last executing test programs: 2.531996987s ago: executing program 0 (id=431): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0)) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0) ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x3) close(r1) 2.283549514s ago: executing program 0 (id=434): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x5, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x7, 0x81}, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68) r2 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r3 = io_uring_setup(0x7a32, &(0x7f0000000080)={0x0, 0x7425, 0x1, 0x3, 0x17f}) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000100)=[r2, r2, r2, r2], 0x4) 2.236012832s ago: executing program 3 (id=435): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)="1c0000", 0x3}], 0x1}, 0x0) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_submit(0x0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000000080)='d', 0x2}]) 2.179471441s ago: executing program 3 (id=438): syz_open_dev$sndpcmc(&(0x7f00000007c0), 0x0, 0x800) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) close(r5) semget$private(0x0, 0x0, 0x425) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0) 1.616015101s ago: executing program 2 (id=445): syz_emit_ethernet(0x46, &(0x7f0000000200)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x9, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x3, 0xdf}, @timestamp_addr={0x44, 0xc, 0x7, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x37}, 0x8000}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x2}}}}}}, 0x0) 1.53199931s ago: executing program 2 (id=446): r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x800, 0x2) writev(r0, &(0x7f0000000100)=[{&(0x7f00000000c0)="ef", 0x1}], 0x1) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f046}) 1.392622815s ago: executing program 2 (id=448): io_setup(0x5, &(0x7f0000000e80)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)='d', 0x2}]) 1.267817308s ago: executing program 4 (id=450): r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x29, 0x1, 0x1, "00000000bf2b000005000104000000e4f4ffff0000ea00000d00", 0x32344d59}) 1.197279208s ago: executing program 4 (id=451): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c) syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[], 0x0) 1.191234253s ago: executing program 2 (id=452): r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x121000) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, &(0x7f0000000080)={0x1, @capture={0x0, 0x0, {0xfffffffd, 0x101}, 0x7, 0xfffffffe}}) 1.023793696s ago: executing program 2 (id=454): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'vxcan0\x00', 0x0}) r3 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r3, &(0x7f0000000080)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18) sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r1, 0x4000000000000000}, 0x18, &(0x7f0000000180)={&(0x7f00000003c0)}, 0x1, 0x0, 0x0, 0x280c0}, 0x408aa) 994.188171ms ago: executing program 1 (id=455): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000fdffffff000000000600180018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000208500000083000000bf0900000000000055090100000000007b00000000000000bf91000000000000b70200000200000085000000840000005f0000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94) 959.761907ms ago: executing program 4 (id=456): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c00)=@delchain={0x1d8, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x20000000}, @TCA_RATE={0x6, 0x5, {0x6, 0x2}}, @filter_kind_options=@f_route={{0xa}, {0x188, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xca}, @TCA_ROUTE4_IIF={0x8}, @TCA_ROUTE4_ACT={0x174, 0x6, [@m_mirred={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x29, 0x6, "b9e6cb743efb5818279b291a7d56a99d728d0d3c5750442cdd89714a7135052ff6aa167b6d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_mirred={0x118, 0x9, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x5, 0x10000000, 0xae, 0x2}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0x3, 0x10000000, 0x8, 0x8}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x1336e5ff, 0x9, 0x6, 0x0, 0x1}, 0x7}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x5, 0x4, 0x20000000, 0x8}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x100, 0x6, 0x7, 0x1f31, 0xfffffff5}, 0x4}}]}, {0x49, 0x6, "216194e50e7faa7649d1c06839be3b59a7f1bb6c7fbd0e7344b4e9b561d4b406f4a7a0c7e6ebe935ccd4c10fd3ff9357cc52da0d5a0f390e738e2309dae089a4a01ae1f8d7"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2}}}}]}]}}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x81}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400}) 903.979619ms ago: executing program 2 (id=457): prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000044c0), 0x141802) ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000004500)) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, 0x0) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0) r3 = socket(0x2b, 0x5, 0x3a) setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000340), 0x4) r4 = syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0) syz_usb_control_io$hid(r4, 0x0, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, &(0x7f0000000ac0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0, @ANYRESOCT=r1], &(0x7f0000000a80)={0x20, 0x3, 0x1, 0x3}}) setsockopt$MRT6_FLUSH(r3, 0x29, 0xd4, &(0x7f0000000280)=0x4, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4-generic)\x00'}, 0x58) 873.50051ms ago: executing program 1 (id=458): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x200, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 803.361232ms ago: executing program 4 (id=459): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x20, @loopback}, {0xa, 0x0, 0x6, @ipv4={'\x00', '\xff\xff', @remote}}, r1}}, 0x48) 671.99157ms ago: executing program 1 (id=460): write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xa, {"a2e39b214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838681a0890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b343b0d076c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0d9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c30900004288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef7becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda930b000000cbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe505003d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6ae4effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d71eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d471c8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949d9a92587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15aa82000000000000a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000", 0x1000}}, 0x1006) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="800000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c000280050001000000000008000740000000011c00108008000140000000000800024000"], 0x80}, 0x1, 0x0, 0x0, 0x20008044}, 0x0) 635.157906ms ago: executing program 0 (id=461): r0 = syz_open_dev$vim2m(0x0, 0x7, 0x2) ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000000c0)={0x29, 0x1, 0x1, "00000000bf2b000005000104000000e4f4ffff0000ea00000d00", 0x32344d59}) 595.616188ms ago: executing program 4 (id=462): io_setup(0x5, &(0x7f0000000e80)=0x0) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)='d', 0x2}]) 564.583568ms ago: executing program 1 (id=463): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x1, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x8, 0x3}, {}, {0x3, 0x10}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_ife={0x50, 0x1, 0x0, 0x0, {{0x8}, {0x28, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x40, 0x6, 0xffffffffffffffff, 0xea, 0x100004}, 0x1}}, @TCA_IFE_TYPE={0x6, 0x5, 0x7}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0) 423.875113ms ago: executing program 0 (id=464): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000fdffffff000000000600180018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014001800b7030000000000008500000083000000bf0900000000000055090100000000007b00000000000000bf91000000000000b70200000200000085000000840000005f0480000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94) 379.916139ms ago: executing program 4 (id=465): mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = inotify_init1(0x0) inotify_add_watch(r1, &(0x7f0000000040)='./file0\x00', 0x8000046e) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$tipc(0x1e, 0x5, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0100000008001000040000000800000001000000", @ANYRES32, @ANYBLOB="00004000000000ebffffff000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r4}, 0x38) bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x1b, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240), 0x0, 0x2, r4}, 0x38) bind$tipc(r3, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x1, 0x10000000}}, 0x10) bind$tipc(r3, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41, 0xfffe}, 0x1}}, 0x10) bind$tipc(r3, &(0x7f0000000100)=@name={0x1e, 0x2, 0x1fb553244e946098, {{0x42, 0x200000c}, 0x1}}, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000) recvmmsg(r6, &(0x7f0000000fc0)=[{{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, 0x0}, 0x4}, {{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000012c0)=""/204, 0xcc}, {&(0x7f00000004c0)=""/234, 0xea}, {&(0x7f0000000240)=""/87, 0x57}, {&(0x7f0000002b00)=""/4106, 0x100a}, {&(0x7f0000000840)=""/182, 0xb6}, {&(0x7f0000000040)=""/11, 0xb}], 0x6}, 0xa}], 0x4, 0x0, 0x0) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff) r8 = bpf$ITER_CREATE(0x21, &(0x7f00000000c0), 0x8) setsockopt$TIPC_DEST_DROPPABLE(r8, 0x10f, 0x81, &(0x7f00000002c0)=0x3, 0x4) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r5, @ANYBLOB="080026006c09000008009f0005e7"], 0x70}}, 0x40) close_range(r2, r1, 0x0) umount2(&(0x7f0000000400)='./file0\x00', 0x0) 312.837227ms ago: executing program 3 (id=466): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', 0x0}) r2 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="440000001100a7cc4affeeaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002"], 0x44}, 0x1, 0x0, 0x0, 0x14040050}, 0x0) 247.935015ms ago: executing program 0 (id=467): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'vxcan0\x00', 0x0}) r3 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r3, &(0x7f0000000080)={0x1d, r2, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18) sendmsg$can_j1939(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r1, 0x4000000000000000}, 0x18, &(0x7f0000000180)={&(0x7f00000003c0)}, 0x1, 0x0, 0x0, 0x280c0}, 0x408aa) 231.397473ms ago: executing program 3 (id=468): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="300000001a000100005704e8000000000a8000000001ff"], 0x30}}, 0x0) 207.261122ms ago: executing program 1 (id=469): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x8, 0xf, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000fdffffff000000000600180018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000208500000083000000bf0900000000000055090100000000007b00000000000000bf91000000000000b70200000200000085000000840000005f0000000000000095"], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x100b, &(0x7f0000001e40)=""/4107, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000, @void, @value}, 0x94) 132.035617ms ago: executing program 0 (id=470): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0xffd9}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) 63.094678ms ago: executing program 3 (id=471): memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000001900010000000000000000008020000000110005000000001000"], 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0) 20.437447ms ago: executing program 3 (id=472): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r2) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, 0x0, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0) close(r4) socket(0x400000000010, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"}) close(0xffffffffffffffff) ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000100)) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) ioctl$SIOCSIFHWADDR(r5, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random='\x00\a\x00\x00\v\x00'}) socket$nl_route(0x10, 0x3, 0x0) 0s ago: executing program 1 (id=473): mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4}) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280}) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) ioctl$UFFDIO_WRITEPROTECT(r1, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x2}) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.25' (ED25519) to the list of known hosts. [ 36.017167][ T6481] cgroup: Unknown subsys name 'net' [ 36.268390][ T6481] cgroup: Unknown subsys name 'cpuset' [ 36.271937][ T6481] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 36.653233][ T6481] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 38.082730][ T6493] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.095985][ T6493] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.099132][ T6493] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.102008][ T6493] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.106040][ T6493] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.123034][ T6493] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 38.125778][ T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 38.128490][ T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 38.150293][ T6493] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 38.152988][ T6493] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 38.155691][ T6497] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 38.160594][ T6497] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 38.161165][ T6497] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 38.161776][ T6497] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 38.162226][ T6497] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 38.210392][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 38.212580][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 38.215388][ T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 38.218963][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 38.219433][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 38.251248][ T55] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 38.253512][ T55] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 38.261042][ T55] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 38.263840][ T55] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 38.266698][ T55] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 38.600510][ T6498] chnl_net:caif_netlink_parms(): no params data found [ 38.607731][ T6501] chnl_net:caif_netlink_parms(): no params data found [ 38.618074][ T6495] chnl_net:caif_netlink_parms(): no params data found [ 38.622638][ T6492] chnl_net:caif_netlink_parms(): no params data found [ 38.795084][ T6501] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.797474][ T6501] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.799680][ T6501] bridge_slave_0: entered allmulticast mode [ 38.803183][ T6501] bridge_slave_0: entered promiscuous mode [ 38.807823][ T6501] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.810151][ T6501] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.812571][ T6501] bridge_slave_1: entered allmulticast mode [ 38.814920][ T6501] bridge_slave_1: entered promiscuous mode [ 38.899532][ T6506] chnl_net:caif_netlink_parms(): no params data found [ 38.904547][ T6498] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.906097][ T6498] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.906248][ T6498] bridge_slave_0: entered allmulticast mode [ 38.907049][ T6498] bridge_slave_0: entered promiscuous mode [ 38.911903][ T6492] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.911987][ T6492] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.912101][ T6492] bridge_slave_0: entered allmulticast mode [ 38.913611][ T6492] bridge_slave_0: entered promiscuous mode [ 38.914974][ T6492] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.915019][ T6492] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.915126][ T6492] bridge_slave_1: entered allmulticast mode [ 38.916872][ T6492] bridge_slave_1: entered promiscuous mode [ 38.917351][ T6495] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.917393][ T6495] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.917487][ T6495] bridge_slave_0: entered allmulticast mode [ 38.918314][ T6495] bridge_slave_0: entered promiscuous mode [ 38.919708][ T6495] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.919753][ T6495] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.919874][ T6495] bridge_slave_1: entered allmulticast mode [ 38.920759][ T6495] bridge_slave_1: entered promiscuous mode [ 38.923289][ T6501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.925157][ T6501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.937460][ T6498] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.937547][ T6498] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.937665][ T6498] bridge_slave_1: entered allmulticast mode [ 38.938486][ T6498] bridge_slave_1: entered promiscuous mode [ 38.993206][ T6498] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.002003][ T6495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.011095][ T6501] team0: Port device team_slave_0 added [ 39.026836][ T6498] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.041361][ T6492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.043312][ T6495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.051799][ T6501] team0: Port device team_slave_1 added [ 39.062549][ T6498] team0: Port device team_slave_0 added [ 39.063896][ T6492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.079460][ T6495] team0: Port device team_slave_0 added [ 39.086702][ T6501] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.086759][ T6501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.086787][ T6501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.088109][ T6501] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.088137][ T6501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.088178][ T6501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.114058][ T6498] team0: Port device team_slave_1 added [ 39.132690][ T6495] team0: Port device team_slave_1 added [ 39.155494][ T6492] team0: Port device team_slave_0 added [ 39.159403][ T6492] team0: Port device team_slave_1 added [ 39.189494][ T6498] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.189560][ T6498] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.189589][ T6498] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.190674][ T6498] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.190699][ T6498] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.190726][ T6498] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.224528][ T6501] hsr_slave_0: entered promiscuous mode [ 39.225221][ T6501] hsr_slave_1: entered promiscuous mode [ 39.234025][ T6506] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.234135][ T6506] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.234271][ T6506] bridge_slave_0: entered allmulticast mode [ 39.235150][ T6506] bridge_slave_0: entered promiscuous mode [ 39.240931][ T6506] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.240988][ T6506] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.241093][ T6506] bridge_slave_1: entered allmulticast mode [ 39.241882][ T6506] bridge_slave_1: entered promiscuous mode [ 39.249448][ T6492] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.249503][ T6492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.249833][ T6492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.251025][ T6492] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.251051][ T6492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.251078][ T6492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.254569][ T6495] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.254597][ T6495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.254625][ T6495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.304313][ T6495] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.304371][ T6495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.304399][ T6495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.308330][ T6498] hsr_slave_0: entered promiscuous mode [ 39.309631][ T6498] hsr_slave_1: entered promiscuous mode [ 39.309941][ T6498] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.310027][ T6498] Cannot create hsr debugfs directory [ 39.330451][ T6506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.357358][ T6506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.370663][ T6492] hsr_slave_0: entered promiscuous mode [ 39.371209][ T6492] hsr_slave_1: entered promiscuous mode [ 39.371533][ T6492] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.371562][ T6492] Cannot create hsr debugfs directory [ 39.401360][ T6506] team0: Port device team_slave_0 added [ 39.414163][ T6495] hsr_slave_0: entered promiscuous mode [ 39.416206][ T6495] hsr_slave_1: entered promiscuous mode [ 39.416598][ T6495] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.416638][ T6495] Cannot create hsr debugfs directory [ 39.443797][ T6506] team0: Port device team_slave_1 added [ 39.507077][ T6506] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.507139][ T6506] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.507195][ T6506] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.510169][ T6506] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.510198][ T6506] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.510226][ T6506] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.671563][ T6506] hsr_slave_0: entered promiscuous mode [ 39.672093][ T6506] hsr_slave_1: entered promiscuous mode [ 39.672415][ T6506] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.672444][ T6506] Cannot create hsr debugfs directory [ 39.717750][ T6501] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 39.722693][ T6501] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 39.730392][ T6501] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 39.741852][ T6501] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 39.790369][ T6498] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.802002][ T6498] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.812416][ T6498] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.824282][ T6498] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 39.843988][ T6495] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 39.848752][ T6495] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 39.856563][ T6495] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 39.861243][ T6495] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 39.899753][ T6492] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 39.904158][ T6492] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 39.922127][ T6492] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 39.926584][ T6492] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 39.963482][ T6501] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.988373][ T6501] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.996413][ T6506] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 40.002812][ T6506] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 40.019449][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.019592][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.020695][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.020742][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.039746][ T6506] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 40.043279][ T6506] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 40.078943][ T6495] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.089555][ T6501] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.097579][ T6498] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.130471][ T6498] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.133136][ T183] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.133244][ T183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.145427][ T6495] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.176245][ T55] Bluetooth: hci2: command tx timeout [ 40.176428][ T55] Bluetooth: hci0: command tx timeout [ 40.177597][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.177646][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.180777][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.180826][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.189928][ T6506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.217260][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.217337][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.229066][ T6501] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.235168][ T6506] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.250350][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.250438][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.256018][ T6497] Bluetooth: hci3: command tx timeout [ 40.256197][ T6497] Bluetooth: hci1: command tx timeout [ 40.267410][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.267494][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.278417][ T6498] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.323097][ T6501] veth0_vlan: entered promiscuous mode [ 40.331669][ T6506] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 40.334965][ T6506] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.338957][ T55] Bluetooth: hci4: command tx timeout [ 40.355362][ T6501] veth1_vlan: entered promiscuous mode [ 40.401335][ T6501] veth0_macvtap: entered promiscuous mode [ 40.403287][ T6501] veth1_macvtap: entered promiscuous mode [ 40.421234][ T6492] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.459566][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.461500][ T6501] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.463118][ T6501] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.463198][ T6501] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.463238][ T6501] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.463268][ T6501] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.515285][ T6506] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.533713][ T6492] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.562421][ T6498] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.567228][ T183] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.567303][ T183] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.584422][ T183] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.584494][ T183] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.590603][ T6495] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.632439][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.632521][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.637544][ T6506] veth0_vlan: entered promiscuous mode [ 40.657892][ T183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.657951][ T183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.685170][ T6506] veth1_vlan: entered promiscuous mode [ 40.698309][ T6498] veth0_vlan: entered promiscuous mode [ 40.702939][ T6498] veth1_vlan: entered promiscuous mode [ 40.770932][ T6498] veth0_macvtap: entered promiscuous mode [ 40.773212][ T6498] veth1_macvtap: entered promiscuous mode [ 40.782754][ T6501] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 40.820204][ T6506] veth0_macvtap: entered promiscuous mode [ 40.824193][ T6498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.824263][ T6498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.824874][ T6498] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.827116][ T6506] veth1_macvtap: entered promiscuous mode [ 40.832442][ T6506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.832474][ T6506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.832494][ T6506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.832514][ T6506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.833158][ T6506] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.834498][ T6506] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.834527][ T6506] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.835046][ T6506] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.860163][ T6498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.863081][ T6498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.866112][ T6498] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.869051][ T6498] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.872471][ T6498] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.882635][ T6498] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.887000][ T6498] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.889536][ T6498] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.892052][ T6498] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.897231][ T6506] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.899835][ T6506] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.902299][ T6506] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.904695][ T6506] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.019404][ T6492] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.035218][ T6495] veth0_vlan: entered promiscuous mode [ 41.039089][ T6495] veth1_vlan: entered promiscuous mode [ 41.201431][ T280] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.204805][ T280] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.794520][ T6495] veth0_macvtap: entered promiscuous mode [ 41.836884][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.836951][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.874037][ T6495] veth1_macvtap: entered promiscuous mode [ 41.890063][ T358] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.890119][ T358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.898898][ T6492] veth0_vlan: entered promiscuous mode [ 41.901963][ T6492] veth1_vlan: entered promiscuous mode [ 41.915274][ T6492] veth0_macvtap: entered promiscuous mode [ 41.919086][ T6492] veth1_macvtap: entered promiscuous mode [ 41.926916][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.929806][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.932485][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.935344][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.938530][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 41.941353][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.945485][ T6492] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 41.952352][ T761] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 41.952406][ T761] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 41.967705][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.970611][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.973759][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.976942][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.979763][ T6492] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 41.982653][ T6492] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 41.986359][ T6492] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 41.990105][ T6492] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.992563][ T6492] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.995037][ T6492] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.998062][ T6492] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.003319][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.012138][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.015148][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.018344][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.021068][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.023924][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.026680][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.029463][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.033302][ T6495] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.043932][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.047579][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.050369][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.053339][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.059905][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.059968][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.059996][ T6495] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.060017][ T6495] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.060696][ T6495] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.100607][ T6495] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.103177][ T6495] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.105926][ T6495] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.105959][ T6495] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.171603][ T6578] loop1: detected capacity change from 0 to 40427 [ 42.202672][ T6578] F2FS-fs (loop1): build fault injection attr: rate: 11, type: 0x3fffff [ 42.202789][ T6578] F2FS-fs (loop1): build fault injection attr: rate: 173, type: 0x3fffff [ 42.256418][ T55] Bluetooth: hci0: command tx timeout [ 42.256495][ T55] Bluetooth: hci2: command tx timeout [ 42.270790][ T6578] F2FS-fs (loop1): invalid crc value [ 42.270851][ T6578] F2FS-fs (loop1): Wrong cp_pack_start_sum: 1 [ 42.271973][ T6578] F2FS-fs (loop1): Failed to get valid F2FS checkpoint [ 42.298347][ T6581] loop0: detected capacity change from 0 to 4096 [ 42.301681][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.301739][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.310947][ T6581] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 42.335880][ T55] Bluetooth: hci3: command tx timeout [ 42.337584][ T6497] Bluetooth: hci1: command tx timeout [ 42.372077][ T6583] loop2: detected capacity change from 0 to 2048 [ 42.379428][ T761] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.379488][ T761] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.421560][ T6497] Bluetooth: hci4: command tx timeout [ 42.423162][ T6583] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 42.468254][ T125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.468314][ T125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.474463][ T6587] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 43.429064][ T6590] Zero length message leads to an empty skb [ 43.509389][ T183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 43.509452][ T183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 43.612267][ T6578] loop1: detected capacity change from 0 to 32768 [ 43.617438][ T6578] ======================================================= [ 43.617438][ T6578] WARNING: The mand mount option has been deprecated and [ 43.617438][ T6578] and is ignored by this kernel. Remove the mand [ 43.617438][ T6578] option from the mount to silence this warning. [ 43.617438][ T6578] ======================================================= [ 43.712219][ T6578] JBD2: Ignoring recovery information on journal [ 43.756966][ T6601] xt_hashlimit: size too large, truncated to 1048576 [ 43.774461][ T6578] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 43.846753][ T6578] OCFS2: ERROR (device loop1): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries [ 43.846826][ T6578] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 43.846902][ T6578] OCFS2: Returning error to the calling process. [ 43.846922][ T6578] (syz.1.6,6578,0):ocfs2_calc_xattr_init:638 ERROR: status = -117 [ 43.846961][ T6578] (syz.1.6,6578,0):ocfs2_mknod:334 ERROR: status = -117 [ 43.847131][ T6578] (syz.1.6,6578,0):ocfs2_mknod:502 ERROR: status = -117 [ 43.847193][ T6578] (syz.1.6,6578,0):ocfs2_mkdir:658 ERROR: status = -117 [ 43.852660][ T6604] syz.2.10 (6604) used obsolete PPPIOCDETACH ioctl [ 43.853717][ T6578] netlink: 'syz.1.6': attribute type 10 has an invalid length. [ 43.975717][ T6607] netlink: 'syz.1.6': attribute type 10 has an invalid length. [ 43.980546][ T6578] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.003855][ T6578] team0: Port device bond0 added [ 44.020873][ T6578] netlink: 'syz.1.6': attribute type 10 has an invalid length. [ 44.044860][ T6607] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.121759][ T6613] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 44.138259][ T6613] xt_socket: unknown flags 0x50 [ 44.366406][ T6497] Bluetooth: hci2: command tx timeout [ 44.366758][ T6497] Bluetooth: hci0: command tx timeout [ 44.416460][ T6497] Bluetooth: hci3: command tx timeout [ 44.429393][ T55] Bluetooth: hci1: command tx timeout [ 44.495701][ T55] Bluetooth: hci4: command tx timeout [ 44.772463][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11'. [ 44.832224][ T6578] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.858723][ T6608] loop4: detected capacity change from 0 to 32768 [ 44.881255][ T6617] vlan2: entered promiscuous mode [ 44.884875][ T6617] bridge0: entered promiscuous mode [ 44.899822][ T6608] [ 44.899822][ T6608] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 44.899822][ T6608] [ 45.020398][ T6495] [ 45.020398][ T6495] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 45.020398][ T6495] [ 45.024011][ T6495] [ 45.024011][ T6495] ... Log Wrap ... Log Wrap ... Log Wrap ... [ 45.024011][ T6495] [ 45.042753][ T6501] ocfs2: Unmounting device (7,1) on (node local) [ 45.124549][ T6627] loop2: detected capacity change from 0 to 512 [ 45.701599][ T6627] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #12: comm syz.2.15: corrupted in-inode xattr: bad e_name length [ 45.837166][ T6627] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.15: couldn't read orphan inode 12 (err -117) [ 45.892579][ T6627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.908289][ T6630] loop3: detected capacity change from 0 to 4096 [ 45.915824][ T6630] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 46.154666][ T6642] loop0: detected capacity change from 0 to 4096 [ 46.186250][ T6627] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15'. [ 