last executing test programs: 3.278167362s ago: executing program 2 (id=2846): r0 = syz_io_uring_setup(0xd1, &(0x7f0000000280)={0x0, 0x8a73, 0x100, 0x22, 0x1b8}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4) io_uring_enter(r0, 0x47ba, 0x3000000, 0x300000000000000, 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x3) syz_open_dev$vbi(0x0, 0x0, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r2 = syz_io_uring_setup(0x4aa, 0x0, 0x0, &(0x7f0000000200)) io_uring_enter(r2, 0x38c5, 0x2000000, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000100), 0xfffffffffffffffa, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0xf, 0xafc}, 0x8) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) 2.839599856s ago: executing program 1 (id=2852): munmap(&(0x7f0000004000/0x3000)=nil, 0x3000) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x74}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) sendto$inet(r0, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10) sendto$inet(r0, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00) 2.184632232s ago: executing program 2 (id=2855): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sched_setaffinity(r0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) 2.128319467s ago: executing program 1 (id=2857): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$pptp(0x18, 0x1, 0x2) socket$packet(0x11, 0x2, 0x300) arch_prctl$ARCH_GET_UNTAG_MASK(0x4001, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000070000000700000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000006c0)={{r0}, &(0x7f0000000600), &(0x7f0000000680)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x18) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) 1.948461895s ago: executing program 1 (id=2859): sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x24040040) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_pidfd_open(0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xc, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x2, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0xfffffffffffffe05, 0x8, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5}) 1.364383244s ago: executing program 3 (id=2866): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2}) r1 = socket$igmp6(0xa, 0x3, 0x2) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'}) write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x3e) 1.30663158s ago: executing program 0 (id=2867): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) utimes(&(0x7f0000000340)='./file0\x00', 0x0) 1.168667063s ago: executing program 2 (id=2868): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) write(r0, &(0x7f0000002480)="58432883c72df18c10d9aa59d287b6f3596b95c6222d2ce9b4c087c0cc0c9a1fc4636a38111c27c8c16ad5db1c03a1fe0a1fd6fb8c8d1e012e21a4022ebd4342129f98cac076fb2a8a9e3be062ffdb58a359bdcd2beb151caa1160aae646d6533e3307d322cf3fa2c610f168a510a24a6bce749674e644b8fab9fe009ce6febb4febf9190a9388c333500d7ff60a66b740916246861403c78851935281d6818925e1c6d44dc8763c99920b29107f0ef2ce0002078c48ea69bedafe371822ad50c3585ce0c00e2866a77eb382a4a94c8140eade00e7cce81a18b01e2824860a08682d5f098ff2025c279a91ded1c2e68d0f765dcc0feeb118f7b2c4d0ac243f214ba6102d1f7e5855d204d3f5f533b590af39177b29e264935d637660ffda56415f003705bac18326fd036ca5866b3774d53bc948ec177f94ad43fa7654e56fd5df799454c24aa5bbcbade05473b27357093cdff40a8f1df11e951fe9c1d4cbd2afcaec315a61538511429be3ac1d5c96c49dae7fc3383d5696f81865daf7cc4fed6628e40b4b9bed2a56a1058b6bfb2213749014375e577b9ec4ead515d6ffcf06ecf73490e8e54ea3c5519765aad9f6ca082198f88d63910ecaf1442789de4fec5af0e5eabcc8cdcc4a2cd6d348c53a7fc4fc84b7a57fad068114c0c2135f9e5b7b5cc693fb7ee2d4a9eeeefcd5bbe1e04d2e79b0b565669cb708fed60dbd04cc4e5970bd688080a20d70426025404797b769225215dfa01e116625e3358c670bad99250553ff83abf0a9a9cabe2f6316b039faf317717c84358f1dfddfb4d50d1133b5d1a458dc57a536675d288a3461a5ff621ac55fa9ed7127baa0893fcb9b32c0a621fb1c2ecbc9eef27077c8253e44900e5f864a0845990268ef473c21fa2ed5bf9ceb00ffc06cd435687bf5d66fc462b4722a4dc90fce58d0c3ceae0dc1ac3e518a3388e21adaa54cd4f12fa328c3ba221fa604905f046f37de3bfe1829d1db4367373029a100339754c9d4491e60f065cb2e75c387cb4bc8bdd204142679dd07173f68b3fd14010aca29cba02fbec1e3da97c3063367fc70c47d5fe1c3a6217c4226f1fff9a7e0197ee5008b04cf56e6b9a7d23f5ba14589640d76049ff3972a317a7b861fd2930bce30b6cd51e9ad81f2ee6d1733ca19cd2fd4c6979076b9c9edf5749817151361dfe46dc44b6add43a483bc508e1c75e28c9c4ad5da72d21fe1731a32aec0661ded551aef04b2adea89868e7991422aeeccc7b92725754a4bcfe2ad480cb23e88d327bb125cc377c2d71b80ae42bbe3291ad850d450041925fe17e51877ef23cc823626b74aa1a048e0a725a77739c36620a0c3de6d15f51484732b16d2fbe71c553bd2c2b6d8519f7ba58ec622ba660d8e2119c2b04645fcb1661c9f1928d1d634b9f41788b68d15656fbb0777e8ea16e1caf9d18d27f352cbbfe566cc85ff611a9e742ae9e43e1a09a5b800caeaeb07a25d34ece6f5b440a281749f89877719d12948f6c89c774ecfb02882083392561f2ece1248aeb0407d70d141c121b815a3ebb6a6e4beef697e535c10502014ea6e9de83a13a4db9aac25045f5dff5fd508cce4e18d44952534c014394315e54a527abd259d9ed8b33d8809396a3aecf5acfc2ad0d85f6f3e63415f317d9ccf3c6888fcc9239079496630f7d85379234051a40cb27a4f6634ea5dc1d2899fa9c355c202c1e90a47c243fcd5f171652c34dee8c50223fe24559bcf7c71afd464d764925cccf18b98ed8b7ca44f32f6efce8983f8888613fab726fe302b6e72f894a5e2c6b6c4c7071848ee51d5e11d34be07106d2195474a12f8cf50456a3bbddd9c19b79efbc527a65239cf5a01fd8140d176a7524dd75a806f1745fb6bd55034ecd63e6e6fa5a48f8e38632697093e5c80eacefdd109918bd8417705a9bd927d9302cd794c063a3190705255b7303992cf6e29ec09698a94417e645f00a388c3e27ed083d5246ec6a0af46330cd720b47a08470f0f4a20caa2aba03d0383081cc97294ba4692285d34d7d9764691fdaf20d54c473301d31ecc238086f4c85bafdd9b7ae7244d6e47a7058f6f93f0bc97186fb1077497f5d048d17667339c53f8fb9710eb776d49f43748188824ee5d37fe1fa4b990684e6f090b2ae70a151f09a7d958488c9f38f8cf0c17a81a913e7bcacb9a11576510e8bf6e96c80fa484545fcbefda378a5cce8524e52241525812186edb6d764d65a34be000f114670b0f61ea38579992d30ce78bb75e243cab84ede0eec725fcba0afe4940db0e811f1f2679bc5c25c45b5c4bbda7438aa91ead1c072cb65e8b2044d748701c3fa338dbef045b0fe1beaa2d16b61eeee778bd5aed2a7498204c733e76c8314e669e2e40e3481a8fbdc08b9e3a73ed615fbc98ab078019787936fca6b090e72a975a7b6b4d080f60eb0f9b7f43d182de85549d647bc17d072cb973a307bb3fd384793a0e11d6954ea54c4b3359520be0a21f9100f42567e94ae7acac3597799525f42ac5c0fae8c84a0ab2b4a000e47d602d5671adb48cd398f2d3235690dfa047c454943dcd8d841c9f2753e5955f082d3bd9623d24cd12d95bdff79e029695f7a529bca5753bcdf90e3bf01ff02f32e7043694935a73be6b934afa0b17b625d11dd05067b497b28e2d1503f84f1f21f842402730949b51a36fd6542c9b03127f4887bbc6d3a5287c8532727da6a2711ac1e30a529657a8e63c3f1a445bb28ac337ada9302c99e33ec4dc0276daeec957a4fbaf2ab246eb984f4b63dfb179971ef13a2caed5f9667fb3688c1602e59f5bd0ed4bda76f519c976a3ddfea73183820d1780e24c45522c9a8013524eee4baba52db41658e5a599c616eedef98f0e64aa3b5b7288dfae7b7244e0840f0ec02722a34b9b0c411cc91e287fd72187d946bcdc330d289bb12007397b28e6007291035b6d04efd4011c117070255bfd92a48134d4f94d104580224f1740b68bba8354dc27dc492fcb36477e44fc4ad83948070ddd6eeca3ff5ea48c190722bfd1b610989b1b02c6ef179f15d5718f172ec67d979ff31f6ed2dcff3d5c7812be4465d75b9f2aa1411c75e1297d527d97b7d925d144f58aeef03aba4826a5fbbad6", 0x8a8) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 1.040896076s ago: executing program 0 (id=2869): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xb}, {0xb, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240440e0}, 0x4008000) r4 = socket$packet(0x11, 0x3, 0x300) sendto$packet(r4, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r3, 0x1, 0xd8, 0x6, @multicast}, 0x14) 1.040118846s ago: executing program 2 (id=2870): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}) writev(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f0000000200)="b7c7040000000000000000d1dd0fccd5de05", 0x12}, {&(0x7f0000000580)="d2f253697e7edbd33bff104b5a800196b62feb20982a50e789da13166fd9ed1554dc012f072bff0f6f7201b1e39a2a06e791871a8693523d87de757d02cc8c06e955d1f53187e6d10108a4aa4abb5940f44521fdc744ae56cc4b8798df345c5ae763d20fc16dea5f27557ab33d933b7e02512bd3e1850b9c02b9ac809a6a233346110eedd778e41538f4fa6901edb005c45aa2c93d7752eb02bccc7cee0db3cb054e819944828c79cb4d9cc9e01f89c0796a0800013dc79413d33cdbf4cf17b0ac2f6c5c84730a7ae67b6c3b4f236fe27e07de4a80bf20d89d36389a8ef7ac9e355479f03b5bfdc8b1b318aa097f02be662d4eb2f309b443c003402ba1875b0638e359880f22930c09e3b6a33cfb47c5dab2cf5e27f6429643baec2a1508503bc5a9330e3a3533ee5161d75cb38efc904dc6897194089a7aad6606efeab062d0d4534d80132651f06219549c72bd971bc2471fee77557478b73981fec11727e39d51e6a9ff3edf20a58daab264cde0dccd5989cca1efd3f90bee13b23367b318233cf10f28a1bb36b1f891be57bd2863827403721f7de2479a81323a8a821c00fed5ef9c97f478bf1e14bb86e8fbc8fd0dd396a8d22c8dd73acb87d30446e7bb6d943f844c0971bc4b17ccd7950b5215fd284c12bb3596985be18b63bf4061f6524a9123fc52709a359a5b2227b32d7946c1a3f9ab1d667d44bd18bfaabf00f3886c0372c849a25baafa9ef6677050f68939b9b1a448ac9e4e593c366c372f588877651bb658a9ea4c520b3ce2abcb882d4e8c7233dc914a9246f281da9e5b292d809b4587083b5c44cc890c0c1800e6022398ffaceb60e4f50670d91d3067690e15b09e6d5328af78c884dc7fc3aede1288727ed34f2669fbb8a41a8c51e235b8cf8990f7a1fe436c0da0f74d5e6e9aaaaa5677a37bde42142675948ae3c312b8546934fa064ee34f3f2b7cf5e4c311461fd2b6e0454a440aa5ad9abb4555af60dfe25716bd8cb42db57ec5663fc5ea0c9967200a57a67476f8986642b83f99270c16248a9f4bce8d564a8d5170462550f414cf9b4f3e725702174a2fda7e33c7c75ae77c389732cae187f8de3480795d916c05b090ddb62fe6d592c67e21fc25f5963d25aec39219bb948b5adc1aad5f66c2e5dad631462184ec9a338f4a00dda73fc7ce31a442feabf1fc01dd5dc2567c338e4f3c4bfc5f85f82b94671e39c95baba82140f76ac7acaaacd564f5421cdd73d794afea6c6a65f29ae4cffe74884697adb4073e78cad21458a888e230fb42411d99911baba972fd8aa7af2e42eef82a6a9ef46b405c68c3e85221ff8559d843e18a6f7f061cd03ded941dc761622cc9d1f5c065efd2b55711679b212309e9ac8447eab697a34168b12c1a58e826fea890c2c58e576c08b6ef246b1cc10d2b7f35a26ce6e550bf91d5106e7144fa3f90abc3140e5d8712880046f8d88c075d702d13", 0x415}], 0x3) 964.466334ms ago: executing program 3 (id=2871): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) socket$packet(0x11, 0xa, 0x300) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0xb}, 0x94) socket$packet(0x11, 0xa, 0x300) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff) 865.634904ms ago: executing program 1 (id=2872): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000180a0102000000000000000002000003300003802c00038014000100776732000000000000000000000000001400010076657468315f746f5f627269576765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r1, 0x8923, &(0x7f0000000140)={'wg2\x00', @local}) 600.70033ms ago: executing program 0 (id=2873): r0 = syz_io_uring_setup(0xd1, &(0x7f0000000280)={0x0, 0x8a73, 0x100, 0x22, 0x1b8}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4) io_uring_enter(r0, 0x47ba, 0x3000000, 0x300000000000000, 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x3) syz_open_dev$vbi(0x0, 0x0, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r2 = syz_io_uring_setup(0x4aa, 0x0, 0x0, &(0x7f0000000200)) io_uring_enter(r2, 0x38c5, 0x2000000, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000100), 0xfffffffffffffffa, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0xf, 0xafc}, 0x8) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) 520.259698ms ago: executing program 3 (id=2874): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x8000001f) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x4) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) fcntl$notify(r1, 0x402, 0x8000003d) close_range(r0, r1, 0x0) 519.857579ms ago: executing program 1 (id=2875): bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080)={0x2a, 0x1, 0xfffffffe}, 0xc) read(r1, &(0x7f00000000c0)=""/66, 0x42) getpeername$qrtr(r1, 0x0, &(0x7f0000000180)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0xc054) r2 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) write$binfmt_script(r2, 0x0, 0x0) 477.076073ms ago: executing program 0 (id=2876): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000040000000c"], 0x50) bpf$MAP_CREATE(0x0, 0x0, 0x39) inotify_init() r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0) close(r1) r2 = socket(0x1e, 0x4, 0x0) sendmsg$tipc(r2, &(0x7f0000000200)={&(0x7f0000000040)=@id={0x1e, 0x3, 0x3, {0x4e21, 0x2}}, 0x10, 0x0}, 0x80c1) getsockname$tipc(r2, &(0x7f0000000080)=@id, &(0x7f0000000740)=0x10) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x1) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004) 454.544585ms ago: executing program 3 (id=2877): bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB], 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r0}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x7}, 0x18) pipe2(&(0x7f0000001cc0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) 392.290411ms ago: executing program 2 (id=2878): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4) setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f00000001c0)=0x4, 0x4) sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000b00)={0xa, 0x4e23, 0x0, @local}, 0x1c, 0x0}}], 0x1, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x56a9, &(0x7f0000000040)={0x0, 0x372, 0xc000, 0xb, 0xa0002f5}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffeec, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 260.464014ms ago: executing program 3 (id=2879): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3) write(r0, &(0x7f0000002480)="58432883c72df18c10d9aa59d287b6f3596b95c6222d2ce9b4c087c0cc0c9a1fc4636a38111c27c8c16ad5db1c03a1fe0a1fd6fb8c8d1e012e21a4022ebd4342129f98cac076fb2a8a9e3be062ffdb58a359bdcd2beb151caa1160aae646d6533e3307d322cf3fa2c610f168a510a24a6bce749674e644b8fab9fe009ce6febb4febf9190a9388c333500d7ff60a66b740916246861403c78851935281d6818925e1c6d44dc8763c99920b29107f0ef2ce0002078c48ea69bedafe371822ad50c3585ce0c00e2866a77eb382a4a94c8140eade00e7cce81a18b01e2824860a08682d5f098ff2025c279a91ded1c2e68d0f765dcc0feeb118f7b2c4d0ac243f214ba6102d1f7e5855d204d3f5f533b590af39177b29e264935d637660ffda56415f003705bac18326fd036ca5866b3774d53bc948ec177f94ad43fa7654e56fd5df799454c24aa5bbcbade05473b27357093cdff40a8f1df11e951fe9c1d4cbd2afcaec315a61538511429be3ac1d5c96c49dae7fc3383d5696f81865daf7cc4fed6628e40b4b9bed2a56a1058b6bfb2213749014375e577b9ec4ead515d6ffcf06ecf73490e8e54ea3c5519765aad9f6ca082198f88d63910ecaf1442789de4fec5af0e5eabcc8cdcc4a2cd6d348c53a7fc4fc84b7a57fad068114c0c2135f9e5b7b5cc693fb7ee2d4a9eeeefcd5bbe1e04d2e79b0b565669cb708fed60dbd04cc4e5970bd688080a20d70426025404797b769225215dfa01e116625e3358c670bad99250553ff83abf0a9a9cabe2f6316b039faf317717c84358f1dfddfb4d50d1133b5d1a458dc57a536675d288a3461a5ff621ac55fa9ed7127baa0893fcb9b32c0a621fb1c2ecbc9eef27077c8253e44900e5f864a0845990268ef473c21fa2ed5bf9ceb00ffc06cd435687bf5d66fc462b4722a4dc90fce58d0c3ceae0dc1ac3e518a3388e21adaa54cd4f12fa328c3ba221fa604905f046f37de3bfe1829d1db4367373029a100339754c9d4491e60f065cb2e75c387cb4bc8bdd204142679dd07173f68b3fd14010aca29cba02fbec1e3da97c3063367fc70c47d5fe1c3a6217c4226f1fff9a7e0197ee5008b04cf56e6b9a7d23f5ba14589640d76049ff3972a317a7b861fd2930bce30b6cd51e9ad81f2ee6d1733ca19cd2fd4c6979076b9c9edf5749817151361dfe46dc44b6add43a483bc508e1c75e28c9c4ad5da72d21fe1731a32aec0661ded551aef04b2adea89868e7991422aeeccc7b92725754a4bcfe2ad480cb23e88d327bb125cc377c2d71b80ae42bbe3291ad850d450041925fe17e51877ef23cc823626b74aa1a048e0a725a77739c36620a0c3de6d15f51484732b16d2fbe71c553bd2c2b6d8519f7ba58ec622ba660d8e2119c2b04645fcb1661c9f1928d1d634b9f41788b68d15656fbb0777e8ea16e1caf9d18d27f352cbbfe566cc85ff611a9e742ae9e43e1a09a5b800caeaeb07a25d34ece6f5b440a281749f89877719d12948f6c89c774ecfb02882083392561f2ece1248aeb0407d70d141c121b815a3ebb6a6e4beef697e535c10502014ea6e9de83a13a4db9aac25045f5dff5fd508cce4e18d44952534c014394315e54a527abd259d9ed8b33d8809396a3aecf5acfc2ad0d85f6f3e63415f317d9ccf3c6888fcc9239079496630f7d85379234051a40cb27a4f6634ea5dc1d2899fa9c355c202c1e90a47c243fcd5f171652c34dee8c50223fe24559bcf7c71afd464d764925cccf18b98ed8b7ca44f32f6efce8983f8888613fab726fe302b6e72f894a5e2c6b6c4c7071848ee51d5e11d34be07106d2195474a12f8cf50456a3bbddd9c19b79efbc527a65239cf5a01fd8140d176a7524dd75a806f1745fb6bd55034ecd63e6e6fa5a48f8e38632697093e5c80eacefdd109918bd8417705a9bd927d9302cd794c063a3190705255b7303992cf6e29ec09698a94417e645f00a388c3e27ed083d5246ec6a0af46330cd720b47a08470f0f4a20caa2aba03d0383081cc97294ba4692285d34d7d9764691fdaf20d54c473301d31ecc238086f4c85bafdd9b7ae7244d6e47a7058f6f93f0bc97186fb1077497f5d048d17667339c53f8fb9710eb776d49f43748188824ee5d37fe1fa4b990684e6f090b2ae70a151f09a7d958488c9f38f8cf0c17a81a913e7bcacb9a11576510e8bf6e96c80fa484545fcbefda378a5cce8524e52241525812186edb6d764d65a34be000f114670b0f61ea38579992d30ce78bb75e243cab84ede0eec725fcba0afe4940db0e811f1f2679bc5c25c45b5c4bbda7438aa91ead1c072cb65e8b2044d748701c3fa338dbef045b0fe1beaa2d16b61eeee778bd5aed2a7498204c733e76c8314e669e2e40e3481a8fbdc08b9e3a73ed615fbc98ab078019787936fca6b090e72a975a7b6b4d080f60eb0f9b7f43d182de85549d647bc17d072cb973a307bb3fd384793a0e11d6954ea54c4b3359520be0a21f9100f42567e94ae7acac3597799525f42ac5c0fae8c84a0ab2b4a000e47d602d5671adb48cd398f2d3235690dfa047c454943dcd8d841c9f2753e5955f082d3bd9623d24cd12d95bdff79e029695f7a529bca5753bcdf90e3bf01ff02f32e7043694935a73be6b934afa0b17b625d11dd05067b497b28e2d1503f84f1f21f842402730949b51a36fd6542c9b03127f4887bbc6d3a5287c8532727da6a2711ac1e30a529657a8e63c3f1a445bb28ac337ada9302c99e33ec4dc0276daeec957a4fbaf2ab246eb984f4b63dfb179971ef13a2caed5f9667fb3688c1602e59f5bd0ed4bda76f519c976a3ddfea73183820d1780e24c45522c9a8013524eee4baba52db41658e5a599c616eedef98f0e64aa3b5b7288dfae7b7244e0840f0ec02722a34b9b0c411cc91e287fd72187d946bcdc330d289bb12007397b28e6007291035b6d04efd4011c117070255bfd92a48134d4f94d104580224f1740b68bba8354dc27dc492fcb36477e44fc4ad83948070ddd6eeca3ff5ea48c190722bfd1b610989b1b02c6ef179f15d5718f172ec67d979ff31f6ed2dcff3d5c7812be4465d75b9f2aa1411c75e1297d527d97b7d925d144f58aeef03aba4826a5fbbad6", 