last executing test programs: 1m9.069890161s ago: executing program 0 (id=37): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = creat(&(0x7f0000000200)='./file0\x00', 0x100) close(r3) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) dup(r4) getsockopt$inet_buf(r3, 0x0, 0x2a, 0x0, 0x0) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x21}, 0x18) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000004000000410000000000000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0240000005800000000000000900"/28], 0x48) r5 = socket$packet(0x11, 0x2, 0x300) umount2(0x0, 0x9) setsockopt$packet_tx_ring(r5, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x40008000, 0x6}, 0x1c) 1m7.958534024s ago: executing program 0 (id=41): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff0000}]}) read$FUSE(0xffffffffffffffff, &(0x7f0000000f80)={0x2020}, 0x2020) chdir(0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000e00)=0x7) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=r3}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r4, 0x0, r5, 0x0, 0x7, 0x0) syz_clone(0x1222080, 0x0, 0x0, 0x0, 0x0, 0x0) shutdown(r1, 0x2) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r1, 0x0) sendto$inet6(r0, &(0x7f0000000000)="8208f9552999", 0x6, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @rand_addr, 0x6}, 0x1c) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, &(0x7f00000003c0)={0x17c04, 0xffffffffffffffff, 0x7, 0x41000ff7ff, 0xdc, 0x6d3}) 1m6.895299871s ago: executing program 0 (id=43): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/net\x00') bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup=r3, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40) 1m5.552543044s ago: executing program 0 (id=46): syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x3000044, &(0x7f0000000100)={[{@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs") open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x1) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1c10, 0x0) r0 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0) ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000080)=0x3f) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) fallocate(r1, 0x0, 0x0, 0x8000c62) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0) pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0) 1m5.007929104s ago: executing program 0 (id=49): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@local, 0x1, 0x1, 0x3, 0x2, 0x0, 0x4}, 0x20) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) ioctl(r0, 0x8b32, &(0x7f0000000040)) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r1, 0x0, 0x0) 1m4.378111905s ago: executing program 0 (id=53): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x20000) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000180)={0x70, 0x9, 0xffff, 0x3, 0x7734, 0x9}) 1m3.933376613s ago: executing program 32 (id=53): r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x20000) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000180)={0x70, 0x9, 0xffff, 0x3, 0x7734, 0x9}) 3.702830263s ago: executing program 3 (id=310): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x1c, 0x1, 0x4, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x0) 3.500529609s ago: executing program 3 (id=311): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000007540), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000007640)={0x0, 0x0, &(0x7f0000007600)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002abd7000fddbdf25120000002000018008000100", @ANYRES32=r3, @ANYBLOB="140002"], 0x34}}, 0x4) 3.320537782s ago: executing program 3 (id=315): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x1c916, &(0x7f0000000040)={[{@nobarrier}, {@noblock_validity}, {@nombcache}, {@acl}, {@barrier_val={'barrier', 0x3d, 0xc}}, {@noacl}, {@nodiscard}, {@nodelalloc}, {@resgid, 0x32}]}, 0x9b, 0x4d8, &(0x7f0000000a40)="$eJzs3ctrW9kZAPDvXltpHk7t0C7SQNPQpNihjWTHTWIKTVso7SrQNl10l7q2bIxly1hyEpvQOvQPKJTQFrrqqptC/4BC8W62wwyByX6YGWYYZpKZxSxmokGvjONIfhDZCtbvB9c69yF/35HQ0T3nHnQD6FnnIuJyRDytVCoXI2KwsT1tLBsnImK9ftyTx/emqksSlcrNj5JIGtuqx49s+p+Np9T85pcRf0hejFtaXZufLBTyy431XHlhKVdaXbs0tzA5m5/NL46Pj12duDZxZWK0I/UciIjrP3/vb3/59y+u//8Hd96+9cHIH6tp/bixv1mPTqtXPRNHN23rj4jl/QjWBX2N+mS6nQgAALvSPM//bkRcjMHoq53NAQAAAIdJ5ScD8XkSUQEAAAAOrbQ2NzZJs415AAORptlsfQ7vN+N4WiiWyt+fKa4sTtfn0A5FJp2ZK+RHG3OFhyKTVNfHauWv1i9vWR+PiFMR8WDwWG09O1UsTHd78AMAAAB6xIkt/f9PB+v9fwAAAOCQGep2AgAAAMC+0/8HAACAw69F//933cgDAAAA2Be/unGjulSa97+evr26Ml+8fWk6X5rPLqxMZaeKy0vZ2WJxtvabfQs7/b9Csbj0w1hcuZsr50vlXGl17dZCcWWxfGvuuVtgAwAAAAfo1Hc2HqURsf6jY7Wl6ki3kwIORP9eDn53//IADl5ftxMAumZP3//AoZLpdgJA1yU77G87eef1zucCAADsj+FvbTxKWlz/T3YcG1hPDyhFYJ8Y/4Pe5fo/9C7X/6F3ZaIvdOSht+3/9f9KZU8JAQAAHTdQW5I0G1EbBxiINM1mI07WbguQSWbmCvnRiPh6RLw1mPladX2s9sxkxz4DAAAAAAAAAAAAAAAAAAAAAAAAAFBXqSRRAQAAAA61iPT9pHH/r+HBCwNbxweOJJ8N1h4j4s4/b/797mS5vDxW3f7xs+3lfzS2X+7GCAYAAACwVbOf3uzHAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAnPXl8b6q5HGTcD38WEUOt4vfH0drj0chExPFPkujf9LwkIvo6EH/9fkScbhU/qaYVQ40sWsU/1sX4aUSc6EB86GUb1fbnp60+f2mcqz22/vxdrbVQL699+5c+a//62rQ/J3cZ48zD/+baxr8fcaa/dfvTjJ+0iX9+l/F//9u1tXb7Kv+KGG75/ZM8FytXXljKlVbXLs0tTM7mZ/OL4+NjVyeuTVyZGM3NzBXyjb8tIhyJv377f0+3q//xeNC2/d2u/hd2Wf8vHt59/I16MdMq/sj51u//6Tbx08Z33/ca5er+4WZ5vV7e7Ox/3jgb8eZr7eo/3eb13+n9H9ll/S/++s/v7PJQAOAAlFbX5icLhfxyTxde6tWonha9ErVQ2GvhT69GGq9kobvtEgAA0Hkv9oGf14lr7AAAAAAAAAAAAAAAAAAAAMD2DvLX9ZrWu1NVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBtfRkAAP//BSTXpA==") 3.035523669s ago: executing program 3 (id=321): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x24a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x586c, 0xfe, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x8e, 0x3}}}}}]}}]}}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="203905"], 0x0, 0x0, 0x0, 0x0}, 0x0) 2.140332564s ago: executing program 4 (id=332): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r1, 0xe0, &(0x7f0000002d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb0, 0x8, 0x0, 0x0}}, 0x10) 1.948557649s ago: executing program 4 (id=335): syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c696f636861727365743d64656661756c742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c757466383d302c666c7573682c726f6469722c726f6469722c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c756e695f786c6174653d302c757466383d302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c001762a07a915c8f6c3378b924fc250bdae45cd22bb33f29d72cf1c8410df88b83b9710b49374a748455718cc4af5f3ced9aa10632d595e9c8c3a89f41b650b9ebd4886ae65bf02b7c8ea4e76ef2cc241ac9f89f2753df98db0ba9558c753363f296424ec60e703fac2db7e9f31283852e115cf6acb8d77b3e5d68"], 0x97, 0x2a8, &(0x7f0000000500)="$eJzs3b9rM3UYAPDnkjQJOiSCkwge6OD0Yru6pEhfKGZSMqiDFtuCNEFooeAPjJ1cXRxdXZzc/Cdc/A8EV8HNgoWTy901SU1jUk2rvp/P0qd3z/O953u9Ujrck/eeH50cpnF88elP0W7Xo9aLXlwm0Y1aVD6POb0vAwD4L7vMsvg1K6xTl0REe3NtAQAbtPbf/+823hIAsGFvvvX267v9/t4badqOx6Mvzgf5f/b51+L87nF8EMM4ileiE1cR2bUifpxl2biR5rrx0mh8PsgrR+/+UK6/+0vEpH47OtGdHJqv3+/vbaeFmfpx3sdT5fV7ef1OdOLZBdff7+/tLKiPQTNefnGm/0fRiR/fjw9jGIeTJor6qEV8tp2mr2Vf/fbJO3l7eX0yPh+0JnlTWf2efzQAAAAAAAAAAAAAAAAAAAAAAPyPPSpn57RiMr8nP1TO36lf5d9sRVrpzs/nKeqTaqEb84HGWXxdzOfZiYg0zcrEaX0jnmtE42F2DQAAAAAAAAAAAAAAAAAAAP8uZx99fHIwHB6d/iNBNQ2geq3/ruv0Zo68EMuTW9Nr1cpwycpRr3KSiKVt5JtYueffy7EHd7t1z9zW87e9WHWdb/5672WwtULO3wyqp+vkIFl8D1vX+2pXD8n3sznNWPFazdtOZWs9fs2Fpzpr77359CQYL8mJZFljr/5c3LnySHJzF83JXV1YvlUGM+XzOe3Vn+f8N+VPEtM6AAAAAAAAAAAAAAAAAABgo6Yv/S44ebG0tJa1NtYWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyr6ef/rxGMy+IVkptxevbAWwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAJ8EcAAAD//yeNYXk=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15) pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xe7c) r1 = openat(0xffffffffffffff9c, 0x0, 0x12d402, 0x1d) fsmount(r1, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000100)={'syztnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x700, 0x8, 0x1, 0x7f, {{0x7, 0x4, 0x0, 0x6, 0x1c, 0x64, 0x0, 0x7, 0x29, 0x0, @multicast2, @empty, {[@rr={0x7, 0x7, 0xd2, [@initdev={0xac, 0x1e, 0x1, 0x0}]}]}}}}}) gettid() timer_create(0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) openat(0xffffffffffffff9c, 0x0, 0x70d002, 0xa) openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x103a42, 0x0) 1.505113566s ago: executing program 4 (id=341): r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @auto="69f3f7404998f44a"}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a}) 1.392332531s ago: executing program 2 (id=343): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x2000b) 1.32271195s ago: executing program 2 (id=344): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x40101, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil) r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000140)={0x0, &(0x7f0000000180)=[@cpuid={0x64, 0x18, {0x20000005, 0x8}}], 0x18}) ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000e40)={0x1, 0x0, [{0x0, 0x0, 0x3, 0x5, 0x7, 0x800, 0x9}]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.255813238s ago: executing program 4 (id=345): syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file7\x00', 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000102,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYRESHEX, @ANYRES8], 0x12, 0xc49, &(0x7f0000001cc0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThq3m6ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEWQI9O6QHLxocipJ6KFjaDogW0D+BQwmNm34pKiIloUJUr+fGzquzv73ux7M6s3FME3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiD945dzxE2m7pT9Y293WAAAPwoWxrxw/ue3rPwDwOLj0of79DwAAAAAAAAAAAAAAPAQpingyUsxeWE0T1fOu+vnOwI2b4yOjW1c7kKqa+6ry5Vf9xMlTp7/4wvCZXp7vTK/XH9ztbnw6Xhu7dK7x8sz12bn2/Hx7sjE+3bkyM9ne9h52Wn+zo9UBaFx//cbk1avzjZPPn9rw8s2h9wefODx0dvjZY8/0yo6PjI6OrRep95ev3XNDuu40w2N/FHEsUjz33Z+mVkQUsfNjUd9w7h+4A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGW5+LqA080D7cWTNisWx+2eCjZffGZltzrctT7cbF1txCZ6EzM30xdVtb9qcRRZxJEUsRsbLFX8OBKKIWKb59aDVdjoh9vePwhWpi8J3bUexiH7ehbGdjIGKpeATO2R42GEW8Gil+9s6RuJLHmWqs+XzEq2V+P+KtMl+KSOUH43TEe7s+nPOg1KKIvyzP/9nVNFmNB71x5fxXG1+evjrTV7Y3rnzI68NtI8VDuj4c2JQPxh4fm+pRRKsa8VfTvX+zAwAAAAAAAAAAAAAAAMD9diCK+FSkeOXf/6SaVxzVvPRDZ4f/cOhX++eMP32X/ZRln4+IxWJ7c3L354mBF9PFlB7yXOKPsnoU8ad5/t83H3ZjAAAAAAAAAAAAAAAAAAAAPtKK+EmkePHdI2kp+tcU70xfa1xqXZ7qrgrbW/u3t2b62traWiN1s5lzIudizqWcyzlXckaR6+ds5pzIuZhzKedyzpWcsS/Xz9nMOZFzMedSzuWcKzmjluvnbOacyLmYcykvur+cn6/kjD2ydi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOOkiCJ+Him+9fXVFCkimhET0c3lwYfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNJiK+F6kaPxR89a2WkSk6v+uI+Ufp6O5v8yPR3O4zJeieS5nq8pa85sPof3szEAq4seRYrD+9q0Tns//QPfZrY9BvPWN9WefrnVzX+/FofcHnzh86Ozw6G88fafHaasGHD3fmb5xszE+Mjo61re5lt/9433bhvL7Fven60TE/Btvvt6ammrP3fuD8iOwg+qP0INU+6j09NF+8Jv3a4dR2wvdeTgP7j52/P+DGKDYVeX1/71I8bvv/kfvgt+9/tfjV7rPbl3h44M/W7/+v7h5R9u8/tc218vX//KavtX1/8m+bS/m70YGahH1heuzA4cj6vNvvHmsc711rX2tPX36+PEvDQ9/6dTxgf0R9audqXb3UYqp9vH7crgAAAAAAAAAAAAAAAAAHpxUxO9HitaPV1MjIm5W87WGzg4/e+yZfbGvmm+1Yd72a2OXzjVenrk+O9een29PNsanO1dmJtvbfbt6Nd1rfGR0VzpzVwd2uf0H6i/PzL4x17n2xwtbvn6wfu7y/MJc68rWL8eBKCKa/VuOVg0eHxmtGj3VaU1XVS9uOZn+wxtIRfxnpLhyupE+m7fl+f+bZ/hvmP+/uHlHuzT//2N928r3TKmIDyLF7/zV0/HZqp0H47Zjlsv9XaQ4euYzuVzsL8v12tC9r0B3jmBZ9n8jxT/9fGPZ3nzIJ9fLntj2gX1ElOf/UKT43l98J34rb9t4/4etz//BzTvapfP/VN+2gxvuV7DjrpPP/7FI8dKTb8fn8rZfdv+P3r03juTCt+7PsUvn/xN924by+/72/ek6AAAAAAAAAADAI20gFfH3keKHo7X0Qt62nd//m9y8o136/a9P9m2bvD/rFd31wY4PKgAAAADsEQOpiJ9EimsLb9+aQ71x/nff/M/fW5//OZI2vVr9nO/XqvsG3M+f//Ubyu87sfNuAwAAAAAAAAAAAAAAAAAAwJ6SUhEv5PXUJ6r5/JN3XE99OVK88t/P5XLpcFmutw78UPVn/cLM9LFzU1MzV1oLrctT7cbYbOtKu6z7VKRY/dvP5LpFtb56b7357hrv62uxz0WK0X/ole2uxd5bm/yp9bInyrIfixT/9Y8by34ul/vEetmTZdm/iRRf+8HtZUuH18ueKst+J1L86GuNXtmDZdne/VE/uV72+R/cuiMCAAAAAAAAAAAAAAAAAAAA3LuBVMSfR4r/ub50ay5/Xv9/oO9p5a1v9K33v8nNap3/oWr9/zs9vpf1/6v7Cize6V0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODxlKKINyPF7IXVtDxYPu+qn+9M37g5PjK6dbUDqaq5rypfftVPnDx1+osvDJ/p5S+vf799Kl4bu3Su8fLM9dm59vx8e7IxPt25MjPZ3vYedlp/s6PVAWhcf/3G5NWr842Tz5/a8PLNofcHnzg8dHb42WPP9MqOj4yOjvWVqQ3c87vfJt1h+/4o4q8jxXPf/Wn64WBEETs/Fnf57Oy2A1UnjladGB8ZrToy1WlNL5QvXuwdiCKi0Vep2TtGD+Bc7EgzYrFsftngo2X3xmZbc63LU+3GxdbcQmehMzN9MXVbW/anEUWcSRFLEbEyePvuBqKI1yPFtw+tpn8ZjNjXOw5fuDD2leMn79yOYhf7uA1lOxsDEUvFI3DO9rDBKOKfI8XP3jkS/zoYUYvuV3w+4tUyvx/xVnTPdyo/GKcj3tvic8SjqRZF/F95/s+upncGy/GgN66c/2rjy9NXZ/rK9saVR/768CDt8bGpHkX8qBrxV9O/+XsNAAAAAAAAAAAAAAAAsIcU8euR4sV3j6RqfvCtOcWd6WuNS63LU91pfb25f70502tra2uN1M1mzomcizmXci7nXMkZRa6fs1lmfW1tIj9fzLmUcznnSs7Yl+vnbOacyLmYcynncs6VnFHL9XM2c07kXMy5lHM550rO2CNz9wAAAAAAAAAAAAAAAAAAgMdLUf2X4ltfX01rg931pSeim8vWA33s/SIAAP//YnX2fg==") syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f00000000c0)) rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./bus/file0\x00') 