last executing test programs: 50.745792444s ago: executing program 0 (id=887): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffe, @empty}, 0x1c) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0xffd8) 48.754285508s ago: executing program 0 (id=892): r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x10, 0xa401) ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000140)=ANY=[@ANYBLOB="fb2f000009"]) 48.657470388s ago: executing program 0 (id=894): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaa270005d70000fe08060001080006040001aaaa0600aa2aac1414bbaaaaaaaaaa00ac"], 0x0) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r2, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14) 48.217535286s ago: executing program 0 (id=901): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x18d811, 0x0) 47.910368455s ago: executing program 0 (id=906): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="020000000400000008caff0001"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x21085e, &(0x7f00000004c0)={[{@nodioread_nolock}, {@nouid32}, {@acl}]}, 0x1, 0x52d, &(0x7f0000000cc0)="$eJzs3c9vI1cdAPCvvXHiZNMmLT0AgnZpCwtarZN426jqgZYTQqgSoicE0jYk3iiKHUexU5qwUtMzVyQqcYIDB/4ADpx64s4FwY1LOSDxIwI1SBymmvEk62TtxtpN7Gj9+UizM2/e2N/vs3feW79s/AIYWzci4iAiJiPinYiYy88X8i3e7GzpdZ8c3l89Ory/Wogkeftfhaw+PRddj0ldz5+zHBHf/3bEjwsPx23t7W+u1Ou1nby80G5sL7T29m9vNFbWa+u1rWp1eWl58bU7r1YvrK0vNCbzoy9//MeDb/w0TWs2P9PdjovUaXrpJE5qIiK+exnBRuBa3p7JUSfCIylGxLMR8WJ2/8/FtezdBACeZEkyF8lcdxkAeNIVszmwQrGSzwXMRrFYqXTm8J6LmWK92Wrfutfc3VrrzJXNR6l4b6NeW8znCuejVEjLS9nxg3L1TPlORDwTET+fms7KldVmfW2U//ABgDF2/cz4/9+pzvgfEcn7o04OALg85VEnAAAMnfEfAMaP8R8Axo/xHwDGT2f8n+5T23W+vDOchACAS+fzPwCMH+M/AIyV7731VrolR/n3X6+9u7e72Xz39lqttVlp7K5WVps725X1ZnM9+86exnnPV282t5deid335r+53WovtPb27zaau1vtu9n3et+tlbKrDobQMgCgn2de+OgvhXREfn0626JrLYfSSDMDLltx1AkAI3Nt1AkAI2O1Lxhfj/IZf/7RHwpcQT2W6D2l3OsXhJIkSS4vJeCS3fyC+X8YV13z//4XMIwZ8/8wvsz/w/hKksKga/7HoBcCAFebOX6gz8//n833v81/OPCjtQd1v8/+/LDn4w7y7uVikwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAr5nj930q+FvhsFIuVSsRTETEfpcK9jXptMSKejog/T5Wm0vLSiHMGAB5X8e+FfP2vm3Mvz56qev76yeFkRPzkl2//4r2VdnvnTxGThX9PHZ9vf5ifrw4/ewDgfMfjdLbv+iD/yeH91eNtmPn841sRUe7EPzqcjKOT+BMxke3LUYqImf8U8nJHoWvu4nEcfBARn+/V/kLMZnMgnZVPz8ZPYz811PjFU/GLWV1nn74Wn7uAXGDcfJT2P2/2uv+KcSPb977/y1kP9fjy/i99qtWjrA98EP+4/7vWp/+7MWiMV/7wnc7R9MN1H0R8cSLiOPZRV/9zHL/QJ/7LA8b/65eef7FfXfKriJsRcfSbH0Scid8da6Hd2F5o7e3f3misrNfWa1vV6vLS8uJrd16tLmRz1Av9R4N/vn7r6X51aftnonf7y+e0/6sDtv/X/3/nh1/5jPhff6lX/GI89xnx0zHxawPGX5n5XblfXRp/rU/7z3v/bw0Y/+O/7a8NeCkAMAStvf3NlXq9tuPg4YMkSd5PX6Srko+D9N24Amn0PHhjWLEm+/yF/NlLnXv6TFWSnL145tRr+EbvWP16jIuYdQOugpObPiL+N+pkAAAAAAAAAAAAAACAnobxG0ujbiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPrk8DAAD//x171p4=") openat(0xffffffffffffff9c, 0x0, 0x107042, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x3) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, 0x0) bind$inet(r0, 0x0, 0x0) sendto$inet(r0, 0x0, 0x0, 0x20004ffd, &(0x7f0000000040)={0x2, 0x4e23, @empty}, 0x10) recvmsg(r0, 0x0, 0x104) 45.429080878s ago: executing program 0 (id=922): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, 0x0, 0x40000) 45.329934137s ago: executing program 32 (id=922): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, 0x0, 0x40000) 24.909834366s ago: executing program 4 (id=999): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='kmem_cache_free\x00', r1, 0x0, 0x8}, 0x18) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28) writev(r0, &(0x7f00000016c0)=[{&(0x7f00000006c0)='Xw', 0x2}], 0x1) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "0daf7461cfccf6ce"}, 0x28) recvmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000028c0)=""/4102, 0x1006}], 0x1}, 0x2) 24.836813225s ago: executing program 1 (id=1000): r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) r1 = socket$netlink(0x10, 0x3, 0x0) syz_emit_ethernet(0x83, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffffad727b86dd"], 0x0) writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x10}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)=r3}, 0x20) r4 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010000000004"], 0x57) setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc) 24.335652764s ago: executing program 1 (id=1004): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8088, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) 24.017145443s ago: executing program 4 (id=1008): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x10, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f04000000480100100000000004002b000a00010014a4ee1ee438d2fd000000000000007208", 0x7c}], 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x9d) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18040036ed07449e000000000000000018010000", @ANYRES16=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095", @ANYRESOCT=r3], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff7ffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r6, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="280012000100000000000000000038efadd8f2b03fa58ee0100000000c000000000000000000"], 0x28}], 0x1}, 0x0) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0) socket$inet6(0xa, 0x2, 0x0) sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000030601c59cc3bf57b43db3000000000005"], 0x1c}}, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) unshare(0x22000600) r7 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'ip6gre0\x00', 0x1}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r7, 0x0, 0x48c, &(0x7f0000000000)={0x2, 'ipvlan0\x00', 0x2003}, 0x18) r8 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) ioctl$HIDIOCGRDESC(r8, 0x90044802, &(0x7f0000001200)={0xffffffffffffff89, "c3cc123424b20552f83c19334d0b35890675a9c5b46ad0d1373965e1ccff596c1869aacbf8808a186f5be809a23fb83bf8e183dac15020ebb61871f0055082000cc0f12c8b169a33ca2da68bc513e00b2c6e293ef2409b7f8d1acc0043f9d45f7207c51a2f9f00389ed61e7973daff69afaee6853a6d15073c590b834cda77c710fbc12870988f63415359c6282399daa820f7e505b0ea06c95d7a1fd2a64301dfb1001a8a01809079fc76760d1eb2fad9c9613159ab03095c69ea75054429775ed4fd94d192a106bcf45b5c4b78a6c890a472082635c0decf62d59c818375c8f839cf009b62e6473465c301ed5512631690eedae7e84f7bb76d26ce1ce65f88f54589dd3144aaa74ec1eeefc3b900898f464fd3e57a6b29c083fc03e57b43911072d2ab89c77f288d421ad5c521227507ee92b6dbea5e273a6b8d73cfa76739062b4fdbf858579a9f672c4dd322713b7ee5ebb4dd00a525d734422dd0803ccb293780e5fe816064c7897abce0d8cd9122fc42547ff88d64aa0ba4d8969da7bd05eac95c0e55d875cf9c777d95c56b6909d2fb1acfcaa3e7c31360db63e4c381c6332b6fb940d3f2600cab22bab5f6d2eed47cd354d552f970180de7143730a946f981ab1319a3a27f7e317b3011dbd977affff011c943f4facb7980aefdcec99b7fca92f36012ed57de63d883180fdc99a7eee9d21e68930e96973b6204ca99738dad539fca79d015423b07c40ae8a1e33a81d9afe04ef28a34fbb5f7b94db5f9406420dd71a4d8d5c8c8f40eca205fa49ded5f76bc76f4da906fa28dd76154b142fd937b8f9e30665596486e67fbe7849f8b29b634f4f9c17d6a2a27a6963407911a0f66e2539d62f067903906094241d3fd3450cf52989e2c6b47bb3a45e5fbccc73ad50910fcc0921447174fd89f9e88c48bac2f418f8e418d7dce17c5782afbfe873169fe6e146a9e25ef43f0f0eff0721daf55c0600c2c0cee1c8e1569d9b4eeab73550df0cf8e9281c114a0df572c7fbb182821dffb8a017d55a7d8ecd538d77089a02c85485491a2a348d776ea9265d043de66db4ad1fd357ec61aef8d9ac178eb53afe18f840ca45a15ffa463d5bf06ffa3d4d63a00b7414bee814776e0cf536c50e60ae7e691472d9d82dd5a6b488a559e50733baa644a7784931899739d88c15d03ab5a9d925df8a03a78e5a01de57bca0a559e8d23b32fcef0f02c0d7dbc6d61db42bbb06d2de32830267a5764ff8ad10c14215ff34d0b7c971ab5137f86fbcff7e0dab9023168deb04dd48d82a32433304b684d06e4ee7f88decbee64bde403cae0f7bb8e60a03f53445e16afdb88d78fd5a256976fa52b0f1a276fd6719e10ba87ea87e8edc7e92037651b086ea300b9b7fb7466291e69d1a6c921888e11f09ef07c73089643c111e2bed153a63b2c88f099a830f58667c99daa15011f1016d0c6e7f5f4b8eb759908c3096d154d3d4c1ffa9c6b21dc8abf459de480d220a34554546b7be75227c7f8f676d1e01cb044e1d560663f44fb671d5d24fd3ceb678ba7519e83e76287602cc0875d6fa72af01142f2d8f461c339ad0592f4bdb0f59b2098d994e7bd1870d32baee62c9dbb546677b76564e730dd2966de7742702eaae1dcea5301182bdb3bb7a373f54372c4d1704a5b9008ca326290d120fe33c26497a0fe96754bea670c7e56171bf2d8fd8b5e61e6b50736735ad5782615bedb74f1c50ae7d076af6e50ed24a42640f1a958b356cea4280ccf1b042d55dd78b4fd7a4910bc7d78f609702f8ead35bd52802d3109f1d6ae093a3bddbc598410399a9c5a38ce1f387757b98e1c32b174d076ddf2f4e3114601df73bcb2b5e06a5a2e1cad8c1d2d357d6916721da098fa428241df56e8d08f2a139d30cde65a8148368c35670209871b7251b0c3f5401a5143d5784fd401ae7c76eec6810748c2560c7f964f97320a61679d82c499f46084cbd5204f1ae0d63e5fe6b4fa01537c83c63b4d08fe9302690e3894af69cde0c0a2e58c4034ca85ab4474af552c3452461d1f6e03a8533043421702adb79cc83e180225c4b2c5433bda9319fc13857dce1bb83ccb8fc9de375ceeb13a77b0e7caef9650b857f24d0eca24646dab9ff637d28311b6873782d85aa4a987d17a11a90065c74ff4abfd01d5d45e934c9138873377e8c0699115014d98518c98e15b9f0f3df3f2a7744b47917f28648dd1c12f576065dbe2abfa6639458ec52159e024122a9113b63c9607233338faabb1899932feb5e7ed2c92a00dd16f837422870939cf35655c897151b91c66b2e20557eb182bca6d07bf7647853af734974e860f76061b027173bdc9a605810296ba97a6d820409c376d079e36565d85db1d03c1659c9cb348438f6a866c5d92eb54346c68f3830f289752e6d704fc0cc5d35f4258601147f80a176af048aaf66a6792645eb0dcbaac6fdeb30f06420028b041d135926fa23076fabc60c3cd297de8df91accb80a3ba6f1e284a81c8d762ee12bb0943ce6d469001b43aea76ca85043c7540a0635dc54095640e542a76ae3e69351391d8ce7670c8895c221077a256bcd090d447dac21e23ba987ea3cc8bcdc36a870bb7337f0ab8ca813d72e4a3990ddd9e5b3b4d912e339f7752c2e530680409c66408a6be9c35ccdbea8ec807845b21a6940703859500c80a4738996357d6cdc80a1fae7e4dc155ba41ecad1402a9b52c2393392fa7f026e01822229b91fc1ae8b777296cc6981a3b672344df5c663a4e9b039ebcd05f01bb373052d306a67841e1435711d614c8d49e85fc5587296bc1eeafa97a026b7f08730d43eacbeb5d397f00f79a82ad3e9ac3004354a534080d829b6e3533df09f4f57236f65ea98177380cb46e401a629df9d6f40cb53530da784676c077d444cb3d972d674e42547866651623087c70f827503efb2b0d84ee4f5d679854a825770e5d88288921ac66e18d9fcd102ceddefceb075e820595ee99c13f6a01e3126f2bc4435fb4420d4266ab30f88f2f0873d5e60e7669f03780af257138d49e83642c7726aa63236a5e9986af78d0dc914733acc66a24872e2e2de6015979b4fa9b49070d06f526bbdfbe374976c6ae145a1913cdd4242a2f189d9f6455ff67a5ecaaea986666669f09830160282d22181d22e912582af1bea30c4e4a17881e9902ccd31d4bdb979f72ddf0211c37cc12848a76a4fe8271c37d791b3864a220e494f748db6158679aa4a935e4b1c49d667651875e8b2bca1175fa48344bc026f2669a069bc76bf78d90ecbf3e81d8e2c48d75340294f9b2a1045420118501bc8b763a2879ef3dfd42175df18dde931009e84538da71071bce77e685480eeb38766fa7d34e3d7e3d0ed8bd0608cf6cb61dfce5f54a489b2a83aea6c371708ef43d5d9e4b944de09e03c9597e9be2005dfba675a4197d6633b43fa67449cd9b8a7510eb0038942d8f0f39e561650c114436380d2eaaa714d3c5171b0cc978a96525661dff4336d82df19420445d018bcb42907a73f21cc2880c34118786f528f62c6056bb4c6a2ff7bac9c3bbcc98d8ddd9ecef79e71ff4"}) 23.425953021s ago: executing program 1 (id=1011): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) 20.626195733s ago: executing program 3 (id=1013): syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000001e80)={[{@inlinecrypt}]}, 0x1, 0x549, &(0x7f0000001800)="$eJzs3c9vI1cdAPDvTH65222zCz1ABewChQWt1t5421XVS8sFhKpKiIoD4rANiTcKseMQO6UJkUj/BpBA4gR/AgckDkg9ceDGEYkDQpQDUoEItEHiYDRjJ+smNmtqx+7Gn480O/Pmzcz3PWdn3vNz4hfA1LoeEQcRMR8Rb0TEYmd/0lnilfaSHffgcH/l6HB/JYlW6/W/J3l+ti+6zsk82blmISK+/pWIbydn4zZ29zaWq9XKdiddata2So3dvVvrteW1ylpls1y+u3T39ot3XiiPrK7Xar9478vrr37j17/65Lu/O/ji97NiXe7kdddjlNpVnzuJk5mNiFfPI9gEzHTW8xMuBx9MGhEfiYjP5Pf/Yszk/zsBgIus1VqM1mJ3GgC46NJ8DCxJixGRpp1OQLE9hvdMXEqr9Ubz5v36zuZqe6zsSsyl99erldtXF/7w3fzguSRLL+V5eX6eLp9K34mIqxHxo4Un8nRxpV5dnUyXBwCm3pPd7X9E/GshTYvFgU7t8akeAPDYKEy6AADA2Gn/AWD6aP8BYPoM0P53Puw/OPeyAADj4f0/AEwf7T8ATB/tPwBMla+99lq2tI4633+9+ubuzkb9zVurlcZGsbazUlypb28V1+r1tfw7e2qPul61Xt9aej523io1K41mqbG7d69W39ls3su/1/teZW4stQIA/per1975fRIRBy89kS/RNZeDthoutnSERwGPl5lhTtZBgMea2b5geg3UhOedhN+ee1mAyej5Zd6Fnpvv95P/I4jfM4IPlRsfH3z83xzPcLEY2Yfp9cHG/18eeTmA8TP+D9Or1UpOz/k/f5IFAFxIQ/wKX+sHo+qEABP1qMm8R/L5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwwlyPiO5GkxXwu8DT7Ny0WI56KiCsxl9xfr1ZuR8TTcS0i5hay9NKkCw0ADCn9a9KZ/+vG4nOXT+fOJ/9eyNcR8b2fvv7jt5abze2lbP8/TvYvHE8fVn543hDzCgIAg/vzIAfl7Xe5s+56I//gcH/leDnHMp7x3pdOJh9dOTrcz5d2zmy0Wq1WRCHvS1z6ZxKznXMKEfFsRMyMIP7B2xHxsV71T/KxkSudmU+740cn9lNjjZ++L36a57XX2cv30RGUBabNO9nz55Ve918a1/N17/u/kD+hhpc//woRx8++o674s51IMz3iZ/f89UFjPP+br57Z2Vps570d8exsr/jJSfykT/znBoz/x0986ocv98lr/SziRvSO3x2r1KxtlRq7e7fWa8trlbXKZrl8d+nu7RfvvFAu5WPUpeOR6rP+9tLNp/uVLav/pT7xCz3rP39y7ucGrP/P//PGtz79MLlwOv4XPtv75/9Mz/htWZv4+QHjL1/6Zd/pu7P4q33q/6if/80B47/7l73VAQ8FAMagsbu3sVytVraH2sjehY7iOmc2siIOdvBxd3G4oH+KfGNEL0ufjawzNsjBc+f1qp77xuxJX3G0V/5mdsUxVycdeS2G2ngwrliTeyYB4/Hwpp90SQAAAAAAAAAAAAAAgH7G8adLk64jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9d/AwAA//8+JMPM") r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) fsetxattr$system_posix_acl(r0, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100006000000000020"], 0x24, 0x2) 20.517605262s ago: executing program 3 (id=1014): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f00000000c0)=@generic={0x1, 0xfffffffffffffff7, 0x4}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2200c851, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)='D', 0x1, 0x1, 0x0, 0x0) recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x42, 0x0, 0x0) r1 = syz_open_dev$loop(&(0x7f0000000180), 0x88, 0x8000) ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000440)={0xffffffffffffffff, 0x6, {0x0, 0x0, 0x0, 0x6, 0x80, 0x0, 0x12, 0x19, 0x10, "c862b7beddf04faf4176b9b142a3177b491ad8aeb7705792dbce2ffd53dc1181c25347ce5f3a898a726f4fde0344383c72e8e21fd460e643a441e4551e7c5343", "ff3df92e2ed9244593b0461ccd88b63253d4fbb7aa26258ae0269224678cb30d1c8433d85f03df2ef8be5a10e8ae705ccbbfe87c07dc606dfa83c06f36a33ca1", "9bceba7dda13f122e03da3d03a6e21a3e94c98fb53498b3f19fcb948597f4701", [0x100000001, 0x7fffffff]}}) socket$netlink(0x10, 0x3, 0x10) r2 = getpid() r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RELOAD(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r4, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r2}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0) 19.496368469s ago: executing program 4 (id=1015): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={0x0}, 0x18) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) pread64(r0, &(0x7f0000001240)=""/102384, 0x18ff0, 0x2000000000) r1 = socket$igmp6(0xa, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000020c0)={@ipv4={'\x00', '\xff\xff', @empty}, 0x80, r9}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r9}) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@nogrpid}, {@jqfmt_vfsv0}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@debug}, {@nombcache}, {@quota}, {@nolazytime}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00'}, 0x10) 19.210201558s ago: executing program 1 (id=1017): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000010080)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000200)=@generic={&(0x7f0000000080)='./file0\x00', r0}, 0x18) 19.209809738s ago: executing program 1 (id=1018): socket$inet_smc(0x2b, 0x1, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x30}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b15000000000000000000214907", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010067726574617000001800028004001200060003e01c00"], 0x48}}, 0x0) 18.284224505s ago: executing program 4 (id=1020): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x27, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8088, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0) 17.994128525s ago: executing program 2 (id=1021): io_setup(0x7, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6(0xa, 0x802, 0x0) syz_open_dev$usbmon(0x0, 0x80000001, 0x8c00) request_key(&(0x7f0000000380)='asymmetric\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f00000004c0)='sy\x8akI,\xb3\f6L\xcb\xe7\xbd\x11\xa8\x052\x94.\xcf\xc62s\xf6ll\x84]\xe1\x81=\xf3\x91_m)\x81>\xab>\xaf6\x82n\x80b\xc5\t38%\xab\xdd\"4e9\xbfp\xb9\x920d\xc8S\xd0\x80\x0f\x1f\a\xac\x0f\x87|:\xee\x04\x1ba\xa5w\x18\xa1\x1c\xb15s8 \xaa\x99\xea\xcb\xb4\x83\a\t\xc6\xcf\xc5\xed\x1d=a%\xe8\x9e9\x12u\x9c\x13~\x97\xe3\x9c\x03L\xe0i\x13~}d\xd0\x82|\xe1B6d\xcaMj\x03\xb2l\x97\xce\\b\xc702\xb5\x1b\xc9V\x95Gd0\xeb\xa0\xcai\x1b\xcf\xba\xe2\xa0\xc1\xa7\x0e\xc7D\xc9\x8d\xdfk\x7fTwX\xaaaq\xfe)WG\xb5\xbb\xd6.