last executing test programs: 1m12.172613822s ago: executing program 0 (id=2049): fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x5000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x15) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r1 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1m11.89825959s ago: executing program 0 (id=2052): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x4) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) sendmmsg$inet6(r0, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)='j', 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000200)={0x0, 0x1, 0x9}, 0x8) 1m11.461533052s ago: executing program 0 (id=2054): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0f00000004"], 0x50) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) rename(0x0, &(0x7f00000000c0)='./file0\x00') r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x8, 0x4, 0x4, 0x9, 0x1014, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x4}, 0x50) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000005c0)={[0x5836, 0x8, 0x7, 0x4000000000000e52, 0x1, 0x5479, 0x1041, 0x200000000006, 0xfffffffffffffffd, 0x1, 0xfffffffffffffffe, 0x100000000, 0x1, 0x40000000009, 0x8000000000005, 0x10000800040068], 0xd000, 0x80}) ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000000080)={0xeeee8000, 0xeeee0000, 0xe, 0x9, 0x1}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1m11.124371255s ago: executing program 0 (id=2057): syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, 0x0, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000580)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x1b5008, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00') ppoll(&(0x7f0000000700)=[{r1, 0x400}], 0x1, 0x0, 0x0, 0x0) mount$bind(&(0x7f0000000540)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2145499, 0x0) 1m10.793803418s ago: executing program 0 (id=2060): fsopen(&(0x7f0000000140)='sysfs\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff9000/0x5000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x15) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045) r1 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) 1m10.36912921s ago: executing program 0 (id=2063): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x2000, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0x0, 0xd7, 0x7, 0x52}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x34, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x2000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0x81, 0x0, 0xc4, 0x25}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x26, 0x4b}, {0x6000, 0x0, 0x6, 0x5, 0x0, 0x1, 0x1, 0xff, 0x84, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0xfe, 0x29, 0x3, 0x97, 0x9, 0x6e, 0x1, 0xff, 0x7}, {0xeeef0000, 0x5}, {0x4, 0x9}, 0x50009, 0x0, 0x4, 0x300, 0x5, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x2, 0x0, @ioapic={0x5000, 0x9, 0x9, 0xffffffff, 0x0, [{0x83, 0xb, 0x6, '\x00', 0xff}, {0x6, 0x9, 0x5, '\x00', 0xcf}, {0x1, 0x2, 0x95, '\x00', 0x6}, {0x4, 0xe0, 0x8, '\x00', 0x2}, {0x9, 0xb, 0x80, '\x00', 0x8}, {0xfa, 0x8, 0xf, '\x00', 0x2}, {0x7, 0x5, 0x4, '\x00', 0xcf}, {0x7, 0xd, 0x10, '\x00', 0x1}, {0x98, 0x8, 0x4, '\x00', 0xff}, {0x1, 0x1, 0xfb, '\x00', 0x9}, {0xd, 0xfd, 0x8f, '\x00', 0x9}, {0x2, 0x5, 0x10, '\x00', 0x5}, {0x7, 0x4, 0x42, '\x00', 0x7f}, {0x9, 0x1, 0x7, '\x00', 0x8}, {0x81, 0x10, 0x4, '\x00', 0xc}, {0x1, 0xe, 0x9}, {0x4, 0xc, 0x20, '\x00', 0x5}, {0x20, 0x6, 0x8, '\x00', 0xfd}, {0xb, 0x1, 0x5, '\x00', 0x4}, {0x81, 0x5, 0x9, '\x00', 0x8}, {0x1, 0x6, 0x5, '\x00', 0xa}, {0x9, 0xfc, 0x90, '\x00', 0x21}, {0x4, 0xeb, 0x6, '\x00', 0x4}, {0x6, 0x5, 0x0, '\x00', 0xb}]}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 1m9.909294725s ago: executing program 32 (id=2063): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x2000, 0xe, 0xf1, 0x5, 0xfd, 0xd4, 0xd4, 0x0, 0xd7, 0x7, 0x52}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x34, 0x6, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0x2000, 0xdddd1000, 0xb, 0x1, 0x2, 0x0, 0x4, 0x1, 0x81, 0x0, 0xc4, 0x25}, {0x8000000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0x3, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x1, 0x3, 0x9, 0xd, 0x6, 0x5, 0x4, 0x26, 0x4b}, {0x6000, 0x0, 0x6, 0x5, 0x0, 0x1, 0x1, 0xff, 0x84, 0x90, 0x1, 0xfc}, {0x6000, 0x4000, 0xf, 0xff, 0x3, 0xff, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0xfe, 0x29, 0x3, 0x97, 0x9, 0x6e, 0x1, 0xff, 0x7}, {0xeeef0000, 0x5}, {0x4, 0x9}, 0x50009, 0x0, 0x4, 0x300, 0x5, 0x2000, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x2, 0x0, @ioapic={0x5000, 0x9, 0x9, 0xffffffff, 0x0, [{0x83, 0xb, 0x6, '\x00', 0xff}, {0x6, 0x9, 0x5, '\x00', 0xcf}, {0x1, 0x2, 0x95, '\x00', 0x6}, {0x4, 0xe0, 0x8, '\x00', 0x2}, {0x9, 0xb, 0x80, '\x00', 0x8}, {0xfa, 0x8, 0xf, '\x00', 0x2}, {0x7, 0x5, 0x4, '\x00', 0xcf}, {0x7, 0xd, 0x10, '\x00', 0x1}, {0x98, 0x8, 0x4, '\x00', 0xff}, {0x1, 0x1, 0xfb, '\x00', 0x9}, {0xd, 0xfd, 0x8f, '\x00', 0x9}, {0x2, 0x5, 0x10, '\x00', 0x5}, {0x7, 0x4, 0x42, '\x00', 0x7f}, {0x9, 0x1, 0x7, '\x00', 0x8}, {0x81, 0x10, 0x4, '\x00', 0xc}, {0x1, 0xe, 0x9}, {0x4, 0xc, 0x20, '\x00', 0x5}, {0x20, 0x6, 0x8, '\x00', 0xfd}, {0xb, 0x1, 0x5, '\x00', 0x4}, {0x81, 0x5, 0x9, '\x00', 0x8}, {0x1, 0x6, 0x5, '\x00', 0xa}, {0x9, 0xfc, 0x90, '\x00', 0x21}, {0x4, 0xeb, 0x6, '\x00', 0x4}, {0x6, 0x5, 0x0, '\x00', 0xb}]}}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 3.744160312s ago: executing program 1 (id=2502): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) syz_emit_ethernet(0x6a, &(0x7f0000000140)={@broadcast, @broadcast, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "c172f5", 0x30, 0x3a, 0xff, @local, @local, {[], @param_prob={0x4, 0x1, 0x0, 0x8, {0x5, 0x6, "50d03a", 0x400, 0x88, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}}}}}}}}, 0x0) ioctl$SIOCGSTAMPNS(r0, 0x8907, 0x0) recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20) 3.615439195s ago: executing program 1 (id=2503): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) r1 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x804000, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, 0x0) 2.712345843s ago: executing program 3 (id=2508): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) listen(r1, 0x4) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) sendmmsg$inet6(r0, &(0x7f0000003c40), 0x0, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000200)={0x0, 0x1, 0x9}, 0x8) 2.710214043s ago: executing program 1 (id=2509): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000080)={[{@i_version}, {@nogrpid}, {@bh}]}, 0x1, 0x534, &(0x7f0000001a80)="$eJzs3c+PG1cdAPDvzMbeTbLtpqUHQNCGthBQFG/WaaOqBygnhFAlRI8g0mXXWUWx41XsLd0lEumZKxKVOMGRP4BzT9y5ILhxKQckfkSgLhKHqWY8mzi79q7TxOuN/flII783b9bf9+LMe57nsV8AM+t8RNyNiGpEvBsRS+X+pNzird6WH/fJvTtru/furCWRZe/8KynK833R9ze5s+VzLkTED74T8ZPkYNzO9s7N1WazcbvML3dbm8ud7Z1LN1qrG42Nxq16/erK1ctvXHm9/gitWTi09KVWtUx9+eM/3v3Gz/JqLZZ7+tvxJPWaXrkfJ3cqIr43jmATMFe2pzrpivCZpBHxfES8XJz/SzFXvJoAwDTLsqXIlvrzAMC0S4s5sCStlXMBi5GmtVpvDu+FOJM2253uxevtrVvrvbmyc1FJr99oNi6Xc4XnopLk+ZUi/SBf35e/EhHPRcQv508X+dpau7k+yTc+ADDDzu4b//873xv/AYApd/htMwDANDL+A8DsOWL8990OAJhCrv8BYPb0xv/Tj/pnWZb9fBzVAQCOget/AJg9xn8AmCnff/vtfMt2y9+/Xn9ve+tm+71L643OzVpra6221r69WdtotzeK3+xpHfV8zXZ7c+W12Hr/3Dc3O93lzvbOtVZ761b3WvG73tcaleKou8fQMgBgmOde+ugvST4iv3m62KLvfv/KRGsGjFs66QoAEzM36QoAE2O1L5hdD67xH/kmANMDMCUGLNH7kIVBXxDKsiwbX5WAMbvwBfP/MKv65v/dBQwz5qj5/2JtYB8SwlQy/w+zK8uSUdf8j1EPBABOtkPm+M8d5/sQYHKGfP7/fPn4u/LDgR+t7z/iw3HWCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE62vfV/a+Uyv4uRprVaxDPFAkCV5PqNZuNyRDwbEX+er8zn+ZUJ1xkAeFzp35Ny/a8LS68uPlT04tn7yWpE/PTX7/zq/dVu9/afIqrJv+f39nc/LPfXjwy2MI4WAMCM2pob8cC9cbp47LuQ/+TenbW9bVyVHOQf3+69K8jj7t6rxu79+KfiVPG4EJWIOPOfpMz3JH1zF4/j7gcR8flB7U9isZgD6b1l2R8/j/3MscZPH4qflgs0p+W/xeeeQF1g1nyU9z9vDTr/0jhfPA4+/xeKHurxlf1f/lRru0Uf+CD+Xv83N6T/Oz9qjNf+8N1e6vTBsg8ivngqYi/2bl//sxc/GRL/1RHj//VLL748rCz7TcSFGBy/P9Zyt7W53NneuXSjtbrR2Gjcqtevrly9/MaV1+vLxRz18vDR4J9vXnx2WFne/jND4i8c0f6vjtj+3/7/3R9+5ZD4X39lUPw0Xjgkfj4mfm3E+Ktnfj/0ujuPv36w/ckor//FEeN//LedA8uGAwCT09neubnabDZuP82JapyIajydiR/HiajGaIn8v+wJqMbAxLeOK1Y1Bhf94pXeOb2vKMs+U6xhPcaTmHUDToL7J31E/G/SlQEAAAAAAAAAAAAAAAY6jm8sTbqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATK9PAwAA//++sdLi") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="2400000012"], 0x24}}, 0x0) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9) bind$inet6(0xffffffffffffffff, 0x0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) 2.659503418s ago: executing program 2 (id=2510): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x2, 0x4000, 0x2000, &(0x7f0000ff8000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x4b, &(0x7f00000001c0)=[@cr4={0x1, 0x3420e5}], 0x1) r3 = memfd_create(&(0x7f0000000040)='];\x00\x00\x00\x00\x96\t\xb27\x87Ge@{\xb7\xff]\ah\xd9\xb7\x13W\xb14\xfe\xe7FW\x96\x7f\xe8\xce(Ep\x93\xc9\xdd-\xfc\xf6\xdc\xec9H\x85\xa0\xf2p\x19\xa6\xd3z\x9c\xf0\x16Ax\x18<\x05\b\xa5\x19FN{U\x8b\xb0M5^\x7f+\xc9]E\x1a\x02x\xdc8\xa5|@<\x12\xcc@\xd6\x00\xb9\xf0', 0x0) mmap(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x1, 0x12, r3, 0x7000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.493979225s ago: executing program 3 (id=2512): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xe, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94) mmap(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000001, 0x13, 0xffffffffffffffff, 0x8cee000) socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000001740), 0x4) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f0000003440)={0x0, 0x0, "74653d28f2a444ff45e079acb0f61059dd3966bc2a3c4291d79baca6940151ab9c3e04bdb14181a67c2461830eb57d6729b6e09806fb981725b741bba04f308bfea97354d29e8f5ba8d04fd8e8d7530d8177c0732901f5466045aa2f9f8d1d6a5135bec4b67c519c9df2e4496a6a879959454740a029f3810d3a87496e0674b5b53e55276de6d3a5f70b6a0491386b8a6234a9bd1084cd3be433a0340fc4480c191618a60363a75984b3c577e419596fd22b8638c487a6e14f397cfc04adcf7b611fe831192aee7053eec7ddb8a030bdb15c490140c158ace8112e8cc0e842f99a63eef0f08cc01b55eea93fef285a4aef3807d61c86c14738026385195ee8ff", "40589fdc37dc092f32f37913bfb530ee0f0215ceddfc8dea5e5ecbdf91b9f8d26192537540c71ce41714c0d1d5d66b5f5cc7d56e71ce1ad4eb0bfb8cd76d00cf967995b2c49c74c8de0672928c5788f55df40070c463968fa4c55a26aa8ce00922019be9cda421aaaf8d67a3cec1d1a8a70600cd1daf174e193f3fd57a7121d1a668a2c7c42bc77b60ef9845c9756ebe1dd64eed1882688755a34dcdc2453379493be62b48281e794fb4179ac19ae9b3f4b0d5d61ed68f639ab7bb6f44210730838d511a4c6374a544dd6cf1719dba0463c230fac423923d9345de322f5a9b3a3f6eb2093068b730c1d909b8ae8f4f9cfc5bfad78c99a01ec178e0282784f32244c1025aea2d325067c34a2704cc5c903d76abbf40a2fc6400ba36cc043d3a7dee9d3f6634b250010f65650694a5198ce6390d4f867696b2ce19139051d113e2ce1f10d1b1eaaa9e963340ba7a4102cce3ba4a876262a8f2fde70eaf06f194b1e7023800b5a5dd433f9ad5b404e3f29d345f442cc16850c83eb0df123f0cc58e59e987a64941109a5dcebca6fe3151b9d8a100b9ed7b6c821baf20244472e8c290bc66a996e9d1416f2cf75a4e3905a6a24a302d8c8ed24e18dcd181ecf659ae6a7101727310bad8cd053f54c88a6848d1ad80d32787ebbd144a5221a7b0f3e1724a96d6f1cf8d96ceccb169946403594ac43bedee6409ec3f862215d2c5a7f5a06003545b3f5f1803dad150fb530a2ce6cc67e3a924aa2f551592c68924b48da968641c132f6ad91ca1ebf47e61873cbdaff5eb4e46e0ddc2f7a85ea1f7940a7c73fa29a4751fd5a1f6735d7f89d9eafe55e05809b44e30b7f51b3fda1f704224829681636c92dbe677fbce6537e0a4b3fcd115fd438f3ba20a7a676dfcb5542f87d484f3de4c68dcff82b4e8aa6b22562f58f8756315fba5585a9313ff01e8336e54c55662434b898d41ad7bcc6746b6902c2b0d2c787606ca53a1e72f4228a83d34fdd1ae3981dc7f7f9f42bd9f01b46a3e1e218a5fd3180cdabac6ea5b0eb0747544feef024badac901b96156e10b8c038af585a57e23a1c9973aec7dd4d9431ef84150ddd58a05721e3b0bb789ca57636222aeaa3f9cfbe49167103848eb938e6b3471ecaee0cc107046444281850da63283fa56cfe1ffad31b4f199bc7aa70b926540676a2b6cbaf57eef0949065774a86c24593e04e821f9be272ab1dab00afcb863c04b6f3021c1f0b36afaeb8d042d7245fd092951d43ff0ca0b4cf42f26306c84d449fa108110e0c87889c8d3dd65bfb8a901b81ef90d386fc8d3a41660009e31f02ac2fe613d5d515cce4a27df5b628ff544133983d489e107e4f48ef91e2d0ea70b811dc7e5784d9cc7687ec6af66522767732bb91bfac084bf8ea3b1088603125bca2d5b2d9eb18a334b0b12d62c06b721dfbced1d48e7fd8ffcd1e6ace98299bc70f3176e8acb46e8098c45e7c13e85bf53472d80dda0969e20ea7e8aa32e5c371fe0f1312a0da4b563b390b0e3b33dbde385ee2aeb457259a63e6b054f8cd3b3bcad064677f5273e68be65ea88b5df2b628d8e0811c96e534f069cba6c6215d97bb1fd21befec9f92ea12e459ef306b59cb86c8a643c0c459161dec55068e38ec348111c26193dc727f38deb14ca82a07964a66b206a091051088667bd01a5f3111f54d0f5d5fe68b8f22be0abd3250baa14a26eef44658f06638ff5823bada3ab82e66a27f7fb5324b19058e26602512c38b43ec533a2dfbfd5c715dd4b28b5377b4707a6a182aa127423486ec752dcb15fc68c6d9ec00d7a2057684c404b6fbab3c7b4ca0f6c58f90fa4977fb119fa19162d25e17efdd16becdc2302a4c693774b4121bca790a1d4d4dc5093492b9db7dd9c9dafcfce8fccab07e09fd3d7f898ac97a79c42368de5b9b9508ae4fb076576444132f5ca007177b6b74b568b5920d49bb903d95338baa268bf691691b2d560536431e737a58cbd0c62b77b91e781bd28a2dea6cd9143379462cfb738c58e7079c60dcfc5a87e3385f32b8c24ae0d246a155a39a31f77c5a0e29c064fbadb431902f82097d918c3eed4546c2e843bcbe6a3124a4f410c0a80f23b8f34d7057fc2e7342344ef725ae1fcddb6bffc71ad49a5074dcd7bb39d4b76ce765ce0c420787f676f7526c08274c18a6ee225cb228d23edba5d0a25497bc9e831945e993e885195d1f450e7e21dc1a616bc9b17e10ba5738e466640328c32853a0c49cf30674be241672f5595ed5253b5a4e5bb130b3b5f2a03199adf7133f756f5a7a575c9d08f99c2335fcc5692d324a17bfa7ce4df1c79edc38cb76f77e5c115eea05e657969aa678413292d0bedc54da1a3c6917d61d6ac9b692d7de015f539757d6fe813f8410073cfbe4ce3ef937ae57294c6f1bb34fe2e66d41e0ea90aa7972b9b3c8beec88ce21604801d44b1efbb6cd864c7f1c219b67a37097dc75b21cb4ca8564aef2e9fe0b2eadfe16b2f1e081f169be8f071fa7cd3003606c75067296118187a1f105e2e7449f4f87874797df029017e5565d82e18ec7320a4bf6a8c3a6d816c784339637db53f0df595d54fe17fa8b05991251902784af027b877d8c3dc2fd0d9266df63c0748698dadef33b506380ded74eb89a388ee4c29b6926645819f68da1f277d39e247cd8442b6a05b7d2a83efebf2bb32f463d643fd2eba8227a2c64e1a4b49a058ea721cac649d39f17012210a5c4c58ef89c0550953058f4064314d30667946611e1dc3ededc222050784563ecee62d890ec7d8ea9ad05bc6d5f9f785356fa61d9b59652463d86bc754405531f147948eb3e923e664c51bb03ca6bf3977a67376a9c0e96942a378755b24e1accfe328574d9f9893e49c8888ec99a8c61a68a068f36182ec0e744ddb3d62a3b22fd5e4252c810ec82f54b1192c099eed3ee0e207c0c78cc333a6581110a3b6b794456e0eb77a8d2a6cdabfa466dce39e70a763f47518b6d7a4e9761d71271ea6922183877e16efda8eb3643d859f7d52abbc1c284a68ab0bec5d88d2a58d2327295cc6b5bc3fff18a14feee3cec065d44cdaad50c609fcf09836ab9dcd164484709b7c3c9b6fac28e623cd913d62538829a1e23641ed8609ff0e188a7bb36b504a0148c7950564b9958347ebd5971e28722eb2842be1fc7a56954d3095f263d558c2270585712a7b131426c130bdeaccc60460c19a91ae7198188bbd3dae8d5bd4d0c3e166bfb612deb01360895375f2108f91654b2d23138967214f8aa7de96f4814cbe779c7c2a833a0f7a571c3b30a445da64427132fe839c3d25d12dcbb8a3a927fb759822be9e804ebe6bffc246a847303df01299ab327bf15b9d574ede0b53b7a9fb3c792e0116019e9780477cc5166b888ff68b59488edc65abdb054570b4989f48ff18159816cb0a3f1dd06c8aa70205c3a1c5c45882cf879418518aed5f52e850fdc264d96c02cb6ea63cb28aaca2c496190d9b6cab39f5af1ad74f11cd3ac0826b941860348fb7f345d282dd83f3908529481b69f100727fb58300d3b513165a6fef2b34e8ccf006e40cbf1f092b0187a22d8f084d05a6e351b847191ef3fa81ffab01871758effe8aeef3c51b41d1ff2aad93e4f0b52ae4ef8234e84e18a03d2417cde3d53e0749722d13f69a9ed817dcc0d002eef163babc5e2c8838d49e5d6667a7b3af5c79dc8067335f172fd1bc6ef1656216f599d35dac8239c0ae7ddd88b68e37bb04ede5361d6946bbbcab0b8e2877924ee13f014b427742b93b98198ecebabe0998087f3ac8343662cc5956d5c25bbbf037dbbdf5d564b1f8a5b97050dc32af1837366477b6d2325143c7f107d5775e5f8983f27d5cded41e3420eb75e39c5ed0d8cf952c6d82fb3de575292d778065f9073545267d0bdf9439afc07431e96b48d4df32d599cfdb7105e92047607761e0769a065b787d4a9b35b66133db03b2c5ee430946e9e1f8fb5535d817f99a0fafa1d4a359db38f51dd2e6e753d433272cec9ab1f307f4539ac23482399e6e533115c3f9bd4785d61da014593257e3e439b03211a5891420f90a6f200be7ffb04f5c9a2859ec3c1412f886816281c01575777eed494fcd11cb25e9aaf09c3fe5590a8f85c3cd01ea836a244777b8abb1a1c9485b3c8be6bd2d2d7e094c8d4256eb2f79363af36bdd5e5e31e1898450dc0aaea3db704c7dbbe23695dc19fc0eaea063c48db355c225e9fb4ef47a35d68d5fee111439fa11e53fa6b41766df3c2b3b4674aa9a61ee4793cd2e7441430fa731034643158307a2e1aa0d5196488a7c3ad078f79460871f2e6956d6f2ac49d364abe530430e0329ed6fdbdf7ecf37aefccb9d6de0860baf23bbd7917c2069ce9f57a51a75eca8bcf8be58003f7f4e3427af5c504503ebb976b11c946154d35710212cb8066c668ef12f27c676c15020f9d0a383d9eca23324e39c5ecb0d6f17093f5b15074db14755f4f7a13f0666c0da905c6e7f8e280b2a6b630db2be8015136053f1b2d7c3ac896b72010857bb9ab30573f4b959042f81bb7ae470f430e1a354fc099d7e42730d201aa0e2eee677d19471f18802763e5a60042e829823c9a38e48faab1c9c7dd29506cd2cf1c8157e8eff6c56a13ccb20c7b042d6218d35c343b5bf62cea84103fd240436acff0fef1cb13c287a44f0589b2a5e2dd8f792a36134f0ae66a2d862f66a6ebc6a0a995cf8ae628d11e2215e0e5b41b31b2e0877cc50b9cb63813994a8e50518fc9662d5c49ccb9771cc4cf6a88edc3228da8718f6d231ea04ef6cbf5fe16404e8b6c3ddaa37783083b701c4b7805b917a84261f4ce9ea7dbbd59d985abba458651d0ec8ddd2b4e03042df2a3cec4b85723d93bd65525f6673e1c2cd5efd9cac2111b12ae76a014938ade14cadb4b458ec4be55ae527298ddd89fd29f0eb86cc70a4804e4d8d55e5c982657b83b18d22a3045bef4081cb4145144164341af4cab28d8cd423140cc7bd071fe806dc8e75d8a379deb6ea2be84d6e59f8aed10cc0287878553c79e0a2deabf6af35dead889788f9ae82f8318896262736fe67344a3c77980667fee846708c8cd3a1fad4a482e75a877e0ce85caef711c81225b210ef36695efc66fb2bb9ab1506c31d36481893c7661c17a25e9f24ade6f3fa1524cc95055781fe769261241dc61636d4104ebc2b6fb2ea7a8633ad94719086ff2ac92980f1bcaaca70796b09596ffc37c4b223ac666df8589198fd4b8d823d1bbac3a6653319b59763522d5883e9f36ee18f7821e257af606dafc7af0074642b85b91d35b5fe78f1062000aee0b64fa6843b97bdbf995284a39710e85a7334e0938973defc4baf014969404ebcc731cdb35ac7a0ed2824c6e48b59808b6a07d4d63163568f52ab9384fc6cf0156"}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000f3ffff054d564b"]) 2.433822501s ago: executing program 1 (id=2513): mkdir(&(0x7f0000000000)='./file0\x00', 