last executing test programs: 8m43.793812333s ago: executing program 2 (id=2410): bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, 0x0, 0x0}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18) munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil) pipe(&(0x7f0000001840)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f00000003c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f00000005c0)={0xc0, 0x1, 0x1, 0x201, 0x0, 0x0, {0xa}, [@CTA_NAT_DST={0x3c, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @broadcast}, @CTA_NAT_V4_MINIP={0x8, 0x1, @remote}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00'}]}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x2}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x3}, @CTA_TUPLE_MASTER={0x58, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x2b}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @local}}}, @CTA_TUPLE_ZONE={0x6}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}]}, 0xc0}, 0x1, 0x0, 0x0, 0x44004}, 0x404c840) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1(0x80000) syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000004c0), r3) sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000740)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000700)={&(0x7f0000000500)={0x2c, r4, 0x100, 0x70bd27, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xd}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8080) prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r5 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000000, 0x8, 0x1, 0xc05}) mq_getsetattr(r5, 0x0, 0x0) 8m43.153175045s ago: executing program 2 (id=2412): writev(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000140)={0xc, 0x1}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00'}, 0x18) ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x200000000000000) ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x300) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r1, 0x1, 0x1}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYRES32=r2, @ANYBLOB="0700000000000004d6000000", @ANYRES32=0x0], 0x50) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) getsockopt$bt_hci(r3, 0x0, 0x1, 0x0, &(0x7f0000000080)=0x2) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) 8m42.984813279s ago: executing program 2 (id=2416): socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001f80)=ANY=[@ANYBLOB="bf16000000000000b70700000200f0ff4070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f040000f300000000bd01212fb56f040026fbfefc41056bd8174b79ed317142fa9ea4158123751c5c652fbc1626cca2a2ad75806150ae0209e62f51ee988e6e06c8206ac6879fc404004900c788b277be1cb79b0a4dcf23d410f6accd3641110bec4e90a634199e07f8f6eb968f200e011ea665c45a3449abe802f5ab3e89cf6cfdffffffb8580218ce740068720000074e8b1715807ea0ca469e468eea3fd2f73902ebcfcf49822775985bf313405b367e81c700000040000000000200000000005335000000143ea70c2ab40c7cb70cc8943a6d60d7c4900282e147d08e0af4b29df814f5691db43a5c00000004000000000089faff01210cce39bf405f1e846c12423a164a330100846f26ad03dd65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d6155102b1ced1e8019e63c850af895abba14f6fbd7fb5e2a431ab914040000000000010092c9f4609646b6c5c29647d2f950a959cf9938d6dfcb8ed2cbdc2ba9d580609e31c3fa90812a533ce206e7e57a79d6fce424c2204dd418c005479ecab19bdfb15a32a4fd67ce446adb431d07db79240acaf091231b986e77d05d988d6efdffdf48dca02113a38300cabf2b5543ffc166955709009e000000000061629d1822f720ec23812770d72c700a44e113d17088fdd00600000f7889b8c7044f56ff030000000000006cd4970400cac6f45a6922ded2e29514af463f747c08f4010586903500000000000000000000be34cf0f9d640dd782ac0cbc46903243d0d0f4bc7f253d0500000032daaf281c450e64c33aac8ff7e7d1c94c4505a9839688b008c370494f6734b771546d9552d3bb2da0d000000000000000009125c97f0400f5e1671bc5eb7739daa7820a91cb0e732df2ae1d39c747e00a4fbfe8942fa859cd28bdaa1509309926c77fbcb15ec58b42b400005a6b649dd5f13cd776e6c7c4b5c4b0de20e033b378553ead4c8cc530b62c36364e6505992209bdbc6203da7a3797246a6adef071102f0aa2c40095ddd05176f5cb8bd99e1ba0f9568f3e3876bba7bf973334e7919a080000000000000004fb996ad919f7e9672ce107000000ad882f2aead166c94500be902ee7dabc768eb9ec13f334aae90981ecaf5f744f22f2e45afe2c9e8632276cffe5f1fc215c0797d0244cf1ce269d10525745caaa3f77d1b80116cb9a38400242010000000100000091a0116f4693133138583da5e10b434697b0443b7b4ddfb3ace29e16e5a881336aad0974269a1025f2a9a135c0508af1aec2926627b43bba1229a7466bdca64f514b7911458da083e8681916d408d753226a83ae2434ccd3fc508216aea86833030f569d61dc998620fcf4eeb92e7bc511df63c53b82514493b8f3c74f44ba184d40e87612024da1a1ebe316923865f037c01d71b5de81121046d84b18acb5cbea7eecad9b6dd46ed83515cd9f140e5f00019be25b5910a3193e90be231a05fd82e6003969c3f081ff1d0eb50a04d14644234828cbb5aaa0ece702abdd425fa25ae04a2315c89064df633700000000d9e5953ea67310993d01000000000000003ac753358791b1490273ca535e05b11d815237743a5b79ad45de2a3c91257f02c2f30f5513662809073710937ed0055b238f466e1442f8ec7a5b394228035039ceeb452dca75f9ff5332b4c4777a58a0aa9a821667c68549e9da89ad4274ce2d3d7619936768a84a1465fff4eedba55955434f132ab7b8840558b3f918d675a79907a72a8252cd3fbaea5d3006a03507838231a335ae759ed25534f2e90a7def4b3d4af7fd47ab1a701e4b7a7dfc1d12775ed0a31bc7b5855880aa767e68196c7aa5ac115724b6cb8fcebb67719eccd87b06b38566cf61ad2f307a79d2ce9801837bf0bd3af0271de700eef2795d28cb0017000000000000000000e052d93194121b774d21a0317d0346078400004652c769fd3d3e661a2fb5ff0f000002ab2ac4eb3f19c042163e0bdb88b82de384a8055e8b1e24294b0546cce481ff5618b7b9585dbb64d66debf219fa479abf22f3d64fe82e466ea6f27859946e72f80bb1c9cfcde57b79625e2979fe689a5a246cbbdf6ad488f43f46b2536f175f46dfb27d5229467270246ab53616c46edf34c559d3de0c59ca3305e66825715e5e4cd5b54c1b05c09f04337a76a30373baac3ecec91fd546eb7c32dbecb18a308a0004be94dfab28c2a51dc856df0000000000c12254f041804f7f7074356789b1d4dd55f3e045a48241a4ce04d06acb2cf11eab759ba78da5da0f26126d4cf2c73e5f94030000040000000000000000c301985d603403592486204054be3fdda91f9e315886941928c4a8bc1a00e69a98c0a8f7192f6ee93cc4124cf4e7610915efc08c834a44e1d685d6835a40b5bc615949cbcd98d0e68d7eef5d32d5fcc7923d7544fa492aa38717481455e86dcd7816ad8940bd1995369d89ae6eadeb9117e8b94ab422c8d62f858875dccdbc89572231ef5d6df6a9c55f8df763c7c64da7cc017e1e3f5cd4cb9fe6d19b11d4d38239d318016e622b9683b7e46be64dc097982e23462392a0cd05afb2e060fd42ef00dfbd057311aab94f307d10c7a1af0d8e5a0fcb547475d13c0000000000000000f1cc97103d714d1abb901f866d9d629b4fb185f45790517c4a0f5c6a5024e3359e8d83e3f6edf5e2afb5ab59c7b2b45cfb0a3c1303a98e4ed531ac11cca1cd744b431de74c7cd6533adaa8ec749061b2959d53da626aa189781dc1be4d5c81aebc0cada819895b377d6cf0a7878ba99864ae84464744c605646caf2e06b13eba7ba10acf77d91b2297e9573abb0a4da534d735a223626402b308daf7835780fa6f4e410000000000fb00000000000000000000b14952139bd4bdbccc5e334c49584655c4fce8c5bb7c54664aef6d780100358aa54b4b49926c4be9ee4659153d9fa95d07cc4efdab2c5f4503148d0255d0b748366dafe042d78479c21d832e1431ed6d646d13e8e7230300920a5642bbed1dee9b46b6f02e572024ccf3c8edd82660e5d74c22e46af480c300000000000000000000000000000000000044ff72f96f084f4b6cdcb1b4a9d8e9f99f1b85497d0c3df704c8a0034c09caeeb0e34799b755649883539258a7b33dcef15d8fd1953ebaaa3cff81a0de7a05a440f20f6b273ceb8678f10378b670be7504dabd1471355d853292775d0366891f0bcf0a6087ed4f1f25ef52394db3e9d8318bbb9baff3db95bfd68a08ded502cc08a485c804e4fd107a7ca2a64ca081c6b2f7b895cdf98b763ebab9451c65eced6f5f97a541210806d885762ac3150225036c7eccd7a05593abd963f9a02df58085115e54f675e6a08d25b5722cabf989b4bbc562e073b81bae61f05c5e1f90e021340b60cc5fb8fdb09b6d20b0d87a6ed800000000000000000000000000000000006cc6f64f583a26a78f7f417f66c0af32f5194ddfce51e5aff28f621bb2fd2a5ab719823488d6e869b08d3d4ac7950c60144cf77437e29895a23282e3c65e015d1c334832a90ee77d93596e3f12e9ca8c67c7f3c9b66c9cb03edec184ad1d9544c7a3be250e471dca00000078544d79c0efe4094e561eeb26ee4c81106d03c004bc1589ef6e13648999c8735e2634e89aaa90c571fa3c07238697b1db783c52715055445e96995fe3273b0346b03fc742c06aa3947e0d9cf0c99b5e245ede85893112deea8bd3355a32ec15e1242f170a51f28cea4105541e96a56da4984d26bd29cb0623f00c6b0a4c00ad406d729babc9d1550a683c349017a340444000000000000000000000920ca49f7cc8194aaebdcae5a62bb7587b57f41f1c2034911f23e6bd0291b3319f03a0a15dea685a8ab75b3c60391afa5483231305402b52a8f98638009c142751518f73a847ca583e855d70c6a4a53f61ad753d5e740db44afd32b019d9e8b41361c2c1b9a8a14604fe52837a19dd6952fe2724c0105ab158a54a4a23ff0f4bc43c0e0e426e51258e40bb4b68ff4e3a8fe314a018e506"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000780)=r2, 0x4) sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000580)="60c3b3e0585909", 0x7}], 0x1}, 0x0) 8m42.657082715s ago: executing program 2 (id=2418): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c80, &(0x7f00000000c0)={[{@i_version}, {@max_batch_time={'max_batch_time', 0x3d, 0x5}}, {@usrquota}]}, 0x1, 0x79c, &(0x7f0000001cc0)="$eJzs3c1rXFUbAPDnTpKmSfu+yQsvaN2YlRZKE1Njq6BQcSGChYIuxXZIpqFmkimZSWlCQIsIbgQVF4JuunLhR9259WOrf4UuxFI1FiuuIndyJ510Pjppk0lsfj+4mXPuuZNznnvux5m5lzsB7Fkj6Z9cxKGIeDeJGMrmJxHRV031RpxcW+7myvJkOiWxuvrSb0l1mRsry5NR957UgSzzYER8+1bEkVxjveXFpZl8sViYz/JjldkLY+XFpaPnZ/PThenC3PHxiYljJ544cXzrYv3zh6WD1957/tEvTv795gNX3/kuiZNxMCurj6OZV37soIJnNmZHYiRbJ33pKtzguU21fPdLdroB3JV01+xZ28vjUAxFTzUFANzPXo+IVQBgj0mc/wFgj6l9D3BjZXmyNu3sNxLddf3ZiNi/Fn/t+uZaSW92zW5/9Tro4I1kw5WRJCKGt6D+kYj4+KtXP0unuPN1yGNbUCVA1RuXI+Ls8Ejj8T9puGdhsx5rU7Yvex25bX5avyvQ0B1fp+OfJ5uN/3Lr459oMv7pb7Lv3o1m+/+GGQNbUEkb1z+JeLru3rabdfFnhnuy3H+qY76+5Nz5YiE9tv03Ig5HX3+aH29Tx+E/+lqWjcTA+vjv9/df+zStP329tUTul97+je+Zylfy9xDyBtcvRzzU2yz+ZL3/kxbj39NRv5pae+Gptz9qVZb2fxpvbWqMP7K7k7bH6pWIR5r2/6072pK29yeOVTeHsdpG0cSXP3042Kr++vF/OqX11z4LdEPa/4Pt4x9O6u/XLG++ju+vDH3TquzO8Tdu/5Gv5PclL1eTtXHEpXylMj8esS95sXF+3aemS/mHs1R1+fUgm+3/7bb/dI8+22H8vdd+/fzu499eaf9Pbar/N5+4enOmp1X9nfX/RDV1OJvTyfGv0wbey7oDAAAAAAAAAAAAAAAAAAAAAAAAgE7lIuJgJLnR9XQuNzq69hve/4/BXLFUrhw5V1qYm4rqb2UPR1+u9qjLobrnoY5nz8Ov5Y/dln88Iv4XER/0DyS15yhO7XDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBzoMXv/6d+7t/p1gEA22b/TjcAAOi69ud/owMAuB85wwPA3tPZ+b9n29sBAHSPz/8AsPc4/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDNTp86lU6rf60sT6b5qYuLCzOli0enCuWZ0dmFydHJ0vyF0elSabpYGJ0szd7p/xVLpQsTMbdwaaxSKFfGyotLZ2ZLC3OVM+dn89OFM4W+rkQFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJtTXlyaya8UC/PVRFGiZWIgGotWd0PDdkOiJ9ucdkt7uppIdkcztjixwwcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+JfwIAAP//W/UefA==") bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, 0x2}, 0x94) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') connect$pppoe(0xffffffffffffffff, 0x0, 0x0) getpid() connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) syz_clone3(&(0x7f0000000380)={0x44800000, 0x0, 0x0, 0x0, {0x1b}, 0x0, 0x0, 0x0, 0x0}, 0x58) quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f00000000c0)=@sg0, 0x0, &(0x7f0000000040)='./file0\x00') 8m40.968803188s ago: executing program 2 (id=2423): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000280)='netlink_extack\x00', r0}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 8m40.432050999s ago: executing program 2 (id=2425): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00') lseek(r0, 0x3, 0x1) getdents64(r0, &(0x7f0000002540)=""/4096, 0x1000) 8m40.046211186s ago: executing program 32 (id=2425): munmap(&(0x7f0000001000/0x3000)=nil, 0x3000) r0 = syz_open_procfs(0x0, &(0x7f0000000140)='task\x00') lseek(r0, 0x3, 0x1) getdents64(r0, &(0x7f0000002540)=""/4096, 0x1000) 7m54.438225315s ago: executing program 0 (id=2829): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) ptrace$cont(0x1f, r0, 0x5, 0xb1a) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@usrquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x513, &(0x7f0000000440)="$eJzs3c9vI1cdAPCvnThxfrRJSw+AoF3awoJW6yTeNqp6oOWEEKqE6BGkbUi8URQ7jmKnNGEP6RmJExKVOMGRP4DznrhzQXDjshyQ+BGBNkgcjGY8znoTexM2GzuKPx9pNPPmzc73vfX6vcw3a78ARtaNiDiIiImI+Cgi5rLzuWyL99tbct2jw/urR4f3V3PRan34j1xan5yLrj+TmMnuWYyI73874ke503Ebe/ubK9VqZScrLzRr2wuNvf3bG7WV9cp6ZatcXl5aXnznztvlJ+59Ea/VJrKjLz/8/cE3fpLcczY7092P56nd7sJxnMR4RHz3MoINwVjWn4lhN4Rnko+IlyPi9fT9Pxdj6asJAFxnrdZctOa6ywDAdZdPc2C5fCnLBcxGPl8qtXN4r8R0vlpvNG/dq+9urbVzZfNRyN/bqFYWs1zhfBRySXkpPX5cLp8o34mIlyLi55NTabm0Wq+uDfMHHwAYYTMn5v9/T7bnfwDgmisOuwEAwMCZ/wFg9Jj/AWD0mP8BYPS05/+pYTcDABggz/8AMHrM/wAwUr73wQfJ1jrKvv967eO93c36x7fXKo3NUm13tbRa39kurdfr6+l39tTOul+1Xt9eeit2P5n/5najudDY279bq+9uNe+m3+t9t1JIrzoYQM8AgH5eeu3Bn3LJjPzuVLpF11oOhaG2DLhs+WE3ABiasWE3ABiaHqt9TQ6jHcDgXeAZX3oAromz1tctnv6A0HuX2R7g8t38gvw/jKqu/L//BQwjRv4fRleP/D8wIlqt3HnX/I/zXggAXG1y/ECf3/+/nO1/k/1y4IdrJ6/47DJbBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFdbZ/3fUrYW+Gzk86VSxAsRMR+F3L2NamUxIl6MiD9OFiaT8tKQ2wwAXFT+r7ls/a+bc2/OPlH16szx4URE/PiXH/7ik5Vmc+cPERO5f052zjc/y86XB996AOBsnXk63Xc9yD86vL/a2QbZnr99KyKK7fhHhxNxdBx/PMbTfTEKETH9r1xWbst15S4u4uDTiPh8r/7nYjbNgbRXPj0ZP4n9wkDj55+In0/r2vvk7+Jzz6EtMGoeJOPP+73ef/m4ke57v/+L6Qh1cdn4l9xq9SgdAx/H74x/Y33GvxvnjfHW777TPpo6XfdpxBfHIzqxj7rGn078XJ/4b54z/p+/9Orr/epav4q4Gb3jd8daaNa2Fxp7+7c3aivrlfXKVrm8vLS8+M6dt8sLaY56of9s8Pd3b73Yry7p/3Sf+MUz+v/Vc/b/1//96AdfeUr8r7/RK34+XnlK/GRO/No5469M/7Z46uTM4/hrffp/1ut/65zxH/5l/9Sy4QDA8DT29jdXqtXKzigcJM/agwza+XH7KvT9ehzEgF/B/+fgvUHFmojeVT99o/3P7URVq/VMsfqNGM8j6wZcBcdv+oj4z1Ov/NmjVmtgzQIAAAAAAAAAAAAAALoM4hNLw+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA19f/AgAA//9prcps") r5 = socket$unix(0x1, 0x2, 0x0) bind$unix(r5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x19, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x4c353243, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sockopt=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r7, 0x0, 0x3}, 0x18) ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x2800, 0x5, 0x1ff, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff}) 7m52.433746864s ago: executing program 0 (id=2830): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000d00000000080000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x4000811}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 7m50.151313229s ago: executing program 0 (id=2839): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4) setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x6}]}, 0x10) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0x4}, 0x18) r3 = signalfd(0xffffffffffffffff, &(0x7f0000000180)={[0x5]}, 0x8) name_to_handle_at(r3, &(0x7f0000004740)='\x00', 0x0, 0x0, 0x1200) shutdown(r1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) process_madvise(0xffffffffffffffff, &(0x7f0000000000)=[{0xffffffffffffffff}, {0x0}], 0x2, 0x64, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x3) 7m49.724123986s ago: executing program 0 (id=2841): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)={{0x14}, [@NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x48}, 0x1, 0x0, 0x0, 0xf3021be2a65b013}, 0x0) 7m48.917887992s ago: executing program 0 (id=2844): socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='veth0_to_hsr\x00', 0x10) syz_emit_ethernet(0x3e, &(0x7f0000000200)={@link_local={0x3, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @loopback, @empty}}}}}}, 0x0) 7m48.632942748s ago: executing program 0 (id=2846): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, &(0x7f0000000040)=""/141, &(0x7f0000000500), &(0x7f0000000280), 0x4, r0}, 0x38) 7m33.443669354s ago: executing program 33 (id=2846): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r0}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000240)={0x0, &(0x7f0000000040)=""/141, &(0x7f0000000500), &(0x7f0000000280), 0x4, r0}, 0x38) 5.263281157s ago: executing program 5 (id=5463): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000001140)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$inet6_mptcp(0xa, 0x1, 0x106) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=") r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}}) chdir(&(0x7f0000000100)='./file0\x00') 5.103669421s ago: executing program 5 (id=5465): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='block_bio_remap\x00', r0}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) 4.927173824s ago: executing program 5 (id=5468): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40040}, 0x8000) 4.787663487s ago: executing program 5 (id=5472): recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x101, 0x0) socket$packet(0x11, 0x3, 0x300) bind$xdp(0xffffffffffffffff, &(0x7f00000005c0)={0x2d, 0x0, 0x0, 0xc}, 0x10) symlink(0x0, 0x0) r0 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}], 0x0, 0x1}, 0x20) 4.59176529s ago: executing program 5 (id=5477): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r1, 0x0, 0x2}, 0x18) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, 0x0, 0x0, 0x9) 4.466073213s ago: executing program 5 (id=5480): r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000780), r2) getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14) sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4400000010000104001007fb5c360dff9fe30000", @ANYRES32=r4, @ANYBLOB="0100000000000000240012000c000100627269646765000e140002000800070005"], 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x0) sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x11, 0x8100, r4, 0x1, 0x0, 0x6, @local}, 0x14) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4004810) 4.10396179s ago: executing program 1 (id=5484): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socket$nl_route(0x10, 0x3, 0x0) syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000a40), 0x1, 