last executing test programs: 9m17.15675662s ago: executing program 2 (id=315): openat$dir(0xffffffffffffff9c, 0x0, 0x567183, 0x1f6) openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) r0 = getpid() r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800"], 0x64}}, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r2, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$F2FS_IOC_SET_PIN_FILE(r5, 0x4004f50d, 0x0) sched_setscheduler(r0, 0x1, 0x0) r6 = socket$netlink(0x10, 0x3, 0x6) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r6, 0x10e, 0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800", @ANYRES32], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport=0x28, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x80404509, &(0x7f0000000cc0)=""/4096) landlock_restrict_self(0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000140)='.\x02\x00', 0x0, 0x0) open_tree(0xffffffffffffff9c, 0x0, 0x1901) 9m15.28106255s ago: executing program 2 (id=319): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000060000b0000000000000000085000000360000008500000023"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0x8005, 0x0, &(0x7f0000000000)='\a\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x8005, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 9m15.15533932s ago: executing program 2 (id=320): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r1, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) socket$netlink(0x10, 0x3, 0x10) request_key(0x0, 0x0, 0x0, 0x0) sendmsg$can_bcm(r1, 0x0, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="9000000000010104000000000000000002000000240001801400018008000100e000000208000200ac1414000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e000000208000740"], 0x90}}, 0x0) 9m12.733016874s ago: executing program 2 (id=324): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r2, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket(0x11, 0x80a, 0x0) r3 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)}], 0x1}, 0x0) syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x1, 0x1, @multicast, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, @loopback}}}}, 0x0) 9m12.52858768s ago: executing program 2 (id=325): pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe) write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000020000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) getxattr(&(0x7f0000000280)='./file0\x00', &(0x7f0000000400)=@known='user.incfs.metadata\x00', 0x0, 0x0) 9m10.608189564s ago: executing program 2 (id=328): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10) listen(r2, 0x0) 8m55.376311612s ago: executing program 32 (id=328): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r3}, 0x10) listen(r2, 0x0) 2m48.366697353s ago: executing program 3 (id=1607): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0xd, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private1}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_x_policy={0x2, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@private1, @in6=@private1}}, @sadb_lifetime={0x4, 0x4}]}, 0xc0}}, 0x0) 2m43.256884431s ago: executing program 3 (id=1627): r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1) close(0x3) close(0xffffffffffffffff) syz_io_uring_setup(0x112, &(0x7f00000003c0)={0x0, 0xf5cc, 0x2, 0x3}, &(0x7f0000000140)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x4898, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}}) 2m42.973098684s ago: executing program 3 (id=1629): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==") syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x8, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2) fcntl$addseals(r4, 0x409, 0xb) mkdir(&(0x7f0000000040)='./file1/file3\x00', 0x180) renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file3\x00', 0x0) 2m41.291077039s ago: executing program 3 (id=1631): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) munmap(&(0x7f0000002000/0x4000)=nil, 0x4000) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) remap_file_pages(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1, 0x3, 0x100000) sendto$inet6(r0, &(0x7f0000000040)='T', 0x1, 0x8910, &(0x7f0000000280)={0xa, 0xfffc, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000140)={0x7}, 0x1) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0}) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) bind$inet(r2, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events.local\x00', 0x275a, 0x0) ftruncate(r4, 0x2000009) sendfile(r2, r4, 0x0, 0x7ffff004) 2m41.137220211s ago: executing program 3 (id=1632): capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000000)={0x200000, 0x240000, 0x0, 0x4}) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4) sendmsg$inet6(r0, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e21, 0x80000, @mcast1, 0xfffffffd}, 0x1c, 0x0, 0x0, &(0x7f0000000080)=[@dstopts={{0x18, 0x29, 0x37, {0x2f}}}], 0x18}, 0x200000c4) 2m40.953871966s ago: executing program 3 (id=1633): sync() r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x400201, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) sync() r3 = socket$unix(0x1, 0x1, 0x0) bind$unix(r3, 0x0, 0x0) listen(r3, 0x4) connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000003280)={0x0, 0x0, &(0x7f0000003240)={&(0x7f0000000500)=ANY=[@ANYBLOB="1ce1ff002200190026bd7000fddbdf25630800097e0f5bcae64230ee57dcac1d000000000002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44080}, 0x800) r5 = socket$unix(0x1, 0x1, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='C\xc7\a\x89H\xb8\xeb\x99\xaa\x8e\xba\xfcrA\xca\x06\xe6uE\xec\xbb\xa1m\xb3\x14\xd8d\"\x17\x97\x83\xda\av4i\xfc\a\xe7a\xfeO\xaf9u\t\x00\x00\x00\x00\x00\x00\x00\xc2`\xc3\xa5u_\xac\x0f\x14\xae\xb1\f\xea\xc1\xff\xc8\xc2\xf1\x01\v\xabL\xa0\xad\x12\x8b\r\xd8!\xa6I-u3\xbaa\xd3?\xe3_\xac:=&w.\xa3qp\xf4\xdb\x7fj\xc5\xea\x02\xe2\x00KMqF\xb6c\x85\x90s\xd9\xb6\xccd.\xd1g\xb8I\xea\x8c\xd5\x82j\xf9\xcam\xace\x053\x03\'\xc9\x03\xd3\x88\xb2d\x11;1\\\x8a\xec_\xf3\xdal\xe9\x8c\x92D$\x009\xf7\v\xb3#\xa4\xdc\xbf\xc3\xc3\xba\b8\x1dr\xeb\xd7=Jh\xf5\xc7;P;\b\xb6*E\"[\xf4\\]B\xb3\xab\xd0]n\xb02\x12\x14rf\x032\xaf\x9dr\xb6\xef\x99US\xb1\v\xf1\x8a\xdc\x8c\x02\xe5\'\xc0\x15\xfb\x8ch\x05\xd6eN\xcf\xf9\xb3N&\xc8-&\x99\x84$\xc3\xdc]\xfe\x85\xba\t$\x88>\xb1\x92w\xf2*Y\x91F\x92p\xf39\xc9\xd7?\x06\x15\xfckv\xba\x8f%\x0eM\xfa\xecge\xefM\xe0\xaa\x98\x82\xfd\xc8\x112\xe5Shh\xfa\x02\xea\x99\xb3\"\xa9*\xb9\xd1\xda\xb0\x9bo\v\x13\xbfNa.8\x88\x8c\x8339\xd57\x9c\xba \x81\x8c@\x96\xad\xbb)\x12.\x15\xd6\xfa\x1dxj\xde\xcf\x1f\xe4\xae\x84\xb9\x92\x0e\xed\n\x11\xc0S<\x14\xc0oLC\x04\xadb\xcc\xde9\xc8\xbe\xb8\x94*\x1b(A\x81\xeb#\xdaW\x90\xc6\x17\xd8C\x97:\xbdc]\xf4J\xaf\x12.a\x97B\xae,6#&\xc7\xf7\xf3{<\xce\xab\x02\xb6\xd9i\xd2\x9d\x184K.@\x8dC\xa7`\xa5%\xfa\x11\xdf1\x03bC\xdb\xb7/X2\xcf\xa9\x85\xec\x19\'\x16lc\xe5\xccsQ]\x01\xe9\xa5\xb3\xfb\n') prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/231) connect$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='\xb5\'&^\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, &(0x7f0000000180)='\x00', 0x0, 0x0, 0x0, 0x6}, 0x50) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x4010, r1, 0xc990f000) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000100)={0x32, @remote, 0x4e23, 0x0, 'none\x00', 0x38, 0x1000, 0x31}, 0x2c) socket(0x28, 0x80002, 0x0) 2m25.801245469s ago: executing program 33 (id=1633): sync() r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x400201, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) socket$nl_route(0x10, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) sync() r3 = socket$unix(0x1, 0x1, 0x0) bind$unix(r3, 0x0, 0x0) listen(r3, 0x4) connect$unix(r2, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000003280)={0x0, 0x0, &(0x7f0000003240)={&(0x7f0000000500)=ANY=[@ANYBLOB="1ce1ff002200190026bd7000fddbdf25630800097e0f5bcae64230ee57dcac1d000000000002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x44080}, 0x800) r5 = socket$unix(0x1, 0x1, 0x0) prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='C\xc7\a\x89H\xb8\xeb\x99\xaa\x8e\xba\xfcrA\xca\x06\xe6uE\xec\xbb\xa1m\xb3\x14\xd8d\"\x17\x97\x83\xda\av4i\xfc\a\xe7a\xfeO\xaf9u\t\x00\x00\x00\x00\x00\x00\x00\xc2`\xc3\xa5u_\xac\x0f\x14\xae\xb1\f\xea\xc1\xff\xc8\xc2\xf1\x01\v\xabL\xa0\xad\x12\x8b\r\xd8!\xa6I-u3\xbaa\xd3?\xe3_\xac:=&w.\xa3qp\xf4\xdb\x7fj\xc5\xea\x02\xe2\x00KMqF\xb6c\x85\x90s\xd9\xb6\xccd.\xd1g\xb8I\xea\x8c\xd5\x82j\xf9\xcam\xace\x053\x03\'\xc9\x03\xd3\x88\xb2d\x11;1\\\x8a\xec_\xf3\xdal\xe9\x8c\x92D$\x009\xf7\v\xb3#\xa4\xdc\xbf\xc3\xc3\xba\b8\x1dr\xeb\xd7=Jh\xf5\xc7;P;\b\xb6*E\"[\xf4\\]B\xb3\xab\xd0]n\xb02\x12\x14rf\x032\xaf\x9dr\xb6\xef\x99US\xb1\v\xf1\x8a\xdc\x8c\x02\xe5\'\xc0\x15\xfb\x8ch\x05\xd6eN\xcf\xf9\xb3N&\xc8-&\x99\x84$\xc3\xdc]\xfe\x85\xba\t$\x88>\xb1\x92w\xf2*Y\x91F\x92p\xf39\xc9\xd7?\x06\x15\xfckv\xba\x8f%\x0eM\xfa\xecge\xefM\xe0\xaa\x98\x82\xfd\xc8\x112\xe5Shh\xfa\x02\xea\x99\xb3\"\xa9*\xb9\xd1\xda\xb0\x9bo\v\x13\xbfNa.8\x88\x8c\x8339\xd57\x9c\xba \x81\x8c@\x96\xad\xbb)\x12.\x15\xd6\xfa\x1dxj\xde\xcf\x1f\xe4\xae\x84\xb9\x92\x0e\xed\n\x11\xc0S<\x14\xc0oLC\x04\xadb\xcc\xde9\xc8\xbe\xb8\x94*\x1b(A\x81\xeb#\xdaW\x90\xc6\x17\xd8C\x97:\xbdc]\xf4J\xaf\x12.a\x97B\xae,6#&\xc7\xf7\xf3{<\xce\xab\x02\xb6\xd9i\xd2\x9d\x184K.@\x8dC\xa7`\xa5%\xfa\x11\xdf1\x03bC\xdb\xb7/X2\xcf\xa9\x85\xec\x19\'\x16lc\xe5\xccsQ]\x01\xe9\xa5\xb3\xfb\n') prctl$PR_GET_NAME(0x10, &(0x7f0000000000)=""/231) connect$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) prctl$PR_SET_NAME(0xf, &(0x7f0000000240)='\xb5\'&^\x00') openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, &(0x7f0000000180)='\x00', 0x0, 0x0, 0x0, 0x6}, 0x50) mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, 0x4010, r1, 0xc990f000) setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000100)={0x32, @remote, 0x4e23, 0x0, 'none\x00', 0x38, 0x1000, 0x31}, 0x2c) socket(0x28, 0x80002, 0x0) 28.798215995s ago: executing program 0 (id=2247): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, 0x0, 0x15) r2 = dup(r1) r3 = dup(r1) write$FUSE_BMAP(r3, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) vmsplice(r2, &(0x7f0000000900)=[{&(0x7f0000000580)="4d065a", 0x3}], 0x1, 0x0) 28.574557873s ago: executing program 0 (id=2249): bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x801, 0x84) remap_file_pages(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x1, 0x3, 0x100000) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000140)={0x7}, 0x1) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0}) openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000040)='sit0\x00', 0x10) r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) ftruncate(r3, 0x2000009) sendfile(r1, r3, 0x0, 0x7ffff004) 28.386532478s ago: executing program 0 (id=2251): syz_open_dev$evdev(&(0x7f00000002c0), 0x1, 0x3030c2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="5c0000001000ffff27bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="715a0300231a05003c0012800b00010069703667726500002c0002801400060000000000000000000000ffff0000000114000700ff"], 0x5c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x320820, 0x0, 0x1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 28.249003989s ago: executing program 0 (id=2253): open(&(0x7f0000000140)='./file1\x00', 0x141242, 0x40) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x8, 0x32, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = open(&(0x7f0000000080)='./file1\x00', 0xe4802, 0x6) pwritev2(r0, &(0x7f0000000240)=[{}], 0x1, 0x7800, 0x0, 0x3) 28.055912585s ago: executing program 0 (id=2256): ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r1, 0x407, 0x100004) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 26.638451358s ago: executing program 0 (id=2261): bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x6, &(0x7f0000000000)=@framed={{0x6, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x3e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)={0x34, 0x1, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x3}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0x3}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0xffe}, @CTA_STATUS={0x8}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x80d0}, 0x24004810) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10) close(0xffffffffffffffff) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) 6.962233823s ago: executing program 4 (id=2322): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = socket$key(0xf, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x2, 0xd, 0x0, 0x0, 0x13, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_x_policy={0x8, 0x12, 0x2, 0x2, 0x0, 0x0, 0x0, {0x6, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, @in6=@private1, @in6=@private1}}, @sadb_lifetime={0x4, 0x4}]}, 0x98}}, 0x0) 6.721851423s ago: executing program 1 (id=2324): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000480)='blkio.bfq.io_service_bytes_recursive\x00', 0x26e1, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0x7, 0x5, 0x7, 0xc1}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r0}, 0x38) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e}, 0x94) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), &(0x7f00000004c0)=""/192}, 0x20) 5.920250466s ago: executing program 4 (id=2326): syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200000, &(0x7f0000000040)={[{@grpquota}]}, 0x41, 0xbcb, &(0x7f0000002380)="$eJzs3M9rHGUfAPDvTDa/8zbpy8urLYIBqYriNm1KhZ5az6KCHjw2JpsSsv1hEsGEHtJ6Vw8iHgrSP0Hwbi+eBA/1oPUvKGKRope2h5XZH+m2m92kyWbHxs8HnszzzDOZ7/ebSTLPQCYB/GtNZh/SiEMRcTaJGK/vTyNioNobilivHXf/7uXZrCVRqbz7RxJJRNy7e3m2ca6kvh2tD4Yi4uYbSfz3k9a4y6trizPlcmmpPj66cv7S0eXVtdcWzs+cK50rXTgx/fqJ6ZPT012s9falD7567qe3Xrx6/dOpt7888EMSp2OsPtdcR7dMxuTG16RZISJmuh0sJ331eprrTAq17UBeSQEA0FbatIb7f4xHXxQ25sbj+59zTQ4AAADoikpfRAUAAADY5xLP/wAAALDPNf4O4N7dy7ONlu9fJPTWnTMRMVGrv/F+c22mEOvV7VD0R8TIn0nTmxG1910nuhB/Mov07Y+lrMUevYfcyfqViHi2fv2zHRvxk2r9E9W3uFvrTyNiqgvxJx8bd6i/rwvhWjxS/yPf/1vXf7oL8Z+gfgDomhtnajey1vtfurH+iU3uf4VN7l07kff9r7H+u9+y/ntYf1+b9d8724xx+MErN9vNNa//3v/s17ksfrbdVVFP4M6ViMOFzepPNupP2tR/dpsxRmdvX2s3l9Wf1dtova6/cj3iSHU111p/Q9Lp/xMdnV8ol6ZqHzc5/+rJzvGbr3/WsviNZ4FeyK7/SOzs+l/aZoyJZ34/1G5u6/rT3waS96q9xv8T+nhmZWXpWMRA8mbr/uOdc2kc0zhHVv/LL3T++d+s/ux3wnr965B991ypb7Px1cdijh45/s3O699bWf1zO7z+n28zxtffXfuw3Vze9QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwdEgjYiyStLjRT9NiMWI0Iv4XI2n54vLKq/MXP7owl81FTER/Or9QLk1FxHhtnGTjY9X+w/Hxx8bTEXEwIr4YH87GQxFRnsu7eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADaMRsRYJGkxItKI+Gs8TYvFvLMCAAAAum4i7wQAAACAPef5HwAAAPa/luf/wiOjoV7mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL508Pkbt5KIWD81XG2Zgfpcf66ZAXst3d5hI3udB9B7fXknAOSm0NSvVCqVHFMBeswzPpBsMT/Udmaw67kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8M/10qEbt5KIWD81XG2Zgfpcf66ZAXstzTsBIDd9nSaTLXcAT7FC3gkAufGMD9RW9g8qNa3zQ20/c3DXUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4eoxVW5IWIyKt9tO0WIz4T0RMRH8yv1AuTUXEgYj4Zbx/MBsfyztpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAum55dW1xplwuLe2iM1w/127Po6OzfzrD0bNYjR/ANscMtp/q0MnxlxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALlZXl1bnCmXS0vLeWcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA5G15dW1xplwuLXXsDMTWx7Tv5F0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5+TsAAP//hWMBPw==") syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[], 0x22, 0x34f, &(0x7f0000000bc0)="$eJzs3T9sG2UUAPDnXhKnESUekCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHbJ/tc+xQZ3Boxe83RE/v+9597y6n3CVKvrzeiq1L83H51q2bsbhYiLm1c2txuxClOBFJ9OzFRB8tTM4DAPe422kaf6U9d5/9yVI/8uwHgPtX9/n/5qlhoniE4qsPzKIlAGDGpvz+//mJ2SszawsAmKGx5/9jI8MHfsw/N/idAADg/vXiK68+t74RcbFcXoyof9isNCvxzHB8/XK8HbXYjLOxHPsRvReF3ttC5+OzFzbOny13/FaKSqeiWYmot5qV3pvCetKtL8ZKLEcpq08H9UmnfqVbX46IvVZ3/agXmpX5WMrW/3kpNmM1luOhsfqICxvnV8vZASr1fn0roh2L/ZPo9H8mluPHN+JK1OJSdGqH/e+ulMvn0o2R+ua1YnceAAAAAAAAAAAAAAAAAAAAAADMwpnyQGmw/01abzU/uHhwQmlkf5xKbzjbH6jd2x8oLfZ357maHNwfaHR/nmZlLk78p2cOAAAAAAAAAAAAAAAAAAAA947GzkJUa7XN7cbO+1v5oJXLvPv9V9+ejP7QXFb6TjKsiiw5cpz+xNyRkxgskQ7K02RkThYkEf3Je9Vr1wcd5+cUB2cxVt4JimNDhaynaq126tFfP59U9Xcn2Otmkhi7LKNBIVs/N1R/sJNYjIj9w6oOD1bvMudGmqaHle9+Nl4VhYi5OHIbUwTf3Xzr4Scbp5/qZr7JNn14/Inll258+uUfW9VatHtXplZb2G7sp1McudPr+FCSu38K2XUuTLgTJgftYaa93dipJj/9+fIjH/9wYHIy+f5J85n3Dl/r64OZhV5QiCj1L8K/tTo/4eafHLx2Z3D3Hv0Td/qLter13V9+n7Yq90XCRh0AAAAAAAAAAAAAAAAAAHAscn8rfgRPvzC7jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+A3//38uaI9lpgnutGJ8qLi53Th08ZPHeqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyP/RMAAP//rShzCQ==") socket$nl_generic(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000100)=0x8, 0x12) ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000000)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}}) 5.915603307s ago: executing program 1 (id=2327): bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00'}, 0x10) pipe2$watch_queue(&(0x7f00000000c0), 0x80) gettid() syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d1, &(0x7f0000000440)="$eJzslj2v0lAYx//nlBQwGhNHFwdJ1MHSFjUuJLI4OZj4QhxMJFIJUsRAByEx6Cdwd3Nw9wuY6OqHMOiiC04615yXliOhCNwL3OQ+v4Sn/1POy9PnNP9TEARxbPn+7c8k/l39UQBwEiXk9f2f1qwPN/p/Lfx6+fnWzfqbh++/5CdOcdGccbz6+jkAn2oWonTsv6NL+noXPNX3wHFJ6zoYHK0fgeO+1gEYHmj91NA90d9xnrTDwHncC5tCuCJ4IvgiVObzm75maBr5MeP/wXDUaYRh0N+i+F/9pjWOqpGfuV8OVLauUT8PHJ7WFTDc0fo68kltVEmM5z+bm81vLX1+G9uuiEhljVFnTmVulQ1gszQAdlh7j1f6ld3mO5QhLEiR7OiOV9+BQO5IpLGG2GQvPt5QY5I78Vi1ZZ/TGRPG4xWXsLFR5VN/it8xXDD8SVnJW3nUlKPu8/JgOLrc7jZaQSt45vuVa+4V173ql6URqbjE/4rSn07M5l94JglsZuNFI4r6nopp21dxkeNy6X8cF8+rtnBTe27egqGZ/nF5ld7b+ZCZPUEQxP44ByY9WfpyIvRpAuNb9/YecyQIgiAIgiAIgiAI4mD8DQAA//80kEvd") chdir(0x0) rename(0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="080000000400000004000000a40000", @ANYRES32], 0x50) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x18) capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb, 0x3}) openat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x48940, 0x10c) io_setup(0x5, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x4, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000791000000000000095000000000000000200db76e6c6082356271a06593c15924199ffb1764a79e0eb0fd22929ea5eb8ee9625fcd6324b8bc38367f7"], &(0x7f0000000100)='GPL\x00', 0x2, 0xc4, &(0x7f00000002c0)=""/196}, 0x94) 3.306186906s ago: executing program 1 (id=2328): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0) pipe(&(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) splice(r0, 0x0, r2, 0x0, 0x88000cc, 0x0) fcntl$setpipe(r1, 0x407, 0x100004) write$eventfd(r1, &(0x7f0000000240), 0xffffff14) 3.275590098s ago: executing program 4 (id=2329): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000) r2 = accept4$unix(r0, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x807}, {{0x0, 0x0, &(0x7f0000000b00)}, 0x1ff}], 0x2, 0x20022, 0x0) recvfrom$unix(r2, &(0x7f00000008c0)=""/239, 0xef, 0x0, 0x0, 0x0) 3.063717195s ago: executing program 4 (id=2331): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c}) lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_default\x00', 0x0, 0x0, 0x2) 2.837170633s ago: executing program 4 (id=2333): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x0}) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000001c0)={r2, 0x1, 0x6, @random="2208cded1150"}, 0x7f) setsockopt$packet_add_memb(r1, 0x107, 0x2, &(0x7f00000003c0)={r2, 0x1, 0x6, @remote}, 0x10) 2.406624878s ago: executing program 5 (id=2336): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010004, &(0x7f00000000c0)={[{@nobh}, {@jqfmt_vfsv0}, {@data_err_ignore}]}, 0x3, 0x4f8, &(0x7f0000000140)="$eJzs3E1sFGUfAPD/bLv9gBfoy8vL+4IoBTQ2JrZQUDiYGExMPGhixIMcm1IJUsDQHoQQKYnBM4lXQzwab5p41aPxZOIVDx5MDJEYLnwkJmNmd6Yf+9UuXVrL/n7Jdp9n5pl5nv/MPLOz83QngK41nP1JIv4VEbciYls1u7TAcPXt/t0rkw/uXpmMuTQ98WdSKXcvy+eK5TbnmZFSROmTpGaFVTOXLp+dmJ6eupjnx2bPfTg2c+nyi2fOTZyeOj11fvzYsSOHDx19efyl9oNqUF8W173dH1/Ys+uNkzfemuwtpg/k74vjaKq3vWYMt5j3XHur+sfbsiid1G+nq2vaGFZsID+sy1n/vzK9/+R6NwhYM2mapv3NZ8+lta7VTQE2rCTWuwXA+ig+6LPvv/fullf2PfgJcud49gUoqcR9P39V5/RGKS9Trvl+20nDEfHe3MObg/HwZrS6D/HrY2oAANB1vj9eXAlm13/VV3VOKXYuKrc1H0MZioh/R8T2iPhPROyIiP9GVMr+LyL+X1tBEpG2qH9HTX6h/m/yUYTS7VUH2UJ2/fdKPra19PqvuPqLoZ48tyWiuGCeOphvk5Eo979/ZnrqUJP19y1Tf3H9V7yy+rP3hRKl2701N+hOTcxOPFq09e5ci9jdWxt/0pvtuGIYJ4mIXRGxu431Di1Kn3nhyz3zmfLScsvHX5E2GNJrezyukfSLiOer+38uluz/hRqT1uOTYwMxPXVwLDsKDjas48efrr/drP5l4//2t9pFXj/63YnVhj0v2/+bqvGXI4+9Mn67EP9QEpHMj9fORKQ97dVx/ZdPK+sdPlA/7xGO/76YmJ3oS97NM1UfTczOXjwU0Ze8WT99fGHhIl+Uz+IfOdC4/2/Pl8m2xFMRkR3ET0fEMxGxN2/7vojYHxH1of38R5H64bVnP2i2bZbGv7XZ8T8/Tt1pWfynGp7/luz/hfH6FSaKhbMpPWf33XrQ5OSxsv1/pJIayac0Pv8lS04RK23p6rYeAAAAbAylqPzvf2l0Pl0qjY5W7wHtiE2l6Qszs3sj4vyp6m8EhqJcKu50Ve8Hl5Pi/ufQovx4Tf5wft/4s57BSn508sJyt0aBx2xzpc8ndf0/83ub93mBDagD42jABrVc/995Y40aAqw5n//QvRb1/7kmReb8pww8mXz+Q/dq1P+vxlctB+icM2DjS/Vl6Gr6P3Sv3nhnPl352XPDX9sCTyKf/9CV2v1df3uJtH966tWIqJ01UDfl0uUYeDzNGGxQ17oksiurDq6wHBErKzz4KFUUl4DNn/BQam+F/VE/qydaLZW0fI7DX2ma1s/Ktsqy7Tm9s+MHf/FMlE4fNl8v9NNy5SFL87M+37aCSFeRWJfTEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMf9HQAA//8V1NEi") r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r0, 0x0, 0x0) 2.190914825s ago: executing program 1 (id=2337): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==") syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x8, 0x0, 0x1, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0) socket$nl_route(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r4}, 0x18) r5 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2) fcntl$addseals(r5, 0x409, 0xb) mkdir(&(0x7f0000000040)='./file1/file3\x00', 0x180) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file3\x00', 0x0) 2.153498598s ago: executing program 5 (id=2338): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) write$binfmt_elf64(r1, &(0x7f0000000240)=ANY=[], 0x40000) r2 = accept4$unix(r0, 0x0, 0x0, 0x0) recvmmsg(r2, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0}, 0x807}, {{0x0, 0x0, &(0x7f0000000b00)=[{0x0}], 0x1}, 0x1ff}], 0x2, 0x20022, 0x0) recvfrom$unix(r2, &(0x7f00000008c0)=""/239, 0xef, 0x0, 0x0, 0x0) 1.944166995s ago: executing program 5 (id=2339): mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, 0x0, 0x15) r2 = dup(r1) r3 = dup(r1) write$FUSE_BMAP(r3, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYRESHEX=r3]) vmsplice(r2, &(0x7f0000000900)=[{&(0x7f0000000580)="4d065a", 0x3}], 0x1, 0x0) 1.828469584s ago: executing program 5 (id=2340): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x6, 0x3, 0x7ffcfffe}]}) mkdirat(0xffffffffffffff9c, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000001280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x0, &(0x7f0000001080), 0x1, 0x4fe, &(0x7f0000000a40)="$eJzs3c9vI1cdAPDvTOIkm6ZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBrdeygGpwAq0QeJgNP6RzW7sJOw6tmp/PtJo5s0bz/e9teY97zeJXwBj63pEHEbEVES8HRHz7fNJe4vXW1t23f17d9eO791dS6LReOsfSbM+OxenXpN5qn3PmYj4/ncifpScjVvbP9haLZdLu+1yoV7ZKdT2D25tVlY3Shul7WJxeWl58dXbrxT71tcXKr/55Nubb/zgg9996eM/HX7zJ1mz5tp1p/vRT62u507iZCYj4o2rCDYEE+3+TA27ITyWNCI+ExEvNp//+ZhovpuX0+WxBgA+BRqN+WjMny4DAKMubebAkjTfzgXMRZrm860c3nMxm5artfrNO9W97fVWrmwhcumdzXJpsZ0rXIhckpWX3suOH5SL8XD5dkQ8GxE/nb7WLOfXLp9nAAD666lH5v9/T7fmfwBgxM1cdMHKYNoBAAzOhfM/ADByzP8AMH7M/wAwfsz/ADB+zP8AMG4+6sz/E8NuCQAwEN97881saxy3v/96/Z39va3qO7fWS7WtfGVvLb9W3d3Jb1SrG+VSfq1aueh+5Wp1Z+nl2Hu3UC/V6oXa/sFKpbq3XV9pfq/3Sik3kF4BAOd59oUP/5JExOFr15pbnFrLwVwNoy0ddgOAoZHzh/HlW7hhfPk/PnDRWp49f0X4/ccI1njvMV4E9NuNz8v/w7jqkv+XEoAxIf8P48tkD+Or0Uh6rfmfnlwCAIwUOX5goD//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBEx19wWTpXTNJ+PeDoiFiKX3NkslxYj4pmI+PN0bjorLw21xQDAk0v/lrTX/7ox/9Lco7VTyX+uNfcR8eOfv/Wzd1fr9d2l7Pw/pzvn6++3zxeH0X4A4CKdebozj3fcv3d3rbMNsj2ffKu1uGgW97i9tWomYzLb/XEmchEx+6+kVW7LPq9M9CH+4VFEfK5b/5NmbmShvfLpo/Gz2E8PNH76UPy0WdfaZ/8Wnz1z5+meMS9a6xXGxYfZ+PN6t+cvjevN/UzXxY9nmiPUk+uMf8dnxr/O8z7THGu6jX/XLxvj5d9/t2fdUcQXJrvFT07iJz3iv3RSmjo3/kdf/PKLveoav4y4Ed3jn45VqFd2CrX9g1ubldWN0kZpu1hcXlpefPX2K8VCM0dd6GSqz/r7azef6dn/X0fM9og/c0H/v3ZurxsnA/Cv/vv2D7/SK/5RxDe+2v39f+6c+Nmc+PVz4z+wOvvbnst3Z/HXW/0/+n/f/5uXjP/xXw/WL3kpADAAtf2DrdVyubTb14NcdKma7k+I5Ira7GDED7LP4096n+fbKbOu1/zhFx88n1UOvad9ORjywARcuQcP/bBbAgAAAAAAAAAAAAAA9HLlf06UDruHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjLL/BQAA//8SwcrQ") r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x20000, 0x0) quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, &(0x7f0000000140)={0x7d3, 0xa, 0x0, 0x100004, 0x4, 0x401, 0x28ac}) 1.489287661s ago: executing program 5 (id=2341): setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8") r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00') ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r1 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff) write$binfmt_script(r1, &(0x7f0000000080)={'#! ', './file1'}, 0xb) close(r1) execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0) 864.145701ms ago: executing program 1 (id=2342): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDMKTONE(r0, 0x4b30, 0x80001) 562.606885ms ago: executing program 1 (id=2343): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25) bind$inet(r0, &(0x7f0000000340)={0x2, 0x494, @local}, 0x10) 562.425006ms ago: executing program 5 (id=2344): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) close(0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r1) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0) 0s ago: executing program 4 (id=2345): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000010) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x4, 0x0, 0x0) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000001340)=0xf000) kernel console output (not intermixed with test programs): p mac addresses unique to avoid problems! [ 72.268091][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.278559][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.288528][ T5789] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.298989][ T5789] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.311137][ T5789] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.356243][ T3450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.365307][ T3450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.380599][ T5789] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.389709][ T5789] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.399307][ T5789] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.408094][ T5789] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.483970][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.511377][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.525010][ T3450] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.554819][ T3450] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.594267][ T3467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.602462][ T3467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.672971][ T3430] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.699477][ T3430] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.781513][ T3467] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.811217][ T3467] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.858374][ T5876] syz.1.2[5876]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set [ 72.869579][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.885198][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.911674][ T5876] loop1: detected capacity change from 0 to 1024 [ 72.951321][ T5876] ======================================================= [ 72.951321][ T5876] WARNING: The mand mount option has been deprecated and [ 72.951321][ T5876] and is ignored by this kernel. Remove the mand [ 72.951321][ T5876] option from the mount to silence this warning. [ 72.951321][ T5876] ======================================================= [ 73.000830][ T3467] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.026227][ T3467] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.070752][ T5876] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 73.181715][ T5876] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 73.198964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 73.257095][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 73.461683][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 73.461987][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.478526][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 73.480230][ T5884] capability: warning: `syz.0.1' uses deprecated v2 capabilities in a way that may be insecure [ 73.564263][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.573882][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 73.666552][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.769123][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 73.769203][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 74.107084][ T5884] Zero length message leads to an empty skb [ 74.908015][ T5794] Bluetooth: hci0: command tx timeout [ 74.913485][ T5794] Bluetooth: hci2: command tx timeout [ 74.917213][ T5786] Bluetooth: hci1: command tx timeout [ 74.918968][ T5794] Bluetooth: hci3: command tx timeout [ 74.925966][ T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 75.130335][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 75.153621][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 75.173737][ T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 75.210745][ T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 75.251386][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 75.355834][ T8] usb 4-1: config 0 descriptor?? [ 76.254128][ T5784] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 76.291171][ T8] usbhid 4-1:0.0: can't add hid device: -71 [ 76.361155][ T8] usbhid: probe of 4-1:0.0 failed with error -71 [ 76.392118][ T8] usb 4-1: USB disconnect, device number 2 [ 76.572426][ T5904] loop2: detected capacity change from 0 to 1024 [ 76.814477][ T5779] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 76.948190][ T5908] tipc: Started in network mode [ 76.953343][ T5908] tipc: Node identity 0ebd64094d4a, cluster identity 4711 [ 76.963898][ T5908] tipc: Enabled bearer , priority 0 [ 77.383220][ T5797] Bluetooth: hci2: command tx timeout [ 77.383223][ T5794] Bluetooth: hci1: command tx timeout [ 77.383266][ T5797] Bluetooth: hci0: command tx timeout [ 77.388708][ T5786] Bluetooth: hci3: command tx timeout [ 77.977711][ T5838] tipc: Node number set to 1140286473 [ 78.140866][ T5901] tipc: Disabling bearer [ 78.559725][ T5915] loop3: detected capacity change from 0 to 128 [ 81.414063][ T5936] fuse: Bad value for 'user_id' [ 81.495189][ T5940] loop1: detected capacity change from 0 to 128 [ 81.732785][ T5944] loop2: detected capacity change from 0 to 16 [ 81.773452][ T5942] netlink: 'syz.0.17': attribute type 4 has an invalid length. [ 81.821518][ T5944] erofs: (device loop2): mounted with root inode @ nid 36. [ 81.839215][ T23] cfg80211: failed to load regulatory.db [ 83.177924][ T5962] fuse: Bad value for 'user_id' [ 86.486303][ T5998] fuse: Bad value for 'user_id' [ 86.683011][ T6000] netlink: 'syz.1.37': attribute type 10 has an invalid length. [ 86.685890][ T1117] bond0: (slave bond_slave_0): interface is now down [ 86.716934][ T1117] bond0: (slave bond_slave_1): interface is now down [ 86.728063][ T6000] syz_tun: entered promiscuous mode [ 86.760527][ T6000] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 86.763438][ T3430] bond0: (slave bond_slave_0): interface is now down [ 86.796696][ T3430] bond0: (slave bond_slave_1): interface is now down [ 86.824277][ T3430] bond0: (slave syz_tun): interface is now down [ 86.849381][ T3430] bond0: now running without any active interface! [ 88.306250][ T5776] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 88.516717][ T5776] usb 2-1: Using ep0 maxpacket: 16 [ 88.544625][ T5776] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 88.566699][ T5776] usb 2-1: config 1 interface 0 has no altsetting 0 [ 88.577966][ T5776] usb 2-1: string descriptor 0 read error: -22 [ 88.584277][ T5776] usb 2-1: New USB device found, idVendor=056a, idProduct=033e, bcdDevice= 0.40 [ 88.606702][ T5776] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 89.487801][ T5776] usbhid 2-1:1.0: can't add hid device: -71 [ 89.493840][ T5776] usbhid: probe of 2-1:1.0 failed with error -71 [ 89.575271][ T5776] usb 2-1: USB disconnect, device number 2 [ 90.950576][ T6027] syz.0.45 (6027) used greatest stack depth: 16936 bytes left [ 92.942027][ T6043] 9pnet_fd: Insufficient options for proto=fd [ 93.039257][ T6046] loop1: detected capacity change from 0 to 16 [ 93.072549][ T6046] erofs: (device loop1): mounted with root inode @ nid 36. [ 93.256732][ T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 93.529135][ T6055] loop1: detected capacity change from 0 to 256 [ 95.815416][ T9] usb 1-1: unable to get BOS descriptor or descriptor too short [ 95.863244][ T9] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 95.871129][ T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 95.931887][ T9] usb 1-1: can't read configurations, error -71 [ 96.119518][ T8] usb 2-1: config 0 has an invalid interface number: 64 but max is 0 [ 96.133121][ T8] usb 2-1: config 0 has an invalid descriptor of length 45, skipping remainder of the config [ 96.144043][ T8] usb 2-1: config 0 has no interface number 0 [ 96.156591][ C1] sched: RT throttling activated [ 96.163323][ T8] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48 [ 96.182558][ T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 96.205036][ T8] usb 2-1: Product: syz [ 96.209531][ T8] usb 2-1: Manufacturer: syz [ 96.214305][ T8] usb 2-1: SerialNumber: syz [ 96.226362][ T8] usb 2-1: config 0 descriptor?? [ 96.232385][ T5900] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 96.442713][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 96.485398][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 96.517865][ T5900] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 96.558758][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 96.600388][ T5900] usb 4-1: config 0 descriptor?? [ 97.288492][ T6062] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 97.308943][ T6062] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 97.313541][ T8] usb 2-1: Found UVC 0.00 device syz (046d:0823) [ 98.335587][ T8] usb 2-1: No valid video chain found. [ 99.259257][ T6079] x_tables: duplicate underflow at hook 1 [ 99.706356][ T5900] cp2112 0003:10C4:EA90.0001: unknown main item tag 0x0 [ 99.736207][ T8] usb 2-1: USB disconnect, device number 3 [ 99.821517][ T5900] cp2112 0003:10C4:EA90.0001: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 99.952039][ T5900] cp2112 0003:10C4:EA90.0001: Part Number: 0x81 Device Version: 0xD2 [ 99.965880][ T5900] cp2112 0003:10C4:EA90.0001: error requesting SMBus config [ 99.982592][ T5900] cp2112: probe of 0003:10C4:EA90.0001 failed with error -32 [ 100.011864][ T6091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.63'. [ 100.026624][ T6091] veth1_macvtap: left promiscuous mode [ 100.212494][ T5900] usb 4-1: USB disconnect, device number 3 [ 101.596077][ T6111] x_tables: duplicate underflow at hook 1 [ 102.135052][ T6123] process 'syz.2.73' launched '/dev/fd/7' with NULL argv: empty string added [ 103.131478][ T6141] loop1: detected capacity change from 0 to 128 [ 103.611261][ T28] audit: type=1800 audit(1756455635.713:2): pid=6141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.78" name="file1" dev="loop1" ino=1048596 res=0 errno=0 [ 104.103147][ T6149] loop2: detected capacity change from 0 to 512 [ 104.478932][ T6149] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.80: invalid indirect mapped block 4294967295 (level 1) [ 104.574120][ T6149] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.80: invalid indirect mapped block 4294967295 (level 1) [ 104.644387][ T6149] EXT4-fs (loop2): 2 truncates cleaned up [ 104.663471][ T6149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 105.790010][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 105.854726][ T6157] loop1: detected capacity change from 0 to 128 [ 105.904317][ T6157] EXT4-fs (loop1): Test dummy encryption mode enabled [ 105.940023][ T6157] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 105.993857][ T6157] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 106.402025][ T6157] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni" [ 107.593232][ T5784] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 108.764403][ T6186] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 108.813495][ T6191] overlayfs: failed to resolve './bus': -2 [ 108.946892][ T8] usb 4-1: new full-speed USB device number 4 using