0xd3) mkdir(&(0x7f00000001c0)='./bus\x00', 0x40) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000040)='./file0\x00', 0x200542, 0x42) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) mknodat$loop(r0, &(0x7f00000002c0)='./file0\x00', 0x1, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') utimensat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 2.312484883s ago: executing program 1 (id=2514): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x0, &(0x7f00000002c0), 0xd, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX") setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0) setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40), 0x24, 0x0) 2.280144556s ago: executing program 2 (id=2515): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r0) wait4(r0, 0x0, 0x8, 0x0) ptrace$setregset(0x4205, r0, 0x1, 0x0) ptrace$setregset(0x4205, r0, 0x1, &(0x7f00000001c0)={&(0x7f00000002c0)="1991d0743fb9e67fc78b43c945b9410404085a3b4c8f0000000053af", 0x1c}) 2.145738029s ago: executing program 3 (id=2516): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}, {@userxattr}]}) setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)) 2.13324548s ago: executing program 4 (id=2517): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r1}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) setpriority(0x0, 0x0, 0xacf0165) rt_sigpending(0x0, 0x0) r2 = open(&(0x7f0000000000)='./cgroup.cpu/cpuset.cpus\x00', 0x1a1342, 0x162) write$cgroup_int(r2, &(0x7f0000000080)=0x79, 0x12) syz_open_dev$tty20(0xc, 0x4, 0x1) lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='system.posix_acl_access\x00') 2.082599425s ago: executing program 1 (id=2518): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x7cb641, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, 0x0, 0x40000) recvmmsg(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000001ac0)=""/4088, 0xff8}, {&(0x7f0000000940)=""/74, 0x4a}], 0x2}, 0x5d}], 0x1, 0x10022, 0x0) 2.009627532s ago: executing program 2 (id=2519): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(0xffffffffffffffff, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x4, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000440)={0x50, 0x0, r0, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0) r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x1, 0x800000c1}) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50) io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3) 1.966499487s ago: executing program 3 (id=2520): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x204000, &(0x7f00000006c0), 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") clock_gettime(0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8014}, 0x40000) rename(&(0x7f0000000240)='./file1\x00', &(0x7f0000000180)='./file0\x00') 1.925535041s ago: executing program 4 (id=2521): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000080)="36f2640f080f06baf80c66b8074a5f8866efbafc0cb000ee0f0119d9ff0f20c06635020000000f22c0f309fdbaf80c66b8628c0366efbafc0cb80000efba200066b8aede000066ef36f0834ea02f", 0x4e}], 0x1, 0x3c, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 1.810305702s ago: executing program 2 (id=2522): mkdir(&(0x7f0000000000)='./file0\x00', 0xd3) mkdir(&(0x7f00000001c0)='./bus\x00', 0x40) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000040)='./file0\x00', 0x200542, 0x42) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) mknodat$loop(r0, &(0x7f00000002c0)='./file0\x00', 0x1, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') utimensat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) 1.667454776s ago: executing program 2 (id=2523): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x5, 0x2, 0x4000, 0x2000, &(0x7f0000ff8000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x4b, &(0x7f00000001c0)=[@cr4={0x1, 0x3420e5}], 0x1) r3 = memfd_create(&(0x7f0000000040)='];\x00\x00\x00\x00\x96\t\xb27\x87Ge@{\xb7\xff]\ah\xd9\xb7\x13W\xb14\xfe\xe7FW\x96\x7f\xe8\xce(Ep\x93\xc9\xdd-\xfc\xf6\xdc\xec9H\x85\xa0\xf2p\x19\xa6\xd3z\x9c\xf0\x16Ax\x18<\x05\b\xa5\x19FN{U\x8b\xb0M5^\x7f+\xc9]E\x1a\x02x\xdc8\xa5|@<\x12\xcc@\xd6\x00\xb9\xf0', 0x0) mmap(&(0x7f0000ff3000/0xd000)=nil, 0xd000, 0x1, 0x12, r3, 0x7000) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.569800586s ago: executing program 3 (id=2524): syz_mount_image$hfsplus(&(0x7f0000000500), &(0x7f0000000100)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[@ANYRES16=0x0, @ANYRESHEX, @ANYRESDEC, @ANYRESOCT, @ANYRES64=0x0], 0x4, 0x683, &(0x7f0000000540)="$eJzs3c1rHPf9B/D3rFay5B84SmIn/pVARQxpqaktWTitSyFuD0WHUIJ7CIVehC3HwmslSEpRQinq87WH/AFpQYdCT4XeDSn01PaWq04lpdBLTjrVZWZntSvJK+/KerDa18uM9jv7fZzPzHxnZxczAf5nzV1O82GKzF1+c61c39yYbW1uzJ6ps1tJynQjabZfUiwlxSfJzbSX/H/5Zl2+6NfPR4s3bn36+eZn7bVmvVTlG/vVG8x6vWQqyUj9utfogdq73be9/c1vp4rtLSwDdqkTODhpj/ZYH6b6U563wLOgaF8395hMziYZrz8HpJ4dGsc7usM31CwHAAAAp9RzW9nKWs6d9DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNKmf/1/US6OTnkrRef7/WP1e6vStxgmP+Wk8POkBAAAAAAAAAMAh+OJWtrKWc531R9Uv+/9+tVo5X/39v7yflSxkOVeylvmsZjXLmUky+dtuQ2Nr86uryzN5cs1rZc3srnnteLYXAAAAAAAAAP5L/TRz3d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWVAkI+2XajnfSU+m0UwynmSsLLee/K2TPiWKx7358PjHAQAAAE9l/AB1ntvKVtZyrrP+qKju+V+q7pfH836WsprFrKaVhdyp76HLu/7G5sZsa3Nj9sHmxmzV8Q8etbXb+da/hhpG1WLa3z08vueLVYmJ3M1i9c6V3K4GcyeNqmbpYj2e7WVnJz8pxzTxRm3Akd2pX8vOft3vW4TD0Bi2wmRVaXQ7ItP12MqGnt8/Ek/cO819e5pJY/ubn/P79NTZpGLImJ/t1Evyy10xf+Pvv/v+gM0cge1INFJF4lrP0ffS/jFPvvTH3799r7V0/97dlctHdhgdl93HxGxPJF4+1ZFoDll+uorEhe31uXwn38vlTOWtLGcxP8x8VrOQembMfH08l38ne6KU7InUzR1rbz1pJGP1fmnPooOMaSpnqtR8Xq3qnstiirybO1nI69W/a5nJ13I913OjZw9f6LuHq22rZtrGcGf9pS+ne6r/qpypB6uX/HnQgsNrX1LLuD7fE9feOXeyyut9pxulFwa4Hg05Nza/UCfKPn52kMvGkdkdiZmeSLy4fyR+U50bK62l+8v35t/r0/76rvXXRrvpXxzllXlo5fHyQsbrmWTn0VHmvbg9y+yM11j9i0s7r7En70KVVxSdM/W7fc/Usfoz3N6WrlV5L+/NG+mM/GJP3o7PW3n3LycTTwCGdPYrZ8cm/jnx14mPJ34+cW/izfFvn/n6mVfGMvqn0W80p0dea7xS/CEf58fd+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODgVj748P58q7Ww/PhEo3/W4SaK+kE+/co0M5FjGMZxJopk/ZBbHqn36mE1OHpE2955iODTtvP2zWdjV57mRHnMdI+fbla9iw7ycFHgVLi6+uC9qysffPjVxQfz7yy8s7A0ev36jekb11+fvXp3sbUw3f570qMEjkL388BJjwQAAAAAAAAAAAAY1CH8L4Jv/qPdVN8yPd1NndR2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfX3OU0R1NkZvrKdLm+uTHbKpdOuluymaTRSIofJcUnyc20l0z2NFf06+ejxRu3Pv1887NuW81O+cZ+9QazXi+ZSjJSv+4xdrD2bvdrb2DF9haWAbvUCRyctP8EAAD//zZmASg=") listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 1.560174447s ago: executing program 4 (id=2525): ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000180)=@ethtool_ringparam={0x10, 0x0, 0x20040001, 0x2, 0x3f, 0x0, 0x0, 0x192, 0x4}}) listen(0xffffffffffffffff, 0x1) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x25, 0x18, @void}, 0x10) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040)) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x43100}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202}) ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x5, 0x7d, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xeeee0000, 0xd000, 0xf, 0x3, 0x16, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0xdddd0000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x3000, 0x4, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x40, 0x70}, {0xd000, 0x4000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$tun(r0, 0x0, 0x185) 1.393043493s ago: executing program 2 (id=2526): syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa00008, &(0x7f0000000000), 0x1, 0x7c8, &(0x7f0000001280)="$eJzs3c9rG1ceAPDvyD/jZNdeWNjNngwLu4YQeZ31JrsQ2JQeSqGBQHtOYmTFpJatYMkhNoYklEIvPbT0UGguOTdtesuhl/64tpf+DT2UhLR1QlN6KC4jjRL5hxw7seQ0/nxgrPdmRnrvO2/mzfPMIAWwZw2nf3IRByN60uRgNj+JbEZ0R5yor/dgeamQTkmsrLz6Q1Jb5/7yUiGa3pPan2X+GhFfvBlxKLe+3MrC4vREqVScy/Kj1ZkLo5WFxcPnZyamilPF2aNj4+NHjv3n2NGdi/WnrxcP3HnnpX9+fOKXN/5y8+0vkzgRB7JlzXHslOEYzrZJT7oJV3lxpwvbZcluV4Ankh6aXfWjPA7GYHRt0pL/72jNAIB2uRwRKwDAHpM4/wPAHtO4DnB/eanQmKJ+P+fK464dHG/3xYkOuPtCRPTX42/c36wv6a7fs/umv3YfdOB+UrtH0pBExNAOlD8cEddunb6RTtGm+5AAG7lyNSLODg2v7f/THm7tMwvb9a8trDPcSHxaf9H/Qed8lo5//rt+/BeRy47//trfteOfvuZj9yms/Yz1x3/u9qpszw4U2iQd/x1verbtQVP8maGuLPeH2pivJzl3vlRM+7Y/RsRI9PSl+bFNyhi59+u9Vsuax38/vvv6h2n56eujNXK3u/tWv2dyojrxNDE3u3s14m/dG8WfPGz/pMX499QWy3j5f2990GpZGn8ab2NaH397rVyP+MeG7f/oOahk0+cTR2u7w2hjp9hg//zk2/cHWpXf3P7XbqUlLRUa/wt0Qtr+A5vHP5Q0P69Z2X4ZX10f/LzVstXxn76Rlr86/o33/97ktVq6N5t3aaJanRuL6E1eWT//yKP3NvKN9dP4R/6+Kv6sBXOb7v/pSmez9MpjHn7svvP9R08ef3ul8U+m7Z9kQTy2/befuPlguqtV+Vtr//FaaiSbs77/6173uVut4FNtPAAAAAAAAAAAAAAAAAAAAAAAAADYolxEHIgkl3+YzuXy+fpveP85BnKlcqV66Fx5fnYyar+VPRQ9ucZXXQ42fR/qWPZ9+I38kTX5f0fEnyLivb59tXy+UC5N7nbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJDZ3+L3/1Pf9e127QCAtunf7QoAAB23rfO/wQIAPBdanNJ7N569r611AQA6o3b+T7p3uxoAQAe5pA8Ae4/zPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG126uTJdFr5eXmpkOYnLy7MT5cvHp4sVqbzM/OFfKE8dyE/VS5PlYr5Qnmm5Qddqb+UyuUL4zE7f2m0WqxURysLi2dmyvOz1TPnZyamimeKPR2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2rrKwOD1RKhXnJDZPXH4mqnE1a7bd3hrPU+Jstk2flfpsI9EXEe0qormX2Nf5jgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgd+K3AAAA//+aBB1p") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x4) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==") r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_dev$usbfs(&(0x7f0000000140), 0xfffffffffffffffe, 0x83501) fstat(0xffffffffffffffff, 0x0) getgid() r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) r6 = fanotify_init(0xf00, 0x0) memfd_create(0x0, 0x18) unshare(0x20000400) select(0x40, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x700}, 0x0, &(0x7f0000000100)={0xffffffffffffffff}, &(0x7f0000000140)={0x77359400}) fanotify_mark(r6, 0x105, 0x5000003a, r5, 0x0) r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r7, 0x0) write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0xfffffffffffffffe, 0x0, {0x7, 0x29, 0x0, 0x14c0348, 0x0, 0x1, 0xffeffffe, 0xec, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50) 1.165774165s ago: executing program 3 (id=2527): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x141b42, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000001c0)={0x4}) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, 0x0) close(r1) 1.165625265s ago: executing program 4 (id=2528): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1f1) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}, {@userxattr}]}) setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0) umount2(&(0x7f00000002c0)='./file0\x00', 0x9) mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)) 832.447148ms ago: executing program 4 (id=2529): syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x3008003, &(0x7f0000002ac0)=ANY=[], 0x2, 0x200, &(0x7f00000002c0)="$eJzsmbFrFEEUxr+Z3ds7gwRtLGwsDBjR7O3uqaSJEMFSEKKo5WHWEN3k5LJC7kDwsLHRzkKwtbG0sLCy8C+w1UIFwcIrBQthZGZnd4e93fMOTwXzfpDJN/PezLz3YF6xB4Ig9iyfPn778PDc8qWTAPZjAXW9/sXKfbjh//7JnROPV84/ffHu2Zvt+buviucxAEJUXve9aHIAvF61EIPZyYoQmM/tC0YIWuMyOI5rfQUMbiJ/CEUyCcFwTfvcNHRnnxZR6F7vROs3NqPQk4Mvh0AOLTM+GdRwwLAOoKGiE4IZ9p1e/1Y7isJuUdREes+IaVrBK8up41vlWEFaPSGk/9UH9wdyrmsDDzyrnw8OX+sWGNa0XkYdruvmJTHyP2zn51uT5D9jcVbd9WjSXc+VOLj05wNLRPpGptkly/g3SvcfidpMzmHFFfmgs5VDw7QHmj6f/1nu+LVPY/xjhLaPmN7ORdGF34jQKSlUJvL+JDv7MaM/2bCz/tGMt243d3r9pc2t9ka4EW4HQeuMd8rzTgdN1YiScUz/a6j+NGecX6vwdZiD3XYcd/1dIO762TxIxjwBrL3sfJVbDkD1P47Fo+oI1VNV2vXyO5j+4+q/VItWuee9ypwIgiAIgiAIgiAIgiAIgiDKOQKG5JcwwfQH0TKCi+oL5c8AAAD//40vYXw=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fadvise64(r0, 0xe0ffff, 0x19, 0x3) open(0x0, 0x14927e, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) 0s ago: executing program 4 (id=2531): mkdir(&(0x7f0000000000)='./file0\x00', 0xd3) mkdir(&(0x7f00000001c0)='./bus\x00', 0x40) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000040)='./file0\x00', 0x200542, 0x42) unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200) mknodat$loop(r0, &(0x7f00000002c0)='./file0\x00', 0x1, 0x1) chdir(&(0x7f00000003c0)='./bus\x00') utimensat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.61' (ED25519) to the list of known hosts. [ 81.558715][ T5778] cgroup: Unknown subsys name 'net' [ 81.725009][ T5778] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.392443][ T5778] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.695410][ T50] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.705110][ T50] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.713365][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.723713][ T50] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.732108][ T50] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.740032][ T50] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.756979][ T50] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.798195][ T5800] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.804114][ T5804] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.813432][ T5804] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.816175][ T5802] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.823213][ T5804] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.828754][ T5800] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.838697][ T5804] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 85.857431][ T5804] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.858112][ T5800] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.864882][ T5804] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.880961][ T5800] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.892956][ T5804] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 85.900725][ T5804] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.918548][ T5792] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.931926][ T5804] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.947840][ T5804] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 85.962920][ T5804] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 86.481562][ T5788] chnl_net:caif_netlink_parms(): no params data found [ 86.522949][ T5793] chnl_net:caif_netlink_parms(): no params data found [ 86.574801][ T5794] chnl_net:caif_netlink_parms(): no params data found [ 86.655365][ T5791] chnl_net:caif_netlink_parms(): no params data found [ 86.729611][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.737057][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.744457][ T5788] bridge_slave_0: entered allmulticast mode [ 86.752000][ T5788] bridge_slave_0: entered promiscuous mode [ 86.825274][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.832876][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.841264][ T5788] bridge_slave_1: entered allmulticast mode [ 86.849055][ T5788] bridge_slave_1: entered promiscuous mode [ 86.888389][ T5793] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.895566][ T5793] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.902935][ T5793] bridge_slave_0: entered allmulticast mode [ 86.910238][ T5793] bridge_slave_0: entered promiscuous mode [ 86.921029][ T5794] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.928404][ T5794] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.935640][ T5794] bridge_slave_0: entered allmulticast mode [ 86.943387][ T5794] bridge_slave_0: entered promiscuous mode [ 86.970639][ T5793] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.977978][ T5793] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.985193][ T5793] bridge_slave_1: entered allmulticast mode [ 86.993065][ T5793] bridge_slave_1: entered promiscuous mode [ 87.000216][ T5794] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.007408][ T5794] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.014698][ T5794] bridge_slave_1: entered allmulticast mode [ 87.023166][ T5794] bridge_slave_1: entered promiscuous mode [ 87.033383][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.046124][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.210637][ T5791] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.219965][ T5791] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.228177][ T5791] bridge_slave_0: entered allmulticast mode [ 87.235893][ T5791] bridge_slave_0: entered promiscuous mode [ 87.251411][ T5793] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.265290][ T5793] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.283165][ T5794] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.302707][ T5788] team0: Port device team_slave_0 added [ 87.309298][ T5791] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.318477][ T5791] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.325744][ T5791] bridge_slave_1: entered allmulticast mode [ 87.333473][ T5791] bridge_slave_1: entered promiscuous mode [ 87.374286][ T5794] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.395998][ T5788] team0: Port device team_slave_1 added [ 87.430751][ T5793] team0: Port device team_slave_0 added [ 87.442300][ T5793] team0: Port device team_slave_1 added [ 87.589043][ T5794] team0: Port device team_slave_0 added [ 87.596288][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.605372][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.632238][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.658467][ T5791] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.681268][ T5794] team0: Port device team_slave_1 added [ 87.687961][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.694991][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.721280][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.741274][ T5791] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.751134][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.758614][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.784621][ T5793] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.823874][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.831552][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.858236][ T5794] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.877285][ T5797] Bluetooth: hci0: command tx timeout [ 87.900859][ T5793] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.908148][ T5793] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.934671][ T5793] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.953072][ T5794] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.960265][ T5797] Bluetooth: hci1: command tx timeout [ 87.960287][ T5804] Bluetooth: hci3: command tx timeout [ 87.960594][ T5794] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.997320][ T5794] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.037431][ T5797] Bluetooth: hci2: command tx timeout [ 88.046082][ T5791] team0: Port device team_slave_0 added [ 88.067098][ T5791] team0: Port device team_slave_1 added [ 88.078735][ T5788] hsr_slave_0: entered promiscuous mode [ 88.085438][ T5788] hsr_slave_1: entered promiscuous mode [ 88.152120][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.159528][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.186112][ T5791] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.235478][ T5791] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.242637][ T5791] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.269344][ T5791] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.285154][ T5793] hsr_slave_0: entered promiscuous mode [ 88.291983][ T5793] hsr_slave_1: entered promiscuous mode [ 88.299170][ T5793] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.307585][ T5793] Cannot create hsr debugfs directory [ 88.356946][ T5794] hsr_slave_0: entered promiscuous mode [ 88.363818][ T5794] hsr_slave_1: entered promiscuous mode [ 88.370660][ T5794] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.378438][ T5794] Cannot create hsr debugfs directory [ 88.430746][ T5791] hsr_slave_0: entered promiscuous mode [ 88.437969][ T5791] hsr_slave_1: entered promiscuous mode [ 88.444222][ T5791] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 88.452208][ T5791] Cannot create hsr debugfs directory [ 88.853206][ T5788] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.871944][ T5788] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.883395][ T5788] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.901642][ T5788] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.973683][ T5793] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.987815][ T5793] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.004456][ T5793] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.015738][ T5793] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.148958][ T5794] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.162797][ T5794] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.198076][ T5794] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.211686][ T5794] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.265000][ T5791] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 89.286989][ T5791] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 89.300005][ T5791] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 89.311571][ T5791] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 89.346137][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.401892][ T5793] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.414526][ T5788] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.459749][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.467232][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.489418][ T5793] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.508404][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.515606][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.567310][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.574467][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.585552][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.592897][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.686011][ T5793] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.726268][ T5794] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.828396][ T5791] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.843592][ T5794] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.872122][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.879360][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.921494][ T5791] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.954706][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.961989][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.971744][ T5797] Bluetooth: hci0: command tx timeout [ 90.031934][ T1298] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.039196][ T1298] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.039591][ T5797] Bluetooth: hci1: command tx timeout [ 90.052171][ T5797] Bluetooth: hci3: command tx timeout [ 90.110602][ T1298] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.117873][ T1298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.127483][ T5804] Bluetooth: hci2: command tx timeout [ 90.218487][ T5793] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.282860][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.429530][ T5793] veth0_vlan: entered promiscuous mode [ 90.460795][ T5788] veth0_vlan: entered promiscuous mode [ 90.487730][ T5793] veth1_vlan: entered promiscuous mode [ 90.531407][ T5788] veth1_vlan: entered promiscuous mode [ 90.613994][ T5793] veth0_macvtap: entered promiscuous mode [ 90.632547][ T5794] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.653682][ T5793] veth1_macvtap: entered promiscuous mode [ 90.699986][ T5788] veth0_macvtap: entered promiscuous mode [ 90.726295][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.745639][ T5793] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.773524][ T5793] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.783281][ T5793] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.792920][ T5793] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.801993][ T5793] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.834819][ T5788] veth1_macvtap: entered promiscuous mode [ 90.903509][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 90.915518][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.928654][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.960574][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 90.975663][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 90.991362][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.004012][ T5791] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.019521][ T5794] veth0_vlan: entered promiscuous mode [ 91.047976][ T5788] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.057162][ T5788] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.065903][ T5788] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.075339][ T5788] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.117222][ T2946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.125268][ T2946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.150430][ T5794] veth1_vlan: entered promiscuous mode [ 91.191647][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.200442][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.312991][ T5791] veth0_vlan: entered promiscuous mode [ 91.377568][ T5794] veth0_macvtap: entered promiscuous mode [ 91.390107][ T5791] veth1_vlan: entered promiscuous mode [ 91.437030][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.444909][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.454652][ T5794] veth1_macvtap: entered promiscuous mode [ 91.552668][ T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.563083][ T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.574911][ T5791] veth0_macvtap: entered promiscuous mode [ 91.599715][ T5791] veth1_macvtap: entered promiscuous mode [ 91.622763][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.634921][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.646089][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.664408][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.677330][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.709906][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.724313][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.734762][ T5794] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.747716][ T5794] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.761186][ T5794] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.778154][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.794174][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.805378][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.817249][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.827821][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.840548][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.852755][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.868097][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.881529][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.891946][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.902767][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.913799][ T5791] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.929181][ T5791] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.947760][ T5791] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.031396][ T5794] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.041913][ T5804] Bluetooth: hci0: command tx timeout [ 92.070159][ T5794] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.087151][ T5794] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.087777][ T5890] program syz.0.6 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 92.095903][ T5794] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.118276][ T5804] Bluetooth: hci3: command tx timeout [ 92.123746][ T5804] Bluetooth: hci1: command tx timeout [ 92.128966][ T5791] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.143084][ T5791] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.170669][ T5791] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.197113][ T5804] Bluetooth: hci2: command tx timeout [ 92.203344][ T5791] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.208572][ T9] cfg80211: failed to load regulatory.db [ 92.393609][ T5893] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 92.503100][ T2946] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.520875][ T2946] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.599490][ T3455] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.618939][ T2946] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.627164][ T3455] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.652827][ T2946] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.748925][ T1298] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.783140][ T1298] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.111762][ T5930] x_tables: duplicate entry at hook 2 [ 94.128110][ T5804] Bluetooth: hci0: command tx timeout [ 94.196833][ T5804] Bluetooth: hci1: command tx timeout [ 94.197470][ T5797] Bluetooth: hci3: command tx timeout [ 94.221936][ T5933] program syz.3.16 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 94.276848][ T5797] Bluetooth: hci2: command tx timeout [ 95.458490][ T5963] xt_hashlimit: max too large, truncated to 1048576 [ 95.820950][ T5973] Invalid ELF header magic: != ELF [ 95.821172][ T27] audit: type=1800 audit(1760164653.336:2): pid=5973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.30" name="bus" dev="overlay" ino=70 res=0 errno=0 [ 96.834145][ T27] audit: type=1800 audit(1760164654.356:3): pid=5999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.41" name="bus" dev="overlay" ino=81 res=0 errno=0 [ 96.842692][ T5999] Invalid ELF header magic: != ELF [ 96.886264][ T6001] syz.3.42[6001]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 97.924058][ T6036] loop2: detected capacity change from 0 to 128 [ 97.947991][ T6036] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 98.015904][ T6036] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 98.104089][ T6036] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 98.120885][ T6036] FAT-fs (loop2): Filesystem has been set read-only [ 98.151278][ T6036] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 98.674413][ T27] audit: type=1800 audit(1760164656.196:4): pid=6051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.62" name="bus" dev="overlay" ino=85 res=0 errno=0 [ 98.703622][ T6051] Invalid ELF header magic: != ELF [ 98.896549][ T27] audit: type=1326 audit(1760164656.416:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6056 comm="syz.0.65" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6164b8eec9 code=0x0 [ 99.214725][ T6073] loop1: detected capacity change from 0 to 128 [ 99.238778][ T6073] FAT-fs (loop1): Unrecognized mount option "nnonumtail=1" or missing value [ 99.672955][ T27] audit: type=1800 audit(1760164657.196:6): pid=6082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.74" name="bus" dev="overlay" ino=131 res=0 errno=0 [ 99.697353][ T6082] Invalid ELF header magic: != ELF [ 100.674003][ T6114] loop0: detected capacity change from 0 to 1764 [ 100.940218][ T6118] Driver unsupported XDP return value 0 on prog (id 12) dev N/A, expect packet loss! [ 101.231091][ T6126] loop1: detected capacity change from 0 to 256 [ 101.493127][ T6133] loop2: detected capacity change from 0 to 7 [ 101.510188][ T6133] loop2: [ 101.513379][ T6133] loop2: partition table partially beyond EOD, truncated [ 101.559196][ T6135] program syz.1.96 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 102.045480][ T6143] loop1: detected capacity change from 0 to 16 [ 102.096066][ T6143] erofs: (device loop1): mounted with root inode @ nid 36. [ 102.504425][ T6159] ./file0: Can't lookup blockdev [ 102.588648][ T6161] program syz.2.106 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 104.295932][ T6210] loop1: detected capacity change from 0 to 128 [ 104.305616][ T6210] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 104.338509][ T6210] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 104.473440][ T48] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 104.634497][ T6214] overlayfs: failed to resolve './file0': -2 [ 105.347080][ T6232] program syz.1.134 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 105.521209][ T6234] loop1: detected capacity change from 0 to 128 [ 105.538739][ T6234] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 105.579645][ T6234] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 105.783601][ T48] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 105.968358][ T6242] serio: Serial port pty25 [ 106.303343][ T6253] loop1: detected capacity change from 0 to 128 [ 106.656944][ T6261] overlayfs: failed to resolve './file0': -2 [ 106.970744][ T6265] loop3: detected capacity change from 0 to 128 [ 106.988121][ T6265] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 107.058202][ T6265] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 107.189032][ T11] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 108.455368][ T6287] loop0: detected capacity change from 0 to 1764 [ 110.021663][ T6324] program syz.1.166 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 110.808412][ T6346] loop3: detected capacity change from 0 to 736 [ 111.208733][ T6352] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 111.221769][ T6352] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 111.230984][ T6352] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 112.451284][ T6389] loop0: detected capacity change from 0 to 128 [ 112.475500][ T6389] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 112.510344][ T6389] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 112.692365][ T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 112.807462][ T6398] program syz.0.193 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.121285][ T6413] Invalid ELF header magic: != ELF [ 113.264250][ T6419] fuse: Bad value for 'fd' [ 113.328095][ T6415] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 113.446312][ T6425] loop2: detected capacity change from 0 to 128 [ 113.497875][ T6425] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 113.555257][ T6425] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 113.673260][ T6432] program syz.3.204 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 113.720830][ T58] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 114.014653][ T6444] loop3: detected capacity change from 0 to 1764 [ 114.083863][ T6446] overlayfs: missing 'lowerdir' [ 114.108317][ T6446] Invalid ELF header magic: != ELF [ 115.158290][ T6478] overlayfs: missing 'lowerdir' [ 115.181928][ T6478] Invalid ELF header magic: != ELF [ 115.462509][ T6490] loop1: detected capacity change from 0 to 764 [ 115.510080][ T6490] rock: directory entry would overflow storage [ 115.523499][ T6490] rock: sig=0x4654, size=5, remaining=4 [ 116.461816][ T6515] overlayfs: missing 'lowerdir' [ 116.509232][ T6515] Invalid ELF header magic: != ELF [ 116.656151][ T6518] loop1: detected capacity change from 0 to 736 [ 117.530432][ T6537] kvm: pic: non byte write [ 117.777254][ T6551] netlink: 48 bytes leftover after parsing attributes in process `syz.2.248'. [ 118.464279][ T6566] program syz.3.251 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 120.090462][ T6613] loop0: detected capacity change from 0 to 128 [ 120.125772][ T6613] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 120.152455][ T6613] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 120.373474][ T41] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 120.565140][ T6629] capability: warning: `syz.0.275' uses deprecated v2 capabilities in a way that may be insecure [ 122.162032][ T6678] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 122.180503][ T6678] netlink: 'syz.2.289': attribute type 21 has an invalid length. [ 122.190698][ T6678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.289'. [ 122.203252][ T6678] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 