1.176587029s ago: executing program 1 (id=346): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xc, 0x4) 1.176393459s ago: executing program 3 (id=347): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00') preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/48, 0x30}], 0x1, 0x0, 0x0) writev(r1, &(0x7f00000003c0), 0x100000000000022d) 1.083597331s ago: executing program 2 (id=348): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528) syz_emit_ethernet(0x4a, &(0x7f0000000980)={@random="0f68f1e7312e", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3b}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0) 1.055503464s ago: executing program 1 (id=349): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xc, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x512}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 952.498388ms ago: executing program 3 (id=350): syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000500)=ANY=[], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x189040, 0x2) setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x7, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="460a0000000000006111a80000000000180000000000000000000000000000027afbff0000000000"], &(0x7f0000000000)='GPL\x00'}, 0x80) fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000000)={0x0, 0x4, 0x3, 0xfffffffffffffffc}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) truncate(&(0x7f0000000080)='./file1\x00', 0x400000f030) 928.359641ms ago: executing program 1 (id=351): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x21081c, &(0x7f00000005c0)={[{@grpquota}, {@nogrpid}, {@quota}, {@minixdf}, {@barrier_val={'barrier', 0x3d, 0x5}}]}, 0x1, 0x502, &(0x7f0000002a00)="$eJzs3c9vVFsdAPDvTDvttJTXvudbqNH38D0UDWHaDtAQFoorYwyJkaUmUNuhaTrtNJ0WaWVR1m5NJHGlS/8A16zcuzG6c4MLE380GmrCYsy9cweGMkMbWmaazueT3Nxz7rnM93uAew5zyswJYGBdiIjdiBiJiHsRMZldz2VH3GoeyX3P9x4t7O89WshFo3HnX7m0PbkWbb8mcS57zWJE/Oh7ET/NvRm3vr2zMl+tVjay+vRwVlhenV+qLFXWyuW52bmZG1evl0+sr5+ujmSlrz774+63fp6kNZFdSfvxotFonFi0pmbXCy/jJJKu/uCE4/TLUNafkX4nwjvJR8RHEfFZ+vxPxlAM9zslAOA9azQmozHZXgcAzrp8ugaWy5eytYCJyOdLpeYa3scxnq/W6puX79e21haba2VTUcjfX65WZrK1wqko5JL6bFp+VS8fqF+NiA8j4pejY2m9tFCrLvbzHz4AMMDOHZj//zvanP8BgDOu2O8EAICeM/8DwOAx/wPA4DH/A8Dgac7/Y/1OAwDoIe//AWDwmP8BYKD88Pbt5GjsZ9/jvfhge2ul9uDKYqW+UlrdWigt1DbWS0u12lL6nT2rh71etVZbn70WWw+nvr1e35yub+/cXa1trW3eTb/X+26lkN6124OeAQDdfPjp07/kkhn55lh6RNteDoW+Zga8b/l+JwD0zVC/EwD6xm5fMLiO8R7f8gCcER226H1NsdMHhBonv18u0DuXvmT9HwZV2/q//wUMA8b6Pwwu6/8wuBqN3FH3/I+j3ggAnG7W+IEuP///KDv/LvvhwE8WD97x5H1mBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKdba//fUrYX+ETk86VSxPmImIpC7v5ytTITER9ExJ9HC6NJfbbPOQMAx5X/ey7b/+vS5MWJ15o+OfeyOBIRP/v1nV89nN/c3PhTxEju36Ot65tPsuvl3mcPAByuNU+n57Y38s/3Hi20jl7m84/vRkSxGX9/byT2X8YfjuH0XIxCRIz/J5fVm3JtaxfHsfs4Ir7Yqf+5mEjXQJo7nx6Mn8Q+39P4+dfi59O25jn5vfjCCeQCg+ZpMv7c6vT85eNCeu78/BfTEer4svEveamF/XQMfBW/Nf4NdRn/Lhw1xrU/fL9ZGnuz7XHEl4cjWrH328afVvxcl/gXjxj/r1/55LNubY3fRFyKzvHbY01vrq5P17d3riyvzi9Vlipr5fLc7NzMjavXy9PpGvV099ngnzcvf9CtLen/eJf4xUP6//Uj9v+3L+79+Gtvif/NzzvFz8fHb4mfzInfOGL8+fHfF7u1JfEXu/T/sD//y0eM/+xvO29sGw4A9E99e2dlvlqtbNS3z7cKOwoKp7OQ/JU9BWl0LHzn5F4w3nrPSHRu+sXnzWf6QFOj8U5pdBsxTmLVDTgNXg05Ef/rdzIAAAAAAAAAAAAAAEBHvfh0VL/7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNn1/wAAAP//6KbPLA==") r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0) 612.935861ms ago: executing program 4 (id=352): r0 = syz_open_dev$evdev(&(0x7f0000000480), 0xebc, 0x40000) ioctl$EVIOCGREP(r0, 0x40044582, 0x0) 512.554084ms ago: executing program 1 (id=353): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x40000080, 0x0, 0x45c}, {0xb42, 0x0, 0x7}]}) 375.153492ms ago: executing program 2 (id=354): setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f0000000040)='timerslack_ns\x00') write$binfmt_format(r2, &(0x7f0000000180)='0\x00', 0x2) 308.750421ms ago: executing program 1 (id=355): sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x10, 0x9, 0x1}, 0x10}], 0x1}, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8) r1 = socket$packet(0x11, 0x2, 0x300) bind$packet(r1, &(0x7f0000000040)={0x11, 0xd, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8) 252.567798ms ago: executing program 4 (id=356): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000000)={[{@auto_da_alloc}, {@minixdf}]}, 0x1, 0x569, &(0x7f0000000480)="$eJzs3d1rm9UfAPDvkzZ7//3WwRgqIgUvnMyla+vLBC/mtQ4Gej9D+6yMpsto0rHWgduFu5bhnQPxXrz2UvwHvPBvGOhgyCiCeBN50idZ2iZtuqUvms8HnnK+z0vPOXlyTs7JSUgAQ2s8+1OIeDkivkoiTkZEkh8bjfzg+Np5q0/vzGRbEo3GJ38kzfOyuPW/Wtcdz4OXIuLnLyPOFTbnW1temS9XKuliHk/UF25O1JZXzl9fKM+lc+mNqenpi+9MT73/3rsDq+ubV7KCjOTRqQdJXIoTedRZjxdwtzMYj/H8MSnGpQ0nTg4gs4Mk6br3hz0vBzszkrfzYmR9wMkYyVs98N/3RUQ0gCGV7Lj9/1rcnZIAe6s1DmjN7Qc0D/7XePLh2gRoc/1H194biSPNudGx1WTdzCib744NIP8sjx9/f/gg22Jw70MAbOvuvYi4MDq6uf9L8v7v+V3o45yNeej/YO/8lI1/3uo2/im0xz/RZfxzvEvbfR7bt//C4wFk01M2/vug6/i3vWg1NpJH/2uO+YrJteuVNOvb/h8RZ6N4OIu3Ws+5uPqo0etY5/gv27L8W2PBvByPRw+vv2a2XC+/SJ07PbkX8UrX8W/Svv/J2v1ft8STPR5X+szjTPrwtV7Htq//7mp8F/FG1/v/rLrJ1uuTE83nw0TrWbHZn/fP/NIr//2uf3b/j21d/7Gkc722tvM8vj3ydxrt9eT11tU/+n/+H0o+baYP5ftul+v1xcmIQ8nH7f2F1v6pZ9e24tb5Wf3Pvr51/5d06f+ORsRnfdb//unvX+117CDc/9mu9789u91w/3eeePTR59/0yr+//u/tZupsvqef/q/fAr7IYwcAAAAAAAAHTSEiTkRSKLXThUKptPb5jtNxrFCp1urnrlWXbsxG87uyY1EstFa6T3Z8HmIyXzFsxVMb4umIOBURX48cbcalmWpldr8rDwAAAAAAAAAAAAAAAAAAAAfE8R7f/8/8NrLfpQN2nZ/8huG1bfsfxC89AQeS138YXto/DK++2n9x98sB7D2v/zC8tH8YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAADdeXy5WxrrD69M5PFs7eWl+art87PprX50sLSTGmmunizNFetzlXS0kx1Ybv/V6lWb05OxdLtiXpaq0/UlleuLlSXbtSvXl8oz6VXU78iBgAAAAAAAAAAAAAAAAAAAJvVllfmy5VKuigxxIm/Go3G814+ut+Fl9iVxH73TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzD8BAAD//1hdMq0=") setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1) lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000540)='./file1\x00', &(0x7f0000000180), &(0x7f00000000c0)=ANY=[], 0x361, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000440)=ANY=[], 0xfe37, 0x0) 200.394925ms ago: executing program 2 (id=357): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f00000002c0)={0x9a00000000000000, 0x5000, 0x8, 0x4, 0x82}) 136.189813ms ago: executing program 1 (id=358): socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, 0x0, &(0x7f0000001740)) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup(r2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) write$tun(r1, &(0x7f0000000240)={@val={0x0, 0x6005}, @void, @eth={@multicast, @remote, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x1, 0x26, 0x14, 0x68, 0x0, 0x9, 0x88, 0x0, @private=0xa010101, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x2a) sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007400000000010000d800c000380060002004e210000080007400000000da800068004000380080002006401010124000380060001004e230000060001004e230000060001004e210000060002004e24000008000200e000000234000380060002004e230000060002004e240000060001004e200000060002004e200000060002004e230000060001004e200000140004000000000000000000000000000000000008000200ac1414aa140005000000000000000000000000000000000008000100e000000284000e801400018008000100ac141409080002000a0101010600034000000000060003400001000006000340000300000c000280050001009f0000000c00028005000100000000002c00018014000300", @ANYRES32], 0x1e8}, 0x1, 0x0, 0x0, 0x40040814}, 0x0) 0s ago: executing program 2 (id=359): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x102, 0xe2) open_by_handle_at(r0, &(0x7f0000000140)=@ceph_nfs_fh={0x8, 0x1, {0x80}}, 0x200001) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.146' (ED25519) to the list of known hosts. [ 81.390837][ T5755] cgroup: Unknown subsys name 'net' [ 81.511658][ T5755] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.220019][ T5755] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.639690][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.650717][ T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.658923][ T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.673118][ T5771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.680839][ T5771] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.713972][ T5771] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.732657][ T5771] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.758668][ T5768] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.766094][ T5771] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.773862][ T5768] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.796899][ T5771] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.806958][ T5772] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.818376][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.828251][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.836588][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.852772][ T5772] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.862715][ T5772] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.870400][ T5772] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.898549][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.908416][ T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.916343][ T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.931534][ T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.946642][ T51] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.963448][ T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.539264][ T5769] chnl_net:caif_netlink_parms(): no params data found [ 86.613901][ T5774] chnl_net:caif_netlink_parms(): no params data found [ 86.625720][ T5765] chnl_net:caif_netlink_parms(): no params data found [ 86.636425][ T5773] chnl_net:caif_netlink_parms(): no params data found [ 86.781632][ T5769] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.790128][ T5769] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.797735][ T5769] bridge_slave_0: entered allmulticast mode [ 86.805591][ T5769] bridge_slave_0: entered promiscuous mode [ 86.830803][ T5769] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.838351][ T5769] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.846454][ T5769] bridge_slave_1: entered allmulticast mode [ 86.854378][ T5769] bridge_slave_1: entered promiscuous mode [ 86.929821][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.940702][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.948875][ T5774] bridge_slave_0: entered allmulticast mode [ 86.959120][ T5774] bridge_slave_0: entered promiscuous mode [ 86.980490][ T5765] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.987784][ T5765] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.995077][ T5765] bridge_slave_0: entered allmulticast mode [ 87.002843][ T5765] bridge_slave_0: entered promiscuous mode [ 87.025979][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.033426][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.040710][ T5774] bridge_slave_1: entered allmulticast mode [ 87.048297][ T5774] bridge_slave_1: entered promiscuous mode [ 87.083581][ T5765] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.090780][ T5765] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.098874][ T5765] bridge_slave_1: entered allmulticast mode [ 87.107424][ T5765] bridge_slave_1: entered promiscuous mode [ 