dummy_hcd [ 108.976846][ T6193] netlink: 36 bytes leftover after parsing attributes in process `syz.1.91'. [ 109.008017][ T6193] netlink: 'syz.1.91': attribute type 10 has an invalid length. [ 109.139843][ T8] usb 4-1: config 9 has an invalid interface number: 81 but max is 0 [ 109.161779][ T8] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 109.185265][ T8] usb 4-1: config 9 has no interface number 0 [ 109.195414][ T8] usb 4-1: config 9 interface 81 has no altsetting 0 [ 109.208162][ T6180] overlayfs: overlapping lowerdir path [ 109.216265][ T6195] fuse: Bad value for 'user_id' [ 109.225696][ T8] usb 4-1: New USB device found, idVendor=05f9, idProduct=ffff, bcdDevice=f0.f4 [ 109.246873][ T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 109.254952][ T8] usb 4-1: Product: syz [ 109.262365][ T8] usb 4-1: Manufacturer: syz [ 109.267890][ T8] usb 4-1: SerialNumber: syz [ 109.628205][ T8] usbserial_generic 4-1:9.81: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 109.655069][ T8] usbserial_generic 4-1:9.81: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 110.354991][ T8] usbserial_generic 4-1:9.81: device has no bulk endpoints [ 110.365466][ T8] usb 4-1: USB disconnect, device number 4 [ 110.505530][ T6206] loop1: detected capacity change from 0 to 128 [ 110.532307][ T6206] EXT4-fs (loop1): Test dummy encryption mode enabled [ 110.562904][ T6206] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 110.593111][ T6206] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 111.640237][ T5784] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 112.506892][ T8] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 112.696860][ T8] usb 2-1: Using ep0 maxpacket: 32 [ 112.707035][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 112.734832][ T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 112.759736][ T8] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00 [ 112.785902][ T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 112.834237][ T8] usb 2-1: config 0 descriptor?? [ 113.664503][ T6228] netlink: 36 bytes leftover after parsing attributes in process `syz.0.100'. [ 113.707789][ T8] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0 [ 113.743895][ T6228] netlink: 'syz.0.100': attribute type 10 has an invalid length. [ 113.777107][ T6228] syz_tun: entered promiscuous mode [ 113.837606][ T6228] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 113.969763][ T23] usb 2-1: USB disconnect, device number 4 [ 115.161290][ T6245] netlink: 36 bytes leftover after parsing attributes in process `syz.0.104'. [ 115.187565][ T3467] bond0: (slave bond_slave_0): interface is now down [ 115.194596][ T6245] netlink: 'syz.0.104': attribute type 10 has an invalid length. [ 115.206883][ T3467] bond0: (slave bond_slave_1): interface is now down [ 115.236756][ T3467] bond0: (slave syz_tun): interface is now down [ 115.267448][ T12] bond0: (slave bond_slave_0): interface is now down [ 115.274199][ T12] bond0: (slave bond_slave_1): interface is now down [ 115.306163][ T12] bond0: (slave syz_tun): interface is now down [ 115.404880][ T12] bond0: now running without any active interface! [ 117.293662][ T6256] loop2: detected capacity change from 0 to 256 [ 117.615003][ T6262] netlink: 36 bytes leftover after parsing attributes in process `syz.1.110'. [ 117.627192][ T6262] netlink: 'syz.1.110': attribute type 10 has an invalid length. [ 117.655479][ T6264] fuse: Bad value for 'user_id' [ 119.795187][ T6290] loop1: detected capacity change from 0 to 16 [ 119.854887][ T6290] erofs: (device loop1): mounted with root inode @ nid 36. [ 122.092813][ T6303] 9pnet_virtio: no channels available for device syz [ 122.435452][ T6307] netlink: 36 bytes leftover after parsing attributes in process `syz.0.120'. [ 122.487848][ T6307] netlink: 'syz.0.120': attribute type 10 has an invalid length. [ 122.732996][ T6309] fuse: Bad value for 'user_id' [ 125.423190][ T6336] netlink: 36 bytes leftover after parsing attributes in process `syz.0.129'. [ 125.445856][ T6339] fuse: Bad value for 'user_id' [ 125.481104][ T6336] netlink: 'syz.0.129': attribute type 10 has an invalid length. [ 126.209862][ T6345] loop1: detected capacity change from 0 to 256 [ 126.588788][ T6355] loop2: detected capacity change from 0 to 16 [ 126.667717][ T6355] erofs: (device loop2): mounted with root inode @ nid 36. [ 129.839214][ T6381] netlink: 36 bytes leftover after parsing attributes in process `syz.2.140'. [ 129.853571][ T6381] netlink: 'syz.2.140': attribute type 10 has an invalid length. [ 129.864071][ T6381] syz_tun: entered promiscuous mode [ 129.930758][ T6381] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 131.723349][ T6397] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 132.808575][ T6407] netlink: 36 bytes leftover after parsing attributes in process `syz.3.151'. [ 132.828712][ T6407] netlink: 'syz.3.151': attribute type 10 has an invalid length. [ 132.863923][ T6407] syz_tun: entered promiscuous mode [ 132.900085][ T6407] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 133.034554][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.041257][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.542428][ T6410] xt_CT: No such helper "snmp_trap" [ 133.949045][ T6423] netlink: 36 bytes leftover after parsing attributes in process `syz.2.155'. [ 133.960024][ T48] bond0: (slave bond_slave_0): interface is now down [ 133.961685][ T6423] netlink: 'syz.2.155': attribute type 10 has an invalid length. [ 133.975345][ T48] bond0: (slave bond_slave_1): interface is now down [ 133.983319][ T48] bond0: (slave syz_tun): interface is now down [ 134.083165][ T48] bond0: (slave bond_slave_0): interface is now down [ 134.174887][ T48] bond0: (slave bond_slave_1): interface is now down [ 134.282262][ T48] bond0: (slave syz_tun): interface is now down [ 134.515610][ T48] bond0: now running without any active interface! [ 135.008561][ T6429] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 138.146295][ T6448] netlink: 36 bytes leftover after parsing attributes in process `syz.3.163'. [ 138.201456][ T6448] netlink: 'syz.3.163': attribute type 10 has an invalid length. [ 138.747715][ T6459] loop2: detected capacity change from 0 to 16 [ 138.762342][ T6459] erofs: (device loop2): mounted with root inode @ nid 36. [ 140.660231][ T6471] loop2: detected capacity change from 0 to 16 [ 140.674335][ T6471] erofs: (device loop2): mounted with root inode @ nid 36. [ 140.822891][ T6474] Bluetooth: MGMT ver 1.22 [ 141.742613][ T6481] netlink: 36 bytes leftover after parsing attributes in process `syz.1.173'. [ 141.789446][ T6481] netlink: 'syz.1.173': attribute type 10 has an invalid length. [ 142.226755][ T5900] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 143.475430][ T6496] tipc: Started in network mode [ 143.480429][ T6496] tipc: Node identity 52549482d5b3, cluster identity 4711 [ 143.488063][ T6496] tipc: Enabled bearer , priority 0 [ 143.599114][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.626188][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 143.652238][ T5900] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 143.875627][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.889964][ T5900] usb 3-1: config 0 descriptor?? [ 144.684538][ T5776] tipc: Node number set to 2280100994 [ 144.738374][ T6494] tipc: Disabling bearer [ 144.967005][ T6508] netlink: 36 bytes leftover after parsing attributes in process `syz.0.183'. [ 144.978605][ T6483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 145.004467][ T6483] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 145.023828][ T6508] netlink: 'syz.0.183': attribute type 10 has an invalid length. [ 145.084368][ T5900] cp2112 0003:10C4:EA90.0003: unknown main item tag 0x0 [ 145.124260][ T5900] cp2112 0003:10C4:EA90.0003: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0 [ 145.264765][ T5900] cp2112 0003:10C4:EA90.0003: Part Number: 0x81 Device Version: 0xD2 [ 145.479301][ T5900] cp2112 0003:10C4:EA90.0003: error requesting SMBus config [ 145.509079][ T5900] cp2112: probe of 0003:10C4:EA90.0003 failed with error -71 [ 145.572381][ T5900] usb 3-1: USB disconnect, device number 2 [ 149.353567][ T6537] tipc: Enabled bearer , priority 0 [ 149.854987][ T6535] tipc: Disabling bearer [ 150.121734][ T6548] overlayfs: overlapping lowerdir path [ 150.137647][ T6548] Driver unsupported XDP return value 0 on prog (id 105) dev N/A, expect packet loss! [ 150.151913][ T6548] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 150.496700][ T5825] usb 1-1: new low-speed USB device number 4 using dummy_hcd [ 150.748547][ T5825] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 150.775619][ T5825] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.816950][ T5825] usb 1-1: config 0 descriptor?? [ 151.864673][ T6563] loop2: detected capacity change from 0 to 128 [ 151.901690][ T6563] EXT4-fs (loop2): Test dummy encryption mode enabled [ 151.970174][ T6563] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 151.997523][ T6563] ext4 filesystem being mounted at /45/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 152.791391][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 153.070039][ T6552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.124707][ T6552] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.947488][ T6575] bridge0: entered promiscuous mode [ 153.965750][ T6575] macsec1: entered promiscuous mode [ 153.986325][ T6575] bridge0: port 3(macsec1) entered blocking state [ 154.020567][ T6575] bridge0: port 3(macsec1) entered disabled state [ 154.037151][ T6575] macsec1: entered allmulticast mode [ 154.052158][ T6575] bridge0: entered allmulticast mode [ 154.067376][ T6575] macsec1: left allmulticast mode [ 154.082950][ T6575] bridge0: left allmulticast mode [ 154.101665][ T6575] bridge0: left promiscuous mode [ 154.770360][ T6580] tipc: Started in network mode [ 154.775296][ T6580] tipc: Node identity e60d8a466df3, cluster identity 4711 [ 154.782861][ T6580] tipc: Enabled bearer , priority 0 [ 154.790732][ T5825] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 154.811624][ T5825] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0306: ffffffb9 [ 154.825180][ T5825] asix: probe of 1-1:0.0 failed with error -71 [ 154.850273][ T5825] usb 1-1: USB disconnect, device number 4 [ 155.307217][ T6577] tipc: Disabling bearer [ 156.119013][ T6594] loop2: detected capacity change from 0 to 16 [ 156.331780][ T6594] erofs: (device loop2): mounted with root inode @ nid 36. [ 156.358686][ T5797] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000] [ 156.376487][ T6594] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 156.388639][ T28] audit: type=1800 audit(1756455688.583:3): pid=6594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.209" name="file2" dev="loop2" ino=89 res=0 errno=0 [ 156.432581][ T6594] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 156.448631][ T6594] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192] [ 157.139214][ T5900] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 157.362367][ T5900] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 157.409660][ T5900] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2 [ 157.436759][ T5900] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 157.471953][ T5900] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5 [ 157.487145][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 157.495268][ T5900] usb 4-1: Product: syz [ 157.510410][ T6612] tipc: Enabling of bearer rejected, failed to enable media [ 157.529666][ T5900] usb 4-1: Manufacturer: syz [ 157.544378][ T5900] usb 4-1: SerialNumber: syz [ 157.555415][ T5900] usb 4-1: config 0 descriptor?? [ 158.083868][ T23] usb 4-1: USB disconnect, device number 5 [ 162.591103][ T6656] tipc: Enabled bearer , priority 0 [ 162.722769][ T6661] loop2: detected capacity change from 0 to 128 [ 162.730936][ T6661] EXT4-fs (loop2): Test dummy encryption mode enabled [ 162.766272][ T6661] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 162.835599][ T6661] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 163.128219][ T6643] tipc: Disabling bearer [ 164.990396][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 165.281472][ T6679] xt_CT: No such helper "snmp_trap" [ 165.557251][ T6689] loop2: detected capacity change from 0 to 256 [ 166.092926][ T6700] loop2: detected capacity change from 0 to 128 [ 166.108513][ T6700] EXT4-fs (loop2): Test dummy encryption mode enabled [ 166.222644][ T6700] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 166.344884][ T6705] tipc: Enabled bearer , priority 0 [ 166.374403][ T6700] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 166.489922][ T6699] overlayfs: failed to clone lowerpath [ 166.806255][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 166.925350][ T6696] tipc: Disabling bearer [ 168.255563][ T6724] loop2: detected capacity change from 0 to 256 [ 170.124903][ T6739] netlink: 24 bytes leftover after parsing attributes in process `syz.3.255'. [ 170.306890][ T6739] netlink: 16 bytes leftover after parsing attributes in process `syz.3.255'. [ 172.397492][ T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 172.518525][ T6783] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 172.617006][ T8] usb 4-1: Using ep0 maxpacket: 32 [ 172.624292][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 172.649263][ T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 172.686341][ T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 172.722752][ T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 172.804136][ T8] usb 4-1: config 0 descriptor?? [ 172.841684][ T8] hub 4-1:0.0: USB hub found [ 172.934742][ T6788] af_packet: tpacket_rcv: packet too big, clamped from 417 to 4294967272. macoff=96 [ 173.064652][ T8] hub 4-1:0.0: 1 port detected [ 173.287779][ T8] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 173.310215][ T8] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 173.352734][ T8] usbhid 4-1:0.0: can't add hid device: -71 [ 173.377530][ T8] usbhid: probe of 4-1:0.0 failed with error -71 [ 173.439539][ T8] usb 4-1: USB disconnect, device number 6 [ 174.909558][ T6806] loop2: detected capacity change from 0 to 128 [ 174.924655][ T6806] EXT4-fs (loop2): Test dummy encryption mode enabled [ 174.983680][ T6806] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 175.004084][ T6806] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 175.368748][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 178.253287][ T6852] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 178.714088][ T6850] netlink: 'syz.0.295': attribute type 10 has an invalid length. [ 179.215061][ T6864] x_tables: duplicate underflow at hook 1 [ 180.213279][ T6882] netlink: 'syz.1.306': attribute type 10 has an invalid length. [ 182.076083][ T5835] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 182.173200][ T5835] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 182.390402][ T6903] fido_id[6903]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 182.516061][ T6909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.315'. [ 182.525565][ T6909] netlink: 12 bytes leftover after parsing attributes in process `syz.2.315'. [ 182.534919][ T6909] netlink: 8 bytes leftover after parsing attributes in process `syz.2.315'. [ 184.363395][ T6915] netlink: 'syz.1.316': attribute type 10 has an invalid length. [ 184.896684][ T6932] netlink: 44 bytes leftover after parsing attributes in process `syz.2.320'. [ 188.950853][ T6948] netlink: 8 bytes leftover after parsing attributes in process `syz.1.327'. [ 188.959714][ T6948] netlink: 12 bytes leftover after parsing attributes in process `syz.1.327'. [ 191.506985][ T5794] Bluetooth: hci2: command 0x0406 tx timeout [ 191.513151][ T5797] Bluetooth: hci1: command 0x0406 tx timeout [ 191.519650][ T5790] Bluetooth: hci3: command 0x0406 tx timeout [ 192.849855][ T6977] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 194.450755][ T6985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'. [ 194.459774][ T6985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.337'. [ 194.474388][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.598529][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.200735][ T7011] netlink: 28 bytes leftover after parsing attributes in process `syz.1.346'. [ 198.214443][ T7011] netlink: 'syz.1.346': attribute type 10 has an invalid length. [ 199.104667][ T7021] netlink: 8 bytes leftover after parsing attributes in process `syz.0.349'. [ 199.113982][ T7021] netlink: 12 bytes leftover after parsing attributes in process `syz.0.349'. [ 202.048590][ T7028] xt_CT: No such helper "snmp_trap" [ 202.379308][ T7038] netlink: 28 bytes leftover after parsing attributes in process `syz.3.355'. [ 202.391222][ T7038] netlink: 'syz.3.355': attribute type 10 has an invalid length. [ 203.565665][ T7048] netlink: 8 bytes leftover after parsing attributes in process `syz.0.358'. [ 206.508366][ T7060] xt_CT: No such helper "snmp_trap" [ 206.833494][ T7065] netlink: 28 bytes leftover after parsing attributes in process `syz.3.364'. [ 206.858026][ T7065] netlink: 'syz.3.364': attribute type 10 has an invalid length. [ 206.906792][ T5797] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 206.917308][ T5797] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 206.945611][ T5797] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 206.966832][ T5797] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 206.982276][ T5797] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 206.990161][ T5797] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 207.069467][ T7072] input: syz1 as /devices/virtual/input/input5 [ 207.086777][ T7072] input: failed to attach handler leds to device input5, error: -6 [ 207.380394][ T7067] chnl_net:caif_netlink_parms(): no params data found [ 208.023999][ T7067] bridge0: port 1(bridge_slave_0) entered blocking state [ 208.031412][ T7067] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.040212][ T7067] bridge_slave_0: entered allmulticast mode [ 209.918752][ T5790] Bluetooth: hci4: command tx timeout [ 210.194630][ T7067] bridge_slave_0: entered promiscuous mode [ 210.209888][ T7067] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.246877][ T7067] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.276065][ T7067] bridge_slave_1: entered allmulticast mode [ 210.297005][ T7067] bridge_slave_1: entered promiscuous mode [ 210.401475][ T7104] netlink: 28 bytes leftover after parsing attributes in process `syz.3.373'. [ 210.448713][ T7067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.610409][ T7102] netlink: 'syz.3.373': attribute type 10 has an invalid length. [ 210.623090][ T7067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 211.998783][ T5797] Bluetooth: hci4: command tx timeout [ 214.067120][ T5797] Bluetooth: hci4: command tx timeout [ 214.350918][ T7067] team0: Port device team_slave_0 added [ 214.450592][ T7067] team0: Port device team_slave_1 added [ 214.591992][ T7067] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.613021][ T7067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.656883][ T7067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.677380][ T7067] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.684505][ T7067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.735160][ T7202] overlayfs: failed to resolve './file1': -2 [ 214.741453][ T7067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.772694][ T7201] netlink: 28 bytes leftover after parsing attributes in process `syz.3.383'. [ 214.801971][ T7201] netlink: 'syz.3.383': attribute type 10 has an invalid length. [ 214.919907][ T7195] xt_bpf: check failed: parse error [ 214.920801][ T7067] hsr_slave_0: entered promiscuous mode [ 214.969951][ T7067] hsr_slave_1: entered promiscuous mode [ 214.992366][ T7067] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 215.011808][ T7067] Cannot create hsr debugfs directory [ 215.551480][ T7067] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 216.094803][ T7067] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 216.182185][ T5797] Bluetooth: hci4: command tx timeout [ 216.234837][ T7067] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 216.275205][ T7067] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 216.484167][ T7067] 8021q: adding VLAN 0 to HW filter on device bond0 [ 216.549794][ T7067] 8021q: adding VLAN 0 to HW filter on device team0 [ 216.599042][ T7170] bridge0: port 1(bridge_slave_0) entered blocking state [ 216.606179][ T7170] bridge0: port 1(bridge_slave_0) entered forwarding state [ 216.635996][ T7170] bridge0: port 2(bridge_slave_1) entered blocking state [ 216.643207][ T7170] bridge0: port 2(bridge_slave_1) entered forwarding state [ 217.405858][ T7237] netlink: 28 bytes leftover after parsing attributes in process `syz.3.391'. [ 217.422409][ T7237] netlink: 'syz.3.391': attribute type 10 has an invalid length. [ 218.776242][ T7067] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.495975][ T7067] veth0_vlan: entered promiscuous mode [ 221.545867][ T7067] veth1_vlan: entered promiscuous mode [ 221.675969][ T7067] veth0_macvtap: entered promiscuous mode [ 221.723285][ T7067] veth1_macvtap: entered promiscuous mode [ 221.786145][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.786202][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.786212][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.786224][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.786232][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.786243][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.786253][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.786265][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.790238][ T7067] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.869362][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.869382][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.869393][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.869404][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.869413][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.869424][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.869433][ T7067] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.869444][ T7067] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.870862][ T7067] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.887186][ T7067] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.887261][ T7067] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.887286][ T7067] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.887309][ T7067] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 222.961117][ T7167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 222.961168][ T7167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 223.300789][ T7167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 223.300810][ T7167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 224.221886][ T7291] loop4: detected capacity change from 0 to 16 [ 224.344180][ T7291] erofs: (device loop4): mounted with root inode @ nid 36. [ 224.473330][ T7291] syz.4.360: attempt to access beyond end of device [ 224.473330][ T7291] loop4: rw=524288, sector=34359738360, nr_sectors = 1984 limit=16 [ 226.608193][ T7300] netlink: 8 bytes leftover after parsing attributes in process `syz.1.407'. [ 227.736947][ T27] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 227.844105][ T7298] loop4: detected capacity change from 0 to 40427 [ 227.888198][ T7298] F2FS-fs (loop4): Fix alignment : internally, start(4096) end(16896) block(12288) [ 227.925261][ T7298] F2FS-fs (loop4): invalid crc value [ 227.944494][ T7298] F2FS-fs (loop4): invalid crc value [ 227.964625][ T7298] F2FS-fs (loop4): Failed to get valid F2FS checkpoint [ 228.975396][ T27] usb 4-1: Using ep0 maxpacket: 32 [ 228.982745][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 228.997523][ T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 229.043410][ T27] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40 [ 229.105087][ T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 229.155284][ T27] usb 4-1: config 0 descriptor?? [ 229.180677][ T27] hub 4-1:0.0: USB hub found [ 229.351038][ T7325] netlink: 12 bytes leftover after parsing attributes in process `syz.0.415'. [ 229.385812][ T27] hub 4-1:0.0: 10 ports detected [ 229.397139][ T27] hub 4-1:0.0: insufficient power available to use all downstream ports [ 229.584728][ T7329] loop4: detected capacity change from 0 to 128 [ 229.593026][ T27] hub 4-1:0.0: hub_hub_status failed (err = -71) [ 229.613929][ T27] hub 4-1:0.0: config failed, can't get hub status (err -71) [ 229.623984][ T7329] EXT4-fs (loop4): Test dummy encryption mode enabled [ 229.644828][ T27] usbhid 4-1:0.0: can't add hid device: -71 [ 229.656552][ T27] usbhid: probe of 4-1:0.0 failed with error -71 [ 229.704393][ T7329] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 229.733350][ T7329] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 229.748191][ T27] usb 4-1: USB disconnect, device number 7 [ 230.446348][ T7343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.421'. [ 232.563649][ T7377] netlink: 8 bytes leftover after parsing attributes in process `syz.1.432'. [ 233.603670][ T7067] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 234.895652][ T7405] netlink: 8 bytes leftover after parsing attributes in process `syz.4.442'. [ 239.406002][ T7425] 9pnet_fd: Insufficient options for proto=fd [ 239.875192][ T7434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.455'. [ 242.284311][ T7453] 9pnet_fd: Insufficient options for proto=fd [ 242.734990][ T7465] 9pnet_fd: Insufficient options for proto=fd [ 243.285462][ T7471] netlink: 8 bytes leftover after parsing attributes in process `syz.3.466'. [ 244.596149][ T7479] 9pnet_fd: Insufficient options for proto=fd [ 245.214723][ T5797] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 247.483603][ T7500] netlink: 8 bytes leftover after parsing attributes in process `syz.4.477'. [ 249.110058][ T7523] syz.0.485[7523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 249.110191][ T7523] syz.0.485[7523] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 250.265089][ T7534] netlink: 'syz.4.489': attribute type 10 has an invalid length. [ 250.307204][ T7534] syz_tun: entered promiscuous mode [ 250.377801][ T7534] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 251.674279][ T7555] netlink: 96 bytes leftover after parsing attributes in process `syz.1.495'. [ 252.713103][ T7562] netlink: 8 bytes leftover after parsing attributes in process `syz.1.497'. [ 252.880258][ T7568] netlink: 'syz.0.499': attribute type 10 has an invalid length. [ 254.838321][ T5835] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 255.164932][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 255.384926][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 255.619602][ T5835] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 255.628817][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 255.648347][ T5835] usb 4-1: config 0 descriptor?? [ 255.914499][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.921377][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.117760][ T5835] cp2112 0003:10C4:EA90.0005: unknown main item tag 0x0 [ 256.155398][ T5835] cp2112 0003:10C4:EA90.0005: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0 [ 256.305491][ T5835] cp2112 0003:10C4:EA90.0005: Part Number: 0x81 Device Version: 0xD2 [ 256.508946][ T5835] cp2112 0003:10C4:EA90.0005: error requesting SMBus config [ 256.534767][ T5835] cp2112: probe of 0003:10C4:EA90.0005 failed with error -71 [ 256.574738][ T5835] usb 4-1: USB disconnect, device number 8 [ 256.809107][ T7609] syz.4.511[7609] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 256.809239][ T7609] syz.4.511[7609] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 256.826083][ T7609] overlayfs: statfs failed on './file0' [ 257.526150][ T7621] netlink: 8 bytes leftover after parsing attributes in process `syz.0.516'. [ 257.697397][ T7622] loop4: detected capacity change from 0 to 1024 [ 257.717873][ T7622] EXT4-fs: Ignoring removed nobh option [ 257.737691][ T7622] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 257.806337][ T7622] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.515: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 257.872832][ T7622] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.515: couldn't read orphan inode 11 (err -117) [ 257.967371][ T7622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 258.775941][ T7067] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 259.394648][ T7640] overlayfs: failed to clone lowerpath [ 262.376823][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 262.576981][ T9] usb 4-1: Using ep0 maxpacket: 32 [ 262.591595][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10 [ 262.632125][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 262.666832][ T9] usb 4-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00 [ 262.712922][ T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 262.810285][ T9] usb 4-1: config 0 descriptor?? [ 263.176744][ T7666] kthread_run failed with err -4 [ 263.291993][ T9] wacom 0003:056A:0315.0006: Unknown device_type for 'HID 056a:0315'. Assuming pen. [ 263.358687][ T9] wacom 0003:056A:0315.0006: hidraw0: USB HID v0.07 Device [HID 056a:0315] on usb-dummy_hcd.3-1/input0 [ 263.448399][ T9] input: Wacom Intuos Pro M Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0315.0006/input/input6 [ 263.697267][ T9] usb 4-1: USB disconnect, device number 9 [ 263.734451][ T7682] netlink: 8 bytes leftover after parsing attributes in process `syz.4.531'. [ 263.912121][ T7676] fido_id[7676]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory [ 264.249547][ T7687] overlayfs: failed to clone lowerpath [ 265.833788][ T7711] loop4: detected capacity change from 0 to 512 [ 265.981789][ T7711] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.540: corrupted in-inode xattr: invalid ea_ino [ 265.999657][ T7711] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.540: couldn't read orphan inode 15 (err -117) [ 266.022496][ T7711] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 267.418455][ T7723] overlayfs: failed to clone lowerpath [ 267.744529][ T7725] netlink: 8 bytes leftover after parsing attributes in process `syz.0.548'. [ 267.916342][ T7067] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 268.279611][ T7733] loop4: detected capacity change from 0 to 16 [ 268.315579][ T7733] erofs: (device loop4): mounted with root inode @ nid 36. [ 270.272321][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.559'. [ 272.818231][ T7783] netlink: 8 bytes leftover after parsing attributes in process `syz.1.571'. [ 276.190500][ T7819] netlink: 8 bytes leftover after parsing attributes in process `syz.4.585'. [ 278.926917][ T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 279.139687][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 279.172301][ T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 279.196947][ T9] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 279.215978][ T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 279.248206][ T9] usb 5-1: config 0 descriptor?? [ 279.832037][ T9] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0 [ 279.842730][ T9] cp2112 0003:10C4:EA90.0007: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0 [ 280.325775][ T9] cp2112 0003:10C4:EA90.0007: Part Number: 0x81 Device Version: 0xD2 [ 280.555398][ T9] cp2112 0003:10C4:EA90.0007: error requesting SMBus config [ 280.604871][ T9] cp2112: probe of 0003:10C4:EA90.0007 failed with error -71 [ 280.676170][ T9] usb 5-1: USB disconnect, device number 2 [ 280.694918][ T7847] fido_id[7847]: Failed to read report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:10C4:EA90.0007/report_descriptor': No such device [ 280.822145][ T7854] netlink: 'syz.1.594': attribute type 10 has an invalid length. [ 281.341310][ T7859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.597'. [ 282.556202][ T7872] loop4: detected capacity change from 0 to 16 [ 282.615800][ T7872] erofs: (device loop4): mounted with root inode @ nid 36. [ 284.496317][ T7878] 9pnet_fd: Insufficient options for proto=fd [ 284.727879][ T7886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.605'. [ 284.736962][ T7886] netlink: 12 bytes leftover after parsing attributes in process `syz.4.605'. [ 286.626315][ T7908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.612'. [ 287.061015][ T7913] loop4: detected capacity change from 0 to 16 [ 287.092050][ T7913] erofs: (device loop4): mounted with root inode @ nid 36. [ 289.267468][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.4.616'. [ 289.276313][ T7920] netlink: 12 bytes leftover after parsing attributes in process `syz.4.616'. [ 289.285392][ T7920] netlink: 8 bytes leftover after parsing attributes in process `syz.4.616'. [ 290.227923][ T7930] xt_CT: No such helper "snmp_trap" [ 291.130764][ T7949] overlayfs: failed to clone lowerpath [ 291.990922][ T7948] netlink: 8 bytes leftover after parsing attributes in process `syz.0.625'. [ 292.511433][ T7959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.627'. [ 292.520656][ T7959] netlink: 12 bytes leftover after parsing attributes in process `syz.4.627'. [ 292.529662][ T7959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.627'. [ 294.197269][ T7970] xt_CT: No such helper "snmp_trap" [ 295.538476][ T7992] netlink: 8 bytes leftover after parsing attributes in process `syz.1.636'. [ 295.787824][ T7998] loop4: detected capacity change from 0 to 1024 [ 295.803573][ T7998] EXT4-fs: Ignoring removed nobh option [ 295.811153][ T7998] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 295.957906][ T7998] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.638: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 296.023961][ T7998] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.638: couldn't read orphan inode 11 (err -117) [ 296.930685][ T7998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 297.095311][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.639'. [ 297.128933][ T8008] netlink: 12 bytes leftover after parsing attributes in process `syz.0.639'. [ 297.171239][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.0.639'. [ 297.685847][ T7067] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 299.609564][ T8027] xt_CT: No such helper "snmp_trap" [ 299.768209][ T8036] netlink: 8 bytes leftover after parsing attributes in process `syz.3.648'. [ 300.144759][ T8044] loop4: detected capacity change from 0 to 128 [ 300.161276][ T8044] EXT4-fs (loop4): Test dummy encryption mode enabled [ 300.200409][ T8044] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 300.246370][ T8044] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 302.916113][ T8074] netlink: 96 bytes leftover after parsing attributes in process `syz.0.661'. [ 303.105783][ T8078] 9pnet_fd: Insufficient options for proto=fd [ 303.155983][ T7067] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 303.297632][ T8081] netlink: 'syz.4.664': attribute type 10 has an invalid length. [ 303.326262][ T8083] netlink: 8 bytes leftover after parsing attributes in process `syz.0.665'. [ 306.549373][ T8118] xt_CT: No such helper "snmp_trap" [ 307.016717][ T8123] netlink: 'syz.4.675': attribute type 10 has an invalid length. [ 307.199861][ T8125] 9pnet_fd: Insufficient options for proto=fd [ 307.301116][ T8129] netlink: 8 bytes leftover after parsing attributes in process `syz.4.677'. [ 310.129632][ T8147] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 312.574813][ T8166] netlink: 'syz.3.685': attribute type 10 has an invalid length. [ 315.901877][ T8192] xt_CT: No such helper "snmp_trap" [ 316.169827][ T8199] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 318.021207][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 318.032862][ T8204] loop4: detected capacity change from 0 to 256 [ 318.040659][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 319.412232][ T8210] netlink: 'syz.3.697': attribute type 10 has an invalid length. [ 322.206336][ T8239] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 323.174093][ T8230] xt_CT: No such helper "snmp_trap" [ 328.973182][ T8287] xt_CT: No such helper "snmp_trap" [ 329.746095][ T5790] Bluetooth: hci4: command 0x0406 tx timeout [ 330.210341][ T8298] tipc: Enabling of bearer rejected, failed to enable media [ 