122.557393][ T6688] program syz.1.295 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 123.720859][ T6729] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 123.749568][ T6732] overlayfs: missing 'lowerdir' [ 123.758220][ T6732] Invalid ELF header magic: != ELF [ 124.297581][ T6743] loop2: detected capacity change from 0 to 128 [ 124.323200][ T6743] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 124.352599][ T6743] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 124.499465][ T5837] Process accounting resumed [ 124.518766][ T58] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 124.689908][ T6760] program syz.2.322 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 124.747500][ T6762] overlayfs: missing 'lowerdir' [ 124.760418][ T6751] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.779043][ T6762] Invalid ELF header magic: != ELF [ 125.371025][ T6785] program syz.0.332 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.540899][ T6788] overlayfs: missing 'lowerdir' [ 125.572813][ T6788] Invalid ELF header magic: != ELF [ 126.469494][ T6814] program syz.2.343 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 126.724608][ T6817] overlayfs: missing 'workdir' [ 126.750672][ T6817] Invalid ELF header magic: != ELF [ 127.247574][ T6828] loop0: detected capacity change from 0 to 736 [ 127.470529][ T6836] program syz.3.353 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 127.957700][ T6848] team_slave_0: entered promiscuous mode [ 127.963668][ T6848] team_slave_1: entered promiscuous mode [ 128.040041][ T6848] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 128.238723][ T6856] loop2: detected capacity change from 0 to 736 [ 128.520752][ T6863] program syz.1.365 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 129.175139][ T6888] loop3: detected capacity change from 0 to 736 [ 129.299860][ T6889] kvm: pic: non byte write [ 129.522391][ T6894] program syz.3.376 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 130.652588][ T6932] program syz.2.388 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.518994][ T6957] program syz.3.399 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 131.994658][ T6968] loop0: detected capacity change from 0 to 128 [ 132.015634][ T6972] overlayfs: missing 'lowerdir' [ 132.026055][ T6968] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 132.134625][ T6968] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 132.334878][ T6982] kvm: pic: non byte write [ 133.165340][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.173476][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.510296][ T7008] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2097160 (4194320 ns) > initial count (32 ns). Using initial count to start timer. [ 133.593801][ T7012] kvm: pic: non byte write [ 134.080336][ T7036] loop1: detected capacity change from 0 to 736 [ 134.903518][ T7056] loop3: detected capacity change from 0 to 736 [ 135.261362][ T7069] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 135.290918][ T7069] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 135.802154][ T7087] loop0: detected capacity change from 0 to 128 [ 135.822614][ T7087] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 135.855574][ T7087] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 135.904991][ T42] Process accounting resumed [ 135.913082][ T2946] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 136.059134][ T7091] loop2: detected capacity change from 0 to 736 [ 136.985719][ T7120] loop2: detected capacity change from 0 to 736 [ 137.033007][ T7122] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 137.081463][ T7122] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 137.359923][ T7127] loop3: detected capacity change from 0 to 2048 [ 137.430278][ T7127] loop3: p1 p3 p4 [ 137.449592][ T7127] loop3: p4 size 589824 extends beyond EOD, truncated [ 137.560009][ T7127] erofs: (device loop3p1): erofs_read_superblock: cannot find valid erofs superblock [ 138.249028][ T7149] loop2: detected capacity change from 0 to 736 [ 138.497965][ T7158] kvm: pic: non byte write [ 138.956811][ T7166] loop1: detected capacity change from 0 to 2048 [ 138.989986][ T7169] GUP no longer grows the stack in syz.3.476 (7169): 200000011000-200000018000 (20000000e000) [ 139.013000][ T7166] loop1: p1 p3 p4 [ 139.030823][ T7169] CPU: 0 PID: 7169 Comm: syz.3.476 Not tainted syzkaller #0 [ 139.038185][ T7169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 139.048486][ T7169] Call Trace: [ 139.051807][ T7169] [ 139.054786][ T7169] dump_stack_lvl+0x16c/0x230 [ 139.059531][ T7169] ? show_regs_print_info+0x20/0x20 [ 139.064790][ T7169] ? load_image+0x3b0/0x3b0 [ 139.069442][ T7169] ? find_vma+0x12e/0x1b0 [ 139.073853][ T7169] __get_user_pages+0xfb9/0x1470 [ 139.078998][ T7169] ? populate_vma_page_range+0x370/0x370 [ 139.084694][ T7169] get_user_pages_remote+0x3de/0xc10 [ 139.090054][ T7169] ? get_dump_page+0x200/0x200 [ 139.094893][ T7169] __access_remote_vm+0x1ff/0x570 [ 139.100058][ T7169] ? generic_access_phys+0x650/0x650 [ 139.105376][ T7169] ? alloc_pages+0x4dc/0x740 [ 139.110019][ T7169] ? do_raw_spin_unlock+0x121/0x230 [ 139.115249][ T7169] proc_pid_cmdline_read+0x551/0x830 [ 139.120557][ T7169] ? schedule+0xc7/0x170 [ 139.124838][ T7169] ? comm_show+0x150/0x150 [ 139.129287][ T7169] ? common_file_perm+0x190/0x1f0 [ 139.134330][ T7169] ? fsnotify_perm+0x271/0x5e0 [ 139.139119][ T7169] do_iter_read+0x506/0xc80 [ 139.143681][ T7169] ? comm_show+0x150/0x150 [ 139.148120][ T7169] ? vfs_iter_read+0xa0/0xa0 [ 139.152733][ T7169] ? __import_iovec+0x5f2/0x860 [ 139.157793][ T7169] ? import_iovec+0x73/0xa0 [ 139.162320][ T7169] do_preadv+0x1fa/0x330 [ 139.166583][ T7169] ? lockdep_hardirqs_on+0x98/0x150 [ 139.171811][ T7169] ? do_writev+0x410/0x410 [ 139.176266][ T7169] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 139.182284][ T7169] ? lock_chain_count+0x20/0x20 [ 139.187163][ T7169] ? lockdep_hardirqs_on+0x98/0x150 [ 139.192406][ T7169] do_syscall_64+0x55/0xb0 [ 139.196841][ T7169] ? clear_bhb_loop+0x40/0x90 [ 139.201535][ T7169] ? clear_bhb_loop+0x40/0x90 [ 139.206225][ T7169] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 139.212220][ T7169] RIP: 0033:0x7f0e7fd8eec9 [ 139.216666][ T7169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.236380][ T7169] RSP: 002b:00007f0e80cff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 139.244825][ T7169] RAX: ffffffffffffffda RBX: 00007f0e7ffe5fa0 RCX: 00007f0e7fd8eec9 [ 139.252818][ T7169] RDX: 0000000000000001 RSI: 0000200000001200 RDI: 0000000000000004 [ 139.260811][ T7169] RBP: 00007f0e7fe11f91 R08: 0000000000006a76 R09: 0000000000000000 [ 139.268819][ T7169] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000 [ 139.276809][ T7169] R13: 00007f0e7ffe6038 R14: 00007f0e7ffe5fa0 R15: 00007ffdea580e18 [ 139.284816][ T7169] [ 139.297288][ T7166] loop1: p4 size 589824 extends beyond EOD, truncated [ 139.305889][ T7171] ./file0: Can't lookup blockdev [ 139.791156][ T5806] udevd[5806]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 139.791433][ T5807] udevd[5807]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 139.813297][ T5805] udevd[5805]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 139.942431][ T5806] udevd[5806]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 139.974582][ T5807] udevd[5807]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 139.990313][ T5789] udevd[5789]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory [ 140.388636][ T7196] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 140.945342][ T7217] loop0: detected capacity change from 0 to 128 [ 140.969527][ T7217] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 141.012993][ T7219] program syz.1.495 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 141.015270][ T7217] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.064529][ T23] Process accounting resumed [ 141.084628][ T41] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 141.955813][ T7245] program syz.0.504 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 142.248828][ T7257] netlink: 52 bytes leftover after parsing attributes in process `syz.1.509'. [ 143.618318][ T7297] fuse: Bad value for 'group_id' [ 144.842571][ T7328] fuse: Bad value for 'group_id' [ 144.968211][ T27] audit: type=1326 audit(1760164702.496:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.047997][ T27] audit: type=1326 audit(1760164702.516:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.108580][ T27] audit: type=1326 audit(1760164702.516:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.172854][ T27] audit: type=1326 audit(1760164702.516:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.241156][ T27] audit: type=1326 audit(1760164702.516:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.332237][ T27] audit: type=1326 audit(1760164702.526:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.376543][ T27] audit: type=1326 audit(1760164702.526:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7332 comm="syz.1.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 145.457344][ T7345] loop2: detected capacity change from 0 to 736 [ 146.325071][ T7358] fuse: Bad value for 'group_id' [ 147.061242][ T7385] loop0: detected capacity change from 0 to 128 [ 147.070692][ T7385] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 147.098338][ T7385] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.226147][ T7385] Process accounting resumed [ 147.253969][ T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 147.995399][ T7417] loop0: detected capacity change from 0 to 128 [ 148.015236][ T7417] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 148.079307][ T7417] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 148.177977][ T7417] Process accounting resumed [ 148.194503][ T12] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 148.983384][ T7443] overlayfs: missing 'workdir' [ 148.999776][ T7444] program syz.3.575 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 149.681117][ T7459] netlink: 'syz.1.580': attribute type 25 has an invalid length. [ 149.689740][ T7459] netlink: 184 bytes leftover after parsing attributes in process `syz.1.580'. [ 150.403744][ T7478] loop1: detected capacity change from 0 to 256 [ 153.540922][ T7565] fuse: Bad value for 'user_id' [ 154.014529][ T7571] mmap: syz.2.624 (7571) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 155.833364][ T7619] program syz.1.642 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 156.060080][ T7621] netlink: 'syz.2.643': attribute type 3 has an invalid length. [ 157.447245][ T7648] loop7: detected capacity change from 0 to 16384 [ 157.747648][ T7649] loop7: detected capacity change from 16384 to 0 [ 158.093983][ T7660] fuse: Unknown parameter 'group_i00000000000000000000' [ 158.297180][ T7662] program syz.2.658 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 158.452167][ T7664] kvm: requested 75428 ns i8254 timer period limited to 200000 ns [ 158.496675][ T7664] kvm: requested 148342 ns i8254 timer period limited to 200000 ns [ 158.537000][ T7664] kvm: requested 23466 ns i8254 timer period limited to 200000 ns [ 158.572154][ T7664] kvm: requested 154209 ns i8254 timer period limited to 200000 ns [ 158.591492][ T7664] kvm: requested 60342 ns i8254 timer period limited to 200000 ns [ 158.620442][ T7664] kvm: requested 188571 ns i8254 timer period limited to 200000 ns [ 158.646921][ T7664] kvm: requested 136609 ns i8254 timer period limited to 200000 ns [ 158.699409][ T7664] kvm: requested 60342 ns i8254 timer period limited to 200000 ns [ 158.727060][ T7664] kvm: requested 10895 ns i8254 timer period limited to 200000 ns [ 158.748158][ T7664] kvm: requested 5028 ns i8254 timer period limited to 200000 ns [ 159.293321][ T7688] loop1: detected capacity change from 0 to 16 [ 159.353634][ T7688] erofs: Unknown parameter 'ÿ´ý%Àƒú¼¸aD'²1%Ä?fëmüæœ#­ÏF Ü\QµoÍ06 [ 159.353634][ T7688] ^dWÓ´Ñ£³È˜ÛÔác¶EÛ¢H;d¤Ø`‰9§³' [ 159.622415][ T7690] program syz.0.669 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.271783][ T7709] program syz.1.676 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.453075][ T7716] program syz.1.678 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 160.614659][ T7722] loop0: detected capacity change from 0 to 16 [ 160.638879][ T7722] erofs: Unknown parameter 'ÿ´ý%Àƒú¼¸aD'²1%Ä?fëmüæœ#­ÏF Ü\QµoÍ06 [ 160.638879][ T7722] ^dWÓ´Ñ£³È˜ÛÔác¶EÛ¢H;d¤Ø`‰9§³' [ 160.934817][ T7729] netlink: 8 bytes leftover after parsing attributes in process `syz.3.684'. [ 161.003694][ T7729] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.404366][ T7740] program syz.3.688 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 163.893798][ T7804] loop3: detected capacity change from 0 to 512 [ 165.039480][ T7828] loop2: detected capacity change from 0 to 128 [ 165.090279][ T7828] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 165.114714][ T7828] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 165.318979][ T2946] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 165.346996][ T7835] Zero length message leads to an empty skb [ 165.405256][ T7839] netlink: 8 bytes leftover after parsing attributes in process `syz.3.726'. [ 165.420955][ T7839] bond0: Unable to set peer notification delay as MII monitoring is disabled [ 166.305102][ T7871] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 167.502527][ T7909] fuse: Unknown parameter '0x0000000000000004' [ 169.746283][ T7969] fuse: Bad value for 'fd' [ 170.864602][ T8003] fuse: Bad value for 'fd' [ 171.978028][ T8038] fuse: Bad value for 'fd' [ 172.380589][ T8044] loop3: detected capacity change from 0 to 736 [ 172.738017][ T8052] loop0: detected capacity change from 0 to 128 [ 173.326911][ T8074] loop1: detected capacity change from 0 to 8192 [ 173.345878][ T8074] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 174.022024][ T8087] loop1: detected capacity change from 0 to 128 [ 174.097482][ T5806] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 176.484361][ T8147] kvm: pic: non byte write [ 176.508723][ T8154] bond0: option ad_select: unable to set because the bond device is up [ 178.780962][ T8204] loop3: detected capacity change from 0 to 256 [ 179.983509][ T8231] overlayfs: overlapping lowerdir path [ 181.136055][ T8262] overlayfs: failed to resolve './bus': -2 [ 181.935791][ T8289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.892'. [ 182.124137][ T8294] tmpfs: Bad value for 'mpol' [ 182.524024][ T8310] loop0: detected capacity change from 0 to 128 [ 182.678702][ T8313] ======================================================= [ 182.678702][ T8313] WARNING: The mand mount option has been deprecated and [ 182.678702][ T8313] and is ignored by this kernel. Remove the mand [ 182.678702][ T8313] option from the mount to silence this warning. [ 182.678702][ T8313] ======================================================= [ 183.488290][ T8335] pimreg: tun_chr_ioctl cmd 1074025677 [ 183.503677][ T8335] pimreg: linktype set to 773 [ 183.655332][ T8337] loop1: detected capacity change from 0 to 128 [ 183.679573][ T8337] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 183.740413][ T8337] capability: warning: `syz.1.909' uses 32-bit capabilities (legacy support in use) [ 183.819186][ T58] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 184.198278][ T8348] loop0: detected capacity change from 0 to 8192 [ 184.267370][ T8348] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 184.350217][ T27] audit: type=1800 audit(1760164741.876:14): pid=8348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.914" name="file1" dev="loop0" ino=1048627 res=0 errno=0 [ 185.150120][ T8382] kvm: emulating exchange as write [ 185.454650][ T8392] fuse: Bad value for 'fd' [ 186.166021][ T8409] ip6gre1: entered allmulticast mode [ 186.223399][ T8411] loop2: detected capacity change from 0 to 256 [ 187.261937][ T8447] netlink: 8 bytes leftover after parsing attributes in process `syz.0.950'. [ 188.689164][ T8497] loop1: detected capacity change from 0 to 256 [ 188.723428][ T8497] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.820692][ T8527] overlayfs: failed to resolve './bus': -2 [ 190.294899][ T8539] kvm: pic: non byte write [ 193.265212][ T8639] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 194.264853][ T8672] kvm: pic: non byte write [ 194.607008][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.613497][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.981731][ T8693] fuse: Unknown parameter '0x0000000000000003' [ 195.177744][ T8704] loop2: detected capacity change from 0 to 256 [ 195.879204][ T8722] fuse: Unknown parameter '0x0000000000000003' [ 196.033258][ T8716] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 196.034174][ T8730] loop0: detected capacity change from 0 to 512 [ 196.553500][ T8747] loop0: detected capacity change from 0 to 128 [ 196.576623][ T8744] kvm: pic: non byte write [ 196.742598][ T8749] fuse: Unknown parameter 'fd0x0000000000000003' [ 197.606179][ T8777] fuse: Unknown parameter 'fd0x0000000000000003' [ 197.730804][ T8778] kvm: pic: non byte write [ 198.354883][ T8805] fuse: Unknown parameter 'fd0x0000000000000003' [ 198.832954][ T8818] kvm: pic: non byte write [ 199.314728][ T8831] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 199.605186][ T8843] ip6tnl1: entered allmulticast mode [ 199.924659][ T8854] overlayfs: missing 'lowerdir' [ 201.750553][ T8925] loop1: detected capacity change from 0 to 128 [ 201.802134][ T27] audit: type=1800 audit(1760164759.326:15): pid=8925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1137" name="bus" dev="loop1" ino=1048633 res=0 errno=0 [ 201.877805][ T8929] support for the xor transformation has been removed. [ 202.055235][ T8935] loop0: detected capacity change from 0 to 128 [ 202.089453][ T27] audit: type=1800 