87.117097][ T5769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.131276][ T5769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.154688][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.161957][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.172683][ T5773] bridge_slave_0: entered allmulticast mode [ 87.179879][ T5773] bridge_slave_0: entered promiscuous mode [ 87.233313][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.260695][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.271086][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.283588][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.290953][ T5773] bridge_slave_1: entered allmulticast mode [ 87.302225][ T5773] bridge_slave_1: entered promiscuous mode [ 87.338006][ T5765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.356380][ T5765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.481418][ T5769] team0: Port device team_slave_0 added [ 87.496743][ T5769] team0: Port device team_slave_1 added [ 87.510918][ T5774] team0: Port device team_slave_0 added [ 87.521135][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.580300][ T5774] team0: Port device team_slave_1 added [ 87.589350][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.607744][ T5765] team0: Port device team_slave_0 added [ 87.620822][ T5765] team0: Port device team_slave_1 added [ 87.713284][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.720424][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.774803][ T5769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.804893][ T5772] Bluetooth: hci0: command tx timeout [ 87.852989][ T5769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.860180][ T5769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.882797][ T5772] Bluetooth: hci1: command tx timeout [ 87.889678][ T5769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.908014][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.915386][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.942023][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.956756][ T5773] team0: Port device team_slave_0 added [ 87.963119][ T5772] Bluetooth: hci2: command tx timeout [ 87.978970][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.986322][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.012973][ T5765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.025513][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.032795][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.045449][ T5772] Bluetooth: hci3: command tx timeout [ 88.059470][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.085885][ T5773] team0: Port device team_slave_1 added [ 88.114169][ T5765] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.121408][ T5765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.148306][ T5765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.227645][ T5769] hsr_slave_0: entered promiscuous mode [ 88.236593][ T5769] hsr_slave_1: entered promiscuous mode [ 88.263564][ T5774] hsr_slave_0: entered promiscuous mode [ 88.270328][ T5774] hsr_slave_1: entered promiscuous mode [ 88.278060][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.287125][ T5774] Cannot create hsr debugfs directory [ 88.293567][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.300650][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.328033][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.341297][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.348618][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.375087][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.455655][ T5765] hsr_slave_0: entered promiscuous mode [ 88.462212][ T5765] hsr_slave_1: entered promiscuous mode [ 88.468800][ T5765] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.476749][ T5765] Cannot create hsr debugfs directory [ 88.677641][ T5773] hsr_slave_0: entered promiscuous mode [ 88.693153][ T5773] hsr_slave_1: entered promiscuous mode [ 88.699591][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.708854][ T5773] Cannot create hsr debugfs directory [ 88.978883][ T5769] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.008171][ T5769] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.018947][ T5769] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.031925][ T5769] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.096933][ T5774] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.119365][ T5774] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.132052][ T5774] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.150033][ T5774] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.266853][ T5765] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 89.279034][ T5765] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 89.291922][ T5765] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 89.308554][ T5765] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 89.424878][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 89.450434][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 89.465501][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 89.479818][ T5769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.499852][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 89.585994][ T5769] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.611246][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.630991][ T1088] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.638703][ T1088] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.674865][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.682089][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.768188][ T5774] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.819852][ T5765] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.829540][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.836854][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.863926][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.871295][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.882729][ T5772] Bluetooth: hci0: command tx timeout [ 89.966766][ T5772] Bluetooth: hci1: command tx timeout [ 89.976077][ T5765] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.005296][ T1081] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.012673][ T1081] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.038749][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.045634][ T5772] Bluetooth: hci2: command tx timeout [ 90.089418][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.096701][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.122709][ T5772] Bluetooth: hci3: command tx timeout [ 90.160157][ T5773] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.197229][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.204587][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.262007][ T1088] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.269464][ T1088] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.301650][ T5765] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 90.450503][ T5769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.609482][ T5769] veth0_vlan: entered promiscuous mode [ 90.675631][ T5769] veth1_vlan: entered promiscuous mode [ 90.807693][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.825837][ T5769] veth0_macvtap: entered promiscuous mode [ 90.856020][ T5765] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.871735][ T5769] veth1_macvtap: entered promiscuous mode [ 90.950046][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.978957][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.991970][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.001262][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.014773][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.023803][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.043553][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.099534][ T5765] veth0_vlan: entered promiscuous mode [ 91.145113][ T5774] veth0_vlan: entered promiscuous mode [ 91.161604][ T5773] veth0_vlan: entered promiscuous mode [ 91.179651][ T5765] veth1_vlan: entered promiscuous mode [ 91.191427][ T5774] veth1_vlan: entered promiscuous mode [ 91.219049][ T5773] veth1_vlan: entered promiscuous mode [ 91.308610][ T5765] veth0_macvtap: entered promiscuous mode [ 91.319886][ T5765] veth1_macvtap: entered promiscuous mode [ 91.362636][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.371345][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.423505][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.437095][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.451015][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.483867][ T5774] veth0_macvtap: entered promiscuous mode [ 91.497933][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.508493][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.520317][ T5765] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.536111][ T5765] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.549149][ T5765] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.574175][ T5774] veth1_macvtap: entered promiscuous mode [ 91.589515][ T5765] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.599022][ T5765] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.609604][ T5765] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.619056][ T5765] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.705769][ T5773] veth0_macvtap: entered promiscuous mode [ 91.726952][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.750665][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.761793][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.778517][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.791403][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.813674][ T5773] veth1_macvtap: entered promiscuous mode [ 91.858125][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.870169][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.880636][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.892406][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.905865][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.022006][ T5857] input: syz1 as /devices/virtual/input/input5 [ 92.054539][ T5772] Bluetooth: hci0: command tx timeout [ 92.060153][ T5772] Bluetooth: hci1: command tx timeout [ 92.124075][ T5772] Bluetooth: hci2: command tx timeout [ 92.202937][ T5772] Bluetooth: hci3: command tx timeout [ 92.479318][ T787] cfg80211: failed to load regulatory.db [ 92.733399][ T5774] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.772828][ T5774] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.781796][ T5774] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.795680][ T5774] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.831378][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.858002][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.871145][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.893543][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.904675][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 92.915517][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 92.927951][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.974777][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 92.991571][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.008240][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.021357][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.032082][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 93.043031][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 93.224094][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.262812][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.274315][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.289400][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.300471][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.306084][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.311813][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.477392][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 