Warning: Permanently added '[localhost]:59607' (ED25519) to the list of known hosts.
2026/03/02 18:01:15 parsed 1 programs
syzkaller login: [ 62.659048][ T5809] cgroup: Unknown subsys name 'net'
[ 62.774201][ T5809] cgroup: Unknown subsys name 'cpuset'
[ 62.779379][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[ 64.506774][ T5809] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k
[ 67.230651][ T5821] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[ 67.346483][ T5825] chnl_net:caif_netlink_parms(): no params data found
[ 67.625872][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[ 67.629318][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[ 67.632628][ T5825] bridge_slave_0: entered allmulticast mode
[ 67.636176][ T5825] bridge_slave_0: entered promiscuous mode
[ 67.661327][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[ 67.663926][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[ 67.666666][ T5825] bridge_slave_1: entered allmulticast mode
[ 67.671583][ T5825] bridge_slave_1: entered promiscuous mode
[ 67.714020][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 67.720999][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 67.789415][ T5825] team0: Port device team_slave_0 added
[ 67.793721][ T5825] team0: Port device team_slave_1 added
[ 67.887973][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 67.890532][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 67.898802][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 67.907965][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 67.910667][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 67.918661][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 68.011640][ T5825] hsr_slave_0: entered promiscuous mode
[ 68.015840][ T5825] hsr_slave_1: entered promiscuous mode
[ 68.199461][ T1918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 68.207932][ T1918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 68.251476][ T1918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 68.254189][ T1918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 68.294010][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 68.306382][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 68.313754][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 68.322998][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 68.497663][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[ 68.644756][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[ 68.684247][ T3071] bridge0: port 1(bridge_slave_0) entered blocking state
[ 68.686500][ T3071] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 68.703591][ T3071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 68.705650][ T3071] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 68.780287][ T5885] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 68.783564][ T5885] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 68.785903][ T5885] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 68.788432][ T5885] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 68.792797][ T5885] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 69.009484][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 69.104453][ T5825] veth0_vlan: entered promiscuous mode
[ 69.133481][ T5825] veth1_vlan: entered promiscuous mode
[ 69.359568][ T5825] veth0_macvtap: entered promiscuous mode
[ 69.382491][ T5825] veth1_macvtap: entered promiscuous mode
[ 69.489121][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 69.497558][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 69.513530][ T5673] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.516415][ T5673] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.530799][ T5673] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 69.551974][ T5673] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
2026/03/02 18:01:24 executed programs: 0
[ 69.909467][ T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 69.913176][ T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 69.920424][ T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 69.929322][ T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 69.934325][ T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 69.944926][ T5924] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 69.948555][ T5194] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 69.954447][ T5924] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 69.956529][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 69.957375][ T5927] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 69.972507][ T5927] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 69.976424][ T5927] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 69.979179][ T5927] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 69.984603][ T5927] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 69.987278][ T5927] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 69.989766][ T5927] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 70.185453][ T5921] chnl_net:caif_netlink_parms(): no params data found
[ 70.259528][ T5923] chnl_net:caif_netlink_parms(): no params data found
[ 70.325851][ T5921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.328330][ T5921] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.331251][ T5921] bridge_slave_0: entered allmulticast mode
[ 70.333921][ T5921] bridge_slave_0: entered promiscuous mode