audit(1760164759.616:16): pid=8935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1141" name="bus" dev="loop0" ino=1048634 res=0 errno=0 [ 202.195015][ T8936] syz.0.1141: attempt to access beyond end of device [ 202.195015][ T8936] loop0: rw=0, sector=121, nr_sectors = 48 limit=128 [ 203.258460][ T8968] loop1: detected capacity change from 0 to 128 [ 203.879809][ T8983] loop1: detected capacity change from 0 to 256 [ 203.950308][ T8983] FAT-fs (loop1): Directory bread(block 64) failed [ 203.968860][ T8983] FAT-fs (loop1): Directory bread(block 65) failed [ 203.975612][ T8983] FAT-fs (loop1): Directory bread(block 66) failed [ 204.007273][ T8983] FAT-fs (loop1): Directory bread(block 67) failed [ 204.014202][ T8983] FAT-fs (loop1): Directory bread(block 68) failed [ 204.055521][ T8983] FAT-fs (loop1): Directory bread(block 69) failed [ 204.075804][ T8983] FAT-fs (loop1): Directory bread(block 70) failed [ 204.084680][ T8983] FAT-fs (loop1): Directory bread(block 71) failed [ 204.091781][ T8983] FAT-fs (loop1): Directory bread(block 72) failed [ 204.098461][ T8983] FAT-fs (loop1): Directory bread(block 73) failed [ 204.194670][ T8983] syz.1.1160: attempt to access beyond end of device [ 204.194670][ T8983] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256 [ 204.267512][ T27] audit: type=1800 audit(1760164761.786:17): pid=8989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1160" name="file1" dev="loop1" ino=1048635 res=0 errno=0 [ 204.975065][ T9023] loop1: detected capacity change from 0 to 128 [ 205.607560][ T9042] syz.3.1183[9042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.607711][ T9042] syz.3.1183[9042] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 205.767495][ T27] audit: type=1326 audit(1760164763.296:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 205.854153][ T27] audit: type=1326 audit(1760164763.326:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 205.913284][ T27] audit: type=1326 audit(1760164763.336:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f183398d710 code=0x7ffc0000 [ 205.977296][ T27] audit: type=1326 audit(1760164763.336:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 206.031854][ T27] audit: type=1326 audit(1760164763.336:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 206.077773][ T27] audit: type=1326 audit(1760164763.356:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 206.106015][ T27] audit: type=1326 audit(1760164763.356:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9043 comm="syz.1.1185" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 206.633703][ T9073] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 207.435237][ T9098] tap0: tun_chr_ioctl cmd 1074025677 [ 207.446713][ T9098] tap0: linktype set to 825 [ 207.460955][ T9098] tap0: tun_chr_ioctl cmd 2147767520 [ 208.251810][ T9125] tap0: tun_chr_ioctl cmd 1074025677 [ 208.257907][ T9125] tap0: linktype set to 825 [ 208.502820][ T9130] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1217'. [ 209.268588][ T9160] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 209.281935][ T9160] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 209.294354][ T9160] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 210.195627][ T9182] loop3: detected capacity change from 0 to 8192 [ 210.364620][ T9182] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 2074) [ 210.394254][ T9182] FAT-fs (loop3): Filesystem has been set read-only [ 210.642150][ T9197] loop2: detected capacity change from 0 to 128 [ 210.652158][ T9197] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1) [ 210.676434][ T27] kauditd_printk_skb: 1 callbacks suppressed [ 210.676448][ T27] audit: type=1800 audit(1760164768.196:26): pid=9197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1243" name="file2" dev="loop2" ino=1048639 res=0 errno=0 [ 210.720210][ T9197] syz.2.1243: attempt to access beyond end of device [ 210.720210][ T9197] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 212.040188][ T5103] Bluetooth: hci1: command 0x0406 tx timeout [ 212.040629][ T5800] Bluetooth: hci2: command 0x0406 tx timeout [ 212.046410][ T5103] Bluetooth: hci0: command 0x0406 tx timeout [ 212.053727][ T5802] Bluetooth: hci3: command 0x0406 tx timeout [ 212.150765][ T9241] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1260'. [ 212.824631][ T9264] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 212.836187][ T9264] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 212.847389][ T9264] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 213.291682][ T9281] xt_hashlimit: max too large, truncated to 1048576 [ 213.584154][ T9291] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 213.596829][ T9291] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 213.604460][ T9291] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 213.852670][ T9295] sctp: [Deprecated]: syz.1.1281 (pid 9295) Use of int in max_burst socket option. [ 213.852670][ T9295] Use struct sctp_assoc_value instead [ 214.163344][ T9309] loop2: detected capacity change from 0 to 128 [ 214.177926][ T9309] FAT-fs (loop2): Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÿ" or missing value [ 214.358029][ T9312] loop0: detected capacity change from 0 to 8192 [ 214.485545][ T9319] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 214.500051][ T9319] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 214.508367][ T9319] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 214.763473][ T9322] kvm: pic: non byte write [ 215.714460][ T9348] loop0: detected capacity change from 0 to 8192 [ 217.375959][ T9384] loop1: detected capacity change from 0 to 8192 [ 217.982578][ T9401] loop2: detected capacity change from 0 to 16 [ 218.010061][ T9401] erofs: (device loop2): mounted with root inode @ nid 36. [ 218.345185][ T9408] kvm: pic: non byte write [ 224.804865][ T9550] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 225.121111][ T9557] kvm: pic: non byte write [ 225.283233][ T9570] fuse: Unknown parameter 'group_i00000000000000000000' [ 226.133200][ T9595] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 227.203395][ T9622] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 228.482843][ T9640] loop2: detected capacity change from 0 to 8192 [ 228.618464][ T9640] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 228.630818][ T9640] FAT-fs (loop2): Filesystem has been set read-only [ 229.564263][ T9671] kvm: pic: non byte write [ 230.113883][ T9678] loop3: detected capacity change from 0 to 8192 [ 230.233636][ T9678] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 0) [ 230.244005][ T9678] FAT-fs (loop3): Filesystem has been set read-only [ 230.927809][ T9692] loop2: detected capacity change from 0 to 8192 [ 231.227016][ T5788] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 231.246034][ T5788] FAT-fs (loop2): Filesystem has been set read-only [ 231.624249][ T9710] overlayfs: failed to resolve './file1': -2 [ 231.643876][ T9710] overlayfs: failed to resolve './file1': -2 [ 231.650631][ T9712] loop3: detected capacity change from 0 to 128 [ 231.671289][ T9712] FAT-fs (loop3): Directory bread(block 414) failed [ 231.692059][ T9712] FAT-fs (loop3): Directory bread(block 415) failed [ 231.702783][ T9712] FAT-fs (loop3): Directory bread(block 416) failed [ 231.715134][ T9712] FAT-fs (loop3): Directory bread(block 417) failed [ 231.723771][ T9712] FAT-fs (loop3): Directory bread(block 418) failed [ 231.731076][ T9712] FAT-fs (loop3): Directory bread(block 419) failed [ 231.757074][ T9712] FAT-fs (loop3): Directory bread(block 420) failed [ 231.763860][ T9712] FAT-fs (loop3): Directory bread(block 421) failed [ 231.807775][ T9712] FAT-fs (loop3): Directory bread(block 414) failed [ 231.814470][ T9712] FAT-fs (loop3): Directory bread(block 415) failed [ 231.825861][ C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 232.423474][ T9722] kvm: pic: non byte write [ 232.752793][ T9733] 9pnet_fd: Insufficient options for proto=fd [ 233.012686][ T9744] program syz.3.1451 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 234.456932][ T9784] sctp: [Deprecated]: syz.3.1464 (pid 9784) Use of int in max_burst socket option. [ 234.456932][ T9784] Use struct sctp_assoc_value instead [ 234.678419][ T9789] loop3: detected capacity change from 0 to 764 [ 234.698651][ T9789] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 235.458325][ T9808] fuse: Bad value for 'rootmode' [ 235.517215][ T9810] overlayfs: failed to resolve './file0/file0': -2 [ 236.074566][ T9828] fuse: Unknown parameter 'use00000000000000000000' [ 236.931936][ T9857] fuse: Unknown parameter 'use00000000000000000000' [ 237.225240][ T9866] kvm: pic: non byte write [ 237.641276][ T9882] fuse: Unknown parameter 'use00000000000000000000' [ 238.413331][ T9892] loop1: detected capacity change from 0 to 128 [ 238.622817][ T9894] loop0: detected capacity change from 0 to 128 [ 238.697098][ T27] audit: type=1800 audit(1760164796.226:27): pid=9894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1510" name="bus" dev="loop0" ino=1048668 res=0 errno=0 [ 238.715741][ T9894] Invalid ELF header magic: != ELF [ 238.923283][ T9900] 9pnet_fd: Insufficient options for proto=fd [ 239.028478][ T9902] fuse: Unknown parameter 'user_i00000000000000000000' [ 239.134178][ T9904] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 239.193532][ T9904] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 239.201802][ T9904] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 240.171965][ T9926] 9pnet_fd: Insufficient options for proto=fd [ 240.217701][ T9928] fuse: Unknown parameter 'user_i00000000000000000000' [ 240.289526][ T9930] overlayfs: failed to resolve './file0': -2 [ 240.319131][ T9930] overlayfs: failed to resolve './file0/file0': -2 [ 240.998227][ T9947] xt_hashlimit: size too large, truncated to 1048576 [ 241.945713][ T9962] loop0: detected capacity change from 0 to 128 [ 242.168163][ T9967] loop1: detected capacity change from 0 to 764 [ 242.198694][ T9967] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 242.260164][ T9971] loop0: detected capacity change from 0 to 128 [ 243.413093][ T9996] loop0: detected capacity change from 0 to 764 [ 243.470662][ T9996] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 244.295961][T10019] loop3: detected capacity change from 0 to 764 [ 244.362002][T10019] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 246.622934][T10066] loop3: detected capacity change from 0 to 8192 [ 246.658723][T10066] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 246.714838][ T27] audit: type=1804 audit(1760164804.236:28): pid=10066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1578" name="/newroot/377/file0/file0" dev="loop3" ino=1048669 res=1 errno=0 [ 246.850600][T10073] process 'syz.0.1581' launched './file0' with NULL argv: empty string added [ 248.682152][T10124] program syz.0.1601 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 248.689924][T10125] loop1: detected capacity change from 0 to 764 [ 248.719829][T10125] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 249.173701][T10137] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1606'. [ 249.588478][T10147] program syz.1.1610 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 249.872958][T10164] ip6tnl1: entered promiscuous mode [ 250.352519][T10177] fuse: Unknown parameter '0x0000000000000003' [ 250.484804][T10180] loop2: detected capacity change from 0 to 16 [ 250.515578][T10180] erofs: (device loop2): mounted with root inode @ nid 36. [ 250.516991][T10181] 9pnet_fd: Insufficient options for proto=fd [ 251.399080][T10212] 9pnet_fd: Insufficient options for proto=fd [ 251.457801][ T27] audit: type=1800 audit(1760164808.976:29): pid=10214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1636" name="bus" dev="overlay" ino=2460 res=0 errno=0 [ 252.165557][T10241] 9pnet_fd: Insufficient options for proto=fd [ 252.449576][T10250] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 252.522540][T10252] loop1: detected capacity change from 0 to 128 [ 253.395866][T10283] loop3: detected capacity change from 0 to 8192 [ 254.196157][ T5794] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1) [ 254.235980][ T5794] FAT-fs (loop3): Filesystem has been set read-only [ 254.914324][T10329] kernel read not supported for file /file0 (pid: 10329 comm: syz.2.1680) [ 254.932383][ T27] audit: type=1800 audit(1760164812.456:30): pid=10329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1680" name="file0" dev="mqueue" ino=46093 res=0 errno=0 [ 256.041919][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.050057][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.408034][T10400] vlan2: entered promiscuous mode [ 258.423609][T10400] veth0_to_bond: entered promiscuous mode [ 259.253688][T10429] loop0: detected capacity change from 0 to 128 [ 259.494849][T10439] loop1: detected capacity change from 0 to 764 [ 259.509378][T10442] loop0: detected capacity change from 0 to 128 [ 259.527045][T10439] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 259.555452][T10444] 9pnet_fd: Insufficient options for proto=fd [ 259.578019][T10439] overlayfs: failed to resolve './file1': -2 [ 259.997593][T10457] loop2: detected capacity change from 0 to 128 [ 260.297338][T10464] 9pnet_fd: Insufficient options for proto=fd [ 260.398040][T10467] 9pnet_fd: Insufficient options for proto=fd [ 260.431214][T10469] loop0: detected capacity change from 0 to 764 [ 260.446290][T10469] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 260.482138][T10469] overlayfs: failed to resolve './file1': -2 [ 261.198718][T10500] 9pnet_fd: Insufficient options for proto=fd [ 261.211854][T10498] 9pnet_fd: Insufficient options for proto=fd [ 261.424176][T10505] overlayfs: failed to resolve './file0': -2 [ 262.014770][T10523] 9pnet_fd: Insufficient options for proto=fd [ 262.043579][T10524] 9pnet_fd: Insufficient options for proto=fd [ 262.197153][T10528] overlayfs: failed to resolve './file0': -2 [ 262.270191][T10532] overlayfs: overlapping lowerdir path [ 262.936527][T10550] block device autoloading is deprecated and will be removed. [ 263.504729][T10558] 9pnet_fd: Insufficient options for proto=fd [ 263.518137][T10556] 9pnet_fd: Insufficient options for proto=fd [ 263.578607][T10560] overlayfs: failed to resolve './file0': -2 [ 263.815657][T10568] overlayfs: overlapping lowerdir path [ 264.069466][T10574] overlayfs: upper fs does not support file handles, falling back to index=off. [ 264.416065][T10588] 9pnet_fd: Insufficient options for proto=fd [ 264.597974][T10592] loop1: detected capacity change from 0 to 764 [ 264.616973][T10592] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 264.636380][T10591] serio: Serial port ptm0 [ 265.184121][T10599] overlayfs: overlapping lowerdir path [ 265.603822][T10608] loop1: detected capacity change from 0 to 128 [ 265.630086][T10605] loop2: detected capacity change from 0 to 8192 [ 265.920161][T10614] 9pnet_fd: Insufficient options for proto=fd [ 266.265522][T10629] overlayfs: failed to resolve './file1/file0': -2 [ 266.273707][T10625] loop3: detected capacity change from 0 to 764 [ 266.321259][T10625] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 266.443203][T10632] syz.0.1792[10632] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 266.443356][T10632] syz.0.1792[10632] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 266.841249][T10645] 9pnet_fd: Insufficient options for proto=fd [ 267.124812][T10652] overlayfs: failed to resolve './file1/file0': -2 [ 267.182086][T10655] loop3: detected capacity change from 0 to 764 [ 267.220591][T10655] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 268.595301][T10685] loop2: detected capacity change from 0 to 764 [ 268.633058][T10686] overlayfs: failed to resolve './file1/file0': -2 [ 268.645099][T10685] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 269.921766][T10716] loop1: detected capacity change from 0 to 764 [ 269.939688][T10716] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 270.302712][T10723] loop2: detected capacity change from 0 to 128 [ 272.171825][T10772] 9pnet_fd: Insufficient options for proto=fd [ 272.597852][T10782] overlayfs: failed to verify index (index/00fb2100018d370705e57548219e30c06a3f1a14890b7f6eb8270a000000000000, ftype=4000, err=-116) [ 272.708861][T10790] overlayfs: failed to resolve './file1/file0': -2 [ 273.593114][T10821] overlayfs: failed to resolve './file1/file0': -2 [ 274.302703][T10849] overlayfs: failed to resolve './file1/file0': -2 [ 274.434076][T10855] sg_write: process 1146 (syz.0.1871) changed security contexts after opening file descriptor, this is not allowed. [ 274.650244][T10860] overlay: filesystem on ./file0 not supported as upperdir [ 275.452239][T10883] overlay: filesystem on ./file0 not supported as upperdir [ 278.196747][T10960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1911'. [ 278.338176][T10964] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 279.187761][T10998] loop1: detected capacity change from 0 to 256 [ 280.440602][T11030] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 280.708758][T11041] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1940'. [ 281.333866][T11063] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 282.811872][T11095] loop3: detected capacity change from 0 to 16 [ 282.876739][T11095] erofs: (device loop3): mounted with root inode @ nid 36. [ 283.146453][T11106] serio: Serial port ptm0 [ 283.171877][T11106] serio: Serial port ptm0 [ 283.187254][T11106] serio: Serial port ptm0 [ 283.211526][T11106] serio: Serial port ptm0 [ 283.802574][T11129] loop0: detected capacity change from 0 to 256 [ 283.912025][ T5806] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 284.611563][T11149] loop2: detected capacity change from 0 to 128 [ 284.934012][T11155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1982'. [ 285.558577][T11178] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1990'. [ 287.305120][T11235] loop2: detected capacity