93.625395][ T5863] input: syz0 as /devices/virtual/input/input7 [ 93.718687][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.733419][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.781268][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.824935][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.934126][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.942217][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.109253][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.127732][ T51] Bluetooth: hci0: command tx timeout [ 94.133120][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.140957][ T5772] Bluetooth: hci1: command tx timeout [ 94.185650][ T1088] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.202766][ T5772] Bluetooth: hci2: command tx timeout [ 94.218874][ T1088] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.276631][ T5870] syz.1.2[5870]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 94.286225][ T5772] Bluetooth: hci3: command tx timeout [ 94.378939][ T5870] loop1: detected capacity change from 0 to 512 [ 94.456654][ T5870] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 94.481523][ T5874] loop3: detected capacity change from 0 to 8 [ 94.490936][ T5870] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 94.556876][ T5872] loop2: detected capacity change from 0 to 2048 [ 94.589111][ T5874] unable to read inode lookup table [ 94.748113][ T5870] EXT4-fs (loop1): 1 truncate cleaned up [ 94.818216][ T5870] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 94.832029][ T5872] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 94.951318][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1'. [ 95.677175][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.698322][ T5884] loop0: detected capacity change from 0 to 512 [ 95.802353][ T5884] EXT4-fs error (device loop0): ext4_orphan_get:1398: inode #15: comm syz.0.8: inode has both inline data and extents flags [ 95.869581][ T5884] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.8: couldn't read orphan inode 15 (err -117) [ 95.900772][ T5884] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.985376][ T5884] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.009304][ T5887] loop1: detected capacity change from 0 to 2048 [ 96.073056][ T5887] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 96.094340][ T5891] loop2: detected capacity change from 0 to 512 [ 96.108426][ T5891] EXT4-fs: Mount option(s) incompatible with ext3 [ 96.372928][ T5895] EXT4-fs error (device loop1): ext4_do_update_inode:5248: inode #12: comm syz.1.9: corrupted inode contents [ 96.463868][ T5895] EXT4-fs error (device loop1): ext4_try_add_inline_entry:1336: inode #12: comm syz.1.9: mark_inode_dirty error [ 96.490263][ T5895] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz.1.9: Invalid inode table block 7385020180853243775 in block_group 0 [ 96.634048][ T5895] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 97.024837][ T5895] EXT4-fs error (device loop1): ext4_mkdir:3097: inode #12: comm syz.1.9: mark_inode_dirty error [ 97.335060][ T5895] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz.1.9: Invalid inode table block 7385020180853243775 in block_group 0 [ 97.351591][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 97.375896][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 97.396500][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.408732][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.684806][ T5903] Zero length message leads to an empty skb [ 97.723052][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 97.778135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.375100][ T5895] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 98.419752][ T5895] EXT4-fs error (device loop1): ext4_mkdir:3087: inode #18: comm syz.1.9: mark_inode_dirty error [ 98.484949][ T5907] loop3: detected capacity change from 0 to 4096 [ 98.499035][ T5895] EXT4-fs error (device loop1): __ext4_get_inode_loc:4489: comm syz.1.9: Invalid inode table block 7385020180853243775 in block_group 0 [ 98.505353][ T5907] EXT4-fs: Ignoring removed mblk_io_submit option [ 98.585250][ T5895] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5920: Corrupt filesystem [ 98.666413][ T5895] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 98.803123][ T5907] EXT4-fs (loop3): Test dummy encryption mode enabled [ 98.807052][ T5912] loop0: detected capacity change from 0 to 1024 [ 98.838141][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.915699][ T5907] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.279453][ T5907] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 99.318128][ T5911] hfsplus: can't free extent [ 99.347572][ T5911] hfsplus: can't free extent [ 99.364307][ T5911] hfsplus: can't free extent [ 99.773052][ T5927] loop1: detected capacity change from 0 to 128 [ 99.840349][ T5927] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 99.887233][ T5927] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 100.068374][ T5934] ======================================================= [ 100.068374][ T5934] WARNING: The mand mount option has been deprecated and [ 100.068374][ T5934] and is ignored by this kernel. Remove the mand [ 100.068374][ T5934] option from the mount to silence this warning. [ 100.068374][ T5934] ======================================================= [ 100.116989][ T5933] loop2: detected capacity change from 0 to 2048 [ 100.155403][ T5933] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found! [ 100.251861][ T5933] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 100.930884][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 100.979885][ T5934] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 101.877996][ T5953] loop1: detected capacity change from 0 to 2048 [ 101.910400][ T5953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 102.118359][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.249177][ T5963] loop1: detected capacity change from 0 to 256 [ 102.324162][ T5965] loop3: detected capacity change from 0 to 128 [ 102.357771][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 102.368557][ T5965] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 102.380432][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 102.391324][ T5965] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 102.399204][ T5965] UDF-fs: Scanning with blocksize 512 failed [ 102.408843][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 102.443596][ T5965] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 102.456711][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 102.468661][ T5965] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 102.476503][ T5965] UDF-fs: Scanning with blocksize 1024 failed [ 102.498201][ T5963] exFAT-fs (loop1): error, The cluster chain has a loop [ 102.518758][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 102.529448][ T5965] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 102.541685][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 102.542721][ T5963] exFAT-fs (loop1): Filesystem has been set read-only [ 102.551607][ T5965] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 102.566489][ T5965] UDF-fs: Scanning with blocksize 2048 failed [ 102.585981][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 102.622012][ T5965] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 102.650111][ T5965] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512 [ 102.660077][ T5965] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found [ 102.667956][ T5965] UDF-fs: Scanning with blocksize 4096 failed [ 102.674243][ T5965] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1) [ 102.910315][ T5963] exFAT-fs (loop1): failed to count the number of clusters in root [ 103.261947][ T5963] exFAT-fs (loop1): failed to recognize exfat type [ 104.529601][ T5978] loop1: detected capacity change from 0 to 512 [ 104.541432][ T5978] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 104.779450][ T5978] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.35: inode has both inline data and extents flags [ 104.804466][ T5987] syz.3.36 uses obsolete (PF_INET,SOCK_PACKET) [ 104.812211][ T5985] loop2: detected capacity change from 0 to 512 [ 104.859191][ T5978] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.35: couldn't read orphan inode 15 (err -117) [ 104.889779][ T5978] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.332865][ T5985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.533646][ T5985] ext4 filesystem being mounted at /9/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 105.617718][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.689268][ T5985] EXT4-fs error (device loop2): ext4_get_first_dir_block:3584: inode #12: comm syz.2.38: Directory hole found for htree leaf block 0 [ 105.727016][ T5985] EXT4-fs (loop2): Remounting filesystem read-only [ 105.812195][ T5985] Bluetooth: MGMT ver 1.22 [ 106.182135][ T5999] loop1: detected capacity change from 0 to 1024 [ 106.522745][ T5772] Bluetooth: hci3: command tx timeout [ 106.699546][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 106.742444][ T11] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 106.808743][ T11] Quota error (device loop2): write_blk: dquota write failed [ 106.862529][ T11] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries [ 106.942379][ T11] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started [ 106.989846][ T11] Quota error (device loop2): write_blk: dquota write failed [ 106.998587][ T11] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list [ 107.009192][ T11] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started [ 107.020565][ T11] Quota error (device loop2): v2_write_file_info: Can't write info structure [ 108.039749][ T1081] hfsplus: b-tree write err: -5, ino 4 [ 108.171234][ T6015] loop0: detected capacity change from 0 to 1024 [ 108.192899][ T787] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 108.259421][ T6015] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 108.270509][ T6019] loop1: detected capacity change from 0 to 1024 [ 108.341084][ T28] audit: type=1800 audit(1768420189.295:2): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.46" name="bus" dev="loop0" ino=18 res=0 errno=0 [ 108.374655][ T5766] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 108.397889][ T787] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 108.399285][ T6015] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4047: comm syz.0.46: Allocating blocks 385-513 which overlap fs metadata [ 108.418411][ T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 108.448702][ T787] usb 4-1: config 0 descriptor?? [ 108.491199][ T6015] EXT4-fs (loop0): pa ffff888079788ae0: logic 16, phys. 129, len 24 [ 108.501063][ T6015] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5388: group 0, free 0, pa_free 8 [ 108.597542][ T5774] EXT4-fs error (device loop0): ext4_lookup:1858: inode #16: comm syz-executor: iget: bad extended attribute block 8 [ 108.618223][ T5774] EXT4-fs error (device loop0): ext4_lookup:1858: inode #16: comm syz-executor: iget: bad extended attribute block 8 [ 108.989638][ T6031] loop1: detected capacity change from 0 to 4096 [ 109.018024][ T6031] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 109.043483][ T6031] EXT4-fs (loop1): Test dummy encryption mode enabled [ 109.064802][ T61] Trying to write to read-only block-device loop0 [ 109.080997][ T6031] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 109.098782][ T787] usb 4-1: Cannot set autoneg [ 109.117257][ T5774] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.126701][ T6031] System zones: 0-5 [ 109.132013][ T787] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71 [ 109.150013][ T6031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.177680][ T1081] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.223070][ T787] usb 4-1: USB disconnect, device number 2 [ 109.269910][ T6031] fs-verity: sha512 using implementation "sha512-avx2" [ 109.382665][ T1081] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.441121][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.520434][ T1081] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.680049][ T1081] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.771260][ T6039] loop1: detected capacity change from 0 to 256 [ 109.806110][ T6039] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 109.896668][ T6039] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 110.076401][ T6046] loop2: detected capacity change from 0 to 164 [ 110.451462][ T6051] loop3: detected capacity change from 0 to 512 [ 110.493447][ T6051] EXT4-fs: Ignoring removed bh option [ 110.522488][ T6051] EXT4-fs: Ignoring removed mblk_io_submit option [ 110.579640][ T6051] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 110.692405][ T27] usb 2-1: new low-speed USB device number 2 using dummy_hcd [ 110.707434][ T6051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.732460][ T6051] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 110.832769][ T6051] EXT4-fs error (device loop3): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.3.60: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0 [ 110.919669][ T6051] EXT4-fs error (device loop3): ext4_get_first_dir_block:3595: inode #12: comm syz.3.60: directory missing '.' [ 110.979361][ T27] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 110.998149][ T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 111.043416][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 111.054758][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 111.073896][ T27] usb 2-1: config 0 descriptor?? [ 111.102472][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 111.119868][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 111.131954][ T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 111.141025][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 111.146843][ T27] asix: probe of 2-1:0.0 failed with error -22 [ 111.170492][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.294767][ T6063] chnl_net:caif_netlink_parms(): no params data found [ 112.521383][ T1081] hsr_slave_0: left promiscuous mode [ 112.562426][ T1081] hsr_slave_1: left promiscuous mode [ 112.587127][ T1081] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 112.612909][ T1081] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 112.654044][ T1081] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 112.661685][ T1081] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 112.731527][ T1081] bridge_slave_1: left allmulticast mode [ 112.742454][ T1081] bridge_slave_1: left promiscuous mode [ 112.749970][ T1081] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.822739][ T1081] bridge_slave_0: left allmulticast mode [ 112.830537][ T1081] bridge_slave_0: left promiscuous mode [ 112.842760][ T1081] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.936670][ T1081] veth1_macvtap: left promiscuous mode [ 112.952975][ T1081] veth0_macvtap: left promiscuous mode [ 112.958903][ T1081] veth1_vlan: left promiscuous mode [ 112.982916][ T1081] veth0_vlan: left promiscuous mode [ 113.243145][ T51] Bluetooth: hci2: command tx timeout [ 113.944322][ T5852] usb 2-1: USB disconnect, device number 2 [ 114.813382][ T6109] loop1: detected capacity change from 0 to 16 [ 114.877275][ T6109] erofs: (device loop1): mounted with root inode @ nid 36. [ 114.941600][ T28] audit: type=1800 audit(1768420195.895:3): pid=6109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.67" name="file1" dev="loop1" ino=86 res=0 errno=0 [ 115.044901][ T1081] team0 (unregistering): Port device team_slave_1 removed [ 115.119538][ T6111] loop2: detected capacity change from 0 to 512 [ 115.171143][ T6111] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.68: corrupted in-inode xattr: invalid ea_ino [ 115.228020][ T6111] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.68: couldn't read orphan inode 15 (err -117) [ 115.269861][ T1081] team0 (unregistering): Port device team_slave_0 removed [ 115.282575][ T6114] loop3: detected capacity change from 0 to 2048 [ 115.312712][ T6114] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 115.322474][ T51] Bluetooth: hci2: command tx timeout [ 115.351920][ T6111] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 115.489957][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.537199][ T1081] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 115.659738][ T28] audit: type=1800 audit(1768420196.615:4): pid=6114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.69" name="file1" dev="loop3" ino=1346 res=0 errno=0 [ 115.714186][ T6121] loop2: detected capacity change from 0 to 128 [ 115.740818][ T6121] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 115.831102][ T6121] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40) [ 115.856236][ T1081] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 117.252145][ T6140] loop1: detected capacity change from 0 to 164 [ 117.343617][ T5778] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 117.402686][ T51] Bluetooth: hci2: command tx timeout [ 117.639543][ T6147] loop2: detected capacity change from 0 to 4096 [ 117.683221][ T6147] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.883512][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.965948][ T1081] bond0 (unregistering): Released all slaves [ 118.336314][ T6063] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.372542][ T6063] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.379977][ T6063] bridge_slave_0: entered allmulticast mode [ 118.434552][ T6063] bridge_slave_0: entered promiscuous mode [ 118.454655][ T6063] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.472569][ T6063] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.491716][ T6165] loop1: detected capacity change from 0 to 256 [ 118.499251][ T6063] bridge_slave_1: entered allmulticast mode [ 118.513941][ T6063] bridge_slave_1: entered promiscuous mode [ 118.630304][ T6063] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.651147][ T6165] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d) [ 118.690663][ T6063] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.966919][ T6063] team0: Port device team_slave_0 added [ 119.007132][ T6063] team0: Port device team_slave_1 added [ 119.133529][ T6063] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.151483][ T6063] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.205596][ T6179] loop2: detected capacity change from 0 to 128 [ 119.212459][ T6063] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.235052][ T6063] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.245748][ T6179] FAT-fs (loop2): Unrecognized mount option "shortname=winntl=0" or missing value [ 119.269769][ T6063] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 119.323644][ T6063] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.482678][ T51] Bluetooth: hci2: command tx timeout [ 119.651198][ T6191] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 119.696940][ T6063] hsr_slave_0: entered promiscuous mode [ 119.712397][ T5852] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 119.736852][ T6063] hsr_slave_1: entered promiscuous mode [ 119.760248][ T6063] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 119.792861][ T6063] Cannot create hsr debugfs directory [ 119.912605][ T5852] usb 4-1: Using ep0 maxpacket: 16 [ 119.924517][ T5852] usb 4-1: config 0 has an invalid interface number: 1 but max is 0 [ 119.942768][ T5852] usb 4-1: config 0 has no interface number 0 [ 119.949075][ T5852] usb 4-1: config 0 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 119.991786][ T5852] usb 4-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d [ 120.016251][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.042949][ T5852] usb 4-1: Product: syz [ 120.047305][ T5852] usb 4-1: Manufacturer: syz [ 120.052151][ T5852] usb 4-1: SerialNumber: syz [ 120.074385][ T5852] usb 4-1: config 0 descriptor?? [ 120.094889][ T5852] usb 4-1: Quirk or no altest; falling back to MIDI 1.0 [ 120.227550][ T5852] snd-usb-audio: probe of 4-1:0.1 failed with error -2 [ 120.283299][ T5778] udevd[5778]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 120.326579][ T6063] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 120.349519][ T6063] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 120.383612][ T5852] usb 4-1: USB disconnect, device number 3 [ 120.504747][ T6063] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 120.546786][ T6063] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 120.758131][ T6063] 8021q: adding VLAN 0 to HW filter on device bond0 [ 120.811337][ T6063] 8021q: adding VLAN 0 to HW filter on device team0 [ 120.872001][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.879380][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 120.915777][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.923921][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 120.925443][ T6213] loop1: detected capacity change from 0 to 512 [ 121.018633][ T6213] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 121.570288][ T6223] veth0_to_team: default FDB implementation only supports local addresses [ 122.109042][ T6229] loop3: detected capacity change from 0 to 512 [ 122.137173][ T6229] EXT4-fs: Ignoring removed i_version option [ 122.210072][ T6229] EXT4-fs: Ignoring removed nobh option [ 122.265806][ T6229] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 122.453938][ T6229] EXT4-fs (loop3): 1 truncate cleaned up [ 122.461220][ T6229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.954172][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.344647][ T6063] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.551984][ T6246] loop3: detected capacity change from 0 to 256 [ 124.030188][ T6262] loop3: detected capacity change from 0 to 512 [ 124.139642][ T6262] EXT4-fs (loop3): 1 truncate cleaned up [ 124.204005][ T6262] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 124.337429][ T6262] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Out of memory [ 124.385787][ T6262] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #15: comm syz.3.102: mark_inode_dirty error [ 124.416579][ T6262] EXT4-fs error (device loop3): ext4_discard_preallocations:5627: comm syz.3.102: Error -117 loading buddy information for 4294967293 [ 124.466802][ T6262] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #15: comm syz.3.102: attempt to clear invalid blocks 37 len 1 [ 124.505703][ T6262] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Out of memory [ 124.537016][ T6063] veth0_vlan: entered promiscuous mode [ 124.563199][ T6262] EXT4-fs error (device loop3): ext4_punch_hole:4134: inode #15: comm syz.3.102: mark_inode_dirty error [ 124.589158][ T6063] veth1_vlan: entered promiscuous mode [ 124.723261][ T6063] veth0_macvtap: entered promiscuous mode [ 124.756122][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.776000][ T6063] veth1_macvtap: entered promiscuous mode [ 124.853900][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.900335][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 124.951310][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 124.980026][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.003870][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 125.050577][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.076173][ T6063] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 125.098442][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.133489][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.179832][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.192856][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.212699][ T6063] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 125.234714][ T6063] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 125.264813][ T6063] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 125.287408][ T6063] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.312327][ T6063] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.332620][ T6063] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.341932][ T6063] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 125.581931][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.606647][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.709536][ T6225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.754666][ T6225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 126.294267][ T6313] netlink: 8 bytes leftover after parsing attributes in process `syz.3.112'. [ 126.320339][ T6314] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.446654][ T6326] loop4: detected capacity change from 0 to 1024 [ 127.473483][ T6326] EXT4-fs: quotafile must be on filesystem root [ 127.530497][ T6336] Illegal XDP return value 1608975028 on prog (id 20) dev syz_tun, expect packet loss! [ 127.769933][ T6341] input: syz0 as /devices/virtual/input/input8 [ 127.929369][ T6346] loop4: detected capacity change from 0 to 1024 [ 127.988349][ T6346] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.162371][ T5805] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 128.259329][ T6352] loop3: detected capacity change from 0 to 2048 [ 128.280300][ T6352] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=3932051, location=3932051 [ 128.336558][ T6354] loop4: detected capacity change from 0 to 1024 [ 128.373678][ T6352] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 128.374962][ T5805] usb 2-1: Using ep0 maxpacket: 8 [ 128.406862][ T5805] usb 2-1: config 179 has an invalid interface number: 65 but max is 0 [ 128.430534][ T5805] usb 2-1: config 179 has no interface number 0 [ 128.448029][ T5805] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7 [ 128.470790][ T5805] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024 [ 128.499285][ T5805] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0 [ 128.534489][ T6354] hfsplus: request for non-existent node 62977 in B*Tree [ 128.563927][ T6354] hfsplus: request for non-existent node 62977 in B*Tree [ 128.564045][ T5805] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23 [ 128.564098][ T5805] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb [ 128.665408][ T5805] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.689622][ T11] hfsplus: b-tree write err: -5, ino 3 [ 128.728798][ T6345] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 128.888152][ T6359] loop3: detected capacity change from 0 to 512 [ 128.966220][ T6359] EXT4-fs: inline encryption not supported [ 129.018705][ T9] usb 2-1: USB disconnect, device number 3 [ 129.412847][ T6359] EXT4-fs error (device loop3): ext4_orphan_get:1424: comm syz.3.125: bad orphan inode 15 [ 129.602791][ T6363] loop4: detected capacity change from 0 to 1024 [ 129.649630][ T6363] EXT4-fs: Ignoring removed oldalloc option [ 129.663470][ T6359] ext4_test_bit(bit=14, block=5) = 0 [ 129.686306][ T6359] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.735213][ T6363] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities [ 129.883783][ T28] audit: type=1326 audit(1768420210.814:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6362 comm="syz.4.127" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f10ec58f749 code=0x0 [ 129.954152][ T6376] warning: `syz.2.128' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 129.995912][ T6377] loop1: detected capacity change from 0 to 512 [ 130.095637][ T6377] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 130.120107][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.172426][ T6377] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 130.620786][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.661087][ T6391] loop3: detected capacity change from 0 to 512 [ 130.710818][ T6391] EXT4-fs: Ignoring removed i_version option [ 130.727063][ T6391] EXT4-fs: Ignoring removed oldalloc option [ 130.745735][ T6391] EXT4-fs (loop3): Test dummy encryption mode enabled [ 130.823834][ T6391] EXT4-fs (loop3): 1 truncate cleaned up [ 130.901452][ T6391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.184098][ T6391] EXT4-fs error (device loop3): ext4_validate_block_bitmap:421: comm syz.3.132: bg 0: bad block bitmap checksum [ 131.255843][ T6391] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6653: Filesystem failed CRC [ 131.790986][ T6391] EXT4-fs error (device loop3): ext4_free_branches:1043: inode #13: block 234881024: comm syz.3.132: Read failure [ 131.918746][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.123004][ T6415] loop3: detected capacity change from 0 to 512 [ 132.158402][ T6415] ext4: Unknown parameter 'nouser_xattr' [ 132.230865][ T5778] udevd[5778]: incorrect ext4 checksum on /dev/loop3 [ 132.265186][ T6419] loop4: detected capacity change from 0 to 1024 [ 132.286477][ T6419] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 132.305092][ T5778] udevd[5778]: incorrect ext4 checksum on /dev/loop3 [ 132.372515][ T6419] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 132.580356][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 132.684507][ T6427] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1420284373 (45449099936 ns) > initial count (5257758976 ns). Using initial count to start timer. [ 133.326150][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.335588][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.076108][ T6454] loop4: detected capacity change from 0 to 1024 [ 134.117873][ T6454] EXT4-fs: Ignoring removed nobh option [ 134.142563][ T6454] EXT4-fs: inline encryption not supported [ 134.149636][ T6454] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 134.208557][ T6454] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 134.355346][ T6463] loop3: detected capacity change from 0 to 136 [ 134.649848][ T6466] loop1: detected capacity change from 0 to 1024 [ 134.972388][ T6225] hfsplus: b-tree write err: -5, ino 4 [ 135.059533][ T6470] loop3: detected capacity change from 0 to 256 [ 135.138237][ T6470] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 135.294458][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 135.315287][ T6475] loop1: detected capacity change from 0 to 256 [ 135.705855][ T6480] loop4: detected capacity change from 0 to 1024 [ 135.752316][ T6480] EXT4-fs: Ignoring removed mblk_io_submit option [ 135.805401][ T6480] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 135.839264][ T6480] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 135.934210][ T6480] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.157: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 136.042746][ T6480] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.157: couldn't read orphan inode 11 (err -117) [ 136.067637][ T6480] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 136.161850][ T6490] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 136.927581][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.943227][ T6492] loop1: detected capacity change from 0 to 256 [ 136.988956][ T6492] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 137.002541][ T6492] exFAT-fs (loop1): Medium has reported failures. Some data may be lost. [ 137.060308][ T6492] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d) [ 137.341889][ T6502] loop3: detected capacity change from 0 to 512 [ 137.349649][ T6502] EXT4-fs: Ignoring removed i_version option [ 137.443964][ T6502] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 137.511611][ T6508] netlink: 8 bytes leftover after parsing attributes in process `syz.4.166'. [ 137.520882][ T6508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.166'. [ 137.665443][ T6502] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 137.844493][ T6508] wireguard0: entered promiscuous mode [ 137.850798][ T6508] wireguard0: entered allmulticast mode [ 137.990399][ T6502] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 138.591043][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.648741][ T6523] loop4: detected capacity change from 0 to 512 [ 138.751635][ T6523] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.865774][ T6529] loop3: detected capacity change from 0 to 1024 [ 138.889781][ T6529] EXT4-fs: Ignoring removed nomblk_io_submit option [ 138.903872][ T5766] udevd[5766]: incorrect ext4 checksum on /dev/loop4 [ 138.913080][ T6529] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 138.945356][ T6523] EXT4-fs warning (device loop4): verify_group_input:151: Cannot add at group 25 (only 1 groups) [ 138.976312][ T6529] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 138.998436][ T6529] System zones: 0-1, 3-36 [ 139.033042][ T6529] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.123138][ T6536] loop1: detected capacity change from 0 to 1024 [ 139.137357][ T6536] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 139.148007][ T5766] udevd[5766]: incorrect ext4 checksum on /dev/loop4 [ 139.232061][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.307223][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 139.545971][ T6545] loop1: detected capacity change from 0 to 1024 [ 139.706187][ T11] hfsplus: b-tree write err: -5, ino 3 [ 139.738530][ T6547] loop3: detected capacity change from 0 to 1024 [ 139.766896][ T6547] EXT4-fs: Ignoring removed i_version option [ 139.810559][ T6547] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 139.865341][ T6547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.867689][ T6551] loop1: detected capacity change from 0 to 128 [ 139.904313][ T6551] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 139.983341][ T6551] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.148396][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 140.160824][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.199643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 140.208439][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 140.629999][ T6569] loop1: detected capacity change from 0 to 512 [ 140.728076][ T6569] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 140.799364][ T6569] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.844208][ T6580] syz.2.187[6580] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.844473][ T6580] syz.2.187[6580] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 140.886648][ T28] audit: type=1800 audit(1768420221.836:6): pid=6569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.183" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 141.018174][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.065707][ T6584] tc_dump_action: action bad kind [ 141.569686][ T6593] loop1: detected capacity change from 0 to 2048 [ 141.629247][ T6593] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 141.768276][ T6595] loop4: detected capacity change from 0 to 1024 [ 141.975829][ T6597] loop3: detected capacity change from 0 to 128 [ 142.010750][ T6597] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 142.054375][ T6597] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.654309][ T6611] loop1: detected capacity change from 0 to 128 [ 142.845216][ T6611] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 142.890377][ T6611] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 143.362178][ T5765] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 144.634121][ T6631] loop1: detected capacity change from 0 to 2048 [ 144.676319][ T6631] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found! [ 144.735633][ T6631] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 145.213652][ T6640] Cannot find del_set index 0 as