last executing test programs: 17.340671571s ago: executing program 1 (id=215): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x7cb641, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x40094) recvmmsg(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5f}], 0x1, 0x10022, 0x0) 10.299494159s ago: executing program 1 (id=246): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002100)=@newtaction={0x894, 0x30, 0x12f, 0x0, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x5, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x5, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x5, 0x0, 0x3, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x7fffffff, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0x8, 0x800007, 0x1, 0x82, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x7, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x2, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x4, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x4, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x4000000, 0x8000, 0xa, 0x9, 0xca000000, 0x3, 0xfffffffa, 0x3, 0x7, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x4, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000002, 0xb, 0x7, 0x5, 0x2, 0x4]}], [@TCA_POLICE_AVRATE={0x8, 0x4, 0x9}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x1, 0x7, 0x4, 0x1, {0x7, 0x0, 0x3, 0x7, 0x7, 0x80000001}, {0x4, 0x2, 0x1, 0xa, 0x1ff, 0x1c0000}, 0x9, 0xbc, 0xdf72c67}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0) 10.048972108s ago: executing program 1 (id=248): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18) r2 = socket(0xa, 0x3, 0x3a) setsockopt$MRT6_ADD_MIF(r2, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x8, 0x0, 0x401}, 0xc) setsockopt$MRT6_FLUSH(r2, 0x29, 0xd4, &(0x7f0000000080)=0xc, 0x4) 9.579571942s ago: executing program 1 (id=251): r0 = socket(0x10, 0x803, 0x0) socket$unix(0x1, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000c00)="0500000000029e", 0x7}], 0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) prlimit64(0x0, 0xe, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc) mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg(r3, 0x0, 0x4000884) syz_genetlink_get_family_id$nl80211(0x0, r0) 8.781633842s ago: executing program 2 (id=256): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x7cb641, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast}) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000006c0)={0x0}}, 0x40094) recvmmsg(r3, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000040)=""/40, 0x28}, {&(0x7f0000000540)=""/189, 0xbd}, {&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000000940)=""/74, 0x4a}], 0x4}, 0x5f}], 0x1, 0x10022, 0x0) 8.484681711s ago: executing program 1 (id=258): bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0xc, 0x0, 0xffffffffffffffff, 0x3}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000280), 0x84, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r3}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10) sendmsg$TIPC_CMD_GET_MAX_PORTS(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)={0x1c}, 0x1c}}, 0x0) 8.361511848s ago: executing program 3 (id=259): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r2 = gettid() process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) 8.168531031s ago: executing program 1 (id=261): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) stat(&(0x7f0000002580)='./file1\x00', &(0x7f00000025c0)) getresgid(&(0x7f0000005d00), 0x0, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x8, &(0x7f000001fa80), 0x8}, 0x94) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) 7.527787242s ago: executing program 0 (id=262): socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 7.293419507s ago: executing program 0 (id=263): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x1c, 0x13, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}]}, 0x1c}}, 0x24004050) 7.11692446s ago: executing program 3 (id=264): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000018c0000000c0a01030000000000000000070000080900020073797a31000000000900010073797a3000000000600003805c000080080003400000000250000b802c0001800a0001"], 0x110}}, 0x0) 7.008058794s ago: executing program 0 (id=265): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r0 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000300), 0x4) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r1, 0xfffffffc) r2 = socket$netlink(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r4, @ANYBLOB="b4000280b0000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004"], 0xd0}, 0x1, 0x0, 0x0, 0x24004000}, 0x24044880) 5.928759136s ago: executing program 3 (id=267): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_io_uring_setup(0x88f, &(0x7f00000010c0)={0x0, 0xc941, 0x0, 0x2, 0xbfdffffc}, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r1, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0, 0x2, 0x1, {0x1}}) io_uring_enter(r2, 0x47f6, 0x0, 0x4, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x4}]}) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2) close_range(r4, 0xffffffffffffffff, 0x0) 5.562152312s ago: executing program 4 (id=270): socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10) sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0) sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0) recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0) 5.388941902s ago: executing program 4 (id=271): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657eb"], 0x2d4}}, 0x4048010) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="480000001200ffffff7f00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800e00010069703667726574617000"], 0x48}}, 0x0) 4.88717692s ago: executing program 3 (id=272): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000094ae94405f0520c4336a0000000109021200010000000009"], 0x0) sched_setscheduler(0x0, 0x1, 0x0) writev(0xffffffffffffffff, 0x0, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000004c0)='./file0\x00', 0x3000046, &(0x7f0000000140), 0x1, 0x558, &(0x7f0000001600)="$eJzs3d9rW1UcAPDvTX/sJ66DMVRECntwMpdurT8m+DAfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EN/13cfhP+BfMdDBkFH0wZfITW66bE3arMuWbvl84JZzcm9y7vfe+z09NychAQytyexPIeKViPg2iTgQEUm+bjTylZPN7dbuX53NliTq9c/+ThrbZfXWa7Wety+vvBwRv38dcaywsd3qyupCqVxOlyJOZ/Wp2uKlqerK6vELi6X5dD69OD0zc+qdmen333u3b7G+efbfHz69/dGpb46sff/r3YM3kzgd+/N17XE8gWvtlcmYzI/JWDPINif70NhOkgx6B9iWkTzPxyLrAw7ESJ71wIvvq4ioA0Mqkf8wpFrjgNa9fZ/ug58b9z5s3gBtjH+0+d5I7G7cG+1dSx66M8rudyf60H7Wxm9/3bqZLdG/9yEAtnTtekScGB3d2P8lef+3fSd62ObRNvR/8OzczsY/b3Ua/xTWxz/RYfyzr0PubsfW+V+424dmusrGfx90HP+uT1pNjDRrI3k9OX+hnGZ920sRcTTGdmX1zeZzTq3dqXdb1z7+y5as/dZYMN+Pu6O7Hn7OXKlW2m68j7p3PeLVjuPfZP38Jx3Of3Z0zvbYxuH01uvd1m0d/9NV/znijY7n/8GMVrL5/ORU43qYal0VG/1z4/Af3dofdPzZ+d+7efwTSft8bfXx2/hp939pt3UPxR+9X//jyeeN8nj+2JVSrbZ0MmI8+WTj49MPnnul1Hqx5vZZ/EePbN7/dbr+90TEFz3Gf+PQL6/1FP+Azv/cY53/xy/c+fjLH7u131v/93ajdDR/pJf+r9cdfJJjBwAAAAAAADtNISL2R1IorpcLhWKx+fmOQ7G3UK5Ua8fOV5YvzkXju7ITMVZozXQfaNaT1ucfJtrq44/UZyLiYER8N7KnUS/OVspzgw4eAAAAAAAAAAAAAAAAAAAAdoh9Xb7/n/lzZNB7Bzx1fvIbhteW+d+PX3oCdiT//2F4yX8YXvIfhpf8h+El/2F4yX8YXvIfhpf8BwAAAAAAAAAAAAAAAAAAAAAAAAAAgL46e+ZMttTX7l+dzepzl1eWFyqXj8+l1YXi4vJscbaydKk4X6nMl9PibGVxq9crVyqXTk7H8pWpWlqtTVVXVs8tVpYv1s5dWCzNp+fSsWcSFQAAAAAAAAAAAAAAAAAAADxfqiurC6VyOV1SUNhWYXRn7MaLVYgY+G4MumcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAf+DwAA//8KqDRV") r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) syz_io_uring_setup(0x186, &(0x7f0000000180)={0x0, 0xe3f9, 0x13100, 0x3}, &(0x7f0000000100)=0x0, &(0x7f0000000000)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {}, 0x1}) timer_settime(0x0, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8) socket$nl_netfilter(0x10, 0x3, 0xc) pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x9000) 4.089812077s ago: executing program 0 (id=273): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'erspan0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x80, 0x80, 0x7, 0x6, {{0x5, 0x4, 0x1, 0x4, 0x14, 0x67, 0x0, 0x3, 0x2f, 0x0, @loopback, @loopback}}}}) getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000140)={@local, @dev}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'syz_tun\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0xfff3}}}, 0x24}}, 0x0) 3.993209803s ago: executing program 4 (id=274): r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000040)='GPL\x00'}, 0x94) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r1, r2, 0x11, 0x0, r1}, 0x11) 3.92481645s ago: executing program 2 (id=275): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11) ioctl$FIONREAD(r0, 0x541b, 0x0) 3.856278956s ago: executing program 4 (id=276): openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) syz_open_dev$I2C(&(0x7f00000000c0), 0x79, 0x40080) syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_io_uring_setup(0xec5, &(0x7f0000000380)={0x0, 0x0, 0x1000, 0x10000000, 0xffffffff}, 0x0, &(0x7f0000000340)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102) fallocate(r0, 0x23, 0x3, 0x7f) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f) accept4$packet(0xffffffffffffffff, 0x0, 0x0, 0x80000) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2) r2 = memfd_create(&(0x7f0000000480)='y\x105\x14\xf8u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\x15]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xb4\x95\xd1\xc8s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b\x06\x00\x00\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV\x06\xee\x91\'\xae\x9c\x06\xb2\xd4\xfa,\xc0\xca\xd90$\xd7\xfe\xae\xddf?$\xb1\xeeE\b\xbc\xd1[\xd5tO`Z\x15 1\v\xa6\xd0[K!+>,FE\x10\t\xbb\x90Jj\xb8{', 0x2) ftruncate(r2, 0x400ffff) fcntl$addseals(r2, 0x409, 0x7) ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000100)={r2, 0x0, 0x0, 0x1000000}) 2.484362506s ago: executing program 2 (id=277): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x1, &(0x7f00000010c0)={0x2, 0x4e23, @private=0xa010100}, 0x10) r3 = socket(0x2, 0x80805, 0x0) r4 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f0000000040)=@assoc_value={0x0}, &(0x7f0000000000)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(r4, 0x84, 0x11, &(0x7f00000000c0)={r5, 0xa}, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={r5, 0x10, &(0x7f0000001140)=[@in={0x2, 0x4e24, @loopback}]}, &(0x7f0000000180)=0x10) getsockopt$bt_hci(r3, 0x84, 0x3, &(0x7f0000000000)=""/4102, &(0x7f0000001080)=0x1006) r6 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_RECVERR(r6, 0x114, 0x1d, 0x0, 0x0) r7 = io_uring_setup(0xf08, 0x0) r8 = socket(0x10, 0x3, 0x0) r9 = socket$unix(0x1, 0x5, 0x0) io_setup(0x6, &(0x7f0000004680)=0x0) r11 = eventfd2(0x7ff, 0x801) io_submit(r10, 0x2, &(0x7f0000000400)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x499, r9, 0x0, 0x0, 0x62, 0x0, 0x1, r11}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x6, r9, &(0x7f0000000180)="f6", 0x1, 0x7fffffffffffffff}]) sendmsg$nl_generic(r8, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_NAPI(r7, 0x1c, 0x0, 0x1) 1.304868307s ago: executing program 2 (id=278): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000200), &(0x7f0000000280)=r1}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = socket$rds(0x15, 0x5, 0x0) bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) sendmsg$rds(r2, &(0x7f0000001d00)={&(0x7f00000017c0)={0x2, 0x0, @private=0xa010101}, 0x10, 0x0}, 0x0) 1.226989919s ago: executing program 0 (id=279): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@quota}, {@debug}]}, 0x1, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000700)={0x0, 