xc17/0x14b0 [ 496.822222][T11734] __slab_alloc+0x58/0xa0 [ 496.827116][T11734] kmalloc_node_track_caller_noprof+0x281/0x440 [ 496.833933][T11734] kmalloc_reserve+0x111/0x2a0 [ 496.839265][T11734] __alloc_skb+0x1f3/0x440 [ 496.844233][T11734] nsim_dev_trap_report_work+0x254/0xaa0 [ 496.850515][T11734] process_scheduled_works+0xa2c/0x1830 [ 496.856597][T11734] worker_thread+0x86d/0xd70 [ 496.861724][T11734] kthread+0x2f0/0x390 [ 496.866331][T11734] ret_from_fork+0x4b/0x80 [ 496.871389][T11734] ret_from_fork_asm+0x1a/0x30 [ 496.876702][T11734] [ 496.876702][T11734] -> #0 (&n->list_lock){-.-.}-{2:2}: [ 496.884216][T11734] validate_chain+0x18e0/0x5900 [ 496.889614][T11734] __lock_acquire+0x1346/0x1fd0 [ 496.895002][T11734] lock_acquire+0x1ed/0x550 [ 496.900038][T11734] _raw_spin_lock_irqsave+0xd5/0x120 [ 496.905872][T11734] get_partial_node+0x36/0x280 [ 496.911188][T11734] ___slab_alloc+0xc17/0x14b0 [ 496.916409][T11734] __slab_alloc+0x58/0xa0 [ 496.921283][T11734] __kmalloc_node_noprof+0x286/0x440 [ 496.927110][T11734] bpf_map_kmalloc_node+0xd3/0x1c0 [ 496.932766][T11734] trie_update_elem+0x1cd/0xc00 [ 496.938161][T11734] bpf_map_update_value+0x4d3/0x540 [ 496.943923][T11734] generic_map_update_batch+0x60d/0x900 [ 496.950030][T11734] bpf_map_do_batch+0x3e0/0x690 [ 496.955422][T11734] __sys_bpf+0x377/0x810 [ 496.960207][T11734] __x64_sys_bpf+0x7c/0x90 [ 496.965170][T11734] do_syscall_64+0xf3/0x230 [ 496.970218][T11734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 496.976656][T11734] [ 496.976656][T11734] other info that might help us debug this: [ 496.976656][T11734] [ 496.986897][T11734] Possible unsafe locking scenario: [ 496.986897][T11734] [ 496.994358][T11734] CPU0 CPU1 [ 496.999729][T11734] ---- ---- [ 497.005101][T11734] lock(&trie->lock); [ 497.009192][T11734] lock(&n->list_lock); [ 497.015969][T11734] lock(&trie->lock); [ 497.022576][T11734] lock(&n->list_lock); [ 497.026833][T11734] [ 497.026833][T11734] *** DEADLOCK *** [ 497.026833][T11734] [ 497.034986][T11734] 2 locks held by syz-executor.0/11734: [ 497.040544][T11734] #0: ffffffff8e333fa0 (rcu_read_lock){....}-{1:2}, at: bpf_map_update_value+0x3c4/0x540 [ 497.050533][T11734] #1: ffff888061bdc1f8 (&trie->lock){-.-.}-{2:2}, at: trie_update_elem+0xc8/0xc00 [ 497.059888][T11734] [ 497.059888][T11734] stack backtrace: [ 497.065787][T11734] CPU: 1 PID: 11734 Comm: syz-executor.0 Not tainted 6.10.0-rc5-syzkaller #0 [ 497.074560][T11734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 497.084640][T11734] Call Trace: [ 497.087936][T11734] [ 497.090882][T11734] dump_stack_lvl+0x241/0x360 [ 497.095679][T11734] ? __pfx_dump_stack_lvl+0x10/0x10 [ 497.100937][T11734] ? print_circular_bug+0x130/0x1a0 [ 497.106162][T11734] check_noncircular+0x36a/0x4a0 [ 497.111129][T11734] ? __pfx_check_noncircular+0x10/0x10 [ 497.116620][T11734] ? lockdep_lock+0x123/0x2b0 [ 497.121342][T11734] ? __pfx_validate_chain+0x10/0x10 [ 497.126566][T11734] validate_chain+0x18e0/0x5900 [ 