last executing test programs: 1.963848203s ago: executing program 0 (id=651): syz_emit_ethernet(0x4a, &(0x7f0000000140)=ANY=[@ANYBLOB="aaaaaa2aaaaac772528a7e77845d86dd60ff00f500140600fee06f79cb853d8219000000000000aa35fd8bf0ff7f00000000000000000001000000000000000000000000000000f84562166b4c641c92ec8b561985cb332930e9d475b5a95cdbdec174bb626707f324e3f40cc3b27fe8d9"], 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a3000000000c8010000090a010400000000000000ea0100000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000218c0111800b00010074617267657400007c0102800400030008000240000000006b010100"], 0x210}}, 0x0) 1.868045266s ago: executing program 0 (id=654): r0 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001040)={0x38, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}}, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 1.479581215s ago: executing program 1 (id=664): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=@ipv6_newroute={0x24, 0x18, 0x105, 0x0, 0x0, {0xa, 0x14, 0x0, 0x0, 0xfe, 0x1, 0x0, 0xb, 0x2400}, [@RTA_OIF={0x8, 0x4, r1}]}, 0x24}, 0x1, 0x0, 0x0, 0x54}, 0x40) 1.423211011s ago: executing program 1 (id=666): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x5e, &(0x7f00000009c0)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00@\x00', 0x28, 0x6, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x4e24, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@md5sig={0x13, 0x12, "d4c466fb19f71e96642faa2300"}]}}}}}}}}, 0x0) 1.366461552s ago: executing program 2 (id=667): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001"], 0x44}}, 0x0) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}}, 0x0) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)={0x44, 0x0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x99e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x19}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}]]}, 0x44}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088a817008847", 0x33fe0}], 0x1}, 0x0) 1.319917362s ago: executing program 1 (id=668): r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000400)={'vxcan0\x00', 0x0}) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f0000000200)="9e36d448b388dd", 0x0, 0x0, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = socket(0x1d, 0x2, 0x6) bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x3}, 0x18) syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r2) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$TIPC_CONN_TIMEOUT(r3, 0x10f, 0x82, 0x0, 0x1a) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r2) sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x200, 0x2070bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x1400c011}, 0x40880) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0) syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r2) sendmsg$NL80211_CMD_GET_MPATH(r2, 0x0, 0x40000) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x8031, 0xffffffffffffffff, 0x0) close(r2) 1.277024846s ago: executing program 2 (id=670): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x8}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4000}}}]}, 0x38}}, 0x0) sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) 1.132004125s ago: executing program 0 (id=672): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000100), 0x4) connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10) sendto$inet(r0, &(0x7f00000026c0)='?', 0xd0b9, 0x0, 0x0, 0x0) 1.075604672s ago: executing program 3 (id=675): syz_init_net_socket$nfc_raw(0x27, 0x4, 0x0) 1.019755194s ago: executing program 3 (id=677): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) 913.565537ms ago: executing program 3 (id=679): ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000140)={'syztnl0\x00', 0x0, 0x10, 0x7800, 0x80, 0x80000000, {{0x5, 0x4, 0x2, 0x34, 0x14, 0x68, 0x0, 0x5, 0x2f, 0x0, @loopback, @empty}}}}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0) write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x208, 0x0, 0xa, 0x148, 0x0, 0x10, 0x3a0, 0x2a8, 0x2a8, 0x3a0, 0x2a8, 0x3, 0x0, {[{{@ip={@remote, @multicast1, 0x0, 0x0, 'bridge0\x00', 'virt_wifi0\x00'}, 0x0, 0x70, 0xe0, 0x0, {0x200003ae, 0x7f00}}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0xffff, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @empty, 0x0, 0xff, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x70, 0x90}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x268) 679.962653ms ago: executing program 4 (id=684): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='freezer.parent_freezing\x00', 0x275a, 0x0) mmap(&(0x7f00008b7000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) mmap(&(0x7f00005d3000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) mmap(&(0x7f00004e7000/0x2000)=nil, 0x2000, 0x0, 0x13, r1, 0x0) mmap(&(0x7f00004a3000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f00002b0000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x0) mmap(&(0x7f0000071000/0x4000)=nil, 0x4000, 0x0, 0x13, r1, 0x0) mmap(&(0x7f0000867000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) mmap(&(0x7f00002ad000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x8, 0x3032, 0xffffffffffffffff, 0x54099000) 679.64803ms ago: executing program 4 (id=685): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) r0 = socket(0x28, 0x5, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0x0) connect$vsock_stream(r0, &(0x7f0000000080), 0x10) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094) 646.460247ms ago: executing program 4 (id=686): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'cryptd(crct10dif-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$kcm(r1, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000a40)="40e026b6", 0x4}], 0x1}, 0x8050) accept4$nfc_llcp(r1, 0x0, 0x0, 0x80800) 560.885249ms ago: executing program 4 (id=687): syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff) r0 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r0, 0x0, 0x0) r1 = socket(0x2a, 0x2, 0x0) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=@newqdisc={0x68, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x101, 0x9, 0x5}}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x2, 0x1, 0x2, 0x1, 0x10, 0x4}}, {0x4}}]}]}, 0x68}}, 0x20008000) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, 0x0, 0x0) sendmsg$nl_route_sched(r1, 0x0, 0x880) r3 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) 464.008674ms ago: executing program 4 (id=688): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000300)='tasks\x00', 0x2, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, &(0x7f00000000c0)=0x4000000000000006, 0x6) 463.54311ms ago: executing program 3 (id=689): socket$alg(0x26, 0x5, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) write(r0, &(0x7f0000000340)="41000000010001", 0x7) 434.206731ms ago: executing program 4 (id=690): r0 = socket$rds(0x15, 0x5, 0x0) sendmsg$rds(r0, 0x0, 0x0) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x21, @fixed}, 0xe) connect$bt_sco(r1, &(0x7f0000000040), 0x8) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) connect$bt_sco(r3, &(0x7f00000001c0)={0x1f, @none}, 0x8) 392.968195ms ago: executing program 2 (id=691): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, 0x0, 0x0) sendmsg$NFT_BATCH(r0, 0x0, 0x0) epoll_create1(0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e127a5108000200104013"], 0x44}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmmsg(r3, &(0x7f0000000000), 0x4000000000001f2, 0xfff0) 323.514608ms ago: executing program 3 (id=692): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0x0) syz_emit_ethernet(0x62, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ff00f5", 0x2c, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0xb, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@ack={0x1e, 0x18, 0x1f, 0x4, "d06276418b217a1f693be5f50000000000ab4731"}]}}}}}}}}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 323.13373ms ago: executing program 1 (id=693): r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000240)={0x3, @bcast, 0xee00}) ioctl$SIOCAX25DELUID(r0, 0x89e2, &(0x7f0000000000)={0x3, @bcast, 0xee00}) 322.91312ms ago: executing program 2 (id=694): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007"], 0x38}}, 0x0) sendmsg$key(r0, &(0x7f0000000240)={0x7, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006000000000002"], 0x50}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e"], 0x70}}, 0x0) sendmmsg(r0, &(0x7f0000000180), 0x3ef, 0x0) 292.137756ms ago: executing program 1 (id=695): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], 0x0, 0x2b, 0x0, 0xa, 0x0, 0x0, @void, @value}, 0x28) r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000056000100000000f70000000007020000", @ANYRES32, @ANYBLOB="200001"], 0x38}}, 0x0) 287.347288ms ago: executing program 0 (id=696): close(0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c) listen(r1, 0xa24d34b4) syz_emit_ethernet(0x56, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ffefb6", 0x20, 0x6, 0x0, @local, @local, {[], {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0xc2, 0x0, 0x0, 0x0, {[@mptcp=@capable={0x1e, 0xc, 0x5, 0x3}]}}}}}}}}, 0x0) 239.922547ms ago: executing program 3 (id=697): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) sendto$inet6(r0, &(0x7f00000002c0)="0af77698439a10e7d2e938de2e318c1bb099c906bfea267b96293eeb9e4f71fcae521d06784dbdbe908fbe6d7da3db86007a", 0x32, 0x0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newlink={0x44, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2020}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0xc, 0x5, 0x0, 0x1, [@IFLA_BRPORT_PROXYARP={0x5, 0xa, 0x1}]}}}]}, 0x44}}, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, 0x0, 0x0) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x4b, &(0x7f0000000040)=0x5, 0x4) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff) syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000440)=ANY=[@ANYRES16=r3, @ANYRES32, @ANYRES32], 0x36) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wpan0\x00'}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x4000000) r4 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_sctp(0x2, 0x1, 0x84) ioctl$BTRFS_IOC_QUOTA_RESCAN(r5, 0x4040942c, &(0x7f0000000540)={0x0, 0x0, [0x0, 0x6, 0x10, 0x10001, 0xa, 0x7]}) 231.540857ms ago: executing program 1 (id=698): socket(0x28, 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vxcan0\x00', 0x0}) sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="0000009500"/16], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2a, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x1c, &(0x7f00000003c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r2) sendmsg$NLBL_UNLABEL_C_STATICADD(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=r3], 0x4c}, 0x8, 0x3000000000002}, 0x0) r4 = socket$unix(0x1, 0x2, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan0\x00', 0x0}) r6 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r6, &(0x7f0000000200)={0x1d, r5}, 0x10) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xf}}}, 0x24}}, 0x0) 224.296333ms ago: executing program 0 (id=699): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000009b80)={'wlan0\x00', 0x0}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000009d00)={0x0, 0x0, &(0x7f0000009cc0)={&(0x7f0000009bc0)={0x1c, r3, 0x23, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}}, 0x0) 164.009481ms ago: executing program 2 (id=700): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_ADD_DEV(0xffffffffffffffff, 0x5000940a, &(0x7f0000002140)={{}, "d4defc3669e4cfd8e010c132e0c63e8b9bb377d767e4661a538010f8ac5316a7bfcc84622dce4144bc6b330e332b6751da2eeab051b7f4dc69c53b24229565dbe5b68b6edce91756519ae1db7cdf9c182468c9963df40456e32103f99d5048f1c7e5296debb5d8fa8cc28e8f0497c2a70733769143cf4b8e0bc77493310745aca6aebe297306b5405901ffedd5f1e15e2cfaa9f0219bdad91006cf7bdf06a920f7cb3e9fd6086fced51ca8425d21b42243b88892f29d6d12202ac51f9355f3119918a1e1c2fb9062391d0fe349996c1cd1015fb93661fe864acab7f9da7994b38a4c0ecd8ecc048c2720b3b9d9b3e4bad2718c7165cc476f33f93e38fd4ad9e228c6fb1907a1a3f78d2fff825a22b0bc68f39de4c4cdc32e7e437cd6162261153f7aa1f985ce79933af5f3e9184e625cce995589ca3a3afd3220aa33aa43eb79786fca42ddae97a9caf57e1442e93ab5078e2b1da4cefb00aace97ca171db272b84a1f74e9d170dda23664266f2dbd73db94cb2ea22ca5c6aa93d8752296dd53de7bcf1d772eb60ef8ed8eb9c597339e4d32187b7590e3297a76473a435a5273015bf3974b6940557b016e805666220f01b290636e78e21e7b744f3984a0e8d7b5c3e97ad0dc4dc968f8b711051176afe19bc473682797d0399966a1d4d07fdc61e47c0b81dde3257b767711fc91334ac0c025a8c609d9968fd0019f07ce6617bf1fd55304d426e83620dbe7bd965591fd8a2dcdf9578fb8031f25fd376a62842f1a11f962894058ba43a271b79aed5758428f088513763be4ef06b039e3007c5f19b8fc6d137a8db7bdd0b65c1aebdac40c0de7ae361200a7ca9ca61470ed0e9403c5950174a6dc106b00779055a84e262f22875850ebc35eb22e117a86d57c405ff6f8fce3706232dda20ca189e8b782c82b20d56b0b20d33312b14f2a731955d9a0f4648ce635c45b51c419df7377dccaf1308b50bf23777efb0cd19f57e9f42b1f7c1946736fe1090353d04648ef0b2c552d491c6b5990dc8ce9194bbd1c5da0c537791e67f0d139873b92b62facd60bd59ea75bb7f32c4bf15618a5b22b16ff60fbb136d8aeb238135ec1bbf1a9cf48b1c8f171e64713fc406e3cb0a7eea99e6befc88ab9c9d512026f96a38733868ed4485a61108b23713d7deb4c4d77a367101ed58a9f9e5b97a8df641d9dd2edec8b1ec8b582ae87f6f5cd0135fd14a0c0261488512d9f2fa74cf7c9c42c550231e78a63c5a2251f8d42169af26be7c8c729a756d2e325b9519b475fdde3a31595e9c13237e1a382dd114c4f8c0361274c0a09cf6c15d5165248549b89e07aa780f745c3608c90035b2669e1cc522bc2fb3fdb01fc2e615adba46b398e13327dc059c1a8bf0d1d02ba7e25eaad9a266ada49cc5b002a63461f9551814dea0b4e761b3ac75d47e2671973ca96e5293008caa22107e7b132f59acc47bc3ab5b4dea763ce7493545322017197fea993a76db9c382a43e3b4e3fcb0d4680b260898a6d11d416605af2623cb4d73f1680e918039a55253d868c019a83390e1f970e38c810d628ae202f6f5c37afadca355df1c3408ff3ef9eb9cf62ddb36356c6fa9ecd8d1f6b180a31be55a484622b495c70142b4a14a31e5d68c2fefab08849c42a58d0aebbcd0dc714bf02d42a5f5942bdce9156d4adc4986053936d663a66c76d3433b840e16cbca0b2f95cc48898747e6d16f9b9693c9dfc04d3b7bf891b785ae483972cedbf8c1389ed1ff10f0b539274b856a5182140fba5c61fafd3651cee96fb1f386620fe9758d1e47cf4663fe4ee6b80c6ad930b3db8dd8da9095c05fbf9fb2d71c70b28b0f0a79de61424a9dffd237c15e703365c265541dd46999ed4c2e60d9e0f98cc2bccb527923dcebe294fa48bf27e512c2be978468e6fc256f4eda141b1dc31b2d8f2f09bdfc14aad0d99c4c10d005dd26882bbf96b9f7304a5a38b3101d937b1b60fd119640b4570990abd56aa24e1e043c1c43b28e95fcfea445c85ab242f41cfa640e946feffed2b3a77a5385a6b685fbc9e66f2c832472f48ed5a0b575b4b8f562095a3644f07889349bc0a6e819c64edaac220f1de9aa666f779be5c8f5c2a3f1a6da92b70e340848cda6a0f1279deafd04cfcd4b321e87b35eb8d86bba41d0cf115acb2348d69f8a0ca8b4d3c3650dfac6c6e5d6f0ec0db342ee0523e96676422be59fc351f013ad5fd2a9f296504555be12cfa46a16938bfcb3b230505f0db4c3fef786d03781d8e420dc873deebc11e36747d491c3545896be83a60b8459eb40e2bb89fca21970ea929620e264da43aadd6947528547068395562547fd4d919b9a3fe47e0bd69262f703c28777dc45651ccc595cfddabded3b60417441cf8990451a8d377d2849a81c332b030dc52df4f09de0c38b63c119f53588adac4976c4c302725240a6fd7e049a9102aad6d0984eb6a5eeed515b3b4d5149f40f108710cee694d4eafd1b10c1dddb9f81f2939cbf6f3ef9a3c103247a777d72639e084fbac561770ef79d20999511f1cf7b17a5850127aa1c29db1e0acf80adde94a3b70f406d2ee7bd7d4ed981cef3a9b3b1be1477574900385d201eae92c3deef1744df0374dd916228f64e45c6300abb6fbfb1254945b9a733dc6a92ec60a36bda69b2adbbd2d0ba0c650197b469e71222c5e1888be9bc41cc58071348abe17f44221c1fa3d542678ec7d205898b1a6291bf7003c9c1ba3a476c43f0809544332ebe98f9a83be1f8236d1520830432e953e287314ffc76573c64b5ef4e48823cdeebe10538b19d17bfd1e9fb02bf25c7f90d7eca42ccbc896a1d9b9815bc73a7f876d9030daf8f8926c5dd9b6f5e301b6439af64d3937930c575d304d1e889e5f1380caf5e01bd5b3b56ba212df37e3d84776c3df9e46b8dcd4de60f49daf7218461dbd9f1902350b59bc4e2d946eca940d5b61d3a178547351934927791a79b6a8c40cb859b5148f5f3c11fc630aecbf3e7122a35835554b0d1deba001810c9dcba7ae47e1fd543a3ec814e66417e9e32914f89ae97e093fcfa6a35712ad0293e0865a4da7c0d59919ef209a9a8e1473d56e1b089ba78ce64327a1265e888cf2680a6f6e40153931e7838db2e7f51561686067d8b7b904a9ee1f0bb2c076e2e2a36ae013df205e741defad6c1b312d5e7ac452857ce08939b45381f330ffcc763933d53385ea34eec61116e2f8d88b91d053322500b8a3d6662262f1fa11db9bbb9542c9c50bbc2e8d1a8fe17efbdb7dae1c5ed62e9757e65209c42ceca4ce4f25789ee904a9b690bd1e87711f4b1c7b9d31871b8def18e9bf2fd1ee6d86763ba0fbc5ae21514a067f6e70031f9843b3819fb7fc5395c546d706b4e9239ceb70bbebc8391348af2755a66f0abcf93287f51cba29e9a39b061beac11ec34e6224541e1bca886555de2d67c39292ade81d7528fbcfddab45a89b03d94cd7898089c0c5a568e2b1c91c4a27840526093f88ee7b5f04c9da8876f890b154bd1db2bcfc933b2406c259caf9089b515131980e40bcf39eafa33d23f58e24382b32266f7f3cbe90d9a35876b7d5ab19a4d628e76e3a70714f288