[ 70.337201][ T5925] chnl_net:caif_netlink_parms(): no params data found
[ 70.355123][ T5921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.357396][ T5921] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.359453][ T5921] bridge_slave_1: entered allmulticast mode
[ 70.362448][ T5921] bridge_slave_1: entered promiscuous mode
[ 70.410738][ T5921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.440333][ T5921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.457156][ T5923] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.460381][ T5923] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.463212][ T5923] bridge_slave_0: entered allmulticast mode
[ 70.466884][ T5923] bridge_slave_0: entered promiscuous mode
[ 70.472606][ T5923] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.475545][ T5923] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.478611][ T5923] bridge_slave_1: entered allmulticast mode
[ 70.482736][ T5923] bridge_slave_1: entered promiscuous mode
[ 70.540093][ T5921] team0: Port device team_slave_0 added
[ 70.552287][ T5925] bridge0: port 1(bridge_slave_0) entered blocking state
[ 70.554744][ T5925] bridge0: port 1(bridge_slave_0) entered disabled state
[ 70.557126][ T5925] bridge_slave_0: entered allmulticast mode
[ 70.560382][ T5925] bridge_slave_0: entered promiscuous mode
[ 70.564792][ T5923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.575893][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 70.586154][ T5921] team0: Port device team_slave_1 added
[ 70.595386][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[ 70.597443][ T5925] bridge0: port 2(bridge_slave_1) entered disabled state
[ 70.599479][ T5925] bridge_slave_1: entered allmulticast mode
[ 70.602572][ T5925] bridge_slave_1: entered promiscuous mode
[ 70.606542][ T5923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.647391][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.649604][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.656815][ T5921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.661510][ T5921] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.663569][ T5921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.671569][ T5921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.677729][ T5925] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 70.690037][ T5923] team0: Port device team_slave_0 added
[ 70.701465][ T5923] team0: Port device team_slave_1 added
[ 70.706279][ T5925] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 70.744778][ T5925] team0: Port device team_slave_0 added
[ 70.756147][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.758201][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.765400][ T5923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.771671][ T5925] team0: Port device team_slave_1 added
[ 70.789317][ T5923] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.792780][ T5923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.800477][ T5923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.819763][ T5921] hsr_slave_0: entered promiscuous mode
[ 70.822219][ T5921] hsr_slave_1: entered promiscuous mode
[ 70.824231][ T5921] debugfs: 'hsr0' already exists in 'hsr'
[ 70.825888][ T5921] Cannot create hsr debugfs directory
[ 70.828674][ T5925] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 70.830965][ T5925] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.838354][ T5925] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 70.843343][ T5925] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 70.845610][ T5925] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 70.852848][ T5925] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 70.876080][ T5923] hsr_slave_0: entered promiscuous mode
[ 70.878197][ T5923] hsr_slave_1: entered promiscuous mode
[ 70.880365][ T5923] debugfs: 'hsr0' already exists in 'hsr'
[ 70.881951][ T5923] Cannot create hsr debugfs directory
[ 70.947356][ T5925] hsr_slave_0: entered promiscuous mode
[ 70.949513][ T5925] hsr_slave_1: entered promiscuous mode
[ 70.951689][ T5925] debugfs: 'hsr0' already exists in 'hsr'
[ 70.953310][ T5925] Cannot create hsr debugfs directory
[ 71.081582][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 71.990562][ T5927] Bluetooth: hci0: command tx timeout
[ 72.007373][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 72.070892][ T5927] Bluetooth: hci1: command tx timeout
[ 72.071266][ T54] Bluetooth: hci2: command tx timeout
[ 72.162093][ T12] bridge_slave_1: left allmulticast mode
[ 72.164317][ T12] bridge_slave_1: left promiscuous mode
[ 72.167269][ T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 72.177121][ T12] bridge_slave_0: left allmulticast mode
[ 72.179122][ T12] bridge_slave_0: left promiscuous mode
[ 72.182791][ T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 72.288651][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 72.293336][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 72.296988][ T12] bond0 (unregistering): Released all slaves
[ 72.406746][ T12] hsr_slave_0: left promiscuous mode
[ 72.409373][ T12] hsr_slave_1: left promiscuous mode
[ 72.412253][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 72.414914][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 72.418441][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 72.424276][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 72.440273][ T12] veth1_macvtap: left promiscuous mode