497.131466][T11734] ? __pfx_validate_chain+0x10/0x10 [ 497.136704][T11734] ? validate_chain+0x11e/0x5900 [ 497.141692][T11734] ? validate_chain+0x11e/0x5900 [ 497.146666][T11734] ? __pfx_lock_release+0x10/0x10 [ 497.151915][T11734] ? __pfx_validate_chain+0x10/0x10 [ 497.157176][T11734] ? deref_stack_reg+0x1c7/0x260 [ 497.162163][T11734] ? mark_lock+0x9a/0x350 [ 497.166518][T11734] __lock_acquire+0x1346/0x1fd0 [ 497.171485][T11734] lock_acquire+0x1ed/0x550 [ 497.176011][T11734] ? get_partial_node+0x36/0x280 [ 497.180984][T11734] ? __pfx_lock_acquire+0x10/0x10 [ 497.186053][T11734] ? ___slab_alloc+0x265/0x14b0 [ 497.190930][T11734] _raw_spin_lock_irqsave+0xd5/0x120 [ 497.196243][T11734] ? get_partial_node+0x36/0x280 [ 497.201218][T11734] ? __pfx__raw_spin_lock_irqsave+0x10/0x10 [ 497.207139][T11734] ? ___slab_alloc+0x265/0x14b0 [ 497.212033][T11734] ? __pfx_lock_release+0x10/0x10 [ 497.217076][T11734] get_partial_node+0x36/0x280 [ 497.221876][T11734] ___slab_alloc+0xc17/0x14b0 [ 497.226578][T11734] ? bpf_map_kmalloc_node+0xd3/0x1c0 [ 497.231887][T11734] ? bpf_map_kmalloc_node+0xd3/0x1c0 [ 497.237195][T11734] __slab_alloc+0x58/0xa0 [ 497.241576][T11734] __kmalloc_node_noprof+0x286/0x440 [ 497.246888][T11734] ? bpf_map_kmalloc_node+0xd3/0x1c0 [ 497.252251][T11734] bpf_map_kmalloc_node+0xd3/0x1c0 [ 497.257392][T11734] trie_update_elem+0x1cd/0xc00 [ 497.262274][T11734] ? __pfx_lock_release+0x10/0x10 [ 497.267318][T11734] bpf_map_update_value+0x4d3/0x540 [ 497.272566][T11734] generic_map_update_batch+0x60d/0x900 [ 497.278242][T11734] ? __pfx_generic_map_update_batch+0x10/0x10 [ 497.284342][T11734] ? __pfx_generic_map_update_batch+0x10/0x10 [ 497.290433][T11734] bpf_map_do_batch+0x3e0/0x690 [ 497.295398][T11734] __sys_bpf+0x377/0x810 [ 497.299684][T11734] ? __pfx___sys_bpf+0x10/0x10 [ 497.304472][T11734] ? __rseq_handle_notify_resume+0x353/0x14e0 [ 497.310568][T11734] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 497.316567][T11734] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 497.322932][T11734] ? do_syscall_64+0x100/0x230 [ 497.327722][T11734] __x64_sys_bpf+0x7c/0x90 [ 497.332165][T11734] do_syscall_64+0xf3/0x230 [ 497.336693][T11734] ? clear_bhb_loop+0x35/0x90 [ 497.341394][T11734] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.347310][T11734] RIP: 0033:0x7f9011a7d0a9 [ 497.351749][T11734] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 497.371378][T11734] RSP: 002b:00007f90115de0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 497.379987][T11734] RAX: ffffffffffffffda RBX: 00007f9011bb4050 RCX: 00007f9011a7d0a9 [ 497.387974][T11734] RDX: 0000000000000038 RSI: 0000000020000000 RDI: 000000000000001a [ 497.395972][T11734] RBP: 00007f9011aec074 R08: 0000000000000000 R09: 0000000000000000 [ 497.403955][T11734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 497.412026][T11734] R13: 000000000000006e R14: 00007f9011bb4050 R15: 00007ffc0f374d28 2024/06/24 10:22:02 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 497.420195][T11734]