\xd1F#[B\xb58', 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) 16.836530521s ago: executing program 3 (id=1022): bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010100000000000000000a0000000900010073797a300000000048000000030a010200000000000000000a0000000900010073797a30000000000900030073797a3100000000080007006e617400140004800800014000000000080002"], 0xa4}}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206050000000000000000000000000005000400000000000900020073797a30000000001400078008001340000000040800124080000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}, 0x1, 0x0, 0x0, 0x4000050}, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) 16.762557971s ago: executing program 1 (id=1023): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/seq/clients\x00', 0x0, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_io_uring_setup(0x24f5, &(0x7f0000000780)={0x0, 0xc297, 0x10100, 0x3}, &(0x7f0000000100)=0x0, &(0x7f0000000800)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_SENDMSG={0x9, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000440)={&(0x7f0000000340)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x0, {0x2, 0x0, @multicast1}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000480)="10ab119b497ad23a1c1142ce24b27ffa12477294d5f95fbf8890c08a1c7a02944cf58f9e6725ddafac32a98ed3ec927d19a01a193c99058915996d97a79d6e364c97cd620d3e639b4374dae2de1c616415fbc228c3f6bbaacf237291ea1c763bc9f9405da6d699a83194b49c8848fe72407cbcd06881dbc687e9a9967c4031632fbbb883db18c6b0c40a546715fa886040c2", 0x5d}], 0x100000000000000f}, 0x0, 0x80840, 0x1}) io_uring_enter(r1, 0x11d30, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='attr\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getpid() r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r6) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100fcff7f00000000002100000009001f007068793000f300000c000500000000000000000005002000000000"], 0x34}}, 0x4090) 16.734970891s ago: executing program 2 (id=1024): r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x10, 0x4, &(0x7f0000000240)=ANY=[], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) r3 = socket$netlink(0x10, 0x3, 0x0) io_uring_enter(0xffffffffffffffff, 0x3b4a, 0x52a2, 0x24, &(0x7f0000000000)={[0x80000001]}, 0x8) bpf$PROG_LOAD(0x5, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x9d) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="18040036ed07449e000000000000000018010000", @ANYRES16=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095", @ANYRESOCT=r3], &(0x7f0000000240)='GPL\x00', 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff7ffffc, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) r6 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r6, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="280012000100000000000000000038efadd8f2b03fa58ee0100000000c000000000000000000"], 0x28}], 0x1}, 0x0) sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6000000002060103000000000000000000000004050001000700000013000300686173683a6e65742c696661636500000900020073797a30000000000500040000000000050005000a00000014000780050015000000000008001240"], 0x60}}, 0x0) socket$inet6(0xa, 0x2, 0x0) sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000030601c59cc3bf57b43db3000000000005"], 0x1c}}, 0x0) write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) unshare(0x22000600) r7 = socket$igmp(0x2, 0x3, 0x2) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000002100)={0x1, 'ip6gre0\x00', 0x1}, 0x18) setsockopt$IP_VS_SO_SET_STOPDAEMON(r7, 0x0, 0x48c, &(0x7f0000000000)={0x2, 'ipvlan0\x00', 0x2003}, 0x18) r8 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) ioctl$HIDIOCGRDESC(r8, 0x90044802, &(0x7f0000001200)={0xffffffffffffff89, "c3cc123424b20552f83c19334d0b35890675a9c5b46ad0d1373965e1ccff596c1869aacbf8808a186f5be809a23fb83bf8e183dac15020ebb61871f0055082000cc0f12c8b169a33ca2da68bc513e00b2c6e293ef2409b7f8d1acc0043f9d45f7207c51a2f9f00389ed61e7973daff69afaee6853a6d15073c590b834cda77c710fbc12870988f63415359c6282399daa820f7e505b0ea06c95d7a1fd2a64301dfb1001a8a01809079fc76760d1eb2fad9c9613159ab03095c69ea75054429775ed4fd94d192a106bcf45b5c4b78a6c890a472082635c0decf62d59c818375c8f839cf009b62e6473465c301ed5512631690eedae7e84f7bb76d26ce1ce65f88f54589dd3144aaa74ec1eeefc3b900898f464fd3e57a6b29c083fc03e57b43911072d2ab89c77f288d421ad5c521227507ee92b6dbea5e273a6b8d73cfa76739062b4fdbf858579a9f672c4dd322713b7ee5ebb4dd00a525d734422dd0803ccb293780e5fe816064c7897abce0d8cd9122fc42547ff88d64aa0ba4d8969da7bd05eac95c0e55d875cf9c777d95c56b6909d2fb1acfcaa3e7c31360db63e4c381c6332b6fb940d3f2600cab22bab5f6d2eed47cd354d552f970180de7143730a946f981ab1319a3a27f7e317b3011dbd977affff011c943f4facb7980aefdcec99b7fca92f36012ed57de63d883180fdc99a7eee9d21e68930e96973b6204ca99738dad539fca79d015423b07c40ae8a1e33a81d9afe04ef28a34fbb5f7b94db5f9406420dd71a4d8d5c8c8f40eca205fa49ded5f76bc76f4da906fa28dd76154b142fd937b8f9e30665596486e67fbe7849f8b29b634f4f9c17d6a2a27a6963407911a0f66e2539d62f067903906094241d3fd3450cf52989e2c6b47bb3a45e5fbccc73ad50910fcc0921447174fd89f9e88c48bac2f418f8e418d7dce17c5782afbfe873169fe6e146a9e25ef43f0f0eff0721daf55c0600c2c0cee1c8e1569d9b4eeab73550df0cf8e9281c114a0df572c7fbb182821dffb8a017d55a7d8ecd538d77089a02c85485491a2a348d776ea9265d043de66db4ad1fd357ec61aef8d9ac178eb53afe18f840ca45a15ffa463d5bf06ffa3d4d63a00b7414bee814776e0cf536c50e60ae7e691472d9d82dd5a6b488a559e50733baa644a7784931899739d88c15d03ab5a9d925df8a03a78e5a01de57bca0a559e8d23b32fcef0f02c0d7dbc6d61db42bbb06d2de32830267a5764ff8ad10c14215ff34d0b7c971ab5137f86fbcff7e0dab9023168deb04dd48d82a32433304b684d06e4ee7f88decbee64bde403cae0f7bb8e60a03f53445e16afdb88d78fd5a256976fa52b0f1a276fd6719e10ba87ea87e8edc7e92037651b086ea300b9b7fb7466291e69d1a6c921888e11f09ef07c73089643c111e2bed153a63b2c88f099a830f58667c99daa15011f1016d0c6e7f5f4b8eb759908c3096d154d3d4c1ffa9c6b21dc8abf459de480d220a34554546b7be75227c7f8f676d1e01cb044e1d560663f44fb671d5d24fd3ceb678ba7519e83e76287602cc0875d6fa72af01142f2d8f461c339ad0592f4bdb0f59b2098d994e7bd1870d32baee62c9dbb546677b76564e730dd2966de7742702eaae1dcea5301182bdb3bb7a373f54372c4d1704a5b9008ca326290d120fe33c26497a0fe96754bea670c7e56171bf2d8fd8b5e61e6b50736735ad5782615bedb74f1c50ae7d076af6e50ed24a42640f1a958b356cea4280ccf1b042d55dd78b4fd7a4910bc7d78f609702f8ead35bd52802d3109f1d6ae093a3bddbc598410399a9c5a38ce1f387757b98e1c32b174d076ddf2f4e3114601df73bcb2b5e06a5a2e1cad8c1d2d357d6916721da098fa428241df56e8d08f2a139d30cde65a8148368c35670209871b7251b0c3f5401a5143d5784fd401ae7c76eec6810748c2560c7f964f97320a61679d82c499f46084cbd5204f1ae0d63e5fe6b4fa01537c83c63b4d08fe9302690e3894af69cde0c0a2e58c4034ca85ab4474af552c3452461d1f6e03a8533043421702adb79cc83e180225c4b2c5433bda9319fc13857dce1bb83ccb8fc9de375ceeb13a77b0e7caef9650b857f24d0eca24646dab9ff637d28311b6873782d85aa4a987d17a11a90065c74ff4abfd01d5d45e934c9138873377e8c0699115014d98518c98e15b9f0f3df3f2a7744b47917f28648dd1c12f576065dbe2abfa6639458ec52159e024122a9113b63c9607233338faabb1899932feb5e7ed2c92a00dd16f837422870939cf35655c897151b91c66b2e20557eb182bca6d07bf7647853af734974e860f76061b027173bdc9a605810296ba97a6d820409c376d079e36565d85db1d03c1659c9cb348438f6a866c5d92eb54346c68f3830f289752e6d704fc0cc5d35f4258601147f80a176af048aaf66a6792645eb0dcbaac6fdeb30f06420028b041d135926fa23076fabc60c3cd297de8df91accb80a3ba6f1e284a81c8d762ee12bb0943ce6d469001b43aea76ca85043c7540a0635dc54095640e542a76ae3e69351391d8ce7670c8895c221077a256bcd090d447dac21e23ba987ea3cc8bcdc36a870bb7337f0ab8ca813d72e4a3990ddd9e5b3b4d912e339f7752c2e530680409c66408a6be9c35ccdbea8ec807845b21a6940703859500c80a4738996357d6cdc80a1fae7e4dc155ba41ecad1402a9b52c2393392fa7f026e01822229b91fc1ae8b777296cc6981a3b672344df5c663a4e9b039ebcd05f01bb373052d306a67841e1435711d614c8d49e85fc5587296bc1eeafa97a026b7f08730d43eacbeb5d397f00f79a82ad3e9ac3004354a534080d829b6e3533df09f4f57236f65ea98177380cb46e401a629df9d6f40cb53530da784676c077d444cb3d972d674e42547866651623087c70f827503efb2b0d84ee4f5d679854a825770e5d88288921ac66e18d9fcd102ceddefceb075e820595ee99c13f6a01e3126f2bc4435fb4420d4266ab30f88f2f0873d5e60e7669f03780af257138d49e83642c7726aa63236a5e9986af78d0dc914733acc66a24872e2e2de6015979b4fa9b49070d06f526bbdfbe374976c6ae145a1913cdd4242a2f189d9f6455ff67a5ecaaea986666669f09830160282d22181d22e912582af1bea30c4e4a17881e9902ccd31d4bdb979f72ddf0211c37cc12848a76a4fe8271c37d791b3864a220e494f748db6158679aa4a935e4b1c49d667651875e8b2bca1175fa48344bc026f2669a069bc76bf78d90ecbf3e81d8e2c48d75340294f9b2a1045420118501bc8b763a2879ef3dfd42175df18dde931009e84538da71071bce77e685480eeb38766fa7d34e3d7e3d0ed8bd0608cf6cb61dfce5f54a489b2a83aea6c371708ef43d5d9e4b944de09e03c9597e9be2005dfba675a4197d6633b43fa67449cd9b8a7510eb0038942d8f0f39e561650c114436380d2eaaa714d3c5171b0cc978a96525661dff4336d82df19420445d018bcb42907a73f21cc2880c34118786f528f62c6056bb4c6a2ff7bac9c3bbcc98d8ddd9ecef79e71ff4"}) 16.33015047s ago: executing program 3 (id=1025): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200000300fd00850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2) 16.309356749s ago: executing program 2 (id=1026): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) prlimit64(0x0, 0xe, 0x0, 0x0) 16.053546499s ago: executing program 3 (id=1027): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000280)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0x6000000, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, {0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000, 0x8e84fffef67c07}}, r2}}, 0x48) 15.886094988s ago: executing program 2 (id=1028): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1}, 0x0, 0x0) 15.753932527s ago: executing program 3 (id=1029): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={0x0}, 0x18) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) pread64(r0, &(0x7f0000001240)=""/102384, 0x18ff0, 0x2000000000) r1 = socket$igmp6(0xa, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000020c0)={@ipv4={'\x00', '\xff\xff', @empty}, 0x80, r9}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r9}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00'}, 0x10) 15.687010148s ago: executing program 2 (id=1030): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000"], &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='tlb_flush\x00', r0}, 0x18) preadv(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x800) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 15.438340257s ago: executing program 4 (id=1031): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==") bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r0, 0x0, 0x9}, 0x18) r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0) ftruncate(r1, 0x2007ffc) sendfile(r1, r1, 0x0, 0x800000009) 15.165942256s ago: executing program 2 (id=1032): socket$inet_smc(0x2b, 0x1, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x30}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b15000000000000000000214907", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010067726574617000001800028004001200060003e01c00"], 0x48}}, 0x0) 15.144061376s ago: executing program 4 (id=1033): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c0017"], 0x38}}, 0x0) 1.099544763s ago: executing program 33 (id=1023): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/seq/clients\x00', 0x0, 0x0) close(r0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = syz_io_uring_setup(0x24f5, &(0x7f0000000780)={0x0, 0xc297, 0x10100, 0x3}, &(0x7f0000000100)=0x0, &(0x7f0000000800)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_SENDMSG={0x9, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000440)={&(0x7f0000000340)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x0, {0x2, 0x0, @multicast1}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000480)="10ab119b497ad23a1c1142ce24b27ffa12477294d5f95fbf8890c08a1c7a02944cf58f9e6725ddafac32a98ed3ec927d19a01a193c99058915996d97a79d6e364c97cd620d3e639b4374dae2de1c616415fbc228c3f6bbaacf237291ea1c763bc9f9405da6d699a83194b49c8848fe72407cbcd06881dbc687e9a9967c4031632fbbb883db18c6b0c40a546715fa886040c2", 0x5d}], 0x100000000000000f}, 0x0, 0x80840, 0x1}) io_uring_enter(r1, 0x11d30, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000440)='attr\x00') prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) getpid() r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000f40), r6) sendmsg$IEEE802154_ADD_IFACE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100fcff7f00000000002100000009001f007068793000f300000c000500000000000000000005002000000000"], 0x34}}, 0x4090) 51.73985ms ago: executing program 34 (id=1032): socket$inet_smc(0x2b, 0x1, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@desc={0x1, 0x0, @desc3}, 0x21, 0x0, '\x00', @c}) mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {}, [@FRA_GENERIC_POLICY=@FRA_PRIORITY={0x8}]}, 0x24}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@ipv4_newrule={0x30, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_IIFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x30}}, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b15000000000000000000214907", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010067726574617000001800028004001200060003e01c00"], 0x48}}, 0x0) 0s ago: executing program 35 (id=1029): munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={0x0}, 0x18) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) pread64(r0, &(0x7f0000001240)=""/102384, 0x18ff0, 0x2000000000) r1 = socket$igmp6(0xa, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000380)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r7 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r7, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x0) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f00000020c0)={@ipv4={'\x00', '\xff\xff', @empty}, 0x80, r9}) ioctl$sock_inet6_SIOCDIFADDR(r1, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r9}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00'}, 0x10) kernel console output (not intermixed with test programs): NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 41.769275][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 41.776125][ T4294] device veth0_vlan entered promiscuous mode [ 41.784668][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 41.787147][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 41.789490][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 41.794021][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 41.799725][ T4295] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.803621][ T4295] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.805995][ T4295] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.808318][ T4295] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 41.817605][ T4294] device veth1_vlan entered promiscuous mode [ 41.837294][ T4303] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 41.839381][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.842482][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 41.845233][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.848008][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.851790][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 41.854500][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 41.870510][ T4300] Bluetooth: hci0: command 0x041b tx timeout [ 41.872255][ T4300] Bluetooth: hci4: command 0x041b tx timeout [ 41.873929][ T4300] Bluetooth: hci1: command 0x041b tx timeout [ 41.875610][ T4300] Bluetooth: hci2: command 0x041b tx timeout [ 41.897228][ T4302] device veth0_macvtap entered promiscuous mode [ 41.940004][ T4301] device veth0_macvtap entered promiscuous mode [ 41.949205][ T4302] device veth1_macvtap entered promiscuous mode [ 41.960562][ T4306] Bluetooth: hci3: command 0x041b tx timeout [ 41.979333][ T4294] device veth0_macvtap entered promiscuous mode [ 41.984362][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 41.987002][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 41.989528][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 41.998167][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.001981][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.004579][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.007184][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.014104][ T4301] device veth1_macvtap entered promiscuous mode [ 42.033462][ T4294] device veth1_macvtap entered promiscuous mode [ 42.036068][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.038830][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.044374][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.046543][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.046985][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 42.051689][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 42.054275][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.057971][ T4302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.061312][ T4302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.064968][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.079388][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.083464][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.087156][ T4301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.090050][ T4301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.093390][ T4301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.096046][ T4301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.099681][ T4301] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.109243][ T4302] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.113413][ T4302] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.117085][ T4302] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.119488][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.124131][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.126784][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.129413][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.133485][ T4301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.136260][ T4301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.138784][ T4301] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.142172][ T4301] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.145998][ T4301] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.156730][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.159619][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.170673][ T4302] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.173193][ T4302] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.175426][ T4302] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.177713][ T4302] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.184139][ T4301] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.186481][ T4301] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.188820][ T4301] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.192025][ T4301] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.210843][ T4303] device veth0_vlan entered promiscuous mode [ 42.214598][ T4351] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.216727][ T4351] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.225866][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 42.228371][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 42.231815][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.234362][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 42.236852][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 42.239477][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.243390][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.245928][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.248752][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.251781][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.254576][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.258577][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.276382][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.279152][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.293185][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.296007][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.298597][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.303628][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.306334][ T4294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.309122][ T4294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.314067][ T4294] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.336654][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.344162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.354784][ T4294] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.357466][ T4294] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.359784][ T4294] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.364523][ T4294] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.384405][ T4303] device veth1_vlan entered promiscuous mode [ 42.415375][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.417652][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.460777][ T27] audit: type=1326 audit(42.420:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.466445][ T27] audit: type=1326 audit(42.430:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.485744][ T27] audit: type=1326 audit(42.430:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.491962][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.494240][ T27] audit: type=1326 audit(42.430:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.506199][ T27] audit: type=1326 audit(42.430:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.513272][ T27] audit: type=1326 audit(42.430:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.519502][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.522225][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 42.524941][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 42.529855][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.533792][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.536222][ T27] audit: type=1326 audit(42.430:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.537315][ T4303] device veth0_macvtap entered promiscuous mode [ 42.558691][ T27] audit: type=1326 audit(42.430:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.581100][ T27] audit: type=1326 audit(42.430:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.595087][ T27] audit: type=1326 audit(42.430:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4374 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 42.595227][ T4303] device veth1_macvtap entered promiscuous mode [ 42.630147][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.634090][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.646578][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 42.649240][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 42.656381][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.721266][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.723465][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.726762][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.738832][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.741832][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.744447][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.747236][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.761840][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.764624][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.767484][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 42.784399][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.788715][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 42.800653][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 42.803393][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 42.807627][ T513] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.809761][ T513] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.822749][ T90] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 42.836582][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.839307][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.856143][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.859097][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.862432][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.865135][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.867754][ T4303] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 42.871209][ T4303] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 42.883430][ T4303] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 42.892600][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 42.895746][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 42.929183][ T4383] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6'. [ 42.931371][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 42.933838][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 42.938270][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 42.962653][ T4303] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.965009][ T4303] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.967310][ T4303] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 42.969499][ T4303] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 43.093047][ T4383] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 43.672729][ T4396] loop3: detected capacity change from 0 to 512 [ 43.760253][ T4396] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 43.763785][ T4396] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 43.950543][ T4300] Bluetooth: hci2: command 0x040f tx timeout [ 43.952168][ T4300] Bluetooth: hci1: command 0x040f tx timeout [ 43.953800][ T4300] Bluetooth: hci4: command 0x040f tx timeout [ 43.955519][ T4300] Bluetooth: hci0: command 0x040f tx timeout [ 44.012934][ T4396] EXT4-fs (loop3): 1 truncate cleaned up [ 44.014558][ T4396] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 44.079851][ T4306] Bluetooth: hci3: command 0x040f tx timeout [ 44.258702][ T4405] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8'. [ 44.262204][ T4407] lo speed is unknown, defaulting to 1000 [ 44.264333][ T4397] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.266637][ T4397] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.671365][ T4411] loop1: detected capacity change from 0 to 1024 [ 44.676300][ T4411] ======================================================= [ 44.676300][ T4411] WARNING: The mand mount option has been deprecated and [ 44.676300][ T4411] and is ignored by this kernel. Remove the mand [ 44.676300][ T4411] option from the mount to silence this warning. [ 44.676300][ T4411] ======================================================= [ 44.687266][ T4411] EXT4-fs: Ignoring removed nobh option [ 44.688847][ T4411] EXT4-fs: Ignoring removed bh option [ 45.240552][ T4411] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 45.970218][ C1] sched: RT throttling activated [ 45.994800][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 46.050659][ T4300] Bluetooth: hci0: command 0x0419 tx timeout [ 46.052797][ T4300] Bluetooth: hci4: command 0x0419 tx timeout [ 46.054813][ T4300] Bluetooth: hci1: command 0x0419 tx timeout [ 46.056845][ T4300] Bluetooth: hci2: command 0x0419 tx timeout [ 46.112351][ T4300] Bluetooth: hci3: command 0x0419 tx timeout [ 46.379052][ T4411] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 47.415944][ T4407] lo speed is unknown, defaulting to 1000 [ 47.424122][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 47.456989][ T90] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 47.462513][ T4407] lo speed is unknown, defaulting to 1000 [ 47.465759][ T4407] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 47.469934][ T4407] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 47.503207][ T90] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 47.518419][ T4407] lo speed is unknown, defaulting to 1000 [ 47.532617][ T513] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 47.559357][ T4407] lo speed is unknown, defaulting to 1000 [ 47.579118][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 47.669082][ T4434] loop1: detected capacity change from 0 to 128 [ 47.687451][ T4407] lo speed is unknown, defaulting to 1000 [ 47.689368][ T4407] lo speed is unknown, defaulting to 1000 [ 47.694195][ T4407] lo speed is unknown, defaulting to 1000 [ 47.696566][ T4407] lo speed is unknown, defaulting to 1000 [ 47.698522][ T4407] lo speed is unknown, defaulting to 1000 [ 48.585268][ T4437] netlink: 9 bytes leftover after parsing attributes in process `syz.4.5'. [ 48.598992][ T4437] device gretap0 entered promiscuous mode [ 48.645139][ T4344] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 48.661181][ T4344] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 48.695988][ T4439] device geneve2 entered promiscuous mode [ 48.746038][ T4450] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 48.759169][ T4447] loop1: detected capacity change from 0 to 1024 [ 48.771551][ T4447] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 48.789798][ T4447] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869) [ 48.798867][ T4447] EXT4-fs (loop1): invalid journal inode [ 48.812998][ T4447] EXT4-fs (loop1): can't get journal size [ 48.826043][ T4447] EXT4-fs error (device loop1): ext4_protect_reserved_inode:182: inode #3: comm syz.1.15: blocks 2-2 from inode overlap system zone [ 48.850141][ T4447] EXT4-fs (loop1): failed to initialize system zone (-117) [ 48.871552][ T4447] EXT4-fs (loop1): mount failed [ 49.286738][ T4476] mmap: syz.2.27 (4476) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 49.657688][ T4479] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 50.372047][ T4488] netlink: 4 bytes leftover after parsing attributes in process `syz.0.32'. [ 50.936597][ T4484] team0: Port device team_slave_1 removed [ 50.956353][ T4489] device geneve2 entered promiscuous mode [ 51.058526][ T4479] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.262518][ T4479] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.402326][ T4479] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.412869][ T4509] lo speed is unknown, defaulting to 1000 [ 51.529671][ T4516] netlink: 8 bytes leftover after parsing attributes in process `syz.1.43'. [ 51.544909][ T4517] netlink: 36 bytes leftover after parsing attributes in process `syz.2.44'. [ 51.664652][ T4516] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 51.712607][ T4479] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.738986][ T4479] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.782461][ T4479] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.825689][ T4479] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.902218][ T4516] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.083241][ T4516] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.104761][ T4534] device geneve2 entered promiscuous mode [ 53.302430][ T4516] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.343151][ T27] kauditd_printk_skb: 135 callbacks suppressed [ 53.343164][ T27] audit: type=1326 audit(53.310:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.357449][ T27] audit: type=1326 audit(53.320:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.364984][ T27] audit: type=1326 audit(53.330:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.370930][ T27] audit: type=1326 audit(53.330:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.376962][ T27] audit: type=1326 audit(53.330:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.393297][ T27] audit: type=1326 audit(53.330:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.404049][ T27] audit: type=1326 audit(53.330:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.412948][ T27] audit: type=1326 audit(53.330:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.418740][ T27] audit: type=1326 audit(53.330:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.430179][ T4516] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.436106][ T27] audit: type=1326 audit(53.330:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4549 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 53.448497][ T4516] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.456988][ T4516] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.464218][ T4516] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.814040][ T4572] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 54.254702][ T4592] xt_hashlimit: max too large, truncated to 1048576 [ 54.557259][ T4609] netlink: 'syz.1.87': attribute type 6 has an invalid length. [ 54.827635][ T4622] batman_adv: batadv0: Adding interface: dummy0 [ 54.829543][ T4626] 9pnet_fd: Insufficient options for proto=fd [ 54.832664][ T4622] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.857475][ T4622] batman_adv: batadv0: Interface activated: dummy0 [ 54.891838][ T4622] batadv0: mtu less than device minimum [ 54.896769][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.902609][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.909641][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.915989][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.922281][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.927875][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.933589][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.939533][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 54.945937][ T4622] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 55.149074][ T4633] syz.3.98 uses obsolete (PF_INET,SOCK_PACKET) [ 55.152840][ T4633] device syzkaller1 entered promiscuous mode [ 55.465216][ T4651] netlink: 8 bytes leftover after parsing attributes in process `syz.0.106'. [ 55.711032][ T4658] loop2: detected capacity change from 0 to 128 [ 55.752804][ T4658] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 55.806537][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 55.833012][ T113] cfg80211: failed to load regulatory.db [ 55.976466][ T4671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.981811][ T4671] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.991366][ T4671] lo speed is unknown, defaulting to 1000 [ 55.998580][ T4671] lo speed is unknown, defaulting to 1000 [ 56.002695][ T4671] lo speed is unknown, defaulting to 1000 [ 56.102891][ T4671] infiniband syz2: set active [ 56.105452][ T4342] lo speed is unknown, defaulting to 1000 [ 56.107250][ T4671] infiniband syz2: added lo [ 56.137612][ T4671] RDS/IB: syz2: added [ 56.139522][ T4671] smc: adding ib device syz2 with port count 1 [ 56.145044][ T4671] smc: ib device syz2 port 1 has pnetid [ 56.148958][ T4342] lo speed is unknown, defaulting to 1000 [ 56.153042][ T4671] lo speed is unknown, defaulting to 1000 [ 56.263488][ T4671] lo speed is unknown, defaulting to 1000 [ 56.307422][ T4671] lo speed is unknown, defaulting to 1000 [ 56.358933][ T4671] lo speed is unknown, defaulting to 1000 [ 56.416848][ T4671] lo speed is unknown, defaulting to 1000 [ 57.089710][ T4724] netlink: 96 bytes leftover after parsing attributes in process `syz.2.139'. [ 58.546173][ T4749] lo speed is unknown, defaulting to 1000 [ 58.552998][ T4749] lo speed is unknown, defaulting to 1000 [ 60.593792][ T4751] netlink: 268 bytes leftover after parsing attributes in process `syz.1.152'. [ 60.895486][ T27] kauditd_printk_skb: 376 callbacks suppressed [ 60.895500][ T27] audit: type=1326 audit(60.860:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.903489][ T27] audit: type=1326 audit(60.860:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.910626][ T27] audit: type=1326 audit(60.860:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.916635][ T27] audit: type=1326 