[ 72.442556][ T12] veth0_macvtap: left promiscuous mode
[ 72.444571][ T12] veth1_vlan: left promiscuous mode
[ 72.446615][ T12] veth0_vlan: left promiscuous mode
[ 72.646134][ T12] team0 (unregistering): Port device team_slave_1 removed
[ 72.664897][ T12] team0 (unregistering): Port device team_slave_0 removed
[ 72.951832][ T5921] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 72.974624][ T5921] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 72.988988][ T5921] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 72.995615][ T5921] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 73.106371][ T5925] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 73.112797][ T5925] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 73.122081][ T5925] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 73.133879][ T5925] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 73.207477][ T5923] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 73.217897][ T5923] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 73.223487][ T5923] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 73.236111][ T5923] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 73.338162][ T5921] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.352059][ T5925] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.375410][ T5923] 8021q: adding VLAN 0 to HW filter on device bond0
[ 73.382520][ T5921] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.397139][ T1350] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.399878][ T1350] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.406328][ T5925] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.420372][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.423014][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.428891][ T5923] 8021q: adding VLAN 0 to HW filter on device team0
[ 73.438870][ T40] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.441458][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.453903][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.456518][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.469097][ T40] bridge0: port 1(bridge_slave_0) entered blocking state
[ 73.471739][ T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 73.497890][ T40] bridge0: port 2(bridge_slave_1) entered blocking state
[ 73.500611][ T40] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 73.592703][ T5923] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 73.777719][ T5921] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.796266][ T5923] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.804395][ T5925] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 73.867333][ T5925] veth0_vlan: entered promiscuous mode
[ 73.878868][ T5921] veth0_vlan: entered promiscuous mode
[ 73.888155][ T5923] veth0_vlan: entered promiscuous mode
[ 73.897717][ T5925] veth1_vlan: entered promiscuous mode
[ 73.903317][ T5921] veth1_vlan: entered promiscuous mode
[ 73.910189][ T5923] veth1_vlan: entered promiscuous mode
[ 73.953783][ T5923] veth0_macvtap: entered promiscuous mode
[ 73.958183][ T5925] veth0_macvtap: entered promiscuous mode
[ 73.968844][ T5923] veth1_macvtap: entered promiscuous mode
[ 73.975544][ T5925] veth1_macvtap: entered promiscuous mode
[ 73.983987][ T5921] veth0_macvtap: entered promiscuous mode
[ 74.006198][ T5921] veth1_macvtap: entered promiscuous mode
[ 74.014485][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.027362][ T5925] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.035670][ T5925] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.039510][ T5923] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.062463][ T5921] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 74.070499][ T54] Bluetooth: hci0: command tx timeout
[ 74.077511][ T5852] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.082885][ T5852] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.086502][ T5852] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.100868][ T5852] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.104298][ T5852] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.107642][ T5852] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.111389][ T5852] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.116017][ T5852] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.121362][ T5921] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 74.144924][ T5883] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.150263][ T54] Bluetooth: hci2: command tx timeout
[ 74.152181][ T5927] Bluetooth: hci1: command tx timeout
[ 74.165271][ T5852] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.186667][ T5852] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.191477][ T5852] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 74.290182][ T3071] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.293051][ T3071] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.319392][ T1350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.325373][ T1350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.352816][ T1350] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.355111][ T1350] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.369328][ T1350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.378827][ T1350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.394989][ T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.398033][ T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.429447][ T1350] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 74.433369][ T1350] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 74.472308][ T5993] loop0: detected capacity change from 0 to 512