0x2904c, 0x1, 0x10003, '\x00', [{0x0, 0x0, 0x700, 0x7}, {0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}], ['\x00']}) 970.489663ms ago: executing program 2 (id=280): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x24, 0x2b, 0xb, 0x0, 0x0, {0x9}, [@nested={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x24}}, 0x0) 569.04544ms ago: executing program 4 (id=281): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val={'init_itable', 0x3d, 0x7ff}}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x66}}, {@user_xattr}, {@nolazytime}, {@quota}]}, 0x3, 0x43d, &(0x7f0000002200)="$eJzs28tvG0UYAPBv7aRt+iChKo+mBQIFEfFImrSUHriAQOIAEhIcyjHkUYW6DWqCRKsIAkLliCpxRxyR+As4wQUBJySucEeVKpRLCyejtXcT27HzqlOH+veTtp3ZHWvm8+5nz+7EAXStofSfJOJgRPwREf3Van2Doep/t5cXJ/9ZXpxMolx++++k0u7W8uJk3jR/3YG80hNR+DyJY036nb9y9cJEqTR9OauPLlz8YHT+ytXnZy9OnJ8+P31p/OzZ06fGXjwz/sKm4ujZ4Hga163Bj+eOH3393etvTp67/t4v3yV5/A1xtMnQegefKpcrb1LS5k475VBNOdnoZLBrFLPc6a3kf38UazKpP177rKODA3ZUuVwuP9j68FIZuIcl0ekRAJ2Rf9Gn97/51nI2sK/t04+Ou/ly9QYojft2tlWP9EQha9PbcH/bTkMRcW7p36/TLXbmOQQAQJ0f0vnPc83mf4WofS50X7aGMhAR90fE4Yg4ExFHIuKBiErbhyLi4S3237hIsnb+U7ixrcA2KZ3/vZStbdXP//LZXwwUs9qhSvy9ycxsafpk9p4MR+/etD62Th8/vvr7l62O1c7/0i3tP58LZuO40bO3/jVTEwsTdxJzrZufRgz2NIs/WVkJSCLiaEQMbrOP2We+Pd7q2Mbxr6MN60zlbyKerp7/pWiIP5esvz45ui9K0ydH86tirV9/u/ZWq/7vKP42SM///qbX/0r8A0nteu381vu49ucXLe9ptnv970neqdv30cTCwuWxiD3JG9VB1+4fb2g3vto+jX/4RPP8Pxyr78SxiEgv4kci4tGIeCwb++MR8UREnFgn/p9fefL97ce/s9L4p7Z0/lcLe6JxT/NC8cJP39d1OrCV+NPzf7pSGs72bObzbzPj2t7VDAAAAP8/hYg4GElhZKVcKIyMVP+G/0jsL5Tm5heenZn78NJU9TcCA9FbyJ909dc8Dx3Lbuvz+nhD/VT23PirYl+lPjI5V5rqdPDQ5Q60yP/UX8VOjw7YcX6vBd1L/kP3kv/QveQ/dK8m+d/XiXEAd1+z7/9POjAO4O5ryH/LftBF3P9D95L/0L3kP3Sl+b7Y+EfyCgprClHYFcPICzO7Yxj3TqHTn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5dn5s8=") r0 = open(&(0x7f0000000000)='./file2\x00', 0x147842, 0x1ef) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) preadv2(r0, &(0x7f0000000d80)=[{&(0x7f0000001200)=""/4096, 0x100000}], 0x1, 0x0, 0x0, 0x1b) 534.804468ms ago: executing program 2 (id=282): socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_io_uring_setup(0x88f, &(0x7f00000010c0)={0x0, 0xc941, 0x0, 0x2, 0xbfdffffc}, 0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(0x0, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r1, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0, 0x2, 0x1, {0x1}}) io_uring_enter(r2, 0x47f6, 0x0, 0x4, 0x0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000480)=[{0x6, 0x0, 0x0, 0x4}]}) ioctl$BTRFS_IOC_BALANCE_CTL(r0, 0x40049421, 0x2) close_range(r4, 0xffffffffffffffff, 0x0) 357.795712ms ago: executing program 0 (id=283): syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6d616e642c0042742d8d5224fcca151088a9b7d04697c677c35700ad775f9ee1ae34b796b23373b3e00423b045d36ecccd4c1eaec2f355610ffff6fefb6c2c10025111e6b245d3564424ccdd6aa0a2d64ff8205926329ad3a32794c60c193afe8024cab7e5f4353fab45117b67"], 0x0, 0x188, &(0x7f0000000540)="$eJzsVb9OOkEQ/pZbDn6/wlgbEwuJQiEchxo7rQwP4ANI4ETi4R+ORCEUZ8V72PAaFr6DhcYGC2NigbXmzO7OnUuvBpL9kuWb+XZnZ3bDzR4HF0EGwOdkUMceJCws4IExcAArTGn7GcWvtuIi+S9ccYH0G+JH4qDXP6n5vtf5ReMvchhj/o2IzUQZs2TAUp/prNTzw8a3u3udwpvsZfeTQV0YhwCiKIqE1lCD6WvEzdxpa5a4HMxClKwRzU846wBK3fZ5Kej1N1rtWtNreqeuW9l2Nh1nyy0dtXzPUb9MS5FSlw/BBQCip/7T5tMAnqjB/lf0QSEybVwazTMVm5axttac86uYQkqLjZnhNslLvV3+OQ6whiyAy5Bpak7uwiGPVAWDRU6Za/WpXFk5Uayf+Y0hGFgcNgJP9iiPkU4cV3cqO2Fc9pA4R1wlHhGPieM3K36LuNzhmbx8CNi4qnW7nbKQlJVobqK5i6F+YSLruz19uOUMDAwMDAwMDAzmDF8BAAD//5ETX+k=") mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x10) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) 180.981281ms ago: executing program 3 (id=284): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000640)=ANY=[@ANYBLOB="fc0000001900010027bd700000000000e0000002000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000a900000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000000000000080400002000000000000080000000000000000000100000000000044000500ac1414aa000000000000000000000000000000003c00000000000000ffffffff0000000000000000000000000200000004"], 0xfc}}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001100)=ANY=[@ANYBLOB="a00000002100010000000000f6fffffffb0200000000000000000000000000006401010200000000000000000000000000000002000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="040000000000000050001100ac1414aa000000000000000000000000ffffffff000000000000000000000000e0000002000000000000000000000000fe8000000000000000000000000000aa3c040000020000000a"], 0xa0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 144.858397ms ago: executing program 4 (id=285): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7ffc1ffb}]}) writev(0xffffffffffffffff, 0x0, 0x0) symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00') r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYRES64=r0], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r2, 0x0, 0x7}, 0x18) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0xa00, 0xb) r4 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82) ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000140)={r3, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "280991800000598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f000000155cc30cf11d0bc000", [0x4, 0x40000000000000]}}) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10) r6 = memfd_secret(0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000740)=ANY=[@ANYBLOB="61124c000000000061138c0000000000bf200000000000000703000008ff0200ad0301000000000095000000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d3001000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9751f008554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a65f78238b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c505000000b8fab4d4d897db2c544c0e0895a9044f50c50b8eac8c63d2b1cd06a39702bd547f5ebaa69520bbb15f4f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564bd98a621483fb2a5ff221e0d831f24759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91e0eb18e21dfdab3c84ec11377fbb00000000848060962bcbc47cefd1a2a7bd3b646614bf7cd3495663de5b63f6b5910daee8ebb7ba84a8b5b6f2d1fbc22a51a500f94c871d5e1d31ab5d7a89965bbdbf355a8544e1688a61f459f3618b3a5416eb143180d3d2c5f4e0b1a556422038801703e109e23944e53f230a3537a5412c7d0bf278c6c1684dd8de90aaa33f47dc2c7b5e4f73784fd31aa2f9d1b1623734f9cf84718b2bad31f651e3607f3ac6c427cb6c0652d21ecd4b29e96c0a3781ee820faab71040768f6b08a69fdfd0b2b7be25f19500c1b8330994efb57a53c1a67bda909630f75738ab40e7ab63d527d6c1e8cf611f05c1b6d0da1ba84d405b4d834162c88022a4625a5f7c431c39f3f9a7789f9b668ec4da9f1a981086dcf4c5a940691f9638ce34dba904483f2ed4e7a713b7eac29c5e122f1b6acd6f1da2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000280)={r7, r6, 0x2e, 0x4608, @void}, 0x10) close_range(r7, 0xffffffffffffffff, 0x0) 0s ago: executing program 3 (id=286): r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000040)='GPL\x00'}, 0x94) bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r1, r2, 0x11, 0x0, r1}, 0x11) kernel console output (not intermixed with test programs): no interfaces have a carrier [ 59.058748][ T5529] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.090792][ T5529] eql: remember to turn off Van-Jacobson compression on your slave devices Starting crond: OK Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.159' (ED25519) to the list of known hosts. syzkaller login: [ 80.511297][ T5851] cgroup: Unknown subsys name 'net' [ 80.661182][ T5851] cgroup: Unknown subsys name 'cpuset' [ 80.670428][ T5851] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.360623][ T5851] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.980702][ T5865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.997224][ T5872] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.005229][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 87.013555][ T5872] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 87.021944][ T5880] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.047738][ T5880] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.055409][ T5880] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.078060][ T5881] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 87.079570][ T5880] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.087895][ T5881] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 87.101257][ T5881] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.104741][ T5877] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 87.109657][ T5881] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.121844][ T5877] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.124035][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 87.130820][ T5877] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.149154][ T5872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 87.159019][ T53] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.159625][ T5872] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 87.168665][ T53] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.174553][ T5872] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.189457][ T5872] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.199489][ T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.209323][ T5870] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 87.222514][ T5870] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 88.052126][ T5862] chnl_net:caif_netlink_parms(): no params data found [ 88.131481][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 88.240424][ T5876] chnl_net:caif_netlink_parms(): no params data found [ 88.302397][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 88.324615][ T5867] chnl_net:caif_netlink_parms(): no params data found [ 88.490670][ T5862] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.498961][ T5862] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.506336][ T5862] bridge_slave_0: entered allmulticast mode [ 88.513926][ T5862] bridge_slave_0: entered promiscuous mode [ 88.553552][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.560861][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.568276][ T5861] bridge_slave_0: entered allmulticast mode [ 88.575468][ T5861] bridge_slave_0: entered promiscuous mode [ 88.584493][ T5862] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.591890][ T5862] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.599346][ T5862] bridge_slave_1: entered allmulticast mode [ 88.606763][ T5862] bridge_slave_1: entered promiscuous mode [ 88.638840][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.646279][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.653779][ T5861] bridge_slave_1: entered allmulticast mode [ 88.661391][ T5861] bridge_slave_1: entered promiscuous mode [ 88.699499][ T5876] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.706823][ T5876] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.714122][ T5876] bridge_slave_0: entered allmulticast mode [ 88.721648][ T5876] bridge_slave_0: entered promiscuous mode [ 88.780414][ T5876] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.788200][ T5876] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.795735][ T5876] bridge_slave_1: entered allmulticast mode [ 88.803573][ T5876] bridge_slave_1: entered promiscuous mode [ 88.841670][ T5862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.852034][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.859479][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.866731][ T5867] bridge_slave_0: entered allmulticast mode [ 88.874536][ T5867] bridge_slave_0: entered promiscuous mode [ 88.883064][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.890594][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.897931][ T5867] bridge_slave_1: entered allmulticast mode [ 88.905713][ T5867] bridge_slave_1: entered promiscuous mode [ 88.925488][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.932996][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.940381][ T5863] bridge_slave_0: entered allmulticast mode [ 88.947856][ T5863] bridge_slave_0: entered promiscuous mode [ 88.958777][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.971942][ T5862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.008972][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.016375][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 89.024159][ T5863] bridge_slave_1: entered allmulticast mode [ 89.032274][ T5863] bridge_slave_1: entered promiscuous mode [ 89.041922][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.079805][ T5876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.092941][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.146298][ T5876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.158972][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.187799][ T5870] Bluetooth: hci1: command tx timeout [ 89.201248][ T5862] team0: Port device team_slave_0 added [ 89.238459][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 89.250005][ T5861] team0: Port device team_slave_0 added [ 89.257654][ T5875] Bluetooth: hci2: command tx timeout [ 89.260386][ T5862] team0: Port device team_slave_1 added [ 89.263315][ T5875] Bluetooth: hci0: command tx timeout [ 89.275264][ T53] Bluetooth: hci3: command tx timeout [ 89.281833][ T5870] Bluetooth: hci4: command tx timeout [ 89.318749][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 89.330730][ T5861] team0: Port device team_slave_1 added [ 89.355032][ T5876] team0: Port device team_slave_0 added [ 89.363224][ T5867] team0: Port device team_slave_0 added [ 89.398867][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.405843][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.432855][ T5862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.448061][ T5876] team0: Port device team_slave_1 added [ 89.456029][ T5867] team0: Port device team_slave_1 added [ 89.490904][ T5862] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.498195][ T5862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.525544][ T5862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.565767][ T5863] team0: Port device team_slave_0 added [ 89.573187][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.580640][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.607735][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.621623][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.628678][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.655404][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.704573][ T5863] team0: Port device team_slave_1 added [ 89.720868][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.729796][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.757628][ T5876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.771084][ T5876] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.778345][ T5876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.805199][ T5876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.818181][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.825129][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.851342][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.912011][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.919070][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 89.945809][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.976520][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.983823][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.010289][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 90.041913][ T5862] hsr_slave_0: entered promiscuous mode [ 90.048893][ T5862] hsr_slave_1: entered promiscuous mode [ 90.075176][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 90.082559][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 90.109350][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 90.165039][ T5861] hsr_slave_0: entered promiscuous mode [ 90.171790][ T5861] hsr_slave_1: entered promiscuous mode [ 90.178595][ T5861] debugfs: 'hsr0' already exists in 'hsr' [ 90.184649][ T5861] Cannot create hsr debugfs directory [ 90.239315][ T5876] hsr_slave_0: entered promiscuous mode [ 90.246800][ T5876] hsr_slave_1: entered promiscuous mode [ 90.254303][ T5876] debugfs: 'hsr0' already exists in 'hsr' [ 90.260548][ T5876] Cannot create hsr debugfs directory [ 90.350337][ T5867] hsr_slave_0: entered promiscuous mode [ 90.358768][ T5867] hsr_slave_1: entered promiscuous mode [ 90.365884][ T5867] debugfs: 'hsr0' already exists in 'hsr' [ 90.396094][ T5867] Cannot create hsr debugfs directory [ 90.505960][ T5863] hsr_slave_0: entered promiscuous mode [ 90.513450][ T5863] hsr_slave_1: entered promiscuous mode [ 90.519945][ T5863] debugfs: 'hsr0' already exists in 'hsr' [ 90.525687][ T5863] Cannot create hsr debugfs directory [ 91.027460][ T5862] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 91.040480][ T5862] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 91.071982][ T5862] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 91.082827][ T5862] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 91.150498][ T5876] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 91.182554][ T5876] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 91.195806][ T5876] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 91.215484][ T5876] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 91.268907][ T5870] Bluetooth: hci1: command tx timeout [ 91.330728][ T5861] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 91.340007][ T5870] Bluetooth: hci4: command tx timeout [ 91.340329][ T5875] Bluetooth: hci3: command tx timeout [ 91.345470][ T5865] Bluetooth: hci2: command tx timeout [ 91.352884][ T53] Bluetooth: hci0: command tx timeout [ 91.369258][ T5861] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 91.382990][ T5861] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 91.393839][ T5861] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 91.512635][ T5862] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.550036][ T5867] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 91.563269][ T5867] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 91.575471][ T5867] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 91.589984][ T5867] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 91.686373][ T5862] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.730451][ T5863] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 91.745534][ T5863] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 91.761657][ T5863] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 91.773977][ T5863] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 91.795079][ T3162] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.802853][ T3162] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.835987][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.843202][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.861968][ T5876] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.942717][ T5876] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.985962][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.015613][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.023184][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.063384][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.070661][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.114476][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.143321][ T10] cfg80211: failed to load regulatory.db [ 92.153633][ T51] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.161138][ T51] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.193120][ T3576] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.200356][ T3576] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.256069][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.313538][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 92.361398][ T5867] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.416983][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 92.429906][ T1339] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.437272][ T1339] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.459686][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.467019][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.553808][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.561236][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 92.674711][ T3162] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.682138][ T3162] bridge0: port 2(bridge_slave_1) entered forwarding state [ 92.715250][ T5862] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.909997][ T5876] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.970779][ T5862] veth0_vlan: entered promiscuous mode [ 93.016185][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.072532][ T5862] veth1_vlan: entered promiscuous mode [ 93.221779][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.266194][ T5876] veth0_vlan: entered promiscuous mode [ 93.302400][ T5862] veth0_macvtap: entered promiscuous mode [ 93.338144][ T53] Bluetooth: hci1: command tx timeout [ 93.352459][ T5876] veth1_vlan: entered promiscuous mode [ 93.363411][ T5862] veth1_macvtap: entered promiscuous mode [ 93.374328][ T5861] veth0_vlan: entered promiscuous mode [ 93.416210][ T5861] veth1_vlan: entered promiscuous mode [ 93.421999][ T5865] Bluetooth: hci3: command tx timeout [ 93.428908][ T5870] Bluetooth: hci0: command tx timeout [ 93.432490][ T53] Bluetooth: hci4: command tx timeout [ 93.434340][ T5870] Bluetooth: hci2: command tx timeout [ 93.453395][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 93.473085][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.505521][ T5862] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.591841][ T51] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.604611][ T51] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.644872][ T51] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.655153][ T51] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.685952][ T5876] veth0_macvtap: entered promiscuous mode [ 93.698413][ T5876] veth1_macvtap: entered promiscuous mode [ 93.715204][ T5863] veth0_vlan: entered promiscuous mode [ 93.761194][ T5861] veth0_macvtap: entered promiscuous mode [ 93.775839][ T5863] veth1_vlan: entered promiscuous mode [ 93.815927][ T5861] veth1_macvtap: entered promiscuous mode [ 93.852179][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.885506][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.889504][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 93.895694][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.919475][ T5876] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.949441][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.992136][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.001541][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.020180][ T3576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.034701][ T3576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.035548][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.052131][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.065827][ T5863] veth0_macvtap: entered promiscuous mode [ 94.099459][ T3576] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.114996][ T3576] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.125479][ T5867] veth0_vlan: entered promiscuous mode [ 94.149917][ T3576] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.159209][ T3576] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.172012][ T5863] veth1_macvtap: entered promiscuous mode [ 94.176846][ T5862] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 94.232204][ T5867] veth1_vlan: entered promiscuous mode [ 94.264177][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 94.344988][ T3162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.359248][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 94.369331][ T3162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.413602][ T3162] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.468022][ T3162] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.490078][ T5867] veth0_macvtap: entered promiscuous mode [ 94.514587][ T1339] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.546281][ T1339] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.595896][ T3162] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.617400][ T3162] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 94.641010][ T5867] veth1_macvtap: entered promiscuous mode [ 94.688691][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.721063][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.898148][ T5991] loop1: detected capacity change from 0 to 512 [ 94.919038][ T5991] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 94.953528][ T5991] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 95.011688][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.030240][ T5991] EXT4-fs (loop1): 1 truncate cleaned up [ 95.048806][ T5991] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.073535][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.098652][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.115662][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.128516][ T30] audit: type=1800 audit(1758799711.751:2): pid=5991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=15 res=0 errno=0 [ 95.133496][ T3576] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.189575][ T3576] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.214111][ T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.290882][ T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.301089][ T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.333178][ T4526] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.335792][ T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.384539][ T4526] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.421547][ T5870] Bluetooth: hci1: command tx timeout [ 95.499025][ T5870] Bluetooth: hci2: command tx timeout [ 95.504590][ T5870] Bluetooth: hci4: command tx timeout [ 95.511781][ T5875] Bluetooth: hci3: command tx timeout [ 95.511945][ T53] Bluetooth: hci0: command tx timeout [ 95.551640][ T3162] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.593989][ T3162] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.702647][ T3576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.740172][ T3576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.814359][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 95.919042][ T30] audit: type=1326 audit(1758799712.541:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.015624][ T30] audit: type=1326 audit(1758799712.581:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.079898][ T5997] loop2: detected capacity change from 0 to 512 [ 96.123247][ T5997] EXT4-fs: Ignoring removed mblk_io_submit option [ 96.160081][ T30] audit: type=1326 audit(1758799712.581:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.175258][ T5997] EXT4-fs: Ignoring removed nomblk_io_submit option [ 96.203367][ T6002] netlink: 'syz.1.8': attribute type 6 has an invalid length. [ 96.306301][ T5997] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 96.306415][ T30] audit: type=1326 audit(1758799712.581:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.387277][ T5997] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 96.424016][ T30] audit: type=1326 audit(1758799712.581:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.558367][ T30] audit: type=1326 audit(1758799712.591:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.584507][ T30] audit: type=1326 audit(1758799712.591:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.589903][ T5997] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 96.615798][ T30] audit: type=1326 audit(1758799712.591:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.652399][ T30] audit: type=1326 audit(1758799712.591:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5996 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 96.721770][ T5997] EXT4-fs error (device loop2): ext4_acquire_dquot:6943: comm GPL: Failed to acquire dquot type 1 [ 96.723290][ T5997] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 96.724195][ T5997] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 96.729643][ T5997] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm GPL: mark_inode_dirty error [ 96.730350][ T5997] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 96.822710][ T6014] loop0: detected capacity change from 0 to 512 [ 96.855560][ T5997] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm GPL: mark_inode_dirty error [ 96.970512][ T5997] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 97.042499][ T6014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 97.137406][ T5997] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 97.149995][ T6014] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 97.198444][ T5997] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 97.235409][ T5997] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm GPL: mark_inode_dirty error [ 97.412083][ T6025] hub 9-0:1.0: USB hub found [ 97.419368][ T6025] hub 9-0:1.0: 1 port detected [ 98.098772][ T5997] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 98.152997][ T5997] EXT4-fs (loop2): 1 truncate cleaned up [ 98.312947][ T6024] loop3: detected capacity change from 0 to 512 [ 98.320109][ T5997] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 98.379410][ T6024] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 98.399449][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 98.440463][ T6024] EXT4-fs error (device loop3): __ext4_iget:5464: inode #2: block 256: comm syz.3.13: invalid block [ 98.461697][ T6024] EXT4-fs (loop3): Remounting filesystem read-only [ 98.468748][ T6024] EXT4-fs (loop3): get root inode failed [ 98.474576][ T6024] EXT4-fs (loop3): mount failed [ 98.512144][ T6028] loop4: detected capacity change from 0 to 1024 [ 98.599154][ T6028] ======================================================= [ 98.599154][ T6028] WARNING: The mand mount option has been deprecated and [ 98.599154][ T6028] and is ignored by this kernel. Remove the mand [ 98.599154][ T6028] option from the mount to silence this warning. [ 98.599154][ T6028] ======================================================= [ 98.769757][ T6028] EXT4-fs: Ignoring removed nobh option [ 98.820049][ T5997] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 98.822003][ T6028] EXT4-fs: inline encryption not supported [ 98.950452][ T6028] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.213452][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.531658][ T6046] loop1: detected capacity change from 0 to 512 [ 99.560294][ T6046] EXT4-fs: Ignoring removed bh option [ 99.589394][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 99.704384][ T6046] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 99.797239][ T6046] ext4 filesystem being mounted at /4/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 100.259438][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.597019][ T6072] loop0: detected capacity change from 0 to 512 [ 100.634593][ T6072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 100.649889][ T6073] loop3: detected capacity change from 0 to 512 [ 100.677299][ T6073] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 100.716231][ T6072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.749689][ T6072] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 100.757465][ T6073] EXT4-fs (loop3): 1 truncate cleaned up [ 100.790186][ T6072] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #15: comm +}[@: corrupted xattr block 19: overlapping e_value [ 100.805592][ T6073] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 100.927837][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 100.948089][ T6070] loop4: detected capacity change from 0 to 8192 [ 101.036499][ T6073] syz.3.29 (6073) used obsolete PPPIOCDETACH ioctl [ 101.518509][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 102.269950][ T6114] loop0: detected capacity change from 0 to 128 [ 102.439755][ T6117] syz.0.45: attempt to access beyond end of device [ 102.439755][ T6117] loop0: rw=2049, sector=145, nr_sectors = 8 limit=128 [ 102.501564][ T6117] syz.0.45: attempt to access beyond end of device [ 102.501564][ T6117] loop0: rw=2049, sector=161, nr_sectors = 8 limit=128 [ 102.546258][ T6117] syz.0.45: attempt to access beyond end of device [ 102.546258][ T6117] loop0: rw=2049, sector=177, nr_sectors = 8 limit=128 [ 102.580343][ T6117] syz.0.45: attempt to access beyond end of device [ 102.580343][ T6117] loop0: rw=2049, sector=193, nr_sectors = 8 limit=128 [ 102.628435][ T6117] syz.0.45: attempt to access beyond end of device [ 102.628435][ T6117] loop0: rw=2049, sector=209, nr_sectors = 8 limit=128 [ 102.664628][ T6117] syz.0.45: attempt to access beyond end of device [ 102.664628][ T6117] loop0: rw=2049, sector=225, nr_sectors = 8 limit=128 [ 102.752392][ T6117] syz.0.45: attempt to access beyond end of device [ 102.752392][ T6117] loop0: rw=2049, sector=241, nr_sectors = 8 limit=128 [ 102.931941][ T3576] kworker/u8:7: attempt to access beyond end of device [ 102.931941][ T3576] loop0: rw=1, sector=145, nr_sectors = 8 limit=128 [ 102.968072][ T3576] kworker/u8:7: attempt to access beyond end of device [ 102.968072][ T3576] loop0: rw=1, sector=161, nr_sectors = 8 limit=128 [ 103.663646][ T6133] syz.2.52 (6133) used greatest stack depth: 17832 bytes left [ 103.976135][ T6145] loop4: detected capacity change from 0 to 512 [ 104.012790][ T6145] journal_path: Lookup failure for './file0/../file0' [ 104.069445][ T6149] loop3: detected capacity change from 0 to 512 [ 104.075935][ T6145] EXT4-fs: error: could not find journal device path [ 104.096773][ T30] kauditd_printk_skb: 46 callbacks suppressed [ 104.096791][ T30] audit: type=1326 audit(1758799720.721:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.160108][ T6149] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 104.190481][ T6151] loop0: detected capacity change from 0 to 512 [ 104.213537][ T6151] EXT4-fs: Ignoring removed mblk_io_submit option [ 104.227040][ T6149] EXT4-fs (loop3): invalid journal inode [ 104.233056][ T30] audit: type=1326 audit(1758799720.771:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.266188][ T6149] EXT4-fs (loop3): can't get journal size [ 104.272957][ T6151] EXT4-fs: Ignoring removed nomblk_io_submit option [ 104.296743][ T6151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 104.307280][ T30] audit: type=1326 audit(1758799720.771:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.307334][ T30] audit: type=1326 audit(1758799720.771:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.307376][ T30] audit: type=1326 