change from 0 to 128 [ 287.382851][T11238] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2011'. [ 287.793498][T11251] kvm: pic: non byte write [ 288.306050][T11259] overlayfs: missing 'lowerdir' [ 288.599013][T11268] loop3: detected capacity change from 0 to 128 [ 289.303852][T11283] option changes via remount are deprecated (pid=11282 comm=syz.1.2026) [ 289.389140][T11285] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2027'. [ 289.475172][T11288] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 289.491642][T11288] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 289.891243][T11297] block device autoloading is deprecated and will be removed. [ 290.310375][T11308] loop2: detected capacity change from 0 to 128 [ 290.405725][T11314] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 290.423262][T11314] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 291.138685][T11332] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2044'. [ 291.385847][T11338] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 291.437156][T11338] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 293.516179][ T140] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.715991][ T140] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.863275][ T140] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.047732][ T140] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 294.692991][ T5804] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 294.702661][ T5804] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 294.710619][ T5804] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 294.720145][ T5804] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 294.750487][ T5804] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 294.759874][ T5804] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 295.677322][T11439] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2077'. [ 296.378957][T11407] chnl_net:caif_netlink_parms(): no params data found [ 296.846451][ T5804] Bluetooth: hci1: command tx timeout [ 297.217256][T11407] bridge0: port 1(bridge_slave_0) entered blocking state [ 297.224476][T11407] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.242152][T11407] bridge_slave_0: entered allmulticast mode [ 297.278807][T11407] bridge_slave_0: entered promiscuous mode [ 297.289514][T11407] bridge0: port 2(bridge_slave_1) entered blocking state [ 297.325159][T11407] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.337191][T11407] bridge_slave_1: entered allmulticast mode [ 297.348368][T11407] bridge_slave_1: entered promiscuous mode [ 297.443584][ T140] hsr_slave_0: left promiscuous mode [ 297.458387][ T140] hsr_slave_1: left promiscuous mode [ 297.469082][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.486871][ T140] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.508037][ T140] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.515571][ T140] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 297.538216][ T140] bridge_slave_1: left allmulticast mode [ 297.543922][ T140] bridge_slave_1: left promiscuous mode [ 297.547079][T11483] fuse: Bad value for 'fd' [ 297.568622][ T140] bridge0: port 2(bridge_slave_1) entered disabled state [ 297.593493][ T140] bridge_slave_0: left allmulticast mode [ 297.599332][ T140] bridge_slave_0: left promiscuous mode [ 297.605137][ T140] bridge0: port 1(bridge_slave_0) entered disabled state [ 297.684652][ T140] team_slave_0: left promiscuous mode [ 297.690515][ T140] team_slave_1: left promiscuous mode [ 297.701316][ T140] veth1_macvtap: left promiscuous mode [ 297.716001][ T140] veth0_macvtap: left promiscuous mode [ 297.723728][ T140] veth1_vlan: left promiscuous mode [ 297.735385][ T140] veth0_vlan: left promiscuous mode [ 298.916634][ T5804] Bluetooth: hci1: command tx timeout [ 298.941818][ T140] team0 (unregistering): Port device team_slave_1 removed [ 299.022923][ T140] team0 (unregistering): Port device team_slave_0 removed [ 299.103541][ T140] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 299.192525][ T140] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 299.789147][ T140] bond0 (unregistering): Released all slaves [ 299.862856][T11481] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2086'. [ 299.978648][T11407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 299.992395][T11407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 300.152928][T11407] team0: Port device team_slave_0 added [ 300.155306][T11517] overlayfs: failed to resolve './bus': -2 [ 300.173279][T11407] team0: Port device team_slave_1 added [ 300.284657][T11407] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 300.297966][T11407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 300.371548][T11407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 300.375237][T11407] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 300.375252][T11407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 300.375274][T11407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 300.568480][T11407] hsr_slave_0: entered promiscuous mode [ 300.589778][T11407] hsr_slave_1: entered promiscuous mode [ 300.602695][T11407] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 300.616445][T11407] Cannot create hsr debugfs directory [ 300.996544][ T5804] Bluetooth: hci1: command tx timeout [ 301.052648][T11540] overlayfs: failed to resolve './bus': -2 [ 301.314984][T11407] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 301.351502][T11407] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 301.370841][T11407] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 301.426855][T11407] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 301.712908][T11407] 8021q: adding VLAN 0 to HW filter on device bond0 [ 301.781528][T11407] 8021q: adding VLAN 0 to HW filter on device team0 [ 301.817159][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 301.824522][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 301.891676][ T3455] bridge0: port 2(bridge_slave_1) entered blocking state [ 301.898937][ T3455] bridge0: port 2(bridge_slave_1) entered forwarding state [ 302.038205][T11580] overlayfs: failed to resolve './bus': -2 [ 302.043280][T11407] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 302.545306][T11407] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 303.077324][ T5804] Bluetooth: hci1: command tx timeout [ 303.314315][T11407] veth0_vlan: entered promiscuous mode [ 303.369590][T11407] veth1_vlan: entered promiscuous mode [ 303.491949][T11407] veth0_macvtap: entered promiscuous mode [ 303.521915][T11407] veth1_macvtap: entered promiscuous mode [ 303.579839][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 303.597759][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.612795][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 303.625204][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.643441][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 303.654270][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.673566][T11407] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 303.702834][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.731802][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.742714][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.766475][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.787380][T11407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 303.803559][T11407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 303.818131][T11407] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 303.849360][T11407] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.876363][T11407] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.885137][T11407] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 303.895696][T11407] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 304.107329][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.144174][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.205704][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 304.214507][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 304.959083][ T27] audit: type=1326 audit(1760164862.486:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 304.987479][ T27] audit: type=1326 audit(1760164862.486:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.014947][ T27] audit: type=1326 audit(1760164862.486:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.096755][ T27] audit: type=1326 audit(1760164862.486:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.120129][ T27] audit: type=1326 audit(1760164862.486:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.151831][ T27] audit: type=1326 audit(1760164862.486:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.178715][ T27] audit: type=1326 audit(1760164862.486:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.201763][ T27] audit: type=1326 audit(1760164862.486:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 305.224849][ T27] audit: type=1326 audit(1760164862.486:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11665 comm="syz.1.2129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f183398eec9 code=0x7ffc0000 [ 309.183751][T11802] pimreg1: tun_chr_ioctl cmd 2147767511 [ 309.838203][T11827] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 309.889712][T11827] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 311.166881][T11861] overlayfs: missing 'lowerdir' [ 311.250611][ T5797] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 311.273993][ T5797] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 311.290542][ T5797] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 311.301327][ T5797] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 311.309331][ T5797] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 311.319299][ T5797] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 311.493822][T11872] overlayfs: missing 'lowerdir' [ 311.639027][ T58] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 311.888104][ T58] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.111861][ T58] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.150647][T11888] loop2: detected capacity change from 0 to 128 [ 312.173533][T11864] chnl_net:caif_netlink_parms(): no params data found [ 312.206889][ T27] audit: type=1800 audit(1760164869.716:40): pid=11888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2185" name="bus" dev="loop2" ino=1048684 res=0 errno=0 [ 312.285624][ T58] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 312.503944][T11864] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.564307][T11864] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.567553][T11901] overlayfs: missing 'lowerdir' [ 312.588563][T11864] bridge_slave_0: entered allmulticast mode [ 312.614256][T11864] bridge_slave_0: entered promiscuous mode [ 312.662876][T11864] bridge0: port 2(bridge_slave_1) entered blocking state [ 312.675074][T11864] bridge0: port 2(bridge_slave_1) entered disabled state [ 312.698989][T11864] bridge_slave_1: entered allmulticast mode [ 312.721641][T11864] bridge_slave_1: entered promiscuous mode [ 312.879983][T11864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 312.972691][T11864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.097421][T11864] team0: Port device team_slave_0 added [ 313.287505][T11864] team0: Port device team_slave_1 added [ 313.397734][ T5797] Bluetooth: hci3: command tx timeout [ 313.727070][T11864] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.734091][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.786410][T11864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.817541][T11925] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2195'. [ 314.016034][T11864] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 314.044613][T11864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 314.117886][T11935] overlayfs: missing 'lowerdir' [ 314.140495][T11864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.474318][T11864] hsr_slave_0: entered promiscuous mode [ 314.505422][T11864] hsr_slave_1: entered promiscuous mode [ 314.526972][T11864] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 314.556453][T11864] Cannot create hsr debugfs directory [ 314.839817][T11957] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2206'. [ 315.479962][ T5797] Bluetooth: hci3: command tx timeout [ 315.611016][T11981] fuse: Bad value for 'fd' [ 315.667557][T11983] loop2: detected capacity change from 0 to 128 [ 315.921927][ T58] hsr_slave_0: left promiscuous mode [ 315.942466][ T58] hsr_slave_1: left promiscuous mode [ 315.960412][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 315.993797][ T58] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 316.018985][ T58] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 316.034631][ T58] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 316.071808][ T58] bridge_slave_1: left allmulticast mode [ 316.096550][ T58] bridge_slave_1: left promiscuous mode [ 316.102414][ T58] bridge0: port 2(bridge_slave_1) entered disabled state [ 316.170798][ T58] bridge_slave_0: left allmulticast mode [ 316.184518][ T58] bridge_slave_0: left promiscuous mode [ 316.195516][ T58] bridge0: port 1(bridge_slave_0) entered disabled state [ 316.287023][ T58] veth1_macvtap: left promiscuous mode [ 316.292718][ T58] veth0_macvtap: left promiscuous mode [ 316.306986][ T58] veth1_vlan: left promiscuous mode [ 316.312411][ T58] veth0_vlan: left promiscuous mode [ 317.481271][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.500023][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.556767][ T5797] Bluetooth: hci3: command tx timeout [ 317.567432][T12019] fuse: Bad value for 'fd' [ 317.784648][T12023] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 317.804621][T12023] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 317.813505][T12023] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 317.814626][ T58] team0 (unregistering): Port device team_slave_1 removed [ 317.954479][ T58] team0 (unregistering): Port device team_slave_0 removed [ 317.987036][T12025] overlayfs: missing 'lowerdir' [ 318.029149][ T58] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 318.173607][ T58] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 319.213766][ T58] bond0 (unregistering): Released all slaves [ 319.482912][T12051] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 319.534829][T12051] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 319.562696][T12051] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 319.639666][ T5797] Bluetooth: hci3: command tx timeout [ 320.600465][T11864] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 320.638440][T11864] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 320.653141][T11864] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 320.669292][T11864] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 320.697016][T12091] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 320.708367][T12091] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 320.716130][T12091] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 320.931016][T11864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 321.001952][T11864] 8021q: adding VLAN 0 to HW filter on device team0 [ 321.044666][ T3455] bridge0: port 1(bridge_slave_0) entered blocking state [ 321.051947][ T3455] bridge0: port 1(bridge_slave_0) entered forwarding state [ 321.084171][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 321.091420][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 321.806525][T11864] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 321.929325][T11864] veth0_vlan: entered promiscuous mode [ 321.965619][T11864] veth1_vlan: entered promiscuous mode [ 322.122088][T11864] veth0_macvtap: entered promiscuous mode [ 322.169662][T11864] veth1_macvtap: entered promiscuous mode [ 322.219462][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 322.250555][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.261592][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 322.279261][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.289556][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 322.302840][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.323313][T11864] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 322.396121][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 322.416228][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.446354][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 322.489613][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.505252][T11864] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 322.516249][T11864] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 322.535878][T11864] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 322.558953][T12146] overlayfs: fs on './bus' does not support file handles, falling back to index=off,nfs_export=off. [ 322.591811][T11864] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.613701][T12146] overlayfs: "xino" feature enabled using 2 upper inode bits. [ 322.622118][T11864] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.631771][T12146] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior. [ 322.648301][T11864] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.657484][T11864] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 322.890121][ T48] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 322.914831][ T48] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.000270][ T140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 323.014151][ T140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 323.688896][T12183] loop4: detected capacity change from 0 to 128 [ 324.720693][T12210] fuse: Bad value for 'fd' [ 324.848179][T12215] loop2: detected capacity change from 0 to 128 [ 325.884098][T12256] 9pnet_fd: Insufficient options for proto=fd [ 326.262594][T12270] fuse: Bad value for 'user_id' [ 