[ 74.477948][ T5993] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 74.487184][ T5991] loop2: detected capacity change from 0 to 512
[ 74.509364][ T5996] loop1: detected capacity change from 0 to 512
[ 74.526116][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #3: comm syz.1.18: corrupted inode contents
[ 74.526916][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #3: comm syz.0.17: corrupted inode contents
[ 74.530769][ T5996] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.536225][ T5996] EXT4-fs error (device loop1): ext4_dirty_inode:6450: inode #3: comm syz.1.18: mark_inode_dirty error
[ 74.541265][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #3: comm syz.2.19: corrupted inode contents
[ 74.542274][ C0] EXT4-fs (loop1): error count since last fsck: 1
[ 74.548476][ C0] EXT4-fs (loop1): initial error at time 1772474488: ext4_do_update_inode:5569: inode 3
[ 74.551064][ T5991] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.551968][ C0] EXT4-fs (loop1): last error at time 1772474488: ext4_do_update_inode:5569
[ 74.552294][ T5991] EXT4-fs error (device loop2): ext4_dirty_inode:6450: inode #3: comm syz.2.19: mark_inode_dirty error
[ 74.554814][ C0] : inode 3
[ 74.557921][ T5991] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.561568][ C1] EXT4-fs (loop2): error count since last fsck: 1
[ 74.561586][ C1] EXT4-fs (loop2): initial error at time 1772474488: ext4_do_update_inode:5569: inode 3
[ 74.561646][ C1] EXT4-fs (loop2): last error at time 1772474488: ext4_do_update_inode:5569: inode 3
[ 74.563720][ T5996] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.571178][ T5993] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.571608][ T5993] EXT4-fs error (device loop0): ext4_dirty_inode:6450: inode #3: comm syz.0.17: mark_inode_dirty error
[ 74.580601][ C1] EXT4-fs (loop0): error count since last fsck: 1
[ 74.580619][ C1] EXT4-fs (loop0): initial error at time 1772474488: ext4_do_update_inode:5569: inode 3
[ 74.580643][ C1] EXT4-fs (loop0): last error at time 1772474488: ext4_do_update_inode:5569: inode 3
[ 74.610451][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #3: comm syz.1.18: corrupted inode contents
[ 74.610841][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #3: comm syz.2.19: corrupted inode contents
[ 74.614075][ T5996] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.625060][ T5996] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #3: comm syz.1.18: mark_inode_dirty error
[ 74.639060][ T5991] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.639321][ T5991] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.19: mark_inode_dirty error
[ 74.647165][ T5991] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.651965][ T5996] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.656185][ T5991] Quota error (device loop2): write_blk: dquota write failed
[ 74.663576][ T5993] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[ 74.664568][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #3: comm syz.0.17: corrupted inode contents
[ 74.672562][ T5991] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 74.673880][ T5996] Quota error (device loop1): write_blk: dquota write failed
[ 74.675668][ T5991] EXT4-fs error (device loop2): ext4_acquire_dquot:7001: comm syz.2.19: Failed to acquire dquot type 0
[ 74.678418][ T5996] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 74.682418][ T5991] loop2: lost filesystem error report for type 5 error -117
[ 74.686478][ T5993] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #3: comm syz.0.17: mark_inode_dirty error
[ 74.689086][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #16: comm syz.2.19: corrupted inode contents
[ 74.690199][ T5993] Quota error (device loop0): write_blk: dquota write failed
[ 74.694726][ T5991] EXT4-fs error (device loop2): ext4_dirty_inode:6450: inode #16: comm syz.2.19: mark_inode_dirty error
[ 74.697645][ T5993] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[ 74.701839][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #16: comm syz.2.19: corrupted inode contents
[ 74.704433][ T5996] EXT4-fs error (device loop1): ext4_acquire_dquot:7001: comm syz.1.18: Failed to acquire dquot type 0
[ 74.706832][ T5991] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.19: mark_inode_dirty error
[ 74.719306][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #16: comm syz.2.19: corrupted inode contents
[ 74.720851][ T5993] EXT4-fs error (device loop0): ext4_acquire_dquot:7001: comm syz.0.17: Failed to acquire dquot type 0
[ 74.723901][ T5991] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[ 74.729524][ T5991] loop2: lost filesystem error report for type 5 error -117
[ 74.729953][ T5991] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #16: comm syz.2.19: corrupted inode contents
[ 74.735988][ T5991] EXT4-fs error (device loop2): ext4_truncate:4587: inode #16: comm syz.2.19: mark_inode_dirty error
[ 74.739560][ T5991] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[ 74.741742][ T5993] loop0: lost filesystem error report for type 5 error -117