audit(1758799720.771:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.377683][ T30] audit: type=1326 audit(1758799720.771:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.0.61" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.378237][ T6149] EXT4-fs (loop3): 1 truncate cleaned up [ 104.400585][ T30] audit: type=1326 audit(1758799720.771:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.430240][ T6151] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 104.517858][ T30] audit: type=1326 audit(1758799720.771:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.556477][ T6151] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 104.607750][ T6149] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 104.660074][ T6151] Quota error (device loop0): write_blk: dquota write failed [ 104.720690][ T30] audit: type=1326 audit(1758799720.771:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2a4d8eec9 code=0x7ffc0000 [ 104.770804][ T6163] netlink: 'wg1': attribute type 10 has an invalid length. [ 104.777302][ T6151] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 104.822597][ T6164] netlink: 'syz.4.64': attribute type 10 has an invalid length. [ 104.840071][ T6151] EXT4-fs error (device loop0): ext4_acquire_dquot:6943: comm GPL: Failed to acquire dquot type 1 [ 104.894110][ T6151] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 104.956952][ T6163] team0: Port device dummy0 added [ 104.967286][ T6151] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 105.006350][ T6151] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #12: comm GPL: mark_inode_dirty error [ 105.038788][ T6151] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 105.039043][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.088056][ T6151] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #12: comm GPL: mark_inode_dirty error [ 105.149239][ T6151] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 105.162563][ T6164] team0: Port device dummy0 removed [ 105.214946][ T6151] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem [ 105.218119][ T6164] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 105.253873][ T6151] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 105.361061][ T6177] loop1: detected capacity change from 0 to 128 [ 105.370566][ T6151] EXT4-fs error (device loop0): ext4_truncate:4666: inode #12: comm GPL: mark_inode_dirty error [ 105.411222][ T6151] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem [ 105.449039][ T6151] EXT4-fs (loop0): 1 truncate cleaned up [ 105.468259][ T6151] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.489437][ T6177] syz.1.71: attempt to access beyond end of device [ 105.489437][ T6177] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 105.547930][ T6151] ext4: Unknown parameter '' [ 105.561357][ T6182] Buffer I/O error on dev loop1, logical block 72, lost async page write [ 105.731786][ T6189] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 105.758849][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.994672][ T6192] loop3: detected capacity change from 0 to 512 [ 106.122430][ T6193] loop2: detected capacity change from 0 to 512 [ 106.266801][ T6193] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 106.280789][ T6193] ext4 filesystem being mounted at /17/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 107.038507][ T6192] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 107.082565][ T6192] EXT4-fs (loop3): invalid journal inode [ 107.114574][ T6192] EXT4-fs (loop3): can't get journal size [ 107.165685][ T6192] EXT4-fs (loop3): 1 truncate cleaned up [ 107.237295][ T6192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 107.607852][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 107.852893][ T6204] syzkaller0: entered promiscuous mode [ 107.865531][ T6204] syzkaller0: entered allmulticast mode [ 108.493360][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 109.004574][ T6226] loop2: detected capacity change from 0 to 512 [ 109.021745][ T6226] EXT4-fs: Ignoring removed mblk_io_submit option [ 109.039101][ T6226] EXT4-fs: Ignoring removed nomblk_io_submit option [ 109.069557][ T6226] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 109.104656][ T6226] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 109.164580][ T6226] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 109.190637][ T6226] __quota_error: 75 callbacks suppressed [ 109.190656][ T6226] Quota error (device loop2): write_blk: dquota write failed [ 109.224994][ T6226] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 109.256534][ T6226] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 109.345996][ T6226] Quota error (device loop2): write_blk: dquota write failed [ 109.379456][ T6226] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 109.395530][ T6226] EXT4-fs error (device loop2): ext4_acquire_dquot:6943: comm GPL: Failed to acquire dquot type 1 [ 109.433742][ T6226] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 109.497167][ T6226] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 109.555368][ T6226] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #12: comm GPL: mark_inode_dirty error [ 109.592585][ T6226] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 109.623286][ T6226] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #12: comm GPL: mark_inode_dirty error [ 109.644682][ T6226] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 109.668023][ T6226] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 109.681937][ T6226] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 109.709438][ T6226] EXT4-fs error (device loop2): ext4_truncate:4666: inode #12: comm GPL: mark_inode_dirty error [ 109.722033][ T6226] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 109.747268][ T6226] EXT4-fs (loop2): 1 truncate cleaned up [ 109.756655][ T6226] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 109.790762][ T30] audit: type=1326 audit(1758799726.421:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda81b8d710 code=0x7ffc0000 [ 109.852446][ T6226] ext4: Unknown parameter '' [ 109.878751][ T30] audit: type=1326 audit(1758799726.461:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fda81b8dc17 code=0x7ffc0000 [ 109.935464][ T30] audit: type=1326 audit(1758799726.461:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda81b8d710 code=0x7ffc0000 [ 109.962311][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.034281][ T30] audit: type=1326 audit(1758799726.461:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 110.117154][ T30] audit: type=1326 audit(1758799726.481:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x7ffc0000 [ 110.210451][ T30] audit: type=1326 audit(1758799726.481:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6225 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fda81b8d617 code=0x7ffc0000 [ 110.523958][ T6252] loop2: detected capacity change from 0 to 512 [ 110.631563][ T6252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 110.714068][ T6252] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 110.831376][ T6252] EXT4-fs error (device loop2): ext4_xattr_block_find:1869: inode #15: comm syz.2.100: corrupted xattr block 19: overlapping e_value [ 110.894291][ T6252] EXT4-fs (loop2): Remounting filesystem read-only [ 110.909836][ T6262] loop0: detected capacity change from 0 to 1024 [ 110.983212][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.011135][ T6262] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.077451][ T6262] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 111.382597][ T6273] loop2: detected capacity change from 0 to 512 [ 111.434036][ T6273] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 111.475405][ T6273] EXT4-fs (loop2): invalid journal inode [ 111.478046][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.495117][ T6273] EXT4-fs (loop2): can't get journal size [ 111.520205][ T6273] EXT4-fs (loop2): 1 truncate cleaned up [ 111.541401][ T6273] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 111.766412][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 111.782443][ T6285] loop1: detected capacity change from 0 to 256 [ 111.912034][ T6287] loop3: detected capacity change from 0 to 512 [ 111.964290][ T6287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.055155][ T6287] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 112.185740][ T6295] loop1: detected capacity change from 0 to 512 [ 112.204619][ T6295] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 112.216800][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.255014][ T6295] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 112.279939][ T6295] EXT4-fs (loop1): 1 truncate cleaned up [ 112.290082][ T6295] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 112.426176][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 112.895045][ T6309] loop1: detected capacity change from 0 to 512 [ 112.905083][ T6309] EXT4-fs: Ignoring removed mblk_io_submit option [ 112.915317][ T6309] EXT4-fs: Ignoring removed nomblk_io_submit option [ 112.956458][ T6309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 112.977313][ T6309] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended [ 113.044944][ T6309] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4183: comm syz.1.121: Allocating blocks 41-42 which overlap fs metadata [ 113.084362][ T6309] EXT4-fs error (device loop1): ext4_acquire_dquot:6943: comm syz.1.121: Failed to acquire dquot type 1 [ 113.110617][ T6309] EXT4-fs error (device loop1): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 113.127431][ T6309] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.121: corrupted inode contents [ 113.170354][ T6309] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #12: comm syz.1.121: mark_inode_dirty error [ 113.198747][ T6309] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.121: corrupted inode contents [ 113.211580][ T6309] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.121: mark_inode_dirty error [ 113.226249][ T6309] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.121: corrupted inode contents [ 113.243887][ T6309] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 113.276134][ T6309] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #12: comm syz.1.121: corrupted inode contents [ 113.289695][ T6309] EXT4-fs error (device loop1): ext4_truncate:4666: inode #12: comm syz.1.121: mark_inode_dirty error [ 113.306612][ T6309] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 113.322445][ T6309] EXT4-fs (loop1): 1 truncate cleaned up [ 113.346120][ T6309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.410635][ T6309] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 113.486965][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 113.586557][ T6324] loop1: detected capacity change from 0 to 512 [ 113.611149][ T6324] EXT4-fs: Ignoring removed nomblk_io_submit option [ 113.622568][ T6324] ext4: Unknown parameter 'smackfsroot' [ 113.757361][ T6325] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6) [ 113.764278][ T6325] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 113.788543][ T6325] vhci_hcd vhci_hcd.0: Device attached [ 113.815527][ T6326] vhci_hcd: connection closed [ 113.821733][ T4526] vhci_hcd: stop threads [ 113.842476][ T4526] vhci_hcd: release socket [ 113.849346][ T4526] vhci_hcd: disconnect device [ 113.928983][ T6330] loop1: detected capacity change from 0 to 512 [ 113.984475][ T6330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 113.998287][ T6330] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 114.047583][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.400090][ T6299] syzkaller1: entered promiscuous mode [ 114.414890][ T6299] syzkaller1: entered allmulticast mode [ 115.006236][ T6356] loop3: detected capacity change from 0 to 512 [ 115.070192][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 115.070210][ T30] audit: type=1326 audit(1758799731.701:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.4.