audit(60.860:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9455d2cc code=0x7ffc0000 [ 60.934040][ T27] audit: type=1326 audit(60.860:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.947758][ T27] audit: type=1326 audit(60.860:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.961351][ T27] audit: type=1326 audit(60.860:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.967599][ T27] audit: type=1326 audit(60.870:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=5 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.978770][ T27] audit: type=1326 audit(60.870:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 60.985682][ T27] audit: type=1326 audit(60.870:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4762 comm="syz.0.157" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=79 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 62.113211][ T4811] loop1: detected capacity change from 0 to 8192 [ 62.165400][ T4811] device veth1_macvtap left promiscuous mode [ 62.167312][ T4811] device macsec0 entered promiscuous mode [ 62.605529][ T4827] lo speed is unknown, defaulting to 1000 [ 62.611343][ T4827] lo speed is unknown, defaulting to 1000 [ 63.084081][ T4823] loop3: detected capacity change from 0 to 512 [ 63.134978][ T4823] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 63.351321][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 63.611967][ T4851] lo speed is unknown, defaulting to 1000 [ 63.615289][ T4851] lo speed is unknown, defaulting to 1000 [ 64.325788][ T4869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.199'. [ 64.512634][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.514740][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.596952][ T4875] loop3: detected capacity change from 0 to 4096 [ 64.614983][ T4875] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 64.630309][ T4875] EXT4-fs (loop3): re-mounted. Quota mode: writeback. [ 64.655427][ T4880] IPv6: NLM_F_CREATE should be specified when creating new route [ 64.676564][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 65.134346][ T4894] lo speed is unknown, defaulting to 1000 [ 65.136478][ T4894] lo speed is unknown, defaulting to 1000 [ 67.985145][ T4924] loop3: detected capacity change from 0 to 1024 [ 67.997628][ T4924] EXT4-fs: Ignoring removed bh option [ 68.028588][ T4924] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 68.064367][ T4924] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 2: comm syz.3.221: lblock 2 mapped to illegal pblock 2 (length 1) [ 68.083653][ T4924] __quota_error: 30 callbacks suppressed [ 68.083667][ T4924] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 68.103645][ T4924] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 48: comm syz.3.221: lblock 0 mapped to illegal pblock 48 (length 1) [ 68.130153][ T4924] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 68.144482][ T4924] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.221: Failed to acquire dquot type 0 [ 68.167232][ T4924] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 68.187956][ T4924] EXT4-fs error (device loop3): ext4_evict_inode:279: inode #11: comm syz.3.221: mark_inode_dirty error [ 68.227676][ T4939] loop2: detected capacity change from 0 to 512 [ 68.227728][ T4924] EXT4-fs warning (device loop3): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 68.238427][ T4924] EXT4-fs (loop3): 1 orphan inode deleted [ 68.240195][ T4924] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 68.255239][ T4440] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:11: lblock 1 mapped to illegal pblock 1 (length 1) [ 68.261128][ T4440] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 68.266597][ T4939] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.225: bg 0: block 248: padding at end of block bitmap is not set [ 68.273642][ T4440] EXT4-fs error (device loop3): ext4_release_dquot:6818: comm kworker/u4:11: Failed to release dquot type 0 [ 68.296444][ T4939] Quota error (device loop2): write_blk: dquota write failed [ 68.305305][ T4939] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 68.316083][ T4939] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.225: Failed to acquire dquot type 1 [ 68.339710][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 68.343560][ T4939] EXT4-fs (loop2): 1 truncate cleaned up [ 68.345174][ T4939] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 68.348047][ T4302] EXT4-fs error (device loop3): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 68.398458][ T4302] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 68.412656][ T4302] EXT4-fs error (device loop3): ext4_quota_off:7084: inode #3: comm syz-executor: mark_inode_dirty error [ 68.516810][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 68.549723][ T27] audit: type=1326 audit(68.510:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 68.558227][ T27] audit: type=1326 audit(68.520:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=145 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 68.596826][ T27] audit: type=1326 audit(68.520:575): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 68.607849][ T27] audit: type=1326 audit(68.520:576): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=31 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 68.615973][ T27] audit: type=1326 audit(68.520:577): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.3.230" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 69.978466][ T4989] syz.2.246 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 70.680550][ T5018] random: crng reseeded on system resumption [ 70.877507][ T5024] netlink: 20 bytes leftover after parsing attributes in process `syz.0.263'. [ 70.885843][ T5025] netlink: 4 bytes leftover after parsing attributes in process `syz.2.264'. [ 71.613864][ T5044] net_ratelimit: 10 callbacks suppressed [ 71.613878][ T5044] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 71.706675][ T5049] netlink: 4 bytes leftover after parsing attributes in process `syz.2.274'. [ 71.724984][ T5049] netlink: 4 bytes leftover after parsing attributes in process `syz.2.274'. [ 71.733366][ T5032] lo speed is unknown, defaulting to 1000 [ 71.738921][ T5032] lo speed is unknown, defaulting to 1000 [ 72.069585][ T5061] netlink: 4 bytes leftover after parsing attributes in process `syz.0.279'. [ 72.420775][ T5059] loop4: detected capacity change from 0 to 32768 [ 72.539087][ T5078] tc_dump_action: action bad kind [ 72.976541][ T5089] loop1: detected capacity change from 0 to 128 [ 73.030146][ T5089] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 74.063272][ T5095] netlink: 8 bytes leftover after parsing attributes in process `syz.1.291'. [ 74.192264][ T5105] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 74.194450][ T5105] IPv6: NLM_F_CREATE should be set when creating new route [ 74.196421][ T5105] IPv6: NLM_F_CREATE should be set when creating new route [ 74.198194][ T5105] IPv6: NLM_F_CREATE should be set when creating new route [ 74.262533][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 74.667786][ T5120] lo speed is unknown, defaulting to 1000 [ 74.673601][ T5120] lo speed is unknown, defaulting to 1000 [ 75.209813][ T5116] loop1: detected capacity change from 0 to 512 [ 75.220910][ T5116] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 75.224630][ T5119] loop3: detected capacity change from 0 to 1024 [ 75.249624][ T5116] EXT4-fs (loop1): 1 truncate cleaned up [ 75.251326][ T5116] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 75.279662][ T5119] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 75.293952][ T27] kauditd_printk_skb: 48 callbacks suppressed [ 75.293965][ T27] audit: type=1326 audit(75.260:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.301947][ T5129] loop4: detected capacity change from 0 to 164 [ 75.311279][ T27] audit: type=1326 audit(75.260:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.352350][ T27] audit: type=1326 audit(75.260:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.358613][ T27] audit: type=1326 audit(75.260:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.403926][ T27] audit: type=1326 audit(75.260:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.421166][ T27] audit: type=1326 audit(75.260:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.427547][ T27] audit: type=1326 audit(75.260:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.433704][ T27] audit: type=1326 audit(75.260:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 75.439460][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 75.439881][ T27] audit: type=1326 audit(75.260:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffad75ad5c code=0x7ffc0000 [ 75.448664][ T27] audit: type=1326 audit(75.260:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5128 comm="syz.4.305" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffffad7593f0 code=0x7ffc0000 [ 75.526723][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 75.593368][ T5138] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 75.739041][ T5145] loop4: detected capacity change from 0 to 128 [ 75.759912][ T5145] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 76.433820][ T5158] netlink: 8 bytes leftover after parsing attributes in process `syz.4.310'. [ 76.885824][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 76.966066][ T5165] xt_hashlimit: max too large, truncated to 1048576 [ 76.974227][ T5163] loop4: detected capacity change from 0 to 512 [ 76.976440][ T5165] Cannot find set identified by id 0 to match [ 77.002313][ T5163] EXT4-fs (loop4): corrupt root inode, run e2fsck [ 77.004082][ T5163] EXT4-fs (loop4): mount failed [ 77.369454][ T5190] loop2: detected capacity change from 0 to 128 [ 77.389872][ T5190] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 78.071264][ T5205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.330'. [ 78.529629][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 78.619667][ T5213] loop2: detected capacity change from 0 to 256 [ 78.946075][ T5235] netlink: 8 bytes leftover after parsing attributes in process `syz.1.348'. [ 78.957351][ T5237] loop3: detected capacity change from 0 to 128 [ 79.038167][ T5237] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 79.251593][ T5244] loop2: detected capacity change from 0 to 1024 [ 79.253857][ T5244] EXT4-fs: Ignoring removed nobh option [ 79.255438][ T5244] EXT4-fs: Ignoring removed bh option [ 79.288473][ T5244] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 79.752512][ T5246] netlink: 8 bytes leftover after parsing attributes in process `syz.3.349'. [ 80.574511][ T5244] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 80.864564][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 82.443607][ T5269] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 82.634598][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 82.735102][ T5279] loop3: detected capacity change from 0 to 164 [ 82.795728][ T5279] Unable to read rock-ridge attributes [ 82.926758][ T5279] block device autoloading is deprecated and will be removed. [ 82.936521][ T5279] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 83.146353][ T5282] lo speed is unknown, defaulting to 1000 [ 83.153635][ T5282] lo speed is unknown, defaulting to 1000 [ 85.681194][ T5319] lo speed is unknown, defaulting to 1000 [ 85.683157][ T5319] lo speed is unknown, defaulting to 1000 [ 85.958380][ T5335] loop4: detected capacity change from 0 to 164 [ 85.979077][ T5335] Unable to read rock-ridge attributes [ 86.049207][ T5335] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2 [ 86.687143][ T5362] lo speed is unknown, defaulting to 1000 [ 86.694394][ T5362] lo speed is unknown, defaulting to 1000 [ 87.471818][ T5369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.399'. [ 87.712700][ T5376] loop0: detected capacity change from 0 to 164 [ 87.721255][ T5375] netem: change failed [ 87.860937][ T5376] Unable to read rock-ridge attributes [ 88.072292][ T5389] loop0: detected capacity change from 0 to 2048 [ 88.114601][ T5389] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 88.146224][ T5396] loop3: detected capacity change from 0 to 256 [ 88.151943][ T5396] FAT-fs (loop3): Unrecognized mount option "utfk=strict" or missing value [ 88.177605][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 88.210409][ T4286] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 89.203864][ T5409] netlink: 12 bytes leftover after parsing attributes in process `syz.3.415'. [ 89.676857][ T27] kauditd_printk_skb: 55 callbacks suppressed [ 89.676870][ T27] audit: type=1326 audit(89.640:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.689573][ T27] audit: type=1326 audit(89.650:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.725323][ T27] audit: type=1326 audit(89.670:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.757785][ T27] audit: type=1326 audit(89.670:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.778505][ T27] audit: type=1326 audit(89.670:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.798347][ T27] audit: type=1326 audit(89.680:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.808468][ T5439] 9pnet_fd: p9_fd_create_tcp (5439): problem connecting socket to 127.0.0.1 [ 89.822933][ T27] audit: type=1326 audit(89.680:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.849970][ T27] audit: type=1326 audit(89.680:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.876010][ T27] audit: type=1326 audit(89.680:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 89.890106][ T27] audit: type=1326 audit(89.680:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.4.426" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 90.253764][ T5460] netlink: 'syz.4.439': attribute type 4 has an invalid length. [ 90.316979][ T5460] netlink: 'syz.4.439': attribute type 4 has an invalid length. [ 90.438091][ T5467] loop0: detected capacity change from 0 to 512 [ 90.443260][ T5467] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 90.484848][ T5467] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.441: bg 0: block 418: padding at end of block bitmap is not set [ 90.515839][ T5467] EXT4-fs (loop0): Remounting filesystem read-only [ 90.517597][ T5467] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 90.522910][ T5467] EXT4-fs (loop0): Remounting filesystem read-only [ 90.524671][ T5467] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.441: invalid indirect mapped block 1 (level 1) [ 90.528455][ T5467] EXT4-fs (loop0): Remounting filesystem read-only [ 90.530601][ T5467] EXT4-fs (loop0): 1 truncate cleaned up [ 90.532357][ T5467] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 90.571987][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 91.779634][ T5496] smc: net device bond0 applied user defined pnetid SYZ0 [ 91.827820][ T5496] smc: net device bond0 erased user defined pnetid SYZ0 [ 92.437172][ T5516] loop4: detected capacity change from 0 to 128 [ 92.506377][ T5518] smc: net device bond0 applied user defined pnetid SYZ0 [ 92.517146][ T5512] smc: net device bond0 erased user defined pnetid SYZ0 [ 92.547188][ T5516] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 93.523565][ T5530] netlink: 9 bytes leftover after parsing attributes in process `syz.2.467'. [ 93.537558][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 93.548951][ T5530] device gretap0 entered promiscuous mode [ 93.618674][ T5534] smc: net device bond0 applied user defined pnetid SYZ0 [ 93.629606][ T5538] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 93.634941][ T5534] smc: net device bond0 erased user defined pnetid SYZ0 [ 93.886648][ T5553] loop1: detected capacity change from 0 to 512 [ 94.061561][ T5553] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c11c, mo2=0002] [ 94.061622][ T5553] System zones: 0-2, 18-18, 34-34 [ 94.063573][ T5553] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.476: bg 0: block 248: padding at end of block bitmap is not set [ 94.072053][ T5560] smc: net device bond0 applied user defined pnetid SYZ0 [ 94.072511][ T5560] smc: net device bond0 erased user defined pnetid SYZ0 [ 94.083537][ T5553] EXT4-fs error (device loop1): ext4_acquire_dquot:6795: comm syz.1.476: Failed to acquire dquot type 1 [ 94.084613][ T5553] EXT4-fs (loop1): 1 truncate cleaned up [ 94.084642][ T5553] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 94.974153][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 95.188547][ T5570] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 95.295710][ T5573] smc: net device bond0 applied user defined pnetid SYZ0 [ 95.314182][ T5573] smc: net device bond0 erased user defined pnetid SYZ0 [ 95.607872][ T5583] loop1: detected capacity change from 0 to 2048 [ 95.685082][ T5583] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 95.697441][ T5583] EXT4-fs error (device loop1): ext4_find_extent:936: inode #2: comm syz.1.489: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 95.707301][ T5583] EXT4-fs (loop1): Remounting filesystem read-only [ 95.797193][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 95.913104][ T5590] loop4: detected capacity change from 0 to 2048 [ 95.976566][ T5590] loop4: p1 < > p3 [ 95.984885][ T5590] loop4: p3 size 134217728 extends beyond EOD, truncated [ 96.173304][ T4303] __loop_clr_fd: partition scan of loop4 failed (rc=-16) [ 