[ 74.742604][ T5991] loop2: lost filesystem error report for type 5 error -117
[ 74.743622][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #16: comm syz.0.17: corrupted inode contents
[ 74.746490][ T5991] EXT4-fs (loop2): 1 truncate cleaned up
[ 74.747382][ T5996] loop1: lost filesystem error report for type 5 error -117
[ 74.752426][ T5991] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 74.754077][ T5993] EXT4-fs error (device loop0): ext4_dirty_inode:6450: inode #16: comm syz.0.17: mark_inode_dirty error
[ 74.755240][ T5991] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 74.760475][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.18: corrupted inode contents
[ 74.762586][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #16: comm syz.0.17: corrupted inode contents
[ 74.766755][ T5996] EXT4-fs error (device loop1): ext4_dirty_inode:6450: inode #16: comm syz.1.18: mark_inode_dirty error
[ 74.770620][ T5993] EXT4-fs error (device loop0): __ext4_ext_dirty:207: inode #16: comm syz.0.17: mark_inode_dirty error
[ 74.776772][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.18: corrupted inode contents
[ 74.778598][ T5991] EXT4-fs warning (device loop2): ext4_es_cache_extent:1082: inode #3: comm syz.2.19: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18]
[ 74.778598][ T5991]
[ 74.783941][ T5996] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #16: comm syz.1.18: mark_inode_dirty error
[ 74.791887][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #16: comm syz.0.17: corrupted inode contents
[ 74.798879][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.18: corrupted inode contents
[ 74.805449][ T5996] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[ 74.807144][ T5991] ==================================================================
[ 74.809103][ T5996] loop1: lost filesystem error report for type 5 error -117
[ 74.811136][ T5991] BUG: KASAN: slab-use-after-free in ext4_xattr_set_entry+0x179e/0x1e20
[ 74.811163][ T5991] Read of size 260 at addr ffff88811a37e000 by task syz.2.19/5991
[ 74.811175][ T5991]
[ 74.811195][ T5991] CPU: 0 UID: 0 PID: 5991 Comm: syz.2.19 Not tainted syzkaller #0 PREEMPT(full)
[ 74.811209][ T5991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 74.811218][ T5991] Call Trace:
[ 74.811224][ T5991]
[ 74.811229][ T5991] dump_stack_lvl+0xe8/0x150
[ 74.811243][ T5991] print_report+0xba/0x230
[ 74.811257][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 74.811271][ T5991] kasan_report+0x117/0x150
[ 74.811287][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 74.811303][ T5991] kasan_check_range+0x264/0x2c0
[ 74.811316][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 74.811324][ T5991] __asan_memmove+0x29/0x70
[ 74.811340][ T5991] ext4_xattr_set_entry+0x179e/0x1e20
[ 74.811361][ T5991] ext4_xattr_block_set+0x636/0x2b00
[ 74.811383][ T5991] ? __pfx_check_xattrs+0x10/0x10
[ 74.811395][ T5991] ? xattr_find_entry+0x126/0x280
[ 74.811408][ T5991] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 74.811417][ T5991] ? ext4_xattr_block_find+0x303/0x370
[ 74.811426][ T5991] ext4_xattr_set_handle+0xdc2/0x14d0
[ 74.811438][ T5991] ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 74.811456][ T5991] ext4_xattr_set+0x255/0x340
[ 74.811472][ T5991] ? __pfx_ext4_xattr_set+0x10/0x10
[ 74.811486][ T5991] ? evm_protect_xattr+0x4d4/0xac0
[ 74.811507][ T5991] ? __pfx_evm_protect_xattr+0x10/0x10
[ 74.811521][ T5991] ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 74.811534][ T5991] __vfs_removexattr+0x431/0x470
[ 74.811555][ T5991] __vfs_removexattr_locked+0xe2/0x280
[ 74.811573][ T5991] ? __pfx_vfs_setxattr+0x10/0x10
[ 74.811590][ T5991] vfs_removexattr+0x7f/0x230
[ 74.811607][ T5991] ovl_fill_super+0x4c09/0x5e00
[ 74.811622][ T5991] ? rcu_is_watching+0x15/0xb0
[ 74.811645][ T5991] ? __lock_acquire+0x6b5/0x2cf0
[ 74.811693][ T5991] ? __pfx_ovl_fill_super+0x10/0x10
[ 74.811708][ T5991] ? xas_create+0x1902/0x1b90
[ 74.811730][ T5991] ? __pfx___mutex_trylock_common+0x10/0x10
[ 74.811751][ T5991] ? trace_contention_end+0x3d/0x150
[ 74.811772][ T5991] ? shrinker_register+0x124/0x230
[ 74.811788][ T5991] ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 74.811801][ T5991] ? __pfx___mutex_lock+0x10/0x10
[ 74.811813][ T5991] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 74.811826][ T5991] ? __raw_spin_lock_init+0x45/0x100
[ 74.811842][ T5991] ? sget_fc+0x962/0xa40
[ 74.811859][ T5991] ? __pfx_set_anon_super_fc+0x10/0x10
[ 74.811869][ T5991] ? __pfx_ovl_fill_super+0x10/0x10
[ 74.811880][ T5991] get_tree_nodev+0xbb/0x150
[ 74.811892][ T5991] vfs_get_tree+0x92/0x2a0
[ 74.811904][ T5991] do_new_mount+0x341/0xd30
[ 74.811919][ T5991] ? apparmor_capable+0x126/0x170
[ 74.811939][ T5991] ? __pfx_do_new_mount+0x10/0x10
[ 74.811956][ T5991] ? ns_capable+0x89/0xe0
[ 74.811971][ T5991] ? path_mount+0x690/0x10e0
[ 74.811989][ T5991] ? user_path_at+0xd4/0x160
[ 74.811999][ T5991] __se_sys_mount+0x31d/0x420
[ 74.812010][ T5991] ? __pfx___se_sys_mount+0x10/0x10
[ 74.812025][ T5991] ? __x64_sys_mount+0x20/0xc0
[ 74.812040][ T5991] do_syscall_64+0x14d/0xf80
[ 74.812051][ T5991] ? trace_irq_disable+0x3b/0x150
[ 74.812067][ T5991] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.812080][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 74.812093][ T5991] RIP: 0033:0x7facfdf9c799