0x55e, &(0x7f0000000a80)="$eJzs3c1rHOUfAPDvbJK+/35NoRQVkUAPVmo3TeJLBQ/1KFos6L0uyTSUbLoluylNLNge7MWLFEHEgnjXu8fiP+BfUdBCkRL04CUym9k0L7vJNt2ajfP5wITn2Znd5/nuzPfJMzuzbACFNZL9KUW8GBFfJRFHIyLJ1w1GvnJkZbulxzcnsyWJ5eWP/0ia22X11mu1nnc4r7wQEb98EXG6tLnd+sLiTKVaTefy+mhj9tpofWHxzJXZynQ6nV4dn5g49+bE+Dtvv9WzWF+7+Ne3H91//9yXJ5e++enhsbtJnI8j+bq1cTyDW2srIzGSvydDcX7DhmM9aKyfJLvdAXZkIM/zocjGgKMxkGc98N/3eUQsAwWVyH8oqNY8oHVu36Pz4D3j0XsrJ0Cb4x9c+WwkDjTPjQ4tJevOjLLz3eEetJ+18fPv9+5mS2z4HOJAD14foJNbtyPi7ODg5vEvyce/nTvbxTYb2yja/x/YTfez+c/r7eY/pdX5T7SZ/xxuk7s7sX3+lx72oJmOsvnfu23nv6sXrYYH8tr/mnO+oeTylWqajW3/j4hTMbQ/q291Pefc0oPlTuvWzv+yJWu/NRfM+/FwcP/650xVGpVniXmtR7cjXmo7/01W93/SZv9n78fFLts4kd57pdO67eN/vpZ/iHi17f5/ckUr2fr65GjzeBhtHRWb/XnnxK+d2t/t+LP9f2jr+IeTtddr60/fxvcH/k47rVsXf3R//O9LPmmW9+WP3ag0GnNjEfuSDzc/Pv7kua16a/ss/lMntx7/2h3/ByPi0y7jv3P8x5e7in+X9v/UU+3/py88+OCz7zq1393490azdCp/pJvxr9sOPst7BwAAAAAAAP2mFBFHIimVV8ulUrm8cn/H8ThUqtbqjdOXa/NXp6L5XdnhGCq1rnQfXXM/xFh+P2yrPr6hPhERxyLi64GDzXp5slad2u3gAQAAAAAAAAAAAAAAAAAAoE8c7vD9/8xvA7vdO+C585PfUFzb5n8vfukJ6Ev+/0NxyX8oLvkPxSX/objkPxSX/Ifikv9QXPIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeurihQvZsrz0+OZkVp+6vjA/U7t+Ziqtz5Rn5yfLk7W5a+XpWm26mpYna7PbvV61Vrs2Nh7zN0Ybab0xWl9YvDRbm7/auHRltjKdXkqH/pWoAAAAAAAAAAAAAAAAAAAAYG+pLyzOVKrVdE5BYUeFwf7oxp4vZNnYB91Y1x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6A//BAAA//8iuzYD") madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x389b0d52417bb201) pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x6a000}], 0x1, 0x701c, 0x0, 0x3) 3.811594906s ago: executing program 1 (id=5485): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r0, 0x0, 0x4}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000000)={0x2aad, 0x10, 0x8009, 0x3, 0xf}) 3.499864472s ago: executing program 1 (id=5487): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000900)='kfree\x00', r0}, 0x18) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) socket$nl_route(0x10, 0x3, 0x0) pipe2$9p(&(0x7f0000000240), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x6e67, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='objagg_obj_put\x00'}, 0x18) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x1, 0x2, 0x7fff7ffc}]}) socket$inet6_sctp(0xa, 0x1, 0x84) pselect6(0x0, 0x0, &(0x7f0000000000)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x0, 0x0, 0x0) r1 = socket$inet6(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414003400080004"], 0x2c}}, 0x0) sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b) 2.55603335s ago: executing program 3 (id=5493): r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, 0x0, r0, 0x0, 0x46) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r3}, 0x18) close(r0) 2.543160061s ago: executing program 1 (id=5494): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x50) r1 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000010000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x18) r4 = fsmount(r1, 0x1, 0x0) fchdir(r4) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', r0}, 0x18) 2.489912331s ago: executing program 3 (id=5495): syz_emit_ethernet(0x243, 0x0, 0x0) r0 = io_uring_setup(0x2553, &(0x7f0000000280)) r1 = epoll_create1(0x0) dup3(r1, r0, 0x0) r2 = socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_rdma(0x10, 0x3, 0x14) bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r2, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{0x0}, {&(0x7f00000000c0)="3dddf0", 0x3}, {0x0}, {0x0}], 0x4}}], 0x1, 0x8011) recvmmsg(r2, &(0x7f000000a400)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001c80)=""/4096, 0x1000}], 0x1}, 0x40}], 0x1, 0x10120, 0x0) 2.331511115s ago: executing program 3 (id=5498): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40040}, 0x8000) 2.224567777s ago: executing program 3 (id=5499): r0 = epoll_create1(0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000000000000000000000ac141400000000000000000000000000000000000000000014000d00e00000010000000000000000000000000c001500000000000000000074b0ee3c5861228bbc5d6c8e31c44666c783215ce80a1c7af01e342ec6a06bf2c44ce026ea53ff950a61eb2f7ea0b96a16dc172b18ee17b5d7d5b7a73e1122f3ffb7d3b35b3051734a89071a6f43407a2b5f927400d8cadb3daaf6b29d8721602ca80bfbe88a0efc00f242109b8e0e7aee3aba4a262d2dd1cd00254020f9c2ba9a7c1b71c8e1fa52f9c83a8f34224faa9a6a6f2c538c8afd86791d05734a17ce95fae601e908780d65026388127667fd6caad076dde6ba8fda952aa4113e7b10958ea0ec70c9c92fc5c96b87f855647316d7a04ae53bda25b082b282000a454b374e4500e693"], 0x48}}, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$restrict_keyring(0xa, r6, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd') bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) syz_genetlink_get_family_id$fou(&(0x7f0000001740), 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="58000000100037040400000000000000000000006bebbdc4e44ab6929eb63e0a3ac4f280644884987675622b39beb079738f9e4c0f2b8cc3599e0e669fcc9442bdb15c1bef4d1ec0061dc61275ab3c158c52f5a084aa270c1acd0e0967a544935fdf6a2a9f8ec824f2f8cf5a1de2a5e2882b30a9bb5e524088e425029e245c9f7dc671ba2ca5d9b37ca664e3aadb5e1a1ad7b7f5cceba50dd07cb1a7407c2aa0f1e6fceb4a0a1e9b6594803cbd9bc73a3ee54e4ac43ec05b35", @ANYRES32=0x0, @ANYBLOB="8304050000000000380012800b000100697036746e6c000028000280080008001300000014000300fe8800000000000000000000000001010500090004000000"], 0x58}, 0x1, 0x0, 0x0, 0x9005}, 0x4000000) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', 0x0}) sendmsg$nl_route_sched(r8, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r9, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000004) epoll_pwait(r0, &(0x7f0000000140)=[{}], 0x1, 0x2d516fb9, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000100)={0x20000014}) 2.206379447s ago: executing program 1 (id=5500): ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1, 0x0, 0x1}, 0x56) r2 = socket$kcm(0x2, 0x1000000000000002, 0x0) sendmsg$inet(r2, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@ip_pktinfo={{0x1c, 0x0, 0x7, {0x0, @dev, @loopback}}}], 0x20}, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57) r3 = socket$netlink(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00'}, 0x10) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) close(r0) syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file1\x00', 0x8084, &(0x7f00000001c0)=ANY=[@ANYBLOB="616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646f74732c646f74732c6e6f636173652c646f74732c636865636b3d72656c617865642c646f74732c6e6f646f74732c646f74732c0032884758edd2e7a17e3c116a014262927783807ed4e210440ddebdf7d64a629cc9e873202c6d1e1d7dbabad279cb290d8a6c81b9ee715a035afdc5af3e15b932174f56cf4f009847fbc0e187d20fe47e50595251e835b306e05bc51afba211073e289eb499be4d726e3efbbeb1eb175e92b262c4ee4cee83e529784e53c874b73bb376876e2f3b2e667330e12c337d3a8b8cacccd9d86bc4c2f3b8971a79fb8f69af7b1d19592bf6a7186f7d4322045a99eaa207c407ab52aeadaaf1d089c278fccfb2138f"], 0xb, 0x170, &(0x7f0000000780)="$eJzs2z+LE0EYB+B3Tdy70+ZqsViwsQpqZanICeKCoqTQSuG0uZMDr1mt8ims/YKCpErlSLIh0ZAQgmY3XJ6nyQs/knkn7B9mYN7d/nR2enH58eLlMA6zLLqPoohfWRzHtehEbRAAwFUySil+ppTSwSCOvkdKqe2OAIBtG+XTwvsfAPbG2vX/w5YaAwC2xv4/AOyf12/ePn9clieviuIw4seg6lf9+rPOnz4rT+4VE8fzbw2rqt+Z5ffrvPg7vx43pvmDpXked+/U+Th78qJcyG/G6fanDwAAAHuhV8wsXd/3eqvyuvpjf2Bh/d6NW93GpgEAbODyy9ez9+fnHz43UBxNRsyaHXSz4lsLf8vOFp3YiTYUa4vxJfu/f7nNpxLQhPlN33YnAAAAAAAAAAAAAADAKv94VCiPiCVRRL7uZMFB41MFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmd8BAAD//27zPto=") mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x16c) writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1) 1.860830744s ago: executing program 4 (id=5502): connect$can_bcm(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x4}, 0x18) syz_emit_ethernet(0x0, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, 0x0}, 0x0) sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0) connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061) r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0xf, &(0x7f00000003c0)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [], {{0x6, 0x1, 0xd, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) r4 = dup3(r1, r3, 0x0) sendmsg$inet_sctp(r4, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000540)="8ff54474144d5eda717146aa85167e8eb3831c54b31b434db7bff8c4b5866b0e32a20cf3201969b6ef11ebaa8b6c98e3693f05c818a7cbd5f1a45b31244db401b87d1d510233d9be970a94d71e085739bb54052e77a11915b06677ea76a8da45e2c3db9eb949f46bc9d5ee110d3e2922304478ced654f7a23055febb407fd532eb1430d16b39bada16b7368bdda8ecea2391d7c1df64429058fea93952697a8d0c77b0924d51546076b0bd1b", 0xac}, {&(0x7f0000000100)="dec73011a54d433a9d75c6cd3f6cd9360d32ab25331f235ba49d36fdb93a60591bd9fa89fed37e3c3e7068e4", 0x2c}, {&(0x7f00000006c0)="e10ad717cce9a1b6d0f1a5d0c881655a9d0fe3b3a682ee04a798212fef7b7f924ae4417b33459d68a9b13f78b1500ceb49bac2cd8993d2703b80f04f6703f7859b6febfd7a207698b24a5edc02e7a853cd7f17b7b5f787eae2b1495aeba81f3d2d31b2adb0e10d97e91d3f62160a67e4d121e68446decb187d790d53b62deadf2767688b8097ea06ab309cc4887b14921ff8945ed2fc05f3cdf811fdd8b1bb87265a6757587949243d9aea5636a745c7198ecc2282ecbe62d44182a15583f4dc", 0xc0}, {&(0x7f0000000780)="c25f77893efe4327f25e97b390719ec966e09247d33c631b5b5cb31d07145bed16cc33e8e425337a10bc71f22964264e545e90722cc1332c64378e6024fb375d1a5f44bd1034d071b2d8eddd0fea5c0af851e48b51b1b54f3fc77f1b1715cda4bfaa156e24a0266967bcef2e8940772300a320b69e", 0x75}], 0x4, 0x0, 0x0, 0x4000}, 0x20000000) setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r1, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0) sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000000), 0x10, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8001) 1.667175918s ago: executing program 1 (id=5503): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8) getpid() sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0xc0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000080), r4) sendmsg$NFC_CMD_LLC_SET_PARAMS(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001080)={0x24, r5, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x341}]}, 0x24}, 0x1, 0x0, 0x0, 0x48854}, 0x24000040) 1.607970809s ago: executing program 4 (id=5504): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kmem_cache_free\x00', r1}, 0x18) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000c40)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) fsopen(&(0x7f0000000100)='configfs\x00', 0x0) fchmodat(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0xe0) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00'}, 0x94) syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010102}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0xfe, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x2, @loopback, @loopback}}}}}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x4000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) 1.146889678s ago: executing program 4 (id=5505): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x90) syz_emit_ethernet(0x36, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @random="a21428c6c085", @void, {@ipv6={0x86dd, @generic={0x1, 0x6, "bcc1d7", 0x0, 0x6c, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback}}}}, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) bpf$MAP_CREATE(0x0, 0x0, 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r1}, 0x18) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 475.652731ms ago: executing program 4 (id=5506): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe) recvmmsg(r0, &(0x7f0000002d80)=[{{0x0, 0x0, 0x0}, 0x101}], 0x1, 0x10042, 0x0) 335.710954ms ago: executing program 4 (id=5507): rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8) r0 = gettid() r1 = gettid() tkill(r0, 0x12) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xb, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) tkill(r1, 0x14) 237.449895ms ago: executing program 4 (id=5508): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[], 0x48) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0) syz_open_dev$evdev(0x0, 0x2, 0x862b01) socket$inet_tcp(0x2, 0x1, 0x0) r2 = epoll_create1(0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000580)=@o_path={0x0, r5}, 0x18) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000400)={0xa}) syz_usb_connect(0x4, 0x24, 0x0, 0x0) epoll_pwait(r2, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0) 153.367617ms ago: executing program 3 (id=5509): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) sendmsg$NL80211_CMD_GET_WIPHY(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYRES32, @ANYRES64], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x44) 0s ago: executing program 3 (id=5510): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x4e24, 0x9, @remote, 0x4}], 0x1c) kernel console output (not intermixed with test programs): aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 910.609943][T12810] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 911.161003][T17634] bond0 (unregistering): Released all slaves [ 911.329678][T18860] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 911.339970][T18860] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 911.350728][T18860] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 911.597621][T18923] loop4: detected capacity change from 0 to 128 [ 911.649078][T18924] loop3: detected capacity change from 0 to 164 [ 911.677882][T18923] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 911.712789][T18923] ext4 filesystem being mounted at /526/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 911.919460][T12810] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 912.002396][T17634] IPVS: stop unused estimator thread 0... [ 912.248306][T18742] 8021q: adding VLAN 0 to HW filter on device bond0 [ 912.282363][T18742] 8021q: adding VLAN 0 to HW filter on device team0 [ 912.308819][T17636] bridge0: port 1(bridge_slave_0) entered blocking state [ 912.316118][T17636] bridge0: port 1(bridge_slave_0) entered forwarding state [ 912.350557][T17636] bridge0: port 2(bridge_slave_1) entered blocking state [ 912.357836][T17636] bridge0: port 2(bridge_slave_1) entered forwarding state [ 912.848804][T18742] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 912.946750][T18956] loop3: detected capacity change from 0 to 164 [ 913.007049][T18958] loop5: detected capacity change from 0 to 128 [ 913.032438][T18961] netlink: 'syz.4.4572': attribute type 12 has an invalid length. [ 913.061086][T18958] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 913.116239][T18958] ext4 filesystem being mounted at /379/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 913.375782][T14030] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 913.439266][T18973] geneve2: entered promiscuous mode [ 913.446033][T18973] geneve2: entered allmulticast mode [ 913.554117][ T28] kauditd_printk_skb: 9 callbacks suppressed [ 913.554134][ T28] audit: type=1326 audit(1757791473.764:3513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.611335][T18742] veth0_vlan: entered promiscuous mode [ 913.634599][T18742] veth1_vlan: entered promiscuous mode [ 913.640746][ T28] audit: type=1326 audit(1757791473.764:3514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.672990][T18742] veth0_macvtap: entered promiscuous mode [ 913.681259][ T28] audit: type=1326 audit(1757791473.794:3515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.715038][T18742] veth1_macvtap: entered promiscuous mode [ 913.727224][ T28] audit: type=1326 audit(1757791473.794:3516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.782426][T18742] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 913.797173][ T28] audit: type=1326 audit(1757791473.794:3517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.825148][T18742] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 913.847848][ T28] audit: type=1326 audit(1757791473.794:3518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.880405][ T28] audit: type=1326 audit(1757791473.794:3519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.904103][ T28] audit: type=1326 audit(1757791473.794:3520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 913.994804][ T28] audit: type=1326 audit(1757791473.794:3521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 914.028164][ T7330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 914.042965][ T7330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 914.053776][ T28] audit: type=1326 audit(1757791473.794:3522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18975 comm="syz.5.4577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 914.063339][T18216] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 914.103724][T18213] usb 6-1: new full-speed USB device number 10 using dummy_hcd [ 914.143666][T17636] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 914.152173][T17636] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 914.283178][T18213] usb 6-1: device descriptor read/64, error -71 [ 914.302775][T18216] usb 4-1: device descriptor read/64, error -71 [ 914.573865][T18213] usb 6-1: new full-speed USB device number 11 using dummy_hcd [ 914.582801][T18216] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 914.760054][T18990] loop4: detected capacity change from 0 to 164 [ 914.762954][T18213] usb 6-1: device descriptor read/64, error -71 [ 914.773613][T18216] usb 4-1: device descriptor read/64, error -71 [ 914.893145][T18216] usb usb4-port1: attempt power cycle [ 914.902937][T18213] usb usb6-port1: attempt power cycle [ 914.917039][T18994] syz.4.4582: attempt to access beyond end of device [ 914.917039][T18994] loop4: rw=0, sector=64, nr_sectors = 2 limit=0 [ 914.930596][T18994] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32 [ 915.063724][T18998] netlink: 12 bytes leftover after parsing attributes in process `'. [ 915.322909][T18216] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 915.330744][T18213] usb 6-1: new full-speed USB device number 12 using dummy_hcd [ 915.365967][T18213] usb 6-1: device descriptor read/8, error -71 [ 915.372990][T18216] usb 4-1: device descriptor read/8, error -71 [ 915.642765][T18213] usb 6-1: new full-speed USB device number 13 using dummy_hcd [ 