96.181525][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 96.193632][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.199926][ T5599] Zero length message leads to an empty skb [ 96.204140][ T4424] I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 96.219594][ T4286] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 96.227077][ T4424] I/O error, dev loop4, sector 9 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.229545][ T4424] Buffer I/O error on dev loop4p3, logical block 8, async page read [ 96.231867][ T4424] I/O error, dev loop4, sector 10 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.234328][ T4424] Buffer I/O error on dev loop4p3, logical block 9, async page read [ 96.236785][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.254191][ T4286] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 96.256440][ T4286] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.258974][ T4286] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 96.280416][ T4424] I/O error, dev loop4, sector 11 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.282939][ T4424] Buffer I/O error on dev loop4p3, logical block 10, async page read [ 96.285224][ T4424] I/O error, dev loop4, sector 12 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.287811][ T4424] Buffer I/O error on dev loop4p3, logical block 11, async page read [ 96.290038][ T4424] I/O error, dev loop4, sector 13 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 96.309897][ T4286] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 96.328449][ T5605] smc: net device bond0 applied user defined pnetid SYZ0 [ 96.334838][ T4286] Buffer I/O error on dev loop4p1, logical block 0, async page read [ 96.338569][ T5605] smc: net device bond0 erased user defined pnetid SYZ0 [ 96.349260][ T4424] Buffer I/O error on dev loop4p3, logical block 12, async page read [ 96.442767][ T4286] udevd[4286]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 96.469968][ T4424] udevd[4424]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 96.534593][ T4424] udevd[4424]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 96.544675][ T4286] udevd[4286]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 96.636453][ T5622] xt_recent: hitcount (456) is larger than allowed maximum (255) [ 96.649758][ T5622] loop4: detected capacity change from 0 to 256 [ 96.657523][ T5623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.505'. [ 96.658778][ T4286] udevd[4286]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 96.664581][ T5622] FAT-fs (loop4): bogus number of FAT sectors [ 96.668852][ T4424] udevd[4424]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory [ 96.677400][ T5622] FAT-fs (loop4): Can't find a valid FAT filesystem [ 97.077541][ T5631] loop0: detected capacity change from 0 to 1024 [ 97.085404][ T5631] EXT4-fs: Ignoring removed nobh option [ 97.086970][ T5631] EXT4-fs: Ignoring removed bh option [ 97.165200][ T5631] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 97.478763][ T5631] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 99.119642][ T27] kauditd_printk_skb: 8 callbacks suppressed [ 99.119655][ T27] audit: type=1326 audit(99.080:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.158197][ T27] audit: type=1326 audit(99.110:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.183318][ T27] audit: type=1326 audit(99.130:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.245073][ T27] audit: type=1326 audit(99.130:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.301447][ T5646] loop4: detected capacity change from 0 to 512 [ 99.303852][ T5646] EXT4-fs: Ignoring removed orlov option [ 99.321039][ T27] audit: type=1326 audit(99.140:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.326829][ T27] audit: type=1326 audit(99.140:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.393742][ T5646] EXT4-fs warning (device loop4): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value [ 99.397067][ T5646] EXT4-fs warning (device loop4): dx_probe:881: Enable large directory feature to access it [ 99.410095][ T27] audit: type=1326 audit(99.140:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.420401][ T5646] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.515: Corrupt directory, running e2fsck is recommended [ 99.458252][ T27] audit: type=1326 audit(99.140:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=199 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.483108][ T27] audit: type=1326 audit(99.140:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.489048][ T27] audit: type=1326 audit(99.140:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5640 comm="syz.3.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 99.513407][ T5646] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -2 [ 99.515771][ T5646] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2186: inode #15: comm syz.4.515: corrupted in-inode xattr [ 99.522887][ T5646] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.515: couldn't read orphan inode 15 (err -117) [ 99.529127][ T5646] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 99.540846][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 99.607459][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 99.687790][ T5666] netlink: 'syz.2.522': attribute type 16 has an invalid length. [ 99.700427][ T5666] netlink: 'syz.2.522': attribute type 17 has an invalid length. [ 99.702850][ T5666] infiniband syz2: set active [ 99.716248][ T5666] infiniband syz2: set active [ 99.738798][ T5666] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 99.741176][ T5666] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 99.754051][ T5669] loop1: detected capacity change from 0 to 2048 [ 99.762893][ T5669] EXT4-fs: Ignoring removed mblk_io_submit option [ 99.795881][ T5669] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 99.861989][ T5666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 99.869818][ T4342] lo speed is unknown, defaulting to 1000 [ 99.880501][ T1516] lo speed is unknown, defaulting to 1000 [ 99.920096][ T5679] loop0: detected capacity change from 0 to 512 [ 99.950311][ T5679] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.528: corrupted xattr block 255 [ 99.962476][ T5679] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 99.964724][ T5679] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 99.965208][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 100.001753][ T5679] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #2: comm syz.0.528: corrupted xattr block 255 [ 100.209263][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 104.627137][ T27] kauditd_printk_skb: 106 callbacks suppressed [ 104.627150][ T27] audit: type=1326 audit(104.590:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.645087][ T27] audit: type=1326 audit(104.600:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.669822][ T27] audit: type=1326 audit(104.600:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=74 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.710288][ T27] audit: type=1326 audit(104.600:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.716165][ T27] audit: type=1326 audit(104.600:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.749455][ T27] audit: type=1326 audit(104.600:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=281 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.770287][ T27] audit: type=1326 audit(104.600:829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.805163][ T27] audit: type=1326 audit(104.600:830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5746 comm="syz.4.556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.835559][ T27] audit: type=1326 audit(104.730:831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5752 comm="syz.4.561" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.845890][ T27] audit: type=1326 audit(104.740:832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5752 comm="syz.4.561" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 104.958398][ T5763] loop4: detected capacity change from 0 to 1024 [ 104.968430][ T5763] EXT4-fs: Ignoring removed oldalloc option [ 105.017281][ T5763] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 105.116931][ T5763] capability: warning: `syz.4.564' uses 32-bit capabilities (legacy support in use) [ 105.171201][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 105.476783][ T5791] netlink: 32 bytes leftover after parsing attributes in process `syz.2.576'. [ 105.479747][ T5791] netlink: 32 bytes leftover after parsing attributes in process `syz.2.576'. [ 106.178646][ T5823] loop3: detected capacity change from 0 to 1024 [ 106.188191][ T5823] EXT4-fs: Ignoring removed nobh option [ 106.193424][ T5823] EXT4-fs: Ignoring removed bh option [ 106.197450][ T5823] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 106.212938][ T5823] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 106.450912][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 107.270645][ T5833] loop0: detected capacity change from 0 to 512 [ 107.299190][ T5833] EXT4-fs (loop0): orphan cleanup on readonly fs [ 107.312610][ T5833] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.593: bg 0: block 248: padding at end of block bitmap is not set [ 107.319033][ T5833] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.593: Failed to acquire dquot type 1 [ 107.329325][ T5833] EXT4-fs (loop0): 1 truncate cleaned up [ 107.332687][ T5833] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 107.439249][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 107.720770][ T5857] netlink: 68 bytes leftover after parsing attributes in process `syz.3.599'. [ 107.783278][ T5862] netlink: 9 bytes leftover after parsing attributes in process `syz.0.612'. [ 107.810695][ T5862] device gretap0 entered promiscuous mode [ 107.974217][ T4490] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 107.980142][ T4490] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 107.999773][ T5865] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 108.078756][ T5855] usb usb8: usbfs: process 5855 (syz.1.601) did not claim interface 0 before use [ 109.107475][ T5898] netlink: 9 bytes leftover after parsing attributes in process `syz.0.616'. [ 109.238005][ T22] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 109.249019][ T22] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 109.476152][ T5915] lo speed is unknown, defaulting to 1000 [ 109.478238][ T5915] lo speed is unknown, defaulting to 1000 [ 109.745904][ T27] kauditd_printk_skb: 138 callbacks suppressed [ 109.745918][ T27] audit: type=1326 audit(109.710:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.764482][ T27] audit: type=1326 audit(109.720:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.789815][ T27] audit: type=1326 audit(109.730:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.809741][ T27] audit: type=1326 audit(109.730:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.834546][ T27] audit: type=1326 audit(109.730:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.858490][ T27] audit: type=1326 audit(109.730:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.875014][ T27] audit: type=1326 audit(109.730:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.892166][ T27] audit: type=1326 audit(109.730:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=235 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 109.906193][ T27] audit: type=1326 audit(109.740:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.627" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb495ad28 code=0x7ffc0000 [ 110.213677][ T5797] Set syz1 is full, maxelem 65536 reached [ 110.280181][ T5936] usb usb8: usbfs: process 5936 (syz.0.634) did not claim interface 0 before use [ 110.366646][ T5936] loop0: detected capacity change from 0 to 1024 [ 110.416791][ T5936] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 110.571186][ T5955] ip6t_rpfilter: unknown options [ 110.737683][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 110.750340][ T5961] netlink: 9 bytes leftover after parsing attributes in process `syz.4.644'. [ 110.775503][ T1516] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 110.778874][ T1516] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 110.932218][ T5967] lo speed is unknown, defaulting to 1000 [ 110.934212][ T5967] lo speed is unknown, defaulting to 1000 [ 110.957478][ C1] IPv4: Oversized IP packet from 127.0.0.1 [ 111.077645][ T5973] loop1: detected capacity change from 0 to 2048 [ 111.149463][ T5980] 9pnet_fd: Insufficient options for proto=fd [ 111.161980][ T5973] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities [ 111.239907][ T4286] blk_print_req_error: 5 callbacks suppressed [ 111.239923][ T4286] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 111.246901][ T5982] tipc: Started in network mode [ 111.248359][ T5982] tipc: Node identity dec99d5c7e05, cluster identity 4711 [ 111.256166][ T5982] tipc: Enabled bearer , priority 0 [ 111.286568][ T5976] tipc: Resetting bearer [ 112.271516][ T22] tipc: Node number set to 2697764188 [ 115.579812][ T6038] netlink: 12 bytes leftover after parsing attributes in process `syz.4.677'. [ 123.722808][ T5976] tipc: Disabling bearer [ 123.726618][ T5986] IPv6: Can't replace route, no match found [ 123.740979][ T6004] sch_tbf: burst 3298 is lower than device lo mtu (65550) ! [ 124.002287][ T6054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.682'. [ 124.049456][ T6053] netlink: 28 bytes leftover after parsing attributes in process `syz.1.683'. [ 124.177053][ T6053] netlink: 28 bytes leftover after parsing attributes in process `syz.1.683'. [ 124.190911][ T6065] process 'syz.4.687' launched './file1' with NULL argv: empty string added [ 124.348222][ T6053] netlink: 28 bytes leftover after parsing attributes in process `syz.1.683'. [ 124.404587][ T6078] netlink: 'syz.4.692': attribute type 10 has an invalid length. [ 124.406724][ T6078] netlink: 40 bytes leftover after parsing attributes in process `syz.4.692'. [ 124.505521][ T6078] team0: Failed to send port change of device geneve0 via netlink (err -105) [ 124.506820][ T6086] netlink: 12 bytes leftover after parsing attributes in process `syz.3.694'. [ 124.508081][ T6078] team0: Failed to send options change via netlink (err -105) [ 124.531438][ T6078] team0: Port device geneve0 added [ 124.575497][ T6091] netem: change failed [ 124.738995][ T6100] loop4: detected capacity change from 0 to 512 [ 124.826014][ T6100] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 124.952538][ T6121] netlink: 24 bytes leftover after parsing attributes in process `syz.2.706'. [ 124.955089][ T6121] bond0: option ad_select: unable to set because the bond device is up [ 124.986085][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 125.077057][ T27] audit: type=1326 audit(125.040:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.112302][ T27] audit: type=1326 audit(125.080:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.121137][ T27] audit: type=1326 audit(125.080:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.141337][ T6130] loop1: detected capacity change from 0 to 164 [ 125.155743][ T27] audit: type=1326 audit(125.080:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.203214][ T27] audit: type=1326 audit(125.080:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.208821][ T27] audit: type=1326 audit(125.080:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.260563][ T27] audit: type=1326 audit(125.080:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 125.290348][ T27] audit: type=1326 audit(125.080:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffaa15ad5c code=0x7ffc0000 [ 125.296384][ T27] audit: type=1326 audit(125.090:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffffaa1593f0 code=0x7ffc0000 [ 125.334574][ T6142] netlink: 28 bytes leftover after parsing attributes in process `syz.3.714'. [ 125.339354][ T27] audit: type=1326 audit(125.090:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6127 comm="syz.1.710" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=215 compat=0 ip=0xffffaa15adcc code=0x7ffc0000 [ 125.382317][ T6146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 125.491629][ T6154] loop3: detected capacity change from 0 to 512 [ 125.496549][ T6154] journal_path: Lookup failure for './file0/../file0' [ 125.520384][ T6154] EXT4-fs: error: could not find journal device path [ 125.816199][ T6167] loop0: detected capacity change from 0 to 8192 [ 125.876778][ T6167] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000ff00) [ 125.879056][ T6167] FAT-fs (loop0): Filesystem has been set read-only [ 126.092793][ T6175] loop3: detected capacity change from 0 to 1024 [ 126.099605][ T6175] EXT4-fs: Ignoring removed nobh option [ 126.101331][ T6175] EXT4-fs: Ignoring removed bh option [ 126.105861][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.107701][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.235966][ T6175] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 126.545282][ T6175] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 128.083982][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 129.093392][ T6233] loop4: detected capacity change from 0 to 128 [ 129.097879][ T6233] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 