[ 74.812105][ T5991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 74.812116][ T5991] RSP: 002b:00007facfd5fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 74.812129][ T5991] RAX: ffffffffffffffda RBX: 00007facfe215fa0 RCX: 00007facfdf9c799
[ 74.812139][ T5991] RDX: 0000200000000440 RSI: 0000200000000100 RDI: 0000000000000000
[ 74.812147][ T5991] RBP: 00007facfe032bd9 R08: 0000200000000280 R09: 0000000000000000
[ 74.812155][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 74.812163][ T5991] R13: 00007facfe216038 R14: 00007facfe215fa0 R15: 00007ffdb6825fe8
[ 74.812176][ T5991]
[ 74.812181][ T5991]
[ 74.822769][ T5996] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.18: corrupted inode contents
[ 74.824603][ T5991] Allocated by task 5825:
[ 74.824615][ T5991] kasan_save_track+0x3e/0x80
[ 74.828953][ T5996] EXT4-fs error (device loop1): ext4_truncate:4587: inode #16: comm syz.1.18: mark_inode_dirty error
[ 74.829720][ T5991] __kasan_slab_alloc+0x6c/0x80
[ 74.829739][ T5991] kmem_cache_alloc_noprof+0x2bc/0x650
[ 74.829751][ T5991] __kernfs_new_node+0xe9/0x8e0
[ 74.829768][ T5991] kernfs_new_node+0x102/0x210
[ 74.829783][ T5991] __kernfs_create_file+0x4b/0x2e0
[ 74.829795][ T5991] sysfs_add_file_mode_ns+0x238/0x300
[ 74.831540][ T5996] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[ 74.832765][ T5991] internal_create_group+0x673/0x1180
[ 74.832789][ T5991] sysfs_create_groups+0x59/0x120
[ 74.832804][ T5991] device_add_attrs+0xdd/0x5b0
[ 74.832815][ T5991] device_add+0x496/0xb70
[ 74.834775][ T5996] loop1: lost filesystem error report for type 5 error -117
[ 74.836601][ T5991] netdev_register_kobject+0x178/0x310
[ 74.840534][ T5996] EXT4-fs (loop1): 1 truncate cleaned up
[ 74.842054][ T5991] register_netdevice+0x12c0/0x1cf0
[ 74.845079][ T5996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 74.845590][ T5991] __ip_tunnel_create+0x3e8/0x560
[ 74.845612][ T5991] ip_tunnel_init_net+0x2e7/0x840
[ 74.845627][ T5991] ops_init+0x35c/0x5c0
[ 74.847556][ T5996] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 74.849364][ T5991] setup_net+0x118/0x340
[ 74.849386][ T5991] copy_net_ns+0x50e/0x730
[ 74.849400][ T5991] create_new_namespaces+0x3e7/0x6a0
[ 74.849418][ T5991] unshare_nsproxy_namespaces+0x11a/0x160
[ 74.849432][ T5991] ksys_unshare+0x51d/0x930
[ 75.029282][ T5991] __x64_sys_unshare+0x38/0x50
[ 75.031132][ T5991] do_syscall_64+0x14d/0xf80
[ 75.032861][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.035185][ T5991]
[ 75.036128][ T5991] Freed by task 15:
[ 75.037521][ T5991] kasan_save_track+0x3e/0x80
[ 75.039330][ T5991] kasan_save_free_info+0x46/0x50
[ 75.041287][ T5991] __kasan_slab_free+0x5c/0x80
[ 75.043082][ T5991] kmem_cache_free+0x187/0x630
[ 75.044913][ T5991] rcu_core+0x7cd/0x1070
[ 75.046558][ T5991] handle_softirqs+0x22a/0x870
[ 75.048388][ T5991] run_ksoftirqd+0x36/0x60
[ 75.049990][ T5991] smpboot_thread_fn+0x541/0xa50
[ 75.051877][ T5991] kthread+0x388/0x470
[ 75.053422][ T5991] ret_from_fork+0x51e/0xb90
[ 75.055125][ T5991] ret_from_fork_asm+0x1a/0x30
[ 75.056880][ T5991]
[ 75.057820][ T5991] Last potentially related work creation:
[ 75.059983][ T5991] kasan_save_stack+0x3e/0x60
[ 75.061695][ T5991] kasan_record_aux_stack+0xbd/0xd0
[ 75.063678][ T5991] call_rcu+0xee/0x890
[ 75.065249][ T5991] kernfs_put+0x18e/0x470
[ 75.066859][ T5991] kernfs_remove_by_name_ns+0xb7/0x130
[ 75.068922][ T5991] sysfs_remove_group+0xfc/0x2e0
[ 75.070821][ T5991] sysfs_remove_groups+0x54/0xb0
[ 75.072579][ T5991] device_remove_attrs+0x229/0x280
[ 75.074498][ T5991] device_del+0x51f/0x8f0
[ 75.076064][ T5991] unregister_netdevice_many_notify+0x1e0e/0x2370
[ 75.078339][ T5991] ops_undo_list+0x3d3/0x940
[ 75.080088][ T5991] cleanup_net+0x56b/0x800
[ 75.081708][ T5991] process_scheduled_works+0xb02/0x1830
[ 75.083645][ T5991] worker_thread+0xa50/0xfc0
[ 75.085318][ T5991] kthread+0x388/0x470
[ 75.086808][ T5991] ret_from_fork+0x51e/0xb90
[ 75.088474][ T5991] ret_from_fork_asm+0x1a/0x30
[ 75.090277][ T5991]
[ 75.091229][ T5991] The buggy address belongs to the object at ffff88811a37e000
[ 75.091229][ T5991] which belongs to the cache kernfs_node_cache of size 176
[ 75.096612][ T5991] The buggy address is located 0 bytes inside of
[ 75.096612][ T5991] freed 176-byte region [ffff88811a37e000, ffff88811a37e0b0)
[ 75.101783][ T5991]
[ 75.102724][ T5991] The buggy address belongs to the physical page:
[ 75.105191][ T5991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88811a37ee10 pfn:0x11a37e
[ 75.108982][ T5991] flags: 0x17ff00000000200(workingset|node=0|zone=2|lastcpupid=0x7ff)
[ 75.111926][ T5991] page_type: f5(slab)
[ 75.113423][ T5991] raw: 017ff00000000200 ffff8881012d3dc0 ffffea000468fed0 ffffea000468df10
[ 75.116645][ T5991] raw: ffff88811a37ee10 000000080011000a 00000000f5000000 0000000000000000
[ 75.119918][ T5991] page dumped because: kasan: bad access detected
[ 75.122360][ T5991] page_owner tracks the page as allocated
[ 75.124525][ T5991] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5822, tgid 5822 (syz-executor), ts 67128981798, free_ts 62919905097
[ 75.132006][ T5991] post_alloc_hook+0x231/0x280
[ 75.133862][ T5991] get_page_from_freelist+0x24dc/0x2580
[ 75.136028][ T5991] __alloc_frozen_pages_noprof+0x18d/0x380
[ 75.138178][ T5991] allocate_slab+0x77/0x660
[ 75.139944][ T5991] refill_objects+0x331/0x3c0
[ 75.141795][ T5991] __pcs_replace_empty_main+0x2b9/0x620
[ 75.143896][ T5991] kmem_cache_alloc_noprof+0x37d/0x650
[ 75.146065][ T5991] __kernfs_new_node+0xe9/0x8e0