327.756067][T12332] fuse: Bad value for 'user_id' [ 328.033863][T12340] loop1: detected capacity change from 0 to 16 [ 328.067609][T12340] erofs: (device loop1): mounted with root inode @ nid 36. [ 328.107342][T12340] erofs: (device loop1): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36 [ 328.129213][T12340] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36 [ 328.812851][T12368] fuse: Bad value for 'fd' [ 329.545526][T12398] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 329.576528][T12398] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off. [ 329.657432][T12398] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 329.951807][T12414] fuse: Bad value for 'fd' [ 330.505281][T12438] loop4: detected capacity change from 0 to 128 [ 331.034700][T12451] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2316'. [ 331.086997][T12451] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2316'. [ 331.165550][T12456] fuse: Bad value for 'fd' [ 331.582684][T12470] loop2: detected capacity change from 0 to 128 [ 332.323918][T12498] fuse: Bad value for 'fd' [ 332.823261][T12515] loop4: detected capacity change from 0 to 128 [ 333.251944][T12525] loop4: detected capacity change from 0 to 16 [ 333.281207][T12525] erofs: (device loop4): mounted with root inode @ nid 36. [ 333.324738][T12525] syz.4.2335: attempt to access beyond end of device [ 333.324738][T12525] loop4: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 333.358264][T12525] syz.4.2335: attempt to access beyond end of device [ 333.358264][T12525] loop4: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 333.423077][ T27] audit: type=1800 audit(1760164890.946:41): pid=12525 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2335" name="file1" dev="loop4" ino=86 res=0 errno=0 [ 333.797354][T12545] fuse: Bad value for 'fd' [ 334.926409][T12586] fuse: Bad value for 'fd' [ 335.221680][T12595] overlayfs: failed to resolve './bus': -2 [ 336.153476][T12625] fuse: Invalid rootmode [ 337.310553][T12662] fuse: Invalid rootmode [ 337.610836][T12668] 8021q: adding VLAN 0 to HW filter on device bond1 [ 337.648178][T12668] team0: Failed to send options change via netlink (err -105) [ 337.663457][T12668] team0: Port device bond1 added [ 337.685180][ T3455] team0: Failed to send port change of device bond1 via netlink (err -105) [ 338.270604][T12684] fuse: Invalid rootmode [ 339.330363][T12711] fuse: Bad value for 'rootmode' [ 340.223101][T12734] 9pnet_fd: Insufficient options for proto=fd [ 340.358299][T12736] fuse: Bad value for 'rootmode' [ 341.114639][T12748] loop3: detected capacity change from 0 to 512 [ 341.192933][T12748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 341.288540][ T27] audit: type=1800 audit(1760164898.816:42): pid=12748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2400" name="file1" dev="loop3" ino=15 res=0 errno=0 [ 341.567520][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 342.085004][T12764] 9pnet_fd: Insufficient options for proto=fd [ 342.253544][T12766] fuse: Bad value for 'rootmode' [ 344.230223][T12808] kvm: kvm [12807]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x7 [ 344.239816][T12808] kvm: kvm [12807]: vcpu2, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x7 [ 345.020163][T12826] syzkaller0: entered promiscuous mode [ 345.026962][T12826] syzkaller0: entered allmulticast mode [ 345.388063][ T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 345.544259][T12836] loop2: detected capacity change from 0 to 128 [ 345.623079][ T23] usb 5-1: Using ep0 maxpacket: 16 [ 345.633851][T12836] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 345.695918][T12836] ext4 filesystem being mounted at /584/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 345.705736][ T23] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 345.773312][T12840] loop1: detected capacity change from 0 to 256 [ 345.790902][ T23] usb 5-1: config 0 has no interface number 0 [ 345.830308][ T23] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 345.877353][T12840] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 345.887991][ T23] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 345.911733][ T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 345.930918][ T23] usb 5-1: Product: syz [ 345.975317][ T23] usb 5-1: Manufacturer: syz [ 345.986380][ T23] usb 5-1: SerialNumber: syz [ 345.991958][ T5788] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 346.023883][ T23] usb 5-1: config 0 descriptor?? [ 346.050667][T12840] syz.1.2430: attempt to access beyond end of device [ 346.050667][T12840] loop1: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 346.085648][T12840] syz.1.2430: attempt to access beyond end of device [ 346.085648][T12840] loop1: rw=524288, sector=408, nr_sectors = 256 limit=256 [ 346.107753][T12840] syz.1.2430: attempt to access beyond end of device [ 346.107753][T12840] loop1: rw=0, sector=280, nr_sectors = 8 limit=256 [ 346.123765][ T27] audit: type=1800 audit(1760164903.646:43): pid=12840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2430" name="file1" dev="loop1" ino=1048688 res=0 errno=0 [ 346.254876][T12829] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.266851][T12829] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 346.285170][ T23] usbtouchscreen 5-1:0.214: Failed to read FW rev: -71 [ 346.302067][ T23] usbtouchscreen: probe of 5-1:0.214 failed with error -71 [ 346.320436][ T23] usb 5-1: USB disconnect, device number 2 [ 347.782648][T12880] loop4: detected capacity change from 0 to 128 [ 347.841767][T12880] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 347.866565][T12880] ext4 filesystem being mounted at /78/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 348.202589][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 348.453850][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 348.695142][T12887] loop1: detected capacity change from 0 to 512 [ 348.730418][T12887] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 349.965932][T12893] loop1: detected capacity change from 0 to 256 [ 349.996495][T12893] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d) [ 350.104499][T12893] syz.1.2443: attempt to access beyond end of device [ 350.104499][T12893] loop1: rw=524288, sector=280, nr_sectors = 128 limit=256 [ 350.124480][T12893] syz.1.2443: attempt to access beyond end of device [ 350.124480][T12893] loop1: rw=524288, sector=408, nr_sectors = 256 limit=256 [ 350.139144][T12893] syz.1.2443: attempt to access beyond end of device [ 350.139144][T12893] loop1: rw=0, sector=280, nr_sectors = 8 limit=256 [ 350.153219][ T27] audit: type=1800 audit(1760164907.676:44): pid=12893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2443" name="file1" dev="loop1" ino=1048692 res=0 errno=0 [ 350.487790][T11407] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 350.552124][T12899] kvm: pic: non byte write [ 350.578804][T12905] syz.3.2447 uses obsolete (PF_INET,SOCK_PACKET) [ 350.658755][T12908] loop4: detected capacity change from 0 to 128 [ 350.707195][T12908] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 350.770393][T12908] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 351.101590][T11407] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 351.238827][T12915] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2450'. [ 351.542415][T12920] loop3: detected capacity change from 0 to 2048 [ 351.597585][T12920] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 351.827242][T12922] syzkaller0: entered promiscuous mode [ 351.837506][T12933] loop1: detected capacity change from 0 to 1024 [ 351.851750][T12922] syzkaller0: entered allmulticast mode [ 351.915099][ T5806] udevd[5806]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory [ 351.974787][ T5806] udevd[5806]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory [ 352.046238][ T5806] udevd[5806]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory [ 352.259654][T12939] loop4: detected capacity change from 0 to 256 [ 352.341120][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 352.591324][T12950] loop3: detected capacity change from 0 to 736 [ 353.889677][T12970] loop4: detected capacity change from 0 to 2048 [ 353.971522][T12970] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 354.280941][ T5863] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 354.424355][ T5863] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 355.013068][ T5863] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 355.240393][ T5863] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 355.253309][ T5863] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 3 [ 355.264757][ T5863] usb 5-1: config 220 interface 0 has no altsetting 0 [ 355.309426][ T5863] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 355.320420][ T5863] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 355.331718][ T5863] usb 5-1: Product: syz [ 355.340064][ T5863] usb 5-1: Manufacturer: syz [ 355.345221][ T5863] usb 5-1: SerialNumber: syz [ 355.572908][T12980] loop9: detected capacity change from 0 to 7 [ 355.622754][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 355.637634][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 355.647157][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 355.667462][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 355.676706][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 355.691614][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 355.701156][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 355.717728][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 355.718526][ T5863] usb 5-1: Found UVC 7.01 device syz (8086:0b07) [ 355.726961][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 355.736192][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 355.743141][ T5863] usb 5-1: No valid video chain found. [ 355.751006][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 355.787332][ T5863] usb 5-1: USB disconnect, device number 3 [ 356.061099][T12988] input: syz0 as /devices/virtual/input/input6 [ 356.149934][ T5806] udevd[5806]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory [ 356.562314][T13000] kvm: pic: single mode not supported [ 356.565047][T13000] kvm: pic: single mode not supported [ 356.593899][T13000] kvm: pic: level sensitive irq not supported [ 356.605962][T13008] loop4: detected capacity change from 0 to 512 [ 356.621064][T13000] kvm: pic: non byte write [ 356.633355][T13000] kvm: pic: single mode not supported [ 356.633378][T13000] kvm: pic: level sensitive irq not supported [ 356.705934][T13008] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.2482: bad orphan inode 11862016 [ 356.779497][T13008] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 356.855797][T13008] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 357.188266][T11407] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 357.219399][T13021] syzkaller0: entered promiscuous mode [ 357.246900][T13021] syzkaller0: entered allmulticast mode [ 357.422097][T13024] loop4: detected capacity change from 0 to 1024 [ 357.577973][T13024] hfsplus: xattr searching failed [ 357.632885][T13024] hfsplus: xattr searching failed [ 358.081812][T13036] kvm: pic: non byte write [ 358.772290][ T5780] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 358.976692][ T5780] usb 5-1: Using ep0 maxpacket: 32 [ 358.997532][ T5780] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 359.022222][ T5780] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 359.032120][ T5780] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 359.040735][ T5780] usb 5-1: Product: syz [ 359.045276][ T5780] usb 5-1: Manufacturer: syz [ 359.050589][ T5780] usb 5-1: SerialNumber: syz [ 359.070058][ T5780] usb 5-1: config 0 descriptor?? [ 359.081845][T13047] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 359.100403][ T5780] hub 5-1:0.0: bad descriptor, ignoring hub [ 359.107979][ T5780] hub: probe of 5-1:0.0 failed with error -5 [ 359.142926][ T5780] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input7 [ 359.411506][ T5780] usb 5-1: USB disconnect, device number 4 [ 359.417734][ C0] usbtouchscreen 5-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 360.420909][T13070] loop4: detected capacity change from 0 to 16 [ 360.438588][T13070] erofs: (device loop4): mounted with root inode @ nid 36. [ 360.461526][T13070] syz.4.2505: attempt to access beyond end of device [ 360.461526][T13070] loop4: rw=524288, sector=1342177272, nr_sectors = 32 limit=16 [ 360.484540][T13070] syz.4.2505: attempt to access beyond end of device [ 360.484540][T13070] loop4: rw=0, sector=1342177272, nr_sectors = 32 limit=16 [ 360.499906][ T27] audit: type=1800 audit(1760164918.026:45): pid=13070 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2505" name="file1" dev="loop4" ino=86 res=0 errno=0 [ 360.895964][T13074] loop4: detected capacity change from 0 to 1024 [ 360.915168][T13074] EXT4-fs: Ignoring removed nomblk_io_submit option [ 360.933855][T13074] EXT4-fs: Ignoring removed nomblk_io_submit option [ 360.949738][T13074] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 360.997925][T13074] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 361.068131][T13074] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.213519][T11407] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.332923][T13085] overlayfs: failed to resolve './file1': -2 [ 361.679025][T13097] overlayfs: missing 'lowerdir' [ 361.816793][T13103] fuse: Bad value for 'fd' [ 361.911354][T13106] loop3: detected capacity change from 0 to 1024 [ 361.922085][T13101] syzkaller0: entered promiscuous mode [ 361.931691][T13101] syzkaller0: entered allmulticast mode [ 361.971868][T13106] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 361.998654][T13114] overlayfs: failed to resolve './file1': -2 [ 362.110714][ T5794] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.303575][T13122] loop3: detected capacity change from 0 to 1024 [ 362.434774][T13122] hfsplus: keylen 65060 too large [ 362.488062][T13125] loop2: detected capacity change from 0 to 2048 [ 362.568483][T13125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 362.748331][T13129] overlayfs: missing 'lowerdir' [ 363.041970][T13135] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 363.059709][T13135] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 363.072630][T13135] EXT4-fs (loop2): This should not happen!! Data will be lost [ 363.072630][T13135] [ 363.082710][T13135] EXT4-fs (loop2): Total free blocks count 0 [ 363.089043][T13135] EXT4-fs (loop2): Free/Dirty block details [ 363.095429][T13135] EXT4-fs (loop2): free_blocks=66060288 [ 363.101338][T13135] EXT4-fs (loop2): dirty_blocks=16 [ 363.106767][T13135] EXT4-fs (loop2): Block reservation details [ 363.112928][T13135] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 363.373811][T13138] loop4: detected capacity change from 0 to 16 [ 363.400717][T13138] erofs: (device loop4): mounted with root inode @ nid 36. [ 363.482610][T13138] syz.4.2529: attempt to access beyond end of device [ 363.482610][T13138] loop4: rw=524288, sector=16, nr_sectors = 32 limit=16 [ 363.531949][T13138] syz.4.2529: attempt to access beyond end of device [ 363.531949][T13138] loop4: rw=524288, sector=8, nr_sectors = 32 limit=16 [ 363.567580][ T5788] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.594342][T13138] syz.4.2529: attempt to access beyond end of device [ 363.594342][T13138] loop4: rw=0, sector=8, nr_sectors = 32 limit=16 [ 363.727629][T11407] BUG: Bad page state in process syz-executor pfn:78a96 [ 363.735241][T11407] page:ffffea0001e2a580 refcount:0 mapcount:0 mapping:ffff88805c82a280 index:0x2 pfn:0x78a96 [ 363.745521][T11407] aops:z_erofs_cache_aops ino:0 [ 363.750598][T11407] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 363.758463][T11407] page_type: 0xffffffff() [ 363.763013][T11407] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff88805c82a280 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 363.771709][T11407] raw: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 363.780384][T11407] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 363.787784][T11407] page_owner tracks the page as allocated [ 363.793861][T11407] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 13138, tgid 13137 (syz.4.2529), ts 363481929887, free_ts 358552165716 [ 363.817684][T11407] post_alloc_hook+0x1cd/0x210 [ 363.822518][T11407] get_page_from_freelist+0x195c/0x19f0 [ 363.828451][T11407] __alloc_pages+0x1e3/0x460 [ 363.833440][T11407] z_erofs_do_read_page+0x20c0/0x3680 [ 363.838950][T11407] z_erofs_readahead+0x862/0xd50 [ 363.843925][T11407] read_pages+0x177/0x840 [ 363.848431][T11407] page_cache_ra_unbounded+0x692/0x770 [ 363.853955][T11407] force_page_cache_ra+0x2c1/0x320 [ 363.859194][T11407] generic_fadvise+0x44f/0x730 [ 363.864008][T11407] __x64_sys_fadvise64+0x140/0x180 [ 363.869262][T11407] do_syscall_64+0x55/0xb0 [ 363.873733][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 363.879756][T11407] page last free stack trace: [ 363.884457][T11407] free_unref_page_prepare+0x7ce/0x8e0 [ 363.890026][T11407] free_unref_page+0x32/0x2e0 [ 363.894756][T11407] skb_release_data+0x49a/0x800 [ 363.899738][T11407] __kfree_skb+0x57/0x70 [ 363.904036][T11407] __tcp_close+0x205/0xdd0 [ 363.909279][T11407] tcp_close+0x28/0x110 [ 363.913849][T11407] inet_release+0x13d/0x180 [ 363.917707][T13140] syz-executor: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 363.920009][T11407] sock_close+0xbd/0x230 [ 363.940845][T11407] __fput+0x234/0x970 [ 363.944871][T11407] task_work_run+0x1ce/0x250 [ 363.949560][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 363.954888][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 363.960870][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 363.966428][T11407] do_syscall_64+0x61/0xb0 [ 363.970898][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 363.976959][T11407] Modules