915.678395][T18216] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 915.707321][T18213] usb 6-1: device descriptor read/8, error -71 [ 915.723584][T18216] usb 4-1: device descriptor read/8, error -71 [ 915.843151][T18213] usb usb6-port1: unable to enumerate USB device [ 915.852133][T18216] usb usb4-port1: unable to enumerate USB device [ 915.892358][T19013] smc: net device bond0 applied user defined pnetid SYZ0 [ 915.907552][T19013] smc: net device bond0 erased user defined pnetid SYZ0 [ 916.677723][T19035] loop4: detected capacity change from 0 to 128 [ 916.701012][T19035] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 916.721772][T19035] ext4 filesystem being mounted at /544/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 916.969784][T12810] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 917.086927][T19048] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4600'. [ 917.863298][T19050] lo speed is unknown, defaulting to 1000 [ 918.315251][T19065] loop5: detected capacity change from 0 to 1024 [ 918.333943][T19065] EXT4-fs: Ignoring removed nomblk_io_submit option [ 918.397605][T19065] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 918.487914][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 918.932810][T18088] usb 6-1: new high-speed USB device number 14 using dummy_hcd [ 919.102858][T18088] usb 6-1: device descriptor read/64, error -71 [ 919.372981][T18088] usb 6-1: new high-speed USB device number 15 using dummy_hcd [ 919.543084][T18088] usb 6-1: device descriptor read/64, error -71 [ 919.551579][T19059] syz.1.4604: vmalloc error: size 6291456, failed to allocated page array size 12288, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0-1 [ 919.571323][T19059] CPU: 1 PID: 19059 Comm: syz.1.4604 Not tainted syzkaller #0 [ 919.578867][T19059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 919.588961][T19059] Call Trace: [ 919.592275][T19059] [ 919.595228][T19059] dump_stack_lvl+0x16c/0x230 [ 919.599986][T19059] ? show_regs_print_info+0x20/0x20 [ 919.605217][T19059] ? load_image+0x3b0/0x3b0 [ 919.609807][T19059] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 919.616355][T19059] ? cpuset_print_current_mems_allowed+0x2e3/0x360 [ 919.622908][T19059] warn_alloc+0x210/0x300 [ 919.627382][T19059] ? zone_watermark_ok_safe+0x230/0x230 [ 919.633143][T19059] ? _raw_spin_unlock+0x28/0x40 [ 919.638057][T19059] __vmalloc_node_range+0x662/0x1320 [ 919.643393][T19059] ? __lock_acquire+0x7c80/0x7c80 [ 919.648485][T19059] ? free_vm_area+0x50/0x50 [ 919.653015][T19059] ? kvmalloc_node+0x70/0x180 [ 919.657750][T19059] ? rcu_is_watching+0x15/0xb0 [ 919.662541][T19059] ? kvmalloc_node+0x70/0x180 [ 919.667244][T19059] ? trace_kmalloc+0x1f/0xa0 [ 919.671881][T19059] kvmalloc_node+0x13f/0x180 [ 919.676516][T19059] ? hash_ipport4_resize+0x1ed/0x1a30 [ 919.682203][T19059] hash_ipport4_resize+0x1ed/0x1a30 [ 919.687448][T19059] ? __local_bh_enable_ip+0x12e/0x1c0 [ 919.692863][T19059] call_ad+0x43f/0xae0 [ 919.696975][T19059] ? ip_set_ad+0x930/0x930 [ 919.701562][T19059] ? __nla_parse+0x40/0x50 [ 919.706019][T19059] ip_set_ad+0x787/0x930 [ 919.710285][T19059] ? trace_raw_output_contention_end+0x30/0xd0 [ 919.716486][T19059] ? ip_set_dump_done+0x1e0/0x1e0 [ 919.721533][T19059] ? rcu_is_watching+0x15/0xb0 [ 919.726356][T19059] nfnetlink_rcv_msg+0xb49/0x1130 [ 919.731401][T19059] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 919.737514][T19059] ? nfnetlink_rcv_msg+0x20e/0x1130 [ 919.742749][T19059] ? nfnetlink_unbind+0x160/0x160 [ 919.747812][T19059] ? __dev_queue_xmit+0x1a64/0x35a0 [ 919.753114][T19059] ? __netlink_deliver_tap+0x5ab/0x830 [ 919.758719][T19059] ? netlink_deliver_tap+0x19c/0x1b0 [ 919.764129][T19059] ? netlink_unicast+0x72c/0x8d0 [ 919.769102][T19059] ? netlink_sendmsg+0x8c1/0xbe0 [ 919.774241][T19059] ? ____sys_sendmsg+0x5bf/0x950 [ 919.779359][T19059] ? ___sys_sendmsg+0x220/0x290 [ 919.784235][T19059] ? __se_sys_sendmsg+0x1a5/0x270 [ 919.789281][T19059] ? do_syscall_64+0x55/0xb0 [ 919.793903][T19059] netlink_rcv_skb+0x216/0x480 [ 919.798689][T19059] ? nfnetlink_unbind+0x160/0x160 [ 919.803741][T19059] ? netlink_ack+0x1110/0x1110 [ 919.808540][T19059] ? apparmor_capable+0x137/0x1a0 [ 919.813579][T19059] ? bpf_lsm_capable+0x9/0x10 [ 919.818276][T19059] ? security_capable+0x89/0xb0 [ 919.823153][T19059] nfnetlink_rcv+0x274/0x2180 [ 919.827876][T19059] ? __local_bh_enable_ip+0x12e/0x1c0 [ 919.833265][T19059] ? lockdep_hardirqs_on+0x98/0x150 [ 919.838510][T19059] ? __local_bh_enable_ip+0x12e/0x1c0 [ 919.843920][T19059] ? _local_bh_enable+0xa0/0xa0 [ 919.848806][T19059] ? __dev_queue_xmit+0x245/0x35a0 [ 919.853935][T19059] ? nfnetlink_net_exit_batch+0xa0/0xa0 [ 919.859517][T19059] ? __dev_queue_xmit+0x245/0x35a0 [ 919.864739][T19059] ? ref_tracker_free+0x634/0x7d0 [ 919.869780][T19059] ? __copy_skb_header+0xa7/0x550 [ 919.874829][T19059] ? refcount_inc+0x70/0x70 [ 919.879345][T19059] ? __skb_clone+0x63/0x790 [ 919.883870][T19059] ? __skb_clone+0x480/0x790 [ 919.888488][T19059] ? __netlink_deliver_tap+0x7e8/0x830 [ 919.893966][T19059] ? netlink_deliver_tap+0x2e/0x1b0 [ 919.899183][T19059] ? __lock_acquire+0x7c80/0x7c80 [ 919.904350][T19059] ? netlink_deliver_tap+0x2e/0x1b0 [ 919.909608][T19059] netlink_unicast+0x751/0x8d0 [ 919.914399][T19059] netlink_sendmsg+0x8c1/0xbe0 [ 919.919191][T19059] ? netlink_getsockopt+0x580/0x580 [ 919.924407][T19059] ? aa_sock_msg_perm+0x94/0x150 [ 919.929359][T19059] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 919.934658][T19059] ? security_socket_sendmsg+0x80/0xa0 [ 919.940134][T19059] ? netlink_getsockopt+0x580/0x580 [ 919.945349][T19059] ____sys_sendmsg+0x5bf/0x950 [ 919.950149][T19059] ? __asan_memset+0x22/0x40 [ 919.954833][T19059] ? __sys_sendmsg_sock+0x30/0x30 [ 919.960055][T19059] ? __import_iovec+0x5f2/0x860 [ 919.964935][T19059] ? import_iovec+0x73/0xa0 [ 919.969464][T19059] ___sys_sendmsg+0x220/0x290 [ 919.974171][T19059] ? __sys_sendmsg+0x270/0x270 [ 919.979460][T19059] __se_sys_sendmsg+0x1a5/0x270 [ 919.984339][T19059] ? __x64_sys_sendmsg+0x80/0x80 [ 919.989310][T19059] ? lockdep_hardirqs_on+0x98/0x150 [ 919.994555][T19059] do_syscall_64+0x55/0xb0 [ 919.998996][T19059] ? clear_bhb_loop+0x40/0x90 [ 920.003711][T19059] ? clear_bhb_loop+0x40/0x90 [ 920.008405][T19059] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 920.014325][T19059] RIP: 0033:0x7ff689f8eba9 [ 920.018755][T19059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 920.038397][T19059] RSP: 002b:00007ff68ad52038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 920.046838][T19059] RAX: ffffffffffffffda RBX: 00007ff68a1d5fa0 RCX: 00007ff689f8eba9 [ 920.054833][T19059] RDX: 0000000000000080 RSI: 00002000000002c0 RDI: 0000000000000008 [ 920.062890][T19059] RBP: 00007ff68a011e19 R08: 0000000000000000 R09: 0000000000000000 [ 920.070892][T19059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.078878][T19059] R13: 00007ff68a1d6038 R14: 00007ff68a1d5fa0 R15: 00007ffefd63bf78 [ 920.087007][T19059] [ 920.092130][T18088] usb usb6-port1: attempt power cycle [ 920.098525][T19059] Mem-Info: [ 920.104170][T19059] active_anon:8136 inactive_anon:0 isolated_anon:0 [ 920.104170][T19059] active_file:10905 inactive_file:40248 isolated_file:0 [ 920.104170][T19059] unevictable:768 dirty:87 writeback:0 [ 920.104170][T19059] slab_reclaimable:7353 slab_unreclaimable:130469 [ 920.104170][T19059] mapped:24153 shmem:3642 pagetables:534 [ 920.104170][T19059] sec_pagetables:0 bounce:0 [ 920.104170][T19059] kernel_misc_reclaimable:0 [ 920.104170][T19059] free:1315628 free_pcp:7558 free_cma:0 [ 920.150087][T19059] Node 0 active_anon:32544kB inactive_anon:0kB active_file:43620kB inactive_file:160788kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96612kB dirty:348kB writeback:0kB shmem:13032kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11592kB pagetables:2136kB sec_pagetables:0kB all_unreclaimable? no [ 920.186335][T19059] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 920.241905][T19059] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 920.291170][T19059] lowmem_reserve[]: 0 2525 2526 2526 2526 [ 920.302477][T19059] Node 0 DMA32 free:1348248kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:32392kB inactive_anon:0kB active_file:43620kB inactive_file:159484kB unevictable:1536kB writepending:348kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:7832kB local_pcp:1320kB free_cma:0kB [ 920.410786][T19059] lowmem_reserve[]: 0 0 1 1 1 [ 920.422663][T19059] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:52kB inactive_anon:0kB active_file:0kB inactive_file:1304kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 920.459070][T19059] lowmem_reserve[]: 0 0 0 0 0 [ 920.464421][T19059] Node 1 Normal free:3898660kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:23648kB local_pcp:8632kB free_cma:0kB [ 920.474551][T19086] loop4: detected capacity change from 0 to 512 [ 920.501622][T19059] lowmem_reserve[]: 0 0 0 0 0 [ 920.506610][T19059] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 920.523035][T19086] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 920.528292][T19059] Node 0 DMA32: 972*4kB (UME) 810*8kB (UME) 600*16kB (UME) 1523*32kB (UME) 749*64kB (UME) 130*128kB (UME) 136*256kB (UME) 98*512kB (UME) 49*1024kB (UME) 9*2048kB (UM) 259*4096kB (UM) = 1347744kB [ 920.555761][T19059] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 920.563900][T18088] usb 6-1: new high-speed USB device number 16 using dummy_hcd [ 920.568770][T19059] Node 1 Normal: 173*4kB (UE) 56*8kB (UME) 51*16kB (UME) 50*32kB (UME) 19*64kB (UE) 9*128kB (UME) 2*256kB (UE) 2*512kB (UM) 2*1024kB (UE) 1*2048kB (E) 949*4096kB (M) = 3898660kB [ 920.601173][T19059] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 920.613936][T18088] usb 6-1: device descriptor read/8, error -71 [ 920.614574][T19059] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 920.622709][T19086] EXT4-fs (loop4): 1 truncate cleaned up [ 920.640006][T19059] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 920.658189][T19086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 920.659046][T19059] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 920.680611][T19059] 54822 total pagecache pages [ 920.686145][T19059] 0 pages in swap cache [ 920.690401][T19059] Free swap = 124720kB [ 920.694990][T19059] Total swap = 124996kB [ 920.699180][T19059] 2097051 pages RAM [ 920.703107][T19059] 0 pages HighMem/MovableOnly [ 920.707817][T19059] 416139 pages reserved [ 920.712005][T19059] 0 pages cma reserved [ 920.722901][ T28] kauditd_printk_skb: 24 callbacks suppressed [ 920.722917][ T28] audit: type=1800 audit(1757791480.934:3547): pid=19086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4611" name="file1" dev="loop4" ino=15 res=0 errno=0 [ 920.810209][T19092] loop3: detected capacity change from 0 to 1024 [ 920.836980][T19092] EXT4-fs: Ignoring removed nomblk_io_submit option [ 920.855198][T12810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 920.876273][T19092] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 920.892831][T18088] usb 6-1: new high-speed USB device number 17 using dummy_hcd [ 920.938277][T18088] usb 6-1: device descriptor read/8, error -71 [ 921.011575][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 921.083119][T18088] usb usb6-port1: unable to enumerate USB device [ 921.299347][T19108] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4620'. [ 921.459294][T19115] loop3: detected capacity change from 0 to 1024 [ 921.600025][T19115] EXT4-fs: Ignoring removed nomblk_io_submit option [ 921.637370][T19115] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 921.714761][T19115] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 921.746357][T19115] System zones: 0-1, 3-36 [ 921.786789][T19115] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 921.992461][T19121] loop5: detected capacity change from 0 to 1024 [ 922.021882][T19121] EXT4-fs: Ignoring removed nomblk_io_submit option [ 922.043534][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.078292][T19121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 922.169253][T19129] loop3: detected capacity change from 0 to 1024 [ 922.178252][T19129] EXT4-fs: Ignoring removed bh option [ 922.183872][T19129] EXT4-fs: inline encryption not supported [ 922.210090][T19129] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 922.253472][T19129] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000] [ 922.265469][T19129] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 2: comm syz.3.4628: lblock 2 mapped to illegal pblock 2 (length 1) [ 922.280118][T19129] Quota error (device loop3): qtree_write_dquot: dquota write failed [ 922.284608][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.288439][T19129] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 48: comm syz.3.4628: lblock 0 mapped to illegal pblock 48 (length 1) [ 922.315277][T19129] Quota error (device loop3): v2_write_file_info: Can't write info structure [ 922.324455][T19129] EXT4-fs error (device loop3): ext4_acquire_dquot:6940: comm syz.3.4628: Failed to acquire dquot type 0 [ 922.354879][T19129] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5902: Corrupt filesystem [ 922.384377][T19129] EXT4-fs error (device loop3): ext4_evict_inode:252: inode #11: comm syz.3.4628: mark_inode_dirty error [ 922.430496][T19129] EXT4-fs warning (device loop3): ext4_evict_inode:255: couldn't mark inode dirty (err -117) [ 922.451759][T19136] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies. [ 922.452271][T19129] EXT4-fs (loop3): 1 orphan inode deleted [ 922.474130][ T7330] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1) [ 922.490168][T19129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 922.508145][ T7330] Quota error (device loop3): remove_tree: Can't read quota data block 1 [ 922.520249][ T7330] EXT4-fs error (device loop3): ext4_release_dquot:6976: comm kworker/u4:15: Failed to release dquot type 0 [ 922.552834][T19129] EXT4-fs (loop3): shut down requested (1) [ 922.601163][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.628191][T19142] loop5: detected capacity change from 0 to 512 [ 922.670031][T19142] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 922.692180][T19142] EXT4-fs (loop5): 1 truncate cleaned up [ 922.701594][T19142] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 922.782764][T18094] usb 5-1: new high-speed USB device number 10 using dummy_hcd [ 922.807261][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 922.932751][T18094] usb 5-1: device descriptor read/64, error -71 [ 923.041203][T19153] loop3: detected capacity change from 0 to 1024 [ 923.067261][T19153] EXT4-fs: Ignoring removed nomblk_io_submit option [ 923.100350][T19153] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 923.173122][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 923.207897][T18094] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 923.372714][T18094] usb 5-1: device descriptor read/64, error -71 [ 923.501542][T18094] usb usb5-port1: attempt power cycle [ 923.923115][T18094] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 923.964780][T18094] usb 5-1: device descriptor read/8, error -71 [ 924.243153][T18094] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 924.285991][T18094] usb 5-1: device descriptor read/8, error -71 [ 924.348409][T19181] loop3: detected capacity change from 0 to 1024 [ 924.356798][T19181] EXT4-fs: Ignoring removed nomblk_io_submit option [ 924.385594][T19181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 924.407578][T18094] usb usb5-port1: unable to enumerate USB device [ 924.454499][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 924.948215][T19203] bridge0: port 2(batadv2) entered blocking state [ 924.961460][T19203] bridge0: port 2(batadv2) entered disabled state [ 924.970126][T19203] batadv2: entered allmulticast mode [ 924.986346][T19203] batadv2: entered promiscuous mode [ 925.130009][T19206] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4654'. [ 925.139324][T19206] netem: change failed [ 925.469618][T17636] batman_adv: batadv2: No IGMP Querier present - multicast optimizations disabled [ 925.479100][T17636] batman_adv: batadv2: No MLD Querier present - multicast optimizations disabled [ 925.663164][ T28] audit: type=1326 audit(1757791485.874:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19211 comm="syz.4.