[ 75.147958][ T5991] kernfs_new_node+0x102/0x210
[ 75.149769][ T5991] __kernfs_create_file+0x4b/0x2e0
[ 75.151803][ T5991] sysfs_add_file_mode_ns+0x238/0x300
[ 75.153904][ T5991] internal_create_group+0x673/0x1180
[ 75.155859][ T5991] sysfs_create_groups+0x59/0x120
[ 75.157786][ T5991] device_add_attrs+0x1bf/0x5b0
[ 75.159676][ T5991] device_add+0x496/0xb70
[ 75.161364][ T5991] netdev_register_kobject+0x178/0x310
[ 75.163357][ T5991] page last free pid 5809 tgid 5809 stack trace:
[ 75.165755][ T5991] __free_frozen_pages+0xc2b/0xdb0
[ 75.167717][ T5991] vfree+0x25a/0x400
[ 75.169315][ T5991] kcov_close+0x28/0x50
[ 75.170914][ T5991] __fput+0x44f/0xa70
[ 75.172550][ T5991] fput_close_sync+0x11f/0x240
[ 75.174444][ T5991] __x64_sys_close+0x7e/0x110
[ 75.176216][ T5991] do_syscall_64+0x14d/0xf80
[ 75.177899][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.180108][ T5991]
[ 75.181025][ T5991] Memory state around the buggy address:
[ 75.183122][ T5991] ffff88811a37df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 75.186094][ T5991] ffff88811a37df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 75.189109][ T5991] >ffff88811a37e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 75.192164][ T5991] ^
[ 75.193669][ T5991] ffff88811a37e080: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fa fb
[ 75.196631][ T5991] ffff88811a37e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 75.199639][ T5991] ==================================================================
[ 75.211600][ T5996] EXT4-fs warning (device loop1): ext4_es_cache_extent:1082: inode #3: comm syz.1.18: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18]
[ 75.211600][ T5996]
[ 75.228558][ T5996] ------------[ cut here ]------------
[ 75.230592][ T5996] !PageLargeKmalloc(page)
[ 75.230600][ T5996] WARNING: mm/slub.c:6371 at free_large_kmalloc+0xa3/0x140, CPU#1: syz.1.18/5996
[ 75.234373][ T5996] Modules linked in:
[ 75.236070][ T5996] CPU: 1 UID: 0 PID: 5996 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full)
[ 75.238885][ T5996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 75.241883][ T5996] RIP: 0010:free_large_kmalloc+0xa3/0x140
[ 75.243563][ T5996] Code: f8 ff 74 17 25 00 00 00 ff 3d 00 00 00 f8 0f 85 a0 00 00 00 c7 43 30 ff ff ff ff 48 89 df 89 ee 5b 41 5e 5d e9 ee c7 fc ff 90 <0f> 0b 90 48 89 df 48 c7 c6 27 db f0 8d 5b 41 5e 5d e9 67 e3 03 ff
[ 75.248911][ T5996] RSP: 0018:ffffc90003ab7120 EFLAGS: 00010206
[ 75.250138][ T5993] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[ 75.250690][ T5996] RAX: 00000000ff000000 RBX: ffffea0004539780 RCX: ffff8881033a1d01
[ 75.253939][ T5993] loop0: lost filesystem error report for type 5 error -117
[ 75.256083][ T5996] RDX: 0000000000000000 RSI: ffff888114e5e108 RDI: ffffea0004539780
[ 75.256094][ T5996] RBP: 0000000000000000 R08: ffffea0004539577 R09: 1ffffd40008a72ae
[ 75.256100][ T5996] R10: dffffc0000000000 R11: fffff940008a72af R12: 0000000000000000
[ 75.259863][ T5993] EXT4-fs error (device loop0): ext4_do_update_inode:5569: inode #16: comm syz.0.17: corrupted inode contents
[ 75.261243][ T5996] R13: dffffc0000000000 R14: ffff888114e5e108 R15: 0000000000000000
[ 75.265050][ T5993] EXT4-fs error (device loop0): ext4_truncate:4587: inode #16: comm syz.0.17: mark_inode_dirty error
[ 75.266567][ T5996] FS: 00007f294eb726c0(0000) GS:ffff8882a9464000(0000) knlGS:0000000000000000
[ 75.266578][ T5996] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 75.274378][ T5993] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[ 75.274423][ T5996] CR2: 0000200000001000 CR3: 00000001126a0000 CR4: 00000000000006f0
[ 75.278408][ T5993] loop0: lost filesystem error report for type 5 error -117
[ 75.279344][ T5993] EXT4-fs (loop0): 1 truncate cleaned up
[ 75.282725][ T5996] Call Trace:
[ 75.296434][ T5996]
[ 75.297519][ T5996] ext4_xattr_block_set+0x2102/0x2b00
[ 75.299489][ T5996] ? __pfx_check_xattrs+0x10/0x10
[ 75.301502][ T5996] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 75.303557][ T5996] ? ext4_xattr_block_find+0x303/0x370
[ 75.305475][ T5996] ext4_xattr_set_handle+0xdc2/0x14d0
[ 75.306414][ T5993] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 75.307535][ T5996] ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 75.307574][ T5996] ext4_xattr_set+0x255/0x340
[ 75.313214][ T5993] ext4 filesystem being mounted at /0/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 75.314566][ T5996] ? __pfx_ext4_xattr_set+0x10/0x10
[ 75.314590][ T5996] ? evm_protect_xattr+0x4d4/0xac0
[ 75.314622][ T5996] ? __pfx_evm_protect_xattr+0x10/0x10
[ 75.318436][ T5993] EXT4-fs warning (device loop0): ext4_es_cache_extent:1082: inode #3: comm syz.0.17: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18]
[ 75.318436][ T5993]
[ 75.320197][ T5996] ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 75.320226][ T5996] __vfs_removexattr+0x431/0x470
[ 75.320255][ T5996] __vfs_removexattr_locked+0xe2/0x280
[ 75.320275][ T5996] ? __pfx_vfs_setxattr+0x10/0x10
[ 75.320296][ T5996] vfs_removexattr+0x7f/0x230
[ 75.320319][ T5996] ovl_fill_super+0x4c09/0x5e00
[ 75.322339][ T5991] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 75.322353][ T5991] CPU: 0 UID: 0 PID: 5991 Comm: syz.2.19 Not tainted syzkaller #0 PREEMPT(full)
[ 75.322369][ T5991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 75.322377][ T5991] Call Trace:
[ 75.322384][ T5991]
[ 75.322391][ T5991] vpanic+0x56c/0xa60