129.867352][ T6240] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.028597][ T6248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.744'. [ 130.096087][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 130.166730][ T6238] Falling back ldisc for ttyS3. [ 130.211450][ T6240] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.508840][ T6240] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.838549][ T6276] loop3: detected capacity change from 0 to 1024 [ 130.844671][ T6276] EXT4-fs: Ignoring removed nobh option [ 130.846290][ T6276] EXT4-fs: Ignoring removed bh option [ 130.891631][ T6276] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 131.140516][ T6276] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 131.464984][ T6265] loop4: detected capacity change from 0 to 8192 [ 131.554724][ T6265] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000ff00) [ 131.556997][ T6265] FAT-fs (loop4): Filesystem has been set read-only [ 131.768949][ T6240] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.966533][ T6292] loop0: detected capacity change from 0 to 128 [ 132.026138][ T6292] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 133.188181][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.0.759'. [ 133.196223][ T4344] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 133.199001][ T4344] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 133.254103][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 133.342149][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 133.342162][ T27] audit: type=1326 audit(133.310:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.354297][ T27] audit: type=1326 audit(133.310:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.380332][ T6305] netlink: 9 bytes leftover after parsing attributes in process `syz.4.762'. [ 133.383547][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 133.410060][ T27] audit: type=1326 audit(133.320:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.438720][ T27] audit: type=1326 audit(133.320:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.477387][ T27] audit: type=1326 audit(133.320:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.500797][ T27] audit: type=1326 audit(133.320:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.520931][ T6240] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.527009][ T27] audit: type=1326 audit(133.320:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.527615][ T6240] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.557610][ T27] audit: type=1326 audit(133.320:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.609002][ T6240] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.616189][ T27] audit: type=1326 audit(133.320:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.636432][ T6240] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.648962][ T27] audit: type=1326 audit(133.320:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6311 comm="syz.0.763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9455ad28 code=0x7ffc0000 [ 133.834193][ T6341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.836582][ T6341] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.965830][ T6348] loop3: detected capacity change from 0 to 128 [ 134.091481][ T6348] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 134.977834][ T6359] loop1: detected capacity change from 0 to 1024 [ 134.980107][ T6359] EXT4-fs: Ignoring removed nobh option [ 134.981799][ T6359] EXT4-fs: Ignoring removed bh option [ 135.114876][ T6359] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 135.451946][ T6359] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 137.155043][ T6332] team0 (unregistering): Port device team_slave_0 removed [ 137.165579][ T6332] team0 (unregistering): Port device team_slave_1 removed [ 137.215620][ T6332] team0 (unregistering): Port device geneve0 removed [ 137.275552][ T6349] netlink: 9 bytes leftover after parsing attributes in process `syz.2.775'. [ 137.293786][ T6360] netlink: 8 bytes leftover after parsing attributes in process `syz.3.773'. [ 137.369806][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 137.453382][ T6385] netlink: 16 bytes leftover after parsing attributes in process `syz.4.785'. [ 137.484178][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 137.813808][ T6409] 9pnet_fd: Insufficient options for proto=fd [ 137.839829][ T6411] netlink: 9 bytes leftover after parsing attributes in process `syz.4.793'. [ 137.875251][ T5711] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 137.880849][ T5711] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 137.916629][ T6416] loop1: detected capacity change from 0 to 128 [ 137.931657][ T6418] netlink: 12 bytes leftover after parsing attributes in process `syz.2.795'. [ 138.019426][ T6416] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 138.557139][ T6433] netlink: 8 bytes leftover after parsing attributes in process `syz.1.794'. [ 139.282477][ T6432] loop3: detected capacity change from 0 to 1024 [ 139.284736][ T6432] EXT4-fs: Ignoring removed nobh option [ 139.286246][ T6432] EXT4-fs: Ignoring removed bh option [ 139.411357][ T6432] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 139.592322][ T6432] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 140.238413][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 141.444988][ T6457] netlink: 9 bytes leftover after parsing attributes in process `syz.1.807'. [ 141.499282][ T4345] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 141.531906][ T6457] device gretap0 entered promiscuous mode [ 141.561085][ T6461] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 141.570989][ T4345] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 141.694794][ T27] kauditd_printk_skb: 45 callbacks suppressed [ 141.694807][ T27] audit: type=1326 audit(2000000000.120:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.720915][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 141.740148][ T27] audit: type=1326 audit(2000000000.130:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.805240][ T27] audit: type=1326 audit(2000000000.130:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=436 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.845114][ T6474] loop1: detected capacity change from 0 to 128 [ 141.849343][ T6472] sch_tbf: burst 25 is lower than device lo mtu (11337746) ! [ 141.851503][ T27] audit: type=1326 audit(2000000000.130:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.866923][ T6474] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 141.881042][ T6474] ext4 filesystem being mounted at /163/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 141.913742][ T27] audit: type=1326 audit(2000000000.130:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.958464][ T27] audit: type=1326 audit(2000000000.130:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 141.970279][ T6476] netlink: 8 bytes leftover after parsing attributes in process `syz.3.812'. [ 142.027433][ T27] audit: type=1326 audit(2000000000.130:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 142.054083][ T6484] netlink: 188 bytes leftover after parsing attributes in process `syz.2.814'. [ 142.178915][ T6489] netlink: 8 bytes leftover after parsing attributes in process `syz.1.811'. [ 142.378693][ T27] audit: type=1326 audit(2000000000.130:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 142.764799][ T27] audit: type=1326 audit(2000000000.130:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=431 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 142.801225][ T27] audit: type=1326 audit(2000000000.130:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.809" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 142.878227][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 142.920413][ T6497] netlink: 9 bytes leftover after parsing attributes in process `syz.2.821'. [ 143.035521][ T6502] loop1: detected capacity change from 0 to 2048 [ 143.208367][ T6502] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 143.216795][ T6502] ext4 filesystem being mounted at /164/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 143.436633][ T6513] loop3: detected capacity change from 0 to 1024 [ 143.442845][ T6513] EXT4-fs: Ignoring removed nobh option [ 143.444363][ T6513] EXT4-fs: Ignoring removed bh option [ 143.562288][ T6513] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 143.748899][ T6513] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 144.756323][ T6512] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set [ 144.971608][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 145.726435][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.830'. [ 146.383201][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 146.490868][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.831'. [ 146.543333][ T6536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.831'. [ 147.152492][ T6555] loop4: detected capacity change from 0 to 512 [ 147.187643][ T6555] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 147.348147][ T6555] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 147.350907][ T6555] System zones: 1-12 [ 147.459286][ T6555] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 147.463643][ T6555] EXT4-fs (loop4): 1 truncate cleaned up [ 147.465135][ T6555] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 147.866929][ T6626] netlink: '+}[@': attribute type 10 has an invalid length. [ 149.010971][ T6626] team0: Device hsr_slave_0 failed to register rx_handler [ 149.032017][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 149.082162][ T6640] netlink: 8 bytes leftover after parsing attributes in process `syz.2.841'. [ 149.240878][ T6618] loop1: detected capacity change from 0 to 8192 [ 149.264907][ T6658] netlink: 28 bytes leftover after parsing attributes in process `syz.4.844'. [ 149.484725][ T6663] loop3: detected capacity change from 0 to 8192 [ 149.545356][ T6663] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000ff00) [ 149.547475][ T6663] FAT-fs (loop3): Filesystem has been set read-only [ 149.790137][ T6688] loop0: detected capacity change from 0 to 128 [ 149.859673][ T6688] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 149.877794][ T6688] ext4 filesystem being mounted at /182/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 149.908211][ T6699] netlink: 36 bytes leftover after parsing attributes in process `syz.2.860'. [ 149.921196][ T6697] netlink: 48 bytes leftover after parsing attributes in process `syz.3.859'. [ 149.939854][ T6696] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 149.945917][ T6697] netlink: 4 bytes leftover after parsing attributes in process `syz.3.859'. [ 149.957775][ T6696] vhci_hcd: default hub control req: 6011 v8001 i0001 l0 [ 150.005649][ T6701] 9pnet_fd: Insufficient options for proto=fd [ 150.761190][ T6712] loop4: detected capacity change from 0 to 8192 [ 151.369152][ T6710] netlink: 8 bytes leftover after parsing attributes in process `syz.0.856'. [ 152.492547][ T6762] loop1: detected capacity change from 0 to 8192 [ 152.668629][ T4301] EXT4-fs (loop0): unmounting filesystem. [ 152.823344][ T6826] loop3: detected capacity change from 0 to 1024 [ 153.603790][ T6866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.886'. [ 154.665952][ T6874] loop3: detected capacity change from 0 to 512 [ 155.177140][ T6874] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 155.205343][ T6874] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 155.207501][ T6874] System zones: 1-12 [ 155.251253][ T6874] EXT4-fs (loop3): 1 truncate cleaned up [ 155.252813][ T6874] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 155.486510][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 156.080864][ T6962] loop3: detected capacity change from 0 to 128 [ 156.104949][ T6962] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 156.115747][ T6962] ext4 filesystem being mounted at /164/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 157.890380][ T6976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.902'. [ 158.123777][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 158.454940][ T6999] loop4: detected capacity change from 0 to 128 [ 158.462907][ T7001] netlink: 28 bytes leftover after parsing attributes in process `syz.3.917'. [ 158.465414][ T7001] netlink: 28 bytes leftover after parsing attributes in process `syz.3.917'. [ 158.497676][ T27] kauditd_printk_skb: 32 callbacks suppressed [ 158.497691][ T27] audit: type=1326 audit(2000000016.920:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.508374][ T6999] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 158.521630][ T6999] ext4 filesystem being mounted at /163/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 158.544166][ T27] audit: type=1326 audit(2000000016.920:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.586082][ T27] audit: type=1326 audit(2000000016.920:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.621398][ T27] audit: type=1326 audit(2000000016.920:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.627199][ T27] audit: type=1326 audit(2000000016.930:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.633372][ T27] audit: type=1326 audit(2000000016.930:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.639343][ T27] audit: type=1326 audit(2000000016.930:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.645653][ T27] audit: type=1326 audit(2000000016.930:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=107 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.652464][ T27] audit: type=1326 audit(2000000016.930:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 158.658499][ T27] audit: type=1326 audit(2000000016.930:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7005 comm="syz.1.921" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=137 compat=0 ip=0xffffaa15ad28 code=0x7ffc0000 [ 159.160146][ T7019] netlink: 8 bytes leftover after parsing attributes in process `syz.4.919'. [ 159.502653][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 159.528466][ T4300] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 159.533145][ T4300] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 159.535823][ T4300] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 159.536813][ T6634] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.538502][ T4300] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 159.543311][ T4300] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 159.546085][ T4300] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 159.722981][ T6634] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.798453][ T7023] lo speed is unknown, defaulting to 1000 [ 159.806558][ T7023] lo speed is unknown, defaulting to 1000 [ 159.863070][ T6634] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.985776][ T6634] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.346961][ T7060] device gretap0 left promiscuous mode [ 160.382766][ T7060] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 160.384909][ T7060] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 160.701002][ T7064] loop3: detected capacity change from 0 to 512 [ 160.836894][ T7064] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 161.110523][ T7064] EXT4-fs (loop3): orphan cleanup on readonly fs [ 161.115724][ T7064] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.941: Failed to acquire dquot type 1 [ 161.120557][ T7064] EXT4-fs (loop3): 1 truncate cleaned up [ 161.123088][ T7064] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 161.159001][ T7070] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 161.162180][ T7060] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 161.173287][ T7023] chnl_net:caif_netlink_parms(): no params data found [ 161.190355][ T7067] netlink: 8 bytes leftover after parsing attributes in process `syz.2.938'. [ 161.302518][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 161.327801][ T6634] tipc: Left network mode [ 161.372104][ T7084] loop3: detected capacity change from 0 to 512 [ 161.375227][ T7084] EXT4-fs: inline encryption not supported [ 161.427015][ T7023] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.431354][ T7023] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.434065][ T7023] device bridge_slave_0 entered promiscuous mode [ 161.461494][ T7084] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 161.463971][ T7084] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 161.478509][ T7084] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.947: corrupted inode contents [ 161.486151][ T7084] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.947: mark_inode_dirty error [ 161.496648][ T7084] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.947: corrupted inode contents [ 161.504862][ T7084] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.947: corrupted inode contents [ 161.509392][ T7084] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.947: mark_inode_dirty error [ 161.516652][ T7084] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.947: corrupted inode contents [ 161.520074][ T7084] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.947: mark_inode_dirty error [ 161.524369][ T7084] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.947: corrupted