0x8a8) setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0) 232.475577ms ago: executing program 1 (id=2880): shutdown(0xffffffffffffffff, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socket(0x400000000010, 0x3, 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_pidfd_open(0x0, 0x0) r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xc, 0x2, 0x1, 0x0, 0x2}) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x2, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1}) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3}) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2) ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0xfffffffffffffe05, 0x8, 0x81, {}, {0x4, 0x8, 0x8, 0x5, 0x29, 0x9, "0adb3fb8"}, 0x5}) 219.526958ms ago: executing program 2 (id=2881): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x48) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000200)=@add_del={0x2, &(0x7f0000000040)='wlan1\x00'}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xad}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000100)) semop(0x0, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00') lseek(r2, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f00000001c0)={'wg2\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xd83ebaa74b0ec110}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x34, 0x26, 0x20, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xfff3, 0x5}, {0x0, 0xf}, {0x18012}}, [{0x4}, {0x4}, {0x4}, {0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x20040095) semctl$IPC_RMID(0x0, 0x0, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40000) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r4}, &(0x7f00000004c0), &(0x7f0000000500)=r5}, 0x20) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454da, 0x0) r6 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_mreq(r6, 0x29, 0x15, &(0x7f0000000340)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, r3}, 0x14) setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14) semctl$SEM_INFO(0x0, 0x3, 0x13, &(0x7f0000000040)=""/164) r7 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bind(r7, 0x0, 0x0) close(r6) 152.237895ms ago: executing program 0 (id=2882): unshare(0x2c020400) r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f00000003c0)={0x8, 0x3, 0x1}) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000007c0)={{r2}, &(0x7f0000000740), &(0x7f0000000780)='%-010d \x00'}, 0x20) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'sit0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x24048084}, 0x4006) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdff0000850000002d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000007500000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x478, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x3a8, 0xffffffff, 0xffffffff, 0x3a8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0x0, 0xff, 0xff], [0xffffffff, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x2, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x1000000, 0x1, 0x1, 'syz0\x00', 0xfe}}, @common=@mh={{0x28}, {"b11c", 0x1}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x0, 0x0}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0}) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)={0x3, 0x4, 0x4, 0xa, 0x0, r2, 0x4, '\x00', r3, 0xffffffffffffffff, 0x0, 0x1, 0x2}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x6}, 0x18) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000001600)={r7, 0x0}, 0x20) 120.061948ms ago: executing program 3 (id=2883): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {}]}, 0x1, 0x783, &(0x7f0000002200)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR") r0 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_generic(0x10, 0x3, 0x10) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb256d000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) pread64(r0, &(0x7f0000002240)=""/237, 0xed, 0x4eb) 0s ago: executing program 0 (id=2884): r0 = syz_io_uring_setup(0xd1, &(0x7f0000000280)={0x0, 0x8a73, 0x100, 0x22, 0x1b8}, &(0x7f0000000300)=0x0, &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0x8000103, 0x0, 0x4) io_uring_enter(r0, 0x47ba, 0x3000000, 0x300000000000000, 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x5608, 0x3) syz_open_dev$vbi(0x0, 0x0, 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) r2 = syz_io_uring_setup(0x4aa, 0x0, 0x0, &(0x7f0000000200)) io_uring_enter(r2, 0x38c5, 0x2000000, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000100), 0xfffffffffffffffa, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, &(0x7f00000001c0)={0x0, 0x1, 0xf, 0xafc}, 0x8) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) kernel console output (not intermixed with test programs): failed to verify index dir 'upper' xattr [ 570.981134][T11666] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 573.364656][T11699] loop9: detected capacity change from 0 to 7 [ 573.404925][T11699] Dev loop9: unable to read RDB block 7 [ 573.410552][T11699] loop9: unable to read partition table [ 573.450553][T11699] loop9: partition table beyond EOD, truncated [ 573.481382][T11699] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5) [ 578.794881][ T27] audit: type=1326 audit(1763022048.713:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 578.816993][ C1] vkms_vblank_simulate: vblank timer overrun [ 578.884123][ T27] audit: type=1326 audit(1763022048.713:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 578.939429][ T27] audit: type=1326 audit(1763022048.713:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 578.962680][ T27] audit: type=1326 audit(1763022048.743:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 578.984761][ C1] vkms_vblank_simulate: vblank timer overrun [ 579.000636][ T27] audit: type=1326 audit(1763022048.743:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.023182][ T27] audit: type=1326 audit(1763022048.743:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.100642][ T27] audit: type=1326 audit(1763022048.743:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.124531][ T27] audit: type=1326 audit(1763022048.743:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.153868][ T27] audit: type=1326 audit(1763022048.743:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.181083][ T27] audit: type=1326 audit(1763022048.743:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11762 comm="syz.0.1871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f790118f6c9 code=0x50000 [ 579.303960][T11774] binder_alloc: 11773: pid 11773 spamming oneway? 1 buffers allocated for a total size of 5184 [ 580.110504][T11790] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 580.122846][T11790] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 580.132955][T11790] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 580.146685][T11790] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 580.158244][T11790] geneve2: entered promiscuous mode [ 580.210786][T11790] geneve2: entered allmulticast mode [ 580.262259][ T5849] usb 3-1: new full-speed USB device number 35 using dummy_hcd [ 580.316373][ T3503] Bluetooth: hci4: Frame reassembly failed (-84) [ 580.466131][ T5849] usb 3-1: config 0 has an invalid interface number: 1 but max is 0 [ 580.479161][ T5849] usb 3-1: config 0 has no interface number 0 [ 580.491766][ T5849] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e [ 580.511739][ T5849] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 580.551053][ T5849] usb 3-1: config 0 descriptor?? [ 580.568529][ T5849] usb 3-1: selecting invalid altsetting 1 [ 580.584727][ T5849] dvb_ttusb_budget: ttusb_init_controller: error [ 580.593562][ T5822] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 580.604452][ T5849] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB) [ 580.750417][ T5849] DVB: Unable to find symbol cx22700_attach() [ 580.776575][ T5822] usb 2-1: config 0 has no interfaces? [ 580.796479][ T5822] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 580.814466][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 580.831972][ T5822] usb 2-1: Product: syz [ 580.847868][ T5822] usb 2-1: Manufacturer: syz [ 580.852660][ T5849] DVB: Unable to find symbol tda10046_attach() [ 580.859348][ T5822] usb 2-1: SerialNumber: syz [ 580.864082][ T5849] dvb_ttusb_budget: no frontend driver found for device [0b48:1005] [ 580.891979][ T5822] usb 2-1: config 0 descriptor?? [ 580.901599][ T5849] usb 3-1: USB disconnect, device number 35 [ 581.790567][T11810] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 581.790567][T11810] The task syz.2.1895 (11810) triggered the difference, watch for misbehavior. [ 582.353474][ T5793] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 582.384225][ T5822] usb 2-1: USB disconnect, device number 33 [ 584.059930][T11833] syz.0.1894 (11833): drop_caches: 2 [ 584.065767][T11833] syz.0.1894 (11833): drop_caches: 2 [ 591.153330][ T5866] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 591.614391][ T5866] usb 4-1: Using ep0 maxpacket: 32 [ 592.980103][ T5866] usb 4-1: config 0 has an invalid interface number: 188 but max is 0 [ 592.996214][ T5866] usb 4-1: config 0 has no interface number 0 [ 593.010842][ T5866] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36 [ 593.032643][ T5866] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 593.049730][ T5866] usb 4-1: Product: syz [ 593.061998][ T5866] usb 4-1: Manufacturer: syz [ 593.077039][ T5866] usb 4-1: SerialNumber: syz [ 593.092524][ T5866] usb 4-1: config 0 descriptor?? [ 593.324430][ T5866] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 593.343913][ T5866] asix: probe of 4-1:0.188 failed with error -71 [ 593.373309][ T5866] usb 4-1: USB disconnect, device number 30 [ 593.707253][T11940] lo: entered allmulticast mode [ 593.714715][T11939] lo: left allmulticast mode [ 593.798223][T11941] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 594.617552][T11947] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1933'. [ 596.588528][T11976] netdevsim netdevsim3: Direct firmware load for ..€ failed with error -2 [ 596.603703][T11976] netdevsim netdevsim3: Falling back to sysfs fallback for: ..€ [ 598.199055][T11998] ieee802154 phy0 wpan0: encryption failed: -22 [ 599.462002][ T9] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 600.363454][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 600.370733][ T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 600.390838][ T9] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 600.411471][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 600.424519][ T9] usb 3-1: Product: syz [ 600.435433][ T9] usb 3-1: Manufacturer: syz [ 600.443353][ T9] usb 3-1: SerialNumber: syz [ 600.465394][ T9] usb 3-1: config 0 descriptor?? [ 600.486318][ T9] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 600.497703][ T9] em28xx 3-1:0.0: DVB interface 0 found: bulk [ 601.435344][ T9] em28xx 3-1:0.0: unknown em28xx chip ID (0) [ 602.114434][T12054] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 602.636225][ T9] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 602.655876][ T9] em28xx 3-1:0.0: board has no eeprom [ 603.803711][T12020] em28xx 3-1:0.0: writing to i2c device at 0x0 failed (error=-5) [ 603.863272][ T9] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 603.871195][ T9] em28xx 3-1:0.0: dvb set to bulk mode. [ 603.880036][ T5866] em28xx 3-1:0.0: Binding DVB extension [ 603.891406][T12078] ieee802154 phy0 wpan0: encryption failed: -22 [ 603.918350][ T9] usb 3-1: USB disconnect, device number 36 [ 603.949800][ T9] em28xx 3-1:0.0: Disconnecting em28xx [ 603.998427][ T5866] em28xx 3-1:0.0: Registering input extension [ 604.010280][ T9] em28xx 3-1:0.0: Closing input extension [ 604.052673][ T9] em28xx 3-1:0.0: Freeing device [ 604.653997][T12084] syz.2.1976 (12084): drop_caches: 2 [ 604.659548][T12084] syz.2.1976 (12084): drop_caches: 2 [ 605.242818][T12098] overlayfs: overlapping lowerdir path [ 605.294649][T12100] overlayfs: failed to verify upper (515/file0, ino=2730, err=-116) [ 605.302705][T12100] overlayfs: failed to verify index dir 'upper' xattr [ 605.309538][T12100] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 605.471286][T12103] iommufd_mock iommufd_mock1: Adding to iommu group 0 [ 606.203524][T12110] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1983'. [ 609.309292][ T9] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 609.327882][ T7858] IPVS: starting estimator thread 0... [ 609.433469][T12135] IPVS: using max 21 ests per chain, 50400 per kthread [ 609.493284][ T9] usb 2-1: Using ep0 maxpacket: 8 [ 609.509813][ T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b [ 609.530753][ T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 609.557312][ T9] pvrusb2: Hardware description: Terratec Grabster AV400 [ 609.580149][ T9] pvrusb2: ********** [ 609.590249][ T9] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental. [ 609.609289][T12139] kvm: emulating exchange as write [ 609.614642][ T9] pvrusb2: Important functionality might not be entirely working. [ 609.622466][ T9] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver. [ 609.634007][ T9] pvrusb2: ********** [ 609.998362][ T2314] pvrusb2: Invalid write control endpoint [ 610.000958][ T5849] usb 2-1: USB disconnect, device number 34 [ 610.048663][ T5822] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 610.959855][ T2314] pvrusb2: Invalid write control endpoint [ 610.977005][ T2314] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work. [ 611.017863][ T2314] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device. [ 611.034596][ T2314] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups. [ 611.068029][ T2314] pvrusb2: Device being rendered inoperable [ 611.090658][ T2314] cx25840 1-0044: Unable to detect h/w, assuming cx23887 [ 611.116425][ T2314] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a) [ 611.150815][ T2314] pvrusb2: Attached sub-driver cx25840 [ 611.171164][ T2314] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it. [ 611.181555][ T2314] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover. [ 611.334729][ T5822] usb 4-1: Using ep0 maxpacket: 16 [ 611.347532][ T5822] usb 4-1: config 0 interface 0 has no altsetting 0 [ 611.363309][ T5822] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00 [ 611.387699][ T5822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 611.442119][ T5822] usb 4-1: config 0 descriptor?? [ 611.787061][T12165] overlayfs: overlapping lowerdir path [ 611.806818][T12165] overlayfs: failed to verify upper (495/file0, ino=2611, err=-116) [ 611.815263][T12165] overlayfs: failed to verify index dir 'upper' xattr [ 611.822058][T12165] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 611.968399][ T5822] hid (null): nested delimiters [ 613.442756][ T5866] usb 4-1: USB disconnect, device number 31 [ 614.753555][T12204] overlayfs: overlapping lowerdir path [ 614.767162][T12204] overlayfs: failed to verify upper (489/file0, ino=2615, err=-116) [ 614.775430][T12204] overlayfs: failed to verify index dir 'upper' xattr [ 614.782212][T12204] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 614.843276][ T9] usb 3-1: new full-speed USB device number 37 using dummy_hcd [ 615.039965][ T9] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 615.063068][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 615.083154][ T9] usb 3-1: Product: syz [ 615.087700][ T9] usb 3-1: Manufacturer: syz [ 615.093511][ T9] usb 3-1: SerialNumber: syz [ 615.100605][ T9] usb 3-1: config 0 descriptor?? [ 616.142801][ T9] airspy 3-1:0.0: Board ID: 00 [ 616.147746][ T9] airspy 3-1:0.0: Firmware version: [ 616.156905][ T9] airspy 3-1:0.0: usb_control_msg() failed -71 request 11 [ 616.166894][ T9] airspy 3-1:0.0: Registered as swradio24 [ 616.172657][ T9] airspy 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 616.186379][ T9] usb 3-1: USB disconnect, device number 37 [ 617.920862][T12250] overlayfs: overlapping lowerdir path [ 617.941569][T12250] overlayfs: failed to verify upper (527/file0, ino=2805, err=-116) [ 617.950698][T12250] overlayfs: failed to verify index dir 'upper' xattr [ 617.957529][T12250] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 619.932248][T12267] sch_fq: defrate 0 ignored. [ 623.601776][T12323] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2051'. [ 624.911121][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 626.777742][ T28] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 626.963340][ T28] usb 2-1: Using ep0 maxpacket: 16 [ 626.972427][ T28] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 626.995825][ T28] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 627.007796][ T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.018835][ T28] usb 2-1: Product: syz [ 627.023072][ T28] usb 2-1: Manufacturer: syz [ 627.032089][ T28] usb 2-1: SerialNumber: syz [ 627.039731][ T28] usb 2-1: config 0 descriptor?? [ 627.052163][ T28] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0) [ 627.061514][ T28] em28xx 2-1:0.0: DVB interface 0 found: bulk [ 627.193534][ T9] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 627.383650][ T9] usb 3-1: Using ep0 maxpacket: 16 [ 627.410974][ T9] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00 [ 627.430288][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 627.440678][ T9] usb 3-1: Product: syz [ 627.448030][ T9] usb 3-1: Manufacturer: syz [ 627.452800][ T9] usb 3-1: SerialNumber: syz [ 627.478287][ T9] usb 3-1: config 0 descriptor?? [ 627.491900][ T9] usb-storage 3-1:0.0: USB Mass Storage device detected [ 627.523439][ T9] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1 [ 627.540998][ T9] usb-storage 3-1:0.0: This device (054c,002e,0500 S 04 P 0b) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller) [ 627.540998][ T9] Please send a copy of this message to and [ 627.664513][ T28] em28xx 2-1:0.0: unknown em28xx chip ID (0) [ 627.930103][ T9] usb 3-1: USB disconnect, device number 38 [ 628.213090][ T28] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5) [ 628.242833][ T28] em28xx 2-1:0.0: board has no eeprom [ 628.792916][T12385] autofs4:pid:12385:autofs_fill_super: called with bogus options [ 629.367554][T12348] em28xx 2-1:0.0: writing to i2c device at 0x0 failed (error=-5) [ 629.383449][ T28] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94) [ 629.401492][ T28] em28xx 2-1:0.0: dvb set to bulk mode. [ 629.414645][ T5849] em28xx 2-1:0.0: Binding DVB extension [ 629.487709][ T28] usb 2-1: USB disconnect, device number 35 [ 629.503038][ T28] em28xx 2-1:0.0: Disconnecting em28xx [ 629.853354][ T5849] em28xx 2-1:0.0: Registering input extension [ 629.862886][ T28] em28xx 2-1:0.0: Closing input extension [ 629.890821][ T28] em28xx 2-1:0.0: Freeing device [ 630.800354][T12424] overlayfs: overlapping lowerdir path [ 630.859007][T12425] overlayfs: failed to verify upper (546/file0, ino=2916, err=-116) [ 630.867414][T12425] overlayfs: failed to verify index dir 'upper' xattr [ 630.874229][T12425] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 633.924395][T12460] overlayfs: overlapping lowerdir path [ 633.982933][T12461] overlayfs: failed to verify upper (505/file0, ino=2711, err=-116) [ 633.991070][T12461] overlayfs: failed to verify index dir 'upper' xattr [ 633.997944][T12461] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 635.593390][ T5822] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 636.479325][T12491] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 636.497684][ T5822] usb 2-1: config 95 has an invalid interface number: 1 but max is 0 [ 636.523502][ T5822] usb 2-1: config 95 has no interface number 0 [ 636.529749][ T5822] usb 2-1: config 95 interface 1 has no altsetting 0 [ 636.571168][ T5822] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79 [ 636.627399][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 636.661838][ T5822] usb 2-1: Product: syz [ 636.673313][ T5822] usb 2-1: Manufacturer: syz [ 636.678056][ T5822] usb 2-1: SerialNumber: syz [ 637.587648][T12502] overlayfs: overlapping lowerdir path [ 637.612221][T12502] overlayfs: failed to verify upper (553/file0, ino=2964, err=-116) [ 637.621616][T12502] overlayfs: failed to verify index dir 'upper' xattr [ 637.628762][T12502] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 638.018819][T12513] autofs4:pid:12513:autofs_fill_super: called with bogus options [ 639.098028][T12520] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 639.792185][ T5822] usb 2-1: USB disconnect, device number 36 [ 640.042708][T12543] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2124'. [ 640.054768][T12543] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2124'. [ 640.111397][T12545] autofs4:pid:12545:autofs_fill_super: called with bogus options [ 640.433617][ T5822] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 640.651253][ T5822] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 640.663300][ T5822] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 640.674634][ T5822] usb 2-1: New USB device found, idVendor=056a, idProduct=030c, bcdDevice= 0.00 [ 640.695215][ T5822] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 640.722562][ T5822] usb 2-1: config 0 descriptor?? [ 640.871159][T12556] syz.2.2129[12556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 640.871289][T12556] syz.2.2129[12556] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 640.943400][ T27] kauditd_printk_skb: 62 callbacks suppressed [ 640.943416][ T27] audit: type=1107 audit(1763022110.803:760): pid=12555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 641.060494][T12554] overlayfs: overlapping lowerdir path [ 641.072281][T12554] overlayfs: failed to verify upper (513/file0, ino=2764, err=-116) [ 641.080455][T12554] overlayfs: failed to verify index dir 'upper' xattr [ 641.087288][T12554] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 641.206815][ T5822] hid (null): nested delimiters [ 641.242613][ T5822] wacom 0003:056A:030C.0007: nested delimiters [ 641.253613][ T5822] wacom 0003:056A:030C.0007: item 0 1 2 10 parsing failed [ 641.291470][T12569] autofs4:pid:12569:autofs_fill_super: called with bogus options [ 641.294158][ T5822] wacom 0003:056A:030C.0007: parse failed [ 641.315437][ T5822] wacom: probe of 0003:056A:030C.0007 failed with error -22 [ 641.399865][T12576] netlink: 'syz.0.2137': attribute type 153 has an invalid length. [ 641.513289][ T8] usb 2-1: USB disconnect, device number 37 [ 643.007662][T12583] lo speed is unknown, defaulting to 1000 [ 643.367526][T12600] overlayfs: overlapping lowerdir path [ 643.384389][T12600] overlayfs: failed to verify upper (517/file0, ino=2798, err=-116) [ 643.392462][T12600] overlayfs: failed to verify index dir 'upper' xattr [ 643.399393][T12600] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 643.737848][T12604] autofs4:pid:12604:autofs_fill_super: called with bogus options [ 643.839244][T12608] loop3: detected capacity change from 0 to 1024 [ 643.850091][T12608] ext4: Unknown parameter 'subj_user' [ 644.388112][T12618] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2151'. [ 644.716256][T12628] autofs4:pid:12628:autofs_fill_super: called with bogus options [ 644.731327][T12631] overlayfs: overlapping lowerdir path [ 644.789049][T12634] overlayfs: failed to verify upper (544/file0, ino=2890, err=-116) [ 644.797224][T12634] overlayfs: failed to verify index dir 'upper' xattr [ 644.804126][T12634] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 645.496751][T12648] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2164'. [ 645.895588][T12654] autofs4:pid:12654:autofs_fill_super: called with bogus options [ 646.089783][T12668] overlayfs: overlapping lowerdir path [ 646.142128][T12672] overlayfs: failed to verify upper (523/file0, ino=2769, err=-116) [ 646.150350][T12672] overlayfs: failed to verify index dir 'upper' xattr [ 646.157235][T12672] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 646.866262][T12684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2177'. [ 647.443902][T12690] autofs4:pid:12690:autofs_fill_super: called with bogus options [ 648.370895][T12712] overlayfs: overlapping lowerdir path [ 648.399745][T12719] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 648.553914][T12722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2188'. [ 649.310919][T12734] autofs4:pid:12734:autofs_fill_super: called with bogus options [ 650.241579][T12752] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2198'. [ 650.872240][T12762] autofs4:pid:12762:autofs_fill_super: called with bogus options [ 650.891273][ T27] audit: type=1326 audit(1763022120.803:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941124][ T27] audit: type=1326 audit(1763022120.833:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941169][ T27] audit: type=1326 audit(1763022120.853:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941205][ T27] audit: type=1326 audit(1763022120.853:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941494][ T27] audit: type=1326 audit(1763022120.853:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941610][ T27] audit: type=1326 audit(1763022120.853:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941647][ T27] audit: type=1326 audit(1763022120.853:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941680][ T27] audit: type=1326 audit(1763022120.853:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941712][ T27] audit: type=1326 audit(1763022120.853:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 650.941893][ T27] audit: type=1326 audit(1763022120.853:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12766 comm="syz.1.2203" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 652.036497][T12787] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 652.782971][T12810] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2216'. [ 652.791946][T12810] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2216'. [ 652.806665][T12810] wireguard0: entered promiscuous mode [ 652.812185][T12810] wireguard0: entered allmulticast mode [ 652.865312][T12813] netlink: 'syz.1.2217': attribute type 1 has an invalid length. [ 652.889485][T12813] 8021q: adding VLAN 0 to HW filter on device bond1 [ 652.941179][T12813] 8021q: adding VLAN 0 to HW filter on device bond1 [ 652.948303][T12813] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 652.961093][T12813] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 655.009273][T12854] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2231'. [ 655.117882][T12859] loop2: detected capacity change from 0 to 512 [ 655.131751][T12859] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 655.151119][T12859] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 655.193693][T12859] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=200ec018, mo2=0002] [ 655.201800][T12859] System zones: 1-12 [ 655.229742][T12859] EXT4-fs (loop2): 1 truncate cleaned up [ 655.299040][T12859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 655.892707][ T5782] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 655.911906][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 655.911921][ T27] audit: type=1326 audit(1763022125.823:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9e56b8e17f code=0x7ffc0000 [ 655.951903][ T27] audit: type=1326 audit(1763022125.863:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9e56b8f757 code=0x7ffc0000 [ 655.952225][T12869] loop1: detected capacity change from 0 to 2048 [ 655.984060][ T27] audit: type=1326 audit(1763022125.863:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e56b8df10 code=0x7ffc0000 [ 656.011919][ T27] audit: type=1326 audit(1763022125.863:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9e56b8f2cb code=0x7ffc0000 [ 656.040997][ T27] audit: type=1326 audit(1763022125.923:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9e56b8e32a code=0x7ffc0000 [ 656.070077][ T27] audit: type=1326 audit(1763022125.923:798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9e56b8e32a code=0x7ffc0000 [ 656.106683][ T27] audit: type=1326 audit(1763022125.923:799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f9e56b8de17 code=0x7ffc0000 [ 656.124605][T12869] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 656.130712][ T27] audit: type=1326 audit(1763022125.923:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f9e56b90e6a code=0x7ffc0000 [ 656.186520][ T27] audit: type=1326 audit(1763022126.063:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9e56b8df10 code=0x7ffc0000 [ 656.292092][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 656.314857][ T27] audit: type=1326 audit(1763022126.063:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.1.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f9e56b8e417 code=0x7ffc0000 [ 657.695785][T12886] syz.0.2242[12886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 657.695912][T12886] syz.0.2242[12886] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 657.715616][T12903] autofs4:pid:12903:autofs_fill_super: called with bogus options [ 660.214753][T12945] Set syz1 is full, maxelem 6117 reached [ 661.341452][T12997] overlayfs: overlapping lowerdir path [ 661.365287][T12997] overlayfs: failed to verify upper (557/file0, ino=2957, err=-116) [ 661.365367][T12997] overlayfs: failed to verify index dir 'upper' xattr [ 661.365376][T12997] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 661.397117][ T27] kauditd_printk_skb: 19 callbacks suppressed [ 661.397131][ T27] audit: type=1326 audit(1763022131.313:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.407786][ T27] audit: type=1326 audit(1763022131.313:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.407837][ T27] audit: type=1326 audit(1763022131.313:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.412750][ T27] audit: type=1326 audit(1763022131.323:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.426916][T13000] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2284'. [ 661.457803][T12999] loop2: detected capacity change from 0 to 128 [ 661.537994][ T27] audit: type=1326 audit(1763022131.363:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.538039][ T27] audit: type=1326 audit(1763022131.363:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.538079][ T27] audit: type=1326 audit(1763022131.363:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.538118][ T27] audit: type=1326 audit(1763022131.363:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.538157][ T27] audit: type=1326 audit(1763022131.363:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.538197][ T27] audit: type=1326 audit(1763022131.363:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12998 comm="syz.2.2285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f49dd38f6c9 code=0x7ffc0000 [ 661.758602][T12998] syz.2.2285: attempt to access beyond end of device [ 661.758602][T12998] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 663.165063][T13025] lo speed is unknown, defaulting to 1000 [ 663.210031][T13030] loop3: detected capacity change from 0 to 512 [ 663.235096][T13030] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 663.235493][T13030] EXT4-fs (loop3): orphan cleanup on readonly fs [ 663.301080][T13030] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #16: comm syz.3.2296: corrupted inode contents [ 663.303000][T13030] EXT4-fs (loop3): Remounting filesystem read-only [ 663.303800][T13030] EXT4-fs (loop3): 1 truncate cleaned up [ 663.304899][ T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 663.305015][ T42] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 663.305109][ T42] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started [ 663.311195][T13030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 663.312766][T13030] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.150053][T13043] loop3: detected capacity change from 0 to 512 [ 664.164246][T13043] EXT4-fs: Ignoring removed nobh option [ 664.197915][T13043] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 664.210558][T13043] EXT4-fs (loop3): orphan cleanup on readonly fs [ 664.227321][T13043] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #3: comm syz.3.2300: corrupted inode contents [ 664.250207][T13043] EXT4-fs (loop3): Remounting filesystem read-only [ 664.270868][T13043] EXT4-fs (loop3): 1 truncate cleaned up [ 664.286406][T13043] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 664.330684][ T5784] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.365449][T13047] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22 [ 664.375804][T13047] netdevsim netdevsim1: Direct firmware load for . failed with error -22 [ 664.384366][T13047] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 664.574930][T13057] binfmt_misc: register: failed to install interpreter file ./file0 [ 665.493479][ T5793] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 665.505527][ T5793] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 665.516838][ T5793] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 665.543594][ T5793] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 665.551770][ T5793] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 665.568235][ T5793] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 665.650319][T13067] lo speed is unknown, defaulting to 1000 [ 666.017760][ T42] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.069291][T13067] chnl_net:caif_netlink_parms(): no params data found [ 666.126724][ T42] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.239939][ T42] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.351859][ T42] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 666.456323][T13067] bridge0: port 1(bridge_slave_0) entered blocking state [ 666.463738][T13067] bridge0: port 1(bridge_slave_0) entered disabled state [ 666.471067][T13067] bridge_slave_0: entered allmulticast mode [ 666.492614][T13067] bridge_slave_0: entered promiscuous mode [ 666.517080][T13067] bridge0: port 2(bridge_slave_1) entered blocking state [ 666.528800][T13067] bridge0: port 2(bridge_slave_1) entered disabled state [ 666.543423][T13067] bridge_slave_1: entered allmulticast mode [ 666.551458][T13067] bridge_slave_1: entered promiscuous mode [ 666.650607][T13067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 666.682069][T13067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 666.779373][T13067] team0: Port device team_slave_0 added [ 666.809301][T13067] team0: Port device team_slave_1 added [ 666.966095][T13067] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 666.973075][T13067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 667.016421][T13067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 667.031384][T13067] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 667.047360][T13067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 667.074334][T13067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 667.120123][ T5866] kernel write not supported for file bpf-prog (pid: 5866 comm: kworker/0:4) [ 667.302816][T13067] hsr_slave_0: entered promiscuous mode [ 667.322312][T13067] hsr_slave_1: entered promiscuous mode [ 667.334902][T13067] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 667.342486][T13067] Cannot create hsr debugfs directory [ 667.633403][ T5793] Bluetooth: hci4: command tx timeout [ 667.708192][T13113] autofs4:pid:13113:autofs_fill_super: called with bogus options [ 667.861971][T13118] 9pnet_fd: Insufficient options for proto=fd [ 667.926750][T13120] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2326'. [ 667.954352][T13120] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2326'. [ 668.367517][T13130] overlayfs: overlapping lowerdir path [ 668.466454][T13130] overlayfs: failed to verify upper (593/file0, ino=3169, err=-116) [ 668.476083][T13130] overlayfs: failed to verify index dir 'upper' xattr [ 668.482944][T13130] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 668.727741][ T42] hsr_slave_0: left promiscuous mode [ 668.735438][ T42] hsr_slave_1: left promiscuous mode [ 668.745339][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 668.755271][ T42] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 668.774458][ T42] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 668.800544][ T42] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 668.822414][ T42] bridge_slave_1: left allmulticast mode [ 668.833194][ T42] bridge_slave_1: left promiscuous mode [ 668.851503][ T42] bridge0: port 2(bridge_slave_1) entered disabled state [ 668.907125][ T42] bridge_slave_0: left allmulticast mode [ 668.912858][ T42] bridge_slave_0: left promiscuous mode [ 668.923356][ T42] bridge0: port 1(bridge_slave_0) entered disabled state [ 668.992002][ T42] veth1_macvtap: left promiscuous mode [ 669.013662][ T42] veth0_macvtap: left promiscuous mode [ 669.027799][ T42] veth1_vlan: left promiscuous mode [ 669.121412][T13139] xt_hashlimit: max too large, truncated to 1048576 [ 669.378235][ T42] bond2 (unregistering): (slave veth5): Releasing active interface [ 669.455456][ T42] bond2 (unregistering): (slave veth3): Releasing active interface [ 669.504110][ T42] bond2 (unregistering): Released all slaves [ 669.563892][ T42] pim6reg (unregistering): left allmulticast mode [ 669.713451][ T5793] Bluetooth: hci4: command tx timeout [ 669.899337][ T42] bond1 (unregistering): Released all slaves [ 671.029008][ T42] team0 (unregistering): Port device team_slave_1 removed [ 671.087117][ T42] team0 (unregistering): Port device team_slave_0 removed [ 671.187908][ T42] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 671.217378][T13176] loop1: detected capacity change from 0 to 512 [ 671.236521][T13176] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 671.319206][T13177] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6 [ 671.606889][T13176] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters [ 671.696608][ T42] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 671.778763][T13176] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 671.801251][ T5793] Bluetooth: hci4: command tx timeout [ 671.815771][T13176] EXT4-fs (loop1): 1 truncate cleaned up [ 671.826322][T13176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 672.369519][ T42] bond0 (unregistering): Released all slaves [ 672.398011][ T42] bridge0 (unregistering): left allmulticast mode [ 672.445636][ T8] lo speed is unknown, defaulting to 1000 [ 672.615703][ T5783] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 672.750647][T13067] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 672.788899][T13067] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 672.811243][T13067] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 672.874516][T13067] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 673.083788][T13067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 673.126459][T13067] 8021q: adding VLAN 0 to HW filter on device team0 [ 673.151844][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.159047][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 673.200331][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.207537][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 673.634453][T13067] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 673.741670][T13067] veth0_vlan: entered promiscuous mode [ 673.774580][T13067] veth1_vlan: entered promiscuous mode [ 673.839637][T13067] veth0_macvtap: entered promiscuous mode [ 673.869880][T13067] veth1_macvtap: entered promiscuous mode [ 673.873495][ T5793] Bluetooth: hci4: command tx timeout [ 673.928564][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 673.979891][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 674.010585][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 674.036152][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 674.063282][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 674.093262][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.326421][T13067] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 675.372129][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 675.395403][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.414165][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 675.435621][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.456340][T13067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 675.476957][T13067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 675.504749][T13067] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 675.554164][T13067] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.580136][T13067] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.601150][T13067] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.630568][T13067] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.823363][T10330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.831218][T10330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 675.888048][T10330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.898013][T10330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 678.467965][T10326] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.489751][T10326] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 678.567311][T11355] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 678.584294][T11355] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 678.593733][T11355] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 678.606472][T11355] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 678.630209][T11355] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 678.637766][T11355] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 678.647190][T10326] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.688916][T10326] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 678.821817][T10326] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.832878][T10326] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 678.921935][T10326] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 678.932544][T10326] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 679.221488][T13269] chnl_net:caif_netlink_parms(): no params data found [ 679.572801][T13269] bridge0: port 1(bridge_slave_0) entered blocking state [ 679.584231][T13269] bridge0: port 1(bridge_slave_0) entered disabled state [ 679.591395][T13269] bridge_slave_0: entered allmulticast mode [ 679.598667][T13269] bridge_slave_0: entered promiscuous mode [ 679.643455][T13269] bridge0: port 2(bridge_slave_1) entered blocking state [ 679.650585][T13269] bridge0: port 2(bridge_slave_1) entered disabled state [ 679.660480][T13269] bridge_slave_1: entered allmulticast mode [ 679.669852][T13269] bridge_slave_1: entered promiscuous mode [ 679.736972][T13269] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 679.749200][T13269] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 679.801811][T13269] team0: Port device team_slave_0 added [ 679.815636][T13269] team0: Port device team_slave_1 added [ 679.876390][T13269] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 679.884855][T13269] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 679.912081][T13269] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 679.949492][T13269] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 679.956890][T13269] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 679.988936][T13269] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 680.103357][T13269] hsr_slave_0: entered promiscuous mode [ 680.110315][T13269] hsr_slave_1: entered promiscuous mode [ 680.121775][T13269] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 680.136975][T13269] Cannot create hsr debugfs directory [ 680.317815][T13305] overlayfs: overlapping lowerdir path [ 680.351623][T13305] overlayfs: failed to verify upper (592/file0, ino=3196, err=-116) [ 680.377037][T13305] overlayfs: failed to verify index dir 'upper' xattr [ 680.388819][T13305] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 680.553201][T10326] hsr_slave_0: left promiscuous mode [ 680.593573][T10326] hsr_slave_1: left promiscuous mode [ 680.614456][T10326] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 680.625490][T10326] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 680.649461][T10326] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 680.650720][ T27] kauditd_printk_skb: 38 callbacks suppressed [ 680.650730][ T27] audit: type=1326 audit(1763022150.563:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.662530][T10326] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 680.693407][ T27] audit: type=1326 audit(1763022150.583:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.720955][T10326] bridge_slave_1: left allmulticast mode [ 680.731714][ T27] audit: type=1326 audit(1763022150.583:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.746629][T10326] bridge_slave_1: left promiscuous mode [ 680.760151][T11355] Bluetooth: hci2: command tx timeout [ 680.773259][ T27] audit: type=1326 audit(1763022150.583:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.785727][T10326] bridge0: port 2(bridge_slave_1) entered disabled state [ 680.815176][T10326] bridge_slave_0: left allmulticast mode [ 680.823472][ T27] audit: type=1326 audit(1763022150.583:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.839295][T10326] bridge_slave_0: left promiscuous mode [ 680.847087][ T27] audit: type=1326 audit(1763022150.583:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.875332][T10326] bridge0: port 1(bridge_slave_0) entered disabled state [ 680.878796][ T27] audit: type=1326 audit(1763022150.583:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.910768][ T27] audit: type=1326 audit(1763022150.583:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.947225][ T27] audit: type=1326 audit(1763022150.723:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.970197][ T27] audit: type=1326 audit(1763022150.723:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13312 comm="syz.1.2384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e56b8f6c9 code=0x7ffc0000 [ 680.998215][T10326] veth1_macvtap: left promiscuous mode [ 681.013253][T10326] veth0_macvtap: left promiscuous mode [ 681.018924][T10326] veth1_vlan: left promiscuous mode [ 681.033308][T10326] veth0_vlan: left promiscuous mode [ 681.886580][T10326] team0 (unregistering): Port device team_slave_1 removed [ 681.929065][T10326] team0 (unregistering): Port device team_slave_0 removed [ 681.982466][T10326] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 682.026954][T10326] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 682.500270][T10326] bond0 (unregistering): Released all slaves [ 682.591529][T13316] IPv6: NLM_F_CREATE should be specified when creating new route [ 682.833774][T11355] Bluetooth: hci2: command tx timeout [ 683.086620][T13269] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 683.092845][T10326] IPVS: stop unused estimator thread 0... [ 683.112413][T13269] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 683.137337][T13269] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 683.166811][T13269] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 683.370039][T13269] 8021q: adding VLAN 0 to HW filter on device bond0 [ 683.410358][T13269] 8021q: adding VLAN 0 to HW filter on device team0 [ 683.445716][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 683.452905][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 683.486868][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 683.494037][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 683.819059][ T6941] Bluetooth: hci3: Frame reassembly failed (-84) [ 683.838872][ T6941] Bluetooth: hci3: Frame reassembly failed (-84) [ 684.029275][T13269] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 