target [ 145.235729][ T6639] loop1: detected capacity change from 0 to 1024 [ 145.267317][ T6639] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 145.317625][ T6639] JBD2: no valid journal superblock found [ 145.361415][ T6639] EXT4-fs (loop1): Could not load journal inode [ 145.510646][ T5778] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 145.708637][ T6647] loop3: detected capacity change from 0 to 1024 [ 145.728746][ T6647] ext4: Unknown parameter 'subj_role' [ 145.973942][ T6651] input: syz1 as /devices/virtual/input/input9 [ 146.149831][ T6658] loop4: detected capacity change from 0 to 1024 [ 146.172539][ T6658] EXT4-fs: Ignoring removed i_version option [ 146.275965][ T6658] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.349595][ T6669] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'. [ 146.382912][ T6664] loop3: detected capacity change from 0 to 8 [ 146.424798][ T6667] loop1: detected capacity change from 0 to 512 [ 146.480152][ T6667] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 146.511542][ T6664] SQUASHFS error: lzo decompression failed, data probably corrupt [ 146.542139][ T6667] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.209: iget: bad i_size value: 38620345925642 [ 146.594520][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.616714][ T6667] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.209: couldn't read orphan inode 15 (err -117) [ 146.633934][ T6664] SQUASHFS error: Failed to read block 0x91: -5 [ 146.666858][ T6664] SQUASHFS error: Unable to read metadata cache entry [8f] [ 146.712098][ T6664] SQUASHFS error: Unable to read inode 0x11f [ 146.721356][ T6667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 146.872662][ T6667] EXT4-fs error (device loop1): ext4_lookup:1858: inode #15: comm syz.1.209: iget: bad i_size value: 38620345925642 [ 147.034036][ T6680] loop4: detected capacity change from 0 to 2364 [ 147.433355][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 147.643067][ T6699] loop4: detected capacity change from 0 to 1024 [ 147.649699][ T5805] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 147.653030][ T6700] loop1: detected capacity change from 0 to 512 [ 147.671874][ T6696] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 147.733741][ T6700] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 147.787513][ T6700] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 147.898551][ T5805] usb 4-1: Using ep0 maxpacket: 32 [ 147.924833][ T5805] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 147.961281][ T5805] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 147.978703][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 148.007836][ T5805] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 148.039566][ T5805] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.078325][ T5805] usb 4-1: config 0 descriptor?? [ 148.282575][ T6715] loop1: detected capacity change from 0 to 1024 [ 148.334334][ T6715] EXT4-fs: Ignoring removed nomblk_io_submit option [ 148.428358][ T6715] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 148.497985][ T6715] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 148.545220][ T6715] System zones: 0-1, 3-36 [ 148.592639][ T5805] savu 0003:1E7D:2D5A.0001: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0 [ 148.638781][ T6720] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #3: comm syz.4.228: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 3, max 2(4), depth 0(0) [ 148.682036][ T6715] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 148.765316][ T6720] EXT4-fs error (device loop4): ext4_quota_enable:7143: comm syz.4.228: Bad quota inode: 3, type: 0 [ 148.850500][ T6002] usb 4-1: USB disconnect, device number 4 [ 148.880003][ T6720] EXT4-fs warning (device loop4): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix. [ 148.944226][ T6720] EXT4-fs (loop4): mount failed [ 149.021681][ T5765] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 149.148409][ T6726] fido_id[6726]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 149.851896][ T6749] set_capacity_and_notify: 1 callbacks suppressed [ 149.851913][ T6749] loop3: detected capacity change from 0 to 2048 [ 149.950361][ T6749] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 151.541099][ T6741] capability: warning: `syz.2.232' uses deprecated v2 capabilities in a way that may be insecure [ 151.905826][ T6778] loop3: detected capacity change from 0 to 512 [ 152.003831][ T5778] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 152.530725][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.542586][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.550944][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.560106][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.568120][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.575966][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.585301][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.593381][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.618226][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.632240][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.643499][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.668327][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.687895][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.700082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 152.709239][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 152.716350][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.748407][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.762457][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.781652][ T9] hid-generic 0002:0004:0009.0002: unknown main item tag 0x0 [ 152.821580][ T9] hid-generic 0002:0004:0009.0002: hidraw0: HID v0.04 Device [syz0] on syz0 [ 153.102522][ T6799] fido_id[6799]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 155.798297][ T6827] xt_CT: You must specify a L4 protocol and not use inversions on it [ 157.048081][ T6843] loop3: detected capacity change from 0 to 512 [ 157.208106][ T6843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 157.267003][ T6843] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 157.340046][ T6843] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #2: comm syz.3.252: corrupted inode contents [ 157.385386][ T6843] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #2: comm syz.3.252: mark_inode_dirty error [ 157.422243][ T6843] EXT4-fs error (device loop3): ext4_do_update_inode:5248: inode #2: comm syz.3.252: corrupted inode contents [ 157.431194][ T6857] loop4: detected capacity change from 0 to 16 [ 157.477667][ T6843] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.252: mark_inode_dirty error [ 157.541450][ T6857] erofs: (device loop4): mounted with root inode @ nid 36. [ 157.601320][ T6857] syz.4.256: attempt to access beyond end of device [ 157.601320][ T6857] loop4: rw=524288, sector=8, nr_sectors = 24 limit=16 [ 157.687070][ T6857] syz.4.256: attempt to access beyond end of device [ 157.687070][ T6857] loop4: rw=524288, sector=16, nr_sectors = 40 limit=16 [ 157.719362][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.746868][ T6857] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 157.808987][ T28] audit: type=1800 audit(1768420238.770:7): pid=6857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.256" name="file2" dev="loop4" ino=89 res=0 errno=0 [ 157.861955][ T6869] netlink: 92 bytes leftover after parsing attributes in process `syz.1.261'. [ 158.271537][ T6882] loop4: detected capacity change from 0 to 1764 [ 158.399303][ T6888] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 159.438299][ T6905] fuse: Bad value for 'fd' [ 159.729259][ T6908] loop3: detected capacity change from 0 to 256 [ 159.861044][ T5778] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 159.981353][ T6917] loop4: detected capacity change from 0 to 512 [ 160.013967][ T6917] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 160.097208][ T6917] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002] [ 160.105506][ T6917] System zones: 1-12 [ 160.155239][ T6917] EXT4-fs error (device loop4): ext4_iget_extra_inode:4732: inode #15: comm syz.4.273: corrupted in-inode xattr: e_value size too large [ 160.194849][ T6917] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.273: couldn't read orphan inode 15 (err -117) [ 160.273354][ T6917] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 161.101207][ T6063] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 161.497865][ T6940] loop4: detected capacity change from 0 to 16 [ 161.540222][ T6940] erofs: (device loop4): mounted with root inode @ nid 36. [ 162.184589][ T6950] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36 [ 162.377346][ T6950] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -44 in[46, 4050] out[1851] [ 162.390254][ T6950] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36 [ 162.482097][ T51] Bluetooth: hci2: command tx timeout [ 162.614892][ T6960] loop3: detected capacity change from 0 to 128 [ 163.675405][ T6960] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 163.733366][ C0] sched: RT throttling activated [ 163.835347][ T6960] ext4 filesystem being mounted at /67/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 164.095114][ T6960] EXT4-fs (loop3): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 164.382511][ T5769] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 165.414360][ T6993] xt_CT: You must specify a L4 protocol and not use inversions on it [ 168.982905][ T7057] loop3: detected capacity change from 0 to 256 [ 168.990697][ T7057] FAT-fs (loop3): Unrecognized mount option "/dev/kvm" or missing value [ 170.028722][ T7069] netlink: 36 bytes leftover after parsing attributes in process `syz.4.309'. [ 170.399114][ T7082] loop3: detected capacity change from 0 to 512 [ 170.483495][ T7082] ext4: Unknown parameter 'noacl' [ 170.752571][ T28] audit: type=1107 audit(1768420251.713:8): pid=7092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ñ¶&8' [ 170.981736][ T6002] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 171.172460][ T6002] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 142, changing to 11 [ 171.193166][ T6002] usb 4-1: New USB device found, idVendor=05ac, idProduct=024a, bcdDevice= 0.00 [ 171.206346][ T6002] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.229017][ T6002] usb 4-1: config 0 descriptor?? [ 171.435172][ T7113] fuse: Bad value for 'fd' [ 171.671155][ T6002] apple 0003:05AC:024A.0003: unknown main item tag 0x0 [ 171.692864][ T6002] apple 0003:05AC:024A.0003: unknown main item tag 0x0 [ 171.708551][ T6002] apple 0003:05AC:024A.0003: unknown main item tag 0x0 [ 171.731673][ T6002] apple 0003:05AC:024A.0003: unknown main item tag 0x0 [ 171.740199][ T7124] loop4: detected capacity change from 0 to 256 [ 171.751054][ T6002] apple 0003:05AC:024A.0003: unknown main item tag 0x0 [ 171.778428][ T6002] apple 0003:05AC:024A.0003: hidraw0: USB HID v58.6c Device [HID 05ac:024a] on usb-dummy_hcd.3-1/input0 [ 171.875160][ T6002] usb 4-1: USB disconnect, device number 5 [ 172.023182][ T7126] fido_id[7126]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 172.103860][ T7132] fuse: Bad value for 'fd' [ 172.219523][ T7136] loop4: detected capacity change from 0 to 128 [ 172.276172][ T7136] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 172.312423][ T7136] ext4 filesystem being mounted at /52/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 172.380848][ T6063] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 172.702552][ T7150] loop4: detected capacity change from 0 to 2048 [ 172.743395][ T7150] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 172.802934][ T7158] loop3: detected capacity change from 0 to 2048 [ 172.824008][ T7150] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 172.849466][ T7158] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 