inode contents [ 161.527954][ T7084] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.947: mark_inode_dirty error [ 161.588501][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 161.630337][ T4306] Bluetooth: hci2: command 0x0409 tx timeout [ 161.781446][ T7095] loop1: detected capacity change from 0 to 8192 [ 161.873050][ T7023] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.875744][ T7023] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.878382][ T7023] device bridge_slave_1 entered promiscuous mode [ 161.881762][ T7101] netlink: 12 bytes leftover after parsing attributes in process `syz.4.951'. [ 162.210023][ T7112] loop3: detected capacity change from 0 to 1024 [ 162.215970][ T7112] EXT4-fs: Ignoring removed nobh option [ 162.217518][ T7112] EXT4-fs: Ignoring removed bh option [ 162.236761][ T7112] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 162.414158][ T7112] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 163.268132][ T7124] SET target dimension over the limit! [ 163.763572][ T4300] Bluetooth: hci2: command 0x041b tx timeout [ 163.975737][ T4300] Bluetooth: hci4: command 0x0406 tx timeout [ 163.977561][ T4300] Bluetooth: hci1: command 0x0406 tx timeout [ 163.979441][ T4300] Bluetooth: hci3: command 0x0406 tx timeout [ 163.981651][ T4300] Bluetooth: hci0: command 0x0406 tx timeout [ 164.407478][ T7023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 164.633424][ T7206] loop1: detected capacity change from 0 to 128 [ 164.668765][ T7023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 164.772975][ T7206] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 164.775660][ T7206] ext4 filesystem being mounted at /193/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 165.790319][ T4306] Bluetooth: hci2: command 0x040f tx timeout [ 165.793792][ T7214] netlink: 8 bytes leftover after parsing attributes in process `syz.1.953'. [ 165.869395][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 165.947885][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 165.961550][ T7220] loop4: detected capacity change from 0 to 2048 [ 165.984181][ T7023] team0: Port device team_slave_0 added [ 166.039040][ T7224] netlink: 16 bytes leftover after parsing attributes in process `syz.3.967'. [ 166.051506][ T7023] team0: Port device team_slave_1 added [ 166.061004][ T7220] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 166.131348][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.133254][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.140074][ T7023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.149701][ T7220] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 166.190964][ T7220] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28 [ 166.206062][ T7234] loop1: detected capacity change from 0 to 512 [ 166.224596][ T7220] EXT4-fs (loop4): This should not happen!! Data will be lost [ 166.224596][ T7220] [ 166.267560][ T7234] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.968: bg 0: block 35: padding at end of block bitmap is not set [ 166.282080][ T7220] EXT4-fs (loop4): Total free blocks count 0 [ 166.283688][ T7220] EXT4-fs (loop4): Free/Dirty block details [ 166.285298][ T7220] EXT4-fs (loop4): free_blocks=2415919104 [ 166.286975][ T7220] EXT4-fs (loop4): dirty_blocks=48 [ 166.288317][ T7220] EXT4-fs (loop4): Block reservation details [ 166.289936][ T7220] EXT4-fs (loop4): i_reserved_data_blocks=3 [ 166.301634][ T7023] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.303446][ T7023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.321720][ T7234] EXT4-fs (loop1): Remounting filesystem read-only [ 166.323916][ T7234] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 166.337162][ T7023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.350414][ T7234] EXT4-fs (loop1): Remounting filesystem read-only [ 166.355707][ T7234] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.968: invalid indirect mapped block 4294967295 (level 1) [ 166.361070][ T7234] EXT4-fs (loop1): Remounting filesystem read-only [ 166.362855][ T7234] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.968: invalid indirect mapped block 4294967295 (level 2) [ 166.383931][ T7234] EXT4-fs (loop1): Remounting filesystem read-only [ 166.385958][ T7234] EXT4-fs (loop1): 1 truncate cleaned up [ 166.387493][ T7234] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 166.436416][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 166.492263][ T7023] device hsr_slave_0 entered promiscuous mode [ 166.509269][ T4342] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 166.520527][ T4342] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 166.531090][ T7023] device hsr_slave_1 entered promiscuous mode [ 166.550526][ T7023] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.552545][ T7023] Cannot create hsr debugfs directory [ 166.600349][ T7249] netlink: 9 bytes leftover after parsing attributes in process `syz.3.970'. [ 166.604001][ T7249] device gretap0 entered promiscuous mode [ 166.624077][ T7256] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0 [ 166.642834][ T7254] netlink: 'syz.4.972': attribute type 4 has an invalid length. [ 166.698127][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 166.734673][ T7260] netlink: 'syz.1.974': attribute type 1 has an invalid length. [ 167.891398][ T7279] loop1: detected capacity change from 0 to 1024 [ 167.897343][ T7279] EXT4-fs: Ignoring removed nobh option [ 167.898892][ T7279] EXT4-fs: Ignoring removed bh option [ 168.036025][ T7279] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 168.181662][ T7279] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 168.756598][ T4306] Bluetooth: hci2: command 0x0419 tx timeout [ 169.743879][ T7295] loop3: detected capacity change from 0 to 512 [ 169.794916][ T7277] netlink: 8 bytes leftover after parsing attributes in process `syz.2.975'. [ 169.830279][ T7295] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 170.200820][ T7283] bridge0: port 3(syz_tun) entered blocking state [ 170.202721][ T7283] bridge0: port 3(syz_tun) entered disabled state [ 170.209264][ T7283] device syz_tun entered promiscuous mode [ 170.211366][ T6634] IPVS: stopping master sync thread 5865 ... [ 170.214571][ T7295] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 170.216276][ T7283] bridge0: port 3(syz_tun) entered blocking state [ 170.216831][ T7295] System zones: 1-12 [ 170.218724][ T7283] bridge0: port 3(syz_tun) entered forwarding state [ 170.224636][ T7295] EXT4-fs (loop3): 1 truncate cleaned up [ 170.226181][ T7295] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 170.361347][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 170.771331][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 170.881044][ T7378] loop3: detected capacity change from 0 to 2048 [ 170.883344][ T7378] EXT4-fs: Ignoring removed bh option [ 170.898150][ T7378] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 170.937617][ T4440] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 170.943889][ T4440] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 170.947594][ T4440] EXT4-fs (loop3): This should not happen!! Data will be lost [ 170.947594][ T4440] [ 170.950832][ T4440] EXT4-fs (loop3): Total free blocks count 0 [ 170.952958][ T4440] EXT4-fs (loop3): Free/Dirty block details [ 170.954991][ T4440] EXT4-fs (loop3): free_blocks=2415919104 [ 170.957718][ T4440] EXT4-fs (loop3): dirty_blocks=32 [ 170.961970][ T4440] EXT4-fs (loop3): Block reservation details [ 170.965210][ T4440] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 170.968154][ T4440] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1 with error 28 [ 170.969212][ T7364] netlink: 'syz.4.981': attribute type 4 has an invalid length. [ 170.974237][ T7365] netlink: 'syz.4.981': attribute type 4 has an invalid length. [ 170.982457][ T7367] netlink: 9 bytes leftover after parsing attributes in process `syz.2.982'. [ 171.058328][ T7382] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.177280][ T7391] loop3: detected capacity change from 0 to 128 [ 171.194486][ T7391] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 171.212990][ T7391] ext4 filesystem being mounted at /183/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 172.134243][ T7023] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 172.184848][ T7400] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'. [ 172.223464][ T27] kauditd_printk_skb: 22 callbacks suppressed [ 172.223476][ T27] audit: type=1326 audit(2000000030.650:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.4.991" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 172.240076][ T7382] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.263266][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 172.265040][ T27] audit: type=1326 audit(2000000030.670:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.4.991" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=439 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 172.271483][ T27] audit: type=1326 audit(2000000030.670:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7401 comm="syz.4.991" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffad75ad28 code=0x7ffc0000 [ 172.325669][ T7382] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.422515][ T7023] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 172.503778][ T7023] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 172.593534][ T7382] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.818010][ T7416] loop3: detected capacity change from 0 to 1024 [ 172.823974][ T7416] EXT4-fs: Ignoring removed nobh option [ 172.825556][ T7416] EXT4-fs: Ignoring removed bh option [ 172.845530][ T7416] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 173.231780][ T7416] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 173.601721][ T6634] device hsr_slave_0 left promiscuous mode [ 173.657599][ T6634] device hsr_slave_1 left promiscuous mode [ 173.741375][ T6634] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 173.743588][ T6634] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 173.758147][ T6634] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 173.763753][ T6634] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 173.767544][ T6634] device bridge_slave_1 left promiscuous mode [ 173.770270][ T6634] bridge0: port 2(bridge_slave_1) entered disabled state [ 173.846746][ T6634] device bridge_slave_0 left promiscuous mode [ 173.848543][ T6634] bridge0: port 1(bridge_slave_0) entered disabled state [ 174.060858][ T6634] device veth1_macvtap left promiscuous mode [ 174.063240][ T6634] device veth0_macvtap left promiscuous mode [ 175.783185][ T6634] team0 (unregistering): Port device team_slave_1 removed [ 175.982251][ T6634] team0 (unregistering): Port device team_slave_0 removed [ 176.161138][ T6634] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 176.361705][ T6634] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 178.694512][ T6634] bond0 (unregistering): Released all slaves [ 178.930671][ T7023] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 178.995466][ T7432] netlink: 9 bytes leftover after parsing attributes in process `syz.2.997'. [ 179.003732][ T4392] lo speed is unknown, defaulting to 1000 [ 179.043963][ T7382] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.071751][ T7382] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.093548][ T7382] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.099613][ T7382] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 179.159571][ T7023] 8021q: adding VLAN 0 to HW filter on device bond0 [ 179.186311][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 179.260846][ T7023] 8021q: adding VLAN 0 to HW filter on device team0 [ 179.263073][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 179.265555][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 179.269680][ T7446] netlink: 'syz.1.1000': attribute type 4 has an invalid length. [ 179.289680][ T7448] loop3: detected capacity change from 0 to 128 [ 179.306248][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 179.309569][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 179.315651][ T6629] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.318378][ T6629] bridge0: port 1(bridge_slave_0) entered forwarding state [ 179.325553][ T27] audit: type=1326 audit(2000000037.750:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.332721][ T27] audit: type=1326 audit(2000000037.750:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.354845][ T27] audit: type=1326 audit(2000000037.770:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.357309][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 179.363300][ T7448] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 179.363636][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 179.368513][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 179.372502][ T7448] ext4 filesystem being mounted at /185/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 179.377389][ T6629] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.379357][ T6629] bridge0: port 2(bridge_slave_1) entered forwarding state [ 179.383496][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 179.394237][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 179.406437][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 179.406607][ T27] audit: type=1326 audit(2000000037.780:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=260 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.411875][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 179.422759][ T27] audit: type=1326 audit(2000000037.780:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7453 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffa4d85448 code=0x7ffc0000 [ 179.429756][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 179.434783][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 179.442722][ T7023] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 179.445357][ T7023] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 179.506866][ T27] audit: type=1326 audit(2000000037.930:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7453 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=93 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.542612][ T27] audit: type=1326 audit(2000000037.970:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffa5b0e89c code=0x7ffc0000 [ 179.554097][ T27] audit: type=1326 audit(2000000037.980:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.560099][ T27] audit: type=1326 audit(2000000037.980:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.2.1002" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 179.564700][ T7446] netlink: 'syz.1.1000': attribute type 4 has an invalid length. [ 179.573890][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 179.576322][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 179.578831][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 179.589831][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 179.598376][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 179.611424][ T6629] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 179.622270][ T7459] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1001'. [ 179.761631][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 179.763895][ T4898] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 179.778377][ T7023] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 179.874866][ T7478] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 180.010333][ T7485] netlink: 'syz.2.1007': attribute type 13 has an invalid length. [ 180.025257][ T7485] infiniband syz2: set down [ 180.048990][ T7487] netlink: 'syz.2.1007': attribute type 3 has an invalid length. [ 180.119994][ T4422] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 180.157418][ T4422] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 180.239258][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 180.754612][ T7501] loop3: detected capacity change from 0 to 1024 [ 180.760832][ T7501] EXT4-fs: Ignoring removed nobh option [ 180.762380][ T7501] EXT4-fs: Ignoring removed bh option [ 181.965443][ T7485] bridge0: port 2(bridge_slave_1) entered disabled state [ 181.968221][ T7485] bridge0: port 1(bridge_slave_0) entered disabled state [ 181.971668][ T7501] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 182.211831][ T7501] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 183.282556][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 183.386473][ T7511] loop3: detected capacity change from 0 to 512 [ 183.405641][ T7511] EXT4-fs: inline encryption not supported [ 183.427821][ T7511] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 183.430777][ T7511] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 183.441820][ T7511] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.1013: corrupted inode contents [ 183.445634][ T7511] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #2: comm syz.3.1013: mark_inode_dirty error [ 183.454439][ T7511] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #2: comm syz.3.1013: corrupted inode contents [ 183.513814][ T4302] EXT4-fs (loop3): unmounting filesystem. [ 183.572400][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 183.619747][ T7485] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 