684.099866][T13269] veth0_vlan: entered promiscuous mode [ 684.126470][T13361] overlayfs: overlapping lowerdir path [ 684.136302][T13269] veth1_vlan: entered promiscuous mode [ 684.154541][T13361] overlayfs: failed to verify upper (597/file0, ino=3234, err=-116) [ 684.181921][T13361] overlayfs: failed to verify index dir 'upper' xattr [ 684.202933][T13269] veth0_macvtap: entered promiscuous mode [ 684.205844][T13361] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 684.226725][T13269] veth1_macvtap: entered promiscuous mode [ 684.263852][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.288002][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.307680][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.329272][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.341615][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 684.354291][T13365] syz.2.2399[13365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 684.354620][T13365] syz.2.2399[13365] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 684.366113][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.391826][T13269] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 684.392385][T13365] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2399'. [ 684.420219][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 684.432388][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.450686][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 684.461516][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.476282][T13269] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 684.488423][T13269] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 684.506102][T13269] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 684.525939][T13366] pimreg: entered allmulticast mode [ 684.546150][T13269] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.561106][T13269] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.575471][T13269] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.586679][T13269] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 684.601257][T13364] pimreg: left allmulticast mode [ 684.800504][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.813233][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 684.847836][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 684.857510][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 684.913477][ T5793] Bluetooth: hci2: command tx timeout [ 685.875103][T11355] Bluetooth: hci3: Opcode 0x1003 failed: -110 [ 685.894344][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.954533][ T5793] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 685.965176][ T5793] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 685.973724][ T5793] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 685.982296][ T5793] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 685.990926][ T5793] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 686.001228][ T5793] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 686.104039][T13396] lo speed is unknown, defaulting to 1000 [ 686.109933][T13396] lo speed is unknown, defaulting to 1000 [ 686.116870][T13396] lo speed is unknown, defaulting to 1000 [ 686.134542][T13396] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 686.364526][T13396] lo speed is unknown, defaulting to 1000 [ 686.371983][T13396] lo speed is unknown, defaulting to 1000 [ 686.379831][T13396] lo speed is unknown, defaulting to 1000 [ 686.387236][T13396] lo speed is unknown, defaulting to 1000 [ 686.395322][T13396] lo speed is unknown, defaulting to 1000 [ 686.420957][ T27] kauditd_printk_skb: 20 callbacks suppressed [ 686.420971][ T27] audit: type=1326 audit(1763022156.333:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 686.432883][T13391] chnl_net:caif_netlink_parms(): no params data found [ 686.792113][ T27] audit: type=1326 audit(1763022156.393:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.057779][ T5793] Bluetooth: hci2: command tx timeout [ 687.176475][ T27] audit: type=1326 audit(1763022156.403:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.211622][ T27] audit: type=1326 audit(1763022156.413:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.241614][ T27] audit: type=1326 audit(1763022156.413:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.310500][ T27] audit: type=1326 audit(1763022156.413:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.337352][ T27] audit: type=1326 audit(1763022156.413:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.363733][ T27] audit: type=1326 audit(1763022156.413:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.417725][ T27] audit: type=1326 audit(1763022156.433:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.440363][ T27] audit: type=1326 audit(1763022156.433:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13404 comm="syz.2.2411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 687.581563][T13391] bridge0: port 1(bridge_slave_0) entered blocking state [ 687.588931][T13391] bridge0: port 1(bridge_slave_0) entered disabled state [ 687.589066][T13391] bridge_slave_0: entered allmulticast mode [ 687.591578][T13391] bridge_slave_0: entered promiscuous mode [ 687.612241][T13391] bridge0: port 2(bridge_slave_1) entered blocking state [ 687.620026][T13391] bridge0: port 2(bridge_slave_1) entered disabled state [ 687.627494][T13391] bridge_slave_1: entered allmulticast mode [ 687.635245][T13391] bridge_slave_1: entered promiscuous mode [ 687.665499][T13391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 687.687111][T13391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 687.749923][T13391] team0: Port device team_slave_0 added [ 687.766182][T13391] team0: Port device team_slave_1 added [ 687.908583][T13391] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 687.915716][T13391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 687.942091][T13391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 688.004555][T13391] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 688.013577][T13391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 688.041129][ T5793] Bluetooth: hci3: command tx timeout [ 688.047068][T13391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 688.119872][T13391] hsr_slave_0: entered promiscuous mode [ 688.130323][T13391] hsr_slave_1: entered promiscuous mode [ 688.286947][T13432] loop3: detected capacity change from 0 to 512 [ 688.328660][T13432] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 688.364120][T13432] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 688.482628][T13391] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.758800][T13391] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.866306][T13450] overlayfs: overlapping lowerdir path [ 688.909467][T13391] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 688.963124][T13450] overlayfs: failed to verify upper (19/file0, ino=125, err=-116) [ 688.971196][T13450] overlayfs: failed to verify index dir 'upper' xattr [ 689.013402][T13450] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 689.086488][T13391] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 689.317629][T13391] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 689.342363][T13391] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 689.363738][T13391] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 689.379772][T13391] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 689.549843][T13474] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2430'. [ 689.600334][T13391] 8021q: adding VLAN 0 to HW filter on device bond0 [ 689.649016][T13391] 8021q: adding VLAN 0 to HW filter on device team0 [ 689.666824][ T3463] bridge0: port 1(bridge_slave_0) entered blocking state [ 689.673991][ T3463] bridge0: port 1(bridge_slave_0) entered forwarding state [ 689.708500][ T3463] bridge0: port 2(bridge_slave_1) entered blocking state [ 689.715710][ T3463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 689.978316][T13391] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 690.114116][ T5793] Bluetooth: hci3: command tx timeout [ 690.508195][T13391] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 690.571711][T13391] veth0_vlan: entered promiscuous mode [ 690.600595][T13391] veth1_vlan: entered promiscuous mode [ 690.636279][T13391] veth0_macvtap: entered promiscuous mode [ 690.682908][T13391] veth1_macvtap: entered promiscuous mode [ 690.744534][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.781111][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.791139][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.806821][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.818300][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.843186][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.867441][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 690.888286][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.901534][T13391] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 690.921480][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 690.935253][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.954916][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 690.975610][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 690.989803][T13504] GUP no longer grows the stack in syz.1.2439 (13504): 200000004000-20000000a000 (200000002000) [ 690.990501][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.012819][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.023758][T13391] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 691.032537][T13504] CPU: 1 PID: 13504 Comm: syz.1.2439 Not tainted syzkaller #0 [ 691.034366][T13391] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 691.041692][T13504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 691.053180][T13391] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 691.061521][T13504] Call Trace: [ 691.072028][T13504] [ 691.074980][T13504] dump_stack_lvl+0x16c/0x230 [ 691.079710][T13504] ? show_regs_print_info+0x20/0x20 [ 691.080544][T13391] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.085005][T13504] ? load_image+0x3b0/0x3b0 [ 691.085028][T13504] ? find_vma+0x12e/0x1b0 [ 691.085062][T13504] __get_user_pages+0xfb9/0x1470 [ 691.085107][T13504] ? populate_vma_page_range+0x370/0x370 [ 691.085142][T13504] get_user_pages_remote+0x3de/0xc10 [ 691.085178][T13504] ? get_dump_page+0x200/0x200 [ 691.085212][T13504] __access_remote_vm+0x1ff/0x570 [ 691.085235][T13504] ? generic_access_phys+0x650/0x650 [ 691.085253][T13504] ? alloc_pages+0x4dc/0x740 [ 691.095123][T13391] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.098396][T13504] ? do_raw_spin_unlock+0x121/0x230 [ 691.098430][T13504] proc_pid_cmdline_read+0x551/0x830 [ 691.102779][T13391] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.107651][T13504] ? schedule+0xc7/0x170 [ 691.107688][T13504] ? comm_show+0x150/0x150 [ 691.107709][T13504] ? common_file_perm+0x130/0x1f0 [ 691.107731][T13504] ? fsnotify_perm+0x271/0x5e0 [ 691.107758][T13504] do_iter_read+0x506/0xc80 [ 691.107795][T13504] ? comm_show+0x150/0x150 [ 691.107816][T13504] ? vfs_iter_read+0xa0/0xa0 [ 691.107839][T13504] ? __import_iovec+0x5f2/0x860 [ 691.107873][T13504] ? import_iovec+0x73/0xa0 [ 691.107904][T13504] do_preadv+0x1fa/0x330 [ 691.107929][T13504] ? bpf_raw_tracepoint_open+0x1ab/0x210 [ 691.107952][T13504] ? do_writev+0x410/0x410 [ 691.107991][T13504] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 691.108015][T13504] ? lock_chain_count+0x20/0x20 [ 691.108043][T13504] ? lockdep_hardirqs_on+0x98/0x150 [ 691.108065][T13504] do_syscall_64+0x55/0xb0 [ 691.108089][T13504] ? clear_bhb_loop+0x40/0x90 [ 691.108108][T13504] ? clear_bhb_loop+0x40/0x90 [ 691.108130][T13504] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 691.108151][T13504] RIP: 0033:0x7f9e56b8f6c9 [ 691.108179][T13504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.108196][T13504] RSP: 002b:00007f9e57a9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 691.108218][T13504] RAX: ffffffffffffffda RBX: 00007f9e56de5fa0 RCX: 00007f9e56b8f6c9 [ 691.108234][T13504] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000003 [ 691.108247][T13504] RBP: 00007f9e56c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 691.108260][T13504] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 691.108272][T13504] R13: 00007f9e56de6038 R14: 00007f9e56de5fa0 R15: 00007ffd1b0e2f08 [ 691.108303][T13504] [ 691.371794][T13391] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 691.517588][ T6941] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 691.537647][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 691.547789][ T6941] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 691.549950][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 691.855020][T13516] random: crng reseeded on system resumption [ 692.267412][ T5793] Bluetooth: hci3: command tx timeout [ 692.700886][ T27] kauditd_printk_skb: 35 callbacks suppressed [ 692.700901][ T27] audit: type=1326 audit(1763022162.613:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 692.793391][ T27] audit: type=1326 audit(1763022162.613:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 692.818872][ T27] audit: type=1326 audit(1763022162.623:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 692.849389][ T27] audit: type=1326 audit(1763022162.623:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 692.887520][ T27] audit: type=1326 audit(1763022162.623:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 692.938264][ T27] audit: type=1326 audit(1763022162.623:942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 693.010747][ T27] audit: type=1326 audit(1763022162.623:943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13526 comm="syz.0.2447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 693.148653][T13542] siw: device registration error -23 [ 694.363473][ T5793] Bluetooth: hci3: command tx timeout [ 694.439319][T13556] tmpfs: Bad value for 'mpol' [ 694.473862][T11355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 694.483913][T11355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 694.491817][T11355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 694.499901][T11355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 694.511751][T11355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 694.524036][T11355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 694.621935][T13558] lo speed is unknown, defaulting to 1000 [ 695.516999][T13578] loop3: detected capacity change from 0 to 1024 [ 695.536359][T13578] EXT4-fs: inline encryption not supported [ 695.554706][T13578] EXT4-fs: Ignoring removed orlov option [ 695.587327][ T3487] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.797079][T13578] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 695.829897][T13578] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a800c019, mo2=0002] [ 695.839702][T13578] System zones: 0-1, 3-12 [ 695.847948][T13578] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 695.900326][T13558] chnl_net:caif_netlink_parms(): no params data found [ 695.962156][ T3487] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.100723][ T3487] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.169346][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 696.351541][ T9] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 696.427902][ T3487] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 696.593878][ T5793] Bluetooth: hci1: command tx timeout [ 696.605677][ T9] usb 3-1: device descriptor read/64, error -71 [ 696.623263][T13558] bridge0: port 1(bridge_slave_0) entered blocking state [ 696.667549][T13558] bridge0: port 1(bridge_slave_0) entered disabled state [ 696.774271][T13558] bridge_slave_0: entered allmulticast mode [ 696.791898][T13558] bridge_slave_0: entered promiscuous mode [ 696.867491][T13558] bridge0: port 2(bridge_slave_1) entered blocking state [ 696.880465][T13558] bridge0: port 2(bridge_slave_1) entered disabled state [ 696.893277][T13558] bridge_slave_1: entered allmulticast mode [ 696.902733][T13558] bridge_slave_1: entered promiscuous mode [ 696.933414][ T9] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 696.965170][T13558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 696.978069][T13558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 697.058488][T13558] team0: Port device team_slave_0 added [ 697.073076][T13558] team0: Port device team_slave_1 added [ 697.093380][ T9] usb 3-1: device descriptor read/64, error -71 [ 697.140231][T13558] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 697.148057][T13558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 697.175315][T13558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 697.191864][ T3487] tipc: Disabling bearer [ 697.210790][ T3487] tipc: Left network mode [ 697.224333][ T9] usb usb3-port1: attempt power cycle [ 697.226547][T13558] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 697.240241][T13558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 697.303349][T13558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 697.565519][T13558] hsr_slave_0: entered promiscuous mode [ 697.572692][T13558] hsr_slave_1: entered promiscuous mode [ 697.579242][T13558] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 697.587070][T13558] Cannot create hsr debugfs directory [ 697.870625][ T9] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 697.926083][ T9] usb 3-1: device descriptor read/8, error -71 [ 698.223791][ T9] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 698.435582][ T9] usb 3-1: device descriptor read/8, error -71 [ 698.625367][ T9] usb usb3-port1: unable to enumerate USB device [ 698.678059][ T5793] Bluetooth: hci1: command tx timeout [ 699.170226][T13558] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 699.281270][T13558] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 699.292578][T13558] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 699.330101][T13558] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 700.169906][ T3487] hsr_slave_0: left promiscuous mode [ 700.259382][ T3487] hsr_slave_1: left promiscuous mode [ 700.382196][ T3487] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 700.395136][ T3487] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 700.428227][ T3487] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 700.436884][ T3487] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 700.451321][ T3487] bridge_slave_1: left allmulticast mode [ 700.457191][ T3487] bridge_slave_1: left promiscuous mode [ 700.465650][ T3487] bridge0: port 2(bridge_slave_1) entered disabled state [ 700.488548][ T3487] bridge_slave_0: left allmulticast mode [ 700.495134][ T3487] bridge_slave_0: left promiscuous mode [ 700.501174][ T3487] bridge0: port 1(bridge_slave_0) entered disabled state [ 700.602301][ T3487] veth1_macvtap: left promiscuous mode [ 700.611829][ T3487] veth0_macvtap: left promiscuous mode [ 700.623595][ T3487] veth1_vlan: left promiscuous mode [ 700.628949][ T3487] veth0_vlan: left promiscuous mode [ 700.764017][ T5793] Bluetooth: hci1: command tx timeout [ 701.079175][T13680] overlayfs: overlapping lowerdir path [ 701.090021][T13680] overlayfs: failed to verify upper (33/file0, ino=211, err=-116) [ 701.097943][T13680] overlayfs: failed to verify index dir 'upper' xattr [ 701.104830][T13680] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 701.594428][ T3487] bond1 (unregistering): Released all slaves [ 702.835381][ T5793] Bluetooth: hci1: command tx timeout [ 702.999606][T13707] overlayfs: overlapping lowerdir path [ 703.010396][T13707] overlayfs: failed to verify upper (34/file0, ino=229, err=-116) [ 703.020751][T13707] overlayfs: failed to verify index dir 'upper' xattr [ 703.029514][T13707] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 703.317918][ T3487] team0 (unregistering): Port device team_slave_1 removed [ 703.424399][ T3487] team0 (unregistering): Port device team_slave_0 removed [ 703.474327][ T3487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 703.520285][ T3487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 704.223186][ T3487] bond0 (unregistering): Released all slaves [ 704.505935][ T7858] lo speed is unknown, defaulting to 1000 [ 704.791195][T13558] 8021q: adding VLAN 0 to HW filter on device bond0 [ 704.857523][T13558] 8021q: adding VLAN 0 to HW filter on device team0 [ 704.884990][T10326] bridge0: port 1(bridge_slave_0) entered blocking state [ 704.892153][T10326] bridge0: port 1(bridge_slave_0) entered forwarding state [ 704.917807][T10326] bridge0: port 2(bridge_slave_1) entered blocking state [ 704.925038][T10326] bridge0: port 2(bridge_slave_1) entered forwarding state [ 705.048061][T13558] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 705.682449][T13739] loop2: detected capacity change from 0 to 128 [ 708.428154][T13558] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 708.501083][T13558] veth0_vlan: entered promiscuous mode [ 708.515710][T13558] veth1_vlan: entered promiscuous mode [ 708.566084][T13558] veth0_macvtap: entered promiscuous mode [ 708.581614][T13558] veth1_macvtap: entered promiscuous mode [ 708.605352][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.616708][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.626696][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.637444][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.647369][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.659102][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.669839][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 708.680783][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.698530][T13558] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 708.714323][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.725459][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.736620][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.748881][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.759080][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.770504][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.780622][T13558] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 708.791732][T13558] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 708.803458][T13558] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 708.930198][T13558] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.939688][T13558] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.948917][T13558] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 708.957777][T13558] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 709.291010][ T3503] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.308854][ T3503] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.377223][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 709.384721][T13763] loop2: detected capacity change from 0 to 1024 [ 709.392863][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 709.399902][T13761] loop3: detected capacity change from 0 to 2048 [ 709.407979][T13763] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 709.426005][T13763] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 709.441074][T13761] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 709.450009][T13763] JBD2: no valid journal superblock found [ 709.463451][T13763] EXT4-fs (loop2): Could not load journal inode [ 709.499849][ T27] audit: type=1804 audit(1763022179.413:944): pid=13761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2519" name="/newroot/42/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 709.529764][ T27] audit: type=1800 audit(1763022179.413:945): pid=13761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2519" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 709.557110][ T27] audit: type=1804 audit(1763022179.413:946): pid=13761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2519" name="/newroot/42/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 709.594956][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 712.602179][T13828] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2541'. [ 712.614736][ T27] audit: type=1326 audit(1763022182.533:947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 712.715199][ T27] audit: type=1326 audit(1763022182.563:948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 712.782544][ T27] audit: type=1326 audit(1763022182.563:949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 712.822785][T13830] loop3: detected capacity change from 0 to 164 [ 712.854498][ T27] audit: type=1326 audit(1763022182.563:950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 712.904311][T13828] syz.2.2541 (13828) used greatest stack depth: 17960 bytes left [ 712.921395][T13830] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 712.926387][ T27] audit: type=1326 audit(1763022182.563:951): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 712.966543][T13830] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 712.983355][ T27] audit: type=1326 audit(1763022182.563:952): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 713.026776][T13830] Symlink component flag not implemented [ 713.032462][T13830] Symlink component flag not implemented [ 713.054200][ T27] audit: type=1326 audit(1763022182.563:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.2.2541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 713.072919][T13830] Symlink component flag not implemented (7) [ 713.104843][T13830] Symlink component flag not implemented (116) [ 713.247785][T13845] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2547'. [ 713.542768][T13850] dvmrp1: entered allmulticast mode [ 713.581330][T13850] dvmrp1: left allmulticast mode [ 713.668076][T13854] xt_SECMARK: invalid mode: 2 [ 713.747946][T13856] loop2: detected capacity change from 0 to 1024 [ 713.806450][T13856] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 713.850007][T13856] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 714.412285][T13067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 714.427691][T13869] dummy0: entered promiscuous mode [ 714.460496][T13869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2554'. [ 714.565626][T13869] dummy0 (unregistering): left promiscuous mode [ 715.801970][T13907] vlan2: entered allmulticast mode [ 715.904645][T13911] fuse: Bad value for 'fd' [ 717.453925][T13934] syz_tun: refused to change device tx_queue_len [ 717.554349][ T27] kauditd_printk_skb: 13 callbacks suppressed [ 717.554362][ T27] audit: type=1326 audit(1763022187.463:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.590919][ T27] audit: type=1326 audit(1763022187.463:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.614517][ T27] audit: type=1326 audit(1763022187.463:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.637453][ T27] audit: type=1326 audit(1763022187.463:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.662618][ T27] audit: type=1326 audit(1763022187.463:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.691306][ T27] audit: type=1326 audit(1763022187.463:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f94d5f8df10 code=0x7ffc0000 [ 717.724799][ T27] audit: type=1326 audit(1763022187.463:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.747573][ T27] audit: type=1326 audit(1763022187.463:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.776249][ T27] audit: type=1326 audit(1763022187.463:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.808392][ T27] audit: type=1326 audit(1763022187.463:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13935 comm="syz.1.2578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 717.932354][T13943] loop2: detected capacity change from 0 to 164 [ 718.035270][T13947] fuse: Bad value for 'fd' [ 719.384247][T13974] sd 0:0:1:0: device reset [ 719.573421][T13980] loop3: detected capacity change from 0 to 512 [ 719.592786][T13980] EXT4-fs: Ignoring removed nobh option [ 719.683089][T13980] EXT4-fs error (device loop3): ext4_do_update_inode:5244: inode #3: comm syz.3.2593: corrupted inode contents [ 719.696442][T13980] EXT4-fs (loop3): Remounting filesystem read-only [ 719.712901][T13980] EXT4-fs (loop3): 1 truncate cleaned up [ 719.721499][T13980] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 719.782942][T13980] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 720.430264][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.929890][T14001] bridge0: port 3(batadv1) entered blocking state [ 720.954845][T14001] bridge0: port 3(batadv1) entered disabled state [ 720.961664][T14001] batadv1: entered allmulticast mode [ 720.968799][T14001] batadv1: entered promiscuous mode [ 721.293921][T14018] syz.1.2610[14018] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 721.294041][T14018] syz.1.2610[14018] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 721.427207][ T3503] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled [ 721.427304][ T3503] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled [ 721.460129][T14022] loop1: detected capacity change from 0 to 128 [ 721.509993][T14022] syz.1.2612: attempt to access beyond end of device [ 721.509993][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.510121][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.511940][T14022] syz.1.2612: attempt to access beyond end of device [ 721.511940][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.511967][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512062][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512062][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512085][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512146][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512146][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512167][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512239][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512239][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512261][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512317][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512317][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512337][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512395][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512395][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512415][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512472][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512472][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512492][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512551][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512551][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512571][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 721.512629][T14022] syz.1.2612: attempt to access beyond end of device [ 721.512629][T14022] loop1: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 721.512650][T14022] Buffer I/O error on dev loop1, logical block 2078, async page read [ 722.753491][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 722.842195][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 722.917007][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.032278][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.050073][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.067831][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.085504][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.103106][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.120857][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.150387][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.178577][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.196451][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.213301][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.236323][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.260598][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.278500][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.292687][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.313238][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.329331][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.349830][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.370045][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.383357][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.408357][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.423410][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.441944][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.461814][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.486342][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.503348][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.520994][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.536723][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.552416][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.561365][T12527] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 723.589503][T12527] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 724.997536][T14052] loop3: detected capacity change from 0 to 1024 [ 725.009499][T14052] EXT4-fs: Ignoring removed nomblk_io_submit option [ 725.039890][T14052] EXT4-fs: Ignoring removed orlov option [ 725.102222][T14052] ext2: Bad value for 'mb_optimize_scan' [ 725.201099][T14059] sd 0:0:1:0: device reset [ 725.439334][T14068] loop1: detected capacity change from 0 to 1024 [ 725.459372][T14068] EXT4-fs: Ignoring removed bh option [ 725.468517][T14068] EXT4-fs: inline encryption not supported [ 725.481005][T14068] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 725.504657][T14068] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 725.571759][T14068] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.2629: lblock 2 mapped to illegal pblock 2 (length 1) [ 725.644682][T14068] __quota_error: 171 callbacks suppressed [ 725.644696][T14068] Quota error (device loop1): qtree_write_dquot: dquota write failed [ 725.678196][T14068] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.2629: lblock 0 mapped to illegal pblock 48 (length 1) [ 725.699634][ T27] audit: type=1326 audit(1763022195.613:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14076 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 725.757564][ T27] audit: type=1326 audit(1763022195.643:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14076 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 725.792716][T14068] Quota error (device loop1): v2_write_file_info: Can't write info structure [ 725.813593][ T27] audit: type=1326 audit(1763022195.643:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14076 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 725.813960][T14068] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2629: Failed to acquire dquot type 0 [ 725.853237][ T27] audit: type=1326 audit(1763022195.643:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14076 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 725.922202][T14068] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 725.949173][ T27] audit: type=1326 audit(1763022195.643:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14076 comm="syz.3.2633" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 726.014577][T14068] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.2629: mark_inode_dirty error [ 726.040549][T14068] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 726.051252][T14068] EXT4-fs (loop1): 1 orphan inode deleted [ 726.058373][T14068] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 726.071151][T10326] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:13: lblock 1 mapped to illegal pblock 1 (length 1) [ 726.095448][T14082] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2634'. [ 726.115289][T14068] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #2: block 16: comm syz.1.2629: lblock 0 mapped to illegal pblock 16 (length 1) [ 726.124464][T10326] Quota error (device loop1): remove_tree: Can't read quota data block 1 [ 726.183301][T10326] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u4:13: Failed to release dquot type 0 [ 726.207554][T14085] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #2: block 16: comm syz.1.2629: lblock 0 mapped to illegal pblock 16 (length 1) [ 726.344506][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 726.362132][T13558] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 726.385232][T13558] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 726.405375][T13558] EXT4-fs error (device loop1): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error [ 726.478667][T14095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2639'. [ 726.661115][T14098] netlink: 108 bytes leftover after parsing attributes in process `syz.2.2640'. [ 727.367355][ T27] audit: type=1326 audit(1763022197.263:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.0.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 727.448812][ T27] audit: type=1326 audit(1763022197.263:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14105 comm="syz.0.2644" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe11258f6c9 code=0x7ffc0000 [ 727.586470][T14114] loop1: detected capacity change from 0 to 1024 [ 727.627645][T14119] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2649'. [ 727.653344][T14119] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 727.660847][T14119] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 727.675012][T14119] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 727.700341][T14119] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 727.732977][T14122] loop3: detected capacity change from 0 to 1024 [ 727.760609][T14122] EXT4-fs: Ignoring removed bh option [ 727.771327][T14122] EXT4-fs: inline encryption not supported [ 727.794696][T14122] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 727.835847][T14122] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 727.852695][T14122] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.2649: lblock 2 mapped to illegal pblock 2 (length 1) [ 727.873324][T14122] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.2649: lblock 0 mapped to illegal pblock 48 (length 1) [ 727.891765][T14122] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2649: Failed to acquire dquot type 0 [ 727.908093][T14122] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5916: Corrupt filesystem [ 727.920355][T14122] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.2649: mark_inode_dirty error [ 727.939998][T14122] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 727.951527][T14122] EXT4-fs (loop3): 1 orphan inode deleted [ 727.963498][ T3487] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:7: lblock 1 mapped to illegal pblock 1 (length 1) [ 727.979827][T14122] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 727.999320][ T3487] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u4:7: Failed to release dquot type 0 [ 728.049943][T14119] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.2649: lblock 0 mapped to illegal pblock 48 (length 1) [ 728.132638][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 728.788753][T14139] netlink: 108 bytes leftover after parsing attributes in process `syz.0.2655'. [ 729.082552][T14150] overlayfs: overlapping lowerdir path [ 729.098150][T14150] overlayfs: failed to verify upper (33/file0, ino=199, err=-116) [ 729.106286][T14150] overlayfs: failed to verify index dir 'upper' xattr [ 729.113061][T14150] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 729.995265][T14155] loop2: detected capacity change from 0 to 1024 [ 730.051783][T14155] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.277630][T13067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 730.642491][T14180] overlayfs: failed to clone upperpath [ 730.650882][T14180] overlayfs: failed to clone upperpath [ 731.099340][T14200] loop2: detected capacity change from 0 to 128 [ 731.124286][ T27] kauditd_printk_skb: 91 callbacks suppressed [ 731.124300][ T27] audit: type=1800 audit(1763022201.043:1240): pid=14200 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2679" name="file2" dev="loop2" ino=1048606 res=0 errno=0 [ 731.150451][T14202] loop1: detected capacity change from 0 to 2048 [ 731.159799][T14200] bio_check_eod: 5979 callbacks suppressed [ 731.159814][T14200] syz.2.2679: attempt to access beyond end of device [ 731.159814][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.180399][T14200] buffer_io_error: 5979 callbacks suppressed [ 731.180415][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.197956][T14200] syz.2.2679: attempt to access beyond end of device [ 731.197956][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.211448][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.221085][T14200] syz.2.2679: attempt to access beyond end of device [ 731.221085][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.235861][T14202] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 731.248860][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.257298][T14200] syz.2.2679: attempt to access beyond end of device [ 731.257298][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.299257][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.332894][T14200] syz.2.2679: attempt to access beyond end of device [ 731.332894][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.357418][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.370182][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.381669][T14200] syz.2.2679: attempt to access beyond end of device [ 731.381669][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.401774][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.411024][T14200] syz.2.2679: attempt to access beyond end of device [ 731.411024][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.437377][T14206] overlayfs: failed to clone upperpath [ 731.439743][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.453477][T14200] syz.2.2679: attempt to access beyond end of device [ 731.453477][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.467687][T14206] overlayfs: failed to clone upperpath [ 731.481841][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.492090][T14200] syz.2.2679: attempt to access beyond end of device [ 731.492090][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.513341][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 731.537814][T14200] syz.2.2679: attempt to access beyond end of device [ 731.537814][T14200] loop2: rw=0, sector=2078, nr_sectors = 1 limit=128 [ 731.571539][T14200] Buffer I/O error on dev loop2, logical block 2078, async page read [ 732.626903][T14233] loop1: detected capacity change from 0 to 2048 [ 732.650789][T14233] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 732.687489][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 741.221034][T14310] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 ! [ 741.404589][T14332] loop3: detected capacity change from 0 to 2048 [ 741.474647][T14332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 741.535519][ T27] audit: type=1804 audit(1763022211.433:1241): pid=14332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2722" name="/newroot/98/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 741.579135][ T27] audit: type=1800 audit(1763022211.433:1242): pid=14332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2722" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 741.600416][ T27] audit: type=1804 audit(1763022211.433:1243): pid=14332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2722" name="/newroot/98/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 741.637693][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 742.945486][T14349] loop1: detected capacity change from 0 to 1024 [ 742.958986][T14349] EXT4-fs: Ignoring removed orlov option [ 742.972383][T14349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 743.063248][ T27] audit: type=1800 audit(1763022212.973:1244): pid=14349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2728" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 743.166055][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.435736][T14367] loop3: detected capacity change from 0 to 2048 [ 743.498350][T14367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 743.579664][ T27] audit: type=1804 audit(1763022213.493:1245): pid=14367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2736" name="/newroot/101/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 743.638399][ T27] audit: type=1800 audit(1763022213.493:1246): pid=14367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2736" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 743.670833][T14378] loop1: detected capacity change from 0 to 2048 [ 743.680579][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 743.691225][ T27] audit: type=1804 audit(1763022213.493:1247): pid=14367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2736" name="/newroot/101/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 743.757337][T14378] Alternate GPT is invalid, using primary GPT. [ 743.773510][T14378] loop1: p1 p2 p3 [ 743.777300][T14378] loop1: partition table partially beyond EOD, truncated [ 743.784886][ T27] audit: type=1326 audit(1763022213.563:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.1.2740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 743.863479][ T27] audit: type=1326 audit(1763022213.563:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.1.2740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 743.906539][ T27] audit: type=1326 audit(1763022213.563:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14377 comm="syz.1.2740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 744.203945][T14392] IPv6: Can't replace route, no match found [ 744.577245][T14400] loop1: detected capacity change from 0 to 2048 [ 744.642172][T14400] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 744.825683][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 744.942612][T14418] loop1: detected capacity change from 0 to 512 [ 744.952272][T14418] journal_path: Lookup failure for './bus' [ 744.976858][T14418] EXT4-fs: error: could not find journal device path [ 745.417350][T14432] loop1: detected capacity change from 0 to 2048 [ 745.431100][T14434] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2764'. [ 745.489529][T14432] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 745.615484][T14416] loop2: detected capacity change from 0 to 32768 [ 745.632567][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.140460][T14459] loop2: detected capacity change from 0 to 512 [ 746.170603][T14459] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 746.201908][T14459] ext4 filesystem being mounted at /90/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 746.233015][T14463] loop1: detected capacity change from 0 to 2048 [ 746.277386][T14463] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 746.542281][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.574292][T13067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 746.629205][T14474] syz.1.2779[14474] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 746.629334][T14474] syz.1.2779[14474] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 746.746086][T14480] rdma_op ffff888030f169f0 conn xmit_rdma 0000000000000000 [ 747.042666][T14490] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2786'. [ 747.126400][T14489] loop3: detected capacity change from 0 to 2048 [ 747.136341][T14491] overlayfs: failed to clone upperpath [ 747.146364][T14491] overlayfs: failed to clone upperpath [ 747.161524][T14489] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 747.226602][ T27] kauditd_printk_skb: 63 callbacks suppressed [ 747.226617][ T27] audit: type=1804 audit(1763022217.143:1314): pid=14489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2787" name="/newroot/119/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 747.317099][ T1284] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.321581][ T27] audit: type=1800 audit(1763022217.173:1315): pid=14489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2787" name="bus" dev="loop3" ino=18 res=0 errno=0 [ 747.345507][ T27] audit: type=1804 audit(1763022217.173:1316): pid=14489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2787" name="/newroot/119/file1/bus" dev="loop3" ino=18 res=1 errno=0 [ 747.348617][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 747.367549][ T27] audit: type=1326 audit(1763022217.173:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14498 comm="syz.2.2790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 747.367591][ T27] audit: type=1326 audit(1763022217.173:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14498 comm="syz.2.2790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 747.367631][ T27] audit: type=1326 audit(1763022217.173:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14498 comm="syz.2.2790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 747.418030][T14503] sctp: [Deprecated]: syz.1.2792 (pid 14503) Use of int in max_burst socket option deprecated. [ 747.418030][T14503] Use struct sctp_assoc_value instead [ 747.424371][ T27] audit: type=1326 audit(1763022217.173:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14498 comm="syz.2.2790" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f293ed8f6c9 code=0x7ffc0000 [ 747.612436][ T27] audit: type=1326 audit(1763022217.523:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.3.2793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 747.646050][ T27] audit: type=1326 audit(1763022217.523:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.3.2793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 747.688689][ T27] audit: type=1326 audit(1763022217.563:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14510 comm="syz.3.2793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff5fe18f6c9 code=0x7ffc0000 [ 747.951117][T14522] loop2: detected capacity change from 0 to 2048 [ 748.010777][T14522] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 748.174659][T13067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.379688][T14533] loop1: detected capacity change from 0 to 8192 [ 748.433574][T14543] loop3: detected capacity change from 0 to 512 [ 748.442644][T14543] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 748.552033][T14543] EXT4-fs (loop3): 1 truncate cleaned up [ 748.562617][T14543] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 748.628858][T14547] overlayfs: failed to clone upperpath [ 748.638200][T14547] overlayfs: failed to clone upperpath [ 748.705551][T14551] fuse: Bad value for 'fd' [ 748.710629][T13269] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 748.742037][T14550] loop1: detected capacity change from 0 to 512 [ 748.798484][T14550] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 748.819663][T14550] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 748.889123][T14550] EXT4-fs error (device loop1): ext4_xattr_block_get:600: inode #12: comm syz.1.2810: corrupted xattr block 6: invalid header [ 748.907736][T14561] loop2: detected capacity change from 0 to 1024 [ 748.916796][T14561] EXT4-fs: inline encryption not supported [ 748.926460][T14561] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 749.011823][T14561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 749.034747][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 749.104792][T14561] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4031: comm syz.2.2815: Allocating blocks 385-513 which overlap fs metadata [ 749.150863][T14560] EXT4-fs (loop2): pa ffff88801fcd3e80: logic 16, phys. 129, len 24 [ 749.159840][T14560] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 8 [ 749.403000][T13067] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 750.386766][T14580] fuse: Bad value for 'fd' [ 750.629652][T14591] rdma_op ffff88802345b1f0 conn xmit_rdma 0000000000000000 [ 750.897421][T14599] overlayfs: overlapping lowerdir path [ 750.948305][T14600] overlayfs: failed to verify upper (106/file0, ino=622, err=-116) [ 750.956330][T14600] overlayfs: failed to verify index dir 'upper' xattr [ 750.963099][T14600] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 751.941374][T14615] fuse: Bad value for 'fd' [ 752.760876][T14619] loop1: detected capacity change from 0 to 1024 [ 752.802795][T14619] EXT4-fs: Ignoring removed orlov option [ 752.809861][T14617] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 752.821523][T14617] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 752.831153][T14617] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 752.890903][T14619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 752.977931][ T27] kauditd_printk_skb: 78 callbacks suppressed [ 752.977947][ T27] audit: type=1800 audit(1763022222.893:1402): pid=14619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2835" name="bus" dev="loop1" ino=18 res=0 errno=0 [ 754.033280][ T27] audit: type=1804 audit(1763022223.943:1403): pid=14619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2835" name="/newroot/79/bus/bus" dev="loop1" ino=18 res=1 errno=0 [ 754.036426][T14619] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus [ 754.110410][ T27] audit: type=1326 audit(1763022223.943:1404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.183277][ T27] audit: type=1326 audit(1763022223.943:1405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=297 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.229537][ T27] audit: type=1326 audit(1763022223.943:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.285676][ T27] audit: type=1326 audit(1763022223.943:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.353349][ T27] audit: type=1326 audit(1763022223.943:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.403212][ T27] audit: type=1326 audit(1763022223.943:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.463256][ T27] audit: type=1326 audit(1763022223.943:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.513334][ T27] audit: type=1326 audit(1763022223.943:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14618 comm="syz.1.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94d5f8f6c9 code=0x7ffc0000 [ 754.904695][T14643] overlayfs: overlapping lowerdir path [ 754.956500][T14645] overlayfs: failed to verify upper (110/file0, ino=656, err=-116) [ 754.964451][T14645] overlayfs: failed to verify index dir 'upper' xattr [ 754.971759][T14645] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 755.402303][T13558] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 755.957289][T14659] loop1: detected capacity change from 0 to 1764 [ 757.061537][T14690] overlayfs: overlapping lowerdir path [ 757.083674][T14690] overlayfs: failed to verify upper (112/file0, ino=679, err=-116) [ 757.091691][T14690] overlayfs: failed to verify index dir 'upper' xattr [ 757.098659][T14690] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index. [ 757.212391][T14698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2861'. [ 757.233221][T14698] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2861'. [ 757.262614][T14698] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2861'. [ 757.281741][T14698] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2861'. [ 757.303368][T14698] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2861'. [ 758.151494][T14729] ªªªªªª: renamed from wg2 (while UP) [ 758.794890][T14754] xt_recent: hitcount (16777216) is larger than allowed maximum (255) [ 758.816711][T14752] loop2: detected capacity change from 0 to 512 [ 758.930116][T14752] ------------[ cut here ]------------ [ 758.936335][T14752] EA inode 11 i_nlink=2 [ 758.958160][T14752] WARNING: CPU: 1 PID: 14752 at fs/ext4/xattr.c:1075 ext4_xattr_inode_update_ref+0x4fb/0x550 [ 758.973668][T14752] Modules linked in: [ 758.977592][T14752] CPU: 1 PID: 14752 Comm: syz.2.2881 Not tainted syzkaller #0 [ 758.985342][T14752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 758.995696][T14752] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.002328][T14752] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08 [ 759.022395][T14752] RSP: 0018:ffffc9000ce0f1c0 EFLAGS: 00010246 [ 759.028777][T14752] RAX: a7a55ced1f7c5900 RBX: 0000000000000002 RCX: 0000000000080000 [ 759.036946][T14752] RDX: ffffc9001b5f3000 RSI: 000000000003dc98 RDI: 000000000003dc99 [ 759.044992][T14752] RBP: ffffc9000ce0f2b8 R08: ffffc9000ce0edc7 R09: 1ffff920019c1db8 [ 759.052988][T14752] R10: dffffc0000000000 R11: fffff520019c1db9 R12: dffffc0000000000 [ 759.061160][T14752] R13: ffff8880779c8ea8 R14: ffff8880779c8cb0 R15: ffff8880779c8d00 [ 759.070071][T14752] FS: 00007f293fc5b6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 759.079400][T14752] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 759.086084][T14752] CR2: 000000110c264bb7 CR3: 0000000060f4b000 CR4: 00000000003506e0 [ 759.094159][T14752] Call Trace: [ 759.097467][T14752] [ 759.100773][T14752] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 759.106527][T14752] ? ext4_xattr_inode_iget+0x3df/0x600 [ 759.112023][T14752] ext4_xattr_set_entry+0xcda/0x1e90 [ 759.117419][T14752] ext4_xattr_ibody_set+0x254/0x6a0 [ 759.122672][T14752] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 759.128676][T14752] __ext4_expand_extra_isize+0x306/0x400 [ 759.134421][T14752] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 759.139927][T14752] ext4_evict_inode+0x7ed/0xea0 [ 759.144888][T14752] ? _raw_spin_unlock+0x28/0x40 [ 759.149776][T14752] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 759.155820][T14752] ? do_raw_spin_unlock+0x121/0x230 [ 759.161055][T14752] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 759.167028][T14752] evict+0x486/0x870 [ 759.171793][T14752] ? __lock_acquire+0x7c80/0x7c80 [ 759.177047][T14752] ? proc_nr_inodes+0x230/0x230 [ 759.181973][T14752] ? do_raw_spin_unlock+0x121/0x230 [ 759.187260][T14752] ? _raw_spin_unlock+0x28/0x40 [ 759.192136][T14752] ? iput+0x70a/0x920 [ 759.196233][T14752] ext4_orphan_cleanup+0xbd4/0x1400 [ 759.201486][T14752] ? ext4_orphan_del+0xba0/0xba0 [ 759.206554][T14752] ? ext4_register_li_request+0x183/0x940 [ 759.212300][T14752] ? errseq_check_and_advance+0x66/0x120 [ 759.218062][T14752] ext4_fill_super+0x5de4/0x66c0 [ 759.223055][T14752] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 759.229409][T14752] ? __might_sleep+0xe0/0xe0 [ 759.234277][T14752] ? read_lock_is_recursive+0x20/0x20 [ 759.239675][T14752] ? snprintf+0xdb/0x120 [ 759.244005][T14752] ? vscnprintf+0x80/0x80 [ 759.248364][T14752] ? down_write+0x162/0x1f0 [ 759.252897][T14752] ? down_read_killable+0x340/0x340 [ 759.258239][T14752] ? setup_bdev_super+0x56b/0x660 [ 759.263333][T14752] get_tree_bdev+0x3e4/0x510 [ 759.267946][T14752] ? vfs_parse_fs_string+0x160/0x160 [ 759.274112][T14752] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 759.280536][T14752] ? setup_bdev_super+0x660/0x660 [ 759.285644][T14752] ? apparmor_capable+0x137/0x1a0 [ 759.290700][T14752] ? bpf_lsm_capable+0x9/0x10 [ 759.295474][T14752] ? security_capable+0x89/0xb0 [ 759.300362][T14752] vfs_get_tree+0x8c/0x280 [ 759.304856][T14752] do_new_mount+0x24b/0xa40 [ 759.309396][T14752] __se_sys_mount+0x2da/0x3c0 [ 759.314267][T14752] ? __x64_sys_mount+0xc0/0xc0 [ 759.319062][T14752] ? lockdep_hardirqs_on+0x98/0x150 [ 759.324341][T14752] ? __x64_sys_mount+0x20/0xc0 [ 759.329132][T14752] do_syscall_64+0x55/0xb0 [ 759.333674][T14752] ? clear_bhb_loop+0x40/0x90 [ 759.338374][T14752] ? clear_bhb_loop+0x40/0x90 [ 759.343081][T14752] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 759.349043][T14752] RIP: 0033:0x7f293ed90e6a [ 759.353540][T14752] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 759.374165][T14752] RSP: 002b:00007f293fc5ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 759.382785][T14752] RAX: ffffffffffffffda RBX: 00007f293fc5aef0 RCX: 00007f293ed90e6a [ 759.391004][T14752] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f293fc5aeb0 [ 759.399082][T14752] RBP: 0000200000000180 R08: 00007f293fc5aef0 R09: 0000000000800700 [ 759.407211][T14752] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 759.415294][T14752] R13: 00007f293fc5aeb0 R14: 000000000000046f R15: 000000000000002c [ 759.423345][T14752] [ 759.426378][T14752] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 759.433653][T14752] CPU: 1 PID: 14752 Comm: syz.2.2881 Not tainted syzkaller #0 [ 759.441101][T14752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 759.451147][T14752] Call Trace: [ 759.454433][T14752] [ 759.457410][T14752] dump_stack_lvl+0x16c/0x230 [ 759.462106][T14752] ? show_regs_print_info+0x20/0x20 [ 759.467310][T14752] ? load_image+0x3b0/0x3b0 [ 759.471817][T14752] panic+0x2c0/0x710 [ 759.475711][T14752] ? bpf_jit_dump+0xd0/0xd0 [ 759.480220][T14752] __warn+0x2e0/0x470 [ 759.484195][T14752] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.490178][T14752] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.496151][T14752] report_bug+0x2be/0x4f0 [ 759.500475][T14752] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.506452][T14752] ? ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.512428][T14752] ? ext4_xattr_inode_update_ref+0x4fd/0x550 [ 759.518414][T14752] handle_bug+0xcf/0x120 [ 759.522684][T14752] exc_invalid_op+0x1a/0x50 [ 759.527202][T14752] asm_exc_invalid_op+0x1a/0x20 [ 759.532059][T14752] RIP: 0010:ext4_xattr_inode_update_ref+0x4fb/0x550 [ 759.538657][T14752] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 c6 3b 9a ff 49 8b 37 48 c7 c7 a0 c3 be 8a 89 da e8 c5 5d 0d ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 b9 fe ff ff e8 6f 1d 2c 08 [ 759.558262][T14752] RSP: 0018:ffffc9000ce0f1c0 EFLAGS: 00010246 [ 759.564323][T14752] RAX: a7a55ced1f7c5900 RBX: 0000000000000002 RCX: 0000000000080000 [ 759.572281][T14752] RDX: ffffc9001b5f3000 RSI: 000000000003dc98 RDI: 000000000003dc99 [ 759.580244][T14752] RBP: ffffc9000ce0f2b8 R08: ffffc9000ce0edc7 R09: 1ffff920019c1db8 [ 759.588206][T14752] R10: dffffc0000000000 R11: fffff520019c1db9 R12: dffffc0000000000 [ 759.596170][T14752] R13: ffff8880779c8ea8 R14: ffff8880779c8cb0 R15: ffff8880779c8d00 [ 759.604152][T14752] ? ext4_xattr_list_entries+0x3d0/0x3d0 [ 759.609785][T14752] ? ext4_xattr_inode_iget+0x3df/0x600 [ 759.615244][T14752] ext4_xattr_set_entry+0xcda/0x1e90 [ 759.620540][T14752] ext4_xattr_ibody_set+0x254/0x6a0 [ 759.625738][T14752] ext4_expand_extra_isize_ea+0x113a/0x19e0 [ 759.631647][T14752] __ext4_expand_extra_isize+0x306/0x400 [ 759.637281][T14752] __ext4_mark_inode_dirty+0x45d/0x6e0 [ 759.642740][T14752] ext4_evict_inode+0x7ed/0xea0 [ 759.647581][T14752] ? _raw_spin_unlock+0x28/0x40 [ 759.652690][T14752] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 759.658577][T14752] ? do_raw_spin_unlock+0x121/0x230 [ 759.663768][T14752] ? ext4_inode_is_fast_symlink+0x390/0x390 [ 759.669651][T14752] evict+0x486/0x870 [ 759.673538][T14752] ? __lock_acquire+0x7c80/0x7c80 [ 759.678558][T14752] ? proc_nr_inodes+0x230/0x230 [ 759.683405][T14752] ? do_raw_spin_unlock+0x121/0x230 [ 759.688605][T14752] ? _raw_spin_unlock+0x28/0x40 [ 759.693449][T14752] ? iput+0x70a/0x920 [ 759.697428][T14752] ext4_orphan_cleanup+0xbd4/0x1400 [ 759.702629][T14752] ? ext4_orphan_del+0xba0/0xba0 [ 759.707562][T14752] ? ext4_register_li_request+0x183/0x940 [ 759.713276][T14752] ? errseq_check_and_advance+0x66/0x120 [ 759.718904][T14752] ext4_fill_super+0x5de4/0x66c0 [ 759.723850][T14752] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 759.730079][T14752] ? __might_sleep+0xe0/0xe0 [ 759.734663][T14752] ? read_lock_is_recursive+0x20/0x20 [ 759.740024][T14752] ? snprintf+0xdb/0x120 [ 759.744259][T14752] ? vscnprintf+0x80/0x80 [ 759.748577][T14752] ? down_write+0x162/0x1f0 [ 759.753073][T14752] ? down_read_killable+0x340/0x340 [ 759.758275][T14752] ? setup_bdev_super+0x56b/0x660 [ 759.763291][T14752] get_tree_bdev+0x3e4/0x510 [ 759.767878][T14752] ? vfs_parse_fs_string+0x160/0x160 [ 759.773172][T14752] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 759.779401][T14752] ? setup_bdev_super+0x660/0x660 [ 759.784426][T14752] ? apparmor_capable+0x137/0x1a0 [ 759.789447][T14752] ? bpf_lsm_capable+0x9/0x10 [ 759.794118][T14752] ? security_capable+0x89/0xb0 [ 759.798983][T14752] vfs_get_tree+0x8c/0x280 [ 759.803404][T14752] do_new_mount+0x24b/0xa40 [ 759.807912][T14752] __se_sys_mount+0x2da/0x3c0 [ 759.812585][T14752] ? __x64_sys_mount+0xc0/0xc0 [ 759.817346][T14752] ? lockdep_hardirqs_on+0x98/0x150 [ 759.822539][T14752] ? __x64_sys_mount+0x20/0xc0 [ 759.827294][T14752] do_syscall_64+0x55/0xb0 [ 759.831705][T14752] ? clear_bhb_loop+0x40/0x90 [ 759.836376][T14752] ? clear_bhb_loop+0x40/0x90 [ 759.841052][T14752] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 759.846934][T14752] RIP: 0033:0x7f293ed90e6a [ 759.851337][T14752] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 759.870934][T14752] RSP: 002b:00007f293fc5ae68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 759.879338][T14752] RAX: ffffffffffffffda RBX: 00007f293fc5aef0 RCX: 00007f293ed90e6a [ 759.887303][T14752] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007f293fc5aeb0 [ 759.895265][T14752] RBP: 0000200000000180 R08: 00007f293fc5aef0 R09: 0000000000800700 [ 759.903225][T14752] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0 [ 759.911183][T14752] R13: 00007f293fc5aeb0 R14: 000000000000046f R15: 000000000000002c [ 759.919154][T14752] [ 759.922390][T14752] Kernel Offset: disabled [ 759.926873][T14752] Rebooting in 86400 seconds..