linked in: [ 363.980903][T11407] CPU: 0 PID: 11407 Comm: syz-executor Not tainted syzkaller #0 [ 363.988574][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 363.998674][T11407] Call Trace: [ 364.001986][T11407] [ 364.004945][T11407] dump_stack_lvl+0x16c/0x230 [ 364.009678][T11407] ? show_regs_print_info+0x20/0x20 [ 364.014918][T11407] ? swiotlb_print_info+0x70/0x70 [ 364.019992][T11407] bad_page+0x14b/0x170 [ 364.024297][T11407] free_unref_page_prepare+0x887/0x8e0 [ 364.029809][T11407] free_unref_page+0x32/0x2e0 [ 364.034538][T11407] ? __folio_put+0xef/0x210 [ 364.039193][T11407] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 364.045700][T11407] erofs_shrink_workstation+0x118/0x290 [ 364.051297][T11407] ? erofs_shrinker_unregister+0x170/0x170 [ 364.057173][T11407] ? io_schedule+0xd0/0xd0 [ 364.061642][T11407] ? kobject_put+0x43c/0x470 [ 364.066310][T11407] erofs_shrinker_unregister+0x5d/0x170 [ 364.071910][T11407] erofs_put_super+0x4e/0x150 [ 364.076642][T11407] ? erofs_free_inode+0xb0/0xb0 [ 364.081641][T11407] generic_shutdown_super+0x134/0x2b0 [ 364.087126][T11407] kill_block_super+0x44/0x90 [ 364.091845][T11407] erofs_kill_sb+0x4c/0x140 [ 364.096398][T11407] deactivate_locked_super+0x97/0x100 [ 364.101806][T11407] cleanup_mnt+0x429/0x4c0 [ 364.106248][T11407] task_work_run+0x1ce/0x250 [ 364.110882][T11407] ? task_work_cancel+0x240/0x240 [ 364.115956][T11407] ? exit_to_user_mode_loop+0x3b/0x110 [ 364.121472][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 364.126799][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 364.132374][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 364.137879][T11407] do_syscall_64+0x61/0xb0 [ 364.142350][T11407] ? clear_bhb_loop+0x40/0x90 [ 364.147070][T11407] ? clear_bhb_loop+0x40/0x90 [ 364.151794][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.157766][T11407] RIP: 0033:0x7fe1c9b901f7 [ 364.162300][T11407] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 364.182032][T11407] RSP: 002b:00007ffc0810b2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 364.190526][T11407] RAX: 0000000000000000 RBX: 00007fe1c9c11d7d RCX: 00007fe1c9b901f7 [ 364.198538][T11407] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc0810b3b0 [ 364.206546][T11407] RBP: 00007ffc0810b3b0 R08: 0000000000000000 R09: 0000000000000000 [ 364.214537][T11407] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc0810c440 [ 364.222535][T11407] R13: 00007fe1c9c11d7d R14: 0000000000058c5a R15: 00007ffc0810c480 [ 364.230545][T11407] [ 364.233586][T13140] CPU: 1 PID: 13140 Comm: syz-executor Not tainted syzkaller #0 [ 364.235421][T11407] Disabling lock debugging due to kernel taint [ 364.241270][T13140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 364.241283][T13140] Call Trace: [ 364.241291][T13140] [ 364.241299][T13140] dump_stack_lvl+0x16c/0x230 [ 364.241329][T13140] ? show_regs_print_info+0x20/0x20 [ 364.241358][T13140] ? load_image+0x3b0/0x3b0 [ 364.241377][T13140] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 364.241400][T13140] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 364.241423][T13140] warn_alloc+0x210/0x300 [ 364.241454][T13140] ? zone_watermark_ok_safe+0x230/0x230 [ 364.241486][T13140] ? _raw_spin_unlock+0x28/0x40 [ 364.241511][T13140] __vmalloc_node_range+0x662/0x1320 [ 364.241547][T13140] ? free_vm_area+0x50/0x50 [ 364.241567][T13140] ? close_fd_get_file+0x65/0x70 [ 364.241591][T13140] ? kcov_remote_reset+0xc0/0xc0 [ 364.241613][T13140] vmalloc_user+0x74/0x80 [ 364.241636][T13140] ? kcov_ioctl+0x58/0x630 [ 364.241658][T13140] kcov_ioctl+0x58/0x630 [ 364.241680][T13140] ? bpf_lsm_file_ioctl+0x9/0x10 [ 364.241698][T13140] ? security_file_ioctl+0x80/0xa0 [ 364.241725][T13140] ? kcov_remote_reset+0xc0/0xc0 [ 364.241747][T13140] __se_sys_ioctl+0xfd/0x170 [ 364.241772][T13140] do_syscall_64+0x55/0xb0 [ 364.241796][T13140] ? clear_bhb_loop+0x40/0x90 [ 364.241815][T13140] ? clear_bhb_loop+0x40/0x90 [ 364.241834][T13140] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.241852][T13140] RIP: 0033:0x7f32c238eacb [ 364.241870][T13140] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00 [ 364.241886][T13140] RSP: 002b:00007ffd15d7adb0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 364.241906][T13140] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f32c238eacb [ 364.241919][T13140] RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000d8 [ 364.241931][T13140] RBP: 00007f32c25e6038 R08: 0000000000000005 R09: 0000000000000000 [ 364.241943][T13140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 364.241954][T13140] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 364.248166][T11407] BUG: Bad page state in process syz-executor pfn:5ea35 [ 364.258176][T13140] [ 364.285858][T13140] Mem-Info: [ 364.291965][T11407] page:ffffea00017a8d40 refcount:0 mapcount:0 mapping:ffff88805c82a280 index:0x3 pfn:0x5ea35 [ 364.291992][T11407] aops:z_erofs_cache_aops ino:0 [ 364.292019][T11407] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 364.292035][T11407] page_type: 0xffffffff() [ 364.292053][T11407] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff88805c82a280 [ 364.292069][T11407] raw: 0000000000000003 0000000000000000 00000000ffffffff 0000000000000000 [ 364.292079][T11407] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 364.292088][T11407] page_owner tracks the page as allocated [ 364.299149][T13140] active_anon:21197 inactive_anon:0 isolated_anon:0 [ 364.299149][T13140] active_file:10468 inactive_file:40336 isolated_file:0 [ 364.299149][T13140] unevictable:768 dirty:108 writeback:0 [ 364.299149][T13140] slab_reclaimable:10761 slab_unreclaimable:94513 [ 364.299149][T13140] mapped:13267 shmem:17873 pagetables:417 [ 364.299149][T13140] sec_pagetables:0 bounce:0 [ 364.299149][T13140] kernel_misc_reclaimable:0 [ 364.299149][T13140] free:1337443 free_pcp:7705 free_cma:0 [ 364.302000][T11407] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 13138, tgid 13137 (syz.4.2529), ts 363481949043, free_ts 358552083030 [ 364.307706][T13140] Node 0 active_anon:84788kB inactive_anon:0kB active_file:41872kB inactive_file:161144kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:53068kB dirty:432kB writeback:0kB shmem:69956kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11268kB pagetables:1668kB sec_pagetables:0kB all_unreclaimable? no [ 364.312174][T11407] post_alloc_hook+0x1cd/0x210 [ 364.318753][T13140] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 364.321629][T11407] get_page_from_freelist+0x195c/0x19f0 [ 364.327267][T13140] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 364.327329][T13140] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 364.327377][T13140] Node 0 DMA32 free:1434532kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:84744kB inactive_anon:0kB active_file:41872kB inactive_file:159824kB unevictable:1536kB writepending:432kB present:3129332kB managed:2589604kB mlocked:0kB bounce:0kB free_pcp:14208kB local_pcp:1976kB free_cma:0kB [ 364.327436][T13140] lowmem_reserve[]: 0 0 1 1 1 [ 364.327472][T13140] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1320kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 364.327527][T13140] lowmem_reserve[]: 0 0 0 0 0 [ 364.327564][T13140] Node 1 Normal free:3899860kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:16608kB local_pcp:9152kB free_cma:0kB [ 364.327621][T13140] lowmem_reserve[]: 0 0 0 0 0 [ 364.327658][T13140] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 364.327788][T13140] Node 0 DMA32: 1587*4kB (UME) 863*8kB (UM) 358*16kB (UME) 350*32kB (UME) 25*64kB (UME) 29*128kB [ 364.332195][T11407] __alloc_pages+0x1e3/0x460 [ 364.339552][T13140] (UME) [ 364.341042][T11407] z_erofs_do_read_page+0x20c0/0x3680 [ 364.345975][T13140] 3*256kB [ 364.351123][T11407] z_erofs_readahead+0x862/0xd50 [ 364.351144][T11407] read_pages+0x177/0x840 [ 364.362483][T13140] (ME) [ 364.365525][T11407] page_cache_ra_unbounded+0x692/0x770 [ 364.379155][T13140] 3*512kB [ 364.380875][T11407] force_page_cache_ra+0x2c1/0x320 [ 364.385219][T13140] (UM) 4*1024kB [ 364.404881][T11407] generic_fadvise+0x44f/0x730 [ 364.404912][T11407] __x64_sys_fadvise64+0x140/0x180 [ 364.404936][T11407] do_syscall_64+0x55/0xb0 [ 364.404960][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.404978][T11407] page last free stack trace: [ 364.404985][T11407] free_unref_page_prepare+0x7ce/0x8e0 [ 364.405013][T11407] free_unref_page+0x32/0x2e0 [ 364.405039][T11407] skb_release_data+0x49a/0x800 [ 364.405066][T11407] __kfree_skb+0x57/0x70 [ 364.405089][T11407] __tcp_close+0x205/0xdd0 [ 364.405109][T11407] tcp_close+0x28/0x110 [ 364.422271][T13140] (ME) [ 364.431250][T11407] inet_release+0x13d/0x180 [ 364.442702][T13140] 4*2048kB [ 364.446230][T11407] sock_close+0xbd/0x230 [ 364.454613][T13140] (UME) [ 364.461416][T11407] __fput+0x234/0x970 [ 364.461449][T11407] task_work_run+0x1ce/0x250 [ 364.461473][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 364.461500][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 364.461525][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 364.461553][T11407] do_syscall_64+0x61/0xb0 [ 364.467163][T13140] 338*4096kB [ 364.467754][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 364.503521][T13140] (UM) = 1434532kB [ 364.503542][T13140] Node 0 Normal: 1*4kB [ 364.512149][T11407] Modules linked in: [ 364.512163][T11407] CPU: 0 PID: 11407 Comm: syz-executor Tainted: G B syzkaller #0 [ 364.512183][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 364.512194][T11407] Call Trace: [ 364.512201][T11407] [ 364.512208][T11407] dump_stack_lvl+0x16c/0x230 [ 364.512240][T11407] ? show_regs_print_info+0x20/0x20 [ 364.512266][T11407] ? swiotlb_print_info+0x70/0x70 [ 364.512292][T11407] bad_page+0x14b/0x170 [ 364.522811][T13140] (M) [ 364.525375][T11407] free_unref_page_prepare+0x887/0x8e0 [ 364.571689][T13140] 0*8kB [ 364.592917][T11407] free_unref_page+0x32/0x2e0 [ 364.592953][T11407] ? __folio_put+0xef/0x210 [ 364.626395][T13140] 1*16kB [ 364.630613][T11407] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 365.063804][T11407] erofs_shrink_workstation+0x118/0x290 [ 365.069378][T11407] ? erofs_shrinker_unregister+0x170/0x170 [ 365.075209][T11407] ? io_schedule+0xd0/0xd0 [ 365.079639][T11407] ? kobject_put+0x43c/0x470 [ 365.084253][T11407] erofs_shrinker_unregister+0x5d/0x170 [ 365.089824][T11407] erofs_put_super+0x4e/0x150 [ 365.094516][T11407] ? erofs_free_inode+0xb0/0xb0 [ 365.099386][T11407] generic_shutdown_super+0x134/0x2b0 [ 365.104797][T11407] kill_block_super+0x44/0x90 [ 365.109488][T11407] erofs_kill_sb+0x4c/0x140 [ 365.114005][T11407] deactivate_locked_super+0x97/0x100 [ 365.119397][T11407] cleanup_mnt+0x429/0x4c0 [ 365.123826][T11407] task_work_run+0x1ce/0x250 [ 365.128434][T11407] ? task_work_cancel+0x240/0x240 [ 365.133564][T11407] ? exit_to_user_mode_loop+0x3b/0x110 [ 365.139039][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 365.144345][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 365.149909][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 365.155385][T11407] do_syscall_64+0x61/0xb0 [ 365.159827][T11407] ? clear_bhb_loop+0x40/0x90 [ 365.164512][T11407] ? clear_bhb_loop+0x40/0x90 [ 365.169218][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 365.175209][T11407] RIP: 0033:0x7fe1c9b901f7 [ 365.179638][T11407] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 365.199344][T11407] RSP: 002b:00007ffc0810b2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 365.207773][T11407] RAX: 0000000000000000 RBX: 00007fe1c9c11d7d RCX: 00007fe1c9b901f7 [ 365.215753][T11407] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc0810b3b0 [ 365.223732][T11407] RBP: 00007ffc0810b3b0 R08: 0000000000000000 R09: 0000000000000000 [ 365.231710][T11407] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc0810c440 [ 365.239690][T11407] R13: 00007fe1c9c11d7d R14: 0000000000058c5a R15: 00007ffc0810c480 [ 365.247682][T11407] [ 365.253389][T11407] BUG: Bad page state in process syz-executor pfn:60c80 [ 365.261086][T11407] page:ffffea0001832000 refcount:0 mapcount:0 mapping:ffff88805c82a280 index:0x4 pfn:0x60c80 [ 365.271339][T11407] aops:z_erofs_cache_aops ino:0 [ 365.276226][T11407] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff) [ 365.284155][T11407] page_type: 0xffffffff() [ 365.284181][T13140] (M) [ 365.288513][T11407] raw: 00fff00000000001 dead000000000100 dead000000000122 ffff88805c82a280 [ 365.288531][T11407] raw: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 365.288542][T11407] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 365.288553][T11407] page_owner tracks the page as allocated [ 365.291255][T13140] 0*32kB [ 365.299911][T11407] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x192840(GFP_NOWAIT|__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 13138, tgid 13137 (syz.4.2529), ts 363481968054, free_ts 358552016592 [ 365.308906][T13140] 0*64kB [ 365.316153][T11407] post_alloc_hook+0x1cd/0x210 [ 365.321916][T13140] 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 365.321973][T13140] Node 1 Normal: 239*4kB (UME) 61*8kB (UME) 37*16kB (UME) 153*32kB (UME) 41*64kB (UE) 7*128kB (UME) 1*256kB (U) 2*512kB (ME) 1*1024kB [ 365.325017][T11407] get_page_from_freelist+0x195c/0x19f0 [ 365.349576][T13140] (E) [ 365.351624][T11407] __alloc_pages+0x1e3/0x460 [ 365.354873][T13140] 2*2048kB [ 365.362358][T11407] z_erofs_do_read_page+0x20c0/0x3680 [ 365.382867][T13140] (UE) [ 365.384441][T11407] z_erofs_readahead+0x862/0xd50 [ 365.405531][T11407] read_pages+0x177/0x840 [ 365.405562][T13140] 948*4096kB (M) [ 365.409917][T11407] page_cache_ra_unbounded+0x692/0x770 [ 365.409948][T11407] force_page_cache_ra+0x2c1/0x320 [ 365.409977][T11407] generic_fadvise+0x44f/0x730 [ 365.410001][T11407] __x64_sys_fadvise64+0x140/0x180 [ 365.410025][T11407] do_syscall_64+0x55/0xb0 [ 365.410049][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 365.410068][T11407] page last free stack trace: [ 365.410074][T11407] free_unref_page_prepare+0x7ce/0x8e0 [ 365.410103][T11407] free_unref_page+0x32/0x2e0 [ 365.410129][T11407] skb_release_data+0x49a/0x800 [ 365.410154][T11407] __kfree_skb+0x57/0x70 [ 365.410177][T11407] __tcp_close+0x205/0xdd0 [ 365.410198][T11407] tcp_close+0x28/0x110 [ 365.410218][T11407] inet_release+0x13d/0x180 [ 365.410234][T11407] sock_close+0xbd/0x230 [ 365.410248][T11407] __fput+0x234/0x970 [ 365.419051][T13140] = 3899860kB [ 365.419390][T11407] task_work_run+0x1ce/0x250 [ 365.424470][T13140] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 365.429264][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 365.434973][T13140] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 365.438833][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 365.444922][T13140] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 365.449426][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 365.449458][T11407] do_syscall_64+0x61/0xb0 [ 365.455835][T13140] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 365.455854][T13140] 68676 total pagecache pages [ 365.455875][T13140] 0 pages in swap cache [ 365.455882][T13140] Free swap = 124472kB [ 365.455888][T13140] Total swap = 124996kB [ 365.455897][T13140] 2097051 pages RAM [ 365.455903][T13140] 0 pages HighMem/MovableOnly [ 365.455909][T13140] 416136 pages reserved [ 365.455915][T13140] 0 pages cma reserved [ 365.593591][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 365.599567][T11407] Modules linked in: [ 365.603481][T11407] CPU: 0 PID: 11407 Comm: syz-executor Tainted: G B syzkaller #0 [ 365.612688][T11407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 365.623019][T11407] Call Trace: [ 365.626325][T11407] [ 365.629286][T11407] dump_stack_lvl+0x16c/0x230 [ 365.633978][T11407] ? show_regs_print_info+0x20/0x20 [ 365.639279][T11407] ? swiotlb_print_info+0x70/0x70 [ 365.644315][T11407] bad_page+0x14b/0x170 [ 365.648505][T11407] free_unref_page_prepare+0x887/0x8e0 [ 365.654061][T11407] free_unref_page+0x32/0x2e0 [ 365.658768][T11407] ? __folio_put+0xef/0x210 [ 365.663283][T11407] erofs_try_to_free_all_cached_pages+0x295/0x600 [ 365.669772][T11407] erofs_shrink_workstation+0x118/0x290 [ 365.675369][T11407] ? erofs_shrinker_unregister+0x170/0x170 [ 365.681199][T11407] ? io_schedule+0xd0/0xd0 [ 365.685627][T11407] ? kobject_put+0x43c/0x470 [ 365.690244][T11407] erofs_shrinker_unregister+0x5d/0x170 [ 365.695825][T11407] erofs_put_super+0x4e/0x150 [ 365.700558][T11407] ? erofs_free_inode+0xb0/0xb0 [ 365.705433][T11407] generic_shutdown_super+0x134/0x2b0 [ 365.710839][T11407] kill_block_super+0x44/0x90 [ 365.715560][T11407] erofs_kill_sb+0x4c/0x140 [ 365.720174][T11407] deactivate_locked_super+0x97/0x100 [ 365.725569][T11407] cleanup_mnt+0x429/0x4c0 [ 365.730005][T11407] task_work_run+0x1ce/0x250 [ 365.734637][T11407] ? task_work_cancel+0x240/0x240 [ 365.739678][T11407] ? exit_to_user_mode_loop+0x3b/0x110 [ 365.745244][T11407] exit_to_user_mode_loop+0xe6/0x110 [ 365.750547][T11407] exit_to_user_mode_prepare+0xf6/0x180 [ 365.756262][T11407] syscall_exit_to_user_mode+0x1a/0x50 [ 365.761759][T11407] do_syscall_64+0x61/0xb0 [ 365.766190][T11407] ? clear_bhb_loop+0x40/0x90 [ 365.770892][T11407] ? clear_bhb_loop+0x40/0x90 [ 365.775599][T11407] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 365.781500][T11407] RIP: 0033:0x7fe1c9b901f7 [ 365.785923][T11407] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 365.805650][T11407] RSP: 002b:00007ffc0810b2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 365.814099][T11407] RAX: 0000000000000000 RBX: 00007fe1c9c11d7d RCX: 00007fe1c9b901f7 [ 365.822095][T11407] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc0810b3b0 [ 365.830199][T11407] RBP: 00007ffc0810b3b0 R08: 0000000000000000 R09: 0000000000000000 [ 365.838281][T11407] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc0810c440 [ 365.846268][T11407] R13: 00007fe1c9c11d7d R14: 0000000000058c5a R15: 00007ffc0810c480 [ 365.854268][T11407]