184.182939][ T7485] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.185231][ T7485] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.187547][ T7485] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.189723][ T7485] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.459663][ T22] lo speed is unknown, defaulting to 1000 [ 184.461818][ T7490] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1008'. [ 184.472984][ T7507] lo speed is unknown, defaulting to 1000 [ 184.493228][ T7516] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.511801][ T4345] lo speed is unknown, defaulting to 1000 [ 184.574568][ T7516] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.681735][ T7527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1016'. [ 184.693968][ T7525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1016'. [ 184.698361][ T7516] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.723423][ T4536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 184.726498][ T4536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 185.189150][ T7538] loop4: detected capacity change from 0 to 512 [ 185.208819][ T7538] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 185.286195][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 185.294974][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 185.317752][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 185.326709][ T6819] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 185.457504][ T7538] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002] [ 185.460342][ T7538] System zones: 1-12 [ 185.515715][ T7533] loop1: detected capacity change from 0 to 128 [ 185.518897][ T7538] EXT4-fs (loop4): 1 truncate cleaned up [ 185.520460][ T7538] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 185.564694][ T7516] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.575060][ T7023] device veth0_vlan entered promiscuous mode [ 185.578149][ T7533] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 185.588289][ T7023] device veth1_vlan entered promiscuous mode [ 185.600025][ T7533] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 185.641988][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 185.644945][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 185.648194][ T7023] device veth0_macvtap entered promiscuous mode [ 185.652943][ T7023] device veth1_macvtap entered promiscuous mode [ 185.888063][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 186.067910][ T7601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'. [ 186.085235][ T7516] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.093986][ T7516] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.096539][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.112936][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.122948][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.125908][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.128745][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 186.140416][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 186.210752][ T7023] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 186.222780][ T7516] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.228536][ T7516] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.309670][ T6614] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 186.360834][ T6614] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 186.366421][ T6614] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 186.504842][ T6614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 187.129780][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.166267][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.169267][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.173998][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.176596][ T7023] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.179249][ T7023] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.191659][ T7023] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.244664][ T4294] EXT4-fs (loop1): unmounting filesystem. [ 187.265169][ T7023] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.267671][ T7023] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.269827][ T7023] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.280727][ T7023] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.293094][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 187.295818][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 187.391774][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.393532][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.422875][ T6819] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.425253][ T6819] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.669734][ T6799] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 187.788496][ T6819] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.816473][ T6819] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.845872][ T6807] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 187.922847][ T27] audit: type=1326 audit(2000000046.350:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.2.1026" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 187.933194][ T27] audit: type=1326 audit(2000000046.360:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.2.1026" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 188.016725][ T27] audit: type=1326 audit(2000000046.360:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.2.1026" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d5ad28 code=0x7ffc0000 [ 188.655463][ T7644] loop4: detected capacity change from 0 to 512 [ 188.710718][ T7644] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 188.745740][ T7644] EXT4-fs (loop4): 1 truncate cleaned up [ 188.747242][ T7644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 203.040114][ T4306] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 203.047714][ T4306] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 203.057237][ T4306] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 203.060261][ T4306] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 203.062871][ T4306] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 203.064788][ T4306] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 204.070434][ T2060] ================================================================== [ 204.072590][ T2060] BUG: KASAN: use-after-free in handle_tx+0x3ac/0x5f8 [ 204.074538][ T2060] Read of size 1 at addr ffff0000d989a490 by task aoe_tx0/2060 [ 204.076522][ T2060] [ 204.077140][ T2060] CPU: 1 PID: 2060 Comm: aoe_tx0 Not tainted 6.1.129-syzkaller #0 [ 204.079175][ T2060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 204.081742][ T2060] Call trace: [ 204.082668][ T2060] dump_backtrace+0x1c8/0x1f4 [ 204.083915][ T2060] show_stack+0x2c/0x3c [ 204.085030][ T2060] dump_stack_lvl+0x108/0x170 [ 204.086286][ T2060] print_report+0x174/0x4c0 [ 204.087531][ T2060] kasan_report+0xd4/0x130 [ 204.088761][ T2060] __asan_report_load1_noabort+0x2c/0x38 [ 204.090304][ T2060] handle_tx+0x3ac/0x5f8 [ 204.091527][ T2060] caif_xmit+0x108/0x150 [ 204.092645][ T2060] dev_hard_start_xmit+0x25c/0x9a4 [ 204.094012][ T2060] __dev_queue_xmit+0x161c/0x34d4 [ 204.095309][ T2060] tx+0x9c/0x1c8 [ 204.096226][ T2060] kthread+0x1ac/0x374 [ 204.097379][ T2060] kthread+0x250/0x2d8 [ 204.098530][ T2060] ret_from_fork+0x10/0x20 [ 204.099752][ T2060] [ 204.100342][ T2060] Allocated by task 5203: [ 204.101477][ T2060] kasan_set_track+0x4c/0x80 [ 204.102704][ T2060] kasan_save_alloc_info+0x24/0x30 [ 204.104140][ T2060] __kasan_kmalloc+0xac/0xc4 [ 204.105345][ T2060] kmalloc_trace+0x7c/0x94 [ 204.106478][ T2060] alloc_tty_struct+0xb8/0x68c [ 204.107732][ T2060] tty_init_dev+0x60/0x3ec [ 204.109077][ T2060] tty_open+0x804/0xc20 [ 204.110191][ T2060] chrdev_open+0x3e8/0x4fc [ 204.111376][ T2060] do_dentry_open+0x734/0xfa0 [ 204.112595][ T2060] vfs_open+0x7c/0x90 [ 204.113710][ T2060] path_openat+0x1e14/0x2548 [ 204.114970][ T2060] do_filp_open+0x1bc/0x3cc [ 204.116261][ T2060] do_sys_openat2+0x128/0x3e0 [ 204.117502][ T2060] __arm64_sys_openat+0x1f0/0x240 [ 204.118888][ T2060] invoke_syscall+0x98/0x2bc [ 204.120168][ T2060] el0_svc_common+0x1fc/0x258 [ 204.121421][ T2060] do_el0_svc+0x58/0x13c [ 204.122510][ T2060] el0_svc+0x58/0x168 [ 204.123509][ T2060] el0t_64_sync_handler+0x84/0xf0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 204.125041][ T2060] el0t_64_sync+0x18c/0x190 [ 204.126295][ T2060] [ 204.126968][ T2060] Freed by task 4419: [ 204.128037][ T2060] kasan_set_track+0x4c/0x80 [ 204.129237][ T2060] kasan_save_free_info+0x38/0x5c [ 204.130646][ T2060] ____kasan_slab_free+0x144/0x1c0 [ 204.132129][ T2060] __kasan_slab_free+0x18/0x28 [ 204.133319][ T2060] __kmem_cache_free+0x2c0/0x4b4 [ 204.134728][ T2060] kfree+0xcc/0x1b8 [ 204.135765][ T2060] release_one_tty+0x224/0x244 [ 204.137128][ T2060] process_one_work+0x804/0x1484 [ 204.138460][ T2060] worker_thread+0x8e4/0xfec [ 204.139665][ T2060] kthread+0x250/0x2d8 [ 204.140767][ T2060] ret_from_fork+0x10/0x20 [ 204.141872][ T2060] [ 204.142517][ T2060] Last potentially related work creation: [ 204.144083][ T2060] kasan_save_stack+0x40/0x70 [ 204.145331][ T2060] __kasan_record_aux_stack+0xcc/0xe8 [ 204.146882][ T2060] kasan_record_aux_stack_noalloc+0x14/0x20 [ 204.148599][ T2060] insert_work+0x64/0x384 [ 204.149757][ T2060] __queue_work+0xd48/0x136c [ 204.150992][ T2060] queue_work_on+0xc0/0x16c [ 204.152223][ T2060] tty_kref_put+0x14c/0x1c0 [ 204.153460][ T2060] release_tty+0x3f0/0x4ac [ 204.154749][ T2060] tty_release_struct+0xb4/0xd4 [ 204.156052][ T2060] tty_release+0xb64/0x1014 [ 204.157209][ T2060] __fput+0x1c8/0x7c8 [ 204.158224][ T2060] ____fput+0x20/0x30 [ 204.159362][ T2060] task_work_run+0x240/0x2f0 [ 204.160719][ T2060] do_exit+0x550/0x1a84 [ 204.161915][ T2060] do_group_exit+0x194/0x22c [ 204.163199][ T2060] get_signal+0x143c/0x1528 [ 204.164384][ T2060] do_notify_resume+0x388/0x2cb8 [ 204.165764][ T2060] el0_svc+0x9c/0x168 [ 204.166884][ T2060] el0t_64_sync_handler+0x84/0xf0 [ 204.168224][ T2060] el0t_64_sync+0x18c/0x190 [ 204.169424][ T2060] [ 204.170072][ T2060] Second to last potentially related work creation: [ 204.171885][ T2060] kasan_save_stack+0x40/0x70 [ 204.173239][ T2060] __kasan_record_aux_stack+0xcc/0xe8 [ 204.174676][ T2060] kasan_record_aux_stack_noalloc+0x14/0x20 [ 204.176270][ T2060] insert_work+0x64/0x384 [ 204.177496][ T2060] __queue_work+0xd48/0x136c [ 204.178785][ T2060] queue_work_on+0xc0/0x16c [ 204.179991][ T2060] bpf_prog_free+0x160/0x178 [ 204.181257][ T2060] bpf_prog_load+0xabc/0x1630 [ 204.182473][ T2060] __sys_bpf+0x328/0x654 [ 204.183652][ T2060] __arm64_sys_bpf+0x80/0x98 [ 204.185085][ T2060] invoke_syscall+0x98/0x2bc [ 204.186366][ T2060] el0_svc_common+0x138/0x258 [ 204.187535][ T2060] do_el0_svc+0x58/0x13c [ 204.188635][ T2060] el0_svc+0x58/0x168 [ 204.189830][ T2060] el0t_64_sync_handler+0x84/0xf0 [ 204.191180][ T2060] el0t_64_sync+0x18c/0x190 [ 204.192361][ T2060] [ 204.192979][ T2060] The buggy address belongs to the object at ffff0000d989a000 [ 204.192979][ T2060] which belongs to the cache kmalloc-cg-2k of size 2048 [ 204.196913][ T2060] The buggy address is located 1168 bytes inside of [ 204.196913][ T2060] 2048-byte region [ffff0000d989a000, ffff0000d989a800) [ 204.200610][ T2060] [ 204.201291][ T2060] The buggy address belongs to the physical page: [ 204.203026][ T2060] page:000000005ee9c1ad refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x119898 [ 204.205776][ T2060] head:000000005ee9c1ad order:3 compound_mapcount:0 compound_pincount:0 [ 204.208193][ T2060] memcg:ffff0000d0957501 [ 204.209324][ T2060] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 204.211460][ T2060] raw: 05ffc00000010200 fffffc0003c40200 dead000000000002 ffff0000c0003380 [ 204.213896][ T2060] raw: 0000000000000000 0000000000080008 00000001ffffffff ffff0000d0957501 [ 204.216086][ T2060] page dumped because: kasan: bad access detected [ 204.217861][ T2060] [ 204.218508][ T2060] Memory state around the buggy address: [ 204.220077][ T2060] ffff0000d989a380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 204.222277][ T2060] ffff0000d989a400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 204.224375][ T2060] >ffff0000d989a480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 204.226630][ T2060] ^ [ 204.227895][ T2060] ffff0000d989a500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 204.230174][ T2060] ffff0000d989a580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 204.232398][ T2060] ================================================================== [ 204.234720][ T2060] Disabling lock debugging due to kernel taint [ 204.290660][ T4306] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 204.292670][ T4306] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 204.294788][ T4306] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 204.297210][ T4306] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 204.299339][ T4306] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 204.304394][ T4306] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 205.070317][ T4300] Bluetooth: hci5: command 0x0409 tx timeout [ 206.350297][ T4306] Bluetooth: hci6: command 0x0409 tx timeout [ 207.150359][ T4300] Bluetooth: hci5: command 0x041b tx timeout [ 208.200199][ C1] watchdog: BUG: soft lockup - CPU#1 stuck for 22s! [aoe_tx0:2060] [ 208.202980][ C1] Modules linked in: [ 208.204016][ C1] irq event stamp: 22736048 [ 208.205200][ C1] hardirqs last enabled at (22736048): [] exit_to_kernel_mode+0xe8/0x118 [ 208.208037][ C1] hardirqs last disabled at (22736047): [] el1_interrupt+0x24/0x68 [ 208.210683][ C1] softirqs last enabled at (2780): [] local_bh_enable+0x10/0x34 [ 208.213087][ C1] softirqs last disabled at (2784): [] local_bh_disable+0x10/0x34 [ 208.215741][ C1] CPU: 1 PID: 2060 Comm: aoe_tx0 Tainted: G B 6.1.129-syzkaller #0 [ 208.218333][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 208.221054][ C1] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 208.223151][ C1] pc : _raw_spin_unlock_irqrestore+0x58/0xac [ 208.224850][ C1] lr : _raw_spin_unlock_irqrestore+0x48/0xac [ 208.226462][ C1] sp : ffff8000271777f0 [ 208.227635][ C1] x29: ffff8000271777f0 x28: ffff0000c9078430 x27: ffff0000c90783c0 [ 208.229846][ C1] x26: ffff0000c3facca8 x25: ffff0000d989a018 x24: 0000000000000000 [ 208.232107][ C1] x23: 0000000000000000 x22: dfff800000000000 x21: ffff0000cd8e0fd8 [ 208.234412][ C1] x20: ffff80001d0b0a90 x19: 0000000000000000 x18: ffff800027177500 [ 208.236574][ C1] x17: 0000000000000000 x16: ffff80001232017c x15: 0000000000000000 [ 208.238884][ C1] x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000000001 [ 208.241034][ C1] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 0000000000000080 [ 208.243144][ C1] x8 : 00000000000000c0 x7 : 0000000000000001 x6 : ffff80000b6fedcc [ 208.245427][ C1] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000 [ 208.247564][ C1] x2 : ffff800027177720 x1 : 0000000000000000 x0 : ffff800012406db4 [ 208.249727][ C1] Call trace: [ 208.250684][ C1] _raw_spin_unlock_irqrestore+0x58/0xac [ 208.252204][ C1] uart_write_room+0x158/0x2dc [ 208.253500][ C1] tty_write_room+0x6c/0x8c [ 208.254685][ C1] handle_tx+0x120/0x5f8 [ 208.255750][ C1] caif_xmit+0x108/0x150 [ 208.256929][ C1] dev_hard_start_xmit+0x25c/0x9a4 [ 208.258217][ C1] __dev_queue_xmit+0x161c/0x34d4 [ 208.259683][ C1] tx+0x9c/0x1c8 [ 208.260650][ C1] kthread+0x1ac/0x374 [ 208.261754][ C1] kthread+0x250/0x2d8 [ 208.262900][ C1] ret_from_fork+0x10/0x20 [ 208.264033][ C1] Kernel panic - not syncing: softlockup: hung tasks [ 208.265853][ C1] CPU: 1 PID: 2060 Comm: aoe_tx0 Tainted: G B L 6.1.129-syzkaller #0 [ 208.268464][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 208.271248][ C1] Call trace: [ 208.272116][ C1] dump_backtrace+0x1c8/0x1f4 [ 208.273366][ C1] show_stack+0x2c/0x3c [ 208.274490][ C1] dump_stack_lvl+0x108/0x170 [ 208.275707][ C1] dump_stack+0x1c/0x58 [ 208.276787][ C1] panic+0x300/0x804 [ 208.277837][ C1] softlockup_fn+0x0/0x120 [ 208.279031][ C1] __hrtimer_run_queues+0x484/0xdc0 [ 208.280391][ C1] hrtimer_interrupt+0x2c0/0xb64 [ 208.281685][ C1] arch_timer_handler_virt+0x74/0x88 [ 208.283223][ C1] handle_percpu_devid_irq+0x174/0x354 [ 208.284727][ C1] generic_handle_domain_irq+0xe0/0x140 [ 208.286308][ C1] gic_handle_irq+0x70/0x1e4 [ 208.287522][ C1] call_on_irq_stack+0x24/0x4c [ 208.288774][ C1] do_interrupt_handler+0xd4/0x138 [ 208.290157][ C1] el1_interrupt+0x34/0x68 [ 208.291374][ C1] el1h_64_irq_handler+0x18/0x24 [ 208.292798][ C1] el1h_64_irq+0x64/0x68 [ 208.294026][ C1] _raw_spin_unlock_irqrestore+0x58/0xac [ 208.295605][ C1] uart_write_room+0x158/0x2dc [ 208.296883][ C1] tty_write_room+0x6c/0x8c [ 208.298199][ C1] handle_tx+0x120/0x5f8 [ 208.299396][ C1] caif_xmit+0x108/0x150 [ 208.300571][ C1] dev_hard_start_xmit+0x25c/0x9a4 [ 208.301952][ C1] __dev_queue_xmit+0x161c/0x34d4 [ 208.303295][ C1] tx+0x9c/0x1c8 [ 208.304336][ C1] kthread+0x1ac/0x374 [ 208.305436][ C1] kthread+0x250/0x2d8 [ 208.306492][ C1] ret_from_fork+0x10/0x20 [ 208.307612][ C1] SMP: stopping secondary CPUs [ 208.309004][ C1] Kernel Offset: disabled [ 208.310239][ C1] CPU features: 0x080000,02070084,26017203 [ 208.311807][ C1] Memory Limit: none [ 208.516058][ C1] Rebooting in 86400 seconds..