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa74f8eba9 code=0x7ffc0000 [ 925.716969][ T28] audit: type=1326 audit(1757791485.904:3549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19211 comm="syz.4.4656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa74f8eba9 code=0x7ffc0000 [ 925.991317][T19225] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4661'. [ 926.192512][T19227] loop5: detected capacity change from 0 to 764 [ 926.218302][T19227] ISOFS: unable to read i-node block [ 926.476223][T18085] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 927.412878][T18085] usb 5-1: device descriptor read/64, error -71 [ 927.485429][T19252] loop3: detected capacity change from 0 to 128 [ 927.513872][T19252] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 927.540808][T19252] ext4 filesystem being mounted at /535/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 927.667060][T13011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 927.712737][T18085] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 928.091377][T18085] usb 5-1: device descriptor read/64, error -71 [ 929.082198][T18085] usb usb5-port1: attempt power cycle [ 929.135671][T19277] loop5: detected capacity change from 0 to 1024 [ 929.143453][T19277] EXT4-fs: Ignoring removed nomblk_io_submit option [ 929.649910][T19277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 929.865605][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.048779][T19293] loop3: detected capacity change from 0 to 128 [ 930.060354][T19287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4681'. [ 930.097221][T19293] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 930.198656][T19293] ext4 filesystem being mounted at /538/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 930.477036][T13011] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 930.495046][T19310] loop4: detected capacity change from 0 to 1024 [ 930.516816][T19310] EXT4-fs: Ignoring removed nomblk_io_submit option [ 930.561785][T19310] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 930.672721][T18088] usb 6-1: new high-speed USB device number 18 using dummy_hcd [ 930.710192][T12810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 930.832978][T18088] usb 6-1: device descriptor read/64, error -71 [ 931.823571][T19325] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4693'. [ 931.846944][T19330] 9pnet_fd: Insufficient options for proto=fd [ 931.936059][T18088] usb 6-1: new high-speed USB device number 19 using dummy_hcd [ 932.008612][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.017345][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.103567][T18088] usb 6-1: device descriptor read/64, error -71 [ 932.132824][ T28] audit: type=1326 audit(1757791492.334:3550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19333 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 932.198691][ T28] audit: type=1326 audit(1757791492.334:3551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19333 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 932.230067][ T28] audit: type=1326 audit(1757791492.334:3552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19333 comm="syz.3.4695" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 932.249269][T18088] usb usb6-port1: attempt power cycle [ 932.310712][T19345] syz.4.4700[19345] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 932.311057][T19345] syz.4.4700[19345] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 932.402325][T19345] loop4: detected capacity change from 0 to 2048 [ 932.584925][T19345] loop4: p1 < > p4 [ 932.591371][T19345] loop4: p4 size 8388608 extends beyond EOD, truncated [ 932.766483][T18088] usb 6-1: new high-speed USB device number 20 using dummy_hcd [ 932.813362][T18088] usb 6-1: device descriptor read/8, error -71 [ 932.874569][ T28] audit: type=1326 audit(1757791493.084:3553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 932.907487][ T28] audit: type=1326 audit(1757791493.084:3554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 932.930534][ T28] audit: type=1326 audit(1757791493.084:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 932.987321][ T28] audit: type=1326 audit(1757791493.084:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 933.020801][ T28] audit: type=1326 audit(1757791493.104:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 933.047171][ T28] audit: type=1326 audit(1757791493.104:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 933.070430][ T28] audit: type=1326 audit(1757791493.114:3559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19350 comm="syz.1.4703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 933.309197][T18088] usb 6-1: new high-speed USB device number 21 using dummy_hcd [ 933.345132][T18088] usb 6-1: device descriptor read/8, error -71 [ 933.513994][T18088] usb usb6-port1: unable to enumerate USB device [ 934.357070][T19377] loop5: detected capacity change from 0 to 4096 [ 934.414659][T19377] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 934.590311][T19377] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 934.749026][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 934.902165][T19396] loop4: detected capacity change from 0 to 128 [ 934.922710][T18090] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 935.083317][T18090] usb 4-1: device descriptor read/64, error -71 [ 935.121982][T19406] loop5: detected capacity change from 0 to 1024 [ 935.141409][T19406] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 935.230645][T19406] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 935.426054][T19413] loop4: detected capacity change from 0 to 128 [ 935.427741][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 935.448926][T19413] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.458585][T19413] FAT-fs (loop4): Filesystem has been set read-only [ 935.492834][T19413] syz.4.4725: attempt to access beyond end of device [ 935.492834][T19413] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 935.523734][T19413] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.531760][T19413] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.551710][T19415] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.561638][T19415] syz.4.4725: attempt to access beyond end of device [ 935.561638][T19415] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 935.587285][T19415] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.600669][T19415] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 935.620726][T19413] syz.4.4725: attempt to access beyond end of device [ 935.620726][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.645579][T19415] syz.4.4725: attempt to access beyond end of device [ 935.645579][T19415] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.669842][T19413] syz.4.4725: attempt to access beyond end of device [ 935.669842][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.695745][T19415] syz.4.4725: attempt to access beyond end of device [ 935.695745][T19415] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.720592][T19413] syz.4.4725: attempt to access beyond end of device [ 935.720592][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.745617][T19413] syz.4.4725: attempt to access beyond end of device [ 935.745617][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.776520][T19413] syz.4.4725: attempt to access beyond end of device [ 935.776520][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.796616][T19413] syz.4.4725: attempt to access beyond end of device [ 935.796616][T19413] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 935.922689][T18090] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 936.132916][T18090] usb 4-1: device descriptor read/64, error -71 [ 936.252992][T18090] usb usb4-port1: attempt power cycle [ 936.422441][T19429] syz.5.4731[19429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 936.423492][T19429] syz.5.4731[19429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 936.484554][T19429] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4731'. [ 936.692752][T18090] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 936.713083][T19435] loop4: detected capacity change from 0 to 512 [ 936.731783][T19435] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349) [ 936.746097][T18090] usb 4-1: device descriptor read/8, error -71 [ 936.751323][T19435] EXT4-fs (loop4): orphan cleanup on readonly fs [ 936.760829][T19435] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:512: comm syz.4.4735: Block bitmap for bg 0 marked uninitialized [ 936.783337][T19435] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6637: Corrupt filesystem [ 936.800420][T19435] EXT4-fs (loop4): 1 orphan inode deleted [ 936.821876][T19435] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 936.866266][T19435] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended [ 936.888612][T19435] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w. [ 936.976409][T19438] ALSA: seq fatal error: cannot create timer (-19) [ 937.005087][T12810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 937.063026][T18090] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 937.111758][T18090] usb 4-1: device descriptor read/8, error -71 [ 937.248290][T18090] usb usb4-port1: unable to enumerate USB device [ 937.341539][T19447] pimreg: entered allmulticast mode [ 937.351155][T19447] pimreg: left allmulticast mode [ 937.357349][T19448] loop4: detected capacity change from 0 to 512 [ 937.386441][T19448] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 937.410751][T19448] EXT4-fs (loop4): 1 orphan inode deleted [ 937.418157][T19448] EXT4-fs (loop4): 1 truncate cleaned up [ 937.431065][T19448] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 937.491912][T19448] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1412: inode #12: block 7: comm syz.4.4740: path /585/file0/file0: bad entry in directory: directory entry overrun - offset=788, inode=13, rec_len=784, size=60 fake=0 [ 937.577291][T19448] EXT4-fs (loop4): Remounting filesystem read-only [ 937.652256][T12810] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 938.270040][T19477] 9p: Unknown access argument 00000000000000000000è: -22 [ 938.285334][ T28] kauditd_printk_skb: 62 callbacks suppressed [ 938.285350][ T28] audit: type=1326 audit(1757791498.494:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.362681][ T28] audit: type=1326 audit(1757791498.524:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.446703][ T28] audit: type=1326 audit(1757791498.534:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.472771][T18091] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 938.509215][ T28] audit: type=1326 audit(1757791498.534:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.582746][ T28] audit: type=1326 audit(1757791498.534:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.641643][T18091] usb 5-1: device descriptor read/64, error -71 [ 938.656623][ T28] audit: type=1326 audit(1757791498.534:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.681420][ T28] audit: type=1326 audit(1757791498.534:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.739727][ T28] audit: type=1326 audit(1757791498.534:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.782940][ T28] audit: type=1326 audit(1757791498.534:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.812483][ T28] audit: type=1326 audit(1757791498.534:3631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19478 comm="syz.5.4754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 938.922800][T18091] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 938.990440][T19496] netlink: 'syz.1.4763': attribute type 3 has an invalid length. [ 939.092871][T18091] usb 5-1: device descriptor read/64, error -71 [ 939.180071][T19500] loop5: detected capacity change from 0 to 8192 [ 939.213010][T18091] usb usb5-port1: attempt power cycle [ 939.215008][T19504] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1 [ 939.231767][T19504] ref_ctr increment failed for inode: 0x115 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807b581300 [ 939.405780][T19510] loop3: detected capacity change from 0 to 764 [ 939.652743][T18091] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 939.693629][T18091] usb 5-1: device descriptor read/8, error -71 [ 939.845800][T19530] loop3: detected capacity change from 0 to 128 [ 939.864012][T19530] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 939.897087][T19530] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 939.982928][T18091] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 940.024254][T18091] usb 5-1: device descriptor read/8, error -71 [ 940.176750][T18091] usb usb5-port1: unable to enumerate USB device [ 940.778452][T19542] loop5: detected capacity change from 0 to 1024 [ 940.789577][T19542] EXT4-fs: Ignoring removed nomblk_io_submit option [ 940.828075][T19542] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 940.983281][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 941.284451][T19551] loop3: detected capacity change from 0 to 128 [ 941.292410][T19551] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 941.313202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 941.382320][T19551] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 942.028667][T17634] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 942.222722][T18094] usb 5-1: new high-speed USB device number 21 using dummy_hcd [ 942.325831][T19580] loop5: detected capacity change from 0 to 128 [ 942.348356][T19582] loop3: detected capacity change from 0 to 2048 [ 942.357644][T19580] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002] [ 942.373402][T19580] System zones: 1-3, 19-19, 35-36 [ 942.381193][T19580] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback. [ 942.392752][T18094] usb 5-1: device descriptor read/64, error -71 [ 942.402277][T19580] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 942.476048][T19582] loop3: p2 p3 p7 [ 942.578994][T14030] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 942.670578][T18094] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 942.788800][T19591] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4803'. [ 942.842922][T18094] usb 5-1: device descriptor read/64, error -71 [ 942.978812][T18094] usb usb5-port1: attempt power cycle [ 943.329602][T19615] loop3: detected capacity change from 0 to 128 [ 943.348233][T19616] loop5: detected capacity change from 0 to 128 [ 943.357829][T19616] FAT-fs (loop5): Unrecognized mount option "zÐ5¿ÙÚ ñå»!Õd.«#ÕYÃ똿“7O/Œä:jóö&fŸM§J¬¾ØêÆÃ" or missing value [ 943.402949][T18094] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 943.446791][T18094] usb 5-1: device descriptor read/8, error -71 [ 943.752965][T18094] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 943.803750][T18094] usb 5-1: device descriptor read/8, error -71 [ 943.992049][T19631] usb usb8: usbfs: process 19631 (syz.5.4821) did not claim interface 0 before use [ 944.762819][T18094] usb usb5-port1: unable to enumerate USB device [ 945.894410][T19655] loop3: detected capacity change from 0 to 1024 [ 946.064311][T19655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 946.093663][T19664] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4834'. [ 946.233357][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 946.495882][T19680] smc: net device bond0 applied user defined pnetid SYZ0 [ 946.505815][T19680] smc: net device bond0 erased user defined pnetid SYZ0 [ 946.653069][T18216] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 946.812751][T18216] usb 4-1: device descriptor read/64, error -71 [ 947.972760][T18216] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 948.171522][T18216] usb 4-1: device descriptor read/64, error -71 [ 948.321617][T18216] usb usb4-port1: attempt power cycle [ 948.782773][T18216] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 948.813542][T18216] usb 4-1: device descriptor read/8, error -71 [ 948.956055][T18748] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 948.966888][T18748] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 948.977306][T18748] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 948.986853][T18748] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 948.997695][T18748] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 949.015881][T18748] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 949.092742][T18216] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 949.123839][T18216] usb 4-1: device descriptor read/8, error -71 [ 949.201984][T19712] lo speed is unknown, defaulting to 1000 [ 949.260657][T18216] usb usb4-port1: unable to enumerate USB device [ 949.302167][T19719] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4858'. [ 950.664080][T19738] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4865'. [ 950.768498][T19741] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4866'. [ 950.812908][ T7367] tipc: Left network mode [ 950.909677][T19712] chnl_net:caif_netlink_parms(): no params data found [ 950.990343][T19729] syz.3.4862[19729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 950.990571][T19729] syz.3.4862[19729] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 951.124291][ T5798] Bluetooth: hci4: command tx timeout [ 951.966700][T19752] kthread_run failed with err -4 [ 952.151648][T19712] bridge0: port 1(bridge_slave_0) entered blocking state [ 952.166782][T19712] bridge0: port 1(bridge_slave_0) entered disabled state [ 952.177088][T19712] bridge_slave_0: entered allmulticast mode [ 952.190034][T19712] bridge_slave_0: entered promiscuous mode [ 952.206636][T19756] netlink: 168 bytes leftover after parsing attributes in process `syz.3.4869'. [ 952.237039][T19712] bridge0: port 2(bridge_slave_1) entered blocking state [ 952.244975][T19712] bridge0: port 2(bridge_slave_1) entered disabled state [ 952.252425][T19712] bridge_slave_1: entered allmulticast mode [ 952.261173][T19712] bridge_slave_1: entered promiscuous mode [ 952.321190][T19755] lo speed is unknown, defaulting to 1000 [ 952.401170][T19712] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 952.427580][T19712] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 952.631274][ T28] kauditd_printk_skb: 59 callbacks suppressed [ 952.631291][ T28] audit: type=1326 audit(1757791512.834:3691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19771 comm="syz.5.4876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 952.646597][T19712] team0: Port device team_slave_0 added [ 952.668462][ T28] audit: type=1326 audit(1757791512.874:3692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19771 comm="syz.5.4876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 952.692062][ T28] audit: type=1326 audit(1757791512.874:3693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19771 comm="syz.5.4876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 952.718307][T19712] team0: Port device team_slave_1 added [ 952.739720][ T28] audit: type=1326 audit(1757791512.884:3694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19771 comm="syz.5.4876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 952.766562][ T28] audit: type=1326 audit(1757791512.884:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19771 comm="syz.5.4876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 952.929585][T19712] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 952.938150][T19712] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 952.967817][T19712] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 953.010709][T19776] loop5: detected capacity change from 0 to 164 [ 953.061201][T19712] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 953.069196][T19712] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 953.096563][T19712] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 953.203115][ T5798] Bluetooth: hci4: command tx timeout [ 953.237114][T19712] hsr_slave_0: entered promiscuous mode [ 953.244390][T19712] hsr_slave_1: entered promiscuous mode [ 953.251080][T19712] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 953.259651][T19712] Cannot create hsr debugfs directory [ 954.443658][ T7367] batadv1: left allmulticast mode [ 954.449224][ T7367] batadv1: left promiscuous mode [ 954.462300][ T28] audit: type=1326 audit(1757791514.664:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19788 comm="syz.5.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 954.487088][ T7367] bridge0: port 1(batadv1) entered disabled state [ 954.535139][ T7367] hsr_slave_0: left promiscuous mode [ 954.543568][ T28] audit: type=1326 audit(1757791514.664:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19788 comm="syz.5.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 954.577124][ T7367] hsr_slave_1: left promiscuous mode [ 954.604585][ T7367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 954.619379][ T28] audit: type=1326 audit(1757791514.694:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19788 comm="syz.5.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 954.643477][ T7367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 954.692144][ T28] audit: type=1326 audit(1757791514.694:3699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19788 comm="syz.5.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 954.715864][ T28] audit: type=1326 audit(1757791514.694:3700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19788 comm="syz.5.4882" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 955.283043][ T5798] Bluetooth: hci4: command tx timeout [ 955.957292][ T7367] team0 (unregistering): Port device team_slave_1 removed [ 956.038743][ T7367] team0 (unregistering): Port device team_slave_0 removed [ 956.970558][T19810] lo speed is unknown, defaulting to 1000 [ 957.017605][T19818] loop5: detected capacity change from 0 to 512 [ 957.035993][T19818] EXT4-fs: Ignoring removed nobh option [ 957.085297][T19818] EXT4-fs error (device loop5): ext4_map_blocks:608: inode #2: block 3: comm syz.5.4892: lblock 0 mapped to illegal pblock 3 (length 1) [ 957.176900][T19818] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.4892: error -117 reading directory block [ 957.222855][T19818] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117 [ 957.264159][T19818] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 957.311893][T19712] 8021q: adding VLAN 0 to HW filter on device bond0 [ 957.363599][ T5798] Bluetooth: hci4: command tx timeout [ 957.385071][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 957.577259][T19822] 9pnet: p9_errstr2errno: server reported unknown error [ 957.594594][T19712] 8021q: adding VLAN 0 to HW filter on device team0 [ 957.644505][ T7366] bridge0: port 1(bridge_slave_0) entered blocking state [ 957.651735][ T7366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 957.665174][ T7367] IPVS: stop unused estimator thread 0... [ 957.698150][ T7366] bridge0: port 2(bridge_slave_1) entered blocking state [ 957.705517][ T7366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 957.825017][T19712] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 958.037328][ T28] kauditd_printk_skb: 14 callbacks suppressed [ 958.037345][ T28] audit: type=1326 audit(1757791518.244:3715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.123212][ T28] audit: type=1326 audit(1757791518.244:3716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.188040][ T28] audit: type=1326 audit(1757791518.284:3717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=108 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.215543][ T28] audit: type=1326 audit(1757791518.284:3718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.282735][ T28] audit: type=1326 audit(1757791518.284:3719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.374161][ T28] audit: type=1326 audit(1757791518.304:3720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.422382][ T28] audit: type=1326 audit(1757791518.304:3721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.456663][ T28] audit: type=1326 audit(1757791518.304:3722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.520053][T19712] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 958.543807][ T28] audit: type=1326 audit(1757791518.304:3723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.644388][ T28] audit: type=1326 audit(1757791518.304:3724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19830 comm="syz.3.4896" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3682f8eba9 code=0x7ffc0000 [ 958.757498][T19848] smc: net device bond0 applied user defined pnetid SYZ0 [ 958.766269][T19848] smc: net device bond0 erased user defined pnetid SYZ0 [ 958.999660][T19850] lo speed is unknown, defaulting to 1000 [ 959.478642][T19712] veth0_vlan: entered promiscuous mode [ 959.554362][T19712] veth1_vlan: entered promiscuous mode [ 959.731917][T19712] veth0_macvtap: entered promiscuous mode [ 959.779122][T19712] veth1_macvtap: entered promiscuous mode [ 959.854197][T19712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 959.872424][T19712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 959.899087][T19712] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 960.010331][T19712] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 960.041935][T19712] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 960.078610][T19712] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 960.634654][ T7367] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 960.650015][ T7367] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 960.853697][T17634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 960.905913][T17634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 961.847864][T19892] loop3: detected capacity change from 0 to 1024 [ 961.847871][T19896] 9pnet_fd: Insufficient options for proto=fd [ 961.848792][T19892] EXT4-fs: Ignoring removed orlov option [ 961.898208][T19892] EXT4-fs: Ignoring removed nobh option [ 961.906856][T19892] EXT4-fs: Ignoring removed bh option [ 961.946163][T19892] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 962.014243][T19892] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.4915: Allocating blocks 481-513 which overlap fs metadata [ 962.033144][T19906] loop5: detected capacity change from 0 to 128 [ 962.063486][T19906] bio_check_eod: 5379 callbacks suppressed [ 962.063512][T19906] syz.5.4920: attempt to access beyond end of device [ 962.063512][T19906] loop5: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 962.090524][T19906] syz.5.4920: attempt to access beyond end of device [ 962.090524][T19906] loop5: rw=2049, sector=138, nr_sectors = 14 limit=128 [ 962.142420][T13011] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 962.145030][T19908] loop4: detected capacity change from 0 to 512 [ 962.189585][T19908] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 962.209566][T19908] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 962.417467][T19915] loop5: detected capacity change from 0 to 512 [ 962.443504][T19915] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 962.476725][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 962.496587][T19915] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 962.576106][T19915] EXT4-fs (loop5): 1 truncate cleaned up [ 962.601499][T19915] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 962.648406][T19920] loop4: detected capacity change from 0 to 1764 [ 962.689011][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 963.554730][T19931] netlink: 64535 bytes leftover after parsing attributes in process `syz.4.4929'. [ 963.863224][T19941] loop7: detected capacity change from 0 to 16384 [ 963.969980][T19943] pim6reg: entered allmulticast mode [ 964.957389][T19943] loop7: detected capacity change from 16384 to 16383 [ 964.965155][T19952] netlink: 'syz.3.4938': attribute type 10 has an invalid length. [ 964.974199][T19952] netlink: 'syz.3.4938': attribute type 10 has an invalid length. [ 964.988145][T19952] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 965.005500][T19954] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4936'. [ 965.042838][T19954] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 965.071449][T19954] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 965.085478][T19954] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 965.103508][T19954] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 966.675554][T19965] usb usb8: usbfs: process 19965 (syz.1.4940) did not claim interface 0 before use [ 966.895999][T19965] lo speed is unknown, defaulting to 1000 [ 967.512897][ T5798] Bluetooth: hci2: command 0x0406 tx timeout [ 967.803828][T18748] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 967.824777][T18748] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 967.967573][T18748] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 968.198133][T18748] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 968.217108][T18748] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 968.232292][T18748] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 968.446540][T19969] lo speed is unknown, defaulting to 1000 [ 968.768114][T18094] IPVS: starting estimator thread 0... [ 968.814168][T19979] loop5: detected capacity change from 0 to 512 [ 968.862871][T19981] IPVS: using max 16 ests per chain, 38400 per kthread [ 968.900805][T19979] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 968.927715][T19979] ext4 filesystem being mounted at /484/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 969.186513][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 970.309055][T20002] loop4: detected capacity change from 0 to 128 [ 970.384779][T20002] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 970.407056][T20002] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 970.440643][T18748] Bluetooth: hci1: command tx timeout [ 971.226817][T19712] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 971.424876][T20013] loop4: detected capacity change from 0 to 512 [ 971.438459][T19969] chnl_net:caif_netlink_parms(): no params data found [ 971.486838][T20013] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.4953: corrupted in-inode xattr: invalid ea_ino [ 971.506642][T20013] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.4953: couldn't read orphan inode 15 (err -117) [ 971.525290][T20013] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 971.578679][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 971.671059][T20010] lo speed is unknown, defaulting to 1000 [ 971.844278][T19969] bridge0: port 1(bridge_slave_0) entered blocking state [ 971.866235][T19969] bridge0: port 1(bridge_slave_0) entered disabled state [ 971.874456][T19969] bridge_slave_0: entered allmulticast mode [ 971.881965][T19969] bridge_slave_0: entered promiscuous mode [ 972.433999][T19969] bridge0: port 2(bridge_slave_1) entered blocking state [ 972.487212][T18748] Bluetooth: hci1: command tx timeout [ 972.530281][T19969] bridge0: port 2(bridge_slave_1) entered disabled state [ 972.563921][T19969] bridge_slave_1: entered allmulticast mode [ 972.594631][T19969] bridge_slave_1: entered promiscuous mode [ 972.776082][T19969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 972.852282][T19969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 973.152241][ T28] kauditd_printk_skb: 33 callbacks suppressed [ 973.152279][ T28] audit: type=1326 audit(1757791533.354:3758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20030 comm="syz.4.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 973.276169][T19969] team0: Port device team_slave_0 added [ 973.510150][ T28] audit: type=1326 audit(1757791533.394:3759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20030 comm="syz.4.4957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 973.856472][T19969] team0: Port device team_slave_1 added [ 974.160363][T19969] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 974.177183][T19969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 975.278333][T20044] usb usb8: usbfs: process 20044 (syz.5.4960) did not claim interface 0 before use [ 975.358422][T18748] Bluetooth: hci1: command tx timeout [ 975.503702][T19969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 976.185795][T19969] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 976.197789][T19969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 976.223772][ C1] vkms_vblank_simulate: vblank timer overrun [ 976.237922][T20048] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4962'. [ 976.238985][T19969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 976.352424][T20050] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4964'. [ 976.369252][T20050] netlink: 504 bytes leftover after parsing attributes in process `syz.4.4964'. [ 976.666656][T19969] hsr_slave_0: entered promiscuous mode [ 976.694110][T19969] hsr_slave_1: entered promiscuous mode [ 976.700691][T19969] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 976.716751][T19969] Cannot create hsr debugfs directory [ 977.444449][T18748] Bluetooth: hci1: command tx timeout [ 977.867949][T20064] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4969'. [ 977.910724][T17634] hsr_slave_0: left promiscuous mode [ 977.933792][T17634] hsr_slave_1: left promiscuous mode [ 977.944449][T17634] batman_adv: batadv0: Removing interface: virt_wifi0 [ 977.955140][T17634] batadv2: left allmulticast mode [ 977.960747][T17634] batadv2: left promiscuous mode [ 977.983161][T17634] bridge0: port 2(batadv2) entered disabled state [ 977.996353][T17634] batadv1: left allmulticast mode [ 978.001528][T17634] batadv1: left promiscuous mode [ 978.007138][T17634] bridge0: port 1(batadv1) entered disabled state [ 979.140487][ T28] audit: type=1326 audit(1757791539.354:3760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.163540][ T28] audit: type=1326 audit(1757791539.354:3761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.187180][ T28] audit: type=1326 audit(1757791539.354:3762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.194493][T20071] (null): rxe_set_mtu: Set mtu to 4096 [ 979.230555][ T28] audit: type=1326 audit(1757791539.354:3763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.253635][ T28] audit: type=1326 audit(1757791539.354:3764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.276239][ C1] vkms_vblank_simulate: vblank timer overrun [ 979.283433][ T28] audit: type=1326 audit(1757791539.354:3765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20069 comm="syz.4.4971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 979.305876][ C1] vkms_vblank_simulate: vblank timer overrun [ 979.755493][ T7366] smc: removing ib device syz! [ 980.701134][T17634] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 980.989464][T17634] bond0 (unregistering): Released all slaves [ 981.121867][T20071] lo speed is unknown, defaulting to 1000 [ 981.154407][T20071] lo speed is unknown, defaulting to 1000 [ 981.161174][T20071] lo speed is unknown, defaulting to 1000 [ 981.314895][T20083] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4972'. [ 981.469239][T19969] 8021q: adding VLAN 0 to HW filter on device bond0 [ 981.536968][T19969] 8021q: adding VLAN 0 to HW filter on device team0 [ 981.590138][ T7330] bridge0: port 1(bridge_slave_0) entered blocking state [ 981.597413][ T7330] bridge0: port 1(bridge_slave_0) entered forwarding state [ 981.660702][ T7330] bridge0: port 2(bridge_slave_1) entered blocking state [ 981.668090][ T7330] bridge0: port 2(bridge_slave_1) entered forwarding state [ 981.681606][T20071] infiniband sz1: set active [ 981.707704][T18091] lo speed is unknown, defaulting to 1000 [ 981.718430][T20071] infiniband sz1: added lo [ 981.724883][T20071] sz1: rxe_create_cq: returned err = -12 [ 981.730887][T20071] infiniband sz1: Couldn't create ib_mad CQ [ 981.737221][T20071] infiniband sz1: Couldn't open port 1 [ 981.865449][T20089] tipc: Enabled bearer , priority 0 [ 981.904933][T20089] syzkaller0: entered promiscuous mode [ 981.910575][T20089] syzkaller0: entered allmulticast mode [ 981.940095][T20071] RDS/IB: sz1: added [ 982.005797][T20071] smc: adding ib device sz1 with port count 1 [ 982.012353][T20071] smc: ib device sz1 port 1 has pnetid [ 982.035166][T20071] lo speed is unknown, defaulting to 1000 [ 982.054845][T20089] tipc: Resetting bearer [ 982.229338][T20088] tipc: Resetting bearer [ 982.696107][T20088] tipc: Disabling bearer [ 982.738893][T18091] lo speed is unknown, defaulting to 1000 [ 983.003169][T20071] lo speed is unknown, defaulting to 1000 [ 983.114540][T19969] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 983.316896][T20109] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4980'. [ 983.365509][T20071] lo speed is unknown, defaulting to 1000 [ 983.738077][T20071] lo speed is unknown, defaulting to 1000 [ 983.933316][T19969] veth0_vlan: entered promiscuous mode [ 983.956846][T19969] veth1_vlan: entered promiscuous mode [ 984.646178][T19969] veth0_macvtap: entered promiscuous mode [ 984.668166][T19969] veth1_macvtap: entered promiscuous mode [ 984.739878][T19969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 984.770951][T19969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 984.797186][T19969] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 984.846925][T19969] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 984.873889][T19969] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 984.892231][T19969] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 985.050751][ T7330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 985.063934][ T7330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 985.088225][T20131] loop4: detected capacity change from 0 to 128 [ 985.110378][T17634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 985.121256][T17634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 985.138321][T20131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 985.147039][ T28] audit: type=1800 audit(1757791545.344:3766): pid=20131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4988" name="file2" dev="loop4" ino=1048669 res=0 errno=0 [ 985.190973][T20131] FAT-fs (loop4): Filesystem has been set read-only [ 985.211023][T20131] syz.4.4988: attempt to access beyond end of device [ 985.211023][T20131] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 985.260035][T20131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 985.282308][T20131] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 985.305777][T20131] syz.4.4988: attempt to access beyond end of device [ 985.305777][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.325222][T20131] syz.4.4988: attempt to access beyond end of device [ 985.325222][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.345632][T20131] syz.4.4988: attempt to access beyond end of device [ 985.345632][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.386586][T20131] syz.4.4988: attempt to access beyond end of device [ 985.386586][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.400084][T20131] syz.4.4988: attempt to access beyond end of device [ 985.400084][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.413944][T20131] syz.4.4988: attempt to access beyond end of device [ 985.413944][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.428347][T20131] syz.4.4988: attempt to access beyond end of device [ 985.428347][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.444152][T20131] syz.4.4988: attempt to access beyond end of device [ 985.444152][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 985.459105][T20131] syz.4.4988: attempt to access beyond end of device [ 985.459105][T20131] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 986.346638][T20147] loop4: detected capacity change from 0 to 512 [ 986.366174][T20147] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 986.529989][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 986.623869][ T28] audit: type=1326 audit(1757791546.834:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20153 comm="syz.3.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 986.670894][ T28] audit: type=1326 audit(1757791546.864:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20153 comm="syz.3.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 986.874037][ T28] audit: type=1326 audit(1757791546.864:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20153 comm="syz.3.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 987.323886][ T28] audit: type=1326 audit(1757791546.864:3770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20153 comm="syz.3.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 987.664835][T20168] loop3: detected capacity change from 0 to 512 [ 987.706852][T20168] EXT4-fs: Ignoring removed oldalloc option [ 987.733938][T20168] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 987.808265][T20168] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.5001: Parent and EA inode have the same ino 15 [ 987.836305][T20168] EXT4-fs error (device loop3): ext4_xattr_inode_iget:436: comm syz.3.5001: Parent and EA inode have the same ino 15 [ 987.858709][T20168] EXT4-fs (loop3): 1 orphan inode deleted [ 987.868631][T20168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 987.902400][T20173] lo speed is unknown, defaulting to 1000 [ 987.910512][T20173] lo speed is unknown, defaulting to 1000 [ 988.034672][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 988.589178][T20184] tipc: Started in network mode [ 988.611563][T20184] tipc: Node identity 32b1981d5d8a, cluster identity 4711 [ 988.645076][T20184] tipc: Enabled bearer , priority 0 [ 988.674460][T20186] syzkaller0: entered promiscuous mode [ 988.688704][T20186] syzkaller0: entered allmulticast mode [ 988.730391][T20188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5007'. [ 988.767664][T20188] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5007'. [ 988.804853][T20184] tipc: Resetting bearer [ 988.841412][T20183] tipc: Resetting bearer [ 988.929680][T20183] tipc: Disabling bearer [ 989.435858][T20199] netlink: 'syz.3.5012': attribute type 12 has an invalid length. [ 989.505221][T20203] netlink: 456 bytes leftover after parsing attributes in process `syz.4.5014'. [ 989.548393][T20203] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5014'. [ 989.576206][T20203] bridge_slave_1: left allmulticast mode [ 989.592138][T20203] bridge_slave_1: left promiscuous mode [ 989.607888][T20203] bridge0: port 2(bridge_slave_1) entered disabled state [ 989.648035][T20203] bridge_slave_0: left allmulticast mode [ 989.655826][T20204] loop4: detected capacity change from 0 to 1024 [ 989.666056][T20203] bridge_slave_0: left promiscuous mode [ 989.671915][T20203] bridge0: port 1(bridge_slave_0) entered disabled state [ 989.705561][T20208] loop3: detected capacity change from 0 to 128 [ 989.719430][T20204] Quota error (device loop4): do_check_range: Getting block 64 out of range 1-5 [ 989.742711][ T28] audit: type=1800 audit(1757791549.944:3771): pid=20208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5016" name="file2" dev="loop3" ino=1048673 res=0 errno=0 [ 989.744309][T20204] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0 [ 989.779599][T20204] EXT4-fs error (device loop4): ext4_acquire_dquot:6940: comm syz.4.5014: Failed to acquire dquot type 0 [ 989.794750][T20208] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 989.814179][T20208] FAT-fs (loop3): Filesystem has been set read-only [ 989.815661][T20204] EXT4-fs error (device loop4): mb_free_blocks:1938: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 989.852767][T20204] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #13: comm syz.4.5014: corrupted inode contents [ 989.862916][T20208] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 989.876501][T20208] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100) [ 989.882794][T20204] EXT4-fs error (device loop4): ext4_dirty_inode:6106: inode #13: comm syz.4.5014: mark_inode_dirty error [ 989.934807][T20204] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #13: comm syz.4.5014: corrupted inode contents [ 989.962754][T20204] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #13: comm syz.4.5014: mark_inode_dirty error [ 989.988400][T20204] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #13: comm syz.4.5014: corrupted inode contents [ 990.016389][T20204] EXT4-fs error (device loop4) in ext4_orphan_del:305: Corrupt filesystem [ 990.033375][T20204] EXT4-fs error (device loop4): ext4_do_update_inode:5230: inode #13: comm syz.4.5014: corrupted inode contents [ 990.066210][T20204] EXT4-fs error (device loop4): ext4_truncate:4288: inode #13: comm syz.4.5014: mark_inode_dirty error [ 990.098210][T20204] EXT4-fs error (device loop4) in ext4_process_orphan:347: Corrupt filesystem [ 990.134186][T20204] EXT4-fs (loop4): 1 truncate cleaned up [ 990.156259][T20204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 990.213171][T20208] bio_check_eod: 2052 callbacks suppressed [ 990.213190][T20208] syz.3.5016: attempt to access beyond end of device [ 990.213190][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.262780][T20208] syz.3.5016: attempt to access beyond end of device [ 990.262780][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.283593][T20208] syz.3.5016: attempt to access beyond end of device [ 990.283593][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.301665][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 990.333846][T20208] syz.3.5016: attempt to access beyond end of device [ 990.333846][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.369319][T20208] syz.3.5016: attempt to access beyond end of device [ 990.369319][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.392740][T20208] syz.3.5016: attempt to access beyond end of device [ 990.392740][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.418127][T20208] syz.3.5016: attempt to access beyond end of device [ 990.418127][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.442914][T20208] syz.3.5016: attempt to access beyond end of device [ 990.442914][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.482985][T20208] syz.3.5016: attempt to access beyond end of device [ 990.482985][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.512753][T20208] syz.3.5016: attempt to access beyond end of device [ 990.512753][T20208] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 990.637946][T20230] netlink: 'syz.5.5025': attribute type 12 has an invalid length. [ 992.033138][T20252] smc: net device bond0 applied user defined pnetid SYZ0 [ 992.041324][T20252] smc: net device bond0 erased user defined pnetid SYZ0 [ 992.369482][ T28] audit: type=1326 audit(1757791552.574:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.426552][ T28] audit: type=1326 audit(1757791552.574:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.477890][ T28] audit: type=1326 audit(1757791552.604:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.656527][ T28] audit: type=1326 audit(1757791552.604:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.656591][ T28] audit: type=1326 audit(1757791552.604:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.656642][ T28] audit: type=1326 audit(1757791552.604:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.656693][ T28] audit: type=1326 audit(1757791552.604:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.656742][ T28] audit: type=1326 audit(1757791552.604:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20267 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 992.824006][T20279] smc: net device bond0 applied user defined pnetid SYZ0 [ 992.825962][T20279] smc: net device bond0 erased user defined pnetid SYZ0 [ 993.451127][ T1289] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.451191][ T1289] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.651369][T20287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5046'. [ 993.674473][T20285] FAT-fs (loop11): unable to read boot sector [ 994.152976][T20300] loop4: detected capacity change from 0 to 1024 [ 994.637641][T20300] EXT4-fs: Ignoring removed nomblk_io_submit option [ 994.674649][T20300] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 994.815073][T20300] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003] [ 994.815206][T20300] System zones: 0-1, 3-36 [ 994.863274][T20300] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 994.992900][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 995.291385][T20309] loop3: detected capacity change from 0 to 512 [ 995.337666][T20309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 995.510896][T20314] smc: net device bond0 applied user defined pnetid SYZ0 [ 995.559500][T20314] smc: net device bond0 erased user defined pnetid SYZ0 [ 995.777772][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 996.113199][T20320] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5058'. [ 996.357882][ T28] audit: type=1326 audit(1757791556.554:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20323 comm="syz.3.5056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 996.442668][ T28] audit: type=1326 audit(1757791556.554:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20323 comm="syz.3.5056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd78eba9 code=0x7ffc0000 [ 996.512173][T20329] syz_tun: refused to change device tx_queue_len [ 996.671332][T20336] loop4: detected capacity change from 0 to 512 [ 996.704749][T20336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 996.755632][T20341] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5067'. [ 997.181720][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 997.374248][ T28] kauditd_printk_skb: 317 callbacks suppressed [ 997.374266][ T28] audit: type=1326 audit(1757791557.564:4099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b4872ada9 code=0x7ffc0000 [ 997.472766][ T28] audit: type=1326 audit(1757791557.584:4100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 997.531180][ T28] audit: type=1326 audit(1757791557.584:4101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b4872ada9 code=0x7ffc0000 [ 997.554359][ T28] audit: type=1326 audit(1757791557.584:4102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 997.578445][ T28] audit: type=1326 audit(1757791557.584:4103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b4872ada9 code=0x7ffc0000 [ 997.618037][ T28] audit: type=1326 audit(1757791557.584:4104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 997.659431][ T28] audit: type=1326 audit(1757791557.584:4105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b4872ada9 code=0x7ffc0000 [ 997.727856][ T28] audit: type=1326 audit(1757791557.584:4106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 997.829887][ T28] audit: type=1326 audit(1757791557.614:4107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 997.885377][T20359] loop4: detected capacity change from 0 to 512 [ 997.886142][ T28] audit: type=1326 audit(1757791557.614:4108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20343 comm="syz.5.5068" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7b4872ada9 code=0x7ffc0000 [ 998.191618][T20359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 998.462888][T20359] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 998.812438][T20368] loop3: detected capacity change from 0 to 512 [ 998.825258][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 998.858316][T20368] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 999.159389][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1001.068552][T20405] usb usb4: usbfs: interface 0 claimed by hub while 'syz.5.5091' sets config #0 [ 1001.989287][T20450] loop3: detected capacity change from 0 to 512 [ 1002.002308][T20450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1002.761862][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1002.975156][T20460] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5105'. [ 1003.262030][T20479] loop3: detected capacity change from 0 to 512 [ 1003.288930][T20479] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1003.591110][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1004.552710][T20506] sctp: [Deprecated]: syz.5.5124 (pid 20506) Use of int in max_burst socket option deprecated. [ 1004.552710][T20506] Use struct sctp_assoc_value instead [ 1004.558659][T20505] loop3: detected capacity change from 0 to 164 [ 1004.635876][T20508] syzkaller0: entered allmulticast mode [ 1004.670903][T20508] syzkaller0 (unregistering): left allmulticast mode [ 1004.710645][T20512] loop5: detected capacity change from 0 to 512 [ 1004.745890][T20512] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1004.888433][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1004.920646][T20522] loop4: detected capacity change from 0 to 128 [ 1004.931080][T20522] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1005.005362][T20522] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 1006.365566][T20545] loop5: detected capacity change from 0 to 512 [ 1006.381073][T20545] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1006.452834][ T28] kauditd_printk_skb: 1199 callbacks suppressed [ 1006.452859][ T28] audit: type=1326 audit(1757791566.664:5308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.485318][ T28] audit: type=1326 audit(1757791566.664:5309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.509441][ T28] audit: type=1326 audit(1757791566.664:5310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.533978][ T28] audit: type=1326 audit(1757791566.664:5311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.557264][ T28] audit: type=1326 audit(1757791566.664:5312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.563053][T18094] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 1006.610128][ T28] audit: type=1326 audit(1757791566.664:5313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.647195][ T28] audit: type=1326 audit(1757791566.664:5314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.671007][ T28] audit: type=1326 audit(1757791566.664:5315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.695389][ T28] audit: type=1326 audit(1757791566.664:5316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1006.745479][ T28] audit: type=1326 audit(1757791566.664:5317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20550 comm="syz.1.5142" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1007.018116][T18094] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1007.029506][T18094] usb 4-1: no configurations [ 1007.036849][T18094] usb 4-1: can't read configurations, error -22 [ 1007.318083][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1008.688803][T20583] loop3: detected capacity change from 0 to 128 [ 1008.746873][T20583] FAT-fs (loop3): error, clusters badly computed (4 != 3) [ 1008.758269][T20583] FAT-fs (loop3): Filesystem has been set read-only [ 1008.776673][T20583] FAT-fs (loop3): error, clusters badly computed (5 != 4) [ 1008.789521][T20583] FAT-fs (loop3): error, clusters badly computed (6 != 5) [ 1010.474884][T20604] loop3: detected capacity change from 0 to 512 [ 1010.499558][T20606] loop4: detected capacity change from 0 to 128 [ 1010.522530][T20606] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 1010.547718][T20604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1010.561461][T20606] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1010.586442][T20604] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1010.702303][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1010.878676][T19712] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 1011.356571][T20629] tipc: New replicast peer: 255.255.255.255 [ 1011.364444][T20629] tipc: Enabled bearer , priority 10 [ 1011.807083][T20642] loop3: detected capacity change from 0 to 4096 [ 1011.816089][T20642] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 1011.819849][T20644] vlan0: entered promiscuous mode [ 1011.831731][T20644] bond0: entered promiscuous mode [ 1011.837538][T20642] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1011.900186][T20642] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1011.950395][T20647] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5179'. [ 1012.605006][T18216] tipc: Node number set to 1866176541 [ 1012.914603][T20675] lo speed is unknown, defaulting to 1000 [ 1012.922702][T20675] lo speed is unknown, defaulting to 1000 [ 1013.781274][T20681] loop5: detected capacity change from 0 to 1024 [ 1013.789484][T20681] EXT4-fs: Ignoring removed nobh option [ 1013.795378][T20681] EXT4-fs: Ignoring removed bh option [ 1013.803122][T20681] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 1013.827100][T20681] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1013.839891][T20681] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 1013.854683][T20681] netlink: 'syz.5.5191': attribute type 7 has an invalid length. [ 1013.862962][T20681] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5191'. [ 1013.918039][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1014.198220][ T28] kauditd_printk_skb: 10 callbacks suppressed [ 1014.198237][ T28] audit: type=1326 audit(1757791574.404:5328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.247104][ T28] audit: type=1326 audit(1757791574.444:5329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.325268][T20695] loop4: detected capacity change from 0 to 512 [ 1014.339610][ T28] audit: type=1326 audit(1757791574.444:5330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.362664][ T28] audit: type=1326 audit(1757791574.444:5331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.385648][ T28] audit: type=1326 audit(1757791574.444:5332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.414583][T20695] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1014.431067][T20699] loop5: detected capacity change from 0 to 256 [ 1014.439357][ T28] audit: type=1326 audit(1757791574.444:5333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.462894][ T28] audit: type=1326 audit(1757791574.444:5334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.486139][ T28] audit: type=1326 audit(1757791574.444:5335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20692 comm="syz.4.5196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1014.536605][ T28] audit: type=1326 audit(1757791574.744:5336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20698 comm="syz.5.5198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1014.580564][ T28] audit: type=1326 audit(1757791574.744:5337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20698 comm="syz.5.5198" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1014.625557][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1015.153584][T20720] netlink: 'syz.5.5207': attribute type 3 has an invalid length. [ 1015.407855][T20725] loop5: detected capacity change from 0 to 512 [ 1015.469555][T20726] loop3: detected capacity change from 0 to 512 [ 1015.477964][T20726] journal_path: Lookup failure for './file0/../file0' [ 1015.484991][T20726] EXT4-fs: error: could not find journal device path [ 1015.486630][T20725] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1015.645782][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1016.052284][T20748] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5219'. [ 1016.158521][T20752] loop4: detected capacity change from 0 to 512 [ 1016.180872][T20752] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1016.261652][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1016.430133][T18213] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 1017.021386][T20764] syzkaller1: entered promiscuous mode [ 1017.042864][T20764] syzkaller1: entered allmulticast mode [ 1017.617342][T20780] loop5: detected capacity change from 0 to 512 [ 1017.655939][T20780] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1017.742201][T18213] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1017.760408][T18213] usb 4-1: no configurations [ 1017.771401][T18213] usb 4-1: can't read configurations, error -22 [ 1017.901675][T20787] usb usb8: usbfs: process 20787 (syz.1.5230) did not claim interface 0 before use [ 1018.811876][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1019.515776][T20810] usb usb5: usbfs: process 20810 (syz.1.5243) did not claim interface 0 before use [ 1019.682760][T20816] loop5: detected capacity change from 0 to 512 [ 1019.711521][T20816] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1019.913908][T18216] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 1020.068534][T20830] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5252'. [ 1020.349082][T18216] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1020.360935][T18216] usb 4-1: no configurations [ 1020.366128][T18216] usb 4-1: can't read configurations, error -22 [ 1020.600827][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1020.667721][T20842] loop4: detected capacity change from 0 to 512 [ 1020.682295][T20842] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.5257: casefold flag without casefold feature [ 1020.699208][T20842] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.5257: couldn't read orphan inode 15 (err -117) [ 1020.717434][T20842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1020.761279][T20842] usb usb5: usbfs: process 20842 (syz.4.5257) did not claim interface 0 before use [ 1020.820805][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1021.175363][T20858] loop4: detected capacity change from 0 to 1024 [ 1021.196115][T20858] EXT4-fs: Ignoring removed bh option [ 1021.212707][T20858] EXT4-fs: Ignoring removed mblk_io_submit option [ 1021.234187][T20858] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 1021.277672][T20858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1021.399911][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1021.432203][T20870] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5267'. [ 1021.647002][T20876] netlink: 'syz.3.5266': attribute type 64 has an invalid length. [ 1021.780231][T20878] netlink: 288 bytes leftover after parsing attributes in process `syz.4.5269'. [ 1022.149117][ T28] kauditd_printk_skb: 22 callbacks suppressed [ 1022.149134][ T28] audit: type=1326 audit(1757791582.354:5360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.185183][ C1] vkms_vblank_simulate: vblank timer overrun [ 1022.213334][T18090] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 1022.250306][ T28] audit: type=1326 audit(1757791582.354:5361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.312696][ T28] audit: type=1326 audit(1757791582.354:5362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.350387][ T28] audit: type=1326 audit(1757791582.354:5363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.373729][ C1] vkms_vblank_simulate: vblank timer overrun [ 1022.384540][ T28] audit: type=1326 audit(1757791582.354:5364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.407385][ C1] vkms_vblank_simulate: vblank timer overrun [ 1022.415453][ T28] audit: type=1326 audit(1757791582.354:5365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.447676][ T28] audit: type=1326 audit(1757791582.354:5366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.472462][ T28] audit: type=1326 audit(1757791582.374:5367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.520395][ T28] audit: type=1326 audit(1757791582.374:5368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.556763][ T28] audit: type=1326 audit(1757791582.404:5369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20891 comm="syz.5.5276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1022.718840][T20909] loop3: detected capacity change from 0 to 1024 [ 1022.798878][T20909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1022.923578][T20909] EXT4-fs error (device loop3): mb_free_blocks:1938: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt. [ 1023.026788][T18090] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1023.043141][T18090] usb 5-1: no configurations [ 1023.049053][T18090] usb 5-1: can't read configurations, error -22 [ 1023.063682][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1023.256548][T20927] loop3: detected capacity change from 0 to 1024 [ 1023.265803][T20927] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 1023.277193][T20927] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 1023.289860][T20927] JBD2: no valid journal superblock found [ 1023.298045][T20927] EXT4-fs (loop3): Could not load journal inode [ 1023.825396][T20939] loop4: detected capacity change from 0 to 2048 [ 1023.850243][T20939] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1023.866704][T20939] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1023.915850][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1024.136849][T20949] netlink: 3 bytes leftover after parsing attributes in process `syz.1.5304'. [ 1024.148795][T20949] 0ªX¹¦À: renamed from caif0 [ 1024.152269][T20951] syz.5.5297 (20951): attempted to duplicate a private mapping with mremap. This is not supported. [ 1024.186583][T20949] 0ªX¹¦À: entered allmulticast mode [ 1024.206993][T20949] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 1024.422150][T20961] loop4: detected capacity change from 0 to 512 [ 1024.430323][T20961] FAT-fs (loop4): Unrecognized mount option "dos1xfÄlžL@loppy" or missing value [ 1024.633336][T18094] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 1024.683537][T20969] loop4: detected capacity change from 0 to 1024 [ 1024.704807][T20969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1024.764977][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1024.974528][T20976] loop4: detected capacity change from 0 to 2048 [ 1024.987247][T18094] usb 4-1: unable to get BOS descriptor or descriptor too short [ 1024.996460][T18094] usb 4-1: no configurations [ 1025.001976][T20976] loop4: p1 < > p4 [ 1025.012777][T18094] usb 4-1: can't read configurations, error -22 [ 1025.020259][T20976] loop4: p4 size 8388608 extends beyond EOD, truncated [ 1025.062973][T20980] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 37748736, id = 0 [ 1025.882652][T21003] lo speed is unknown, defaulting to 1000 [ 1025.896476][T21003] lo speed is unknown, defaulting to 1000 [ 1026.634361][T18748] Bluetooth: hci3: command 0x0406 tx timeout [ 1026.682364][T21008] loop3: detected capacity change from 0 to 512 [ 1026.690871][T21008] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 1027.342813][T18094] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 1027.532619][T21034] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5332'. [ 1027.800580][T21038] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5335'. [ 1027.825627][T18094] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1027.843754][T18094] usb 5-1: no configurations [ 1027.848517][T18094] usb 5-1: can't read configurations, error -22 [ 1027.911731][T21040] dvmrp0: entered allmulticast mode [ 1029.612732][T18216] usb 5-1: new high-speed USB device number 29 using dummy_hcd [ 1029.909492][T18216] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1029.918229][T18216] usb 5-1: no configurations [ 1029.925823][T18216] usb 5-1: can't read configurations, error -22 [ 1030.106873][T21083] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5351'. [ 1030.129653][T21083] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5351'. [ 1030.428841][ T28] kauditd_printk_skb: 74 callbacks suppressed [ 1030.428859][ T28] audit: type=1326 audit(1757791590.634:5444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.501245][ T28] audit: type=1326 audit(1757791590.634:5445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.539128][T21090] tipc: Started in network mode [ 1030.545535][T21090] tipc: Node identity ac14140f, cluster identity 4711 [ 1030.558818][T21090] tipc: New replicast peer: 255.255.255.255 [ 1030.570824][ T28] audit: type=1326 audit(1757791590.634:5446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.597937][T21090] tipc: Enabled bearer , priority 10 [ 1030.672673][ T28] audit: type=1326 audit(1757791590.634:5447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.732165][ T28] audit: type=1326 audit(1757791590.634:5448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.773031][ T28] audit: type=1326 audit(1757791590.684:5449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.845509][ T28] audit: type=1326 audit(1757791590.684:5450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.902693][ T28] audit: type=1326 audit(1757791590.684:5451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.917162][T21101] loop5: detected capacity change from 0 to 1024 [ 1030.962850][ T28] audit: type=1326 audit(1757791590.684:5452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1030.970636][T21101] EXT4-fs: Ignoring removed bh option [ 1031.131570][ T28] audit: type=1326 audit(1757791590.684:5453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21089 comm="syz.1.5355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff689f8eba9 code=0x7ffc0000 [ 1031.177864][T21106] netlink: 1 bytes leftover after parsing attributes in process `syz.4.5363'. [ 1031.237423][T21106] xt_policy: neither incoming nor outgoing policy selected [ 1031.265108][T21101] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1031.417378][T21113] loop4: detected capacity change from 0 to 512 [ 1031.433502][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1031.439097][T21113] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1031.592854][T18092] tipc: Node number set to 2886997007 [ 1031.842739][T18216] usb 6-1: new high-speed USB device number 22 using dummy_hcd [ 1032.249387][T18216] usb 6-1: unable to get BOS descriptor or descriptor too short [ 1032.267723][T18216] usb 6-1: no configurations [ 1032.282733][T18216] usb 6-1: can't read configurations, error -22 [ 1032.376642][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1032.732042][T21148] pimreg: entered allmulticast mode [ 1032.744624][T21148] pimreg: left allmulticast mode [ 1033.030523][T21158] loop3: detected capacity change from 0 to 512 [ 1033.054426][T21158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1034.057353][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1034.393130][T21189] loop3: detected capacity change from 0 to 2048 [ 1034.454140][T21195] syz.4.5401[21195] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1034.454283][T21195] syz.4.5401[21195] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1034.454659][T21189] loop3: p1 < > p4 [ 1034.535228][T21189] loop3: p4 size 8388608 extends beyond EOD, truncated [ 1035.867427][T21239] loop4: detected capacity change from 0 to 2048 [ 1035.875105][T21239] EXT4-fs: Ignoring removed nomblk_io_submit option [ 1035.920053][T21239] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 1036.068802][T19712] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1036.298806][T21251] usb usb7: usbfs: process 21251 (syz.4.5424) did not claim interface 0 before use [ 1036.336910][T21255] loop3: detected capacity change from 0 to 512 [ 1036.366842][T21255] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.5425: iget: bad extended attribute block 1 [ 1036.440046][T21255] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.5425: couldn't read orphan inode 15 (err -117) [ 1036.504683][T21255] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 1036.567014][T21255] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 1037.326584][T19969] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 1037.789795][T21278] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.5437'. [ 1037.874201][T21276] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 1037.890238][T21276] 8021q: adding VLAN 0 to HW filter on device bond1 [ 1038.128611][T21288] syz.1.5441[21288] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1038.128756][T21288] syz.1.5441[21288] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 1038.148967][T21288] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5441'. [ 1039.299542][ T28] kauditd_printk_skb: 100 callbacks suppressed [ 1039.299559][ T28] audit: type=1326 audit(1757791599.504:5554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.354320][ T28] audit: type=1326 audit(1757791599.534:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.427698][ T28] audit: type=1326 audit(1757791599.554:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=166 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.472346][ T28] audit: type=1326 audit(1757791599.554:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.526311][ T28] audit: type=1326 audit(1757791599.554:5558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.559437][ T28] audit: type=1326 audit(1757791599.554:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.633781][ T28] audit: type=1326 audit(1757791599.554:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.723682][ T28] audit: type=1326 audit(1757791599.554:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21305 comm="syz.5.5449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b4878eba9 code=0x7ffc0000 [ 1039.944254][T21329] gfs2: gfs2 mount does not exist [ 1039.951976][T21329] netlink: 'syz.1.5456': attribute type 1 has an invalid length. [ 1039.961571][T21329] netlink: 224 bytes leftover after parsing attributes in process `syz.1.5456'. [ 1039.974837][T21329] 9pnet_fd: Insufficient options for proto=fd [ 1040.502291][T21344] loop5: detected capacity change from 0 to 512 [ 1040.556813][T21344] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 1040.573314][T21344] ext4 filesystem being mounted at /594/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 1040.588953][T21344] EXT4-fs (loop5): shut down requested (1) [ 1040.649593][T14030] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 1040.922897][T21362] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5469'. [ 1041.320637][T21382] netlink: 'syz.5.5480': attribute type 7 has an invalid length. [ 1041.328785][T21382] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5480'. [ 1042.349420][T21004] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1042.382806][T21004] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1042.400567][T21004] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1042.414683][T21004] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1042.424599][T21004] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 1042.442993][T21004] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1042.509875][T21401] netlink: 27 bytes leftover after parsing attributes in process `syz.1.5487'. [ 1042.621242][T21399] lo speed is unknown, defaulting to 1000 [ 1042.631387][T17636] tipc: Disabling bearer [ 1042.638634][T17636] tipc: Left network mode [ 1042.674699][T21399] lo speed is unknown, defaulting to 1000 [ 1043.890972][T21439] netlink: 'syz.1.5500': attribute type 4 has an invalid length. [ 1044.112125][T21399] chnl_net:caif_netlink_parms(): no params data found [ 1044.152514][ T28] audit: type=1326 audit(1757791604.354:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21445 comm="syz.4.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1044.197987][ T28] audit: type=1326 audit(1757791604.354:5563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21445 comm="syz.4.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1044.481343][ T28] kauditd_printk_skb: 12 callbacks suppressed [ 1044.481360][ T28] audit: type=1326 audit(1757791604.684:5576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21445 comm="syz.4.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1044.572030][T21004] Bluetooth: hci0: command tx timeout [ 1044.587115][ T28] audit: type=1326 audit(1757791604.734:5577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21445 comm="syz.4.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97d3f8eba9 code=0x7ffc0000 [ 1045.343835][T21399] bridge0: port 1(bridge_slave_0) entered blocking state [ 1045.351369][T21399] bridge0: port 1(bridge_slave_0) entered disabled state [ 1045.396292][T21399] bridge_slave_0: entered allmulticast mode [ 1045.428170][T21399] bridge_slave_0: entered promiscuous mode [ 1045.567360][T21399] bridge0: port 2(bridge_slave_1) entered blocking state [ 1045.586241][T21399] bridge0: port 2(bridge_slave_1) entered disabled state [ 1045.606568][T21399] bridge_slave_1: entered allmulticast mode [ 1045.622732][T21399] bridge_slave_1: entered promiscuous mode [ 1045.752729][T21399] [ 1045.755108][T21399] ============================================ [ 1045.761254][T21399] WARNING: possible recursive locking detected [ 1045.767407][T21399] syzkaller #0 Not tainted [ 1045.771817][T21399] -------------------------------------------- [ 1045.777959][T21399] syz-executor/21399 is trying to acquire lock: [ 1045.784189][T21399] ffffc90000ba60d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1045.793769][T21399] [ 1045.793769][T21399] but task is already holding lock: [ 1045.801137][T21399] ffffc900038390d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1045.810816][T21399] [ 1045.810816][T21399] other info that might help us debug this: [ 1045.818869][T21399] Possible unsafe locking scenario: [ 1045.818869][T21399] [ 1045.826310][T21399] CPU0 [ 1045.829606][T21399] ---- [ 1045.832892][T21399] lock(&rb->spinlock); [ 1045.837147][T21399] lock(&rb->spinlock); [ 1045.841397][T21399] [ 1045.841397][T21399] *** DEADLOCK *** [ 1045.841397][T21399] [ 1045.849561][T21399] May be due to missing lock nesting notation [ 1045.849561][T21399] [ 1045.857873][T21399] 5 locks held by syz-executor/21399: [ 1045.863257][T21399] #0: ffffffff8dfbc908 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x76f/0xf10 [ 1045.872766][T21399] #1: ffffffff8e324cc8 (uevent_sock_mutex){+.+.}-{3:3}, at: kobject_uevent_env+0x4f3/0x8c0 [ 1045.882864][T21399] #2: ffffffff8cd2fe20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0xf4/0x400 [ 1045.892172][T21399] #3: ffffc900038390d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1045.902247][T21399] #4: ffffffff8cd2fe20 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0xde/0x3c0 [ 1045.911871][T21399] [ 1045.911871][T21399] stack backtrace: [ 1045.917849][T21399] CPU: 1 PID: 21399 Comm: syz-executor Not tainted syzkaller #0 [ 1045.925480][T21399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1045.935570][T21399] Call Trace: [ 1045.938850][T21399] [ 1045.941784][T21399] dump_stack_lvl+0x16c/0x230 [ 1045.946470][T21399] ? show_regs_print_info+0x20/0x20 [ 1045.951676][T21399] ? print_deadlock_bug+0x435/0x5d0 [ 1045.956881][T21399] __lock_acquire+0x5d40/0x7c80 [ 1045.961774][T21399] ? verify_lock_unused+0x140/0x140 [ 1045.967093][T21399] ? mark_lock+0x94/0x320 [ 1045.971434][T21399] ? verify_lock_unused+0x140/0x140 [ 1045.976653][T21399] ? __lock_acquire+0x1260/0x7c80 [ 1045.981681][T21399] ? rcu_qs+0xc5/0x160 [ 1045.985763][T21399] ? mark_lock+0x94/0x320 [ 1045.990094][T21399] lock_acquire+0x197/0x410 [ 1045.994598][T21399] ? __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1046.000069][T21399] ? read_lock_is_recursive+0x20/0x20 [ 1046.005456][T21399] ? __lock_acquire+0x1260/0x7c80 [ 1046.010584][T21399] _raw_spin_lock_irqsave+0xa8/0xf0 [ 1046.015802][T21399] ? __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1046.021278][T21399] ? _raw_spin_lock+0x40/0x40 [ 1046.026084][T21399] __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1046.031516][T21399] ? bpf_ringbuf_notify+0x30/0x30 [ 1046.036664][T21399] ? __cant_sleep+0x210/0x210 [ 1046.041481][T21399] bpf_ringbuf_output+0x69/0x1e0 [ 1046.046539][T21399] bpf_prog_fab844a31c87a330+0x4d/0x51 [ 1046.052338][T21399] bpf_trace_run2+0x1d1/0x3c0 [ 1046.057308][T21399] ? bpf_trace_run2+0xde/0x3c0 [ 1046.062099][T21399] ? bpf_trace_run1+0x3b0/0x3b0 [ 1046.067222][T21399] ? __bpf_trace_contention_end+0xce/0x130 [ 1046.074077][T21399] __bpf_trace_contention_end+0xdd/0x130 [ 1046.080210][T21399] ? __bpf_trace_contention_begin+0x130/0x130 [ 1046.086330][T21399] ? verify_lock_unused+0x140/0x140 [ 1046.091577][T21399] ? rcu_qs+0xc5/0x160 [ 1046.095658][T21399] trace_contention_end+0xe6/0x110 [ 1046.100885][T21399] __pv_queued_spin_lock_slowpath+0x7ec/0x9d0 [ 1046.107085][T21399] ? __pv_queued_spin_unlock_slowpath+0x2a0/0x2a0 [ 1046.113623][T21399] do_raw_spin_lock+0x24e/0x2c0 [ 1046.118506][T21399] ? __rwlock_init+0x150/0x150 [ 1046.123299][T21399] _raw_spin_lock_irqsave+0xb4/0xf0 [ 1046.128617][T21399] ? _raw_spin_lock+0x40/0x40 [ 1046.133491][T21399] ? __x64_sys_sendto+0xde/0xf0 [ 1046.138447][T21399] ? do_syscall_64+0x55/0xb0 [ 1046.143055][T21399] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1046.149225][T21399] __bpf_ringbuf_reserve+0x1c8/0x5a0 [ 1046.154532][T21399] ? bpf_ringbuf_notify+0x30/0x30 [ 1046.159576][T21399] ? __cant_sleep+0x210/0x210 [ 1046.164271][T21399] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1046.170263][T21399] bpf_ringbuf_reserve+0x5c/0x70 [ 1046.175297][T21399] bpf_prog_fe0ed97373b08409+0x2d/0x4a [ 1046.180852][T21399] bpf_trace_run3+0x1e7/0x400 [ 1046.185535][T21399] ? bpf_trace_run3+0xf4/0x400 [ 1046.190335][T21399] ? bpf_trace_run2+0x3c0/0x3c0 [ 1046.195310][T21399] ? netlink_broadcast_filtered+0x101c/0x1110 [ 1046.201683][T21399] ? netlink_broadcast_filtered+0x101c/0x1110 [ 1046.207755][T21399] kmem_cache_free+0x1e0/0x280 [ 1046.212616][T21399] netlink_broadcast_filtered+0x101c/0x1110 [ 1046.218710][T21399] ? vsprintf+0x30/0x30 [ 1046.222885][T21399] netlink_broadcast+0x37/0x50 [ 1046.227662][T21399] kobject_uevent_net_broadcast+0x497/0x530 [ 1046.233565][T21399] kobject_uevent_env+0x550/0x8c0 [ 1046.238595][T21399] __kobject_del+0xd2/0x300 [ 1046.243121][T21399] ? kobject_put+0x22d/0x470 [ 1046.247853][T21399] kobject_put+0x239/0x470 [ 1046.252295][T21399] netdev_queue_update_kobjects+0x3ed/0x480 [ 1046.258628][T21399] ? kobject_put+0x435/0x470 [ 1046.263342][T21399] netif_set_real_num_tx_queues+0x183/0x8e0 [ 1046.269253][T21399] ? netif_set_real_num_tx_queues+0x718/0x8e0 [ 1046.275338][T21399] veth_init_queues+0x83/0x180 [ 1046.280209][T21399] veth_newlink+0x9a9/0xc30 [ 1046.284730][T21399] ? veth_validate+0x1f0/0x1f0 [ 1046.289545][T21399] ? rtnl_create_link+0x30e/0xd00 [ 1046.294574][T21399] ? rtnetlink_rcv_msg+0x7c7/0xf10 [ 1046.299800][T21399] ? netlink_rcv_skb+0x216/0x480 [ 1046.304757][T21399] ? netlink_unicast+0x751/0x8d0 [ 1046.310005][T21399] ? __sys_sendto+0x46a/0x620 [ 1046.314709][T21399] ? __x64_sys_sendto+0xde/0xf0 [ 1046.319780][T21399] ? do_syscall_64+0x55/0xb0 [ 1046.324541][T21399] ? __asan_memcpy+0x40/0x70 [ 1046.329151][T21399] ? alloc_netdev_mqs+0xc34/0x1040 [ 1046.334283][T21399] ? validate_linkmsg+0x719/0x910 [ 1046.339326][T21399] ? veth_validate+0x1f0/0x1f0 [ 1046.344123][T21399] rtnl_newlink+0x14d0/0x2020 [ 1046.349026][T21399] ? rtnl_newlink+0x491/0x2020 [ 1046.353810][T21399] ? rtnl_setlink+0x4b0/0x4b0 [ 1046.358800][T21399] ? rtnl_setlink+0x4b0/0x4b0 [ 1046.364287][T21399] rtnetlink_rcv_msg+0x7c7/0xf10 [ 1046.369246][T21399] ? rtnetlink_rcv_msg+0x1eb/0xf10 [ 1046.374382][T21399] ? rtnetlink_bind+0x80/0x80 [ 1046.379092][T21399] ? mark_lock+0x94/0x320 [ 1046.383532][T21399] ? __lock_acquire+0x1260/0x7c80 [ 1046.388587][T21399] ? __kernel_text_address+0xd/0x30 [ 1046.393817][T21399] ? mark_lock+0x94/0x320 [ 1046.398155][T21399] ? mark_lock+0x94/0x320 [ 1046.402508][T21399] ? __lock_acquire+0x1260/0x7c80 [ 1046.407566][T21399] ? kmalloc_reserve+0x95/0x260 [ 1046.412517][T21399] ? verify_lock_unused+0x140/0x140 [ 1046.417746][T21399] netlink_rcv_skb+0x216/0x480 [ 1046.422616][T21399] ? rtnetlink_bind+0x80/0x80 [ 1046.427302][T21399] ? netlink_ack+0x1110/0x1110 [ 1046.432075][T21399] ? __lock_acquire+0x7c80/0x7c80 [ 1046.437115][T21399] ? net_generic+0x1e/0x240 [ 1046.441708][T21399] ? netlink_deliver_tap+0x2e/0x1b0 [ 1046.446908][T21399] netlink_unicast+0x751/0x8d0 [ 1046.451680][T21399] netlink_sendmsg+0x8c1/0xbe0 [ 1046.456460][T21399] ? netlink_getsockopt+0x580/0x580 [ 1046.461731][T21399] ? aa_sock_msg_perm+0x94/0x150 [ 1046.466687][T21399] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 1046.471987][T21399] ? security_socket_sendmsg+0x80/0xa0 [ 1046.477478][T21399] __sys_sendto+0x46a/0x620 [ 1046.482092][T21399] ? __ia32_sys_getpeername+0x90/0x90 [ 1046.487489][T21399] ? _raw_spin_unlock_irq+0x23/0x50 [ 1046.492698][T21399] ? lockdep_hardirqs_on_prepare+0x400/0x760 [ 1046.498685][T21399] ? lock_chain_count+0x20/0x20 [ 1046.503563][T21399] __x64_sys_sendto+0xde/0xf0 [ 1046.508536][T21399] do_syscall_64+0x55/0xb0 [ 1046.513029][T21399] ? clear_bhb_loop+0x40/0x90 [ 1046.517957][T21399] ? clear_bhb_loop+0x40/0x90 [ 1046.522758][T21399] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 1046.528712][T21399] RIP: 0033:0x7f88e2b90a3c [ 1046.533157][T21399] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 1046.553224][T21399] RSP: 002b:00007ffe2e1bd340 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 1046.562974][T21399] RAX: ffffffffffffffda RBX: 00007f88e3904620 RCX: 00007f88e2b90a3c [ 1046.570959][T21399] RDX: 0000000000000068 RSI: 00007f88e3904670 RDI: 0000000000000003 [ 1046.578936][T21399] RBP: 0000000000000000 R08: 00007ffe2e1bd394 R09: 000000000000000c [ 1046.586908][T21399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003 [ 1046.594967][T21399] R13: 0000000000000000 R14: 00007f88e3904670 R15: 0000000000000000 [ 1046.602955][T21399] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1046.650396][T21004] Bluetooth: hci0: command tx timeout [ 1046.687520][T21399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1046.839037][T21399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1046.950741][T17636] hsr_slave_0: left promiscuous mode [ 1046.958805][T17636] hsr_slave_1: left promiscuous mode [ 1047.984887][T17636] bond0 (unregistering): Released all slaves [ 1048.078203][T18213] lo speed is unknown, defaulting to 1000 [ 1048.620649][T17636] IPVS: stop unused estimator thread 0... [ 1048.709510][T17636] tipc: Disabling bearer [ 1048.715479][T17636] tipc: Left network mode [ 1049.212366][T17636] dvmrp0 (unregistering): left allmulticast mode [ 1049.553106][T17636] bridge_slave_1: left allmulticast mode [ 1049.558793][T17636] bridge_slave_1: left promiscuous mode [ 1049.564631][T17636] bridge0: port 2(bridge_slave_1) entered disabled state [ 1049.573152][T17636] bridge_slave_0: left allmulticast mode [ 1049.578927][T17636] bridge_slave_0: left promiscuous mode [ 1049.584667][T17636] bridge0: port 1(bridge_slave_0) entered disabled state [ 1049.597034][T17636] hsr_slave_0: left promiscuous mode [ 1049.603122][T17636] hsr_slave_1: left promiscuous mode [ 1049.608981][T17636] bridge_slave_1: left allmulticast mode [ 1049.614775][T17636] bridge_slave_1: left promiscuous mode [ 1049.620458][T17636] bridge0: port 2(bridge_slave_1) entered disabled state [ 1049.629086][T17636] bridge_slave_0: left allmulticast mode [ 1049.634983][T17636] bridge_slave_0: left promiscuous mode [ 1049.640982][T17636] bridge0: port 1(bridge_slave_0) entered disabled state [ 1049.651941][T17636] veth1_macvtap: left promiscuous mode [ 1049.657652][T17636] veth0_macvtap: left promiscuous mode [ 1049.663400][T17636] veth1_vlan: left promiscuous mode [ 1049.668693][T17636] veth0_vlan: left promiscuous mode [ 1049.746298][T17636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1049.761595][T17636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1049.823568][T17636] bond0 (unregistering): Released all slaves [ 1050.023988][T17636] team0 (unregistering): Port device team_slave_1 removed [ 1050.068036][T17636] team0 (unregistering): Port device team_slave_0 removed [ 1050.115078][T17636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1050.156071][T17636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1050.252439][T17636] bond0 (unregistering): Released all slaves [ 1050.788335][T17636] tipc: Disabling bearer [ 1050.793599][T17636] tipc: Left network mode [ 1051.446587][T17636] hsr_slave_0: left promiscuous mode [ 1051.454907][T17636] hsr_slave_1: left promiscuous mode [ 1051.461527][T17636] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1051.481115][T17636] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1051.489321][T17636] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1051.497031][T17636] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1051.505128][T17636] bridge_slave_1: left allmulticast mode [ 1051.510993][T17636] bridge_slave_1: left promiscuous mode [ 1051.516915][T17636] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.526188][T17636] bridge_slave_0: left allmulticast mode [ 1051.532918][T17636] bridge_slave_0: left promiscuous mode [ 1051.539271][T17636] bridge0: port 1(bridge_slave_0) entered disabled state [ 1051.550822][T17636] veth1_macvtap: left promiscuous mode [ 1051.556626][T17636] veth0_macvtap: left promiscuous mode [ 1051.562287][T17636] veth1_vlan: left promiscuous mode [ 1051.567662][T17636] veth0_vlan: left promiscuous mode [ 1051.809693][T17636] team0 (unregistering): Port device team_slave_1 removed [ 1051.849893][T17636] team0 (unregistering): Port device team_slave_0 removed [ 1051.887320][T17636] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1051.925241][T17636] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1052.008311][T17636] bond0 (unregistering): Released all slaves [ 1054.886743][ T1289] ieee802154 phy0 wpan0: encryption failed: -22