339.839180][ T8389] netlink: 'syz.0.745': attribute type 10 has an invalid length. [ 341.232160][ T8407] netlink: 96 bytes leftover after parsing attributes in process `syz.0.752'. [ 341.404133][ T8412] netlink: 'syz.3.754': attribute type 10 has an invalid length. [ 341.922802][ T8427] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 343.743437][ T8442] netlink: 'syz.1.766': attribute type 10 has an invalid length. [ 343.752725][ T8440] netlink: 96 bytes leftover after parsing attributes in process `syz.0.765'. [ 344.946897][ T8464] netlink: 'syz.0.776': attribute type 10 has an invalid length. [ 344.979367][ T8467] netlink: 96 bytes leftover after parsing attributes in process `syz.4.777'. [ 345.075502][ T8468] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 346.814379][ T8487] netlink: 'syz.4.786': attribute type 10 has an invalid length. [ 346.957407][ T8493] netlink: 96 bytes leftover after parsing attributes in process `syz.1.787'. [ 347.636102][ T8503] fuse: Bad value for 'fd' [ 348.025487][ T8513] netlink: 28 bytes leftover after parsing attributes in process `syz.3.796'. [ 348.036044][ T8513] netlink: 'syz.3.796': attribute type 10 has an invalid length. [ 348.345445][ T8518] netlink: 96 bytes leftover after parsing attributes in process `syz.1.798'. [ 348.474749][ T8519] overlayfs: failed to clone lowerpath [ 349.160662][ T8527] fuse: Bad value for 'fd' [ 349.467574][ T8533] netlink: 28 bytes leftover after parsing attributes in process `syz.0.805'. [ 349.485242][ T8533] netlink: 'syz.0.805': attribute type 10 has an invalid length. [ 350.450044][ T8550] xt_CT: No such helper "snmp_trap" [ 350.956850][ T8555] netlink: 96 bytes leftover after parsing attributes in process `syz.4.810'. [ 351.239162][ T8561] fuse: Bad value for 'fd' [ 351.560169][ T8569] overlayfs: failed to clone lowerpath [ 352.069153][ T8566] netlink: 28 bytes leftover after parsing attributes in process `syz.1.815'. [ 352.085747][ T8566] netlink: 'syz.1.815': attribute type 10 has an invalid length. [ 352.287046][ T8573] xt_CT: No such helper "snmp_trap" [ 352.339052][ T8578] netlink: 96 bytes leftover after parsing attributes in process `syz.3.819'. [ 353.434401][ T8598] netlink: 28 bytes leftover after parsing attributes in process `syz.1.826'. [ 353.445570][ T8598] netlink: 'syz.1.826': attribute type 10 has an invalid length. [ 353.961587][ T8606] overlayfs: failed to clone lowerpath [ 355.034165][ T8612] xt_CT: No such helper "snmp_trap" [ 356.353317][ T8622] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 357.075322][ T8634] netlink: 28 bytes leftover after parsing attributes in process `syz.4.837'. [ 357.116296][ T8634] netlink: 'syz.4.837': attribute type 10 has an invalid length. [ 357.752198][ T8646] overlayfs: failed to clone lowerpath [ 361.554592][ T8677] netlink: 28 bytes leftover after parsing attributes in process `syz.1.847'. [ 361.565314][ T8677] netlink: 'syz.1.847': attribute type 10 has an invalid length. [ 361.633269][ T8674] xt_CT: No such helper "snmp_trap" [ 364.991954][ T8707] netlink: 28 bytes leftover after parsing attributes in process `syz.4.856'. [ 365.035932][ T8707] netlink: 'syz.4.856': attribute type 10 has an invalid length. [ 365.324720][ T8716] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 369.444549][ T8741] netlink: 28 bytes leftover after parsing attributes in process `syz.1.868'. [ 369.458667][ T8741] netlink: 'syz.1.868': attribute type 10 has an invalid length. [ 369.691609][ T8745] xt_CT: No such helper "snmp_trap" [ 370.228480][ T8754] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 373.401936][ T8771] netlink: 28 bytes leftover after parsing attributes in process `syz.3.878'. [ 373.444602][ T8771] netlink: 'syz.3.878': attribute type 10 has an invalid length. [ 375.322587][ T8799] netlink: 28 bytes leftover after parsing attributes in process `syz.0.887'. [ 375.332967][ T8799] netlink: 'syz.0.887': attribute type 10 has an invalid length. [ 375.442581][ T8801] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 377.194187][ T8810] xt_CT: No such helper "snmp_trap" [ 377.290874][ T8812] sctp: failed to load transform for md5: -2 [ 377.799867][ T8822] netlink: 96 bytes leftover after parsing attributes in process `syz.3.894'. [ 378.248182][ T8836] netlink: 28 bytes leftover after parsing attributes in process `syz.0.899'. [ 378.259597][ T8836] netlink: 'syz.0.899': attribute type 10 has an invalid length. [ 378.801087][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.807735][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.075859][ T8850] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 380.982676][ T8854] xt_CT: No such helper "snmp_trap" [ 381.450621][ T8860] netlink: 96 bytes leftover after parsing attributes in process `syz.3.907'. [ 381.546040][ T8862] netlink: 28 bytes leftover after parsing attributes in process `syz.0.908'. [ 381.575714][ T8862] netlink: 'syz.0.908': attribute type 10 has an invalid length. [ 383.150375][ T8882] xt_CT: No such helper "snmp_trap" [ 383.391638][ T8889] netlink: 96 bytes leftover after parsing attributes in process `syz.3.918'. [ 383.621401][ T8892] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 384.183674][ T12] bond0: (slave bond_slave_0): interface is now down [ 384.240281][ T12] bond0: (slave bond_slave_1): interface is now down [ 384.284119][ T12] bond0: (slave syz_tun): interface is now down [ 384.353905][ T12] bond0: now running without any active interface! [ 387.106476][ T8921] xt_CT: No such helper "snmp_trap" [ 387.134199][ T7148] bond0: (slave bond_slave_0): interface is now down [ 387.158583][ T7148] bond0: (slave bond_slave_1): interface is now down [ 387.184135][ T7148] bond0: (slave syz_tun): interface is now down [ 387.224529][ T7148] bond0: now running without any active interface! [ 387.942412][ T8942] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 389.834214][ T8956] fuse: Bad value for 'group_id' [ 391.647394][ T8977] xt_CT: No such helper "snmp_trap" [ 392.309844][ T8985] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 393.013226][ T8988] fuse: Bad value for 'group_id' [ 396.560523][ T9022] fuse: Bad value for 'group_id' [ 398.921776][ T9049] fuse: Bad value for 'user_id' [ 399.890859][ T9054] xt_CT: No such helper "snmp_trap" [ 403.010846][ T9084] fuse: Bad value for 'user_id' [ 404.193512][ T9093] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 407.347640][ T9115] fuse: Bad value for 'user_id' [ 408.863803][ T9127] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 409.355568][ T9129] overlayfs: failed to clone upperpath [ 410.637608][ T9147] fuse: Bad value for 'user_id' [ 413.090662][ T9175] fuse: Bad value for 'user_id' [ 416.243183][ T9200] fuse: Bad value for 'user_id' [ 418.297501][ T9231] fuse: Unknown parameter 'grou00000000000000000000' [ 418.943982][ T9252] overlayfs: failed to clone lowerpath [ 420.157392][ T9259] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1041'. [ 420.374542][ T9263] fuse: Unknown parameter 'grou00000000000000000000' [ 422.688203][ T9287] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1052'. [ 422.837896][ T9290] fuse: Unknown parameter 'grou00000000000000000000' [ 423.767183][ T9298] xt_CT: No such helper "snmp_trap" [ 423.953603][ T9309] overlayfs: failed to clone lowerpath [ 425.309479][ T9317] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1061'. [ 425.368916][ T9321] fuse: Unknown parameter 'group_i00000000000000000000' [ 426.610163][ T9340] xt_CT: No such helper "snmp_trap" [ 428.085547][ T9349] fuse: Unknown parameter 'group_i00000000000000000000' [ 428.724013][ T9355] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1075'. [ 429.260067][ T9363] overlayfs: failed to clone lowerpath [ 429.756408][ T9375] fuse: Unknown parameter 'group_i00000000000000000000' [ 432.258401][ T9395] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 433.495761][ T9400] xt_CT: No such helper "snmp_trap" [ 433.595816][ T9403] overlayfs: failed to clone lowerpath [ 435.148404][ T9411] fuse: Unknown parameter 'group_id00000000000000000000' [ 437.058125][ T9437] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1099'. [ 439.408711][ T9453] xt_CT: No such helper "snmp_trap" [ 440.357024][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.364354][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.964321][ T9464] tipc: Enabling of bearer rejected, failed to enable media [ 445.015950][ T9506] tipc: Enabling of bearer rejected, failed to enable media [ 448.373583][ T9524] xt_CT: No such helper "snmp_trap" [ 448.812156][ T9532] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1123'. [ 449.068761][ T9537] tipc: Enabling of bearer rejected, failed to enable media [ 449.927773][ T9542] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1128'. [ 449.937547][ T9542] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1128'. [ 450.326120][ T9553] tipc: Enabling of bearer rejected, failed to enable media [ 453.313800][ T9578] overlayfs: failed to clone lowerpath [ 454.769351][ T9588] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1138'. [ 455.157710][ T9594] tipc: Enabling of bearer rejected, failed to enable media [ 455.932755][ T9596] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1141'. [ 455.941905][ T9596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1141'. [ 458.290715][ T9630] overlayfs: failed to clone lowerpath [ 459.768047][ T9640] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1153'. [ 459.777503][ T9640] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1153'. [ 460.698365][ T9648] fuse: Bad value for 'user_id' [ 462.503503][ T9672] fuse: Bad value for 'user_id' [ 462.523266][ T9674] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1167'. [ 462.532246][ T9674] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1167'. [ 463.737744][ T9688] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1171'. [ 466.432429][ T9718] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1180'. [ 466.441600][ T9718] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1180'. [ 467.778879][ T9725] xt_CT: No such helper "snmp_trap" [ 471.222594][ T9756] xt_CT: No such helper "snmp_trap" [ 471.680418][ T9772] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1196'. [ 471.738356][ T9777] bond0: (slave syz_tun): Releasing backup interface [ 471.812537][ T9777] bridge_slave_0: left allmulticast mode [ 471.823101][ T9777] bridge_slave_0: left promiscuous mode [ 471.835010][ T9777] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.893432][ T9777] bridge_slave_1: left allmulticast mode [ 471.924277][ T9777] bridge_slave_1: left promiscuous mode [ 471.945768][ T9777] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.963298][ T9777] bond0: (slave bond_slave_0): Releasing backup interface [ 471.979654][ T9777] bond0: (slave bond_slave_1): Releasing backup interface [ 472.154131][ T9777] team0: Port device team_slave_0 removed [ 472.735204][ T9777] team0: Port device team_slave_1 removed [ 472.767289][ T9777] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 472.781399][ T9777] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 472.793550][ T9777] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 472.810896][ T9777] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 472.845401][ T9783] vlan0: entered promiscuous mode [ 472.895751][ T9783] team0: Port device vlan0 added [ 472.991373][ T9792] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 473.941316][ T9808] xt_CT: No such helper "snmp_trap" [ 483.288860][ T9927] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 484.161571][ T9934] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1259'. [ 485.549450][ T9954] 9pnet_fd: Insufficient options for proto=fd [ 485.801736][ T9960] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1269'. [ 488.281299][ T9997] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 489.606848][T10005] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1281'. [ 493.519317][T10038] overlayfs: failed to clone lowerpath [ 497.108571][T10088] overlayfs: failed to clone lowerpath [ 498.946171][T10096] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 505.963086][T10109] xt_CT: No such helper "snmp_trap" [ 505.968024][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.173118][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.923222][T10131] netlink: 87 bytes leftover after parsing attributes in process `syz.4.1323'. [ 506.932632][T10131] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 506.940220][T10131] IPv6: NLM_F_CREATE should be set when creating new route [ 506.947604][T10131] IPv6: NLM_F_CREATE should be set when creating new route [ 507.861047][T10135] Invalid ELF header magic: != ELF [ 508.289432][T10143] xt_CT: No such helper "snmp_trap" [ 508.643028][T10150] overlayfs: failed to clone lowerpath [ 509.087668][T10157] fuse: Unknown parameter 'user00000000000000000000004' [ 511.858097][T10185] xt_CT: No such helper "snmp_trap" [ 512.652660][T10194] fuse: Unknown parameter 'user00000000000000000000004' [ 512.931624][T10203] overlayfs: failed to clone lowerpath [ 515.244433][T10224] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1353'. [ 515.454086][T10228] fuse: Unknown parameter 'user00000000000000000000004' [ 516.777881][T10243] overlayfs: failed to clone lowerpath [ 517.531717][ T28] audit: type=1326 audit(1756456049.713:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.555073][ T28] audit: type=1326 audit(1756456049.733:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.671064][ T28] audit: type=1326 audit(1756456049.733:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.718286][T10253] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1364'. [ 517.726795][ T28] audit: type=1326 audit(1756456049.733:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.770645][ T28] audit: type=1326 audit(1756456049.743:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.836742][ T28] audit: type=1326 audit(1756456049.743:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.886665][ T28] audit: type=1326 audit(1756456049.743:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 517.947250][T10257] 9pnet_fd: Insufficient options for proto=fd [ 517.963291][ T28] audit: type=1326 audit(1756456049.743:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 518.016185][ T28] audit: type=1326 audit(1756456049.743:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 518.034277][T10260] fuse: Unknown parameter 'user_i00000000000000000000004' [ 518.079082][ T28] audit: type=1326 audit(1756456049.743:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10247 comm="syz.4.1361" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 518.468886][T10274] 9pnet_fd: Insufficient options for proto=fd [ 518.637646][T10279] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1375'. [ 519.654127][T10268] xt_CT: No such helper "snmp_trap" [ 519.781921][T10294] fuse: Unknown parameter 'user_i00000000000000000000004' [ 521.198050][T10319] overlayfs: failed to clone lowerpath [ 523.424009][T10333] fuse: Unknown parameter 'user_i00000000000000000000004' [ 524.219070][T10340] mmap: syz.4.1394 (10340) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 524.768951][T10349] tipc: Enabling of bearer rejected, failed to enable media [ 525.338452][T10351] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1398'. [ 527.686025][T10379] xt_CT: No such helper "snmp_trap" [ 527.956440][T10385] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1409'. [ 528.699894][T10397] overlayfs: failed to resolve './file0': -2 [ 528.946251][T10408] overlayfs: failed to clone lowerpath [ 529.025157][T10412] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1418'. [ 530.757483][T10425] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 534.105994][T10430] xt_CT: No such helper "snmp_trap" [ 537.315182][T10479] fuse: Bad value for 'fd' [ 537.423739][T10481] overlayfs: failed to clone lowerpath [ 538.810698][T10493] overlayfs: failed to clone upperpath [ 541.535334][T10527] fuse: Unknown parameter '0x0000000000000006' [ 541.706986][T10531] overlayfs: failed to clone lowerpath [ 544.149106][T10553] tipc: Enabling of bearer rejected, failed to enable media [ 544.274405][T10560] fuse: Unknown parameter '0x0000000000000006' [ 546.510202][T10573] overlayfs: failed to clone lowerpath [ 547.054967][T10590] fuse: Unknown parameter '0x0000000000000006' [ 547.115218][T10592] 9p: Unknown Cache mode or invalid value fsca [ 549.999831][T10618] fuse: Unknown parameter '0x0000000000000006' [ 550.124128][T10625] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1480'. [ 550.315230][T10622] tipc: Enabling of bearer rejected, failed to enable media [ 550.415780][T10632] overlayfs: failed to clone lowerpath [ 552.687288][T10654] fuse: Unknown parameter '0x0000000000000006' [ 552.953656][T10658] tipc: Enabling of bearer rejected, failed to enable media [ 553.303667][T10677] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1501'. [ 553.434393][T10683] fuse: Unknown parameter '0x0000000000000006' [ 553.788837][T10690] tipc: Enabling of bearer rejected, failed to enable media [ 554.098425][T10703] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1513'. [ 554.298810][T10708] fuse: Unknown parameter 'fd0x0000000000000006' [ 555.336931][T10722] tipc: Enabling of bearer rejected, failed to enable media [ 556.149504][T10734] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1525'. [ 557.358036][T10752] xt_CT: No such helper "snmp_trap" [ 558.658224][T10773] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1539'. [ 560.151963][T10802] overlayfs: failed to clone upperpath [ 560.963722][T10808] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1553'. [ 561.053687][T10814] bond0: (slave syz_tun): Releasing backup interface [ 561.130439][T10814] bridge_slave_0: left allmulticast mode [ 561.172012][T10814] bridge_slave_0: left promiscuous mode [ 561.200791][T10814] bridge0: port 1(bridge_slave_0) entered disabled state [ 561.214692][T10814] bridge_slave_1: left allmulticast mode [ 561.220963][T10814] bridge_slave_1: left promiscuous mode [ 561.227019][T10814] bridge0: port 2(bridge_slave_1) entered disabled state [ 561.241029][T10814] bond0: (slave bond_slave_0): Releasing backup interface [ 