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.100975][ T30] audit: type=1326 audit(1758799731.711:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.4.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.123658][ T30] audit: type=1326 audit(1758799731.711:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.4.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.149761][ T30] audit: type=1326 audit(1758799731.711:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="syz.4.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.185174][ T6362] loop4: detected capacity change from 0 to 512 [ 115.209236][ T30] audit: type=1326 audit(1758799731.711:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.245969][ T6337] loop0: detected capacity change from 0 to 512 [ 115.257343][ T6362] EXT4-fs: Mount option(s) incompatible with ext2 [ 115.259648][ T30] audit: type=1326 audit(1758799731.711:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.315271][ T6337] EXT4-fs (loop0): failed to initialize system zone (-117) [ 115.322950][ T6337] EXT4-fs (loop0): mount failed [ 115.354657][ T30] audit: type=1326 audit(1758799731.711:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.397773][ T30] audit: type=1326 audit(1758799731.731:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.499207][ T30] audit: type=1326 audit(1758799731.731:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 115.562358][ T30] audit: type=1326 audit(1758799731.731:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6361 comm="GPL" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 116.073601][ T6384] loop1: detected capacity change from 0 to 128 [ 116.292422][ T6388] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.438853][ T6388] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.468038][ T6398] loop3: detected capacity change from 0 to 512 [ 116.482565][ T6398] EXT4-fs: Mount option(s) incompatible with ext2 [ 116.584526][ T6388] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.626168][ T6401] syz.2.156 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 116.733689][ T6388] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 116.906813][ T3576] bio_check_eod: 1 callbacks suppressed [ 116.906833][ T3576] kworker/u8:7: attempt to access beyond end of device [ 116.906833][ T3576] loop1: rw=1, sector=145, nr_sectors = 8 limit=128 [ 116.949111][ T3576] kworker/u8:7: attempt to access beyond end of device [ 116.949111][ T3576] loop1: rw=1, sector=161, nr_sectors = 8 limit=128 [ 116.973538][ T51] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 116.986265][ T3576] kworker/u8:7: attempt to access beyond end of device [ 116.986265][ T3576] loop1: rw=1, sector=177, nr_sectors = 8 limit=128 [ 117.009833][ T3576] kworker/u8:7: attempt to access beyond end of device [ 117.009833][ T3576] loop1: rw=1, sector=193, nr_sectors = 8 limit=128 [ 117.055023][ T51] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.062196][ T3576] kworker/u8:7: attempt to access beyond end of device [ 117.062196][ T3576] loop1: rw=1, sector=209, nr_sectors = 8 limit=128 [ 117.123276][ T3162] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.130327][ T3576] kworker/u8:7: attempt to access beyond end of device [ 117.130327][ T3576] loop1: rw=1, sector=225, nr_sectors = 8 limit=128 [ 117.178203][ T3576] kworker/u8:7: attempt to access beyond end of device [ 117.178203][ T3576] loop1: rw=1, sector=241, nr_sectors = 8 limit=128 [ 117.197188][ T3162] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 117.217612][ T6414] loop4: detected capacity change from 0 to 512 [ 117.257726][ T6414] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 117.291165][ T6414] EXT4-fs error (device loop4): __ext4_iget:5464: inode #2: block 256: comm syz.4.163: invalid block [ 117.348996][ T6422] loop2: detected capacity change from 0 to 512 [ 117.363272][ T6414] EXT4-fs (loop4): Remounting filesystem read-only [ 117.370913][ T6414] EXT4-fs (loop4): get root inode failed [ 117.376690][ T6414] EXT4-fs (loop4): mount failed [ 117.398776][ T6422] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 117.451831][ T6422] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 117.923053][ T6443] loop3: detected capacity change from 0 to 512 [ 117.964372][ T6443] EXT4-fs error (device loop3): ext4_xattr_inode_iget:442: comm syz.3.174: error while reading EA inode 32 err=-116 [ 117.997761][ T6443] EXT4-fs (loop3): 1 orphan inode deleted [ 118.017577][ T6443] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.078679][ T6443] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.096927][ T6446] loop4: detected capacity change from 0 to 1024 [ 118.145919][ T6446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 118.309113][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.415384][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 118.501399][ T6452] loop2: detected capacity change from 0 to 128 [ 118.598353][ T6454] loop3: detected capacity change from 0 to 512 [ 118.611088][ T6452] syz.2.177: attempt to access beyond end of device [ 118.611088][ T6452] loop2: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 118.645478][ T6454] EXT4-fs: Ignoring removed mblk_io_submit option [ 118.669571][ T6454] EXT4-fs: Ignoring removed nomblk_io_submit option [ 118.708551][ T6457] syz.2.177: attempt to access beyond end of device [ 118.708551][ T6457] loop2: rw=2049, sector=144, nr_sectors = 2 limit=128 [ 118.722956][ T6454] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 118.743954][ T6454] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 118.764847][ T6457] Buffer I/O error on dev loop2, logical block 72, lost async page write [ 118.805368][ T6454] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm GPL: Allocating blocks 41-42 which overlap fs metadata [ 118.850255][ T6454] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm GPL: Failed to acquire dquot type 1 [ 118.876374][ T6454] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 118.919573][ T6454] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 118.947438][ T6454] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #12: comm GPL: mark_inode_dirty error [ 118.970635][ T6454] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 118.993790][ T6454] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #12: comm GPL: mark_inode_dirty error [ 119.077659][ T6454] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 119.111845][ T6454] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 119.132334][ T6454] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #12: comm GPL: corrupted inode contents [ 119.161207][ T6454] EXT4-fs error (device loop3): ext4_truncate:4666: inode #12: comm GPL: mark_inode_dirty error [ 119.205558][ T6454] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 119.213054][ T6454] EXT4-fs (loop3): 1 truncate cleaned up [ 119.220084][ T6454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.374438][ T6454] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 119.426653][ T6473] loop4: detected capacity change from 0 to 512 [ 119.459329][ T6473] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 119.555637][ T6473] EXT4-fs (loop4): 1 truncate cleaned up [ 119.619301][ T6473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 119.707299][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.389403][ T6492] loop1: detected capacity change from 0 to 128 [ 120.514848][ T6492] syz.1.194: attempt to access beyond end of device [ 120.514848][ T6492] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 120.699603][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 120.711226][ T30] kauditd_printk_skb: 126 callbacks suppressed [ 120.711244][ T30] audit: type=1326 audit(1758799737.341:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 120.768824][ T30] audit: type=1326 audit(1758799737.381:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 120.845882][ T30] audit: type=1326 audit(1758799737.381:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 120.856532][ T6500] loop2: detected capacity change from 0 to 128 [ 120.921633][ T30] audit: type=1326 audit(1758799737.381:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.084952][ T30] audit: type=1326 audit(1758799737.391:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.155938][ T6505] loop3: detected capacity change from 0 to 1024 [ 121.197185][ T30] audit: type=1326 audit(1758799737.391:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.250307][ T6505] EXT4-fs: Ignoring removed nobh option [ 121.287474][ T6505] EXT4-fs: inline encryption not supported [ 121.295854][ T30] audit: type=1326 audit(1758799737.391:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.366226][ T6505] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.397628][ T30] audit: type=1326 audit(1758799737.401:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.487857][ T6519] loop4: detected capacity change from 0 to 512 [ 121.489929][ T6505] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4183: comm syz.3.201: Allocating blocks 385-513 which overlap fs metadata [ 121.513467][ T30] audit: type=1326 audit(1758799737.441:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.514303][ T6519] EXT4-fs: Ignoring removed mblk_io_submit option [ 121.617176][ T30] audit: type=1326 audit(1758799737.451:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6496 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x7ffc0000 [ 121.617698][ T6519] EXT4-fs: Ignoring removed nomblk_io_submit option [ 121.651328][ T6519] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 121.723231][ T6504] EXT4-fs (loop3): pa ffff88806bf8dd98: logic 16, phys. 129, len 24 [ 121.732761][ T6504] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 121.777223][ T6519] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 121.854011][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.934898][ T6519] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.205: Allocating blocks 41-42 which overlap fs metadata [ 121.960331][ T6519] EXT4-fs error (device loop4): ext4_acquire_dquot:6943: comm syz.4.205: Failed to acquire dquot type 1 [ 122.257615][ T6527] loop2: detected capacity change from 0 to 1024 [ 122.562654][ T6518] Zero length message leads to an empty skb [ 122.949077][ T6519] EXT4-fs error (device loop4): mb_free_blocks:2017: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 122.991849][ T6527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 123.610299][ T6519] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.205: corrupted inode contents [ 123.704487][ T6519] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #12: comm syz.4.205: mark_inode_dirty error [ 123.778573][ T6519] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.205: corrupted inode contents [ 123.841492][ T6536] loop1: detected capacity change from 0 to 512 [ 123.867851][ T6519] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.205: mark_inode_dirty error [ 123.904151][ T6536] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 123.925686][ T6519] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.205: corrupted inode contents [ 124.057426][ T6519] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 124.068242][ T6536] EXT4-fs (loop1): 1 truncate cleaned up [ 124.075872][ T6536] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.144920][ T6519] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #12: comm syz.4.205: corrupted inode contents [ 124.192352][ T6519] EXT4-fs error (device loop4): ext4_truncate:4666: inode #12: comm syz.4.205: mark_inode_dirty error [ 124.317494][ T6519] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 124.556047][ T6519] EXT4-fs (loop4): 1 truncate cleaned up [ 124.556928][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.572895][ T6519] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.961809][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.053068][ T6541] loop3: detected capacity change from 0 to 128 [ 125.180820][ T6541] bio_check_eod: 1 callbacks suppressed [ 125.180840][ T6541] syz.3.210: attempt to access beyond end of device [ 125.180840][ T6541] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 125.305814][ T5861] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 125.676171][ T6549] loop2: detected capacity change from 0 to 512 [ 125.727026][ T6549] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 125.777595][ T6549] EXT4-fs (loop2): invalid journal inode [ 125.783367][ T6549] EXT4-fs (loop2): can't get journal size [ 125.853858][ T6549] EXT4-fs (loop2): 1 truncate cleaned up [ 125.899294][ T6549] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 126.116461][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.204231][ T6557] syzkaller0: entered promiscuous mode [ 126.257175][ T6557] syzkaller0: entered allmulticast mode [ 126.656556][ T6561] loop2: detected capacity change from 0 to 1024 [ 126.685298][ T6561] EXT4-fs: Ignoring removed nobh option [ 126.707158][ T6561] EXT4-fs: inline encryption not supported [ 126.755010][ T6561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.874188][ T6565] loop0: detected capacity change from 0 to 1024 [ 126.938756][ T6561] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.217: Allocating blocks 385-513 which overlap fs metadata [ 126.939094][ T6565] EXT4-fs: Ignoring removed orlov option [ 126.978171][ T6565] EXT4-fs: Ignoring removed nomblk_io_submit option [ 127.015592][ T6565] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.175672][ T6560] EXT4-fs (loop2): pa ffff88806bf72e80: logic 16, phys. 129, len 24 [ 127.184108][ T6560] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 127.272245][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.355119][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.838927][ T6578] syz.4.223 uses obsolete (PF_INET,SOCK_PACKET) [ 128.141235][ T6583] loop0: detected capacity change from 0 to 128 [ 128.261526][ T6583] syz.0.224: attempt to access beyond end of device [ 128.261526][ T6583] loop0: rw=2049, sector=138, nr_sectors = 112 limit=128 [ 129.163398][ T6595] loop2: detected capacity change from 0 to 1024 [ 129.188294][ T6595] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869) [ 129.254837][ T6595] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002] [ 129.276083][ T6595] EXT4-fs (loop2): failed to initialize system zone (-117) [ 129.291255][ T6595] EXT4-fs (loop2): mount failed [ 129.549102][ T6599] loop0: detected capacity change from 0 to 1024 [ 129.563453][ T6599] EXT4-fs: Ignoring removed nobh option [ 129.589146][ T6599] EXT4-fs: inline encryption not supported [ 129.660974][ T6599] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.740331][ T6599] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4183: comm syz.0.230: Allocating blocks 385-513 which overlap fs metadata [ 129.815463][ T6598] EXT4-fs (loop0): pa ffff88806bf2bbc8: logic 16, phys. 129, len 24 [ 129.824789][ T6598] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8 [ 129.929278][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.955107][ T6620] loop0: detected capacity change from 0 to 512 [ 130.979216][ T6622] loop2: detected capacity change from 0 to 512 [ 130.997583][ T6622] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 131.028514][ T6622] EXT4-fs (loop2): invalid journal inode [ 131.034531][ T6622] EXT4-fs (loop2): can't get journal size [ 131.079589][ T6620] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 131.110144][ T6622] EXT4-fs (loop2): 1 truncate cleaned up [ 131.139104][ T6622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 131.158570][ T6620] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2 [ 131.308839][ T5863] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 131.309487][ T6620] EXT4-fs (loop0): 1 truncate cleaned up [ 131.410302][ T6620] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 131.526302][ T6616] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 132.908504][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.103920][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.111019][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.195390][ T6640] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 133.321641][ T6643] loop4: detected capacity change from 0 to 512 [ 133.323321][ T6644] pim6reg: entered allmulticast mode [ 133.357829][ T6646] pim6reg: left allmulticast mode [ 133.378678][ T6643] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 133.417513][ T6643] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 133.466796][ T6643] EXT4-fs (loop4): 1 truncate cleaned up [ 133.514681][ T6643] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.733815][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.160949][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 134.160968][ T30] audit: type=1326 audit(1758799750.791:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6657 comm="syz.4.253" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc19b8eec9 code=0x0 [ 134.216238][ T6661] loop4: detected capacity change from 0 to 128 [ 134.233589][ T6551] Set syz1 is full, maxelem 65536 reached [ 134.552040][ T6652] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 134.574530][ T6652] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 134.829373][ T6666] syzkaller0: entered promiscuous mode [ 134.849230][ T6666] syzkaller0: entered allmulticast mode [ 135.026682][ T36] kworker/u8:2: attempt to access beyond end of device [ 135.026682][ T36] loop4: rw=1, sector=153, nr_sectors = 8 limit=128 [ 135.069115][ T36] kworker/u8:2: attempt to access beyond end of device [ 135.069115][ T36] loop4: rw=1, sector=169, nr_sectors = 8 limit=128 [ 135.127881][ T36] kworker/u8:2: attempt to access beyond end of device [ 135.127881][ T36] loop4: rw=1, sector=185, nr_sectors = 8 limit=128 [ 135.197360][ T36] kworker/u8:2: attempt to access beyond end of device [ 135.197360][ T36] loop4: rw=1, sector=201, nr_sectors = 8 limit=128 [ 136.198220][ T36] kworker/u8:2: attempt to access beyond end of device [ 136.198220][ T36] loop4: rw=1, sector=217, nr_sectors = 8 limit=128 [ 136.227243][ T36] kworker/u8:2: attempt to access beyond end of device [ 136.227243][ T36] loop4: rw=1, sector=233, nr_sectors = 8 limit=128 [ 136.256626][ T36] kworker/u8:2: attempt to access beyond end of device [ 136.256626][ T36] loop4: rw=1, sector=249, nr_sectors = 8 limit=128 [ 136.277415][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 136.347263][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 136.397492][ T36] kworker/u8:2: attempt to access beyond end of device [ 136.397492][ T36] loop4: rw=1, sector=265, nr_sectors = 8 limit=128 [ 136.441850][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 136.461093][ T6690] netlink: 120 bytes leftover after parsing attributes in process `syz.0.265'. [ 136.894755][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 136.949889][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 137.007242][ T6688] netlink: 28 bytes leftover after parsing attributes in process `syz.3.264'. [ 137.527404][ T6702] netlink: 12 bytes leftover after parsing attributes in process `syz.4.268'. [ 137.539867][ T30] audit: type=1326 audit(1758799754.161:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6699 comm="syz.3.267" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e5918eec9 code=0x0 [ 138.669421][ T50] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 138.864508][ T50] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 138.881471][ T50] usb 4-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33 [ 138.891293][ T50] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 138.925282][ T50] usb 4-1: config 0 descriptor?? [ 139.090006][ T6690] netlink: 120 bytes leftover after parsing attributes in process `syz.0.265'. [ 139.121079][ T6709] netlink: 8 bytes leftover after parsing attributes in process `syz.4.271'. [ 139.196966][ T6711] loop3: detected capacity change from 0 to 1024 [ 139.265449][ T6711] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 139.439927][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 139.450637][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 139.638148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 139.652501][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 139.662386][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 139.674889][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 139.755324][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 139.764720][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 139.857771][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 139.866228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 140.281845][ T6721] slcan: can't register candev [ 140.315922][ T6722] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt. [ 140.350744][ T6721] Falling back ldisc for ptm0. [ 142.198703][ T6735] loop0: detected capacity change from 0 to 128 [ 142.247678][ T6735] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 142.340594][ T6735] System zones: 1-3, 19-19, 35-36 [ 142.502008][ T6735] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 142.537708][ T6738] netlink: 'syz.2.280': attribute type 1 has an invalid length. [ 142.596657][ T6735] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 142.711527][ T6740] loop4: detected capacity change from 0 to 512 [ 142.756902][ T6740] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 142.783976][ T6740] EXT4-fs (loop4): 1 truncate cleaned up [ 142.800820][ T6740] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.904333][ T5876] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 142.960063][ T50] usb 4-1: USB disconnect, device number 2 [ 142.966004][ T30] audit: type=1326 audit(1758799759.591:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6742 comm="syz.2.282" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda81b8eec9 code=0x0 [ 143.005378][ T30] audit: type=1800 audit(1758799759.621:371): pid=6740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.281" name="file2" dev="loop4" ino=16 res=0 errno=0 [ 143.049476][ T5862] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.089028][ T5867] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.116927][ T6746] loop0: detected capacity change from 0 to 8 [ 143.191327][ T30] audit: type=1326 audit(1758799759.821:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.4.