173.440035][ T7172] loop4: detected capacity change from 0 to 1024 [ 173.519304][ T7172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 173.599338][ T7172] ================================================================== [ 173.607489][ T7172] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90 [ 173.615288][ T7172] Read of size 18446744073709551588 at addr ffff88807c94b040 by task syz.4.356/7172 [ 173.624887][ T7172] [ 173.627354][ T7172] CPU: 1 PID: 7172 Comm: syz.4.356 Not tainted syzkaller #0 [ 173.634685][ T7172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 173.644982][ T7172] Call Trace: [ 173.648312][ T7172] [ 173.651289][ T7172] dump_stack_lvl+0x16c/0x230 [ 173.656195][ T7172] ? read_lock_is_recursive+0x20/0x20 [ 173.661695][ T7172] ? show_regs_print_info+0x20/0x20 [ 173.667180][ T7172] ? load_image+0x3b0/0x3b0 [ 173.671905][ T7172] ? _raw_spin_lock_irqsave+0xb4/0xf0 [ 173.677591][ T7172] ? __virt_addr_valid+0x18c/0x540 [ 173.682929][ T7172] ? __virt_addr_valid+0x469/0x540 [ 173.688067][ T7172] print_report+0xac/0x220 [ 173.692603][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 173.698133][ T7172] kasan_report+0x117/0x150 [ 173.703026][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 173.708623][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 173.714197][ T7172] kasan_check_range+0x288/0x290 [ 173.719162][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 173.724851][ T7172] __asan_memmove+0x29/0x70 [ 173.729477][ T7172] ext4_xattr_set_entry+0x94b/0x1e90 [ 173.735094][ T7172] ext4_xattr_block_set+0xae3/0x32a0 [ 173.740680][ T7172] ? ext4_destroy_inode+0x200/0x200 [ 173.746189][ T7172] ? proc_nr_inodes+0x230/0x230 [ 173.751797][ T7172] ? do_raw_spin_unlock+0x121/0x230 [ 173.757392][ T7172] ? _raw_spin_unlock+0x28/0x40 [ 173.762371][ T7172] ? ext4_xattr_block_find+0x350/0x350 [ 173.768037][ T7172] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 173.773452][ T7172] ext4_xattr_set_handle+0x1346/0x1580 [ 173.778947][ T7172] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 173.784967][ T7172] ? __ext4_journal_start_sb+0x259/0x570 [ 173.790724][ T7172] ext4_xattr_set+0x22d/0x320 [ 173.795698][ T7172] ? end_current_label_crit_section+0x170/0x170 [ 173.802237][ T7172] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 173.807865][ T7172] ? posix_xattr_acl+0x93/0xb0 [ 173.812769][ T7172] ? evm_protect_xattr+0x36d/0x7a0 [ 173.818004][ T7172] ? ext4_xattr_trusted_get+0x40/0x40 [ 173.823708][ T7172] __vfs_setxattr+0x431/0x470 [ 173.828454][ T7172] __vfs_setxattr_noperm+0x12d/0x5e0 [ 173.833880][ T7172] vfs_setxattr+0x16c/0x2f0 [ 173.838663][ T7172] ? xattr_permission+0x470/0x470 [ 173.843725][ T7172] ? __mnt_want_write+0x223/0x2a0 [ 173.848795][ T7172] ? path_setxattr+0x314/0x550 [ 173.853696][ T7172] path_setxattr+0x362/0x550 [ 173.858327][ T7172] ? simple_xattrs_free+0x150/0x150 [ 173.863585][ T7172] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 173.869806][ T7172] ? lock_chain_count+0x20/0x20 [ 173.875104][ T7172] __x64_sys_lsetxattr+0xb8/0xd0 [ 173.880342][ T7172] do_syscall_64+0x55/0xb0 [ 173.884788][ T7172] ? clear_bhb_loop+0x40/0x90 [ 173.889491][ T7172] ? clear_bhb_loop+0x40/0x90 [ 173.894315][ T7172] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 173.900255][ T7172] RIP: 0033:0x7f10ec58f749 [ 173.904799][ T7172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.925142][ T7172] RSP: 002b:00007f10ed456038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 173.933858][ T7172] RAX: ffffffffffffffda RBX: 00007f10ec7e5fa0 RCX: 00007f10ec58f749 [ 173.942220][ T7172] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 173.950577][ T7172] RBP: 00007f10ec613f91 R08: 0000000000000000 R09: 0000000000000000 [ 173.958680][ T7172] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 173.966941][ T7172] R13: 00007f10ec7e6038 R14: 00007f10ec7e5fa0 R15: 00007fff37923f78 [ 173.975316][ T7172] [ 173.978377][ T7172] [ 173.980741][ T7172] Allocated by task 7172: [ 173.985246][ T7172] kasan_set_track+0x4e/0x70 [ 173.989969][ T7172] __kasan_kmalloc+0x8f/0xa0 [ 173.994670][ T7172] __kmalloc_node_track_caller+0xb2/0x230 [ 174.000537][ T7172] kmemdup+0x2b/0x70 [ 174.004474][ T7172] ext4_xattr_block_set+0x9e5/0x32a0 [ 174.009890][ T7172] ext4_xattr_set_handle+0x1346/0x1580 [ 174.015406][ T7172] ext4_xattr_set+0x22d/0x320 [ 174.020113][ T7172] __vfs_setxattr+0x431/0x470 [ 174.024815][ T7172] __vfs_setxattr_noperm+0x12d/0x5e0 [ 174.030134][ T7172] vfs_setxattr+0x16c/0x2f0 [ 174.034723][ T7172] path_setxattr+0x362/0x550 [ 174.039520][ T7172] __x64_sys_lsetxattr+0xb8/0xd0 [ 174.044665][ T7172] do_syscall_64+0x55/0xb0 [ 174.049197][ T7172] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 174.055294][ T7172] [ 174.057647][ T7172] The buggy address belongs to the object at ffff88807c94b000 [ 174.057647][ T7172] which belongs to the cache kmalloc-1k of size 1024 [ 174.072082][ T7172] The buggy address is located 64 bytes inside of [ 174.072082][ T7172] 1024-byte region [ffff88807c94b000, ffff88807c94b400) [ 174.085645][ T7172] [ 174.088029][ T7172] The buggy address belongs to the physical page: [ 174.094479][ T7172] page:ffffea0001f25200 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c948 [ 174.104918][ T7172] head:ffffea0001f25200 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 174.114069][ T7172] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff) [ 174.122265][ T7172] page_type: 0xffffffff() [ 174.126615][ T7172] raw: 00fff00000000840 ffff888017841dc0 dead000000000100 dead000000000122 [ 174.135426][ T7172] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000 [ 174.144183][ T7172] page dumped because: kasan: bad access detected [ 174.150628][ T7172] page_owner tracks the page as allocated [ 174.156450][ T7172] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 42, tgid 42 (kworker/u4:2), ts 93745357138, free_ts 91194286207 [ 174.178377][ T7172] post_alloc_hook+0x1cd/0x210 [ 174.183189][ T7172] get_page_from_freelist+0x195c/0x19f0 [ 174.188878][ T7172] __alloc_pages+0x1e3/0x460 [ 174.193772][ T7172] alloc_slab_page+0x5d/0x170 [ 174.198588][ T7172] new_slab+0x87/0x2e0 [ 174.202798][ T7172] ___slab_alloc+0xc6d/0x1300 [ 174.207614][ T7172] __kmem_cache_alloc_node+0x1a2/0x260 [ 174.213207][ T7172] __kmalloc_node_track_caller+0xa2/0x230 [ 174.218959][ T7172] kmalloc_reserve+0x116/0x240 [ 174.223868][ T7172] pskb_expand_head+0x185/0x1230 [ 174.228926][ T7172] batadv_skb_head_push+0x166/0x200 [ 174.234444][ T7172] batadv_send_skb_packet+0xeb/0x650 [ 174.239868][ T7172] batadv_iv_send_outstanding_bat_ogm_packet+0x69a/0x840 [ 174.247060][ T7172] process_scheduled_works+0xa45/0x15b0 [ 174.252662][ T7172] worker_thread+0xa55/0xfc0 [ 174.257386][ T7172] kthread+0x2fa/0x390 [ 174.261574][ T7172] page last free stack trace: [ 174.266276][ T7172] free_unref_page_prepare+0x7ce/0x8e0 [ 174.272174][ T7172] free_unref_page+0x32/0x2e0 [ 174.277177][ T7172] __slab_free+0x35e/0x410 [ 174.281822][ T7172] qlist_free_all+0x75/0xe0 [ 174.286541][ T7172] kasan_quarantine_reduce+0x143/0x160 [ 174.292216][ T7172] __kasan_slab_alloc+0x22/0x80 [ 174.297125][ T7172] slab_post_alloc_hook+0x6e/0x4d0 [ 174.302270][ T7172] __kmem_cache_alloc_node+0x13e/0x260 [ 174.307880][ T7172] kmalloc_trace+0x2a/0xe0 [ 174.312331][ T7172] syslog_print+0xd3/0x590 [ 174.317037][ T7172] do_syslog+0x576/0x7f0 [ 174.321313][ T7172] __x64_sys_syslog+0x7c/0x90 [ 174.326023][ T7172] do_syscall_64+0x55/0xb0 [ 174.330724][ T7172] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 174.336647][ T7172] [ 174.339074][ T7172] Memory state around the buggy address: [ 174.344731][ T7172] ffff88807c94af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 174.352908][ T7172] ffff88807c94af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 174.361172][ T7172] >ffff88807c94b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 174.369367][ T7172] ^ [ 174.375632][ T7172] ffff88807c94b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 174.383800][ T7172] ffff88807c94b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 174.391969][ T7172] ================================================================== [ 174.409665][ T7172] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 174.417201][ T7172] CPU: 0 PID: 7172 Comm: syz.4.356 Not tainted syzkaller #0 [ 174.424615][ T7172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 174.434996][ T7172] Call Trace: [ 174.438314][ T7172] [ 174.441491][ T7172] dump_stack_lvl+0x16c/0x230 [ 174.446221][ T7172] ? show_regs_print_info+0x20/0x20 [ 174.451560][ T7172] ? load_image+0x3b0/0x3b0 [ 174.456125][ T7172] panic+0x2c0/0x710 [ 174.460159][ T7172] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 174.466365][ T7172] ? bpf_jit_dump+0xd0/0xd0 [ 174.470922][ T7172] ? _raw_spin_unlock_irqrestore+0xfa/0x110 [ 174.477030][ T7172] ? _raw_spin_unlock+0x40/0x40 [ 174.481938][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 174.487531][ T7172] check_panic_on_warn+0x84/0xa0 [ 174.492597][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 174.498176][ T7172] end_report+0x6f/0x140 [ 174.502449][ T7172] kasan_report+0x128/0x150 [ 174.507148][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 174.512641][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 174.518146][ T7172] kasan_check_range+0x288/0x290 [ 174.523215][ T7172] ? ext4_xattr_set_entry+0x94b/0x1e90 [ 174.528901][ T7172] __asan_memmove+0x29/0x70 [ 174.533879][ T7172] ext4_xattr_set_entry+0x94b/0x1e90 [ 174.539342][ T7172] ext4_xattr_block_set+0xae3/0x32a0 [ 174.544834][ T7172] ? ext4_destroy_inode+0x200/0x200 [ 174.550073][ T7172] ? proc_nr_inodes+0x230/0x230 [ 174.555015][ T7172] ? do_raw_spin_unlock+0x121/0x230 [ 174.560342][ T7172] ? _raw_spin_unlock+0x28/0x40 [ 174.565263][ T7172] ? ext4_xattr_block_find+0x350/0x350 [ 174.570928][ T7172] ? ext4_xattr_ibody_set+0x50d/0x6a0 [ 174.576585][ T7172] ext4_xattr_set_handle+0x1346/0x1580 [ 174.582272][ T7172] ? ext4_xattr_inode_free_quota+0x1b0/0x1b0 [ 174.588318][ T7172] ? __ext4_journal_start_sb+0x259/0x570 [ 174.594090][ T7172] ext4_xattr_set+0x22d/0x320 [ 174.598898][ T7172] ? end_current_label_crit_section+0x170/0x170 [ 174.605696][ T7172] ? ext4_xattr_set_credits+0x2f0/0x2f0 [ 174.611280][ T7172] ? posix_xattr_acl+0x93/0xb0 [ 174.616183][ T7172] ? evm_protect_xattr+0x36d/0x7a0 [ 174.621350][ T7172] ? ext4_xattr_trusted_get+0x40/0x40 [ 174.626765][ T7172] __vfs_setxattr+0x431/0x470 [ 174.631484][ T7172] __vfs_setxattr_noperm+0x12d/0x5e0 [ 174.636822][ T7172] vfs_setxattr+0x16c/0x2f0 [ 174.641370][ T7172] ? xattr_permission+0x470/0x470 [ 174.646468][ T7172] ? __mnt_want_write+0x223/0x2a0 [ 174.651715][ T7172] ? path_setxattr+0x314/0x550 [ 174.656600][ T7172] path_setxattr+0x362/0x550 [ 174.661489][ T7172] ? simple_xattrs_free+0x150/0x150 [ 174.666731][ T7172] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 174.672932][ T7172] ? lock_chain_count+0x20/0x20 [ 174.678006][ T7172] __x64_sys_lsetxattr+0xb8/0xd0 [ 174.682984][ T7172] do_syscall_64+0x55/0xb0 [ 174.687602][ T7172] ? clear_bhb_loop+0x40/0x90 [ 174.692833][ T7172] ? clear_bhb_loop+0x40/0x90 [ 174.697563][ T7172] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 174.703670][ T7172] RIP: 0033:0x7f10ec58f749 [ 174.708197][ T7172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.728704][ T7172] RSP: 002b:00007f10ed456038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 174.737498][ T7172] RAX: ffffffffffffffda RBX: 00007f10ec7e5fa0 RCX: 00007f10ec58f749 [ 174.745854][ T7172] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0 [ 174.753856][ T7172] RBP: 00007f10ec613f91 R08: 0000000000000000 R09: 0000000000000000 [ 174.762022][ T7172] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000 [ 174.770014][ T7172] R13: 00007f10ec7e6038 R14: 00007f10ec7e5fa0 R15: 00007fff37923f78 [ 174.778218][ T7172] [ 174.781836][ T7172] Kernel Offset: disabled [ 174.786366][ T7172] Rebooting in 86400 seconds..