[ 75.322412][ T5991] ? __pfx_vpanic+0x10/0x10
[ 75.322432][ T5991] panic+0xc5/0xd0
[ 75.322448][ T5991] ? __pfx_panic+0x10/0x10
[ 75.322465][ T5991] ? preempt_schedule_thunk+0x16/0x30
[ 75.322480][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322496][ T5991] ? preempt_schedule_thunk+0x16/0x30
[ 75.322509][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322524][ T5991] check_panic_on_warn+0x89/0xb0
[ 75.322540][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322553][ T5991] end_report+0x73/0x180
[ 75.322570][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322585][ T5991] kasan_report+0x128/0x150
[ 75.322599][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322617][ T5991] kasan_check_range+0x264/0x2c0
[ 75.322632][ T5991] ? ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322671][ T5991] __asan_memmove+0x29/0x70
[ 75.322691][ T5991] ext4_xattr_set_entry+0x179e/0x1e20
[ 75.322712][ T5991] ext4_xattr_block_set+0x636/0x2b00
[ 75.322734][ T5991] ? __pfx_check_xattrs+0x10/0x10
[ 75.322748][ T5991] ? xattr_find_entry+0x126/0x280
[ 75.322762][ T5991] ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 75.322774][ T5991] ? ext4_xattr_block_find+0x303/0x370
[ 75.322786][ T5991] ext4_xattr_set_handle+0xdc2/0x14d0
[ 75.322803][ T5991] ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 75.322821][ T5991] ext4_xattr_set+0x255/0x340
[ 75.322837][ T5991] ? __pfx_ext4_xattr_set+0x10/0x10
[ 75.322850][ T5991] ? evm_protect_xattr+0x4d4/0xac0
[ 75.322869][ T5991] ? __pfx_evm_protect_xattr+0x10/0x10
[ 75.322884][ T5991] ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 75.322900][ T5991] __vfs_removexattr+0x431/0x470
[ 75.322925][ T5991] __vfs_removexattr_locked+0xe2/0x280
[ 75.322941][ T5991] ? __pfx_vfs_setxattr+0x10/0x10
[ 75.322958][ T5991] vfs_removexattr+0x7f/0x230
[ 75.322977][ T5991] ovl_fill_super+0x4c09/0x5e00
[ 75.322992][ T5991] ? rcu_is_watching+0x15/0xb0
[ 75.323016][ T5991] ? __lock_acquire+0x6b5/0x2cf0
[ 75.323035][ T5991] ? __pfx_ovl_fill_super+0x10/0x10
[ 75.323049][ T5991] ? xas_create+0x1902/0x1b90
[ 75.323071][ T5991] ? __pfx___mutex_trylock_common+0x10/0x10
[ 75.323093][ T5991] ? trace_contention_end+0x3d/0x150
[ 75.323114][ T5991] ? shrinker_register+0x124/0x230
[ 75.323132][ T5991] ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 75.323145][ T5991] ? __pfx___mutex_lock+0x10/0x10
[ 75.323157][ T5991] ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 75.323191][ T5991] ? __raw_spin_lock_init+0x45/0x100
[ 75.323209][ T5991] ? sget_fc+0x962/0xa40
[ 75.323227][ T5991] ? __pfx_set_anon_super_fc+0x10/0x10
[ 75.323239][ T5991] ? __pfx_ovl_fill_super+0x10/0x10
[ 75.323255][ T5991] get_tree_nodev+0xbb/0x150
[ 75.323268][ T5991] vfs_get_tree+0x92/0x2a0
[ 75.323282][ T5991] do_new_mount+0x341/0xd30
[ 75.323298][ T5991] ? apparmor_capable+0x126/0x170
[ 75.323316][ T5991] ? __pfx_do_new_mount+0x10/0x10
[ 75.323333][ T5991] ? ns_capable+0x89/0xe0
[ 75.323348][ T5991] ? path_mount+0x690/0x10e0
[ 75.323366][ T5991] ? user_path_at+0xd4/0x160
[ 75.323378][ T5991] __se_sys_mount+0x31d/0x420
[ 75.323414][ T5991] ? __pfx___se_sys_mount+0x10/0x10
[ 75.323431][ T5991] ? __x64_sys_mount+0x20/0xc0
[ 75.323452][ T5991] do_syscall_64+0x14d/0xf80
[ 75.323462][ T5991] ? trace_irq_disable+0x3b/0x150
[ 75.323478][ T5991] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.323492][ T5991] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 75.323503][ T5991] RIP: 0033:0x7facfdf9c799
[ 75.323516][ T5991] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 75.323525][ T5991] RSP: 002b:00007facfd5fe028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 75.323539][ T5991] RAX: ffffffffffffffda RBX: 00007facfe215fa0 RCX: 00007facfdf9c799
[ 75.323547][ T5991] RDX: 0000200000000440 RSI: 0000200000000100 RDI: 0000000000000000
[ 75.323555][ T5991] RBP: 00007facfe032bd9 R08: 0000200000000280 R09: 0000000000000000
[ 75.323562][ T5991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 75.323569][ T5991] R13: 00007facfe216038 R14: 00007facfe215fa0 R15: 00007ffdb6825fe8
[ 75.323581][ T5991]
[ 75.324981][ T5991] Kernel Offset: disabled
VM DIAGNOSIS:
18:01:29 Registers:
info registers vcpu 0
CPU#0
RAX=1ffffffff34b9505 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffc90003df6b70 RSP=ffffc90003df69d8
R8 =0000000000000003 R9 =0000000000000004 R10=dffffc0000000000 R11=ffffffff85402250
R12=dffffc0000000000 R13=dffffc0000000000 R14=ffffffff9a5ca8a0 R15=0000000000000000
RIP=ffffffff854022c7 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007facfd5fe6c0 ffffffff 00c00000
GS =0000 ffff88818de64000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000001000 CR3=0000000113e0e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1
CPU#1
RAX=00000000000c0045 RBX=ffff8881138ea8e0 RCX=0000000000000000 RDX=0000000000000008
RSI=ffff8881138ea8c0 RDI=ffff8881138e9d40 RBP=ffff8881138ea8c0 RSP=ffffc9000738f4b8
R8 =ffffffff81ab54a2 R9 =ffffffff8e765e18 R10=dffffc0000000000 R11=fffffbfff2023197
R12=0000000000000003 R13=ffff8881138ea8c0 R14=ffff8881138e9d40 R15=0000000000000001
RIP=ffffffff81a1d167 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8618d99380 ffffffff 00c00000
GS =0000 ffff8882a9464000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2ec63fff CR3=000000016b5ec000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 00000000ff000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000