46.193598][ T6642] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 46.221431][ T6627] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 46.416194][ T55] Bluetooth: hci0: command tx timeout [ 46.416279][ T55] Bluetooth: hci2: command tx timeout [ 46.496691][ T6497] Bluetooth: hci1: command tx timeout [ 46.498739][ T6497] Bluetooth: hci3: command tx timeout [ 46.578067][ T55] Bluetooth: hci4: command tx timeout [ 47.489235][ T6627] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.933115][ T6659] netlink: 8 bytes leftover after parsing attributes in process `syz.4.23'. [ 48.540745][ T6498] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.596080][ T6651] loop3: detected capacity change from 0 to 32768 [ 48.616603][ T6651] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 49.490822][ T6651] XFS (loop3): Ending clean mount [ 49.500186][ T6651] XFS (loop3): Quotacheck needed: Please wait. [ 49.506623][ T6685] netlink: 24 bytes leftover after parsing attributes in process `syz.0.28'. [ 49.522551][ T6651] XFS (loop3): Quotacheck: Done. [ 49.576921][ T6656] loop1: detected capacity change from 0 to 40427 [ 49.726846][ T6689] loop4: detected capacity change from 0 to 4096 [ 49.727987][ T6689] ntfs3: Unknown parameter 'it' [ 49.747124][ T6679] loop2: detected capacity change from 0 to 40427 [ 49.794099][ T6679] F2FS-fs (loop2): invalid crc value [ 49.815983][ T6679] F2FS-fs (loop2): Wrong journal entry on segno 1642397698 [ 49.831704][ T6679] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117) [ 50.433383][ T6492] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 50.581281][ T6709] loop2: detected capacity change from 0 to 32768 [ 50.610774][ T6713] cgroup: No subsys list or none specified [ 50.612077][ T6713] cgroup: No subsys list or none specified [ 50.646710][ T6709] syz.2.35: attempt to access beyond end of device [ 50.646710][ T6709] loop2: rw=2049, sector=2621792, nr_sectors = 8 limit=32768 [ 50.671184][ T6709] syz.2.35: attempt to access beyond end of device [ 50.671184][ T6709] loop2: rw=524288, sector=2621792, nr_sectors = 8 limit=32768 [ 50.671605][ T6709] syz.2.35: attempt to access beyond end of device [ 50.671605][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680264][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680264][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680401][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680401][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680474][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680474][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680546][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680546][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680641][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680641][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.680712][ T6709] syz.2.35: attempt to access beyond end of device [ 50.680712][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.681037][ T6709] syz.2.35: attempt to access beyond end of device [ 50.681037][ T6709] loop2: rw=0, sector=2621792, nr_sectors = 8 limit=32768 [ 50.960037][ T6728] loop1: detected capacity change from 0 to 256 [ 50.962912][ T101] blkno = 5002c, nblocks = 1 [ 50.963008][ T101] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map [ 50.963008][ T101] [ 50.972885][ T101] ERROR: (device loop2): remounting filesystem as read-only [ 50.987593][ T6728] tmpfs: Bad value for 'mpol' [ 50.990721][ T6728] tipc: Invalid UDP bearer configuration [ 50.990910][ T6728] tipc: Enabling of bearer rejected, failed to enable media [ 51.145843][ T6579] usb 1-1: new full-speed USB device number 2 using dummy_hcd [ 51.202239][ T6730] loop3: detected capacity change from 0 to 32768 [ 51.290632][ T6579] usb 1-1: device descriptor read/64, error -71 [ 51.336378][ T6745] loop2: detected capacity change from 0 to 1024 [ 51.381321][ T6730] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 51.409495][ T6730] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 51.409495][ T6730] allowing incompatible features above 0.0: (unknown version) [ 51.409748][ T6730] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 51.409826][ T6730] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.25: extent_flags [ 51.409826][ T6730] running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes [ 51.410176][ T6730] bcachefs (loop3): dropping and reconstructing all alloc info [ 51.434486][ T6730] bcachefs (loop3): accounting_read... done [ 51.449221][ T6730] bcachefs (loop3): alloc_read... done [ 51.449308][ T6730] bcachefs (loop3): snapshots_read... done [ 51.450510][ T6730] bcachefs (loop3): done starting filesystem [ 51.511780][ T13] hfsplus: b-tree write err: -5, ino 8 [ 51.535815][ T6579] usb 1-1: new full-speed USB device number 3 using dummy_hcd [ 51.557064][ T6747] loop2: detected capacity change from 0 to 8 [ 51.564400][ T6747] SQUASHFS error: zlib decompression failed, data probably corrupt [ 51.564521][ T6747] SQUASHFS error: Failed to read block 0x9b: -5 [ 51.564543][ T6747] SQUASHFS error: Unable to read metadata cache entry [99] [ 51.564564][ T6747] SQUASHFS error: Unable to read inode 0x127 [ 51.653186][ T6749] process 'syz.2.44' launched './file1' with NULL argv: empty string added [ 51.665628][ T6579] usb 1-1: device descriptor read/64, error -71 [ 51.775934][ T6579] usb usb1-port1: attempt power cycle [ 51.822318][ T6492] bcachefs (loop3): shutting down [ 52.007503][ T6492] bcachefs (loop3): shutdown complete [ 52.125793][ T6579] usb 1-1: new full-speed USB device number 4 using dummy_hcd [ 52.154376][ T6579] usb 1-1: device descriptor read/8, error -71 [ 52.487695][ T6579] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 52.672107][ T6579] usb 1-1: device descriptor read/8, error -71 [ 52.747945][ T6753] loop1: detected capacity change from 0 to 32768 [ 52.778765][ T6579] usb usb1-port1: unable to enumerate USB device [ 52.800754][ T6753] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 52.911545][ T6753] XFS (loop1): Ending clean mount [ 52.968675][ T6776] loop4: detected capacity change from 0 to 2048 [ 52.988628][ T6484] udevd[6484]: incorrect nilfs2 checksum on /dev/loop4 [ 53.053835][ T6501] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 53.329771][ T6785] netlink: 'syz.1.54': attribute type 2 has an invalid length. [ 53.332086][ T6785] netlink: 51 bytes leftover after parsing attributes in process `syz.1.54'. [ 53.338436][ T6785] netlink: 'syz.1.54': attribute type 2 has an invalid length. [ 53.340585][ T6785] netlink: 51 bytes leftover after parsing attributes in process `syz.1.54'. [ 53.379137][ T6789] loop2: detected capacity change from 0 to 2048 [ 53.384929][ T6789] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024) [ 53.420817][ T6792] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 53.964516][ T6800] FAULT_INJECTION: forcing a failure. [ 53.964516][ T6800] name failslab, interval 1, probability 0, space 0, times 1 [ 53.971256][ T6800] CPU: 1 UID: 0 PID: 6800 Comm: syz.0.58 Not tainted 6.15.0-rc6-syzkaller-gc919f08732cc #0 PREEMPT [ 53.971279][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 53.971287][ T6800] Call trace: [ 53.971291][ T6800] show_stack+0x2c/0x3c (C) [ 53.971308][ T6800] __dump_stack+0x30/0x40 [ 53.971320][ T6800] dump_stack_lvl+0xd8/0x12c [ 53.971330][ T6800] dump_stack+0x1c/0x28 [ 53.971340][ T6800] should_fail_ex+0x41c/0x594 [ 53.971353][ T6800] should_failslab+0xc0/0x128 [ 53.971367][ T6800] __kmalloc_noprof+0xf4/0x4c8 [ 53.971377][ T6800] tomoyo_realpath_from_path+0xc4/0x4d4 [ 53.971392][ T6800] tomoyo_path_number_perm+0x1a0/0x47c [ 53.971404][ T6800] tomoyo_file_ioctl+0x2c/0x3c [ 53.971416][ T6800] security_file_ioctl+0xe8/0x2f0 [ 53.971428][ T6800] __arm64_sys_ioctl+0xa8/0x1c4 [ 53.971442][ T6800] invoke_syscall+0x98/0x2b8 [ 53.971453][ T6800] el0_svc_common+0x130/0x23c [ 53.971464][ T6800] do_el0_svc+0x48/0x58 [ 53.971474][ T6800] el0_svc+0x58/0x17c [ 53.971488][ T6800] el0t_64_sync_handler+0x78/0x108 [ 53.971501][ T6800] el0t_64_sync+0x198/0x19c [ 53.971666][ T6800] ERROR: Out of memory at tomoyo_realpath_from_path. [ 54.139967][ T6807] loop4: detected capacity change from 0 to 64 [ 54.162906][ T6805] loop0: detected capacity change from 0 to 256 [ 54.163551][ T6805] exfat: Deprecated parameter 'utf8' [ 54.181376][ T6805] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 54.320756][ T6791] loop1: detected capacity change from 0 to 131072 [ 54.365157][ T6791] F2FS-fs (loop1): Insane cp_payload (83886080 >= 504) [ 54.365304][ T6791] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 54.377715][ T6791] F2FS-fs (loop1): invalid crc value [ 54.776565][ T6791] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 54.776767][ T6791] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 54.834398][ T6820] loop2: detected capacity change from 0 to 512 [ 54.837462][ T6820] ext4: Bad value for 'max_dir_size_kb' [ 55.260948][ T6824] loop2: detected capacity change from 0 to 256 [ 55.749755][ T6823] syz.0.64 uses obsolete (PF_INET,SOCK_PACKET) [ 55.953963][ T6803] loop3: detected capacity change from 0 to 32768 [ 56.086181][ T6816] loop4: detected capacity change from 0 to 32768 [ 56.086821][ T6816] XFS: attr2 mount option is deprecated. [ 56.104632][ T6803] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 56.126042][ T6816] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 56.128986][ T6816] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 56.140090][ T6803] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 56.140090][ T6803] allowing incompatible features above 0.0: (unknown version) [ 56.140199][ T6803] bcachefs (loop3): initializing new filesystem [ 56.140846][ T6803] bcachefs (loop3): going read-write [ 56.192712][ T6816] XFS (loop4): Ending clean mount [ 56.197214][ T6816] XFS (loop4): Quotacheck needed: Please wait. [ 56.227868][ T6816] XFS (loop4): Quotacheck: Done. [ 56.377189][ T6843] loop0: detected capacity change from 0 to 2048 [ 56.389496][ T6843] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 56.390692][ T6843] UDF-fs: error (device loop0): udf_read_inode: (ino 1376) failed !bh [ 56.390852][ T6843] UDF-fs: error (device loop0): udf_fill_super: Error in udf_iget, block=64, partition=0 [ 56.419467][ T6803] bcachefs (loop3): marking superblocks [ 56.428471][ T6826] loop2: detected capacity change from 0 to 32768 [ 56.457171][ T6826] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.66 (6826) [ 56.473195][ T6803] bcachefs (loop3): initializing freespace [ 56.504546][ T6826] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 56.504754][ T6826] BTRFS info (device loop2): using crc32c (crc32c-arm64) checksum algorithm [ 56.504793][ T6826] BTRFS info (device loop2): using free-space-tree [ 56.537287][ T6803] bcachefs (loop3): done initializing freespace [ 56.543233][ T6803] bcachefs (loop3): reading snapshots table [ 56.543345][ T6803] bcachefs (loop3): reading snapshots done [ 56.592683][ T6803] bcachefs (loop3): done starting filesystem [ 56.623575][ T6495] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 57.487690][ T6880] loop0: detected capacity change from 0 to 1024 [ 57.536484][ T6880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 57.552658][ T6492] bcachefs (loop3): shutting down [ 57.554691][ T6492] bcachefs (loop3): going read-only [ 57.568431][ T6880] EXT4-fs (loop0): shut down requested (2) [ 57.580247][ T6880] overlay: Unknown parameter 'fined' [ 57.594758][ T6492] bcachefs (loop3): finished waiting for writes to stop [ 57.658385][ T6492] bcachefs (loop3): flushing journal and stopping allocators, journal seq 5 [ 57.661694][ T6506] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.773250][ T6498] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 57.792685][ T6893] netlink: 8 bytes leftover after parsing attributes in process `syz.0.75'. [ 57.795826][ T6492] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 5 [ 57.798861][ T6492] bcachefs (loop3): clean shutdown complete, journal seq 6 [ 57.852423][ T6492] bcachefs (loop3): marking filesystem clean [ 57.858810][ T6889] loop4: detected capacity change from 0 to 4096 [ 57.880510][ T6889] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 57.942890][ T6885] loop1: detected capacity change from 0 to 32768 [ 57.948810][ T6885] btrfs: Deprecated parameter 'usebackuproot' [ 57.950739][ T6885] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead [ 57.960476][ T6885] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.73 (6885) [ 57.978244][ T6885] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 57.978394][ T6885] BTRFS info (device loop1): using crc32c (crc32c-arm64) checksum algorithm [ 57.978449][ T6885] BTRFS info (device loop1): disk space caching is enabled [ 