561.900614][T10814] bond0: (slave bond_slave_1): Releasing backup interface [ 562.063789][T10814] team0: Port device team_slave_0 removed [ 562.071413][T10825] capability: warning: `syz.0.1560' uses 32-bit capabilities (legacy support in use) [ 562.128450][T10814] team0: Port device team_slave_1 removed [ 562.135095][T10814] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 562.175299][T10814] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 562.222964][T10814] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 562.238675][T10814] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 562.259931][T10815] vlan0: entered promiscuous mode [ 562.291497][T10815] team0: Port device vlan0 added [ 563.112564][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.120548][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.409807][T10843] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1566'. [ 565.568056][T10871] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1577'. [ 568.292078][T10906] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1591'. [ 568.390399][T10911] 9pnet_fd: Insufficient options for proto=fd [ 572.191404][T10959] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 572.223215][T10959] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 573.033780][T10966] 9pnet_fd: Insufficient options for proto=fd [ 573.621125][T10982] 9pnet_fd: Insufficient options for proto=fd [ 576.208720][T11011] xt_CT: No such helper "snmp_trap" [ 576.420464][T11016] 9pnet_fd: Insufficient options for proto=fd [ 578.828235][T11038] IPVS: set_ctl: invalid protocol: 50 172.20.20.187:20003 [ 582.695867][T11087] xt_CT: No such helper "snmp_trap" [ 586.738150][T11122] xt_CT: No such helper "snmp_trap" [ 588.243906][T11139] 9pnet_fd: Insufficient options for proto=fd [ 589.736288][T11155] xt_CT: No such helper "snmp_trap" [ 590.910278][T11179] 9pnet_fd: Insufficient options for proto=fd [ 593.894559][T11211] 9pnet_fd: Insufficient options for proto=fd [ 595.383164][T11229] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 595.424490][T11229] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 595.436279][T11229] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 595.457447][T11229] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 595.487074][T11229] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 595.498541][T11229] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 596.015281][T11240] xt_NFQUEUE: number of queues (65534) out of range (got 131068) [ 597.171282][T11242] xt_CT: No such helper "snmp_trap" [ 597.587354][T11229] Bluetooth: hci5: command tx timeout [ 597.711913][T11226] chnl_net:caif_netlink_parms(): no params data found [ 598.129616][T11226] bridge0: port 1(bridge_slave_0) entered blocking state [ 598.146523][T11254] 9pnet_fd: Insufficient options for proto=fd [ 598.151451][T11226] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.173109][T11226] bridge_slave_0: entered allmulticast mode [ 598.183307][T11226] bridge_slave_0: entered promiscuous mode [ 598.219463][T11226] bridge0: port 2(bridge_slave_1) entered blocking state [ 598.238899][T11226] bridge0: port 2(bridge_slave_1) entered disabled state [ 598.261867][T11226] bridge_slave_1: entered allmulticast mode [ 598.289330][T11226] bridge_slave_1: entered promiscuous mode [ 598.354006][T11226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 598.389021][T11226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 598.489920][T11226] team0: Port device team_slave_0 added [ 598.519680][T11226] team0: Port device team_slave_1 added [ 598.591373][T11265] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1695'. [ 598.601563][T11265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1695'. [ 598.613450][T11265] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1695'. [ 598.852160][T11265] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1695'. [ 599.372269][T11226] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 599.392383][T11226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 599.421467][T11226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 599.443421][T11226] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 599.453777][T11226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 599.487651][T11226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 599.519052][T11277] 9pnet_fd: Insufficient options for proto=fd [ 599.574536][T11226] hsr_slave_0: entered promiscuous mode [ 599.594895][T11226] hsr_slave_1: entered promiscuous mode [ 599.612502][T11226] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 599.626385][T11226] Cannot create hsr debugfs directory [ 599.687419][T11229] Bluetooth: hci5: command tx timeout [ 600.561459][T11226] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 600.608154][T11226] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 600.655416][T11226] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 600.703621][T11226] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 600.994978][T11226] 8021q: adding VLAN 0 to HW filter on device bond0 [ 601.189811][T11226] 8021q: adding VLAN 0 to HW filter on device team0 [ 601.270342][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 601.278386][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 601.766928][T11229] Bluetooth: hci5: command tx timeout [ 601.896359][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 601.903600][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 602.493244][T11226] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 603.926723][T11229] Bluetooth: hci5: command tx timeout [ 605.293795][T11226] veth0_vlan: entered promiscuous mode [ 605.366204][T11226] veth1_vlan: entered promiscuous mode [ 605.494162][T11226] veth0_macvtap: entered promiscuous mode [ 605.526218][T11226] veth1_macvtap: entered promiscuous mode [ 605.601147][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.629546][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.674968][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.685706][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.697358][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 605.707886][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.719656][T11226] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 605.730748][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 605.747222][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 605.765243][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 606.212855][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 606.359289][T11226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 606.406743][T11226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 606.456359][T11226] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 606.504227][T11226] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 606.524325][T11226] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 606.545459][T11226] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 606.573111][T11226] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 606.794550][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 606.838569][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 606.946512][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 606.963826][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 607.190411][T11394] loop5: detected capacity change from 0 to 128 [ 607.293466][T11394] EXT4-fs (loop5): Test dummy encryption mode enabled [ 607.367965][T11394] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 607.417488][T11394] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 608.453558][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 608.934475][T11415] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1740'. [ 613.000765][T11456] loop5: detected capacity change from 0 to 512 [ 613.028612][T11456] EXT4-fs: Ignoring removed nomblk_io_submit option [ 613.528491][T11456] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal [ 617.036138][T11498] loop5: detected capacity change from 0 to 1024 [ 617.139300][T11498] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 617.377683][T11501] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 617.499979][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 619.329224][T11540] syz.1.1779[11540] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 619.329446][T11540] syz.1.1779[11540] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 619.550066][T11544] tipc: Started in network mode [ 619.568528][T11544] tipc: Node identity 622544b74019, cluster identity 4711 [ 619.579766][T11544] tipc: Enabled bearer , priority 0 [ 620.058611][T11535] tipc: Disabling bearer [ 620.139010][ T28] kauditd_printk_skb: 14 callbacks suppressed [ 620.139023][ T28] audit: type=1326 audit(1756456152.323:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.171424][ T28] audit: type=1326 audit(1756456152.363:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.232304][ T28] audit: type=1326 audit(1756456152.363:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.255060][ T28] audit: type=1326 audit(1756456152.393:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.315553][ T28] audit: type=1326 audit(1756456152.393:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=196 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.555597][ T28] audit: type=1326 audit(1756456152.393:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.640429][ T28] audit: type=1326 audit(1756456152.393:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.757234][ T28] audit: type=1326 audit(1756456152.393:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 620.781437][ T28] audit: type=1326 audit(1756456152.393:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11549 comm="syz.4.1782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3c1398ebe9 code=0x7ffc0000 [ 622.354393][T11577] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1792'. [ 622.403670][T11577] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1792'. [ 624.552749][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.562361][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.951960][T11619] loop5: detected capacity change from 0 to 512 [ 625.976810][T11619] EXT4-fs: Ignoring removed nomblk_io_submit option [ 626.540541][T11619] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal [ 629.393727][T11657] loop5: detected capacity change from 0 to 128 [ 629.421044][T11657] EXT4-fs (loop5): Test dummy encryption mode enabled [ 629.452828][T11657] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 629.500733][T11657] ext4 filesystem being mounted at /19/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 630.581592][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 633.656282][T11667] loop5: detected capacity change from 0 to 512 [ 633.663484][T11667] EXT4-fs: Ignoring removed nomblk_io_submit option [ 633.713986][T11667] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal [ 634.237967][T11694] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1826'. [ 634.283480][T11694] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1826'. [ 636.666399][T11742] loop5: detected capacity change from 0 to 128 [ 636.698275][T11742] EXT4-fs (loop5): Test dummy encryption mode enabled [ 636.759786][T11742] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 636.792660][T11748] overlayfs: failed to clone lowerpath [ 636.893045][T11742] ext4 filesystem being mounted at /22/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 638.014036][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 638.581091][T11767] loop5: detected capacity change from 0 to 1024 [ 638.595032][T11767] EXT4-fs: Ignoring removed mblk_io_submit option [ 638.617346][T11767] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 638.656912][T11767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 639.470546][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 640.772288][T11798] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1864'. [ 642.297989][T11833] overlayfs: failed to clone lowerpath [ 644.553410][T11884] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1898'. [ 644.917136][T11891] overlayfs: failed to clone lowerpath [ 646.454667][T11906] 9pnet_fd: Insufficient options for proto=fd [ 646.713541][T11908] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 646.838375][T11914] loop5: detected capacity change from 0 to 128 [ 646.876868][T11914] EXT4-fs (loop5): Test dummy encryption mode enabled [ 646.985440][T11914] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 647.045560][T11914] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 648.088061][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 648.618429][T11934] 9pnet_fd: Insufficient options for proto=fd [ 648.729831][T11936] overlayfs: failed to clone lowerpath [ 652.126210][T11978] overlayfs: failed to clone lowerpath [ 653.753129][T11999] loop5: detected capacity change from 0 to 1024 [ 653.767869][T11999] EXT4-fs: Ignoring removed bh option [ 653.773509][T11999] EXT4-fs: Ignoring removed nobh option [ 654.877507][T11999] EXT4-fs: inline encryption not supported [ 654.931453][T11999] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 655.026789][T11999] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 655.944022][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 664.326896][T12124] loop5: detected capacity change from 0 to 1024 [ 664.334309][T12124] EXT4-fs: Ignoring removed oldalloc option [ 664.394609][T12124] EXT4-fs: Ignoring removed orlov option [ 664.438045][ T28] audit: type=1326 audit(1756456196.613:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 664.466231][ T28] audit: type=1326 audit(1756456196.613:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 664.490674][T12124] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 665.028534][ T28] audit: type=1326 audit(1756456196.623:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 665.062449][ T28] audit: type=1326 audit(1756456196.623:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 665.085969][ T28] audit: type=1326 audit(1756456196.623:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 665.109000][ T28] audit: type=1326 audit(1756456196.623:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 665.134263][ T28] audit: type=1326 audit(1756456196.623:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.1.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f027d98ebe9 code=0x7ffc0000 [ 665.238375][T12124] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 665.463897][T12143] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4031: comm syz.5.1980: Allocating blocks 433-513 which overlap fs metadata [ 665.592494][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 666.998149][T11342] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 667.538352][T11342] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 667.567059][T11342] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 667.608780][T11342] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00 [ 667.639264][T11342] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 667.672718][T11342] usb 6-1: config 0 descriptor?? [ 668.933210][ C1] raw-gadget.0 gadget.5: ignoring, device is not running [ 668.957765][T11342] usbhid 6-1:0.0: can't add hid device: -71 [ 668.977635][T11342] usbhid: probe of 6-1:0.0 failed with error -71 [ 669.001319][T11342] usb 6-1: USB disconnect, device number 2 [ 669.087825][T12194] overlayfs: failed to clone upperpath [ 670.285422][T12196] syz.0.2006[12196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 670.285549][T12196] syz.0.2006[12196] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 670.451236][T12211] loop5: detected capacity change from 0 to 512 [ 670.568817][T12211] EXT4-fs: Ignoring removed nobh option [ 670.603942][T12211] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 670.635999][T12211] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 670.654793][T12211] EXT4-fs (loop5): 1 truncate cleaned up [ 670.689534][T12211] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 670.789328][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 671.079584][T12226] loop5: detected capacity change from 0 to 128 [ 671.081077][T12225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2015'. [ 671.113653][T12226] EXT4-fs (loop5): Test dummy encryption mode enabled [ 671.127496][T12225] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 671.154528][T12226] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 671.198698][T12226] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 672.227459][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 672.995484][T12244] loop5: detected capacity change from 0 to 512 [ 673.042742][T12244] EXT4-fs: Ignoring removed nobh option [ 673.051187][T12244] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 673.071793][T12244] EXT4-fs (loop5): 1 truncate cleaned up [ 673.079772][T12244] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 673.171683][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 674.443404][T12270] loop5: detected capacity change from 0 to 128 [ 674.479347][T12270] EXT4-fs (loop5): Test dummy encryption mode enabled [ 674.581358][T12270] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 674.643720][T12270] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 676.459215][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 678.731384][T12334] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2052'. [ 679.697094][T12360] overlayfs: failed to clone upperpath [ 681.437980][T12405] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check. [ 681.695976][T12416] netlink: 84 bytes leftover after parsing attributes in process `syz.4.2086'. [ 683.563885][T12444] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2097'. [ 684.877986][T12463] vlan3: entered allmulticast mode [ 684.883407][T12463] bridge0: port 3(vlan3) entered blocking state [ 684.907837][T12463] bridge0: port 3(vlan3) entered disabled state [ 684.923326][T12463] vlan3: entered promiscuous mode [ 684.937804][T12463] bridge0: mtu less than device minimum [ 686.455818][ T1285] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.465790][ T1285] ieee802154 phy1 wpan1: encryption failed: -22 [ 