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 143.197414][ T6749] loop9: detected capacity change from 0 to 7 [ 143.241552][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.250776][ T30] audit: type=1326 audit(1758799759.821:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6747 comm="syz.4.285" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7fdc19b8eec9 code=0x7ffc0000 [ 143.268517][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.301366][ T6746] ------------[ cut here ]------------ [ 143.307428][ T6746] WARNING: fs/overlayfs/copy_up.c:276 at ovl_copy_up_file+0x63b/0x690, CPU#1: syz.0.283/6746 [ 143.313091][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.317879][ T6746] Modules linked in: [ 143.317930][ T6746] CPU: 1 UID: 0 PID: 6746 Comm: syz.0.283 Not tainted syzkaller #0 PREEMPT(full) [ 143.340335][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 143.351698][ T6746] RIP: 0010:ovl_copy_up_file+0x63b/0x690 [ 143.356482][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.357717][ T6746] Code: e9 2d ff ff ff e8 75 e8 89 fe 49 bc 00 00 00 00 00 fc ff df e9 14 ff ff ff e8 61 e8 89 fe 90 0f 0b 90 eb 09 e8 56 e8 89 fe 90 <0f> 0b 90 41 bd fb ff ff ff 48 8b 5c 24 10 e9 92 fb ff ff e8 4d d2 [ 143.357739][ T6746] RSP: 0018:ffffc900035e7020 EFLAGS: 00010287 [ 143.388328][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.392128][ T6746] RAX: ffffffff83366e7a RBX: ffffc900035e70a0 RCX: 0000000000080000 [ 143.407830][ T6746] RDX: ffffc9000b769000 RSI: 00000000000041d0 RDI: 00000000000041d1 [ 143.415925][ T6746] RBP: ffffc900035e7150 R08: ffffc900035e70af R09: 0000000000000000 [ 143.416681][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.424239][ T6746] R10: ffffc900035e70a0 R11: fffff520006bce16 R12: dffffc0000000000 [ 143.424259][ T6746] R13: fc0000000000000a R14: ffff88802947aa80 R15: ffff88805bb9aa48 [ 143.424274][ T6746] FS: 00007fc2a5d076c0(0000) GS:ffff888125b03000(0000) knlGS:0000000000000000 [ 143.424293][ T6746] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.424308][ T6746] CR2: 000055557a25a808 CR3: 000000002eac0000 CR4: 00000000003526f0 [ 143.424329][ T6746] Call Trace: [ 143.424338][ T6746] [ 143.424359][ T6746] ? __pfx_ovl_copy_up_file+0x10/0x10 [ 143.447264][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.449761][ T6746] ? rcu_read_lock_any_held+0xb3/0x120 [ 143.498723][ T6746] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 143.504671][ T6746] ? ovl_copy_up_flags+0x1505/0x3170 [ 143.510085][ T6746] ovl_copy_up_flags+0x166a/0x3170 [ 143.515331][ T6746] ? is_bpf_text_address+0x292/0x2b0 [ 143.520730][ T6746] ? __pfx_ovl_copy_up_flags+0x10/0x10 [ 143.526229][ T6746] ? stack_trace_save+0x9c/0xe0 [ 143.531382][ T6746] ? __pfx_stack_trace_save+0x10/0x10 [ 143.536887][ T6746] ? stack_depot_save_flags+0x40/0x860 [ 143.542543][ T6746] ? kasan_save_track+0x4f/0x80 [ 143.548854][ T6746] ? kasan_save_track+0x3e/0x80 [ 143.554101][ T6746] ? __kasan_save_free_info+0x46/0x50 [ 143.557395][ T6749] ldm_validate_partition_table(): Disk read failed. [ 143.560607][ T6746] ? __kasan_slab_free+0x5c/0x80 [ 143.571258][ T6746] ? kfree+0x19a/0x6d0 [ 143.575165][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.575361][ T6746] ? tomoyo_check_open_permission+0x2c2/0x3b0 [ 143.589538][ T6746] ? security_file_open+0xb1/0x270 [ 143.594777][ T6746] ? do_dentry_open+0x384/0x13f0 [ 143.599787][ T6746] ? vfs_open+0x3b/0x340 [ 143.604064][ T6746] ? path_openat+0x2ee5/0x3830 [ 143.608913][ T6746] ? do_filp_open+0x1fa/0x410 [ 143.610172][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.613703][ T6746] ? do_sys_openat2+0x121/0x1c0 [ 143.613735][ T6746] ? __x64_sys_openat+0x138/0x170 [ 143.613762][ T6746] ? do_syscall_64+0xfa/0xfa0 [ 143.635256][ T6749] Buffer I/O error on dev loop9, logical block 0, async page read [ 143.636325][ T6746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.636436][ T6746] ? ovl_already_copied_up+0x181/0x310 [ 143.656276][ T6749] Dev loop9: unable to read RDB block 0 [ 143.658265][ T6746] ovl_open+0x138/0x2f0 [ 143.665639][ T6749] loop9: unable to read partition table [ 143.667239][ T6746] ? __pfx_apparmor_file_open+0x10/0x10 [ 143.667277][ T6746] ? __pfx_ovl_open+0x10/0x10 [ 143.675484][ T6749] loop9: partition table beyond EOD, [ 143.678517][ T6746] ? mnt_get_write_access+0x66/0x280 [ 143.678555][ T6746] ? tomoyo_file_open+0x165/0x220 [ 143.690304][ T6749] truncated [ 143.694074][ T6746] ? fsnotify_open_perm_and_set_mode+0x11a/0x610 [ 143.694115][ T6746] ? __pfx_ovl_open+0x10/0x10 [ 143.694136][ T6746] do_dentry_open+0x953/0x13f0 [ 143.718323][ T6746] vfs_open+0x3b/0x340 [ 143.722513][ T6746] ? path_openat+0x2ecd/0x3830 [ 143.727352][ T6746] path_openat+0x2ee5/0x3830 [ 143.732011][ T6746] ? __pfx_path_openat+0x10/0x10 [ 143.737132][ T6746] do_filp_open+0x1fa/0x410 [ 143.741664][ T6746] ? __lock_acquire+0xab9/0xd20 [ 143.743841][ T6749] loop_reread_partitions: partition scan of loop9 (被xڬdGݡ [ 143.743841][ T6749] ) failed (rc=-5) [ 143.746544][ T6746] ? __pfx_do_filp_open+0x10/0x10 [ 143.746584][ T6746] ? _raw_spin_unlock+0x28/0x50 [ 143.746604][ T6746] ? alloc_fd+0x64c/0x6c0 [ 143.776688][ T6746] do_sys_openat2+0x121/0x1c0 [ 143.781479][ T6746] ? __pfx_do_sys_openat2+0x10/0x10 [ 143.786743][ T6746] ? rcu_is_watching+0x15/0xb0 [ 143.791974][ T6746] __x64_sys_openat+0x138/0x170 [ 143.796878][ T6746] do_syscall_64+0xfa/0xfa0 [ 143.801475][ T6746] ? lockdep_hardirqs_on+0x9c/0x150 [ 143.806719][ T6746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.812937][ T6746] ? clear_bhb_loop+0x60/0xb0 [ 143.817871][ T6746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 143.823808][ T6746] RIP: 0033:0x7fc2a4d8eec9 [ 143.828304][ T6746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 143.848292][ T6746] RSP: 002b:00007fc2a5d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 143.858238][ T6746] RAX: ffffffffffffffda RBX: 00007fc2a4fe5fa0 RCX: 00007fc2a4d8eec9 [ 143.866266][ T6746] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 143.875596][ T6746] RBP: 00007fc2a4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 143.883755][ T6746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 143.891815][ T6746] R13: 00007fc2a4fe6038 R14: 00007fc2a4fe5fa0 R15: 00007ffd8e14df08 [ 143.900043][ T6746] [ 143.903096][ T6746] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 143.910414][ T6746] CPU: 1 UID: 0 PID: 6746 Comm: syz.0.283 Not tainted syzkaller #0 PREEMPT(full) [ 143.919726][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 143.929792][ T6746] Call Trace: [ 143.933078][ T6746] [ 143.936019][ T6746] dump_stack_lvl+0x99/0x250 [ 143.940620][ T6746] ? __asan_memcpy+0x40/0x70 [ 143.945215][ T6746] ? __pfx_dump_stack_lvl+0x10/0x10 [ 143.950416][ T6746] ? __pfx__printk+0x10/0x10 [ 143.955115][ T6746] vpanic+0x237/0x6d0 [ 143.959106][ T6746] ? __pfx_vpanic+0x10/0x10 [ 143.963737][ T6746] ? is_bpf_text_address+0x292/0x2b0 [ 143.969030][ T6746] ? is_bpf_text_address+0x26/0x2b0 [ 143.974330][ T6746] panic+0xb9/0xc0 [ 143.978142][ T6746] ? __pfx_panic+0x10/0x10 [ 143.982752][ T6746] __warn+0x334/0x4c0 [ 143.986833][ T6746] ? ovl_copy_up_file+0x63b/0x690 [ 143.992067][ T6746] ? ovl_copy_up_file+0x63b/0x690 [ 143.997100][ T6746] report_bug+0x2be/0x4f0 [ 144.001626][ T6746] ? ovl_copy_up_file+0x63b/0x690 [ 144.006698][ T6746] ? ovl_copy_up_file+0x63b/0x690 [ 144.011761][ T6746] ? ovl_copy_up_file+0x63d/0x690 [ 144.016803][ T6746] handle_bug+0x84/0x160 [ 144.021161][ T6746] exc_invalid_op+0x1a/0x50 [ 144.025844][ T6746] asm_exc_invalid_op+0x1a/0x20 [ 144.030707][ T6746] RIP: 0010:ovl_copy_up_file+0x63b/0x690 [ 144.036350][ T6746] Code: e9 2d ff ff ff e8 75 e8 89 fe 49 bc 00 00 00 00 00 fc ff df e9 14 ff ff ff e8 61 e8 89 fe 90 0f 0b 90 eb 09 e8 56 e8 89 fe 90 <0f> 0b 90 41 bd fb ff ff ff 48 8b 5c 24 10 e9 92 fb ff ff e8 4d d2 [ 144.056238][ T6746] RSP: 0018:ffffc900035e7020 EFLAGS: 00010287 [ 144.062327][ T6746] RAX: ffffffff83366e7a RBX: ffffc900035e70a0 RCX: 0000000000080000 [ 144.070316][ T6746] RDX: ffffc9000b769000 RSI: 00000000000041d0 RDI: 00000000000041d1 [ 144.078381][ T6746] RBP: ffffc900035e7150 R08: ffffc900035e70af R09: 0000000000000000 [ 144.086370][ T6746] R10: ffffc900035e70a0 R11: fffff520006bce16 R12: dffffc0000000000 [ 144.094358][ T6746] R13: fc0000000000000a R14: ffff88802947aa80 R15: ffff88805bb9aa48 [ 144.102350][ T6746] ? ovl_copy_up_file+0x63a/0x690 [ 144.107421][ T6746] ? __pfx_ovl_copy_up_file+0x10/0x10 [ 144.112823][ T6746] ? rcu_read_lock_any_held+0xb3/0x120 [ 144.118377][ T6746] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 144.124371][ T6746] ? ovl_copy_up_flags+0x1505/0x3170 [ 144.129856][ T6746] ovl_copy_up_flags+0x166a/0x3170 [ 144.135003][ T6746] ? is_bpf_text_address+0x292/0x2b0 [ 144.140406][ T6746] ? __pfx_ovl_copy_up_flags+0x10/0x10 [ 144.145876][ T6746] ? stack_trace_save+0x9c/0xe0 [ 144.150817][ T6746] ? __pfx_stack_trace_save+0x10/0x10 [ 144.156198][ T6746] ? stack_depot_save_flags+0x40/0x860 [ 144.161682][ T6746] ? kasan_save_track+0x4f/0x80 [ 144.166738][ T6746] ? kasan_save_track+0x3e/0x80 [ 144.171608][ T6746] ? __kasan_save_free_info+0x46/0x50 [ 144.177009][ T6746] ? __kasan_slab_free+0x5c/0x80 [ 144.182044][ T6746] ? kfree+0x19a/0x6d0 [ 144.186116][ T6746] ? tomoyo_check_open_permission+0x2c2/0x3b0 [ 144.192186][ T6746] ? security_file_open+0xb1/0x270 [ 144.197297][ T6746] ? do_dentry_open+0x384/0x13f0 [ 144.202244][ T6746] ? vfs_open+0x3b/0x340 [ 144.206489][ T6746] ? path_openat+0x2ee5/0x3830 [ 144.211254][ T6746] ? do_filp_open+0x1fa/0x410 [ 144.215931][ T6746] ? do_sys_openat2+0x121/0x1c0 [ 144.220795][ T6746] ? __x64_sys_openat+0x138/0x170 [ 144.225831][ T6746] ? do_syscall_64+0xfa/0xfa0 [ 144.230509][ T6746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.236654][ T6746] ? ovl_already_copied_up+0x181/0x310 [ 144.242126][ T6746] ovl_open+0x138/0x2f0 [ 144.246290][ T6746] ? __pfx_apparmor_file_open+0x10/0x10 [ 144.251842][ T6746] ? __pfx_ovl_open+0x10/0x10 [ 144.256524][ T6746] ? mnt_get_write_access+0x66/0x280 [ 144.261816][ T6746] ? tomoyo_file_open+0x165/0x220 [ 144.266855][ T6746] ? fsnotify_open_perm_and_set_mode+0x11a/0x610 [ 144.273292][ T6746] ? __pfx_ovl_open+0x10/0x10 [ 144.277987][ T6746] do_dentry_open+0x953/0x13f0 [ 144.282771][ T6746] vfs_open+0x3b/0x340 [ 144.286877][ T6746] ? path_openat+0x2ecd/0x3830 [ 144.291657][ T6746] path_openat+0x2ee5/0x3830 [ 144.296284][ T6746] ? __pfx_path_openat+0x10/0x10 [ 144.301247][ T6746] do_filp_open+0x1fa/0x410 [ 144.305786][ T6746] ? __lock_acquire+0xab9/0xd20 [ 144.310655][ T6746] ? __pfx_do_filp_open+0x10/0x10 [ 144.315702][ T6746] ? _raw_spin_unlock+0x28/0x50 [ 144.320555][ T6746] ? alloc_fd+0x64c/0x6c0 [ 144.324898][ T6746] do_sys_openat2+0x121/0x1c0 [ 144.329589][ T6746] ? __pfx_do_sys_openat2+0x10/0x10 [ 144.334806][ T6746] ? rcu_is_watching+0x15/0xb0 [ 144.339586][ T6746] __x64_sys_openat+0x138/0x170 [ 144.344537][ T6746] do_syscall_64+0xfa/0xfa0 [ 144.349303][ T6746] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.354515][ T6746] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.360682][ T6746] ? clear_bhb_loop+0x60/0xb0 [ 144.365505][ T6746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.371402][ T6746] RIP: 0033:0x7fc2a4d8eec9 [ 144.375828][ T6746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.395526][ T6746] RSP: 002b:00007fc2a5d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 144.403976][ T6746] RAX: ffffffffffffffda RBX: 00007fc2a4fe5fa0 RCX: 00007fc2a4d8eec9 [ 144.412297][ T6746] RDX: 0000000000000042 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 144.420357][ T6746] RBP: 00007fc2a4e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 144.428425][ T6746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.436397][ T6746] R13: 00007fc2a4fe6038 R14: 00007fc2a4fe5fa0 R15: 00007ffd8e14df08 [ 144.444563][ T6746] [ 144.447738][ T6746] Kernel Offset: disabled [ 144.452096][ T6746] Rebooting in 86400 seconds..