57.978480][ T6885] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 57.990162][ T6492] bcachefs (loop3): shutdown complete [ 58.132126][ T314] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0 [ 58.136309][ T6885] BTRFS error (device loop1): failed to load root extent [ 58.136389][ T6885] BTRFS warning (device loop1): try to load backup roots slot 1 [ 58.140759][ T314] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0 [ 58.145095][ T6885] BTRFS warning (device loop1): couldn't read tree root [ 58.145154][ T6885] BTRFS warning (device loop1): try to load backup roots slot 2 [ 58.153115][ T125] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1 [ 58.164640][ T6885] BTRFS warning (device loop1): couldn't read tree root [ 58.164723][ T6885] BTRFS warning (device loop1): try to load backup roots slot 3 [ 58.185246][ T6885] BTRFS info (device loop1): rebuilding free space tree [ 58.679323][ T6885] BTRFS info (device loop1): disabling free space tree [ 58.679421][ T6885] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 58.679532][ T6885] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 58.879709][ T6920] warning: `syz.4.78' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 58.950796][ T6923] loop0: detected capacity change from 0 to 128 [ 59.011888][ T6501] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 59.024439][ T6924] capability: warning: `syz.2.76' uses deprecated v2 capabilities in a way that may be insecure [ 60.527972][ T6928] loop4: detected capacity change from 0 to 32768 [ 60.528586][ T6928] XFS: attr2 mount option is deprecated. [ 60.562050][ T6928] XFS (loop4): DAX unsupported by block device. Turning off DAX. [ 60.572247][ T6960] loop2: detected capacity change from 0 to 512 [ 60.577938][ T6928] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 60.658439][ T6928] XFS (loop4): Ending clean mount [ 60.679561][ T6928] XFS (loop4): Quotacheck needed: Please wait. [ 60.731946][ T6928] XFS (loop4): Quotacheck: Done. [ 60.764748][ T6954] loop1: detected capacity change from 0 to 32768 [ 60.781013][ T6960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 60.797369][ T6954] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 60.804430][ T6960] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.86: corrupted xattr block 33: invalid ea_ino [ 60.810788][ T6960] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.86: corrupted xattr block 33: invalid ea_ino [ 60.814779][ T6960] EXT4-fs error (device loop2): ext4_xattr_block_get:593: inode #15: comm syz.2.86: corrupted xattr block 33: invalid ea_ino [ 60.842686][ T6954] XFS (loop1): Ending clean mount [ 60.881263][ T6501] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 60.965459][ T6947] loop0: detected capacity change from 0 to 32768 [ 60.983829][ T6498] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 60.988285][ T6947] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section replicas_v0: no devices in entry (unknown data_type 16): 1/0 [] [ 60.988285][ T6947] replicas_v0 (size 24): [ 60.988285][ T6947] btree: 1 [0] journal: 1 [0] user: 1 [0] (unknown data_type 16): 0 [] [ 60.988285][ T6947] [ 61.008390][ T6947] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry [ 61.029638][ T6975] loop1: detected capacity change from 0 to 4096 [ 61.041249][ T6495] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 61.076224][ T6975] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 61.363176][ T6983] loop4: detected capacity change from 0 to 512 [ 61.641512][ T6983] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.90: bad orphan inode 7 [ 61.858279][ T6983] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 61.945235][ T6983] EXT4-fs error (device loop4): htree_dirblock_to_tree:1082: inode #2: block 13: comm syz.4.90: bad entry in directory: rec_len % 4 != 0 - offset=60, inode=15, rec_len=199, size=1024 fake=0 [ 62.078241][ T6495] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.270556][ T7004] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 62.420823][ T7000] loop4: detected capacity change from 0 to 4096 [ 62.454398][ T7008] openvswitch: netlink: IP tunnel dst address not specified [ 62.485408][ T6984] loop0: detected capacity change from 0 to 32768 [ 62.489367][ T6984] XFS (loop0): Invalid device [./file2], error=-15 [ 62.510271][ T7000] EXT4-fs: Ignoring removed nomblk_io_submit option [ 62.524182][ T7000] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 62.524298][ T7000] EXT4-fs (loop4): Test dummy encryption mode enabled [ 62.545564][ T7000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 62.557423][ T7000] EXT4-fs: Ignoring removed nomblk_io_submit option [ 62.559623][ T7000] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 62.600332][ T7000] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 62.606791][ T7000] EXT4-fs error (device loop4): ext4_lookup:1789: inode #15: comm syz.4.96: iget: bad extra_isize 3360 (inode size 256) [ 62.655040][ T6495] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 62.757696][ T7011] loop3: detected capacity change from 0 to 8192 [ 62.771959][ T7011] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 63.648894][ T7021] loop4: detected capacity change from 0 to 4096 [ 63.655210][ T7021] ntfs3: Unknown parameter '0x0000000000000000' [ 63.716183][ T7001] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 63.716385][ T7001] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 63.754827][ T7014] loop1: detected capacity change from 0 to 32768 [ 63.761088][ T7014] XFS: attr2 mount option is deprecated. [ 63.764983][ T7021] netdevsim netdevsim4 netdevsim0: entered promiscuous mode [ 63.802515][ T7001] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 63.813415][ T7001] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 63.818518][ T7001] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 63.827084][ T7001] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 63.838560][ T7001] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 63.838671][ T7001] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 63.839568][ T7027] loop0: detected capacity change from 0 to 256 [ 63.862548][ T7014] XFS (loop1): DAX unsupported by block device. Turning off DAX. [ 63.865399][ T7001] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 63.869733][ T7014] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 63.871534][ T7027] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 63.884430][ T7001] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 63.884501][ T7001] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 63.885679][ T7027] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff) [ 63.929740][ T7001] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 63.934627][ T7014] XFS (loop1): Ending clean mount [ 63.939780][ T7014] XFS (loop1): Quotacheck needed: Please wait. [ 63.950206][ T7001] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 63.958921][ T7001] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 63.969582][ T7032] loop4: detected capacity change from 0 to 4096 [ 63.985417][ T7014] XFS (loop1): Quotacheck: Done. [ 63.991191][ T7032] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512). [ 64.004610][ T7001] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 64.261915][ T7043] loop2: detected capacity change from 0 to 1024 [ 64.262573][ T7043] EXT4-fs: Ignoring removed mblk_io_submit option [ 64.575924][ T55] Bluetooth: hci0: command 0x0c1a tx timeout [ 64.783420][ T7043] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=2040c018, mo2=0002] [ 64.783532][ T7043] System zones: 0-1, 3-12 [ 64.784671][ T7043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.821742][ T6501] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 64.838606][ T7041] EXT4-fs (loop2): Online resizing not supported with bigalloc [ 64.845226][ T7048] trusted_key: syz.0.106 sent an empty control message without MSG_MORE. [ 64.898503][ T2397] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.898686][ T2397] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.975469][ T6498] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.585938][ T7080] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.638915][ T125] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.687998][ T7085] loop2: detected capacity change from 0 to 512 [ 65.690423][ T7085] EXT4-fs: Ignoring removed nomblk_io_submit option [ 65.694810][ T7085] EXT4-fs: Ignoring removed nobh option [ 65.697121][ T7085] EXT4-fs: Ignoring removed nobh option [ 65.705682][ T7085] EXT4-fs: journaled quota format not specified [ 65.858908][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 65.859000][ T55] Bluetooth: hci1: command 0x0c1a tx timeout [ 65.935763][ T6497] Bluetooth: hci3: command 0x0c1a tx timeout [ 66.017921][ T6497] Bluetooth: hci4: command 0x0c1a tx timeout [ 66.022992][ T7099] loop3: detected capacity change from 0 to 256 [ 66.026107][ T7099] exfat: Deprecated parameter 'utf8' [ 66.050295][ T7099] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d) [ 66.237141][ T7096] binder: 7082:7096 BC_ACQUIRE_DONE u0000000000000002 node 3 cookie mismatch 00000000000000fc != 0000000000000000 [ 66.244072][ T7087] loop1: detected capacity change from 0 to 256 [ 66.675675][ T6497] Bluetooth: hci0: command 0x0c1a tx timeout [ 67.023077][ T7087] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d) [ 67.075823][ T7084] befs: Unknown parameter 'umask' [ 67.170648][ T7095] loop2: detected capacity change from 0 to 32768 [ 67.176259][ T7095] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.119 (7095) [ 67.202254][ T7095] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 67.202363][ T7095] BTRFS info (device loop2): using crc32c (crc32c-arm64) checksum algorithm [ 67.202400][ T7095] BTRFS info (device loop2): using free-space-tree [ 67.251345][ T7134] loop0: detected capacity change from 0 to 512 [ 67.327888][ T7134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 67.390303][ T6506] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.872978][ T7170] netlink: 'syz.1.136': attribute type 1 has an invalid length. [ 67.873115][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.136'. [ 67.937228][ T6497] Bluetooth: hci1: command 0x0c1a tx timeout [ 67.937963][ T55] Bluetooth: hci2: command 0x0c1a tx timeout [ 68.015626][ T6497] Bluetooth: hci3: command 0x0c1a tx timeout [ 68.038422][ T7167] loop0: detected capacity change from 0 to 40427 [ 68.044262][ T7167] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3fffff [ 68.046831][ T7167] F2FS-fs (loop0): Image doesn't support compression [ 68.048789][ T7167] F2FS-fs (loop0): Image doesn't support compression [ 68.071725][ T7167] F2FS-fs (loop0): invalid crc value [ 68.095775][ T6497] Bluetooth: hci4: command 0x0c1a tx timeout [ 68.190504][ T7167] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 68.231938][ T7166] bio_check_eod: 867 callbacks suppressed [ 68.232022][ T7166] syz.0.135: attempt to access beyond end of device [ 68.232022][ T7166] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 68.503932][ T6498] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 68.588475][ T7187] loop1: detected capacity change from 0 to 2048 [ 68.614491][ T7187] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 68.614864][ T7187] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 68.614890][ T7187] UDF-fs: Scanning with blocksize 512 failed [ 68.661309][ T7187] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 68.703705][ T7187] udf: Unexpected value for 'utf8' [ 68.746052][ T6497] Bluetooth: hci0: command 0x0c1a tx timeout [ 68.787816][ T7167] syz.0.135: attempt to access beyond end of device [ 68.787816][ T7167] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 68.805197][ T6506] F2FS-fs (loop0): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x918/0x15c0 [ 68.815922][ T6506] F2FS-fs (loop0): inconsistent node block, node_type:0, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0] [ 68.858384][ T6506] syz-executor: attempt to access beyond end of device [ 68.858384][ T6506] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 68.859198][ T6506] CPU: 0 UID: 0 PID: 6506 Comm: syz-executor Not tainted 6.15.0-rc6-syzkaller-gc919f08732cc #0 PREEMPT [ 68.859220][ T6506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 68.859228][ T6506] Call trace: [ 68.859232][ T6506] show_stack+0x2c/0x3c (C) [ 68.859250][ T6506] __dump_stack+0x30/0x40 [ 68.859262][ T6506] dump_stack_lvl+0xd8/0x12c [ 68.859272][ T6506] dump_stack+0x1c/0x28 [ 68.859282][ T6506] f2fs_handle_critical_error+0x34c/0x4b8 [ 68.859298][ T6506] f2fs_stop_checkpoint+0x58/0x6c [ 68.859310][ T6506] f2fs_write_end_io+0x794/0xadc [ 68.859325][ T6506] bio_endio+0x81c/0x858 [ 68.859338][ T6506] submit_bio_noacct+0x158/0x176c [ 68.859350][ T6506] submit_bio+0x354/0x4d4 [ 68.859360][ T6506] f2fs_submit_write_bio+0x13c/0x324 [ 68.859381][ T6506] __submit_merged_bio+0x254/0x704 [ 68.859395][ T6506] __submit_merged_write_cond+0x380/0x4ac [ 68.859408][ T6506] f2fs_submit_merged_write+0x38/0x48 [ 68.859421][ T6506] f2fs_sync_node_pages+0x1734/0x18e8 [ 68.859433][ T6506] f2fs_write_checkpoint+0xac8/0x1694 [ 68.859445][ T6506] kill_f2fs_super+0x21c/0x584 [ 68.859459][ T6506] deactivate_locked_super+0xc4/0x12c [ 68.859472][ T6506] deactivate_super+0xe0/0x100 [ 68.859483][ T6506] cleanup_mnt+0x31c/0x3ac [ 68.859495][ T6506] __cleanup_mnt+0x20/0x30 [ 68.859507][ T6506] task_work_run+0x1dc/0x260 [ 68.859520][ T6506] do_notify_resume+0x16c/0x1ec [ 68.859533][ T6506] el0_svc+0xb4/0x17c [ 68.859547][ T6506] el0t_64_sync_handler+0x78/0x108 [ 68.859560][ T6506] el0t_64_sync+0x198/0x19c [ 68.862536][ T6506] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 68.862816][ T6506] CPU: 0 UID: 0 PID: 6506 Comm: syz-executor Not tainted 6.15.0-rc6-syzkaller-gc919f08732cc #0 PREEMPT [ 68.862831][ T6506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 68.862838][ T6506] Call trace: [ 68.862842][ T6506] show_stack+0x2c/0x3c (C) [ 68.862857][ T6506] __dump_stack+0x30/0x40 [ 68.862868][ T6506] dump_stack_lvl+0xd8/0x12c [ 68.862878][ T6506] dump_stack+0x1c/0x28 [ 68.862888][ T6506] f2fs_handle_critical_error+0x34c/0x4b8 [ 68.862903][ T6506] f2fs_stop_checkpoint+0x58/0x6c [ 68.862915][ T6506] f2fs_write_end_io+0x794/0xadc [ 68.862929][ T6506] bio_endio+0x81c/0x858 [ 68.862942][ T6506] submit_bio_noacct+0x158/0x176c [ 68.862954][ T6506] submit_bio+0x354/0x4d4 [ 68.862964][ T6506] f2fs_submit_write_bio+0x13c/0x324 [ 68.862977][ T6506] __submit_merged_bio+0x254/0x704 [ 68.862990][ T6506] __submit_merged_write_cond+0x380/0x4ac [ 68.863003][ T6506] f2fs_submit_merged_write+0x38/0x48 [ 68.863016][ T6506] f2fs_sync_node_pages+0x1734/0x18e8 [ 68.863028][ T6506] f2fs_write_checkpoint+0xac8/0x1694 [ 68.863040][ T6506] kill_f2fs_super+0x21c/0x584 [ 68.863053][ T6506] deactivate_locked_super+0xc4/0x12c [ 68.863066][ T6506] deactivate_super+0xe0/0x100 [ 68.863077][ T6506] cleanup_mnt+0x31c/0x3ac [ 68.863089][ T6506] __cleanup_mnt+0x20/0x30 [ 68.863101][ T6506] task_work_run+0x1dc/0x260 [ 68.863113][ T6506] do_notify_resume+0x16c/0x1ec [ 68.863125][ T6506] el0_svc+0xb4/0x17c [ 68.863140][ T6506] el0t_64_sync_handler+0x78/0x108 [ 68.863164][ T6506] el0t_64_sync+0x198/0x19c [ 68.863178][ T6506] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 70.108055][ T6497] Bluetooth: hci2: command 0x0c1a tx timeout [ 70.108153][ T6497] Bluetooth: hci1: command 0x0c1a tx timeout [ 70.108212][ T6497] Bluetooth: hci3: command 0x0c1a tx timeout [ 70.216584][ T7206] loop4: detected capacity change from 0 to 32768 [ 70.229339][ T55] Bluetooth: hci4: command 0x0c1a tx timeout [ 70.256485][ T1807] cfg80211: failed to load regulatory.db [ 70.320034][ T7206] ocfs2: Slot 0 on device (7,4) was already allocated to this node! [ 71.056956][ T7206] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 71.347299][ T6495] ocfs2: Unmounting device (7,4) on (node local) [ 71.390003][ T55] Bluetooth: hci1: ACL packet for unknown connection handle 201 [ 71.402272][ T7228] loop3: detected capacity change from 0 to 1024 [ 71.446936][ T7228] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 71.466398][ T7228] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 71.468979][ T7228] EXT4-fs (loop3): orphan cleanup on readonly fs [ 71.471274][ T7228] EXT4-fs error (device loop3): ext4_ext_check_inode:524: inode #3: comm syz.3.152: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0) [ 71.481059][ T7228] EXT4-fs error (device loop3): ext4_quota_enable:7129: comm syz.3.152: Bad quota inode: 3, type: 0 [ 71.484683][ T7228] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 71.491205][ T7225] loop1: detected capacity change from 0 to 4096 [ 71.493236][ T7225] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 71.515748][ T7228] EXT4-fs (loop3): Cannot turn on quotas: error -117 [ 71.516647][ T7228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 71.554171][ T7228] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz.3.152: deleted inode referenced: 15 [ 71.560335][ T7228] EXT4-fs error (device loop3): ext4_lookup:1793: inode #2: comm syz.3.152: deleted inode referenced: 15 [ 71.727741][ T6492] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.304858][ T7236] loop0: detected capacity change from 0 to 4096 [ 72.471796][ T7236] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512). [ 74.291488][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.292947][ T7231] loop4: detected capacity change from 0 to 32768 [ 74.296040][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.298636][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.343454][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.343528][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.343560][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.343837][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.343862][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.343886][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.344139][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.344176][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.344210][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.344452][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.344476][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.160'. [ 74.344499][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.344732][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.344971][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.345230][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.345483][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.373867][ T7254] netlink: 'syz.3.160': attribute type 12 has an invalid length. [ 74.479939][ T7250] block nbd3: shutting down sockets [ 74.527346][ T7231] workqueue: Failed to create a rescuer kthread for wq "bcachefs": -EINTR [ 74.527486][ T7231] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 75.267815][ T7231] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc [ 75.455025][ T7246] loop1: detected capacity change from 0 to 32768 [ 75.480159][ T7246] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.156 (7246) [ 75.491185][ T7246] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 75.491297][ T7246] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm [ 75.491337][ T7246] BTRFS info (device loop1): using free-space-tree [ 75.610135][ T7246] BTRFS info (device loop1): rebuilding free space tree [ 75.803586][ T7252] loop2: detected capacity change from 0 to 32768 [ 76.817842][ T7252] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.158 (7252) [ 76.858233][ T7252] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 76.858340][ T7252] BTRFS info (device loop2): using crc32c (crc32c-arm64) checksum algorithm [ 76.858396][ T7252] BTRFS info (device loop2): using free-space-tree [ 77.151301][ T6501] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 78.079209][ T7330] loop3: detected capacity change from 0 to 4096 [ 78.105904][ T7330] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 78.991012][ T6498] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 79.003427][ T7332] loop1: detected capacity change from 0 to 32768 [ 79.079628][ T7332] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode. [ 79.231764][ T7347] loop4: detected capacity change from 0 to 32768 [ 79.247924][ T7359] syzkaller1: entered promiscuous mode [ 79.247993][ T7359] syzkaller1: entered allmulticast mode [ 79.258375][ T7347] (syz.4.177,7347,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 79.264461][ T7347] (syz.4.177,7347,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 79.304423][ T7347] JBD2: Ignoring recovery information on journal [ 79.340936][ T55] Bluetooth: hci0: unexpected event for opcode 0x200c [ 79.341210][ T55] Bluetooth: hci0: unexpected event for opcode 0x200c [ 79.348055][ T7347] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 79.396490][ T6501] ocfs2: Unmounting device (7,1) on (node local) [ 81.597821][ T6495] ocfs2: Unmounting device (7,4) on (node local) [ 81.897026][ T7392] __nla_validate_parse: 58 callbacks suppressed [ 81.900591][ T7392] netlink: 119 bytes leftover after parsing attributes in process `syz.1.187'. [ 81.952948][ T55] Bluetooth: hci3: unexpected event for opcode 0x200a [ 83.017041][ T7405] loop1: detected capacity change from 0 to 4096 [ 83.030407][ T7405] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 83.033643][ T7403] loop3: detected capacity change from 0 to 4096 [ 83.065711][ T7403] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 83.076467][ T7405] ntfs3(loop1): ino=19, mi_enum_attr [ 83.076549][ T7405] ntfs3(loop1): Mark volume as dirty due to NTFS errors [ 83.705250][ T7410] loop1: detected capacity change from 0 to 4096 [ 83.760892][ T7410] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512). [ 83.844424][ T7397] loop0: detected capacity change from 0 to 32768 [ 83.869383][ T7397] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 83.939721][ T7399] loop4: detected capacity change from 0 to 32768 [ 83.945440][ T7399] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.189 (7399) [ 84.138380][ T7397] XFS (loop0): Ending clean mount [ 84.140602][ T7399] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 84.143455][ T7399] BTRFS info (device loop4): using crc32c (crc32c-arm64) checksum algorithm [ 84.146820][ T7399] BTRFS info (device loop4): using free-space-tree [ 85.108365][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR [ 85.110326][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR [ 85.114083][ T7397] XFS (loop0): Quotacheck needed: Please wait. [ 85.121261][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR [ 85.122218][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR [ 85.126540][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR [ 85.129904][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR [ 85.132807][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR [ 85.137620][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR [ 85.141042][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR [ 85.144139][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR [ 85.149288][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR [ 85.152933][ T7399] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR [ 85.659679][ T7397] XFS (loop0): Quotacheck: Done. [ 85.724870][ T6506] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 85.787742][ T7399] BTRFS error (device loop4): open_ctree failed: -12 [ 85.892978][ T7447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.195'. [ 86.047126][ T7442] netlink: 8 bytes leftover after parsing attributes in process `syz.3.196'. [ 86.047825][ T7442] netlink: 4 bytes leftover after parsing attributes in process `syz.3.196'. [ 86.882684][ T7469] loop3: detected capacity change from 0 to 256 [ 86.883273][ T7469] exfat: Deprecated parameter 'utf8' [ 86.975613][ T7469] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d) [ 87.559990][ T7456] loop0: detected capacity change from 0 to 32768 [ 87.570257][ T7465] loop1: detected capacity change from 0 to 32768 [ 87.622199][ T7465] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 87.645277][ T7456] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0 [ 87.703202][ T7456] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,journal_reclaim_delay=0,fsck,recovery_pass_last=set_may_go_rw,read_only,no_data_io [ 87.703202][ T7456] allowing incompatible features above 0.0: (unknown version) [ 87.703366][ T7456] bcachefs (loop0): recovering from clean shutdown, journal seq 10 [ 87.725703][ T7456] bcachefs (loop0): Version upgrade required: [ 87.725703][ T7456] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 87.725703][ T7456] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags [ 87.725703][ T7456] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 87.728191][ T7456] bcachefs (loop0): bcachefs (loop0): error validating btree node on loop0 at btree extents level 0/0 [ 87.728221][ T7456] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 26 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 87.728234][ T7456] node offset 16/26: btree node data missing: expected 26 sectors, found 16, fixing [ 87.728715][ T7456] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error [ 87.728715][ T7456] btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 26 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0 [ 87.730010][ T7456] bcachefs (loop0): invalid bkey in btree_node btree=inodes level=0: u64s 18 type inode_v3 0:536870914:U32_MAX