686.816425][T12500] loop5: detected capacity change from 0 to 128 [ 687.158226][ T7145] kworker/u4:14: attempt to access beyond end of device [ 687.158226][ T7145] loop5: rw=1, sector=145, nr_sectors = 896 limit=128 [ 689.399018][T12531] loop5: detected capacity change from 0 to 1024 [ 689.419195][T12531] EXT4-fs: Ignoring removed oldalloc option [ 689.425380][T12531] EXT4-fs: Ignoring removed orlov option [ 689.443892][T12531] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 689.546898][T12531] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 689.614970][T12538] 9pnet_fd: Insufficient options for proto=fd [ 689.771143][T12539] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4031: comm syz.5.2131: Allocating blocks 433-513 which overlap fs metadata [ 691.535665][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 691.575615][T12549] overlayfs: failed to clone upperpath [ 692.037658][T12566] 9pnet_fd: Insufficient options for proto=fd [ 697.236931][T12634] netlink: 84 bytes leftover after parsing attributes in process `syz.0.2169'. [ 697.934667][ T5797] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 697.953466][ T5797] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 697.965196][ T5797] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 697.978447][ T5797] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 697.993022][ T5797] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 698.007406][ T5797] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 699.410759][T12648] chnl_net:caif_netlink_parms(): no params data found [ 699.789748][T12648] bridge0: port 1(bridge_slave_0) entered blocking state [ 699.812624][T12648] bridge0: port 1(bridge_slave_0) entered disabled state [ 699.831213][T12648] bridge_slave_0: entered allmulticast mode [ 699.853627][T12648] bridge_slave_0: entered promiscuous mode [ 699.897692][T12648] bridge0: port 2(bridge_slave_1) entered blocking state [ 699.927573][T12648] bridge0: port 2(bridge_slave_1) entered disabled state [ 699.956956][T12648] bridge_slave_1: entered allmulticast mode [ 699.964291][T12648] bridge_slave_1: entered promiscuous mode [ 700.067418][ T5797] Bluetooth: hci6: command tx timeout [ 700.110620][T12648] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 700.144907][T12648] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 700.212625][T12648] team0: Port device team_slave_0 added [ 700.240261][T12648] team0: Port device team_slave_1 added [ 700.309883][T12648] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 700.327483][T12648] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 700.375916][T12648] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 700.410221][T12648] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 700.429913][T12648] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 700.466507][T12648] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 700.722145][T12648] hsr_slave_0: entered promiscuous mode [ 700.852528][T12648] hsr_slave_1: entered promiscuous mode [ 701.313037][T12648] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 701.322365][T12648] Cannot create hsr debugfs directory [ 701.923669][T12648] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.055097][T12648] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 702.146917][ T5797] Bluetooth: hci6: command tx timeout [ 702.943962][T12648] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.088118][T12648] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 703.538909][T12648] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 703.570308][T12648] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 703.600359][T12648] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 703.615734][T12648] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 703.807802][T12648] 8021q: adding VLAN 0 to HW filter on device bond0 [ 703.888139][T12648] 8021q: adding VLAN 0 to HW filter on device team0 [ 703.943934][ T7155] bridge0: port 1(bridge_slave_0) entered blocking state [ 703.951155][ T7155] bridge0: port 1(bridge_slave_0) entered forwarding state [ 704.002777][ T7153] bridge0: port 2(bridge_slave_1) entered blocking state [ 704.009983][ T7153] bridge0: port 2(bridge_slave_1) entered forwarding state [ 704.277944][ T5797] Bluetooth: hci6: command tx timeout [ 704.668200][T12761] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2218'. [ 705.137338][ T28] audit: type=1326 audit(1756456237.313:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12774 comm="syz.5.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 705.164509][T12648] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 705.210207][ T28] audit: type=1326 audit(1756456237.313:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12774 comm="syz.5.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 705.265409][ T28] audit: type=1326 audit(1756456237.313:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12774 comm="syz.5.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 705.316119][ T28] audit: type=1326 audit(1756456237.313:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12774 comm="syz.5.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 705.343285][T12648] veth0_vlan: entered promiscuous mode [ 705.395384][T12648] veth1_vlan: entered promiscuous mode [ 705.483084][T12648] veth0_macvtap: entered promiscuous mode [ 705.538131][T12648] veth1_macvtap: entered promiscuous mode [ 705.734042][T12792] tipc: Enabling of bearer rejected, failed to enable media [ 706.235408][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 706.281132][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.291733][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 706.303846][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.317058][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 706.319421][ T5797] Bluetooth: hci6: command tx timeout [ 706.337063][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.367693][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 706.429892][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.461039][T12648] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 706.500166][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 706.547636][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.573671][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 706.605440][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.633822][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 706.654897][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.686294][T12648] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 706.700102][T12648] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 706.733159][T12648] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 706.800997][T12648] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 706.821691][T12648] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 706.834499][T12648] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 706.852840][T12648] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 707.082386][T12803] loop5: detected capacity change from 0 to 512 [ 707.083940][ T2930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 707.104245][T12803] EXT4-fs: Ignoring removed nomblk_io_submit option [ 707.148945][T12803] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal [ 707.197035][ T2930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 707.244447][ T7170] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 707.291044][ T7170] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 708.710991][T12815] tipc: Enabling of bearer rejected, failed to enable media [ 709.905852][T12841] loop1: detected capacity change from 0 to 128 [ 709.915817][T12841] EXT4-fs (loop1): Test dummy encryption mode enabled [ 709.944609][T12841] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 709.974221][T12841] ext4 filesystem being mounted at /3/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 710.918251][T12648] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 711.209409][T12863] ip6gre1: entered allmulticast mode [ 711.223467][T11458] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 711.776042][T12876] loop1: detected capacity change from 0 to 128 [ 711.785513][T12876] EXT4-fs (loop1): Test dummy encryption mode enabled [ 711.810808][T12876] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 711.839564][T12876] ext4 filesystem being mounted at /8/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 712.837896][T12648] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 713.293134][T12893] loop1: detected capacity change from 0 to 128 [ 713.322070][T12893] EXT4-fs (loop1): Test dummy encryption mode enabled [ 713.409069][T12893] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 713.472252][T12893] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 714.535998][T12648] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 714.831966][T11229] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 714.846994][T11229] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 714.860137][T11229] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 714.860410][T10673] bond0: (slave syz_tun): Releasing backup interface [ 714.946837][ C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 715.008452][T11229] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 715.016344][T11229] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 715.025431][T11229] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 715.265683][T12917] loop5: detected capacity change from 0 to 512 [ 715.300009][T12917] EXT4-fs: Ignoring removed nobh option [ 715.385934][T12917] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 715.421262][T12917] EXT4-fs (loop5): 1 truncate cleaned up [ 715.480718][T12917] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 715.604136][ T7153] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 716.339004][ T7153] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 716.360429][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 716.978510][T12907] chnl_net:caif_netlink_parms(): no params data found [ 717.097348][T12935] loop5: detected capacity change from 0 to 128 [ 717.109371][ T5797] Bluetooth: hci0: command tx timeout [ 717.123477][T12935] EXT4-fs (loop5): Test dummy encryption mode enabled [ 717.193147][T12935] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 717.214528][ T7153] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 717.239826][T12935] ext4 filesystem being mounted at /114/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 717.255966][T12941] loop1: detected capacity change from 0 to 1024 [ 717.299582][T12941] EXT4-fs: Ignoring removed oldalloc option [ 717.305780][T12941] EXT4-fs: Ignoring removed bh option [ 717.315929][T12941] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 717.419534][T12941] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 718.085580][ T7153] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 718.258728][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 718.751445][T12907] bridge0: port 1(bridge_slave_0) entered blocking state [ 718.798119][ T5797] Bluetooth: hci5: command 0x0406 tx timeout [ 718.804511][T12907] bridge0: port 1(bridge_slave_0) entered disabled state [ 718.813058][T12960] loop5: detected capacity change from 0 to 512 [ 718.828241][T12907] bridge_slave_0: entered allmulticast mode [ 718.835584][T12648] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 718.855076][T12960] EXT4-fs: Ignoring removed nobh option [ 718.912342][T12907] bridge_slave_0: entered promiscuous mode [ 718.934477][T12960] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 719.117293][T12960] EXT4-fs (loop5): 1 truncate cleaned up [ 719.139943][T12907] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.147911][T12960] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 719.153276][T12907] bridge0: port 2(bridge_slave_1) entered disabled state [ 719.184625][T12907] bridge_slave_1: entered allmulticast mode [ 719.200510][T11229] Bluetooth: hci0: command tx timeout [ 719.466202][T12907] bridge_slave_1: entered promiscuous mode [ 719.891082][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 720.024700][T12907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 720.071645][T12907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 720.189872][T12907] team0: Port device team_slave_0 added [ 720.237605][T12907] team0: Port device team_slave_1 added [ 720.373803][T12907] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 720.386620][T12907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 720.456713][T12907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 720.478909][ T7153] tipc: Left network mode [ 720.497956][T12907] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 720.504925][T12907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 720.573174][T12907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 720.974731][T12907] hsr_slave_0: entered promiscuous mode [ 720.998765][T12907] hsr_slave_1: entered promiscuous mode [ 721.005336][T12907] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 721.013724][T12907] Cannot create hsr debugfs directory [ 721.105655][T12998] overlayfs: failed to clone lowerpath [ 721.307713][T11229] Bluetooth: hci0: command tx timeout [ 721.614167][T13008] loop5: detected capacity change from 0 to 512 [ 721.691862][T13008] EXT4-fs: Ignoring removed nobh option [ 721.763584][T13008] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 722.256531][T13008] EXT4-fs (loop5): 1 truncate cleaned up [ 722.407512][T13008] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 722.689435][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 723.346694][T11229] Bluetooth: hci0: command tx timeout [ 723.368730][T13032] loop5: detected capacity change from 0 to 128 [ 723.391468][T13032] EXT4-fs (loop5): Test dummy encryption mode enabled [ 723.412431][T13035] loop1: detected capacity change from 0 to 16 [ 723.441526][T13032] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 723.443118][T13035] erofs: (device loop1): mounted with root inode @ nid 36. [ 723.522340][T13032] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 726.249138][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 726.365544][T13048] loop1: detected capacity change from 0 to 512 [ 726.373421][T13048] EXT4-fs: Ignoring removed nobh option [ 726.379957][T13048] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 726.445064][T13048] EXT4-fs (loop1): 1 truncate cleaned up [ 726.988099][T13048] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 727.280078][T12648] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 727.291014][T13061] loop5: detected capacity change from 0 to 128 [ 727.313569][T13061] EXT4-fs (loop5): Test dummy encryption mode enabled [ 727.324254][ T7153] hsr_slave_0: left promiscuous mode [ 727.369400][ T7153] hsr_slave_1: left promiscuous mode [ 727.379960][T13061] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 727.419026][ T7153] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 727.427096][ T7153] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 727.457545][ T7153] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 727.458084][T13061] ext4 filesystem being mounted at /124/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 727.465766][ T7153] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 727.535010][ T7153] vlan3: left promiscuous mode [ 727.554391][ T7153] bridge0: port 3(vlan3) entered disabled state [ 727.687402][ T7153] bridge_slave_1: left allmulticast mode [ 727.724776][ T7153] bridge_slave_1: left promiscuous mode [ 727.744467][ T7153] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.802459][ T7153] bridge_slave_0: left promiscuous mode [ 727.808683][ T7153] bridge0: port 1(bridge_slave_0) entered disabled state [ 728.274515][ T7153] veth0_macvtap: left promiscuous mode [ 728.294399][ T7153] veth1_vlan: left promiscuous mode [ 728.436135][ T7153] veth0_vlan: left promiscuous mode [ 728.462224][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 729.541693][T13085] loop5: detected capacity change from 0 to 512 [ 729.552019][T13085] EXT4-fs: Ignoring removed nobh option [ 729.566383][T13085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 730.078888][T13085] EXT4-fs (loop5): 1 truncate cleaned up [ 730.166385][T13085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 730.462842][T13097] loop1: detected capacity change from 0 to 128 [ 730.485608][T13097] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 730.585373][T13097] ext4 filesystem being mounted at /24/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 730.615768][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 731.431931][T13097] fscrypt: Error allocating hmac(sha512): -2 [ 731.524177][T12648] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 732.313611][T13115] loop1: detected capacity change from 0 to 512 [ 732.377679][T13115] EXT4-fs error (device loop1): ext4_orphan_get:1399: inode #15: comm syz.1.2319: casefold flag without casefold feature [ 732.410463][T13115] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.2319: couldn't read orphan inode 15 (err -117) [ 732.428335][T13115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 732.556302][T13120] 9pnet_fd: Insufficient options for proto=fd [ 732.581471][T13115] fscrypt (loop1, inode 18): Can't use IV_INO_LBLK_64 policy on filesystem 'loop1' because it doesn't have stable inode numbers [ 732.811762][T12648] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 733.660608][T13130] loop5: detected capacity change from 0 to 128 [ 733.694038][T13134] loop1: detected capacity change from 0 to 16 [ 733.710015][T13130] EXT4-fs (loop5): Test dummy encryption mode enabled [ 733.721637][T13134] erofs: (device loop1): mounted with root inode @ nid 36. [ 733.772419][T13130] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 733.856874][T13130] ext4 filesystem being mounted at /130/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 736.358535][T11226] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 736.561643][T13146] 9pnet_fd: Insufficient options for proto=fd [ 736.880435][ T7153] team0 (unregistering): Port device team_slave_1 removed [ 736.958102][ T7153] team0 (unregistering): Port