faab3051a1f363b0a767b60edb6e4203bdaa8b82a923428a719c32fa942912b7f8279ec0f746aa1c8c93cbe70eaefff135505f2b9ef1f49245f26111ccbb4cc3f5769769fe3385acaa3e92d6262148681844699e5c6d16f3dbad69749fee6b55da163b0bc8f8cbef756334c94981728497bb279199420067533e77fcb6780cc258305b69b0cba2e1178a4b3bbd42c1eaff5c26a18568c8de26f80b6f1bd43ddd8a672768f3cad0b6391e282e05485f23ba5e4acff3c57c349bffbe269fe9e37fdd73936c7858633a60b309dc341021e15c73f0c77166ca601dbd0f42e24a3100228719c5faeff54c579949b0a9b5f843d56131528bec73fa6fbdd9a44593766899c9d58fc0aa231c991f2dda8b0868859762e40b801144c9c73d6e238a46fe8c929f9b36beb08160b4b84a3438862f09f9c7227582ba697ff428e8f43edcb7939c7a886e6e9efebbf5e93fc45a1b5e9bb05697f5997bcc4eb9bf61b53631bb75de7a7a98ae0d8ac0af84f18610f0aa3e3ebbcf3913a8a673ca6739222c3306f0e9b8476a50538ef559aab8568cf10365ce2a28d28bb57d6aaafaa2cce49c345086e24945885dd03c9836b4565130e8de45715e279aed5f0bee5309a7e33e94a3912ac989523d9433404aac41c7c464d5f527ea941837eb8ba9c27eac7ace59d2531b2002b3a64cecb55faecbfb689f8ee2f90352ff15ce8723ba18f6be847a52cd85aec62ff4848c966c18303260b0182d4c3225e2313e1b9b80d51e2728b0fff5207df95751fc608990712073f67c9b3c3319505bc1da1244c077842f22c9f14952a9760845ecc067f7e4c1f1c9023eff09d54a08bc018d22d99036d95c945946e0b839e90d3c73a67fbe4d23783569105a0d23cbe097fc6cd28f85af23a89255dd7cb67fbdc53317864e37d12c343c4148e3d66c54e5d4f7cacc7511d9c508dc65941716115227993dc0d8ee2d044ca4f08095a2af41abd9f1ab5444bc86b2f4708d172056dcc47f231c532965c32c5eb8bc52cb6294f761b83752b9c496cd165081ab5fbb290315f4fe3bef4cb9492e79bca56b8c8463d4b0beba90394629f61a61f72dcfdc07a54bd82e4f0da824b11855a29bac39107c4492a81a15e08d9bc0b8ba8e457baecea56d092e491a1d73e5f7ef6011c20a2d98e3536aa4f6af1245f91440411e31ab9e71113a27669f627aa535627c304c8e419c3a657821abf8d499a5e42bc8aaac40b42b4f41d23bbc2afc384b3dd703a114a348941204d7f8bb80bbe45d515ca4b716b81bde2da25988430f60e93dc95bf07a8d0488bfc0b6d9b742755b00ebce278f16807075855f645b3d92d2501bd70af2f70a99a2d2c72f892ea33d6ff130cb87cc44eeeac57eb3b990cfd6da973ba85548962056ace4a6131cb65a57fe921a1ec453cd3a64f74f331d50dd15c3fdb8b1e2d8239d303b67cf35033bc91caa99171ffb79178bab4441fce47cdbca6abee3cb6ce3a1395f7aa1a7d02fef795b18866a7c8efbd5b57654c0f279d125614d41e7d7781b6d2893e8bb95ad0e7769dc54debc0a33e9a81598f83a0ed831ebc4852f95a47a34250130d539e6f8c6b89671de9b15905ef83b0a8bd71237643b716edb53f041c75c2a24439a47ae50941235174f10ad310b121bec8dbe6fa61d1c3b45dad5df670502fe5b455db9a5b140c27c5616c7beda8c13bffe86d833b55e6e686324c9bc6617ae443acf46068b9548167f4002b32cc453451f4b29dcd3b05126effd714092eb7a395e8509f21d79e02664ca6ca7f5d88c7f61ac3f5fb95e8f209e28c606ca8b56492ea2f4bef1ce81a01fdc704220bc0d61e454e7931e55ed5bcc723c0c0c286b6253b1415aed87121d3120100fe21bdd7d1a65174131927b303f034c12264721b47c1b7ce71a6f79312480b139e6d54954381a10d3282886e518022429f40a0cb6b806167d7dc3e2d42d4dd92b5c7ab3cc8162f7751b5b3e8be47ba32c2fb0f588c142b10609988a8d146e1db5bd541984555c41cbf97765afcc35bfcf8704365c2d9be01b348e3d756d417531d1ba4850c7859a37e75d7b27e487c2b0937421f7dbc73184847979bdaa455085d7525ff97201c2f71b2eddec387427fb7ebd8037927097ce93ea686d051dafdad8e5eadb129c4e55e297f6f4af149b1371ad1b01ca7287f"}) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000020c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001bae9ee14d4284d73c826d8bce62cb84c8b765cbac71c46bc4718", @ANYRES16=r0], 0x398}}, 0x0) 33.732579ms ago: executing program 0 (id=701): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20004000) r1 = openat$cgroup_int(r0, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0) sendmsg$sock(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000240)=@in6={0xa, 0x4e28, 0x0, @local}, 0x80, 0x0}, 0x0) write$cgroup_subtree(r1, &(0x7f0000000240)=ANY=[], 0x31) 0s ago: executing program 2 (id=702): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000001c0)=ANY=[], 0x6c}}, 0x0) r0 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_plug={{0x9}, {0xc, 0x2, {0x1, 0xd8}}}]}, 0x3c}}, 0x4000) r3 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0) kernel console output (not intermixed with test programs): vfat: Unknown parameter 'nnonumtail' [ 44.720920][ T6606] loop2: detected capacity change from 0 to 8 [ 44.732797][ T6574] XFS (loop1): Ending clean mount [ 44.734359][ T6607] fuse: Bad value for 'user_id' [ 44.735447][ T6607] fuse: Bad value for 'user_id' [ 44.737555][ T6574] XFS (loop1): Quotacheck needed: Please wait. [ 44.817022][ T6574] XFS (loop1): Quotacheck: Done. [ 44.908793][ T6413] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 44.984941][ T6599] loop3: detected capacity change from 0 to 32768 [ 44.986912][ T6599] xfs: Unknown parameter 'obj_type' [ 45.178620][ T30] audit: type=1326 audit(45.150:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6618 comm="syz.2.30" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff83d49728 code=0x0 [ 45.310532][ T6631] netlink: 8 bytes leftover after parsing attributes in process `syz.1.32'. [ 45.364640][ T6612] loop0: detected capacity change from 0 to 32768 [ 45.373279][ T6633] netlink: 'syz.1.33': attribute type 19 has an invalid length. [ 45.377557][ T6612] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.27 (6612) [ 45.411035][ T6612] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 45.413326][ T6612] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm [ 45.415104][ T6612] BTRFS info (device loop0): using free-space-tree [ 45.451209][ T6644] loop1: detected capacity change from 0 to 256 [ 45.457678][ T6644] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 45.620605][ T6422] Bluetooth: hci3: command tx timeout [ 45.621759][ T6422] Bluetooth: hci4: command tx timeout [ 45.622959][ T6422] Bluetooth: hci0: command tx timeout [ 45.624188][ T6422] Bluetooth: hci2: command tx timeout [ 45.625344][ T6422] Bluetooth: hci1: command tx timeout [ 46.266527][ T6660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.27'. [ 46.337551][ T6612] BTRFS info (device loop0): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 46.390747][ T6637] loop3: detected capacity change from 0 to 32768 [ 46.403407][ T6665] binder: 6665:6664 cannot find target node [ 46.404757][ T6665] binder: 6664:6665 transaction call to 0:0 failed 1/29189/-22, size 0-0 line 3144 [ 46.408994][ T6637] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.35 (6637) [ 46.411146][ T6665] binder: 6664:6665 ioctl c0306201 200002c0 returned -14 [ 46.446860][ T6637] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 46.448968][ T6637] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 46.464602][ T6414] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 46.508269][ T6637] BTRFS info (device loop3): rebuilding free space tree [ 46.522949][ T6685] loop4: detected capacity change from 0 to 512 [ 46.590068][ T6685] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.42: corrupted in-inode xattr: e_value size too large [ 46.598436][ T6637] BTRFS info (device loop3): disabling free space tree [ 46.602459][ T6637] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 46.605179][ T6685] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.42: couldn't read orphan inode 15 (err -117) [ 46.607766][ T6637] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 46.622275][ T6685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.628480][ T6637] BTRFS info (device loop3 state M): max_inline set to 0 [ 46.741406][ T6693] tmpfs: Unknown parameter 'usrquotaX' [ 47.358178][ T6421] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 47.387055][ T6701] loop1: detected capacity change from 0 to 256 [ 47.408865][ T6701] FAT-fs (loop1): bogus sectors per cluster 223 [ 47.423608][ T6701] FAT-fs (loop1): Can't find a valid FAT filesystem [ 47.428908][ T6425] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.733579][ T6711] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 47.801537][ T6714] loop1: detected capacity change from 0 to 256 [ 47.824110][ T6714] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 47.948881][ T6705] loop4: detected capacity change from 0 to 32768 [ 47.958617][ T6705] (syz.4.45,6705,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000016711679" or missing value [ 47.972676][ T6705] (syz.4.45,6705,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 48.047851][ T6718] ptrace attach of "./syz-executor exec"[6425] was attempted by " [ 48.051045][ T6718] loop4: detected capacity change from 0 to 256 [ 48.070263][ C1] vkms_vblank_simulate: vblank timer overrun [ 48.077800][ T6718] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdd78f4b7, utbl_chksum : 0xe619d30d) [ 48.338787][ T6726] fuse: Bad value for 'user_id' [ 48.340427][ T6726] fuse: Bad value for 'user_id' [ 48.514580][ T6723] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6) [ 48.516188][ T6723] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 48.874756][ T6727] netlink: 8 bytes leftover after parsing attributes in process `syz.3.48'. [ 48.894743][ T6723] vhci_hcd vhci_hcd.0: Device attached [ 48.924744][ T6724] vhci_hcd: connection closed [ 48.940857][ T11] vhci_hcd: stop threads [ 48.943328][ T11] vhci_hcd: release socket [ 48.944333][ T11] vhci_hcd: disconnect device [ 49.033545][ T6732] loop2: detected capacity change from 0 to 32768 [ 49.046466][ T6734] loop4: detected capacity change from 0 to 64 [ 49.118010][ T6738] loop1: detected capacity change from 0 to 256 [ 49.127453][ T6738] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d) [ 49.242109][ T6739] loop0: detected capacity change from 0 to 8 [ 49.259567][ T6739] squashfs: Unknown parameter '' [ 49.520046][ T6744] tmpfs: Unknown parameter 'usrquotaX' [ 50.217051][ T6755] loop1: detected capacity change from 0 to 512 [ 50.281802][ T6755] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.58: casefold flag without casefold feature [ 50.291965][ T6755] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.58: couldn't read orphan inode 15 (err -117) [ 50.309734][ T6755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 50.413518][ T6752] loop0: detected capacity change from 0 to 32768 [ 50.431873][ T6413] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.451695][ T6767] loop4: detected capacity change from 0 to 64 [ 50.473732][ T6767] hfs: get root inode failed [ 50.482407][ T6752] (syz.0.56,6752,0):ocfs2_verify_userspace_stack:854 ERROR: cluster stack passed to mount, but this filesystem does not support it [ 50.486128][ T6769] loop1: detected capacity change from 0 to 64 [ 50.509689][ T6752] (syz.0.56,6752,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 50.528510][ T6772] loop4: detected capacity change from 0 to 256 [ 50.530953][ T6772] vfat: Bad value for 'dmask' [ 51.464077][ T6753] loop2: detected capacity change from 0 to 40427 [ 51.504752][ T6753] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff [ 51.506603][ T6753] F2FS-fs (loop2): heap/no_heap options were deprecated [ 51.508293][ T6753] F2FS-fs (loop2): Image doesn't support compression [ 51.569411][ T6753] F2FS-fs (loop2): invalid crc value [ 51.663782][ T6788] trusted_key: syz.0.65 sent an empty control message without MSG_MORE. [ 51.767598][ T6789] tmpfs: Unknown parameter 'usrquotaX' [ 52.169196][ T6753] F2FS-fs (loop2): Found nat_bits in checkpoint [ 52.353454][ T6753] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 52.393208][ T6753] F2FS-fs (loop2): inject checkpoint error in f2fs_balance_fs of f2fs_setattr+0xbcc/0xf5c [ 52.571811][ T6805] tmpfs: Unknown parameter 'usrquotaX' [ 52.617103][ T6753] F2FS-fs (loop2): Stopped filesystem due to reason: 1 [ 53.084366][ T6804] loop4: detected capacity change from 0 to 1024 [ 53.128598][ T6808] loop1: detected capacity change from 0 to 2048 [ 53.142468][ T6808] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 53.185318][ T6808] UDF-fs: Scanning with blocksize 512 failed [ 53.191715][ T6808] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 53.231897][ T6778] loop3: detected capacity change from 0 to 32768 [ 53.236544][ T6808] xt_TCPMSS: Only works on TCP SYN packets [ 53.258435][ T6810] netlink: zone id is out of range [ 53.266765][ T6810] netlink: zone id is out of range [ 53.268364][ T6810] netlink: zone id is out of range [ 53.270142][ T6810] netlink: zone id is out of range [ 53.271194][ T6810] netlink: zone id is out of range [ 53.272240][ T6810] netlink: zone id is out of range [ 53.273250][ T6810] netlink: zone id is out of range [ 53.274404][ T6810] netlink: zone id is out of range [ 53.275435][ T6810] netlink: zone id is out of range [ 53.276574][ T6810] netlink: zone id is out of range [ 53.284203][ T6778] XFS (loop3): Mounting V5 Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 53.349449][ T12] hfsplus: b-tree write err: -5, ino 4 [ 53.355584][ T6808] syz.1.69: attempt to access beyond end of device [ 53.355584][ T6808] loop1: rw=2049, sector=2060, nr_sectors = 2 limit=2048 [ 53.358796][ T6808] Buffer I/O error on dev loop1, logical block 1030, lost async page write [ 53.361471][ T6808] syz.1.69: attempt to access beyond end of device [ 53.361471][ T6808] loop1: rw=2049, sector=2060, nr_sectors = 2 limit=2048 [ 53.364302][ T6808] Buffer I/O error on dev loop1, logical block 1030, lost async page write [ 53.366408][ T6808] syz.1.69: attempt to access beyond end of device [ 53.366408][ T6808] loop1: rw=2049, sector=2060, nr_sectors = 2 limit=2048 [ 53.371361][ T6808] Buffer I/O error on dev loop1, logical block 1030, lost async page write [ 53.373176][ T6808] syz.1.69: attempt to access beyond end of device [ 53.373176][ T6808] loop1: rw=2049, sector=2062, nr_sectors = 2 limit=2048 [ 53.375778][ T6808] Buffer I/O error on dev loop1, logical block 1031, lost async page write [ 53.387922][ T6808] syz.1.69: attempt to access beyond end of device [ 53.387922][ T6808] loop1: rw=2049, sector=2062, nr_sectors = 2 limit=2048 [ 53.391335][ T6808] Buffer I/O error on dev loop1, logical block 1031, lost async page write [ 53.393280][ T6808] syz.1.69: attempt to access beyond end of device [ 53.393280][ T6808] loop1: rw=2049, sector=2062, nr_sectors = 2 limit=2048 [ 53.396085][ T6808] Buffer I/O error on dev loop1, logical block 1031, lost async page write [ 53.397815][ T6808] syz.1.69: attempt to access beyond end of device [ 53.397815][ T6808] loop1: rw=2049, sector=2062, nr_sectors = 2 limit=2048 [ 53.409163][ T6808] Buffer I/O error on dev loop1, logical block 1031, lost async page write [ 53.410969][ T6808] syz.1.69: attempt to access beyond end of device [ 53.410969][ T6808] loop1: rw=2049, sector=2064, nr_sectors = 2 limit=2048 [ 53.419131][ T6808] Buffer I/O error on dev loop1, logical block 1032, lost async page write [ 53.434270][ T6778] XFS (loop3): Ending clean mount [ 53.764858][ T6840] syzkaller1: entered promiscuous mode [ 53.772313][ T6840] syzkaller1: entered allmulticast mode [ 53.892472][ T6840] loop0: detected capacity change from 0 to 4096 [ 53.898656][ T6840] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512). [ 53.924853][ T6840] ntfs3: loop0: Failed to initialize $Extend/$Reparse. [ 53.932366][ T6833] loop2: detected capacity change from 0 to 32768 [ 53.935581][ T6833] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.70 (6833) [ 53.965988][ T6807] UDF-fs: warning (device loop1): udf_truncate_tail_extent: Too long extent after EOF in inode 818: i_size: 134220898 lbcount: 134222848 extent 0+133344256 [ 53.970151][ T6807] UDF-fs: error (device loop1): udf_truncate_tail_extent: Extent after EOF in inode 818 [ 53.986057][ T6840] ntfs3: loop0: ino=1b, "file0" attr_set_size [ 53.992353][ T6840] ntfs3: loop0: Mark volume as dirty due to NTFS errors [ 54.002990][ T4307] kworker/u8:9: attempt to access beyond end of device [ 54.002990][ T4307] loop1: rw=1, sector=2048, nr_sectors = 2 limit=2048 [ 54.006081][ T4307] Buffer I/O error on dev loop1, logical block 1024, lost async page write [ 54.007929][ T4307] kworker/u8:9: attempt to access beyond end of device [ 54.007929][ T4307] loop1: rw=1, sector=2048, nr_sectors = 2 limit=2048 [ 54.014448][ T4307] Buffer I/O error on dev loop1, logical block 1024, lost async page write [ 54.018204][ T6833] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 54.024020][ T6833] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm [ 54.026561][ T6421] XFS (loop3): Unmounting Filesystem bc2378ed-6193-40d5-9d59-7ebcb787b415 [ 54.035210][ T6833] BTRFS info (device loop2): using free-space-tree [ 54.073577][ T4307] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0x6e [ 54.087844][ T6855] nbd: must specify at least one socket [ 54.107540][ T6833] BTRFS info (device loop2): rebuilding free space tree [ 