len 0 ver 0: [ 87.730027][ T7456] mode=100755 [ 87.730036][ T7456] flags=(15300000) [ 87.730045][ T7456] journal_seq=4 [ 87.730054][ T7456] hash_seed=d483206f1ed95abf [ 87.730063][ T7456] hash_type=siphash [ 87.730072][ T7456] bi_size=100 [ 87.730081][ T7456] bi_sectors=8 [ 87.730089][ T7456] bi_version=1126999418470400 [ 87.730099][ T7456] bi_atime=0 [ 87.730107][ T7456] bi_ctime=0 [ 87.730116][ T7456] bi_mtime=0 [ 87.730125][ T7456] bi_otime=2780562352 [ 87.730134][ T7456] bi_uid=2780562352 [ 87.730143][ T7456] bi_gid=0 [ 87.730163][ T7456] bi_nlink=2780562352 [ 87.730173][ T7456] bi_generation=0 [ 87.730182][ T7456] bi_dev=16 [ 87.730190][ T7456] bi_data_checksum=18 [ 87.730199][ T7456] bi_compression=0 [ 87.730208][ T7456] bi_project=0 [ 87.730217][ T7456] bi_background_compression=0 [ 87.730226][ T7456] bi_data_replicas=0 [ 87.730235][ T7456] bi_promote_target=0 [ 87.730244][ T7456] bi_foreground_target=0 [ 87.730253][ T7456] bi_background_target=0 [ 87.730262][ T7456] bi_erasure_code=0 [ 87.730271][ T7456] bi_fields_set=0 [ 87.730280][ T7456] bi_dir=0 [ 87.730289][ T7456] bi_dir_offset=0 [ 87.730298][ T7456] bi_subvol=0 [ 87.730306][ T7456] bi_parent_subvol=0 [ 87.730315][ T7456] bi_nocow=0 [ 87.730330][ T7456] bi_depth=0 [ 87.730339][ T7456] bi_inodes_32bit=0 [ 87.730348][ T7456] bi_casefold=0 [ 87.730357][ T7456] invalid data checksum type (18 >= 5, deleting [ 87.733986][ T7456] bcachefs (loop0): bcachefs (loop0): error validating btree node at btree alloc level 0/0 [ 87.734003][ T7456] u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 87.734015][ T7456] node offset 8/24 bset u64s 375 bset byte offset 184: keys out of order: u64s 11 type alloc_v4 0:32:0 len 0 ver 0 > u64s 11 type alloc_v4 0:2:0 len 0 ver 0, fixing [ 87.734302][ T7456] bcachefs (loop0): btree_node_read_work: rewriting btree node at due to error [ 87.734302][ T7456] btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0 [ 87.740342][ T7465] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51. [ 87.744135][ T7456] bcachefs (loop0): accounting_read... done [ 87.917908][ T7456] bcachefs (loop0): alloc_read... done [ 87.918039][ T7456] bcachefs (loop0): snapshots_read... done [ 87.918111][ T7456] bcachefs (loop0): check_allocations... [ 87.932477][ T7456] bcachefs (loop0): bucket 0:26 data type btree ptr gen 0 missing in alloc btree [ 87.932534][ T7456] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing [ 87.936433][ T7465] XFS (loop1): Starting recovery (logdev: internal) [ 87.948511][ T7456] bcachefs (loop0): bucket 0:38 data type btree ptr gen 0 missing in alloc btree [ 87.948552][ T7456] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing [ 87.951988][ T7465] XFS (loop1): Ending recovery (logdev: internal) [ 87.965565][ T7456] bcachefs (loop0): bucket 0:41 data type btree ptr gen 0 missing in alloc btree [ 87.965585][ T7456] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing [ 87.972367][ T7465] XFS (loop1): Quotacheck needed: Please wait. [ 88.009997][ T7456] bcachefs (loop0): bucket 0:35 data type btree ptr gen 0 missing in alloc btree [ 88.010758][ T7456] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing [ 88.682769][ T7465] XFS (loop1): Quotacheck: Done. [ 88.707064][ T7456] bcachefs (loop0): bucket 0:29 data type btree ptr gen 0 missing in alloc btree [ 88.707114][ T7456] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing [ 88.708018][ T7456] bcachefs (loop0): bucket 0:1 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.708103][ T7456] bcachefs (loop0): bucket 0:1 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.708394][ T7456] bcachefs (loop0): bucket 0:2 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.708459][ T7456] bcachefs (loop0): bucket 0:2 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.708579][ T7456] bcachefs (loop0): bucket 0:3 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.708643][ T7456] bcachefs (loop0): bucket 0:3 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.708761][ T7456] bcachefs (loop0): bucket 0:4 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.709393][ T7456] bcachefs (loop0): bucket 0:4 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.709532][ T7456] bcachefs (loop0): bucket 0:5 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.709593][ T7456] bcachefs (loop0): bucket 0:5 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.709706][ T7456] bcachefs (loop0): bucket 0:6 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.709766][ T7456] bcachefs (loop0): bucket 0:6 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.709876][ T7456] bcachefs (loop0): bucket 0:7 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.709936][ T7456] bcachefs (loop0): bucket 0:7 gen 0 data type sb has wrong dirty_sectors: got 0, should be 256, fixing [ 88.710053][ T7456] bcachefs (loop0): bucket 0:8 gen 0 has wrong data_type: got free, should be sb, fixing [ 88.710990][ T7456] bcachefs (loop0): bucket 0:8 gen 0 data type sb has wrong dirty_sectors: got 0, should be 8, fixing [ 88.711165][ T7456] bcachefs (loop0): bucket 0:9 gen 0 has wrong data_type: got free, should be journal, fixing [ 88.711345][ T7456] bcachefs (loop0): bucket 0:9 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 88.711474][ T7456] bcachefs (loop0): bucket 0:10 gen 0 has wrong data_type: got free, should be journal, fixing [ 88.711542][ T7456] bcachefs (loop0): bucket 0:10 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 88.711687][ T7456] bcachefs (loop0): bucket 0:11 gen 0 has wrong data_type: got free, should be journal, fixing [ 88.711700][ T7456] Ratelimiting new instances of previous error [ 88.711785][ T7456] bcachefs (loop0): bucket 0:11 gen 0 data type journal has wrong dirty_sectors: got 0, should be 256, fixing [ 88.711797][ T7456] Ratelimiting new instances of previous error [ 88.736426][ T7456] done [ 88.743989][ T7456] bcachefs (loop0): going read-write [ 88.788100][ T10] bcachefs (loop0): going read-only [ 88.790985][ T12] bcachefs (loop0): u64s 13 type alloc_v4 0:25:0 len 0 ver 0: [ 88.791884][ T12] gen 0 oldest_gen 0 data_type journal [ 88.791897][ T12] journal_seq_nonempty 0 [ 88.791906][ T12] journal_seq_empty 0 [ 88.791915][ T12] need_discard 0 [ 88.791924][ T12] need_inc_gen 0 [ 88.791933][ T12] dirty_sectors 256 [ 88.791942][ T12] stripe_sectors 0 [ 88.791951][ T12] cached_sectors 0 [ 88.791960][ T12] stripe 0 [ 88.791969][ T12] stripe_redundancy 0 [ 88.791978][ T12] io_time[READ] 0 [ 88.791987][ T12] io_time[WRITE] 0 [ 88.791996][ T12] fragmentation 0 [ 88.792005][ T12] bp_start 8 [ 88.792014][ T12] [ 88.792022][ T12] incorrectly set at freespace:0:25:0 (free 0, genbits 0 should be 0), shutting down [ 88.792033][ T12] error not marked as autofix and not in fsck [ 88.792042][ T12] run fsck, and forward to devs so error can be marked for self-healing [ 88.792052][ T12] inconsistency detected - emergency read only at journal seq 10 [ 88.801867][ T12] bcachefs (loop0): bch2_btree_update_start(): error fsck_errors_not_fixed [ 88.802016][ T12] bcachefs (loop0): async_btree_node_rewrite_work(): error fsck_errors_not_fixed [ 88.878283][ T10] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 88.878407][ T10] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 88.880991][ T10] bcachefs (loop0): unclean shutdown complete, journal seq 10 [ 88.890521][ T7519] input: syz0 as /devices/virtual/input/input3 [ 88.927929][ T10] bcachefs (loop0): finished waiting for writes to stop [ 88.939975][ T7522] loop4: detected capacity change from 0 to 2 [ 88.940569][ T7522] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 88.950819][ T10] bcachefs (loop0): done going read-only, filesystem not clean [ 88.952143][ T7456] bcachefs (loop0): going read-write [ 88.953600][ T7456] bcachefs (loop0): going read-only [ 89.010641][ T6501] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 89.034711][ T7456] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10 [ 89.034842][ T7456] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10 [ 89.035277][ T7456] bcachefs (loop0): unclean shutdown complete, journal seq 10 [ 89.200893][ T7456] bcachefs (loop0): finished waiting for writes to stop [ 89.267306][ T7456] bcachefs (loop0): done going read-only, filesystem not clean [ 89.270611][ T7456] bcachefs (loop0): done starting filesystem [ 89.767884][ T6506] bcachefs (loop0): shutting down [ 89.999688][ T6506] bcachefs (loop0): shutdown complete [ 90.744844][ T7550] loop3: detected capacity change from 0 to 128 [ 90.748578][ T7550] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 90.759850][ T7550] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 93.846700][ T7583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 93.847199][ T7583] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 94.669134][ T7587] loop3: detected capacity change from 0 to 64 [ 95.007569][ T7591] can0: slcan on ptm0. [ 95.378916][ T7589] loop4: detected capacity change from 0 to 512 [ 95.379536][ T7589] EXT4-fs: quotafile must be on filesystem root [ 95.437989][ T7569] can0 (unregistered): slcan off ptm0. [ 96.244113][ T7603] binfmt_misc: register: failed to install interpreter file ./cgroup.cpu/cpuset.cpus [ 96.696576][ T7614] netlink: 4 bytes leftover after parsing attributes in process `syz.4.233'. [ 96.697367][ T7614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.233'. [ 97.073186][ T7621] loop3: detected capacity change from 0 to 128 [ 97.761847][ T7629] input: syz0 as /devices/virtual/input/input4 [ 97.936972][ T7634] netlink: 104 bytes leftover after parsing attributes in process `syz.4.238'. [ 98.700630][ T7634] loop4: detected capacity change from 0 to 40427 [ 98.704497][ T7634] F2FS-fs (loop4): Unrecognized mount option "whint_mode=off" or missing value [ 100.255799][ T7654] netlink: 60 bytes leftover after parsing attributes in process `syz.1.242'. [ 100.469465][ T7646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 100.470755][ T7646] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.212358][ T7660] loop1: detected capacity change from 0 to 128 [ 101.425747][ T7664] loop1: detected capacity change from 0 to 512 [ 101.430360][ T7664] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 101.430413][ T7664] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 101.442694][ T7664] EXT4-fs (loop1): 1 truncate cleaned up [ 101.443898][ T7664] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 101.448062][ T7666] loop4: detected capacity change from 0 to 8 [ 101.448684][ T7666] squashfs: Unknown parameter '0x000000000000000001777777777777777777777' [ 101.457100][ T7664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 101.457408][ T7664] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 101.524882][ T7631] team0 (unregistering): Port device team_slave_0 removed [ 101.603143][ T7631] team0 (unregistering): Port device team_slave_1 removed [ 101.744364][ T7670] xt_CT: You must specify a L4 protocol and not use inversions on it [ 102.411891][ T6501] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.537175][ T7672] loop2: detected capacity change from 0 to 64 [ 102.937246][ T7680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 102.937568][ T7680] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 103.367299][ T7680] loop1: detected capacity change from 0 to 40427 [ 104.803632][ T7680] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3fffff [ 104.816950][ T6559] page_pool_release_retry() stalled pool shutdown: id 23, 1 inflight 60 sec [ 105.633943][ T7680] F2FS-fs (loop1): invalid crc value [ 105.634065][ T7680] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4) [ 106.031418][ T7693] loop2: detected capacity change from 0 to 512 [ 106.135684][ T7693] EXT4-fs (loop2): Test dummy encryption mode enabled [ 106.135761][ T7693] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 106.135802][ T7693] EXT4-fs (loop2): SIPHASH is not a valid default hash value [ 108.355340][ T7710] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.261'. [ 108.386338][ T7713] validate_nla: 23 callbacks suppressed [ 108.388239][ T7713] netlink: 'syz.4.262': attribute type 4 has an invalid length. [ 108.487913][ T7713] loop4: detected capacity change from 0 to 64 [ 108.505457][ T7713] hfs: Unknown parameter 'iochar' [ 108.611345][ T7720] loop3: detected capacity change from 0 to 512 [ 108.617218][ T7720] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.623317][ T7720] EXT4-fs: inline encryption not supported [ 108.629584][ T7720] EXT4-fs: Ignoring removed mblk_io_submit option [ 108.633920][ T7720] EXT4-fs (loop3): Test dummy encryption mode enabled [ 108.636474][ T7720] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 108.666828][ T7720] EXT4-fs (loop3): 1 truncate cleaned up [ 108.686258][ T7720] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.968895][ T6492] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.975697][ T1807] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 109.225665][ T1807] usb 1-1: Using ep0 maxpacket: 32 [ 109.234180][ T1807] usb 1-1: config 0 has an invalid interface number: 35 but max is 0 [ 109.241331][ T1807] usb 1-1: config 0 has no interface number 0 [ 109.248083][ T1807] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f [ 109.248141][ T1807] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.248190][ T1807] usb 1-1: Product: syz [ 109.248224][ T1807] usb 1-1: Manufacturer: syz [ 109.248251][ T1807] usb 1-1: SerialNumber: syz [ 109.262234][ T1807] usb 1-1: config 0 descriptor?? [ 109.918543][ T1807] radio-si470x 1-1:0.35: this is not a si470x device. [ 109.955407][ T1807] radio-raremono 1-1:0.35: this is not Thanko's Raremono. [ 109.972594][ T1807] usb 1-1: USB disconnect, device number 6 [ 110.093917][ T7743] block device autoloading is deprecated and will be removed. [ 110.145176][ T7746] xt_CT: You must specify a L4 protocol and not use inversions on it [ 110.359550][ T7750] loop3: detected capacity change from 0 to 40427 [ 110.364543][ T7750] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 110.364618][ T7750] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 110.371031][ T7750] F2FS-fs (loop3): invalid crc value [ 110.394205][ T7750] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 110.394265][ T7750] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 110.435743][ T6497] Bluetooth: hci4: command 0x0c1a tx timeout [ 111.656772][ T7782] libceph: resolve '. [ 111.656772][ T7782] #)|.fǝaow?'