device team_slave_0 removed [ 737.018653][ T7153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 737.109587][ T7153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 737.124966][T13158] loop5: detected capacity change from 0 to 512 [ 737.137790][T13158] EXT4-fs: Ignoring removed nobh option [ 737.155994][T13158] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 737.184472][T13158] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.2336: iget: bad i_size value: 38620345925642 [ 737.204848][T13158] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.2336: couldn't read orphan inode 15 (err -117) [ 737.235535][T13158] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 737.406336][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 737.457812][T13161] loop1: detected capacity change from 0 to 128 [ 737.474766][T13161] EXT4-fs (loop1): Test dummy encryption mode enabled [ 737.516172][T13161] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 737.614208][T13166] 9pnet_fd: Insufficient options for proto=fd [ 737.617031][T13161] ext4 filesystem being mounted at /29/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 737.671046][ T28] audit: type=1326 audit(1756456269.853:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 737.706094][T13168] loop5: detected capacity change from 0 to 512 [ 737.716299][ T28] audit: type=1326 audit(1756456269.853:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 737.763067][T13168] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 737.775969][ T28] audit: type=1326 audit(1756456269.883:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 737.907144][T13168] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 737.928701][ T28] audit: type=1326 audit(1756456269.883:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 737.973085][ T28] audit: type=1326 audit(1756456269.883:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 738.017976][ T28] audit: type=1326 audit(1756456269.883:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd2a3d8ebe9 code=0x7ffc0000 [ 738.047024][ T28] audit: type=1326 audit(1756456269.883:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd2a3d8ec23 code=0x7ffc0000 [ 738.412456][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 738.507238][ T28] audit: type=1326 audit(1756456269.883:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd2a3d8d69f code=0x7ffc0000 [ 738.636022][ T28] audit: type=1326 audit(1756456269.883:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd2a3d8ec77 code=0x7ffc0000 [ 738.638668][T12648] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 738.661016][ T28] audit: type=1326 audit(1756456269.883:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.5.2340" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2a3d8d550 code=0x7ffc0000 [ 738.717657][T13174] loop5: detected capacity change from 0 to 1024 [ 738.748487][T13174] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 738.784220][T13174] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 738.817539][T13174] ext4 filesystem being mounted at /139/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 739.018272][T11226] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 739.173613][ T7153] bond0 (unregistering): Released all slaves [ 739.381620][T13151] veth0_to_bridge: entered promiscuous mode [ 739.394210][T13154] veth0_to_bridge: left promiscuous mode [ 739.567804][T12907] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 739.635322][T12907] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 739.671129][T12907] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 739.749292][ T29] INFO: task syz.3.1633:11036 blocked for more than 143 seconds. [ 739.768567][T12907] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 739.780807][ T29] Not tainted syzkaller #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 739.794419][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 739.852417][ T29] task:syz.3.1633 state:D stack:28784 pid:11036 ppid:5788 flags:0x00004006 [ 739.920471][ T29] Call Trace: [ 739.937853][ T29] [ 739.967442][ T29] __schedule+0x14d2/0x44d0 [ 740.005621][ T29] ? asan.module_dtor+0x20/0x20 [ 740.018478][ T29] ? mark_lock+0x94/0x320 [ 740.027123][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 740.033158][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 740.052273][ T29] ? rwsem_down_read_slowpath+0x50e/0x840 [ 740.058712][ T29] schedule+0xbd/0x170 [ 740.062810][ T29] schedule_preempt_disabled+0x13/0x20 [ 740.076602][ T29] rwsem_down_read_slowpath+0x4f8/0x840 [ 740.082196][ T29] ? down_write_killable_nested+0x220/0x220 [ 740.115815][ T29] ? read_lock_is_recursive+0x20/0x20 [ 740.136911][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 740.142122][ T29] down_read+0x98/0x2e0 [ 740.146298][ T29] super_lock+0x167/0x360 [ 740.174982][ T29] ? user_get_super+0x180/0x180 [ 740.179990][ T29] ? __lock_acquire+0x7c80/0x7c80 [ 740.185031][ T29] ? __rwlock_init+0x150/0x150 [ 740.191506][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 740.196949][ T29] ? ksys_sync+0x150/0x150 [ 740.201388][ T29] iterate_supers+0x80/0x170 [ 740.205997][ T29] ksys_sync+0x95/0x150 [ 740.210214][ T29] ? sync_filesystem+0x220/0x220 [ 740.215172][ T29] ? syscall_enter_from_user_mode+0x25/0x80 [ 740.221604][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 740.226891][ T29] __ia32_sys_sync+0xe/0x20 [ 740.231414][ T29] do_syscall_64+0x55/0xb0 [ 740.235844][ T29] ? clear_bhb_loop+0x40/0x90 [ 740.241006][ T29] ? clear_bhb_loop+0x40/0x90 [ 740.245705][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 740.251691][ T29] RIP: 0033:0x7f6461b8ebe9 [ 740.256140][ T29] RSP: 002b:00007f6462a2c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 740.265129][ T29] RAX: ffffffffffffffda RBX: 00007f6461db5fa0 RCX: 00007f6461b8ebe9 [ 740.275141][ T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 740.283751][ T29] RBP: 00007f6461db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 740.293145][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.301657][ T29] R13: 00007f6461db6038 R14: 00007f6461db5fa0 R15: 00007ffec3188588 [ 740.309728][ T29] [ 740.387730][ T29] INFO: task syz.3.1633:11037 blocked for more than 143 seconds. [ 740.396161][ T29] Not tainted syzkaller #0 [ 740.456926][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 740.465641][ T29] task:syz.3.1633 state:D stack:28760 pid:11037 ppid:5788 flags:0x00004004 [ 740.543864][ T29] Call Trace: [ 740.551323][ T29] [ 740.554287][ T29] __schedule+0x14d2/0x44d0 [ 740.585329][ T29] ? asan.module_dtor+0x20/0x20 [ 740.596933][ T29] ? mark_lock+0x94/0x320 [ 740.606889][ T29] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 740.612911][ T29] ? _raw_spin_lock_irqsave+0xf0/0xf0 [ 740.646903][ T29] ? rwsem_down_read_slowpath+0x50e/0x840 [ 740.652691][ T29] schedule+0xbd/0x170 [ 740.662014][ T29] schedule_preempt_disabled+0x13/0x20 [ 740.676747][ T29] rwsem_down_read_slowpath+0x4f8/0x840 [ 740.682461][ T29] ? down_write_killable_nested+0x220/0x220 [ 740.696649][ T29] ? read_lock_is_recursive+0x20/0x20 [ 740.737083][ T29] ? _raw_spin_lock_irq+0xaf/0xe0 [ 740.742184][ T29] down_read+0x98/0x2e0 [ 740.746356][ T29] super_lock+0x167/0x360 [ 740.766914][ T29] ? user_get_super+0x180/0x180 [ 740.771824][ T29] ? __lock_acquire+0x7c80/0x7c80 [ 740.777754][ T29] ? __rwlock_init+0x150/0x150 [ 740.782544][ T29] ? do_raw_spin_unlock+0x121/0x230 [ 740.788310][ T29] ? ksys_sync+0x150/0x150 [ 740.792841][ T29] iterate_supers+0x80/0x170 [ 740.799417][ T29] ksys_sync+0x95/0x150 [ 740.804951][ T29] ? sync_filesystem+0x220/0x220 [ 740.810173][ T29] ? syscall_enter_from_user_mode+0x25/0x80 [ 740.816083][ T29] ? lockdep_hardirqs_on+0x98/0x150 [ 740.821680][ T29] __ia32_sys_sync+0xe/0x20 [ 740.826203][ T29] do_syscall_64+0x55/0xb0 [ 740.831174][ T29] ? clear_bhb_loop+0x40/0x90 [ 740.835869][ T29] ? clear_bhb_loop+0x40/0x90 [ 740.840784][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 740.847553][ T29] RIP: 0033:0x7f6461b8ebe9 [ 740.851981][ T29] RSP: 002b:00007f6462a0b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2 [ 740.860540][ T29] RAX: ffffffffffffffda RBX: 00007f6461db6090 RCX: 00007f6461b8ebe9 [ 740.869263][ T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 740.877296][ T29] RBP: 00007f6461db6090 R08: 0000000000000000 R09: 0000000000000000 [ 740.885268][ T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 740.893794][ T29] R13: 00007f6461db6128 R14: 00007f6461db6090 R15: 00007ffec3188588 [ 740.903913][ T29] [ 740.908361][ T29] [ 740.908361][ T29] Showing all locks held in the system: [ 740.916098][ T29] 3 locks held by kworker/1:0/23: [ 740.924173][ T29] #0: ffff8880b8f3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 740.937660][ T29] #1: ffff8880b8f289c0 (psi_seq){-.-.}-{0:0}, at: __schedule+0x20ee/0x44d0 [ 740.946421][ T29] #2: ffffffff97166c40 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_check_no_obj_freed+0x13a/0x540 [ 740.965714][ T29] 2 locks held by kworker/1:1/27: [ 740.971782][ T29] #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 740.984305][ T29] #1: ffffc90000a2fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 740.996615][ T29] 1 lock held by khungtaskd/29: [ 741.001496][ T29] #0: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290 [ 741.022706][ T29] 2 locks held by kworker/u4:9/1147: [ 741.028874][ T29] 3 locks held by kworker/u4:10/2930: [ 741.034258][ T29] #0: ffff888017871538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.054750][ T29] #1: ffffc9000c217d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.066607][ T29] #2: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60 [ 741.075635][ T29] 2 locks held by dhcpcd/5456: [ 741.082280][ T29] #0: ffff8880269f2688 (nlk_cb_mutex-ROUTE){+.+.}-{3:3}, at: netlink_dump+0xcc/0xde0 [ 741.092281][ T29] #1: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0x71f/0xde0 [ 741.101937][ T29] 2 locks held by getty/5547: [ 741.106782][ T29] #0: ffff8880312220a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 741.118619][ T29] #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380 [ 741.128976][ T29] 1 lock held by syz-executor/5789: [ 741.134179][ T29] #0: ffff8880259c40e0 (&type->s_umount_key#53){++++}-{3:3}, at: deactivate_super+0xa4/0xe0 [ 741.145073][ T29] 2 locks held by kworker/0:5/5900: [ 741.150792][ T29] #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.162457][ T29] #1: ffffc90004b3fd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.173066][ T29] 4 locks held by kworker/u4:17/7153: [ 741.181252][ T29] #0: ffff888017873938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.193396][ T29] #1: ffffc90004e8fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0 [ 741.204743][ T29] #2: ffffffff8dfaf510 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x136/0xb90 [ 741.215060][ T29] #3: ffff888030bd13e8 (&wg->device_update_lock){+.+.}-{3:3}, at: wg_destruct+0x116/0x310 [ 741.225561][ T29] 1 lock held by syz.3.1633/11036: [ 741.231154][ T29] #0: ffff8880259c40e0 (&type->s_umount_key#53){++++}-{3:3}, at: super_lock+0x167/0x360 [ 741.241553][ T29] 1 lock held by syz.3.1633/11037: [ 741.246803][ T29] #0: ffff8880259c40e0 (&type->s_umount_key#53){++++}-{3:3}, at: super_lock+0x167/0x360 [ 741.256858][ T29] 4 locks held by syz-executor/12648: [ 741.262208][ T29] #0: ffff88807ac04e70 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x212/0x510 [ 741.272294][ T29] #1: ffff88807ac040b8 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfb0 [ 741.282337][ T29] #2: ffffffff8e129a48 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa1/0x220 [ 741.292611][ T29] #3: ffff888021149338 (&conn->lock#2){+.+.}-{3:3}, at: l2cap_conn_del+0x70/0x660 [ 741.304971][ T29] 3 locks held by syz.4.2246/12851: [ 741.310296][ T29] #0: ffff88807c9e0e70 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x212/0x510 [ 741.320875][ T29] #1: ffff88807c9e00b8 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfb0 [ 741.330663][ T29] #2: ffffffff8cd35bb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830 [ 741.341744][ T29] 3 locks held by syz-executor/12907: [ 741.347245][ T29] #0: ffff88802c184e70 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x212/0x510 [ 741.357482][ T29] #1: ffff88802c1840b8 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfb0 [ 741.367234][ T29] #2: ffffffff8e129a48 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa1/0x220 [ 741.377570][ T29] 2 locks held by syz.5.2344/13181: [ 741.382763][ T29] #0: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0 [ 741.391841][ T29] #1: ffffffff8cd35bb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830 [ 741.402992][ T29] [ 741.405437][ T29] ============================================= [ 741.405437][ T29] [ 741.424751][ T29] NMI backtrace for cpu 0 [ 741.429132][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 741.436335][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 741.446391][ T29] Call Trace: [ 741.449663][ T29] [ 741.452585][ T29] dump_stack_lvl+0x16c/0x230 [ 741.457257][ T29] ? show_regs_print_info+0x20/0x20 [ 741.462442][ T29] ? load_image+0x3b0/0x3b0 [ 741.466939][ T29] nmi_cpu_backtrace+0x39b/0x3d0 [ 741.471867][ T29] ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0 [ 741.478010][ T29] ? _printk+0xd0/0x110 [ 741.482150][ T29] ? load_image+0x3b0/0x3b0 [ 741.486639][ T29] ? load_image+0x3b0/0x3b0 [ 741.491128][ T29] ? arch_trigger_cpumask_backtrace+0x10/0x10 [ 741.497192][ T29] nmi_trigger_cpumask_backtrace+0x17a/0x2f0 [ 741.503167][ T29] watchdog+0xf41/0xf80 [ 741.507314][ T29] ? watchdog+0x1e1/0xf80 [ 741.511637][ T29] kthread+0x2fa/0x390 [ 741.515693][ T29] ? hungtask_pm_notify+0x90/0x90 [ 741.520708][ T29] ? kthread_blkcg+0xd0/0xd0 [ 741.525282][ T29] ret_from_fork+0x48/0x80 [ 741.529689][ T29] ? kthread_blkcg+0xd0/0xd0 [ 741.534275][ T29] ret_from_fork_asm+0x11/0x20 [ 741.539036][ T29] [ 741.543215][ T29] Sending NMI from CPU 0 to CPUs 1: [ 741.548636][ C1] NMI backtrace for cpu 1 [ 741.548646][ C1] CPU: 1 PID: 1147 Comm: kworker/u4:9 Not tainted syzkaller #0 [ 741.548661][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 741.548671][ C1] Workqueue: events_unbound cfg80211_wiphy_work [ 741.548695][ C1] RIP: 0010:ieee80211_inform_bss+0x522/0x1060 [ 741.548714][ C1] Code: 00 00 74 08 4c 89 e7 e8 fc 8a fb f7 49 8b 34 24 48 89 df 4c 89 fa e8 9d 8d fb f7 eb 08 e8 a6 44 a4 f7 45 31 ff 48 8b 44 24 20 <4c> 8d 60 68 4d 89 e5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df 41 [ 741.548728][ C1] RSP: 0018:ffffc90004d1f280 EFLAGS: 00000246 [ 741.548741][ C1] RAX: ffff88805fdb9800 RBX: ffff88807620fcd2 RCX: ffffffff89e14af3 [ 741.548753][ C1] RDX: 0000000000000008 RSI: ffff8880309bf6a7 RDI: ffff88807620fcd2 [ 741.548763][ C1] RBP: ffffc90004d1f3b0 R08: 2418120c968b8482 R09: 2418120c968b8482 [ 741.548775][ C1] R10: dffffc0000000000 R11: ffffed100ec41f9c R12: ffff88805fdb9838 [ 741.548786][ C1] R13: 1ffff1100bfb7307 R14: ffff88805fdb9a12 R15: 0000000000000008 [ 741.548797][ C1] FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 [ 741.548816][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 741.548827][ C1] CR2: fffffffffffffffd CR3: 000000000cb30000 CR4: 00000000003506e0 [ 741.548842][ C1] Call Trace: [ 741.548846][ C1] [ 741.548858][ C1] ? ieee80211_rx_bss_put+0x60/0x60 [ 741.548880][ C1] ? ieee80211_rx_bss_put+0x60/0x60 [ 741.548894][ C1] rdev_inform_bss+0x106/0x410 [ 741.548914][ C1] cfg80211_inform_bss_frame_data+0xb33/0x12b0 [ 741.548942][ C1] ? cfg80211_parse_ml_sta_data+0x19f0/0x19f0 [ 741.548979][ C1] ? ieee80211_bss_info_update+0x361/0x930 [ 741.548996][ C1] ieee80211_bss_info_update+0x70b/0x930 [ 741.549014][ C1] ? ieee80211_inform_bss+0x1060/0x1060 [ 741.549035][ C1] ? ieee80211_mandatory_rates+0x1cc/0x230 [ 741.549057][ C1] ieee80211_ibss_rx_queued_mgmt+0x17c9/0x2ac0 [ 741.549085][ C1] ? ieee80211_ibss_rx_queued_mgmt+0xe05/0x2ac0 [ 741.549107][ C1] ? ieee80211_ibss_rx_no_sta+0x7a0/0x7a0 [ 741.549131][ C1] ? mark_lock+0x94/0x320 [ 741.549149][ C1] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 741.549167][ C1] ? lock_chain_count+0x20/0x20 [ 741.549181][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 741.549207][ C1] ? lockdep_hardirqs_on+0x98/0x150 [ 741.549229][ C1] ? skb_dequeue+0x10e/0x140 [ 741.549252][ C1] ieee80211_iface_work+0x717/0xc70 [ 741.549272][ C1] ? _raw_spin_unlock_irq+0x23/0x50 [ 741.549296][ C1] cfg80211_wiphy_work+0x225/0x260 [ 741.549316][ C1] ? process_scheduled_works+0x957/0x15b0 [ 741.549335][ C1] process_scheduled_works+0xa45/0x15b0 [ 741.549366][ C1] ? assign_work+0x400/0x400 [ 741.549386][ C1] ? assign_work+0x39e/0x400 [ 741.549405][ C1] worker_thread+0xa55/0xfc0 [ 741.549423][ C1] ? _raw_spin_unlock_irqrestore+0xae/0x110 [ 741.549444][ C1] ? _raw_spin_unlock+0x40/0x40 [ 741.549464][ C1] ? _raw_spin_unlock_irqrestore+0x86/0x110 [ 741.549495][ C1] kthread+0x2fa/0x390 [ 741.549508][ C1] ? pr_cont_work+0x560/0x560 [ 741.549525][ C1] ? kthread_blkcg+0xd0/0xd0 [ 741.549538][ C1] ret_from_fork+0x48/0x80 [ 741.549555][ C1] ? kthread_blkcg+0xd0/0xd0 [ 741.549569][ C1] ret_from_fork_asm+0x11/0x20 [ 741.549596][ C1] [ 741.572228][ T29] Kernel panic - not syncing: hung_task: blocked tasks [ 741.572240][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0 [ 741.572257][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 741.572265][ T29] Call Trace: [ 741.572272][ T29] [ 741.572279][ T29] dump_stack_lvl+0x16c/0x230 [ 741.572306][ T29] ? show_regs_print_info+0x20/0x20 [ 741.572324][ T29] ? load_image+0x3b0/0x3b0 [ 741.572349][ T29] panic+0x2c0/0x710 [ 741.572369][ T29] ? schedule_preempt_disabled+0x20/0x20 [ 741.572390][ T29] ? bpf_jit_dump+0xd0/0xd0 [ 741.572410][ T29] ? __irq_work_queue_local+0x13a/0x3b0 [ 741.572432][ T29] ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0 [ 741.572457][ T29] watchdog+0xf80/0xf80 [ 741.572477][ T29] ? watchdog+0x1e1/0xf80 [ 741.572501][ T29] kthread+0x2fa/0x390 [ 741.572515][ T29] ? hungtask_pm_notify+0x90/0x90 [ 741.572534][ T29] ? kthread_blkcg+0xd0/0xd0 [ 741.572548][ T29] ret_from_fork+0x48/0x80 [ 741.572564][ T29] ? kthread_blkcg+0xd0/0xd0 [ 741.572579][ T29] ret_from_fork_asm+0x11/0x20 [ 741.572611][ T29] [ 741.578825][ T29] Kernel Offset: disabled [ 741.984586][ T29] Rebooting in 86400 seconds..