54.217334][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.218977][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.227540][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.233515][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.235062][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.236541][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.255385][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.256996][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.258719][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.262541][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.264008][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.273603][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.275554][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.277357][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.279538][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.281205][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.282789][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.284360][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.285987][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.287475][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.290028][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.292012][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.293606][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.295247][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.296762][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.298314][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.300186][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.301632][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.303129][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.304871][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.306659][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.308052][ T6466] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 54.313046][ T6466] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz0] on syz0 [ 54.561304][ T6415] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 54.586072][ T6884] loop3: detected capacity change from 0 to 64 [ 54.601835][ T6885] capability: warning: `syz.0.83' uses deprecated v2 capabilities in a way that may be insecure [ 54.606370][ T30] audit: type=1400 audit(54.580:3): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=6883 comm="syz.0.83" name="18" dev="tmpfs" ino=116 [ 54.618182][ T30] audit: type=1400 audit(54.590:4): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=6883 comm="syz.0.83" path="/dev/dri/card1" dev="devtmpfs" ino=624 [ 54.640797][ T30] audit: type=1400 audit(54.590:5): lsm=SMACK fn=smack_file_ioctl action=denied subject="w" object="_" requested=w pid=6883 comm="syz.0.83" path="/dev/dri/card1" dev="devtmpfs" ino=624 [ 54.714105][ T6868] loop1: detected capacity change from 0 to 32768 [ 54.724450][ T6868] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.77 (6868) [ 54.755097][ T6868] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 54.757332][ T6868] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 54.759660][ T6868] BTRFS info (device loop1): using free-space-tree [ 54.826808][ T6901] loop0: detected capacity change from 0 to 2048 [ 54.892658][ T6901] EXT4-fs warning (device loop0): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop0. [ 55.078572][ T6916] tmpfs: Unknown parameter 'usrquotaX' [ 55.625947][ T6878] loop4: detected capacity change from 0 to 32768 [ 55.626933][ T6413] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 55.627817][ T6878] (syz.4.80,6878,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "mask=MAY_APPEND" or missing value [ 55.638576][ T6878] (syz.4.80,6878,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 55.699690][ T6921] binder: 6917:6921 ioctl c018620b 0 returned -14 [ 55.707486][ T6920] nbd: must specify at least one socket [ 55.751359][ T6924] process 'syz.2.89' launched './file1' with NULL argv: empty string added [ 55.952539][ T6924] loop2: detected capacity change from 0 to 256 [ 55.963830][ T6924] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 55.971206][ T6942] dns_resolver: Unsupported content type (254) [ 55.975527][ T6924] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512 [ 55.977535][ T6924] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found [ 55.984739][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 55.986373][ T6924] UDF-fs: Scanning with blocksize 512 failed [ 55.992573][ T6924] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 56.022525][ T6924] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 56.046693][ T6944] batman_adv: batadv0: Adding interface: team0 [ 56.048062][ T6944] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.055305][ T6942] loop3: detected capacity change from 0 to 4096 [ 56.084541][ T6944] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 56.087246][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.094397][ T6946] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.096084][ T6946] netlink: 2 bytes leftover after parsing attributes in process `syz.0.93'. [ 56.105162][ T6946] team0: entered promiscuous mode [ 56.106397][ T6946] team_slave_0: entered promiscuous mode [ 56.108803][ T6946] team_slave_1: entered promiscuous mode [ 56.116386][ T6946] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.118189][ T6946] batman_adv: batadv0: Interface activated: team0 [ 56.124084][ T6946] batman_adv: batadv0: Interface deactivated: team0 [ 56.128130][ T6946] batman_adv: batadv0: Removing interface: team0 [ 56.139276][ T6946] bridge0: port 3(team0) entered blocking state [ 56.140839][ T6946] bridge0: port 3(team0) entered disabled state [ 56.146673][ T6946] team0: entered allmulticast mode [ 56.147915][ T6946] team_slave_0: entered allmulticast mode [ 56.155726][ T6946] team_slave_1: entered allmulticast mode [ 56.168492][ T6946] bridge0: port 3(team0) entered blocking state [ 56.170089][ T6946] bridge0: port 3(team0) entered forwarding state [ 56.173843][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.194067][ T6944] bridge0: port 3(team0) entered disabled state [ 56.196336][ T6944] team0: left allmulticast mode [ 56.197475][ T6944] team_slave_0: left allmulticast mode [ 56.198669][ T6944] team_slave_1: left allmulticast mode [ 56.203840][ T6944] team0: left promiscuous mode [ 56.205380][ T6944] team_slave_0: left promiscuous mode [ 56.209218][ T6944] team_slave_1: left promiscuous mode [ 56.211775][ T6944] bridge0: port 3(team0) entered disabled state [ 56.245782][ T6944] batman_adv: batadv0: Adding interface: team0 [ 56.247525][ T6944] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 56.255632][ T6944] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 56.266290][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.272996][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.277483][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.283081][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.286016][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.289506][ T6944] netlink: 'syz.0.93': attribute type 10 has an invalid length. [ 56.416051][ T6932] loop1: detected capacity change from 0 to 32768 [ 56.426930][ T6932] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.88 (6932) [ 56.443310][ T6932] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 56.492034][ T6932] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 56.495141][ T6932] BTRFS info (device loop1): using free-space-tree [ 57.408012][ T6968] loop0: detected capacity change from 0 to 32768 [ 57.414932][ T6790] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared) [ 57.462789][ T6968] (syz.0.96,6968,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000050331648" or missing value [ 57.466177][ T6968] (syz.0.96,6968,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 57.514618][ T6413] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 57.694620][ T6985] tmpfs: Unknown parameter 'usrquotaX' [ 58.430379][ T6988] nbd: must specify at least one socket [ 58.438989][ T6991] loop4: detected capacity change from 0 to 512 [ 58.474522][ T6991] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 58.503250][ T6991] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 58.505502][ T6994] loop1: detected capacity change from 0 to 1024 [ 58.543892][ T6994] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 58.546053][ T6994] EXT4-fs (loop1): group descriptors corrupted! [ 58.613780][ T6991] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 58.636940][ T6991] EXT4-fs (loop4): 1 truncate cleaned up [ 58.644025][ T6991] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 58.763305][ T7003] tmpfs: Unknown parameter 'usrquotaX' [ 59.405447][ T7010] loop0: detected capacity change from 0 to 64 [ 59.407394][ T7010] hfs: invalid gid -1 [ 59.408273][ T7010] hfs: unable to parse mount options [ 59.458896][ T6425] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 59.461452][ T6999] loop3: detected capacity change from 0 to 32768 [ 59.464000][ T6999] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.105 (6999) [ 59.477169][ T7013] loop2: detected capacity change from 0 to 128 [ 59.481058][ T7013] EXT4-fs: Ignoring removed nobh option [ 59.486550][ T6999] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 59.498124][ T6999] BTRFS info (device loop3): using crc32c (crc32c-generic) checksum algorithm [ 59.501412][ T6999] BTRFS info (device loop3): disk space caching is enabled [ 59.503030][ T6999] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 59.522831][ T7013] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 59.546390][ T7016] loop0: detected capacity change from 0 to 1024 [ 59.576646][ T7016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 59.638125][ T7036] loop4: detected capacity change from 0 to 16 [ 59.671793][ T7036] erofs: (device loop4): mounted with root inode @ nid 36. [ 59.675015][ T7016] fuse: Bad value for 'fd' [ 59.699786][ T7016] netlink: 4 bytes leftover after parsing attributes in process `syz.0.111'. [ 59.730575][ T6415] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 59.751290][ T6999] BTRFS info (device loop3): rebuilding free space tree [ 59.814293][ T7047] Unsupported ieee802154 address type: 0 [ 59.989396][ T6999] BTRFS info (device loop3): disabling free space tree [ 60.013146][ T6999] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 60.073796][ T6999] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 60.476474][ T7051] FAULT_INJECTION: forcing a failure. [ 60.476474][ T7051] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 60.485107][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.1.115 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 60.487278][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 60.489476][ T7051] Call trace: [ 60.490206][ T7051] dump_backtrace+0x1b8/0x1e4 [ 60.491252][ T7051] show_stack+0x2c/0x3c [ 60.492200][ T7051] dump_stack_lvl+0xe4/0x150 [ 60.493230][ T7051] dump_stack+0x1c/0x28 [ 60.494120][ T7051] should_fail_ex+0x3b0/0x50c [ 60.495181][ T7051] should_fail+0x14/0x24 [ 60.496150][ T7051] should_fail_usercopy+0x20/0x30 [ 60.497298][ T7051] copy_msghdr_from_user+0xb8/0x59c [ 60.498454][ T7051] __sys_sendmsg+0x200/0x33c [ 60.499421][ T7051] __arm64_sys_sendmsg+0x80/0x94 [ 60.500448][ T7051] invoke_syscall+0x98/0x2b8 [ 60.501441][ T7051] el0_svc_common+0x130/0x23c [ 60.502442][ T7051] do_el0_svc+0x48/0x58 [ 60.503434][ T7051] el0_svc+0x54/0x168 [ 60.504260][ T7051] el0t_64_sync_handler+0x84/0xfc [ 60.505303][ T7051] el0t_64_sync+0x190/0x194 [ 60.633741][ T7055] tmpfs: Unknown parameter 'usrquotaX' [ 61.267771][ T6421] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0 [ 61.620850][ T7070] tmpfs: Unknown parameter 'usrquotaX' [ 62.188896][ T7054] loop4: detected capacity change from 0 to 32768 [ 62.201912][ T7054] (syz.4.114,7054,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000100663296" or missing value [ 62.204623][ T7054] (syz.4.114,7054,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 62.246275][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.254303][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.264381][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.274486][ T7072] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 62.280558][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.299641][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.301686][ T7072] loop1: detected capacity change from 0 to 2048 [ 62.308976][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.324007][ T7074] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'. [ 62.326834][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.332919][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.338494][ T7072] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.353085][ T7072] EXT4-fs error (device loop1): ext4_read_inline_dir:1564: inode #12: block 9: comm syz.1.121: path /27/file0/file0: bad entry in directory: rec_len is smaller than minimal - offset=45, inode=4195584, rec_len=0, size=80 fake=0 [ 62.356891][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.378874][ T6414] EXT4-fs error (device loop0): ext4_empty_dir:3085: inode #11: comm syz-executor: invalid size [ 62.546596][ T7080] loop4: detected capacity change from 0 to 128 [ 62.548636][ T7080] EXT4-fs: Ignoring removed nobh option [ 62.566879][ T7080] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 62.633933][ T7064] loop2: detected capacity change from 0 to 40427 [ 62.649338][ T7064] F2FS-fs (loop2): Invalid log sectors per block(11) log sectorsize(9) [ 62.651133][ T7064] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 62.668015][ T7064] F2FS-fs (loop2): build fault injection attr: rate: 17008, type: 0x1fffff [ 62.673341][ T7064] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x6 [ 62.675950][ T6425] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 62.684067][ T7064] F2FS-fs (loop2): invalid crc value [ 62.703577][ T7064] F2FS-fs (loop2): Found nat_bits in checkpoint [ 62.752070][ T7074] loop3: detected capacity change from 0 to 32768 [ 62.755148][ T7064] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 62.756550][ T7064] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 62.766935][ T7074] XFS (loop3): DAX unsupported by block device. Turning off DAX. [ 62.771062][ T7074] XFS (loop3): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent. [ 62.823762][ T7074] XFS (loop3): Quotacheck needed: Please wait. [ 62.932952][ T7074] XFS (loop3): Quotacheck: Done. [ 62.984933][ T6421] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 63.172774][ T6414] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 63.199058][ T7101] loop4: detected capacity change from 0 to 32768 [ 63.203247][ T7101] XFS: ikeep mount option is deprecated. [ 63.218098][ T7106] FAULT_INJECTION: forcing a failure. [ 63.218098][ T7106] name failslab, interval 1, probability 0, space 0, times 1 [ 63.230523][ T7106] CPU: 0 UID: 0 PID: 7106 Comm: syz.2.127 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 63.232634][ T7106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 63.234794][ T7106] Call trace: [ 63.235483][ T7106] dump_backtrace+0x1b8/0x1e4 [ 63.236400][ T7106] show_stack+0x2c/0x3c [ 63.237263][ T7106] dump_stack_lvl+0xe4/0x150 [ 63.238258][ T7106] dump_stack+0x1c/0x28 [ 63.239088][ T7106] should_fail_ex+0x3b0/0x50c [ 63.240053][ T7106] should_failslab+0xc8/0x130 [ 63.241034][ T7106] kmem_cache_alloc_node_noprof+0x88/0x3a4 [ 63.242222][ T7106] __alloc_skb+0x1e0/0x420 [ 63.243181][ T7106] netlink_alloc_large_skb+0xd0/0x110 [ 63.244419][ T7106] netlink_sendmsg+0x4d4/0xa8c [ 63.245426][ T7106] ____sys_sendmsg+0x56c/0x840 [ 63.246430][ T7106] __sys_sendmsg+0x26c/0x33c [ 63.247469][ T7106] __arm64_sys_sendmsg+0x80/0x94 [ 63.248544][ T7106] invoke_syscall+0x98/0x2b8 [ 63.249573][ T7106] el0_svc_common+0x130/0x23c [ 63.250778][ T7106] do_el0_svc+0x48/0x58 [ 63.251585][ T7106] el0_svc+0x54/0x168 [ 63.252407][ T7106] el0t_64_sync_handler+0x84/0xfc [ 63.253439][ T7106] el0t_64_sync+0x190/0x194 [ 63.324360][ T7101] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 63.411277][ T7116] tmpfs: Unknown parameter 'usrquotaX' [ 63.930115][ T7101] XFS (loop4): Ending clean mount [ 64.085200][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.189755][ T6425] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 64.388548][ T7121] tmpfs: Unknown parameter 'usrquotaX' [ 64.409530][ T6413] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 64.501784][ T2340] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.505406][ T2340] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.722450][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.956297][ T6422] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 64.960601][ T6422] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 64.963238][ T6422] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 64.966355][ T6422] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 64.968975][ T6422] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 64.999741][ T6422] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 65.037184][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.091322][ T7136] loop3: detected capacity change from 0 to 128 [ 65.093097][ T7136] EXT4-fs: Ignoring removed nobh option [ 65.115022][ T7136] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 65.229733][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 65.238476][ T7133] loop2: detected capacity change from 0 to 32768 [ 65.255473][ T6421] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 65.286233][ T7133] (syz.2.135,7133,0):ocfs2_verify_userspace_stack:854 ERROR: cluster stack passed to mount, but this filesystem does not support it [ 65.299511][ T7133] (syz.2.135,7133,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 65.517291][ T7154] netlink: 16 bytes leftover after parsing attributes in process `syz.1.139'. [ 65.578605][ T7131] loop4: detected capacity change from 0 to 32768 [ 65.586727][ T7131] XFS: noikeep mount option is deprecated. [ 65.617870][ T7131] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 65.694210][ T7166] tmpfs: Unknown parameter 'usrquotaX' [ 66.227177][ T7143] netlink: 12 bytes leftover after parsing attributes in process `syz.1.139'. [ 66.229411][ T7143] netlink: 56 bytes leftover after parsing attributes in process `syz.1.139'. [ 66.231433][ T7143] netlink: 8 bytes leftover after parsing attributes in process `syz.1.139'. [ 66.233994][ T7153] sctp: [Deprecated]: syz.1.139 (pid 7153) Use of int in maxseg socket option. [ 66.233994][ T7153] Use struct sctp_assoc_value instead [ 66.327541][ T7173] loop2: detected capacity change from 0 to 512 [ 66.333455][ T7173] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 66.347920][ T7131] XFS (loop4): Ending clean mount [ 66.354620][ T7131] XFS (loop4): Quotacheck needed: Please wait. [ 66.386983][ T7173] EXT4-fs error (device loop2): ext4_orphan_get:1417: comm syz.2.142: bad orphan inode 16 [ 66.392159][ T7126] chnl_net:caif_netlink_parms(): no params data found [ 66.402473][ T7131] XFS (loop4): Quotacheck: Done. [ 66.407712][ T7173] ext4_test_bit(bit=15, block=4) = 0 [ 66.408848][ T7173] EXT4-fs (loop2): 1 orphan inode deleted [ 66.435567][ T7173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.452864][ T6425] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 66.557675][ T7181] loop4: detected capacity change from 0 to 256 [ 66.562817][ T7181] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 66.605548][ T6791] FAT-fs (loop4): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1) [ 66.606949][ T12] bridge_slave_1: left allmulticast mode [ 66.610473][ T7156] loop3: detected capacity change from 0 to 40427 [ 66.616973][ T12] bridge_slave_1: left promiscuous mode [ 66.619982][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.658691][ T12] bridge_slave_0: left allmulticast mode [ 66.665864][ T12] bridge_slave_0: left promiscuous mode [ 66.667255][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.685945][ T6415] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.927834][ T7191] tmpfs: Unknown parameter 'usrquotaX' [ 67.079876][ T6422] Bluetooth: hci0: command tx timeout [ 67.601939][ T7187] loop3: detected capacity change from 0 to 32768 [ 67.606988][ T7187] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.141 (7187) [ 67.617282][ T7187] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 67.619803][ T7187] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 67.622011][ T7187] BTRFS info (device loop3): using free-space-tree [ 68.885073][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 68.923703][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 68.984996][ T12] bond0 (unregistering): Released all slaves [ 69.124785][ T6421] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 69.146454][ T6422] Bluetooth: hci0: command tx timeout [ 69.265352][ T7126] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.266918][ T7126] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.268483][ T7126] bridge_slave_0: entered allmulticast mode [ 69.292787][ T7126] bridge_slave_0: entered promiscuous mode [ 69.372862][ T7237] loop3: detected capacity change from 0 to 128 [ 69.374743][ T7237] EXT4-fs: Ignoring removed nobh option [ 69.454962][ T7237] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 69.554932][ T7242] tmpfs: Unknown parameter 'usrquotaX' [ 69.867043][ T3815] cfg80211: failed to load regulatory.db [ 70.129877][ T6421] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 70.231311][ T7246] binder: 7244:7246 tried to acquire reference to desc 0, got 1 instead [ 70.255131][ T7126] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.256728][ T7126] bridge0: port 2(bridge_slave_1) entered disabled state [ 70.258270][ T7126] bridge_slave_1: entered allmulticast mode [ 70.289489][ T7226] loop4: detected capacity change from 0 to 32768 [ 70.298150][ T7226] (syz.4.150,7226,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000134217728" or missing value [ 70.298289][ T7126] bridge_slave_1: entered promiscuous mode [ 70.301089][ T7226] (syz.4.150,7226,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 70.325519][ T7218] loop1: detected capacity change from 0 to 40427 [ 70.374299][ T7218] F2FS-fs (loop1): invalid crc value [ 70.400205][ T7258] binder: 7244:7258 got transaction with invalid data ptr [ 70.401752][ T7258] binder: 7244:7258 transaction call to 7244:0 failed 6/29201/-14, size 80-24 line 3435 [ 70.426199][ T7218] F2FS-fs (loop1): Found nat_bits in checkpoint [ 70.491122][ T7218] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 70.523609][ T7126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.657896][ T7254] loop4: detected capacity change from 0 to 32768 [ 70.730664][ T6413] bio_check_eod: 62 callbacks suppressed [ 70.730683][ T6413] syz-executor: attempt to access beyond end of device [ 70.730683][ T6413] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427 [ 70.751391][ T7126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.808413][ T7247] loop2: detected capacity change from 0 to 32768 [ 70.831132][ T1756] binder: undelivered TRANSACTION_ERROR: 29201 [ 70.887658][ T7247] JBD2: Ignoring recovery information on journal [ 70.988776][ T7247] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 70.992270][ T7254] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 70.996329][ T7254] bcachefs (loop4): recovering from clean shutdown, journal seq 10 [ 70.998347][ T7254] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 70.998347][ T7254] running recovery passes: check_allocations [ 71.018854][ T12] hsr_slave_0: left promiscuous mode [ 71.054612][ T12] hsr_slave_1: left promiscuous mode [ 71.058782][ T7254] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: [ 71.058816][ T7254] gen 0 oldest_gen 0 data_type sb [ 71.058836][ T7254] journal_seq 1 [ 71.058844][ T7254] need_discard 1 [ 71.058852][ T7254] need_inc_gen 1 [ 71.058859][ T7254] dirty_sectors 256 [ 71.058867][ T7254] stripe_sectors 0 [ 71.058874][ T7254] cached_sectors 0 [ 71.058882][ T7254] stripe 17327 [ 71.058889][ T7254] stripe_redundancy 0 [ 71.058897][ T7254] io_time[READ] 1 [ 71.058904][ T7254] io_time[WRITE] 1 [ 71.058912][ T7254] fragmentation 0 [ 71.058919][ T7254] bp_start 8 [ 71.058926][ T7254] [ 71.058933][ T7254] invalid data type (got 1 should be 7): delete?, fixing [ 71.083795][ T7279] overlayfs: failed to resolve './file0': -2 [ 71.105877][ T7254] bcachefs (loop4): accounting_read... done [ 71.111452][ T7254] bcachefs (loop4): alloc_read... done [ 71.111521][ T7254] bcachefs (loop4): stripes_read... done [ 71.111553][ T7254] bcachefs (loop4): snapshots_read... done [ 71.111843][ T7254] bcachefs (loop4): check_allocations... [ 71.181509][ T7254] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 71.185540][ T7254] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 71.186989][ T7254] bcachefs (loop4): bch2_gc_btree(): error EIO [ 71.202090][ T7254] btree node read error for alloc, fixing [ 71.205670][ T7254] bcachefs (loop4): running explicit recovery pass check_topology (1), currently at check_allocations (7) [ 71.217308][ T7254] bcachefs (loop4): bch2_gc_btrees(): error restart_recovery [ 71.224102][ T12] batman_adv: batadv0: Removing interface: team0 [ 71.225769][ T7254] bcachefs (loop4): bch2_check_allocations(): error restart_recovery [ 71.233281][ T6422] Bluetooth: hci0: command tx timeout [ 71.234072][ T7254] bcachefs (loop4): check_topology... done [ 71.235972][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 71.238060][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 71.242567][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 71.244071][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 71.244516][ T7254] bcachefs (loop4): accounting_read... done [ 71.252766][ T7254] bcachefs (loop4): alloc_read... done [ 71.256279][ T7254] bcachefs (loop4): stripes_read... done [ 71.257025][ T12] veth1_macvtap: left promiscuous mode [ 71.258867][ T7254] bcachefs (loop4): snapshots_read... done [ 71.259014][ T12] veth0_macvtap: left promiscuous mode [ 71.261529][ T12] veth1_vlan: left promiscuous mode [ 71.264200][ T12] veth0_vlan: left promiscuous mode [ 71.271304][ T7254] bcachefs (loop4): check_allocations... [ 71.272203][ T7254] bcachefs (loop4): pointer to nonexistent bucket 65536:31 [ 71.274957][ T7254] bcachefs (loop4): bch2_gc_mark_key(): error EIO [ 71.276515][ T7254] bcachefs (loop4): bch2_gc_btree(): error EIO [ 71.277931][ T7254] btree node read error for alloc, fixing [ 71.280308][ T7254] bucket 0:34 data type user ptr gen 0 missing in alloc btree [ 71.280342][ T7254] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0 compress incompressible ptr: 0:34:0 gen 0, fixing [ 71.287953][ T7254] btree ptr not marked in member info btree allocated bitmap [ 71.287969][ T7254] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 71.309912][ T7254] btree ptr not marked in member info btree allocated bitmap [ 71.309928][ T7254] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 71.323243][ T7254] bucket 0:31 data type btree ptr gen 0 missing in alloc btree [ 71.323260][ T7254] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing [ 71.328409][ T7254] btree ptr not marked in member info btree allocated bitmap [ 71.328422][ T7254] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 71.344171][ T7254] btree ptr not marked in member info btree allocated bitmap [ 71.344187][ T7254] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 71.351960][ T7254] btree ptr not marked in member info btree allocated bitmap [ 71.351975][ T7254] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 71.363323][ T7254] bucket 0:37 data type btree ptr gen 0 missing in alloc btree [ 71.363339][ T7254] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing [ 71.368204][ T7254] bucket 0:42 data type btree ptr gen 0 missing in alloc btree [ 71.368217][ T7254] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing [ 71.384841][ T7254] bucket 0:26 gen 0 has wrong data_type: got btree, should be need_discard, fixing [ 71.386660][ T7254] bucket 0:26 gen 0 data type need_discard has wrong dirty_sectors: got 256, should be 0, fixing [ 71.421477][ T7254] bucket 0:31 gen 0 has wrong data_type: got free, should be btree, fixing [ 71.423465][ T7254] bucket 0:31 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 71.425730][ T7254] bucket 0:34 gen 0 has wrong data_type: got free, should be user, fixing [ 71.427481][ T7254] bucket 0:34 gen 0 data type user has wrong dirty_sectors: got 0, should be 16, fixing [ 71.453455][ T7254] bucket 0:34 gen 0 data type user has wrong fragmentation_lru: got 0, should be 134217728, fixing [ 71.455882][ T7254] bucket 0:37 gen 0 has wrong data_type: got free, should be btree, fixing [ 71.457730][ T7254] bucket 0:37 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 71.489733][ T7254] bucket 0:42 gen 0 has wrong data_type: got free, should be btree, fixing [ 71.491637][ T7254] bucket 0:42 gen 0 data type btree has wrong dirty_sectors: got 0, should be 256, fixing [ 71.495134][ T7254] bucket 0:127 gen 0 has wrong data_type: got free, should be sb, fixing [ 71.496931][ T7254] bucket 0:127 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 71.541791][ T7254] done [ 71.544079][ T7254] bcachefs (loop4): going read-write [ 71.556156][ T7254] bcachefs (loop4): journal_replay... [ 71.558297][ T6415] ocfs2: Unmounting device (7,2) on (node local) [ 71.784375][ T7295] tmpfs: Unknown parameter 'usrquotaX' [ 72.118842][ T7254] done [ 72.141637][ T7254] bcachefs (loop4): resume_logged_ops... done [ 72.144062][ T7254] bcachefs (loop4): delete_dead_inodes... done [ 72.267301][ T7254] bcachefs (loop4): done starting filesystem [ 72.722965][ T7299] loop1: detected capacity change from 0 to 32768 [ 72.795764][ T7302] loop2: detected capacity change from 0 to 32768 [ 72.841153][ T7302] JBD2: Ignoring recovery information on journal [ 72.905467][ T7302] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 72.907807][ T7308] loop1: detected capacity change from 0 to 64 [ 72.941292][ T6415] ocfs2: Unmounting device (7,2) on (node local) [ 73.100711][ T7315] syz.2.165 uses obsolete (PF_INET,SOCK_PACKET) [ 73.316152][ T5980] Bluetooth: hci0: command tx timeout [ 73.709800][ T6425] bcachefs (loop4): shutting down [ 73.711134][ T6425] bcachefs (loop4): going read-only [ 73.713200][ T6425] bcachefs (loop4): finished waiting for writes to stop [ 73.751653][ T6425] bcachefs (loop4): flushing journal and stopping allocators, journal seq 20 [ 73.757716][ T6425] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 20 [ 73.761986][ T6425] bcachefs (loop4): shutdown complete, journal seq 21 [ 73.764269][ T6425] bcachefs (loop4): done going read-only, filesystem not clean [ 73.780814][ T6425] bcachefs (loop4): shutdown complete [ 73.960965][ T12] team0 (unregistering): Port device team_slave_1 removed [ 74.171208][ T12] team0 (unregistering): Port device team_slave_0 removed [ 74.280456][ T7325] tmpfs: Unknown parameter 'usrquotaX' [ 75.183633][ T7329] tmpfs: Unknown parameter 'usrquotaX' [ 75.886195][ T7332] FAULT_INJECTION: forcing a failure. [ 75.886195][ T7332] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 75.888846][ T7332] CPU: 0 UID: 0 PID: 7332 Comm: syz.4.168 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 75.890959][ T7332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 75.892979][ T7332] Call trace: [ 75.893719][ T7332] dump_backtrace+0x1b8/0x1e4 [ 75.894750][ T7332] show_stack+0x2c/0x3c [ 75.895576][ T7332] dump_stack_lvl+0xe4/0x150 [ 75.896492][ T7332] dump_stack+0x1c/0x28 [ 75.897483][ T7332] should_fail_ex+0x3b0/0x50c [ 75.898485][ T7332] should_fail+0x14/0x24 [ 75.899369][ T7332] should_fail_usercopy+0x20/0x30 [ 75.900499][ T7332] _copy_from_iter+0x1a0/0x14bc [ 75.901464][ T7332] netlink_sendmsg+0x598/0xa8c [ 75.902488][ T7332] ____sys_sendmsg+0x56c/0x840 [ 75.903549][ T7332] __sys_sendmsg+0x26c/0x33c [ 75.904500][ T7332] __arm64_sys_sendmsg+0x80/0x94 [ 75.905562][ T7332] invoke_syscall+0x98/0x2b8 [ 75.906479][ T7332] el0_svc_common+0x130/0x23c [ 75.907487][ T7332] do_el0_svc+0x48/0x58 [ 75.908301][ T7332] el0_svc+0x54/0x168 [ 75.909201][ T7332] el0t_64_sync_handler+0x84/0xfc [ 75.910387][ T7332] el0t_64_sync+0x190/0x194 [ 77.387254][ T7126] team0: Port device team_slave_0 added [ 77.402073][ T7308] bridge_slave_0: left allmulticast mode [ 77.403342][ T7308] bridge_slave_0: left promiscuous mode [ 77.406056][ T7308] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.411275][ T7308] bridge_slave_1: left allmulticast mode [ 77.412548][ T7308] bridge_slave_1: left promiscuous mode [ 77.413808][ T7308] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.418772][ T7308] bond0: (slave bond_slave_0): Releasing backup interface [ 77.457394][ T7308] bond0: (slave bond_slave_1): Releasing backup interface [ 77.511164][ T7308] team0: Port device team_slave_0 removed [ 77.527126][ T7308] team0: Port device team_slave_1 removed [ 77.528965][ T7308] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.539146][ T7308] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.542069][ T7308] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.543659][ T7308] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.570432][ T7126] team0: Port device team_slave_1 added [ 77.615380][ T7348] loop1: detected capacity change from 0 to 128 [ 77.617352][ T7348] EXT4-fs: Ignoring removed nobh option [ 77.636326][ T7348] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 77.699433][ T6413] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 77.869925][ T7126] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 77.871567][ T7126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.877307][ T7126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 77.883498][ T7126] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 77.885257][ T7126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 77.891443][ T7126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 78.015332][ T7363] tmpfs: Unknown parameter 'usrquotaX' [ 78.752295][ T7126] hsr_slave_0: entered promiscuous mode [ 78.806421][ T7357] loop4: detected capacity change from 0 to 32768 [ 78.819687][ T7357] (syz.4.173,7357,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000218103808" or missing value [ 78.822354][ T7357] (syz.4.173,7357,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 78.875369][ T7126] hsr_slave_1: entered promiscuous mode [ 78.883456][ T7375] loop1: detected capacity change from 0 to 512 [ 78.919457][ T7126] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 78.922538][ T7126] Cannot create hsr debugfs directory [ 79.622154][ T7383] tmpfs: Unknown parameter 'usrquotaX' [ 80.116640][ T7396] netlink: 24 bytes leftover after parsing attributes in process `syz.3.179'. [ 80.251908][ T7399] tmpfs: Unknown parameter 'usrquotaX' [ 80.803686][ T30] audit: type=1326 audit(80.740:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7389 comm="syz.3.179" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff7f149728 code=0x0 [ 80.864179][ T7404] loop2: detected capacity change from 0 to 128 [ 80.865928][ T7404] EXT4-fs: Ignoring removed nobh option [ 80.877130][ T7404] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 80.924776][ T7388] loop4: detected capacity change from 0 to 32768 [ 80.956239][ T7388] JBD2: Ignoring recovery information on journal [ 81.025081][ T6415] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 81.025119][ T7388] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 81.150390][ T6425] ocfs2: Unmounting device (7,4) on (node local) [ 81.203396][ T7421] loop2: detected capacity change from 0 to 64 [ 81.204981][ T7421] minix: Unknown parameter '' [ 81.334038][ T7402] loop1: detected capacity change from 0 to 32768 [ 81.342412][ T7402] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.180 (7402) [ 81.451153][ T7429] tmpfs: Unknown parameter 'usrquotaX' [ 81.970116][ T7402] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 81.979281][ T7402] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm [ 81.981144][ T7402] BTRFS info (device loop1): using free-space-tree [ 82.073930][ T7438] FAULT_INJECTION: forcing a failure. [ 82.073930][ T7438] name failslab, interval 1, probability 0, space 0, times 0 [ 82.076563][ T7438] CPU: 1 UID: 0 PID: 7438 Comm: syz.2.186 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 82.078720][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 82.080890][ T7438] Call trace: [ 82.081579][ T7438] dump_backtrace+0x1b8/0x1e4 [ 82.082552][ T7438] show_stack+0x2c/0x3c [ 82.083409][ T7438] dump_stack_lvl+0xe4/0x150 [ 82.084545][ T7438] dump_stack+0x1c/0x28 [ 82.085458][ T7438] should_fail_ex+0x3b0/0x50c [ 82.086485][ T7438] should_failslab+0xc8/0x130 [ 82.087496][ T7438] __kmalloc_noprof+0xf4/0x498 [ 82.088578][ T7438] genl_family_rcv_msg_attrs_parse+0xac/0x240 [ 82.089957][ T7438] genl_rcv_msg+0x658/0xbb0 [ 82.090884][ T7438] netlink_rcv_skb+0x214/0x3c4 [ 82.091936][ T7438] genl_rcv+0x38/0x50 [ 82.092776][ T7438] netlink_unicast+0x668/0x8a4 [ 82.093803][ T7438] netlink_sendmsg+0x7a4/0xa8c [ 82.094747][ T7438] ____sys_sendmsg+0x56c/0x840 [ 82.095809][ T7438] __sys_sendmsg+0x26c/0x33c [ 82.096781][ T7438] __arm64_sys_sendmsg+0x80/0x94 [ 82.097733][ T7438] invoke_syscall+0x98/0x2b8 [ 82.098777][ T7438] el0_svc_common+0x130/0x23c [ 82.099771][ T7438] do_el0_svc+0x48/0x58 [ 82.100713][ T7438] el0_svc+0x54/0x168 [ 82.101598][ T7438] el0t_64_sync_handler+0x84/0xfc [ 82.102660][ T7438] el0t_64_sync+0x190/0x194 [ 82.362179][ T6413] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 82.433677][ T7461] loop2: detected capacity change from 0 to 64 [ 82.444833][ T7462] tipc: Started in network mode [ 82.492252][ T7462] tipc: Node identity 101, cluster identity 4711 [ 82.493847][ T7462] tipc: Node number set to 257 [ 82.525110][ T7465] tmpfs: Unknown parameter 'usrquotaX' [ 83.207558][ T7445] loop3: detected capacity change from 0 to 32768 [ 83.243376][ T7445] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.187 (7445) [ 83.297878][ T7474] loop4: detected capacity change from 0 to 128 [ 83.298729][ T7126] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 83.308256][ T7474] EXT4-fs: Ignoring removed nobh option [ 83.312477][ T7445] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 83.314597][ T7445] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm [ 83.316282][ T7445] BTRFS info (device loop3): using free-space-tree [ 83.426192][ T7481] tmpfs: Unknown parameter 'usrquotaX' [ 83.845999][ T7126] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 83.974957][ T7474] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 83.994236][ T7126] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 84.017437][ T7126] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 84.075934][ T7473] loop2: detected capacity change from 0 to 32768 [ 84.077811][ T7473] (syz.2.191,7473,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000000268435456" or missing value [ 84.081691][ T7473] (syz.2.191,7473,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 84.111538][ T7445] BTRFS info (device loop3): rebuilding free space tree [ 84.174691][ T6425] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 84.254361][ T7126] 8021q: adding VLAN 0 to HW filter on device bond0 [ 84.276520][ T7126] 8021q: adding VLAN 0 to HW filter on device team0 [ 84.290902][ T6791] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.293584][ T6791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 84.298859][ T6791] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.300484][ T6791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 84.338186][ T7126] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 84.375445][ T7126] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 84.488703][ T7518] tmpfs: Unknown parameter 'usrquotaX' [ 85.186327][ T7126] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 85.213475][ T6421] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 85.245205][ T7126] veth0_vlan: entered promiscuous mode [ 85.263353][ T7126] veth1_vlan: entered promiscuous mode [ 85.357659][ T7505] loop1: detected capacity change from 0 to 32768 [ 85.402626][ T7505] JBD2: Ignoring recovery information on journal [ 85.435786][ T7126] veth0_macvtap: entered promiscuous mode [ 85.439664][ T7126] veth1_macvtap: entered promiscuous mode [ 85.454038][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.458074][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.462099][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.464349][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.466367][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 85.475260][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.490692][ T7505] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 85.503799][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 85.537074][ T7539] FAULT_INJECTION: forcing a failure. [ 85.537074][ T7539] name failslab, interval 1, probability 0, space 0, times 0 [ 85.571175][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.573444][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.575286][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.577539][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.587136][ T7539] CPU: 0 UID: 0 PID: 7539 Comm: syz.3.199 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 85.589203][ T7539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 85.591319][ T7539] Call trace: [ 85.592070][ T7539] dump_backtrace+0x1b8/0x1e4 [ 85.592989][ T7539] show_stack+0x2c/0x3c [ 85.593833][ T7539] dump_stack_lvl+0xe4/0x150 [ 85.594838][ T7539] dump_stack+0x1c/0x28 [ 85.595787][ T7539] should_fail_ex+0x3b0/0x50c [ 85.596779][ T7539] should_failslab+0xc8/0x130 [ 85.597719][ T7539] __kmalloc_cache_noprof+0x80/0x374 [ 85.598889][ T7539] nbd_alloc_and_init_config+0x90/0x218 [ 85.600042][ T7539] nbd_genl_connect+0xa9c/0x1934 [ 85.601019][ T7539] genl_rcv_msg+0x888/0xbb0 [ 85.602004][ T7539] netlink_rcv_skb+0x214/0x3c4 [ 85.603136][ T7539] genl_rcv+0x38/0x50 [ 85.604001][ T7539] netlink_unicast+0x668/0x8a4 [ 85.605046][ T7539] netlink_sendmsg+0x7a4/0xa8c [ 85.606060][ T7539] ____sys_sendmsg+0x56c/0x840 [ 85.607035][ T7539] __sys_sendmsg+0x26c/0x33c [ 85.608095][ T7539] __arm64_sys_sendmsg+0x80/0x94 [ 85.609231][ T7539] invoke_syscall+0x98/0x2b8 [ 85.610249][ T7539] el0_svc_common+0x130/0x23c [ 85.611250][ T7539] do_el0_svc+0x48/0x58 [ 85.612306][ T7539] el0_svc+0x54/0x168 [ 85.613059][ T7539] el0t_64_sync_handler+0x84/0xfc [ 85.614219][ T7539] el0t_64_sync+0x190/0x194 [ 85.620700][ T7126] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 85.622884][ T7126] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 85.630398][ T7126] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 85.634546][ T7126] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.638766][ T7126] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.643265][ T7126] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.645447][ T7539] nbd: couldn't allocate config [ 85.647590][ T7126] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 85.674693][ T6413] ocfs2: Unmounting device (7,1) on (node local) [ 85.981076][ T7560] tmpfs: Unknown parameter 'usrquotaX' [ 86.505910][ T7559] loop2: detected capacity change from 0 to 512 [ 86.529783][ T7559] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 86.631993][ T6790] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.633581][ T6790] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.635153][ T7559] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.203: corrupted in-inode xattr: e_value out of bounds [ 86.658014][ T7559] EXT4-fs (loop2): Remounting filesystem read-only [ 86.659849][ T7566] loop1: detected capacity change from 0 to 128 [ 86.662474][ T7566] EXT4-fs: Ignoring removed nobh option [ 86.674520][ T7559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 86.815057][ T7573] tmpfs: Unknown parameter 'usrquotaX' [ 86.823841][ T6790] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 86.835584][ T6790] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 86.873656][ T6415] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 86.880850][ T7566] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 87.067362][ T6413] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 87.247561][ T7570] loop4: detected capacity change from 0 to 32768 [ 87.251466][ T7570] (syz.4.205,7570,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000002264924159" or missing value [ 87.257083][ T7570] (syz.4.205,7570,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 87.467306][ T7602] tmpfs: Unknown parameter 'usrquotaX' [ 88.177158][ T7613] FAULT_INJECTION: forcing a failure. [ 88.177158][ T7613] name failslab, interval 1, probability 0, space 0, times 0 [ 88.184747][ T7613] CPU: 1 UID: 0 PID: 7613 Comm: syz.1.212 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 88.186902][ T7613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 88.189040][ T7613] Call trace: [ 88.189797][ T7613] dump_backtrace+0x1b8/0x1e4 [ 88.190837][ T7613] show_stack+0x2c/0x3c [ 88.191694][ T7613] dump_stack_lvl+0xe4/0x150 [ 88.192742][ T7613] dump_stack+0x1c/0x28 [ 88.193683][ T7613] should_fail_ex+0x3b0/0x50c [ 88.194784][ T7613] should_failslab+0xc8/0x130 [ 88.195808][ T7613] kmem_cache_alloc_node_noprof+0x88/0x3a4 [ 88.197000][ T7613] __alloc_skb+0x1e0/0x420 [ 88.198006][ T7613] netlink_ack+0x11c/0x8a0 [ 88.198959][ T7613] netlink_rcv_skb+0x1f4/0x3c4 [ 88.199949][ T7613] genl_rcv+0x38/0x50 [ 88.200897][ T7613] netlink_unicast+0x668/0x8a4 [ 88.201953][ T7613] netlink_sendmsg+0x7a4/0xa8c [ 88.202996][ T7613] ____sys_sendmsg+0x56c/0x840 [ 88.204204][ T7613] __sys_sendmsg+0x26c/0x33c [ 88.205213][ T7613] __arm64_sys_sendmsg+0x80/0x94 [ 88.206305][ T7613] invoke_syscall+0x98/0x2b8 [ 88.207357][ T7613] el0_svc_common+0x130/0x23c [ 88.208398][ T7613] do_el0_svc+0x48/0x58 [ 88.209281][ T7613] el0_svc+0x54/0x168 [ 88.210151][ T7613] el0t_64_sync_handler+0x84/0xfc [ 88.211156][ T7613] el0t_64_sync+0x190/0x194 [ 88.222707][ T7616] loop4: detected capacity change from 0 to 512 [ 88.243777][ T7616] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR [ 88.244643][ T7616] EXT4-fs: failed to create workqueue [ 88.247666][ T7616] EXT4-fs (loop4): mount failed [ 88.599808][ T7637] tmpfs: Unknown parameter 'usrquotaX' [ 89.073491][ T7636] loop1: detected capacity change from 0 to 512 [ 89.109940][ T7636] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 89.147851][ T7636] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 89.195803][ T7646] loop2: detected capacity change from 0 to 128 [ 89.197586][ T7646] EXT4-fs: Ignoring removed nobh option [ 89.224462][ T7610] loop3: detected capacity change from 0 to 32768 [ 89.241160][ T7646] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 89.260779][ T7610] JBD2: Ignoring recovery information on journal [ 89.282053][ T7654] loop4: detected capacity change from 0 to 64 [ 89.335756][ T7610] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 89.368638][ T7654] mkiss: ax0: crc mode is auto. [ 89.396955][ T7654] tipc: Enabling of bearer <dp:s> rejected, media not registered [ 89.433365][ T6413] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 89.509657][ T7661] tmpfs: Unknown parameter 'usrquotaX' [ 89.808852][ T6421] ocfs2: Unmounting device (7,3) on (node local) [ 90.015125][ T6425] hfs: walked past end of dir [ 90.104793][ T6415] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 90.139966][ T7667] loop0: detected capacity change from 0 to 1024 [ 90.279641][ T7667] EXT4-fs (loop0): mounted filesystem 00000000-0800-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 90.372852][ T7674] tmpfs: Unknown parameter 'usrquotaX' [ 90.890405][ T7676] netlink: 24 bytes leftover after parsing attributes in process `syz.2.224'. [ 91.199369][ T7663] loop3: detected capacity change from 0 to 32768 [ 91.221402][ T7663] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 8c1ca219 should be 29d2fb78 [ 91.402574][ T7663] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,compression=lz4,nojournal_transaction_names [ 91.406224][ T7663] bcachefs (loop3): recovering from clean shutdown, journal seq 7 [ 91.408013][ T7663] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix [ 91.408013][ T7663] running recovery passes: check_allocations [ 91.441664][ T6426] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 91.445187][ T6426] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 91.447419][ T6426] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 91.449559][ T6426] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 91.452739][ T6426] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 91.454310][ T6426] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 91.480747][ T7663] invalid bkey u64s 11 type alloc_v4 0:14:0 len 0 ver 0: [ 91.480765][ T7663] gen 0 oldest_gen 0 data_type journal [ 91.480773][ T7663] journal_seq 1 [ 91.480781][ T7663] need_discard 1 [ 91.480789][ T7663] need_inc_gen 1 [ 91.480796][ T7663] dirty_sectors 256 [ 91.480804][ T7663] stripe_sectors 0 [ 91.480811][ T7663] cached_sectors 0 [ 91.480819][ T7663] stripe 67108864 [ 91.480837][ T7663] stripe_redundancy 0 [ 91.480844][ T7663] io_time[READ] 1 [ 91.480852][ T7663] io_time[WRITE] 1 [ 91.480859][ T7663] fragmentation 0 [ 91.480867][ T7663] bp_start 8 [ 91.480874][ T7663] [ 91.480881][ T7663] invalid data type (got 2 should be 7): delete?, fixing [ 91.483201][ T7126] EXT4-fs (loop0): unmounting filesystem 00000000-0800-0000-0000-000000000000. [ 91.490170][ T7663] bcachefs (loop3): accounting_read... done [ 91.505050][ T7663] bcachefs (loop3): alloc_read... done [ 91.506293][ T7663] bcachefs (loop3): stripes_read... done [ 91.507581][ T7663] bcachefs (loop3): snapshots_read... done [ 91.508985][ T7663] bcachefs (loop3): check_allocations... [ 91.530275][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.530294][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 75277f57b0c8c24 written 32 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 91.542699][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.542715][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 19bc58a6c09b6540 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 91.548682][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.548696][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c18f4a4face03c6 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 91.557383][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.557398][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7675f41d391e5d36 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 91.563122][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.563138][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bcb9905dfb2993d5 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing [ 91.569434][ T7663] btree ptr not marked in member info btree allocated bitmap [ 91.569449][ T7663] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9a831b4a3f983356 written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 91.579023][ T7663] bucket 0:14 gen 0 has wrong data_type: got free, should be journal, fixing [ 91.581249][ T7663] bucket 0:14 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 91.585435][ T7663] done [ 91.588704][ T7663] bcachefs (loop3): going read-write [ 91.594367][ T7663] bcachefs (loop3): journal_replay... done [ 91.634607][ T7663] bcachefs (loop3): resume_logged_ops... done [ 91.635882][ T7663] bcachefs (loop3): delete_dead_inodes... done [ 91.637972][ T7663] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean [ 91.642702][ T7663] bcachefs (loop3): resume_logged_ops... done [ 91.644095][ T7663] bcachefs (loop3): delete_dead_inodes... done [ 91.647292][ T7663] bcachefs (loop3): done starting filesystem [ 91.725602][ T6536] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 91.800952][ T7712] tmpfs: Unknown parameter 'usrquotaX' [ 92.024472][ T7699] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 92.365743][ T6536] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.380119][ T6421] bcachefs (loop3): shutting down [ 92.383393][ T6421] bcachefs (loop3): going read-only [ 92.388872][ T6421] bcachefs (loop3): finished waiting for writes to stop [ 92.435431][ T7716] netlink: 32 bytes leftover after parsing attributes in process `syz.1.231'. [ 92.464320][ T7720] loop2: detected capacity change from 0 to 2048 [ 92.469188][ T6421] bcachefs (loop3): flushing journal and stopping allocators, journal seq 16 [ 92.471047][ T6421] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 16 [ 92.489932][ T6421] bcachefs (loop3): shutdown complete, journal seq 17 [ 92.492197][ T6421] bcachefs (loop3): marking filesystem clean [ 92.514326][ T7720] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 92.546975][ T7723] loop0: detected capacity change from 0 to 128 [ 92.556817][ T7723] EXT4-fs: Ignoring removed nobh option [ 92.564526][ T7723] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 92.588503][ T6421] bcachefs (loop3): shutdown complete [ 92.732817][ T7727] tmpfs: Unknown parameter 'usrquotaX' [ 92.776230][ T6536] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.267836][ T7126] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 93.310618][ T6536] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 93.441949][ T7702] chnl_net:caif_netlink_parms(): no params data found [ 93.631106][ T7739] tmpfs: Unknown parameter 'usrquotaX' [ 93.638020][ T6426] Bluetooth: hci4: command tx timeout [ 94.254776][ T7702] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.256656][ T7702] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.258218][ T7702] bridge_slave_0: entered allmulticast mode [ 94.283640][ T7702] bridge_slave_0: entered promiscuous mode [ 94.290979][ T7730] loop2: detected capacity change from 0 to 32768 [ 94.293102][ T7702] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.294641][ T7702] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.296139][ T7702] bridge_slave_1: entered allmulticast mode [ 94.297992][ T7702] bridge_slave_1: entered promiscuous mode [ 94.323085][ T7730] (syz.2.237,7730,1):ocfs2_verify_userspace_stack:854 ERROR: cluster stack passed to mount, but this filesystem does not support it [ 94.329389][ T7730] (syz.2.237,7730,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 94.363968][ T7744] FAULT_INJECTION: forcing a failure. [ 94.363968][ T7744] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.374166][ T7744] CPU: 1 UID: 0 PID: 7744 Comm: syz.0.239 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 94.376186][ T7744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 94.378362][ T7744] Call trace: [ 94.379066][ T7744] dump_backtrace+0x1b8/0x1e4 [ 94.380148][ T7744] show_stack+0x2c/0x3c [ 94.381046][ T7744] dump_stack_lvl+0xe4/0x150 [ 94.381944][ T7744] dump_stack+0x1c/0x28 [ 94.382782][ T7744] should_fail_ex+0x3b0/0x50c [ 94.383797][ T7744] should_fail+0x14/0x24 [ 94.384800][ T7744] should_fail_usercopy+0x20/0x30 [ 94.385913][ T7744] simple_read_from_buffer+0xd4/0x248 [ 94.387059][ T7744] proc_fail_nth_read+0x134/0x1a0 [ 94.388083][ T7744] vfs_read+0x230/0x984 [ 94.388974][ T7744] ksys_read+0x15c/0x26c [ 94.389844][ T7744] __arm64_sys_read+0x7c/0x90 [ 94.390887][ T7744] invoke_syscall+0x98/0x2b8 [ 94.391819][ T7744] el0_svc_common+0x130/0x23c [ 94.392847][ T7744] do_el0_svc+0x48/0x58 [ 94.393675][ T7744] el0_svc+0x54/0x168 [ 94.394541][ T7744] el0t_64_sync_handler+0x84/0xfc [ 94.395622][ T7744] el0t_64_sync+0x190/0x194 [ 94.453347][ T7702] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.455412][ T6536] bridge_slave_1: left allmulticast mode [ 94.456793][ T6536] bridge_slave_1: left promiscuous mode [ 94.458108][ T6536] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.474021][ T6536] bridge_slave_0: left allmulticast mode [ 94.475298][ T6536] bridge_slave_0: left promiscuous mode [ 94.486948][ T6536] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.506733][ T7735] loop1: detected capacity change from 0 to 32768 [ 94.520086][ T7735] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.238 (7735) [ 94.536874][ T7735] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 94.538918][ T7735] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 94.543911][ T7735] BTRFS info (device loop1): using free-space-tree [ 94.571529][ T7748] loop2: detected capacity change from 0 to 2048 [ 94.592371][ T7748] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 94.823681][ T6413] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 94.884960][ T30] audit: type=1400 audit(94.860:7): lsm=SMACK fn=smack_task_kill action=denied subject="w" object="_" requested=w pid=7767 comm="syz.3.242" opid=7767 ocomm="syz.3.242" [ 94.912696][ T30] audit: type=1400 audit(94.870:8): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=rw pid=7767 comm="syz.3.242" name="loop3" dev="devtmpfs" ino=646 [ 94.926821][ T30] audit: type=1400 audit(94.900:9): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=7767 comm="syz.3.242" name="45" dev="tmpfs" ino=267 [ 95.057530][ T7766] loop2: detected capacity change from 0 to 32768 [ 95.104938][ T7766] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 95.140695][ T7766] XFS (loop2): Ending clean mount [ 95.224530][ T7781] tmpfs: Unknown parameter 'usrquotaX' [ 95.699254][ T6426] Bluetooth: hci4: command tx timeout [ 96.047651][ T7784] loop3: detected capacity change from 0 to 32768 [ 96.224917][ T6401] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x50/0xf0, xfs_rmapbt block 0x14 [ 96.229184][ T6401] XFS (loop2): Unmount and run xfs_repair [ 96.238394][ T6401] XFS (loop2): First 128 bytes of corrupted metadata buffer: [ 96.241695][ T6401] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff RMB3............ [ 96.243472][ T6401] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80 ..P............. [ 96.245340][ T6401] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91 ..G...N..b..1... [ 96.247220][ T6401] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01 ....[.;......... [ 96.249014][ T6401] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00 ................ [ 96.265323][ T6401] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb ................ [ 96.267206][ T6401] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02 ................ [ 96.270025][ T6401] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00 ................ [ 96.287156][ T7766] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x14 len 4 error 74 [ 96.295633][ T7786] loop1: detected capacity change from 0 to 32768 [ 96.298319][ T7766] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x590/0xafc (fs/xfs/xfs_trans_buf.c:296). Shutting down filesystem. [ 96.301568][ T7766] XFS (loop2): Please unmount the filesystem and rectify the problem(s) [ 96.316353][ T7786] JBD2: Ignoring recovery information on journal [ 96.331289][ T7786] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 96.368447][ T6413] ocfs2: Unmounting device (7,1) on (node local) [ 96.385333][ T7790] loop3: detected capacity change from 0 to 8 [ 96.391675][ T7790] SQUASHFS error: zlib decompression failed, data probably corrupt [ 96.393530][ T7790] SQUASHFS error: Failed to read block 0x9b: -5 [ 96.395072][ T7790] SQUASHFS error: Unable to read metadata cache entry [99] [ 96.397015][ T7790] SQUASHFS error: Unable to read inode 0x127 [ 96.482540][ T6415] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 96.781372][ T7795] loop3: detected capacity change from 0 to 512 [ 96.896343][ T7795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 97.529506][ T7804] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 97.781112][ C1] Illegal XDP return value 16128 on prog (id 33) dev bond_slave_0, expect packet loss! [ 98.162512][ T6426] Bluetooth: hci4: command tx timeout [ 98.195006][ T7792] loop1: detected capacity change from 0 to 32768 [ 98.198546][ T7792] jfs_mount: dbMount failed w/rc = -22 [ 98.216791][ T7792] Mount JFS Failure: -22 [ 98.217780][ T7792] jfs_mount failed w/return code = -22 [ 98.565057][ T7813] tmpfs: Unknown parameter 'usrquotaX' [ 98.907417][ T6536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 99.078021][ T6536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 99.105335][ T6536] bond0 (unregistering): Released all slaves [ 99.164479][ T7702] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 99.202508][ T7818] loop2: detected capacity change from 0 to 256 [ 99.216396][ T30] audit: type=1326 audit(99.190:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.231630][ T30] audit: type=1326 audit(99.200:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.237855][ T30] audit: type=1326 audit(99.200:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.239520][ T7804] netlink: 8 bytes leftover after parsing attributes in process `syz.3.248'. [ 99.242339][ T30] audit: type=1326 audit(99.200:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.257610][ T30] audit: type=1326 audit(99.200:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.272431][ T30] audit: type=1326 audit(99.200:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.276666][ T30] audit: type=1326 audit(99.200:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7810 comm="syz.1.251" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff95f49728 code=0x7ffc0000 [ 99.293273][ T7819] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 99.301136][ T7702] team0: Port device team_slave_0 added [ 99.305002][ T7819] lo: entered allmulticast mode [ 99.308057][ T7702] team0: Port device team_slave_1 added [ 99.328469][ T7810] net_ratelimit: 269 callbacks suppressed [ 99.328485][ T7810] TCP: out of memory -- consider tuning tcp_mem [ 99.338244][ T7818] FAT-fs (loop2): Directory bread(block 64) failed [ 99.346230][ T7818] FAT-fs (loop2): Directory bread(block 65) failed [ 99.356352][ T7818] FAT-fs (loop2): Directory bread(block 66) failed [ 99.357797][ T7818] FAT-fs (loop2): Directory bread(block 67) failed [ 99.360543][ T7818] FAT-fs (loop2): Directory bread(block 68) failed [ 99.363447][ T7818] FAT-fs (loop2): Directory bread(block 69) failed [ 99.364995][ T7818] FAT-fs (loop2): Directory bread(block 70) failed [ 99.370065][ T7818] FAT-fs (loop2): Directory bread(block 71) failed [ 99.379012][ T7818] FAT-fs (loop2): Directory bread(block 72) failed [ 99.381773][ T7818] FAT-fs (loop2): Directory bread(block 73) failed [ 99.408367][ T6421] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 99.616788][ T7702] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 99.618224][ T7702] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 99.642698][ T7702] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 99.703989][ T7843] tmpfs: Unknown parameter 'usrquotaX' [ 100.150469][ T7702] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 100.179439][ T6426] Bluetooth: hci4: command tx timeout [ 100.218072][ T7702] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 100.225140][ T7702] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 100.545877][ T7841] loop1: detected capacity change from 0 to 32768 [ 101.164597][ T7841] JBD2: Ignoring recovery information on journal [ 101.196237][ T7841] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 101.205838][ T7861] loop2: detected capacity change from 0 to 256 [ 101.255864][ T6536] hsr_slave_0: left promiscuous mode [ 101.292310][ T6536] hsr_slave_1: left promiscuous mode [ 101.309327][ T7861] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001) [ 101.319220][ T7861] FAT-fs (loop2): Filesystem has been set read-only [ 101.341280][ T6413] ocfs2: Unmounting device (7,1) on (node local) [ 101.470276][ T6536] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 101.471918][ T6536] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 101.485371][ T6536] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 101.490179][ T6536] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 101.507420][ T7867] loop1: detected capacity change from 0 to 4096 [ 101.957913][ T6536] veth1_macvtap: left promiscuous mode [ 101.985659][ T6536] veth0_macvtap: left promiscuous mode [ 102.021817][ T6536] veth1_vlan: left promiscuous mode [ 102.062238][ T6536] veth0_vlan: left promiscuous mode [ 102.119375][ T7867] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512). [ 102.125197][ T7859] loop0: detected capacity change from 0 to 32768 [ 102.159023][ T7859] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 102.170704][ T7867] ntfs3: loop1: Failed to initialize $Extend/$Reparse. [ 102.241181][ T7859] XFS (loop0): Ending clean mount [ 102.468281][ T7884] loop3: detected capacity change from 0 to 512 [ 102.508848][ T7884] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.265: bad orphan inode 15 [ 102.515813][ T7884] EXT4-fs (loop3): Remounting filesystem read-only [ 102.517305][ T7884] ext4_test_bit(bit=14, block=5) = 0 [ 102.518781][ T7884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 102.535022][ T7126] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 102.609105][ T6421] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.635320][ T7870] loop2: detected capacity change from 0 to 32768 [ 102.653800][ T7870] (syz.2.263,7870,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000004294967268" or missing value [ 102.656497][ T7870] (syz.2.263,7870,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 102.788937][ T7867] ntfs3: loop1: Mark volume as dirty due to NTFS errors [ 102.824161][ T7891] netlink: 596 bytes leftover after parsing attributes in process `syz.2.268'. [ 102.850013][ T7891] loop2: detected capacity change from 0 to 512 [ 102.869619][ T7891] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 102.874712][ T7891] EXT4-fs (loop2): orphan cleanup on readonly fs [ 102.876103][ T7891] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #3: comm syz.2.268: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0) [ 102.938296][ T7891] EXT4-fs error (device loop2): ext4_quota_enable:7025: comm syz.2.268: Bad quota inode: 3, type: 0 [ 102.965561][ T7891] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 102.975054][ T7891] EXT4-fs (loop2): Cannot turn on quotas: error -117 [ 102.988950][ T7891] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 103.051239][ T7897] tmpfs: Unknown parameter 'usrquotaX' [ 103.445456][ T6413] ntfs3: loop1: ino=1a, ntfs_sync_fs failed, -22. [ 103.573367][ T7891] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended [ 103.613246][ T7891] EXT4-fs warning (device loop2): ext4_multi_mount_protect:292: Invalid MMP block in superblock [ 104.578505][ T7904] loop3: detected capacity change from 0 to 32768 [ 104.587768][ T7904] JBD2: Ignoring recovery information on journal [ 104.629013][ T7904] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 104.687323][ T6421] ocfs2: Unmounting device (7,3) on (node local) [ 105.439676][ T7922] loop0: detected capacity change from 0 to 8 [ 105.468991][ T7922] SQUASHFS error: lzo decompression failed, data probably corrupt [ 105.477257][ T7922] SQUASHFS error: Failed to read block 0x91: -5 [ 105.478535][ T7922] SQUASHFS error: Unable to read metadata cache entry [8f] [ 105.499209][ T7922] SQUASHFS error: Unable to read inode 0x11f [ 105.695776][ T7924] loop1: detected capacity change from 0 to 8 [ 105.701016][ T7924] squashfs: Unknown parameter 'Q' [ 106.225674][ T7937] loop3: detected capacity change from 0 to 512 [ 106.229550][ T7937] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 106.253865][ T7937] EXT4-fs (loop3): 1 truncate cleaned up [ 106.259173][ T7937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 106.292036][ T7929] loop1: detected capacity change from 0 to 32768 [ 106.293982][ T7929] (syz.1.277,7929,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000000004294967292" or missing value [ 106.296797][ T7929] (syz.1.277,7929,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 106.627626][ T7944] tmpfs: Unknown parameter 'usrquotaX' [ 107.483530][ T6536] team0 (unregistering): Port device team_slave_1 removed [ 107.652101][ T6536] team0 (unregistering): Port device team_slave_0 removed [ 110.012347][ T7702] hsr_slave_0: entered promiscuous mode [ 110.069465][ T7702] hsr_slave_1: entered promiscuous mode [ 110.109245][ T7702] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 110.110882][ T7702] Cannot create hsr debugfs directory [ 110.118370][ T7888] batman_adv: batadv0: Adding interface: gretap1 [ 110.119902][ T7888] batman_adv: batadv0: Interface activated: gretap1 [ 110.168208][ T6415] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.227788][ T7961] loop2: detected capacity change from 0 to 64 [ 110.246003][ T7961] hfs: unable to parse mount options [ 110.350243][ T6421] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.432106][ T7971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.510489][ T7971] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 110.524381][ T7971] loop1: detected capacity change from 0 to 128 [ 110.582705][ T7971] ext4: Unknown parameter 'nouser_xattr' [ 111.278236][ T6422] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 111.286941][ T6422] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 111.294293][ T6422] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 111.298689][ T6422] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 111.304274][ T6422] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 111.306322][ T6422] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 111.538924][ T7986] loop2: detected capacity change from 0 to 32768 [ 111.546963][ T7986] (syz.2.289,7986,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00000562949953421312" or missing value [ 111.559488][ T7986] (syz.2.289,7986,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 111.635875][ T7971] loop1: detected capacity change from 0 to 32768 [ 112.004996][ T7998] tmpfs: Unknown parameter 'usrquotaX' [ 112.675096][ T7999] find_entry called with index = 0 [ 112.676500][ T7999] find_entry called with index = 0 [ 112.691975][ T8007] find_entry called with index >= next_index [ 112.693285][ T8007] find_entry called with index >= next_index [ 112.699489][ T8007] find_entry called with index >= next_index [ 112.700729][ T8007] find_entry called with index >= next_index [ 112.702019][ T8007] find_entry called with index >= next_index [ 112.710870][ T8010] loop2: detected capacity change from 0 to 2048 [ 112.977007][ T7983] chnl_net:caif_netlink_parms(): no params data found [ 113.154017][ T2138] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.273690][ T7702] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 113.292171][ T7702] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 113.319298][ T8018] loop2: detected capacity change from 0 to 40427 [ 113.326999][ T8018] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 113.332236][ T8018] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 113.337510][ T2138] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.343527][ T8018] F2FS-fs (loop2): invalid crc value [ 113.354631][ T8018] F2FS-fs (loop2): Found nat_bits in checkpoint [ 113.356879][ T7702] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 113.367300][ T7702] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 113.377471][ T8018] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 113.384235][ T8018] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 113.397023][ T7983] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.405167][ T7983] bridge0: port 1(bridge_slave_0) entered disabled state [ 113.408626][ T7983] bridge_slave_0: entered allmulticast mode [ 113.414886][ T7983] bridge_slave_0: entered promiscuous mode [ 113.422266][ T7983] bridge0: port 2(bridge_slave_1) entered blocking state [ 113.423917][ T7983] bridge0: port 2(bridge_slave_1) entered disabled state [ 113.425641][ T7983] bridge_slave_1: entered allmulticast mode [ 113.438638][ T7983] bridge_slave_1: entered promiscuous mode [ 113.460974][ T2138] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.470621][ T6422] Bluetooth: hci3: command tx timeout [ 113.520743][ T7983] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 113.536492][ T7983] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 113.608584][ T7983] team0: Port device team_slave_0 added [ 113.637589][ T6415] syz-executor: attempt to access beyond end of device [ 113.637589][ T6415] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427 [ 113.655690][ T2138] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.656983][ T6415] F2FS-fs (loop2): Stopped filesystem due to reason: 3 [ 113.665112][ T7983] team0: Port device team_slave_1 added [ 113.676730][ T7983] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 113.678421][ T7983] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.684621][ T7983] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 113.690569][ T7983] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 113.692480][ T7983] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 113.698287][ T7983] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 113.737101][ T7983] hsr_slave_0: entered promiscuous mode [ 113.741002][ T7983] hsr_slave_1: entered promiscuous mode [ 113.742764][ T7983] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 113.748960][ T7983] Cannot create hsr debugfs directory [ 113.930712][ T7702] 8021q: adding VLAN 0 to HW filter on device bond0 [ 113.944737][ T7702] 8021q: adding VLAN 0 to HW filter on device team0 [ 113.976153][ T6791] bridge0: port 1(bridge_slave_0) entered blocking state [ 113.977891][ T6791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 114.016923][ T2138] bridge_slave_1: left allmulticast mode [ 114.018369][ T2138] bridge_slave_1: left promiscuous mode [ 114.020810][ T2138] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.024613][ T2138] bridge_slave_0: left allmulticast mode [ 114.026277][ T2138] bridge_slave_0: left promiscuous mode [ 114.027561][ T2138] bridge0: port 1(bridge_slave_0) entered disabled state [ 114.126232][ T8028] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 114.128726][ T8028] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 114.164591][ T8028] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 114.173082][ T8028] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 114.174507][ T8028] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 114.176981][ T8059] FAULT_INJECTION: forcing a failure. [ 114.176981][ T8059] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.180418][ T8059] CPU: 1 UID: 0 PID: 8059 Comm: syz.2.298 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 114.182590][ T8059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 114.184738][ T8059] Call trace: [ 114.185452][ T8059] dump_backtrace+0x1b8/0x1e4 [ 114.186550][ T8059] show_stack+0x2c/0x3c [ 114.187360][ T8059] dump_stack_lvl+0xe4/0x150 [ 114.188345][ T8059] dump_stack+0x1c/0x28 [ 114.189293][ T8059] should_fail_ex+0x3b0/0x50c [ 114.190311][ T8059] should_fail+0x14/0x24 [ 114.191271][ T8059] should_fail_usercopy+0x20/0x30 [ 114.192309][ T8059] tcp_repair_options_est+0x18c/0x680 [ 114.193421][ T8059] do_tcp_setsockopt+0x1570/0x1f38 [ 114.194492][ T8059] tcp_setsockopt+0x68/0xe8 [ 114.195446][ T8059] sock_common_setsockopt+0xb0/0xcc [ 114.196612][ T8059] do_sock_setsockopt+0x2a0/0x4e0 [ 114.197785][ T8059] __sys_setsockopt+0x128/0x1a8 [ 114.198915][ T8059] __arm64_sys_setsockopt+0xb8/0xd4 [ 114.200051][ T8059] invoke_syscall+0x98/0x2b8 [ 114.201074][ T8059] el0_svc_common+0x130/0x23c [ 114.202096][ T8059] do_el0_svc+0x48/0x58 [ 114.202985][ T8059] el0_svc+0x54/0x168 [ 114.203817][ T8059] el0t_64_sync_handler+0x84/0xfc [ 114.204831][ T8059] el0t_64_sync+0x190/0x194 [ 114.301036][ T8028] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 114.455066][ T8028] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 114.507796][ T8028] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 114.709660][ T8028] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 114.781074][ T8028] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 114.782427][ T8028] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 114.796899][ T8028] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 114.813940][ T8028] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 114.824251][ T8028] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 114.828688][ T8028] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.111202][ T8063] loop2: detected capacity change from 0 to 32768 [ 115.187956][ T8071] tmpfs: Unknown parameter 'usrquotaX' [ 115.307613][ T8063] (syz.2.299,8063,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00071776119061217279" or missing value [ 115.352317][ T8063] (syz.2.299,8063,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 115.479174][ T6422] Bluetooth: hci1: command 0x0c1a tx timeout [ 115.789034][ T8073] loop2: detected capacity change from 0 to 2048 [ 115.801108][ T8073] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 116.011119][ T8075] loop1: detected capacity change from 0 to 32768 [ 116.025273][ T8075] JBD2: Ignoring recovery information on journal [ 116.068413][ T8075] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 116.098417][ T6413] ocfs2: Unmounting device (7,1) on (node local) [ 116.180427][ T6422] Bluetooth: hci2: command 0x0c1a tx timeout [ 116.500091][ T6422] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.762712][ T2138] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 116.799480][ T2138] bond_slave_0: left promiscuous mode [ 116.802782][ T2138] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 116.819219][ T6422] Bluetooth: hci3: command 0x040f tx timeout [ 116.819251][ T6426] Bluetooth: hci4: command 0x0c1a tx timeout [ 116.839429][ T2138] bond_slave_1: left promiscuous mode [ 116.842856][ T2138] bond0 (unregistering): (slave batadv0): Releasing backup interface [ 116.880315][ T2138] batadv0: left promiscuous mode [ 116.885610][ T2138] bond0 (unregistering): Released all slaves [ 116.892157][ T6791] bridge0: port 2(bridge_slave_1) entered blocking state [ 116.893697][ T6791] bridge0: port 2(bridge_slave_1) entered forwarding state [ 116.904095][ T8064] validate_nla: 57 callbacks suppressed [ 116.904112][ T8064] netlink: 'syz.0.300': attribute type 29 has an invalid length. [ 116.909229][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.2.302'. [ 117.082863][ T8092] loop0: detected capacity change from 0 to 4096 [ 117.135078][ T8093] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 117.404022][ T8098] loop2: detected capacity change from 0 to 512 [ 117.569398][ T6426] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.862418][ T7702] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 117.866802][ T8098] ext4: Unknown parameter 'nouser_xattr' [ 117.882000][ T7702] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 118.077632][ T8096] FAULT_INJECTION: forcing a failure. [ 118.077632][ T8096] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 118.086564][ T8096] CPU: 0 UID: 0 PID: 8096 Comm: syz.1.309 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 118.088660][ T8096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 118.090804][ T8096] Call trace: [ 118.091463][ T8096] dump_backtrace+0x1b8/0x1e4 [ 118.092521][ T8096] show_stack+0x2c/0x3c [ 118.093422][ T8096] dump_stack_lvl+0xe4/0x150 [ 118.094419][ T8096] dump_stack+0x1c/0x28 [ 118.095344][ T8096] should_fail_ex+0x3b0/0x50c [ 118.096407][ T8096] should_fail+0x14/0x24 [ 118.097351][ T8096] should_fail_usercopy+0x20/0x30 [ 118.098407][ T8096] tcp_repair_options_est+0x18c/0x680 [ 118.099602][ T8096] do_tcp_setsockopt+0x1570/0x1f38 [ 118.100779][ T8096] tcp_setsockopt+0x68/0xe8 [ 118.101841][ T8096] sock_common_setsockopt+0xb0/0xcc [ 118.102984][ T8096] do_sock_setsockopt+0x2a0/0x4e0 [ 118.104226][ T8096] __sys_setsockopt+0x128/0x1a8 [ 118.105260][ T8096] __arm64_sys_setsockopt+0xb8/0xd4 [ 118.106390][ T8096] invoke_syscall+0x98/0x2b8 [ 118.107318][ T8096] el0_svc_common+0x130/0x23c [ 118.108285][ T8096] do_el0_svc+0x48/0x58 [ 118.109167][ T8096] el0_svc+0x54/0x168 [ 118.110030][ T8096] el0t_64_sync_handler+0x84/0xfc [ 118.111046][ T8096] el0t_64_sync+0x190/0x194 [ 118.259280][ T6426] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.492337][ T8134] tmpfs: Unknown parameter 'usrquotaX' [ 118.599870][ T6426] Bluetooth: hci0: command 0x0c1a tx timeout [ 118.899345][ T6426] Bluetooth: hci3: command 0x040f tx timeout [ 118.902408][ T6426] Bluetooth: hci4: command 0x0c1a tx timeout [ 119.022100][ T8109] loop2: detected capacity change from 0 to 32768 [ 119.024261][ T8109] (syz.2.310,8109,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00072057594037927936" or missing value [ 119.046693][ T8109] (syz.2.310,8109,0):ocfs2_fill_super:1178 ERROR: status = -22 [ 119.062952][ T2138] hsr_slave_0: left promiscuous mode [ 119.158018][ T2138] hsr_slave_1: left promiscuous mode [ 119.239250][ T2138] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 119.241103][ T2138] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 119.248418][ T2138] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 119.256552][ T2138] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 119.278725][ T2138] veth1_macvtap: left promiscuous mode [ 119.284532][ T2138] veth0_macvtap: left promiscuous mode [ 119.286636][ T2138] veth1_vlan: left promiscuous mode [ 119.287812][ T2138] veth0_vlan: left promiscuous mode [ 119.307615][ T8133] loop1: detected capacity change from 0 to 32768 [ 119.324616][ T8133] JBD2: Ignoring recovery information on journal [ 119.388440][ T8133] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 119.454075][ T6413] ocfs2: Unmounting device (7,1) on (node local) [ 119.546422][ T8141] loop2: detected capacity change from 0 to 32768 [ 119.554581][ T8141] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.315 (8141) [ 119.562190][ T8141] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 119.565823][ T8141] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm [ 119.567969][ T8141] BTRFS info (device loop2): using free-space-tree [ 119.619278][ T6422] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.677333][ T8166] ALSA: seq fatal error: cannot create timer (-22) [ 119.742169][ T8168] loop1: detected capacity change from 0 to 2048 [ 119.747248][ T8168] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 120.331049][ T6415] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 120.343642][ T6426] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.434342][ T8172] loop2: detected capacity change from 0 to 64 [ 120.436319][ T8172] hfs: unable to parse mount options [ 120.625149][ T8172] loop2: detected capacity change from 0 to 32768 [ 120.629942][ T8172] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.319 (8172) [ 120.634638][ T8172] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 120.636959][ T8172] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 120.638804][ T8172] BTRFS info (device loop2): disk space caching is enabled [ 120.640948][ T8172] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 120.669760][ T6426] Bluetooth: hci0: command 0x0c1a tx timeout [ 120.694934][ T8172] BTRFS info (device loop2): rebuilding free space tree [ 120.706422][ T8172] BTRFS info (device loop2): disabling free space tree [ 120.707937][ T8172] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 120.710122][ T8172] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 120.715259][ T8172] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2 [ 120.989269][ T6426] Bluetooth: hci4: command 0x0c1a tx timeout [ 120.989348][ T5980] Bluetooth: hci3: command 0x040f tx timeout [ 121.323018][ T2138] team0 (unregistering): Port device team_slave_1 removed [ 121.473722][ T2138] team0 (unregistering): Port device team_slave_0 removed [ 123.059179][ T6422] Bluetooth: hci3: command 0x040f tx timeout [ 123.880286][ T7702] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.911943][ T7983] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 123.913448][ T8194] loop0: detected capacity change from 0 to 8 [ 124.010130][ T7983] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 124.079253][ T7983] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 124.178935][ T8204] tmpfs: Unknown parameter 'usrquotaX' [ 124.525449][ T7983] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 124.888444][ T7983] 8021q: adding VLAN 0 to HW filter on device bond0 [ 124.915512][ T7702] veth0_vlan: entered promiscuous mode [ 124.937602][ T7983] 8021q: adding VLAN 0 to HW filter on device team0 [ 124.943667][ T7702] veth1_vlan: entered promiscuous mode [ 124.948473][ T6536] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.949987][ T6536] bridge0: port 1(bridge_slave_0) entered forwarding state [ 124.983427][ T6536] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.984936][ T6536] bridge0: port 2(bridge_slave_1) entered forwarding state [ 125.014869][ T7702] veth0_macvtap: entered promiscuous mode [ 125.044330][ T7983] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 125.046554][ T7983] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 125.068053][ T7702] veth1_macvtap: entered promiscuous mode [ 125.080560][ T8200] loop0: detected capacity change from 0 to 32768 [ 125.088845][ T8198] FAULT_INJECTION: forcing a failure. [ 125.088845][ T8198] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.095424][ T8200] (syz.0.323,8200,1):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "commit=00072066390130950144" or missing value [ 125.098432][ T7702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.107530][ T8198] CPU: 0 UID: 0 PID: 8198 Comm: syz.1.320 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 125.109616][ T8198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 125.111487][ T8200] (syz.0.323,8200,1):ocfs2_fill_super:1178 ERROR: status = -22 [ 125.111761][ T8198] Call trace: [ 125.114061][ T8198] dump_backtrace+0x1b8/0x1e4 [ 125.115097][ T8198] show_stack+0x2c/0x3c [ 125.116011][ T8198] dump_stack_lvl+0xe4/0x150 [ 125.117037][ T8198] dump_stack+0x1c/0x28 [ 125.117927][ T8198] should_fail_ex+0x3b0/0x50c [ 125.118901][ T8198] should_fail+0x14/0x24 [ 125.119858][ T8198] should_fail_usercopy+0x20/0x30 [ 125.120910][ T8198] tcp_repair_options_est+0x18c/0x680 [ 125.121993][ T8198] do_tcp_setsockopt+0x1570/0x1f38 [ 125.123003][ T8198] tcp_setsockopt+0x68/0xe8 [ 125.123946][ T8198] sock_common_setsockopt+0xb0/0xcc [ 125.125027][ T8198] do_sock_setsockopt+0x2a0/0x4e0 [ 125.126154][ T8198] __sys_setsockopt+0x128/0x1a8 [ 125.127159][ T8198] __arm64_sys_setsockopt+0xb8/0xd4 [ 125.128351][ T8198] invoke_syscall+0x98/0x2b8 [ 125.129352][ T8198] el0_svc_common+0x130/0x23c [ 125.130431][ T8198] do_el0_svc+0x48/0x58 [ 125.131297][ T8198] el0_svc+0x54/0x168 [ 125.132202][ T8198] el0t_64_sync_handler+0x84/0xfc [ 125.133173][ T8198] el0t_64_sync+0x190/0x194 [ 125.134682][ T7702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.136786][ T7702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.139596][ T6422] Bluetooth: hci3: command 0x040f tx timeout [ 125.140734][ T7702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.144115][ T7702] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.171999][ T7702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.174186][ T7702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.176078][ T7702] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.178247][ T7702] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.211132][ T7702] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 125.252663][ T7702] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.254518][ T7702] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.256268][ T7702] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.258010][ T7702] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.365758][ T7983] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 125.432002][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.433672][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.492379][ T8214] loop2: detected capacity change from 0 to 32768 [ 125.493989][ T7983] veth0_vlan: entered promiscuous mode [ 125.516285][ T8214] JBD2: Ignoring recovery information on journal [ 125.524101][ T286] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.535479][ T286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.552107][ T7983] veth1_vlan: entered promiscuous mode [ 125.553177][ T8234] loop0: detected capacity change from 0 to 1024 [ 125.580943][ T7983] veth0_macvtap: entered promiscuous mode [ 125.584672][ T7983] veth1_macvtap: entered promiscuous mode [ 125.607180][ T8214] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 125.623450][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.625788][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.627870][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.630117][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.632189][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.634499][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.638846][ T7983] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.643162][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.645427][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.647529][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.649785][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.651783][ T7983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.653867][ T7983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.656939][ T7983] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 125.660639][ T7983] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.662425][ T7983] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.664634][ T7983] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.668747][ T7983] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.703888][ T8234] hfsplus: xattr search failed [ 125.738049][ T6415] ocfs2: Unmounting device (7,2) on (node local) [ 125.785908][ T8249] loop4: detected capacity change from 0 to 764 [ 125.787709][ T8249] iso9660: Unknown parameter '' [ 125.791372][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.793048][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.857230][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.858963][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.891996][ T8252] warning: `syz.1.333' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 125.940930][ T2340] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.942355][ T2340] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.215543][ T8234] loop0: detected capacity change from 0 to 32768 [ 126.232349][ T8234] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.327 (8234) [ 126.245115][ T8234] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 126.247492][ T8234] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm [ 126.251459][ T8234] BTRFS info (device loop0): using free-space-tree [ 126.480743][ T8306] netlink: 28 bytes leftover after parsing attributes in process `syz.4.344'. [ 126.499876][ T8234] Process accounting resumed [ 126.518039][ T6790] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared) [ 126.641363][ T7126] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 127.228618][ T6422] Bluetooth: hci3: command 0x040f tx timeout [ 127.395331][ T8382] netlink: 204 bytes leftover after parsing attributes in process `syz.3.366'. [ 127.621168][ T8389] netlink: 24 bytes leftover after parsing attributes in process `syz.4.370'. [ 127.835022][ T8414] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 128.287420][ T8449] (unnamed net_device) (uninitialized): option min_links: invalid value (18446744073709551614) [ 128.297147][ T8449] (unnamed net_device) (uninitialized): option min_links: allowed values 0 - 2147483647 [ 128.384836][ T8464] netlink: 24 bytes leftover after parsing attributes in process `syz.3.395'. [ 128.418754][ T8468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.397'. [ 128.427679][ T8468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.397'. [ 129.655616][ T8535] team0: Port device team_slave_1 removed [ 130.056043][ T8573] netlink: 8 bytes leftover after parsing attributes in process `syz.1.437'. [ 130.212690][ T8588] syzkaller0: entered promiscuous mode [ 130.213886][ T8588] syzkaller0: entered allmulticast mode [ 130.226124][ T8594] batadv0: entered promiscuous mode [ 130.327870][ T8596] workqueue: name exceeds WQ_NAME_LEN. Truncating to: †< )Ù2¼”›U7‘Å ìüYŸøä‹¡ô¾ÐËÝ;& [ 130.494576][ T8612] netlink: 4 bytes leftover after parsing attributes in process `syz.0.452'. [ 130.600278][ T8622] dccp_invalid_packet: P.CsCov 15 exceeds packet length 256 [ 130.719795][ T8632] netlink: 36 bytes leftover after parsing attributes in process `syz.0.460'. [ 130.733164][ T8634] tipc: Enabled bearer , priority 10 [ 131.302857][ T8678] netlink: 4 bytes leftover after parsing attributes in process `syz.3.483'. [ 131.790118][ T8729] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 131.916846][ T8740] syzkaller1: entered promiscuous mode [ 131.925854][ T8740] syzkaller1: entered allmulticast mode [ 131.955566][ T8742] __nla_validate_parse: 1 callbacks suppressed [ 131.955639][ T8742] netlink: 12 bytes leftover after parsing attributes in process `syz.2.498'. [ 132.042532][ T8748] netlink: 16 bytes leftover after parsing attributes in process `syz.2.501'. [ 132.159022][ T8748] xt_CT: You must specify a L4 protocol and not use inversions on it [ 132.488148][ T8780] netlink: 4 bytes leftover after parsing attributes in process `syz.1.514'. [ 132.716586][ T12] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting [ 132.821859][ T12] wlan1: Selected IBSS BSSID 50:50:50:50:50:50 based on configured SSID [ 132.913867][ T8817] openvswitch: netlink: Flow key attr not present in new flow. [ 132.920867][ T8817] netlink: 'syz.2.532': attribute type 11 has an invalid length. [ 132.929806][ T8817] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.532'. [ 132.974528][ T8824] netlink: 209840 bytes leftover after parsing attributes in process `syz.3.535'. [ 133.848463][ T8883] infiniband syz1: set active [ 133.854561][ T8883] infiniband syz1: added bond0 [ 133.976284][ T8883] RDS/IB: syz1: added [ 133.977773][ T8883] smc: adding ib device syz1 with port count 1 [ 134.005608][ T8883] smc: ib device syz1 port 1 has pnetid [ 134.336180][ T8947] netlink: 36 bytes leftover after parsing attributes in process `syz.4.580'. [ 134.338212][ T8947] netlink: 16 bytes leftover after parsing attributes in process `syz.4.580'. [ 134.348724][ T8947] netlink: 36 bytes leftover after parsing attributes in process `syz.4.580'. [ 134.358704][ T8947] netlink: 36 bytes leftover after parsing attributes in process `syz.4.580'. [ 134.421052][ T8955] netlink: 24 bytes leftover after parsing attributes in process `syz.1.584'. [ 134.543938][ T8965] ebtables: ebtables: counters copy to user failed while replacing table [ 135.024619][ T8992] debugfs: Directory '†< )Ù2¼”›U7‘Å ìüYŸøä‹¡ô¾ÐËÝ;&!' with parent 'ieee80211' already present! [ 135.371001][ T9014] tipc: Failed to obtain node identity [ 135.372393][ T9014] tipc: Enabling of bearer rejected, failed to enable media [ 136.563317][ T9119] lo speed is unknown, defaulting to 1000 [ 136.586216][ T9119] lo speed is unknown, defaulting to 1000 [ 136.595498][ T9119] lo speed is unknown, defaulting to 1000 [ 136.613915][ T9122] netlink: 'syz.0.654': attribute type 4 has an invalid length. [ 136.734800][ T9119] infiniband syz0: set down [ 136.739332][ T9119] infiniband syz0: added lo [ 136.758026][ T6502] lo speed is unknown, defaulting to 1000 [ 136.764882][ T9131] syzkaller0: entered promiscuous mode [ 136.779342][ T9119] RDS/IB: syz0: added [ 136.781471][ T9119] smc: adding ib device syz0 with port count 1 [ 136.787182][ T9119] smc: ib device syz0 port 1 has pnetid [ 136.816320][ T9131] syzkaller0 (unregistering): left promiscuous mode [ 136.895323][ T1756] lo speed is unknown, defaulting to 1000 [ 136.901287][ T9119] lo speed is unknown, defaulting to 1000 [ 136.976014][ T9119] lo speed is unknown, defaulting to 1000 [ 136.993501][ T9141] IPv6: Can't replace route, no match found [ 137.013549][ T9119] lo speed is unknown, defaulting to 1000 [ 137.077054][ T9119] lo speed is unknown, defaulting to 1000 [ 137.128121][ T9149] netlink: 'syz.2.667': attribute type 1 has an invalid length. [ 137.131221][ T9149] netlink: 'syz.2.667': attribute type 7 has an invalid length. [ 137.157138][ T9119] lo speed is unknown, defaulting to 1000 [ 137.702986][ T9193] netlink: 'syz.4.683': attribute type 1 has an invalid length. [ 137.993734][ T9209] Bluetooth: MGMT ver 1.23 [ 138.143243][ T9215] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 138.254364][ T9227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 138.260613][ T9231] __nla_validate_parse: 8 callbacks suppressed [ 138.260628][ T9231] netlink: 4 bytes leftover after parsing attributes in process `syz.1.698'. [ 138.281036][ T9234] netlink: 4 bytes leftover after parsing attributes in process `syz.2.700'. [ 138.443022][ T9230] ------------[ cut here ]------------ [ 138.444725][ T9230] name '17005' [ 138.445607][ T9230] WARNING: CPU: 0 PID: 9230 at fs/proc/generic.c:711 remove_proc_entry+0x278/0x4cc [ 138.447832][ T9230] Modules linked in: [ 138.448656][ T9230] CPU: 0 UID: 0 PID: 9230 Comm: syz.1.698 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0 [ 138.450870][ T9230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 138.452999][ T9230] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 138.454663][ T9230] pc : remove_proc_entry+0x278/0x4cc [ 138.455905][ T9230] lr : remove_proc_entry+0x278/0x4cc [ 138.457061][ T9230] sp : ffff8000a2947ac0 [ 138.457859][ T9230] x29: ffff8000a2947b40 x28: ffff0000eb9b2b40 x27: dfff800000000000 [ 138.459583][ T9230] x26: ffff700014528f58 x25: ffff800092593e60 x24: 1ffff00014528f60 [ 138.461396][ T9230] x23: 0000000000000005 x22: ffff0000eb9b2bf8 x21: ffff0000eceb5548 [ 138.463144][ T9230] x20: 0000000000000000 x19: ffff0000eceb5548 x18: 0000000000000008 [ 138.464894][ T9230] x17: 0000000000000000 x16: ffff800083032784 x15: 0000000000000001 [ 138.466640][ T9230] x14: 1fffe000366d325a x13: 0000000000000000 x12: 0000000000000000 [ 138.468351][ T9230] x11: 0000000000000002 x10: 0000000000ff0100 x9 : 39e1a3cf929b3900 [ 138.470173][ T9230] x8 : 39e1a3cf929b3900 x7 : 0000000000000001 x6 : 0000000000000001 [ 138.472100][ T9230] x5 : ffff8000a2947218 x4 : ffff80008f65b620 x3 : ffff8000806051a0 [ 138.473794][ T9230] x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000 [ 138.475433][ T9230] Call trace: [ 138.476282][ T9230] remove_proc_entry+0x278/0x4cc [ 138.477399][ T9230] bcm_release+0x21c/0x800 [ 138.478352][ T9230] sock_close+0xa4/0x1e8 [ 138.479198][ T9230] __fput+0x1bc/0x774 [ 138.480165][ T9230] ____fput+0x20/0x30 [ 138.481116][ T9230] task_work_run+0x230/0x2e0 [ 138.482132][ T9230] do_notify_resume+0x178/0x1f4 [ 138.483189][ T9230] el0_svc+0xac/0x168 [ 138.484090][ T9230] el0t_64_sync_handler+0x84/0xfc [ 138.485174][ T9230] el0t_64_sync+0x190/0x194 [ 138.486210][ T9230] irq event stamp: 3986 [ 138.487132][ T9230] hardirqs last enabled at (3985): [] console_unlock+0x18c/0x3d4 [ 138.489294][ T9230] hardirqs last disabled at (3986): [] el1_dbg+0x24/0x80 [ 138.491165][ T9230] softirqs last enabled at (3964): [] lock_sock_nested+0xcc/0x11c [ 138.493241][ T9230] softirqs last disabled at (3962): [] lock_sock_nested+0x74/0x11c [ 138.495305][ T9230] ---[ end trace 0000000000000000 ]--- [ 140.100522][ T6422] Bluetooth: hci0: Opcode 0x0401 failed: -110 [ 140.100566][ T6426] Bluetooth: hci0: command 0x0c1a tx timeout [ 140.899588][ T6422] Bluetooth: hci3: command 0x040f tx timeout [ 142.979510][ T6422] Bluetooth: hci3: command 0x040f tx timeout