%ЏKAqfCzeSb3L)HyoǤYMhE$ [ 111.656772][ T7782] ' (ret=-3): failed [ 112.066960][ T7802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.070868][ T7802] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.163219][ T7808] netlink: 'syz.1.300': attribute type 1 has an invalid length. [ 112.163284][ T7808] netlink: 'syz.1.300': attribute type 2 has an invalid length. [ 112.776206][ T7827] input: syz1 as /devices/virtual/input/input5 [ 112.784814][ T31] audit: type=1326 audit(112.510:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90b5b728 code=0x7ffc0000 [ 112.784911][ T31] audit: type=1326 audit(112.510:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.784955][ T31] audit: type=1326 audit(112.510:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff90b5b728 code=0x7ffc0000 [ 112.795789][ T31] audit: type=1326 audit(112.520:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.795852][ T31] audit: type=1326 audit(112.520:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.795894][ T31] audit: type=1326 audit(112.520:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.795934][ T31] audit: type=1326 audit(112.520:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.795974][ T31] audit: type=1326 audit(112.520:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.796017][ T31] audit: type=1326 audit(112.520:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 112.796055][ T31] audit: type=1326 audit(112.520:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7824 comm="syz.3.306" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffff91a008bc code=0x7ffc0000 [ 113.217094][ T7839] fuse: Bad value for 'fd' [ 113.460700][ T7844] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 113.464200][ T7844] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.466610][ T7844] vhci_hcd: default hub control req: 230f v0004 i0000 l3 [ 114.028803][ T6579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 114.900059][ T7867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.321'. [ 114.970158][ T7025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.010133][ T7872] netlink: 16 bytes leftover after parsing attributes in process `syz.2.324'. [ 115.057653][ T6579] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.222679][ T7887] loop2: detected capacity change from 0 to 7 [ 115.244627][ T7887] loop2: [POWERTEC] p1 p2 p3 [ 115.247603][ T7887] loop2: p1 size 1114112 extends beyond EOD, truncated [ 115.257433][ T7887] loop2: p2 start 393215 is beyond EOD, truncated [ 115.259982][ T7887] loop2: p3 start 1635021614 is beyond EOD, truncated [ 115.417671][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.421710][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.428142][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.428313][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.428435][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.428545][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.428652][ T7892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 115.541888][ T6484] udevd[6484]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory [ 115.600291][ T7903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.609614][ T7903] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.393898][ T7947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.394209][ T7947] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.606330][ T7963] netlink: 16 bytes leftover after parsing attributes in process `syz.2.359'. [ 118.678078][ T7970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.678400][ T7970] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.904233][ T7984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.364'. [ 118.935954][ T7984] netlink: 8 bytes leftover after parsing attributes in process `syz.1.364'. [ 119.136621][ T7025] net_ratelimit: 45 callbacks suppressed [ 119.136683][ T7025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 119.668928][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 119.905882][ T8006] netlink: 16 bytes leftover after parsing attributes in process `syz.1.373'. [ 120.392011][ T8012] netlink: 176 bytes leftover after parsing attributes in process `syz.1.376'. [ 120.395927][ T8012] ip6gretap0: entered promiscuous mode [ 120.398095][ T8012] netlink: 176 bytes leftover after parsing attributes in process `syz.1.376'. [ 120.738257][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 120.782241][ T31] kauditd_printk_skb: 108 callbacks suppressed [ 120.782494][ T31] audit: type=1400 audit(120.510:120): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=8018 comm="syz.1.379" dest=20000 netif=wpan0 [ 121.569426][ T8049] netlink: 'syz.0.392': attribute type 29 has an invalid length. [ 121.574323][ T8049] netlink: 'syz.0.392': attribute type 29 has an invalid length. [ 121.624802][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 121.780171][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.532810][ T8089] binder: BINDER_SET_CONTEXT_MGR already set [ 122.533078][ T8089] binder: 8082:8089 ioctl 4018620d 20000040 returned -16 [ 122.533974][ T8089] binder: 8082:8089 got transaction to invalid handle, 1 [ 122.534254][ T8089] binder: 8089:8082 cannot find target node [ 122.534338][ T8089] binder: 8082:8089 transaction async to 0:0 failed 6/29201/-22, code 0 size 96-56 line 3150 [ 122.764892][ T8090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.770038][ T8090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.773425][ T8090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.783174][ T8090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 122.787755][ T8090] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 123.214539][ T7025] binder: undelivered TRANSACTION_ERROR: 29201 [ 123.409805][ T8103] binder: 8098:8103 IncRefs 0 refcount change on invalid ref 0 ret -22 [ 123.430686][ T8103] binder: 8098:8103 ioctl c018620c 20000100 returned -22 [ 124.491080][ T8135] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.495337][ T8135] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.544802][ T8138] capability: warning: `syz.0.428' uses 32-bit capabilities (legacy support in use) [ 124.655843][ T7025] net_ratelimit: 137 callbacks suppressed [ 124.655927][ T7025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.103204][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 125.303763][ T8158] netlink: 150 bytes leftover after parsing attributes in process `syz.4.437'. [ 125.744407][ T8175] netlink: 104 bytes leftover after parsing attributes in process `syz.4.443'. [ 126.176888][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 126.177325][ T2397] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.177397][ T2397] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.409922][ T8197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.453'. [ 126.596407][ T8207] netlink: 24 bytes leftover after parsing attributes in process `syz.1.458'. [ 126.792699][ T8213] netlink: 8 bytes leftover after parsing attributes in process `syz.1.460'. [ 127.106048][ T8209] "syz.2.457" (8209) uses obsolete ecb(arc4) skcipher [ 127.226169][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 127.309646][ T8233] netlink: 20 bytes leftover after parsing attributes in process `syz.3.468'. [ 127.349796][ T8231] netlink: 68 bytes leftover after parsing attributes in process `syz.4.465'. [ 127.402331][ T8239] netlink: 8 bytes leftover after parsing attributes in process `syz.3.471'. [ 127.463430][ T8243] ------------[ cut here ]------------ [ 127.463591][ T8243] WARNING: CPU: 0 PID: 8243 at mm/vma.c:1240 vms_complete_munmap_vmas+0x694/0x7e4 [ 127.467719][ T8243] Modules linked in: [ 127.468907][ T8243] CPU: 0 UID: 0 PID: 8243 Comm: syz.1.473 Not tainted 6.15.0-rc6-syzkaller-gc919f08732cc #0 PREEMPT [ 127.471907][ T8243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 127.474673][ T8243] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 127.476840][ T8243] pc : vms_complete_munmap_vmas+0x694/0x7e4 [ 127.478425][ T8243] lr : vms_complete_munmap_vmas+0x694/0x7e4 [ 127.480079][ T8243] sp : ffff80009f2b7650 [ 127.481269][ T8243] x29: ffff80009f2b76a0 x28: ffff0000d9611980 x27: 0000000000000200 [ 127.483435][ T8243] x26: ffff0000d9611bf8 x25: ffff80009f2b7790 x24: ffff0000d9611bf0 [ 127.485643][ T8243] x23: ffff80009f2b7788 x22: 0000000000000021 x21: 0000000000006349 [ 127.487857][ T8243] x20: 1ffff00013e56eee x19: dfff800000000000 x18: 0000000000000000 [ 127.490007][ T8243] x17: 0000000000000000 x16: ffff80008adb9a34 x15: 0000000000000001 [ 127.492203][ T8243] x14: 1fffe0001b2c2413 x13: 0000000000000000 x12: 0000000000000000 [ 127.494396][ T8243] x11: 0000000000080000 x10: 0000000000002946 x9 : ffff8000a43d9000 [ 127.496531][ T8243] x8 : 0000000000002947 x7 : ffff800080b53360 x6 : 0000000000000000 [ 127.498710][ T8243] x5 : 0000000000000000 x4 : 0000000020c00000 x3 : ffff800080b02104 [ 127.500900][ T8243] x2 : 0000000000000001 x1 : 0000000000000021 x0 : 0000000000000200 [ 127.503031][ T8243] Call trace: [ 127.503922][ T8243] vms_complete_munmap_vmas+0x694/0x7e4 (P) [ 127.505524][ T8243] do_vmi_align_munmap+0x2c4/0x310 [ 127.506912][ T8243] do_vmi_munmap+0x1dc/0x260 [ 127.508349][ T8243] do_munmap+0xdc/0x12c [ 127.509468][ T8243] mremap_to+0x438/0x6f8 [ 127.510612][ T8243] __arm64_sys_mremap+0x740/0xa10 [ 127.512000][ T8243] invoke_syscall+0x98/0x2b8 [ 127.513266][ T8243] el0_svc_common+0x130/0x23c [ 127.514563][ T8243] do_el0_svc+0x48/0x58 [ 127.515710][ T8243] el0_svc+0x58/0x17c [ 127.516814][ T8243] el0t_64_sync_handler+0x78/0x108 [ 127.518254][ T8243] el0t_64_sync+0x198/0x19c [ 127.519547][ T8243] irq event stamp: 362 [ 127.520647][ T8243] hardirqs last enabled at (361): [] call_rcu+0x650/0x96c [ 127.523102][ T8243] hardirqs last disabled at (362): [] el1_dbg+0x24/0x80 [ 127.525585][ T8243] softirqs last enabled at (336): [] local_bh_enable+0x10/0x34 [ 127.528111][ T8243] softirqs last disabled at (334): [] local_bh_disable+0x10/0x34 [ 127.530704][ T8243] ---[ end trace 0000000000000000 ]--- [ 127.606857][ T8241] syzkaller0: entered promiscuous mode [ 127.606939][ T8241] syzkaller0: entered allmulticast mode [ 127.705676][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.256472][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 128.747673][ T1807] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 129.300644][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.336200][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 130.740308][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 131.376520][ T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 132.416822][ T6539] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.470203][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 133.775864][ T7025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 134.495867][ T6539] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 135.537901][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.577760][ T2304] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 136.815848][ T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog