last executing test programs: 11.983610431s ago: executing program 2 (id=1159): sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x80, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='module_request\x00', r5, 0x0, 0x9135}, 0x18) socket$inet6(0xa, 0x0, 0xc) 1.846014072s ago: executing program 4 (id=1268): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x80, 0xffffffffffffffff, 0x40, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffe, 0x80010000, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.760099974s ago: executing program 0 (id=1269): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff}) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20) close(r3) 1.759472494s ago: executing program 2 (id=1270): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x0, &(0x7f0000000a40)={[{@min_batch_time={'min_batch_time', 0x3d, 0x200}}]}, 0x1, 0x439, &(0x7f0000001240)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==") openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a) set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x2) r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast2}}}, 0x135) setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x1, @local}}}, 0x108) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000070000000000000000000085000000230000009500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) mount_setattr(0xffffffffffffffff, &(0x7f0000000180)='.\x00', 0x8100, &(0x7f0000001dc0)={0xf, 0x84, 0x20000}, 0x20) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r3, 0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffe00}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10) linkat(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0xffffffffffffffff, 0x0, 0x0) unshare(0x2c020400) r6 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000003c0)=0x14) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r7 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7}) mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) mq_timedsend(r7, 0x0, 0x0, 0x0, 0x0) 1.654727326s ago: executing program 0 (id=1271): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10) fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000) 1.472008518s ago: executing program 0 (id=1273): r0 = socket(0x840000000002, 0x3, 0xff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10) sendmmsg$inet(r0, &(0x7f0000000440)=[{{&(0x7f00000001c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000200)="a9050000000074640000000000003552bde5c064c6", 0x15}, {&(0x7f00000002c0)="174640b6d80fb2eedc81ba60ccbb9d", 0xf}], 0x2}}, {{&(0x7f00000004c0)={0x2, 0x4e24, @multicast1}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000340)="5825be57aff9352b356be67ca2746357d1787935", 0x14}], 0x1}}], 0x2, 0x4004040) 1.36131185s ago: executing program 4 (id=1274): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000002d40)='kfree\x00', r1, 0x0, 0xb}, 0x18) setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[], 0x18) 1.3481574s ago: executing program 0 (id=1275): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[@ANYBLOB="6c00000010000304002000003c0e77897399f655", @ANYRES32=0x0, @ANYBLOB="15020000000000003c0012800b00010067726574617000002c00028006000f000700000006000f0000800000060011004e220000080007007f000001050013000000000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r2, @ANYBLOB], 0x6c}, 0x1, 0xba01}, 0x0) 1.156167363s ago: executing program 4 (id=1276): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) 1.093121214s ago: executing program 4 (id=1278): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={{0x14}, [@NFT_MSG_NEWRULE={0x94, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x68, 0x4, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_INFO={0x2c, 0x3, "ebae551382395afa4d23edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad"}, @NFTA_MATCH_NAME={0xa, 0x1, 'limit\x00'}]}}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xbc}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800) 999.785455ms ago: executing program 0 (id=1280): r0 = syz_io_uring_setup(0x339e, &(0x7f0000000300)={0x0, 0x0, 0x800}, &(0x7f0000002480), &(0x7f0000000400)) io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000002380)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x20) 907.553527ms ago: executing program 0 (id=1281): socket$inet_icmp(0x2, 0x2, 0x1) r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x10000}, 0x18) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18) sendfile(r1, r1, 0x0, 0xb) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCSIFDSTADDR(r5, 0x8918, &(0x7f0000000280)={'veth0_to_bond\x00', {0x2, 0x4e21, @rand_addr=0x401}}) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3000000000080041007278650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x24004000) connect$unix(0xffffffffffffffff, 0x0, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x24, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x0) syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[], 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB], 0x2c}}, 0x0) r10 = socket$nl_rdma(0x10, 0x3, 0x14) unshare(0x62040200) sendmsg$RDMA_NLDEV_CMD_DELLINK(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf25080001000000000024fdbbf84a46b79407da04bc8040ea95820a72618619820382098fa9259482cd8b654859116e208f6044344e5f8c0f8dc30b047f1f1b6e053ecd4035cd5c456b860fe089d0a969ba839ea73273b04631"], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 895.683686ms ago: executing program 4 (id=1282): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f00000001c0)=@id={0x1e, 0x3, 0x0, {0x4e24}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) bind$tipc(r0, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x4, 0x1}}, 0x10) sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24000850}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000008c0)=@newqdisc={0x68, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0xffe0, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x48}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5}, @TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0xfffffff8}, @TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x68}}, 0x4000) r2 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f0000000180)={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x37}, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000002300)="f8224fca25268d54a82fe59223eb3aebd02c0e0033aab0a485e87cf62dee2c3dbb12f6a8d1950d3b818291b63b8f47fda96cbf40dbbd236cb262c6e631df95dac66207fe3666018607ab1e276a8b94537cc4297e4092560f2e8d14da3b2525d7399d12a066ea49303c9b7577dc3b633958df9dde3d3923b2077c7be89a0c92e947f555214561d32142bd7d1f6ea5b8089144f7f615858743a973bab75a5fcf2ce81695cdff86cdd8d92db66465b6c616e2adedc5edaf9e8ca739a8d6d4dea32bba993816982aede18afd862a588a986afef8fdfcd009f3ac4dcd45865db819001aa5ce9cee87015207b389b90f5e42ec01f9f7e4d45b19aeaa5609c1d281fde639e795ad6b14d149a749af5181198d66285c5e437c6c5abd44105aa385854e40881c6648b733728d3f0dfd9635c34d098a6f01e13d2111c6ac0eae061b62578c930d85f8312bcdff95c4c5c7b482ebf9ae74321927fccff78ec283ea13a81cf84295a35838565b0e70c2474b440a58c63f2c5bf4e7a632c9553e525f57d63efc1cfc8e729827cf3f7a39b1655006bd5531c5f5f19eacc91ec4864f115b824de3dca16ce26df37c5896d57d7a6eaf879d9d53453684bb31cb55c170bf580441c1f51bb6126f80a5fa6e24b9cc85c54cc3acd429535dd637fe4d055493b9e823d26c74219ca4edd083bcb9bacb85663e1ddd8d99cf93e757068bd0d11f795c5d4821d276ef7db74338f5616272753c05b0ab70f36f842d5396b832c45728f979b76ef9c8933ccae2fd0c39cdb4dc37a6c594d166a98d0f206de0fdfda4ab9f9fb39593e59fdcb15ae5a80b1ed2c8f125095cd94cb9e41bfd3e583fb45177277454a6d54e94ec255095d603e9fae1f7edb87439714713d835d42d89f4e1b44be6f58eee9fd4e869db3c6a2fbc9382a14020e344e6e184b738c42b58a033d1cae2aeb99cefd6c9a7061fac74c302aae6aaafb9a09487c03aaff4ab20ceeb6d66cb394df9bc3d9aa193faf44b9232ad77ea0c53d817ae93b802f56fb431f87957caf760b9ee383d2cf97113d28c983d2da3db2dcc444e85bb839e82428692a4b31ca3839454afb240d51df33b6f5dc6b305331dff75a1aa17f059d01f4e43fc73c22f0835095d6e7c2b4f66c12570a5f53fff142713c8aee1997eec943b1fbc8fc160d4f21452ab860605423c17ab4e02a960861690cbd9c3460851bddc687911a0768a7667b3e2407940bbc49a7195888117da2b238e1d098c994c0a75773aeef483ee38877ad282da17124e9bbb8ec3f9ec10f1452b67f6eed36d95fdbb28476707d46630df8ff8e951eb282798c1944dcdc262b8e8185f4a5f5803d0d2736c2df5f4c3f85bc7ec96a3dc52539740acb92a902438b85a963005921b1bd2ade728505d5a956ce058aef3941c7e4fbc00a6db53e307d214df98dbde074ee52e12aa1e4add53e1ebd900b9223d7351e76524dcfc88d616a5cef7e78c73e069ccea6cd1b8e24b394e7e4043b7a756e891d465d76638e1f15ee97b7954ba54df59c9c8ac7336c3b8b67e645538a65fc186fbad9fee6dc2a73a038c92d5135b9008ab4bca33fc060e831cfb3b6ab32f52a47fc14be77de6ebe135d631737f1cc26b0e3ff010a2bf6059000698d21abf52aee1b3885555e1148af2f0ba1510f2465b2d768f7ff59022ddc2dc97df8b67c5ac4e50c3e1212014fb8c3742919f799ebf36e8f3a311f7a40d69f4216242fdb1c96025a22f660a0c34fdc1c32dd03407e326a1471930f8212235d39a344fae9d74ed070c95433b1924191cd94c354f4f199fae607843b9d1791afe4550a20af9cbd8c263bede64141b9acdacdaf029e1b8b39f71d5b8c570b838c8eb331fa68ee0b7f6c0a9d091def15074aff7e89fcf405cccc69055701f1d585a8f4be052910cfca4f578b7844873391ce798be390374a39e3033421d75e80f2080", 0x568}], 0x1}}], 0x1, 0x4001c00) 773.708448ms ago: executing program 4 (id=1283): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x800700, &(0x7f0000000580)={[{@grpjquota}, {@stripe={'stripe', 0x3d, 0x3}}, {@norecovery}, {@noinit_itable}, {@resgid}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@debug}, {@dioread_lock}, {@noblock_validity}, {@noquota}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1") chdir(&(0x7f0000000400)='./file0\x00') openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x1, @loopback, 0x2}]}, &(0x7f00000002c0)=0x10) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f00000000c0)={r1, @in6={{0xa, 0x4e20, 0x7, @loopback, 0x3}}, 0x3, 0x8003}, 0x90) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, @fallback=0x3c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x14, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000118110000", @ANYRESOCT=0x0, @ANYBLOB="0000000000000000b702000014002000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) r4 = inotify_init1(0x0) inotify_add_watch(r4, &(0x7f0000000400)='.\x00', 0xa4000021) read(r4, 0x0, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa0200, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r6 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, 0x0) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r7) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) r8 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000000314010028bd8100fbdbdf250900020073797a310000000008004100727865001400330076657468305f766972745f7769666900"], 0x38}, 0x1, 0x0, 0x0, 0x48084}, 0x24008050) socket$nl_route(0x10, 0x3, 0x0) 772.730378ms ago: executing program 1 (id=1293): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f00000001c0)=@id={0x1e, 0x3, 0x0, {0x4e24}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) bind$tipc(r0, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x4, 0x1}}, 0x10) sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x24000850}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000008c0)=@newqdisc={0x68, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0xffe0, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x48}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5}, @TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0xfffffff8}, @TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x68}}, 0x4000) r2 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f0000000180)={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x37}, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000002300)="f8224fca25268d54a82fe59223eb3aebd02c0e0033aab0a485e87cf62dee2c3dbb12f6a8d1950d3b818291b63b8f47fda96cbf40dbbd236cb262c6e631df95dac66207fe3666018607ab1e276a8b94537cc4297e4092560f2e8d14da3b2525d7399d12a066ea49303c9b7577dc3b633958df9dde3d3923b2077c7be89a0c92e947f555214561d32142bd7d1f6ea5b8089144f7f615858743a973bab75a5fcf2ce81695cdff86cdd8d92db66465b6c616e2adedc5edaf9e8ca739a8d6d4dea32bba993816982aede18afd862a588a986afef8fdfcd009f3ac4dcd45865db819001aa5ce9cee87015207b389b90f5e42ec01f9f7e4d45b19aeaa5609c1d281fde639e795ad6b14d149a749af5181198d66285c5e437c6c5abd44105aa385854e40881c6648b733728d3f0dfd9635c34d098a6f01e13d2111c6ac0eae061b62578c930d85f8312bcdff95c4c5c7b482ebf9ae74321927fccff78ec283ea13a81cf84295a35838565b0e70c2474b440a58c63f2c5bf4e7a632c9553e525f57d63efc1cfc8e729827cf3f7a39b1655006bd5531c5f5f19eacc91ec4864f115b824de3dca16ce26df37c5896d57d7a6eaf879d9d53453684bb31cb55c170bf580441c1f51bb6126f80a5fa6e24b9cc85c54cc3acd429535dd637fe4d055493b9e823d26c74219ca4edd083bcb9bacb85663e1ddd8d99cf93e757068bd0d11f795c5d4821d276ef7db74338f5616272753c05b0ab70f36f842d5396b832c45728f979b76ef9c8933ccae2fd0c39cdb4dc37a6c594d166a98d0f206de0fdfda4ab9f9fb39593e59fdcb15ae5a80b1ed2c8f125095cd94cb9e41bfd3e583fb45177277454a6d54e94ec255095d603e9fae1f7edb87439714713d835d42d89f4e1b44be6f58eee9fd4e869db3c6a2fbc9382a14020e344e6e184b738c42b58a033d1cae2aeb99cefd6c9a7061fac74c302aae6aaafb9a09487c03aaff4ab20ceeb6d66cb394df9bc3d9aa193faf44b9232ad77ea0c53d817ae93b802f56fb431f87957caf760b9ee383d2cf97113d28c983d2da3db2dcc444e85bb839e82428692a4b31ca3839454afb240d51df33b6f5dc6b305331dff75a1aa17f059d01f4e43fc73c22f0835095d6e7c2b4f66c12570a5f53fff142713c8aee1997eec943b1fbc8fc160d4f21452ab860605423c17ab4e02a960861690cbd9c3460851bddc687911a0768a7667b3e2407940bbc49a7195888117da2b238e1d098c994c0a75773aeef483ee38877ad282da17124e9bbb8ec3f9ec10f1452b67f6eed36d95fdbb28476707d46630df8ff8e951eb282798c1944dcdc262b8e8185f4a5f5803d0d2736c2df5f4c3f85bc7ec96a3dc52539740acb92a902438b85a963005921b1bd2ade728505d5a956ce058aef3941c7e4fbc00a6db53e307d214df98dbde074ee52e12aa1e4add53e1ebd900b9223d7351e76524dcfc88d616a5cef7e78c73e069ccea6cd1b8e24b394e7e4043b7a756e891d465d76638e1f15ee97b7954ba54df59c9c8ac7336c3b8b67e645538a65fc186fbad9fee6dc2a73a038c92d5135b9008ab4bca33fc060e831cfb3b6ab32f52a47fc14be77de6ebe135d631737f1cc26b0e3ff010a2bf6059000698d21abf52aee1b3885555e1148af2f0ba1510f2465b2d768f7ff59022ddc2dc97df8b67c5ac4e50c3e1212014fb8c3742919f799ebf36e8f3a311f7a40d69f4216242fdb1c96025a22f660a0c34fdc1c32dd03407e326a1471930f8212235d39a344fae9d74ed070c95433b1924191cd94c354f4f199fae607843b9d1791afe4550a20af9cbd8c263bede64141b9acdacdaf029e1b8b39f71d5b8c570b838c8eb331fa68ee0b7f6c0a9d091def15074aff7e89fcf405cccc69055701f1d585a8f4be052910cfca4f578b7844873391ce798be390374a39e3033421d75e80f2080", 0x568}], 0x1}}], 0x1, 0x4001c00) 753.788129ms ago: executing program 2 (id=1285): syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@discard}, {@bh}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000880)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0) fsetxattr(r3, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0) 709.136569ms ago: executing program 3 (id=1286): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0) sendfile(r3, r2, 0x0, 0x7ffff000) 695.37999ms ago: executing program 1 (id=1287): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0) sendmsg$tipc(r2, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x2000c080) sendmsg$inet(r2, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r1, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) sendmmsg(r1, &(0x7f00000029c0), 0x400006d, 0x20000004) 608.016931ms ago: executing program 3 (id=1288): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) preadv(r0, 0x0, 0x0, 0xa, 0xfffffff9) sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES16, @ANYBLOB="010026bd70003c020000020000000800", @ANYRES32=r1], 0x1c}}, 0x44) 525.528572ms ago: executing program 1 (id=1289): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0) 514.543142ms ago: executing program 3 (id=1290): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x585d}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x840}, 0x0) 277.284186ms ago: executing program 3 (id=1291): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x7f) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0xfffffffffffffffe}, 0x18) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000040000000030a01020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000050900010073797a31000000004c000000050a01020000100000000000010020000c00024000000000000000010900010073797a310000000020000480140003006e657464657673696d300000000000000800014000000005"], 0xd4}}, 0x0) 276.532956ms ago: executing program 1 (id=1292): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94) r1 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r1, &(0x7f0000000080), 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0) sendmsg$can_bcm(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x1d, r2}, 0x10, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYRES32=r1], 0x48}}, 0x0) 191.919337ms ago: executing program 2 (id=1294): r0 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r2}, 0x10) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000380)='$\x00', 0x0) fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r0) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='syzkaller\x00', &(0x7f0000001140)='\xf1\x95\xb3>-\x8c\xd4\r\x01\xfa\xe2{eED\x0e\xaaPV\x11\xff\xb6j\xd4~6\x82^\x9b b', 0x0) fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000580)='\xa3\x04\x00', &(0x7f00000003c0)="c5", 0x1) fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000080)='kfree\x00', &(0x7f0000000180)='\xfa.-\x00', 0x0) close(r0) 115.960148ms ago: executing program 1 (id=1295): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) fcntl$notify(r0, 0x402, 0x4) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0) fcntl$notify(r1, 0x402, 0xd) openat(r1, &(0x7f0000000000)='./file2\x00', 0x143042, 0x0) 110.854868ms ago: executing program 3 (id=1296): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'}) 32.19013ms ago: executing program 2 (id=1297): bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0x52, &(0x7f0000000940)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd601927f2001c2c00fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000e"], 0x0) 31.54939ms ago: executing program 3 (id=1298): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1, 0x0, 0x81}, 0x18) r2 = socket$inet(0xa, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f00000002c0)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x238, 0x238, 0x238, 0x98, 0x98, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@loopback, @multicast1=0xe0007600, 0x0, 0x0, 'gre0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x0, 0x11}, 0x7a00, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'wg1\x00', 'nicvf0\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb8, 0x100, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x0, 0x28, 0x0, 0x0, 0x0, 0x1}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@dev={0xfe, 0x80, '\x00', 0x18}, 'veth0_virt_wifi\x00', {0x7}}}}, {{@ip={@rand_addr, @private, 0xffffffff, 0xff, 'syzkaller0\x00', 'veth1_to_team\x00', {}, {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@empty, @empty, 0xff000000, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x4, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470) 31.25287ms ago: executing program 1 (id=1299): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r0, &(0x7f00000001c0)=@id={0x1e, 0x3, 0x0, {0x4e24}}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r0, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x3, 0x4}}, 0x10) bind$tipc(r1, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10) bind$tipc(r0, &(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x3, {0x41, 0x4, 0x1}}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000004640)={&(0x7f00000008c0)=@newqdisc={0x68, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xffff}, {0xffff, 0xffff}, {0xffe0, 0xffe0}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x34, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0x6}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x48}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5}, @TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0xfffffff8}, @TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x68}}, 0x4000) r2 = socket$inet6(0xa, 0x80002, 0x0) sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f0000000180)={0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, '\x00', 0x37}, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000002300)="f8224fca25268d54a82fe59223eb3aebd02c0e0033aab0a485e87cf62dee2c3dbb12f6a8d1950d3b818291b63b8f47fda96cbf40dbbd236cb262c6e631df95dac66207fe3666018607ab1e276a8b94537cc4297e4092560f2e8d14da3b2525d7399d12a066ea49303c9b7577dc3b633958df9dde3d3923b2077c7be89a0c92e947f555214561d32142bd7d1f6ea5b8089144f7f615858743a973bab75a5fcf2ce81695cdff86cdd8d92db66465b6c616e2adedc5edaf9e8ca739a8d6d4dea32bba993816982aede18afd862a588a986afef8fdfcd009f3ac4dcd45865db819001aa5ce9cee87015207b389b90f5e42ec01f9f7e4d45b19aeaa5609c1d281fde639e795ad6b14d149a749af5181198d66285c5e437c6c5abd44105aa385854e40881c6648b733728d3f0dfd9635c34d098a6f01e13d2111c6ac0eae061b62578c930d85f8312bcdff95c4c5c7b482ebf9ae74321927fccff78ec283ea13a81cf84295a35838565b0e70c2474b440a58c63f2c5bf4e7a632c9553e525f57d63efc1cfc8e729827cf3f7a39b1655006bd5531c5f5f19eacc91ec4864f115b824de3dca16ce26df37c5896d57d7a6eaf879d9d53453684bb31cb55c170bf580441c1f51bb6126f80a5fa6e24b9cc85c54cc3acd429535dd637fe4d055493b9e823d26c74219ca4edd083bcb9bacb85663e1ddd8d99cf93e757068bd0d11f795c5d4821d276ef7db74338f5616272753c05b0ab70f36f842d5396b832c45728f979b76ef9c8933ccae2fd0c39cdb4dc37a6c594d166a98d0f206de0fdfda4ab9f9fb39593e59fdcb15ae5a80b1ed2c8f125095cd94cb9e41bfd3e583fb45177277454a6d54e94ec255095d603e9fae1f7edb87439714713d835d42d89f4e1b44be6f58eee9fd4e869db3c6a2fbc9382a14020e344e6e184b738c42b58a033d1cae2aeb99cefd6c9a7061fac74c302aae6aaafb9a09487c03aaff4ab20ceeb6d66cb394df9bc3d9aa193faf44b9232ad77ea0c53d817ae93b802f56fb431f87957caf760b9ee383d2cf97113d28c983d2da3db2dcc444e85bb839e82428692a4b31ca3839454afb240d51df33b6f5dc6b305331dff75a1aa17f059d01f4e43fc73c22f0835095d6e7c2b4f66c12570a5f53fff142713c8aee1997eec943b1fbc8fc160d4f21452ab860605423c17ab4e02a960861690cbd9c3460851bddc687911a0768a7667b3e2407940bbc49a7195888117da2b238e1d098c994c0a75773aeef483ee38877ad282da17124e9bbb8ec3f9ec10f1452b67f6eed36d95fdbb28476707d46630df8ff8e951eb282798c1944dcdc262b8e8185f4a5f5803d0d2736c2df5f4c3f85bc7ec96a3dc52539740acb92a902438b85a963005921b1bd2ade728505d5a956ce058aef3941c7e4fbc00a6db53e307d214df98dbde074ee52e12aa1e4add53e1ebd900b9223d7351e76524dcfc88d616a5cef7e78c73e069ccea6cd1b8e24b394e7e4043b7a756e891d465d76638e1f15ee97b7954ba54df59c9c8ac7336c3b8b67e645538a65fc186fbad9fee6dc2a73a038c92d5135b9008ab4bca33fc060e831cfb3b6ab32f52a47fc14be77de6ebe135d631737f1cc26b0e3ff010a2bf6059000698d21abf52aee1b3885555e1148af2f0ba1510f2465b2d768f7ff59022ddc2dc97df8b67c5ac4e50c3e1212014fb8c3742919f799ebf36e8f3a311f7a40d69f4216242fdb1c96025a22f660a0c34fdc1c32dd03407e326a1471930f8212235d39a344fae9d74ed070c95433b1924191cd94c354f4f199fae607843b9d1791afe4550a20af9cbd8c263bede64141b9acdacdaf029e1b8b39f71d5b8c570b838c8eb331fa68ee0b7f6c0a9d091def15074aff7e89fcf405cccc69055701f1d585a8f4be052910cfca4f578b7844873391ce798be390374a39e3033421d75e80f2080", 0x568}], 0x1}}], 0x1, 0x4001c00) 0s ago: executing program 2 (id=1300): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x6, 0x0, 0x0, 0x4}]}, 0x10) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f0000000240)=ANY=[], 0xfdef) kernel console output (not intermixed with test programs): TDEV_CHANGE): vlan1: link becomes ready [ 48.865334][ T4031] device veth0_vlan entered promiscuous mode [ 48.867450][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 48.870468][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 48.887569][ T4029] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.896162][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 48.898902][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 48.902196][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 48.904922][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 48.920432][ T4029] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.922865][ T4037] device veth0_macvtap entered promiscuous mode [ 48.926615][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 48.929090][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 48.932069][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 48.934789][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 48.937356][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 48.940717][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 48.942888][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 48.946269][ T4030] device veth0_vlan entered promiscuous mode [ 48.950299][ T4031] device veth1_vlan entered promiscuous mode [ 48.954973][ T4029] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.957382][ T4029] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.960458][ T4029] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.962423][ T4029] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.975959][ T4037] device veth1_macvtap entered promiscuous mode [ 48.993589][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 48.996229][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 48.998621][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.009206][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 49.012773][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 49.016906][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 49.021010][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 49.024587][ T4042] device veth0_vlan entered promiscuous mode [ 49.036001][ T4030] device veth1_vlan entered promiscuous mode [ 49.047573][ T4042] device veth1_vlan entered promiscuous mode [ 49.063633][ T4037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.066374][ T4037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.072207][ T4037] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.085107][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.087781][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.111212][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.115510][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.121622][ T4037] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.124136][ T4037] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.127649][ T4037] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.137376][ T4031] device veth0_macvtap entered promiscuous mode [ 49.144254][ T4031] device veth1_macvtap entered promiscuous mode [ 49.155854][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.158230][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.160741][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.165467][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.167940][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.174740][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.184416][ T4037] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.186613][ T4037] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.188775][ T4037] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.191908][ T4037] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.197864][ T4030] device veth0_macvtap entered promiscuous mode [ 49.213245][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.215957][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 49.218452][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 49.226752][ T4030] device veth1_macvtap entered promiscuous mode [ 49.255493][ T4042] device veth0_macvtap entered promiscuous mode [ 49.259176][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.266879][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.270719][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.272300][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.275091][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.277576][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.283566][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.286296][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.288860][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 49.292204][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 49.294619][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.297332][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.318826][ T4042] device veth1_macvtap entered promiscuous mode [ 49.328758][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.332564][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.335073][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.337646][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.341635][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.344266][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.348075][ T4030] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.353854][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.356519][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.358921][ T4031] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.362586][ T4031] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.367241][ T4031] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.380986][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 49.383693][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.386322][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.388676][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.391898][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.408373][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.414806][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.417259][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.418041][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.422303][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.425080][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.427318][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.430532][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.432860][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.435231][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.438839][ T4042] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.444131][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.446553][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.448853][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.453012][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.455455][ T4030] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.457926][ T4030] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.462552][ T4030] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.466230][ T4031] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.468495][ T4031] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.473233][ T4031] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.475507][ T4031] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.485951][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.488313][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 49.497053][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 49.500906][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.503660][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.518255][ T4030] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.521113][ T4030] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.523260][ T4030] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.525337][ T4030] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.557348][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.563092][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.565514][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.567891][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.574898][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.577382][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.580544][ T4042] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.583761][ T4042] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.587514][ T4042] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.623264][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 49.626969][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 49.642733][ T4042] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.644936][ T4042] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.647092][ T4042] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.653595][ T4042] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.669549][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.669821][ T4108] loop0: detected capacity change from 0 to 1024 [ 49.671535][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.681559][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 49.782554][ T1614] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.784462][ T1614] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.794667][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 49.972225][ T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.974254][ T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.009661][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 50.014175][ T1624] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.016203][ T1624] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.020391][ T1614] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.022410][ T1614] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.069692][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 50.072356][ T355] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 50.087818][ T355] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.092460][ T355] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.097479][ T4111] syz.3.4 uses obsolete (PF_INET,SOCK_PACKET) [ 50.729791][ T4078] Bluetooth: hci0: command 0x040f tx timeout [ 50.741071][ T21] Bluetooth: hci1: command 0x040f tx timeout [ 50.746651][ T1624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 50.793473][ T4115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.795603][ T4115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.809675][ T2477] Bluetooth: hci4: command 0x040f tx timeout [ 50.811583][ T2477] Bluetooth: hci2: command 0x040f tx timeout [ 50.816008][ T4118] tipc: Can't bind to reserved service type 1 [ 50.827690][ T4113] Bluetooth: hci3: command 0x040f tx timeout [ 50.878848][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 50.909079][ T4120] loop0: detected capacity change from 0 to 1024 [ 50.971281][ T1624] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 50.973421][ T1624] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 50.982580][ T4115] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 51.174863][ T4122] loop3: detected capacity change from 0 to 8192 [ 51.176774][ T4128] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3'. [ 51.222983][ T4126] loop4: detected capacity change from 0 to 8192 [ 51.224583][ T4130] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'. [ 51.255921][ T4122] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal [ 51.268529][ T4126] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal [ 51.271350][ T4126] REISERFS (device loop4): using ordered data mode [ 51.273052][ T4126] reiserfs: using flush barriers [ 51.275682][ T4126] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.286140][ T4126] REISERFS (device loop4): checking transaction log (loop4) [ 51.294176][ T4122] REISERFS (device loop3): using ordered data mode [ 51.295765][ T4122] reiserfs: using flush barriers [ 51.335091][ T4122] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30 [ 51.339728][ T4122] REISERFS (device loop3): checking transaction log (loop3) [ 51.945600][ T4122] REISERFS (device loop3): Using tea hash to sort names [ 51.953364][ T4122] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage. [ 52.146767][ T4126] REISERFS (device loop4): Using tea hash to sort names [ 52.148720][ T4126] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage. [ 54.078902][ T4074] Bluetooth: hci1: command 0x0419 tx timeout [ 54.081656][ T4074] Bluetooth: hci0: command 0x0419 tx timeout [ 54.094098][ T4074] Bluetooth: hci3: command 0x0419 tx timeout [ 54.095606][ T4074] Bluetooth: hci2: command 0x0419 tx timeout [ 54.099649][ T4074] Bluetooth: hci4: command 0x0419 tx timeout [ 54.734003][ T4167] loop3: detected capacity change from 0 to 1024 [ 54.770339][ T4167] ======================================================= [ 54.770339][ T4167] WARNING: The mand mount option has been deprecated and [ 54.770339][ T4167] and is ignored by this kernel. Remove the mand [ 54.770339][ T4167] option from the mount to silence this warning. [ 54.770339][ T4167] ======================================================= [ 54.828308][ T4167] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 55.087234][ T26] audit: type=1326 audit(55.060:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.096454][ T4196] loop2: detected capacity change from 0 to 512 [ 55.104086][ T26] audit: type=1326 audit(55.060:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.127473][ T26] audit: type=1326 audit(55.100:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.128428][ T4196] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001) [ 55.152445][ T4196] FAT-fs (loop2): Filesystem has been set read-only [ 55.153828][ T26] audit: type=1326 audit(55.100:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.172377][ T26] audit: type=1326 audit(55.100:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.195690][ T26] audit: type=1326 audit(55.100:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.203894][ T26] audit: type=1326 audit(55.100:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.215125][ T26] audit: type=1326 audit(55.100:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.220825][ T26] audit: type=1326 audit(55.100:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.226407][ T26] audit: type=1326 audit(55.100:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4192 comm="syz.0.33" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 55.673221][ T4239] loop3: detected capacity change from 0 to 512 [ 55.712271][ T4239] EXT4-fs (loop3): Ignoring removed oldalloc option [ 55.732529][ T4239] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.54: Parent and EA inode have the same ino 15 [ 55.737539][ T4239] EXT4-fs (loop3): Remounting filesystem read-only [ 55.746140][ T4239] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 55.750147][ T4239] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.54: Parent and EA inode have the same ino 15 [ 55.754725][ T4239] EXT4-fs (loop3): Remounting filesystem read-only [ 55.756816][ T4239] EXT4-fs (loop3): 1 orphan inode deleted [ 55.758298][ T4239] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,abort,debug_want_extra_isize=0x000000000000005e,noauto_da_alloc,bsdgroups,oldalloc,mb_optimize_scan=0x0000000000000001,. Quota mode: none. [ 55.963537][ T4254] mmap: syz.3.60 (4254) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 55.987605][ T4254] netlink: 16 bytes leftover after parsing attributes in process `syz.3.60'. [ 56.004956][ T4254] netlink: 88 bytes leftover after parsing attributes in process `syz.3.60'. [ 56.130445][ T4266] netlink: 12 bytes leftover after parsing attributes in process `syz.4.67'. [ 56.197670][ T4270] loop1: detected capacity change from 0 to 1024 [ 56.242792][ T4270] EXT4-fs (loop1): inline encryption not supported [ 56.244840][ T4270] EXT4-fs (loop1): Ignoring removed orlov option [ 56.272950][ T4270] EXT4-fs (loop1): mounted filesystem without journal. Opts: inlinecrypt,bsddf,sysvgroups,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,stripe=0x0000000000000001,,errors=continue. Quota mode: none. [ 56.835495][ T4303] loop0: detected capacity change from 0 to 512 [ 56.918904][ T4303] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 56.940852][ T4303] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 56.943002][ T4303] System zones: 1-12 [ 56.944588][ T4303] EXT4-fs (loop0): orphan cleanup on readonly fs [ 56.964463][ T4303] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.82: bg 0: block 296: padding at end of block bitmap is not set [ 56.976596][ T4303] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 56.981140][ T4303] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.82: invalid indirect mapped block 12 (level 1) [ 56.985180][ T4303] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.82: invalid indirect mapped block 2 (level 2) [ 57.005061][ T4303] EXT4-fs (loop0): 1 truncate cleaned up [ 57.006416][ T4303] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,,errors=continue. Quota mode: none. [ 57.307072][ T4333] netlink: 8 bytes leftover after parsing attributes in process `syz.1.97'. [ 57.398610][ T4314] infiniband syz!: set active [ 57.412715][ T4314] infiniband syz!: added team_slave_0 [ 57.421730][ T4339] loop1: detected capacity change from 0 to 512 [ 57.458821][ T4314] RDS/IB: syz!: added [ 57.469820][ T4314] smc: adding ib device syz! with port count 1 [ 57.475676][ T4314] smc: ib device syz! port 1 has pnetid [ 57.502222][ T4339] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 57.685680][ T4352] ALSA: seq fatal error: cannot create timer (-19) [ 58.481746][ T4381] device ip6tnl1 entered promiscuous mode [ 58.933407][ T4404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.127'. [ 58.982392][ T4404] netlink: 4 bytes leftover after parsing attributes in process `syz.3.127'. [ 58.989953][ T4404] device hsr_slave_0 left promiscuous mode [ 58.997612][ T4410] process 'syz.2.131' launched './file2' with NULL argv: empty string added [ 59.036729][ T4404] device hsr_slave_1 left promiscuous mode [ 59.289854][ T4430] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 59.295804][ T4432] netem: unknown loss type 0 [ 59.297140][ T4432] netem: change failed [ 59.464310][ T4428] loop4: detected capacity change from 0 to 8192 [ 59.692873][ T4428] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.702594][ T4450] netlink: 'syz.3.149': attribute type 7 has an invalid length. [ 59.986595][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 59.991425][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 59.994721][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 59.999045][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.005708][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.008751][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.015856][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.031136][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.041356][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.048359][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.055170][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.061331][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.066597][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.073127][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.078826][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.086897][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.093603][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.099070][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.110572][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.117036][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.123506][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.131742][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.137044][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.143876][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.149185][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.164697][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.173627][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.182234][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.188678][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.196568][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.205228][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.213336][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.223170][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.232720][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.234774][ T4470] loop4: detected capacity change from 0 to 2048 [ 60.239937][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.245325][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.248480][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.259079][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.264703][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.269013][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.281182][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.285473][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.294331][ T13] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0 [ 60.306767][ T13] hid-generic 0000:0000:20000000.0001: hidraw0: HID v0.01 Device [syz0] on syz1 [ 60.327134][ T4470] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 60.674597][ T4493] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 60.763302][ T4497] loop0: detected capacity change from 0 to 256 [ 60.788173][ T26] kauditd_printk_skb: 67 callbacks suppressed [ 60.788185][ T26] audit: type=1326 audit(60.760:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4498 comm="syz.2.171" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 60.797100][ T4497] FAT-fs (loop0): Unrecognized mount option "" or missing value [ 60.803612][ T26] audit: type=1326 audit(60.780:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4498 comm="syz.2.171" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 60.828928][ T26] audit: type=1326 audit(60.780:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4498 comm="syz.2.171" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=102 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 60.855720][ T26] audit: type=1326 audit(60.780:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4498 comm="syz.2.171" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 60.876554][ T26] audit: type=1326 audit(60.780:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4498 comm="syz.2.171" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 60.897335][ T26] audit: type=1326 audit(60.780:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4500 comm="syz.4.168" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 60.914582][ T4506] IPVS: stopping backup sync thread 4507 ... [ 60.916788][ T26] audit: type=1326 audit(60.800:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4500 comm="syz.4.168" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=174 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 60.932000][ T26] audit: type=1326 audit(60.800:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4500 comm="syz.4.168" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 61.042992][ T4515] netlink: 8 bytes leftover after parsing attributes in process `syz.3.178'. [ 61.097584][ T4515] loop3: detected capacity change from 0 to 1024 [ 61.119121][ T4515] EXT4-fs (loop3): inline encryption not supported [ 61.121338][ T4515] EXT4-fs (loop3): Ignoring removed orlov option [ 61.153314][ T26] audit: type=1326 audit(61.130:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4519 comm="syz.4.180" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 61.163207][ T26] audit: type=1326 audit(61.140:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.2.181" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 61.186112][ T4515] EXT4-fs (loop3): mounted filesystem without journal. Opts: inlinecrypt,bsddf,sysvgroups,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,stripe=0x0000000000000001,,errors=continue. Quota mode: none. [ 61.561408][ T4539] vhci_hcd: default hub control req: 0007 v0003 i0005 l0 [ 61.656367][ T4545] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22 [ 61.658699][ T4545] netdevsim netdevsim3: Direct firmware load for . failed with error -22 [ 61.661060][ T4545] netdevsim netdevsim3: Falling back to sysfs fallback for: . [ 62.162819][ T4561] loop4: detected capacity change from 0 to 512 [ 62.558720][ T4567] loop3: detected capacity change from 0 to 512 [ 62.633017][ T4567] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 62.651175][ T4569] sch_fq: defrate 0 ignored. [ 62.700294][ T4567] EXT4-fs (loop3): 1 orphan inode deleted [ 62.701580][ T4567] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 62.917823][ T4578] device pim6reg1 entered promiscuous mode [ 63.058625][ T4581] loop2: detected capacity change from 0 to 2048 [ 63.114492][ T4581] EXT4-fs (loop2): Ignoring removed bh option [ 63.175448][ T4581] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 64.241311][ T136] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 64.247671][ T136] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 64.264967][ T136] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.264967][ T136] [ 64.271662][ T4595] netlink: 12 bytes leftover after parsing attributes in process `syz.0.208'. [ 64.271921][ T136] EXT4-fs (loop2): Total free blocks count 0 [ 64.275635][ T136] EXT4-fs (loop2): Free/Dirty block details [ 64.277066][ T136] EXT4-fs (loop2): free_blocks=2415919104 [ 64.278521][ T136] EXT4-fs (loop2): dirty_blocks=432 [ 64.287574][ T4595] smc: net device bond0 applied user defined pnetid SYZ0 [ 64.299742][ T4595] smc: net device bond0 erased user defined pnetid SYZ0 [ 64.319344][ T136] EXT4-fs (loop2): Block reservation details [ 64.321357][ T136] EXT4-fs (loop2): i_reserved_data_blocks=27 [ 64.324083][ T136] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 406 with error 28 [ 64.336036][ T136] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.336036][ T136] [ 64.413353][ T4597] netlink: 20 bytes leftover after parsing attributes in process `syz.3.210'. [ 65.129647][ T4616] loop0: detected capacity change from 0 to 1024 [ 65.603266][ T4616] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:476: comm syz.0.214: Invalid block bitmap block 0 in block_group 0 [ 65.613069][ T4616] EXT4-fs error (device loop0): ext4_acquire_dquot:6197: comm syz.0.214: Failed to acquire dquot type 0 [ 65.631701][ T4616] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.214: Freeing blocks not in datazone - block = 0, count = 4096 [ 65.649684][ T4616] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.214: Invalid inode bitmap blk 0 in block_group 0 [ 65.655114][ T4616] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 65.675048][ T4115] EXT4-fs error (device loop0): ext4_release_dquot:6220: comm kworker/u4:7: Failed to release dquot type 0 [ 65.679220][ T4616] EXT4-fs (loop0): 1 orphan inode deleted [ 65.680788][ T4616] EXT4-fs (loop0): mounted filesystem without journal. Opts: ; nobarrier,grpid,,errors=continue. Quota mode: writeback. [ 66.079285][ C1] sched: RT throttling activated [ 66.113653][ T26] kauditd_printk_skb: 268 callbacks suppressed [ 66.113665][ T26] audit: type=1326 audit(66.090:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.175075][ T26] audit: type=1326 audit(67.150:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.184651][ T26] audit: type=1326 audit(67.150:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.259465][ T26] audit: type=1326 audit(67.150:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.308314][ T26] audit: type=1326 audit(67.180:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.356179][ T26] audit: type=1326 audit(67.180:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.389347][ T26] audit: type=1326 audit(67.180:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.450579][ T26] audit: type=1326 audit(67.180:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.497523][ T26] audit: type=1326 audit(67.180:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 67.552780][ T26] audit: type=1326 audit(67.180:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4615 comm="syz.3.217" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 68.424757][ T4657] netlink: 'syz.4.231': attribute type 13 has an invalid length. [ 69.071017][ T4657] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.073983][ T4657] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.621662][ T2057] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.623758][ T1961] cfg80211: failed to load regulatory.db [ 69.623756][ T2057] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.769983][ T4657] rdma_rxe: ignoring netdev event = 10 for team_slave_0 [ 69.784742][ T4657] rdma_rxe: ignoring netdev event = 27 for team_slave_0 [ 69.788291][ T4657] infiniband syz!: set down [ 69.790376][ T4657] rdma_rxe: ignoring netdev event = 30 for team_slave_0 [ 69.831435][ T4657] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 69.865267][ T4657] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 70.268374][ T4657] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.270816][ T4657] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.273013][ T4657] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.275311][ T4657] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.494853][ T4658] netlink: 28 bytes leftover after parsing attributes in process `syz.3.226'. [ 70.497157][ T4658] netlink: 28 bytes leftover after parsing attributes in process `syz.3.226'. [ 70.642321][ T4686] rdma_op 000000003a671a81 conn xmit_rdma 0000000000000000 [ 70.698247][ T4689] loop4: detected capacity change from 0 to 1024 [ 70.777189][ T4689] EXT4-fs (loop4): inline encryption not supported [ 70.781747][ T4689] EXT4-fs (loop4): Ignoring removed orlov option [ 70.847504][ T4689] EXT4-fs (loop4): mounted filesystem without journal. Opts: inlinecrypt,bsddf,sysvgroups,jqfmt=vfsv0,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,stripe=0x0000000000000001,,errors=continue. Quota mode: none. [ 71.025637][ T4710] loop0: detected capacity change from 0 to 512 [ 71.127202][ T4710] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,auto_da_alloc,minixdf,,errors=continue. Quota mode: writeback. [ 71.328395][ T26] kauditd_printk_skb: 36 callbacks suppressed [ 71.328417][ T26] audit: type=1326 audit(71.300:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4725 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 71.335944][ T26] audit: type=1326 audit(71.300:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4725 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=265 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 71.352809][ T26] audit: type=1326 audit(71.300:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4725 comm="syz.0.259" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 71.428695][ T4732] syz.1.262 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 72.375208][ T4740] netlink: 8 bytes leftover after parsing attributes in process `syz.3.266'. [ 72.496103][ T4745] netlink: 24 bytes leftover after parsing attributes in process `syz.2.267'. [ 72.591889][ T4749] loop4: detected capacity change from 0 to 1024 [ 72.592237][ T4752] xt_hashlimit: max too large, truncated to 1048576 [ 72.699740][ T4758] netlink: 16 bytes leftover after parsing attributes in process `syz.2.274'. [ 72.702112][ T4762] netlink: 9 bytes leftover after parsing attributes in process `syz.1.275'. [ 72.716260][ T26] audit: type=1326 audit(72.690:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 72.721901][ T26] audit: type=1326 audit(72.690:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=432 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 72.747275][ T4749] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 72.776929][ T26] audit: type=1326 audit(72.690:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4766 comm="syz.0.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 72.869559][ T26] audit: type=1326 audit(72.850:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4748 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 72.875036][ T26] audit: type=1326 audit(72.850:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4748 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 72.889530][ T26] audit: type=1326 audit(72.850:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4748 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 72.894738][ T26] audit: type=1326 audit(72.850:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4748 comm="syz.4.270" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 72.968108][ T4781] Zero length message leads to an empty skb [ 73.132064][ T4789] Cannot find set identified by id 0 to match [ 73.158953][ T4792] loop4: detected capacity change from 0 to 512 [ 73.226757][ T4796] loop0: detected capacity change from 0 to 2048 [ 73.230029][ T4800] loop2: detected capacity change from 0 to 512 [ 73.276154][ T4796] loop0: p1 < > p4 [ 73.286351][ T4796] loop0: p4 size 8388608 extends beyond EOD, truncated [ 73.295391][ T3643] loop0: p1 < > p4 [ 73.297390][ T3643] loop0: p4 size 8388608 extends beyond EOD, truncated [ 73.303686][ T4800] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback. [ 73.324834][ T4792] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 73.341225][ T4792] netlink: 180900 bytes leftover after parsing attributes in process `gtp'. [ 73.357521][ T4792] openvswitch: netlink: Flow actions attr not present in new flow. [ 73.565211][ T4819] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.567255][ T4819] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.617039][ T4824] device bridge_slave_1 left promiscuous mode [ 73.623850][ T4824] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.659549][ T4823] loop1: detected capacity change from 0 to 2048 [ 73.710708][ T4823] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 73.717923][ T4824] device bridge_slave_0 left promiscuous mode [ 73.725179][ T4824] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.230926][ T4344] udevd[4344]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 74.232284][ T4021] udevd[4021]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 74.446176][ T4345] udevd[4345]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 74.510845][ T4021] udevd[4021]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 75.115010][ T4897] loop4: detected capacity change from 0 to 1024 [ 75.125819][ T4900] capability: warning: `syz.2.336' uses deprecated v2 capabilities in a way that may be insecure [ 75.211199][ T4897] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 75.286640][ T4908] netlink: 132 bytes leftover after parsing attributes in process `syz.3.339'. [ 75.324202][ T4910] loop2: detected capacity change from 0 to 1024 [ 75.411947][ T4910] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 75.509697][ T4918] loop3: detected capacity change from 0 to 128 [ 75.861370][ T4934] 9pnet: Could not find request transport: f [ 75.904371][ T4937] netlink: 20 bytes leftover after parsing attributes in process `syz.2.348'. [ 77.066642][ T4981] SET target dimension over the limit! [ 77.236826][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 77.236838][ T26] audit: type=1326 audit(77.210:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.245218][ T26] audit: type=1326 audit(77.220:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.264506][ T26] audit: type=1326 audit(77.230:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.298940][ T26] audit: type=1326 audit(77.230:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.341681][ T4996] 9pnet: Insufficient options for proto=fd [ 77.346741][ T26] audit: type=1326 audit(77.230:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.357378][ T26] audit: type=1326 audit(77.230:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.378626][ T26] audit: type=1326 audit(77.230:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.398201][ T5000] loop2: detected capacity change from 0 to 512 [ 77.402113][ T26] audit: type=1326 audit(77.230:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.407560][ T26] audit: type=1326 audit(77.230:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.446503][ T26] audit: type=1326 audit(77.230:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4989 comm="syz.1.375" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 77.546058][ T5000] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 77.548872][ T5000] EXT4-fs (loop2): orphan cleanup on readonly fs [ 77.554029][ T5000] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm syz.2.379: casefold flag without casefold feature [ 77.559844][ T5000] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.379: couldn't read orphan inode 16 (err -117) [ 77.570020][ T5000] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 77.802084][ T5019] loop4: detected capacity change from 0 to 512 [ 77.859411][ T5019] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 77.872410][ T5019] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002] [ 77.875171][ T5019] EXT4-fs (loop4): orphan cleanup on readonly fs [ 77.889730][ T5019] EXT4-fs error (device loop4): ext4_clear_blocks:883: inode #11: comm syz.4.390: attempt to clear invalid blocks 1024 len 1 [ 77.893651][ T5019] EXT4-fs (loop4): Remounting filesystem read-only [ 77.896591][ T5019] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.390: bg 0: block 361: padding at end of block bitmap is not set [ 77.944946][ T5019] EXT4-fs (loop4): Remounting filesystem read-only [ 77.947360][ T5019] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 77.955277][ T5019] EXT4-fs (loop4): Remounting filesystem read-only [ 77.959931][ T5019] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.390: invalid indirect mapped block 1811939328 (level 0) [ 77.989458][ T5019] EXT4-fs (loop4): Remounting filesystem read-only [ 77.991141][ T5019] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.390: invalid indirect mapped block 2185560079 (level 1) [ 78.024967][ T5019] EXT4-fs (loop4): Remounting filesystem read-only [ 78.027451][ T5019] EXT4-fs (loop4): 1 truncate cleaned up [ 78.028994][ T5019] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,noblock_validity,discard,errors=remount-ro,data_err=ignore. Quota mode: none. [ 78.316124][ T5053] udc-core: couldn't find an available UDC or it's busy [ 78.317798][ T5053] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 78.516040][ T5061] ALSA: seq fatal error: cannot create timer (-22) [ 78.948239][ T5075] netlink: 'syz.2.410': attribute type 27 has an invalid length. [ 79.705815][ T5075] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.707940][ T5075] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.150244][ C1] vcan0: j1939_tp_rxtimer: 0x00000000938f6605: rx timeout, send abort [ 80.507292][ T5117] loop4: detected capacity change from 0 to 164 [ 80.555490][ T5075] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 80.614034][ T5075] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 80.653109][ C1] vcan0: j1939_tp_rxtimer: 0x00000000938f6605: abort rx timeout. Force session deactivation [ 81.147948][ T5075] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.150484][ T5075] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.152995][ T5075] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.155471][ T5075] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 81.384933][ T5078] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 81.387883][ T5078] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.392390][ T5078] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.439619][ T5078] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 81.478759][ T5126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.430'. [ 81.496906][ T5126] device bridge_slave_1 left promiscuous mode [ 81.498608][ T5126] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.573477][ T5133] loop0: detected capacity change from 0 to 2048 [ 81.721601][ T5143] netlink: 36 bytes leftover after parsing attributes in process `+}[@'. [ 81.739826][ T5133] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,barrier=0x0000000000000005,norecovery,discard,dioread_lock,grpquota,barrier=0x0000000000000000,grpjquota=,max_dir_size_kb=0x0000000000000007,,errors=continue. Quota mode: writeback. [ 81.826275][ T5151] netlink: 24 bytes leftover after parsing attributes in process `syz.1.438'. [ 81.845760][ T5156] netlink: 56 bytes leftover after parsing attributes in process `syz.3.441'. [ 81.890008][ T5160] loop3: detected capacity change from 0 to 164 [ 82.165345][ T5175] loop4: detected capacity change from 0 to 512 [ 82.224771][ T5175] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback. [ 82.271657][ T5179] loop1: detected capacity change from 0 to 2048 [ 82.365629][ T5179] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 82.409810][ T5149] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set [ 82.502805][ T5198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.460'. [ 82.626790][ T5204] IPv6: Can't replace route, no match found [ 82.814572][ T26] kauditd_printk_skb: 69 callbacks suppressed [ 82.814585][ T26] audit: type=1326 audit(82.790:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.834182][ T26] audit: type=1326 audit(82.810:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.852424][ T26] audit: type=1326 audit(82.820:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.877319][ T26] audit: type=1326 audit(82.820:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.898685][ T26] audit: type=1326 audit(82.820:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.916663][ T26] audit: type=1326 audit(82.820:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.948591][ T26] audit: type=1326 audit(82.820:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.976246][ T26] audit: type=1326 audit(82.820:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 82.997018][ T26] audit: type=1326 audit(82.820:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 83.017555][ T26] audit: type=1326 audit(82.820:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5216 comm="syz.2.468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 83.070580][ T5234] netlink: 108 bytes leftover after parsing attributes in process `syz.3.474'. [ 83.279929][ T5246] loop3: detected capacity change from 0 to 512 [ 83.355443][ T5246] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.483: bg 0: block 248: padding at end of block bitmap is not set [ 83.406075][ T5246] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.483: Failed to acquire dquot type 1 [ 83.453716][ T5246] EXT4-fs (loop3): 1 truncate cleaned up [ 83.461082][ T5246] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 84.600736][ T5278] loop4: detected capacity change from 0 to 2048 [ 84.747984][ T5282] netlink: 20 bytes leftover after parsing attributes in process `syz.3.496'. [ 84.817024][ T5286] netlink: 4 bytes leftover after parsing attributes in process `syz.0.497'. [ 84.827973][ T5290] loop3: detected capacity change from 0 to 512 [ 84.942334][ T5290] EXT4-fs (loop3): Ignoring removed orlov option [ 84.955238][ T5290] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.500: casefold flag without casefold feature [ 84.969991][ T5290] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.500: couldn't read orphan inode 15 (err -117) [ 84.996609][ T5290] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,orlov,,errors=continue. Quota mode: writeback. [ 85.138985][ T5299] loop4: detected capacity change from 0 to 512 [ 85.177754][ T5299] EXT4-fs warning (device loop4): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount [ 85.177754][ T5299] [ 85.367241][ T5310] loop0: detected capacity change from 0 to 512 [ 85.487282][ T5310] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 85.778807][ T5341] loop3: detected capacity change from 0 to 512 [ 85.810880][ T5343] xt_CT: You must specify a L4 protocol and not use inversions on it [ 85.843814][ T5341] EXT4-fs warning (device loop3): ext4_multi_mount_protect:340: MMP startup interrupted, failing mount [ 85.843814][ T5341] [ 86.007609][ T5352] xt_CT: You must specify a L4 protocol and not use inversions on it [ 86.220344][ T5361] netlink: 4 bytes leftover after parsing attributes in process `syz.3.532'. [ 87.277830][ T5387] rdma_op 0000000097958c4c conn xmit_rdma 0000000000000000 [ 87.307830][ T5390] loop0: detected capacity change from 0 to 2048 [ 87.345439][ T5396] loop4: detected capacity change from 0 to 1024 [ 87.347196][ T5390] EXT4-fs (loop0): Ignoring removed mblk_io_submit option [ 87.350575][ T5395] netlink: 28 bytes leftover after parsing attributes in process `syz.3.545'. [ 87.352806][ T5395] netlink: 28 bytes leftover after parsing attributes in process `syz.3.545'. [ 87.441451][ T5390] EXT4-fs (loop0): mounted filesystem without journal. Opts: mblk_io_submit,auto_da_alloc,,errors=continue. Quota mode: none. [ 87.482465][ T5406] netlink: 28 bytes leftover after parsing attributes in process `syz.1.550'. [ 87.497570][ T5390] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: none. [ 87.509057][ T5396] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none. [ 87.528607][ T5396] EXT4-fs (loop4): shut down requested (0) [ 87.873895][ T5439] netlink: 28 bytes leftover after parsing attributes in process `syz.3.559'. [ 88.046693][ T26] kauditd_printk_skb: 26 callbacks suppressed [ 88.046706][ T26] audit: type=1326 audit(88.020:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.071677][ T26] audit: type=1326 audit(88.050:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.081337][ T26] audit: type=1326 audit(88.060:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.098186][ T26] audit: type=1326 audit(88.060:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.104019][ T26] audit: type=1326 audit(88.060:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.107895][ T26] audit: type=1326 audit(88.060:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.122383][ T26] audit: type=1326 audit(88.060:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.139134][ T5456] netlink: 4 bytes leftover after parsing attributes in process `syz.2.566'. [ 88.146330][ T26] audit: type=1326 audit(88.060:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.147115][ T5456] netlink: 4 bytes leftover after parsing attributes in process `syz.2.566'. [ 88.155179][ T26] audit: type=1326 audit(88.060:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.173638][ T26] audit: type=1326 audit(88.060:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5448 comm="syz.1.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 88.703443][ T5495] loop3: detected capacity change from 0 to 512 [ 88.818958][ T5495] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 89.797641][ T5510] loop2: detected capacity change from 0 to 2048 [ 89.858463][ T5517] loop1: detected capacity change from 0 to 128 [ 89.913624][ T5510] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 90.091831][ T5532] netlink: 16 bytes leftover after parsing attributes in process `syz.2.596'. [ 90.163956][ T5541] x_tables: duplicate underflow at hook 2 [ 90.198799][ T5544] tipc: Started in network mode [ 90.201456][ T5544] tipc: Node identity 4, cluster identity 4711 [ 90.202993][ T5544] tipc: Node number set to 4 [ 90.323595][ T5550] loop4: detected capacity change from 0 to 512 [ 90.352268][ T5554] netlink: 4 bytes leftover after parsing attributes in process `syz.0.609'. [ 90.365876][ T5550] EXT4-fs (loop4): Unrecognized mount option "rootcontext=user_u" or missing value [ 91.145858][ T5582] netlink: 'syz.1.621': attribute type 9 has an invalid length. [ 91.153005][ T5582] netlink: 'syz.1.621': attribute type 1 has an invalid length. [ 91.157627][ T5582] netlink: 79 bytes leftover after parsing attributes in process `syz.1.621'. [ 91.629627][ T5593] ksmbd: Unknown IPC event: 0, ignore. [ 92.749474][ T5610] xt_CT: No such helper "syz0" [ 93.147783][ T26] kauditd_printk_skb: 74 callbacks suppressed [ 93.147798][ T26] audit: type=1326 audit(93.120:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.155018][ T26] audit: type=1326 audit(93.120:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.184984][ T26] audit: type=1326 audit(93.120:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.213937][ T26] audit: type=1326 audit(93.120:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.234542][ T26] audit: type=1326 audit(93.120:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.275726][ T26] audit: type=1326 audit(93.130:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.310075][ T26] audit: type=1326 audit(93.130:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.325280][ T26] audit: type=1326 audit(93.130:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.346659][ T26] audit: type=1326 audit(93.130:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=155 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.350532][ T5642] netlink: 32 bytes leftover after parsing attributes in process `syz.3.648'. [ 93.379599][ T26] audit: type=1326 audit(93.130:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5627 comm="syz.3.641" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 93.482627][ T5653] autofs4:pid:5653:autofs_fill_super: called with bogus options [ 93.486265][ T5652] netlink: 28 bytes leftover after parsing attributes in process `syz.2.652'. [ 93.488584][ T5652] netlink: 108 bytes leftover after parsing attributes in process `syz.2.652'. [ 93.513263][ T5652] netlink: 28 bytes leftover after parsing attributes in process `syz.2.652'. [ 93.529930][ T5652] netlink: 108 bytes leftover after parsing attributes in process `syz.2.652'. [ 93.532739][ T5652] netlink: 84 bytes leftover after parsing attributes in process `syz.2.652'. [ 93.791785][ T5670] loop4: detected capacity change from 0 to 128 [ 94.022260][ T5681] binfmt_misc: register: failed to install interpreter file ./file2 [ 94.069540][ T5686] netlink: 36 bytes leftover after parsing attributes in process `syz.3.668'. [ 94.300300][ T5704] loop3: detected capacity change from 0 to 1024 [ 94.389112][ T5704] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 94.449629][ T5704] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 94.471796][ T5704] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28 [ 94.502355][ T5704] EXT4-fs (loop3): This should not happen!! Data will be lost [ 94.502355][ T5704] [ 94.504718][ T5704] EXT4-fs (loop3): Total free blocks count 0 [ 94.506101][ T5704] EXT4-fs (loop3): Free/Dirty block details [ 94.507681][ T5704] EXT4-fs (loop3): free_blocks=68451041280 [ 94.566967][ T5704] EXT4-fs (loop3): dirty_blocks=16 [ 94.568386][ T5704] EXT4-fs (loop3): Block reservation details [ 94.601734][ T5704] EXT4-fs (loop3): i_reserved_data_blocks=1 [ 94.606395][ T5714] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28 [ 94.628787][ T5714] EXT4-fs (loop3): This should not happen!! Data will be lost [ 94.628787][ T5714] [ 94.639950][ T5718] loop1: detected capacity change from 0 to 512 [ 94.665676][ T5720] netlink: 16 bytes leftover after parsing attributes in process `syz.4.681'. [ 94.726936][ T5718] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.680: bg 0: block 35: padding at end of block bitmap is not set [ 94.760669][ T5718] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 94.784392][ T5718] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.680: invalid indirect mapped block 4294967295 (level 1) [ 94.803048][ T5718] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.680: invalid indirect mapped block 4294967295 (level 2) [ 94.821547][ T5718] EXT4-fs (loop1): 1 truncate cleaned up [ 94.822825][ T5718] EXT4-fs (loop1): mounted filesystem without journal. Opts: nolazytime,data_err=ignore,,errors=continue. Quota mode: none. [ 94.951379][ T5732] netlink: 'syz.4.687': attribute type 4 has an invalid length. [ 95.007683][ T5732] netlink: 'syz.4.687': attribute type 4 has an invalid length. [ 95.077316][ T5735] loop0: detected capacity change from 0 to 2048 [ 95.143923][ T5735] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 96.117392][ T5749] lo speed is unknown, defaulting to 1000 [ 96.119144][ T5749] lo speed is unknown, defaulting to 1000 [ 96.130904][ T5749] lo speed is unknown, defaulting to 1000 [ 96.134284][ T5749] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 96.144685][ T5752] netlink: 16 bytes leftover after parsing attributes in process `syz.3.695'. [ 96.187504][ T5753] loop4: detected capacity change from 0 to 512 [ 96.203612][ T5749] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 96.224906][ T5749] lo speed is unknown, defaulting to 1000 [ 96.227172][ T5749] lo speed is unknown, defaulting to 1000 [ 96.228990][ T5749] lo speed is unknown, defaulting to 1000 [ 96.240327][ T5753] EXT4-fs (loop4): Ignoring removed oldalloc option [ 96.261064][ T5749] lo speed is unknown, defaulting to 1000 [ 96.270285][ T5753] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.697: Parent and EA inode have the same ino 15 [ 96.271872][ T5749] lo speed is unknown, defaulting to 1000 [ 96.291248][ T5749] lo speed is unknown, defaulting to 1000 [ 96.292843][ T5753] EXT4-fs (loop4): Remounting filesystem read-only [ 96.294492][ T5753] EXT4-fs error (device loop4): ext4_xattr_inode_iget:400: comm syz.4.697: Parent and EA inode have the same ino 15 [ 96.318061][ T5749] lo speed is unknown, defaulting to 1000 [ 96.333630][ T5753] EXT4-fs (loop4): Remounting filesystem read-only [ 96.335244][ T5753] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.697: inode #261888: comm syz.4.697: iget: illegal inode # [ 96.369505][ T5753] EXT4-fs (loop4): Remounting filesystem read-only [ 96.371159][ T5753] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.697: error while reading EA inode 261888 err=-117 [ 96.405193][ T5753] EXT4-fs (loop4): Remounting filesystem read-only [ 96.406869][ T5753] EXT4-fs (loop4): 1 orphan inode deleted [ 96.408200][ T5753] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,debug_want_extra_isize=0x0000000000000040,noauto_da_alloc,jqfmt=vfsv1,oldalloc,init_itable,. Quota mode: none. [ 96.423263][ T5762] netlink: 8 bytes leftover after parsing attributes in process `syz.3.700'. [ 97.157752][ T5773] netlink: 'syz.3.706': attribute type 4 has an invalid length. [ 97.206203][ T5800] netlink: 'syz.2.716': attribute type 25 has an invalid length. [ 97.592707][ T5814] IPv6: Can't replace route, no match found [ 97.673020][ T5816] hub 4-0:1.0: USB hub found [ 97.686011][ T5816] hub 4-0:1.0: 8 ports detected [ 98.685197][ T5823] xt_CT: No such helper "syz0" [ 98.787756][ T5830] loop1: detected capacity change from 0 to 512 [ 98.833289][ T5832] device bridge0 entered promiscuous mode [ 98.837971][ T5832] device macvlan2 entered promiscuous mode [ 98.849857][ T5832] bridge0: port 3(macvlan2) entered blocking state [ 98.851609][ T5832] bridge0: port 3(macvlan2) entered disabled state [ 98.863007][ T5832] device bridge0 left promiscuous mode [ 98.964598][ T26] kauditd_printk_skb: 25 callbacks suppressed [ 98.964611][ T26] audit: type=1326 audit(98.940:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 98.975576][ T26] audit: type=1326 audit(98.950:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.004868][ T5836] loop2: detected capacity change from 0 to 256 [ 99.012822][ T26] audit: type=1326 audit(98.950:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.018321][ T26] audit: type=1326 audit(98.960:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.034129][ T26] audit: type=1326 audit(98.960:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=79 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.047065][ T26] audit: type=1326 audit(98.960:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.063623][ T26] audit: type=1326 audit(98.960:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=180 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.076180][ T26] audit: type=1326 audit(98.960:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.091435][ T26] audit: type=1326 audit(98.960:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=426 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.107595][ T26] audit: type=1326 audit(98.970:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5833 comm="syz.2.732" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 99.900596][ T5860] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4) [ 99.902244][ T5860] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 99.916688][ T5860] vhci_hcd vhci_hcd.0: Device attached [ 99.940910][ T5861] vhci_hcd: connection closed [ 99.950869][ T1624] vhci_hcd: stop threads [ 99.953517][ T1624] vhci_hcd: release socket [ 99.954705][ T1624] vhci_hcd: disconnect device [ 100.536594][ T5883] __nla_validate_parse: 2 callbacks suppressed [ 100.536608][ T5883] netlink: 16 bytes leftover after parsing attributes in process `syz.3.753'. [ 100.560878][ T5885] netlink: 16 bytes leftover after parsing attributes in process `syz.1.755'. [ 100.563116][ T5885] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 100.564619][ T5883] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 101.024051][ T5916] netlink: 16 bytes leftover after parsing attributes in process `syz.1.769'. [ 101.040598][ T5916] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 101.271265][ T5928] 9p: Unknown uid 18446744073709551615 [ 101.634327][ T5943] netlink: 48 bytes leftover after parsing attributes in process `syz.4.781'. [ 101.814387][ T4076] lo speed is unknown, defaulting to 1000 [ 101.816193][ T5057] lo speed is unknown, defaulting to 1000 [ 102.125477][ T5953] netlink: 16 bytes leftover after parsing attributes in process `syz.4.782'. [ 102.142505][ T5953] bond0: (slave bond_slave_0): Slave does not support ipsec offload [ 102.272899][ T5958] netlink: 8 bytes leftover after parsing attributes in process `syz.3.785'. [ 102.387961][ T5964] loop4: detected capacity change from 0 to 128 [ 102.603062][ T5979] IPv4: Oversized IP packet from 127.202.26.0 [ 102.636041][ T5983] netlink: 76 bytes leftover after parsing attributes in process `syz.0.800'. [ 102.707230][ T5991] loop3: detected capacity change from 0 to 128 [ 102.939197][ T148] attempt to access beyond end of device [ 102.939197][ T148] loop3: rw=1, want=516, limit=128 [ 102.959427][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.809'. [ 102.994550][ T6011] loop2: detected capacity change from 0 to 512 [ 103.147026][ T6011] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback. [ 103.257136][ T6034] sock: sock_timestamping_bind_phc: sock not bind to device [ 103.423630][ T6036] netlink: 4 bytes leftover after parsing attributes in process `syz.4.820'. [ 104.178462][ T6039] netlink: 332 bytes leftover after parsing attributes in process `syz.0.821'. [ 104.188531][ T6039] netlink: 'syz.0.821': attribute type 9 has an invalid length. [ 104.318289][ T6040] lo speed is unknown, defaulting to 1000 [ 104.418904][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 104.418918][ T26] audit: type=1326 audit(104.390:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 104.426232][ T26] audit: type=1326 audit(104.390:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=5 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 104.475100][ T6052] loop3: detected capacity change from 0 to 1024 [ 104.479699][ T26] audit: type=1326 audit(104.390:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 104.485384][ T26] audit: type=1326 audit(104.400:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=10 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 104.522198][ T26] audit: type=1326 audit(104.400:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6055 comm="syz.1.829" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 104.528239][ T6052] EXT4-fs (loop3): Ignoring removed nobh option [ 104.540524][ T6052] EXT4-fs (loop3): inline encryption not supported [ 104.542326][ T6052] EXT4-fs (loop3): Ignoring removed bh option [ 104.543985][ T6052] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 104.593036][ T6052] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,nojournal_checksum,errors=remount-ro,dioread_lock,jqfmt=vfsv1,dioread_nolock,data_err=ignore,grpquota,nobh,inlinecrypt,bh,auto_da_alloc=0x0000000000006522,journal_ioprio=0x0000000000000005,. Quota mode: writeback. [ 104.651128][ T6068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.653785][ T6068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.656304][ T6068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.658948][ T6068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.662302][ T6068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 104.665774][ T6068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.668525][ T6068] device batadv_slave_0 entered promiscuous mode [ 104.710911][ T6068] device batadv_slave_0 left promiscuous mode [ 104.791936][ T6085] autofs4:pid:6085:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e) [ 104.864629][ T6087] device bond1 entered promiscuous mode [ 104.866346][ T6087] 8021q: adding VLAN 0 to HW filter on device bond1 [ 104.880576][ T6087] bond1 (unregistering): Released all slaves [ 105.287950][ T26] audit: type=1326 audit(105.260:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.853" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 105.300244][ T26] audit: type=1326 audit(105.280:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.853" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 105.305227][ T6121] loop2: detected capacity change from 0 to 512 [ 105.325833][ T26] audit: type=1326 audit(105.280:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.853" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=145 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 105.344061][ T6121] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 105.346898][ T26] audit: type=1326 audit(105.280:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.853" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 105.366243][ T26] audit: type=1326 audit(105.280:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6118 comm="syz.3.853" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 105.387364][ T6121] EXT4-fs (loop2): 1 truncate cleaned up [ 105.388817][ T6121] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback. [ 105.734313][ T6147] tipc: Started in network mode [ 105.735507][ T6147] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 105.737531][ T6147] tipc: Enabled bearer , priority 10 [ 106.168932][ T6169] lo speed is unknown, defaulting to 1000 [ 106.569849][ T6180] block device autoloading is deprecated. It will be removed in Linux 5.19 [ 106.933672][ T7] tipc: Node number set to 15444650 [ 107.251134][ T6198] __nla_validate_parse: 10 callbacks suppressed [ 107.251149][ T6198] netlink: 4 bytes leftover after parsing attributes in process `syz.1.890'. [ 107.507216][ T6209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.891'. [ 108.379736][ T6223] netlink: 16 bytes leftover after parsing attributes in process `syz.4.899'. [ 108.384464][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.1.898'. [ 108.467911][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.1.898'. [ 109.045080][ T6237] loop4: detected capacity change from 0 to 1024 [ 109.613136][ T6237] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.901: Invalid block bitmap block 0 in block_group 0 [ 109.627598][ T6237] __quota_error: 10 callbacks suppressed [ 109.627637][ T6237] Quota error (device loop4): write_blk: dquota write failed [ 109.631348][ T6237] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 109.634282][ T6237] EXT4-fs error (device loop4): ext4_acquire_dquot:6197: comm syz.4.901: Failed to acquire dquot type 0 [ 109.658031][ T6237] EXT4-fs error (device loop4): ext4_free_blocks:6223: comm syz.4.901: Freeing blocks not in datazone - block = 0, count = 4096 [ 109.684369][ T6237] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.901: Invalid inode bitmap blk 0 in block_group 0 [ 109.702529][ T292] Quota error (device loop4): remove_tree: Getting block too big (0 >= 8) [ 109.705032][ T292] EXT4-fs error (device loop4): ext4_release_dquot:6220: comm kworker/u4:3: Failed to release dquot type 0 [ 109.716560][ T6237] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 109.732669][ T6237] EXT4-fs (loop4): 1 orphan inode deleted [ 109.734251][ T6237] EXT4-fs (loop4): mounted filesystem without journal. Opts: ; nobarrier,grpid,,errors=continue. Quota mode: writeback. [ 111.247002][ T6237] lo speed is unknown, defaulting to 1000 [ 111.427697][ T6251] loop1: detected capacity change from 0 to 128 [ 111.678297][ T6256] netlink: 4 bytes leftover after parsing attributes in process `syz.0.910'. [ 111.830564][ T6268] loop1: detected capacity change from 0 to 512 [ 111.832411][ T6266] loop4: detected capacity change from 0 to 1024 [ 111.847091][ T6273] netlink: 24 bytes leftover after parsing attributes in process `syz.3.913'. [ 111.864858][ T6272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'. [ 111.875988][ T6266] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 111.897895][ T6272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.916'. [ 111.927737][ T6268] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 111.935911][ T6266] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_nolock,stripe=0x0000000000000003,min_batch_time=0x0000000000000001,nogrpid,debug_want_extra_isize=0x0000000000000080,nodelalloc,errors=remount-ro,acl,auto_da_alloc=0x0000000000000343,jqfmt=vfsold,barrier=0x0000000000. Quota mode: none. [ 112.008005][ T6268] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.915: bg 0: block 441: padding at end of block bitmap is not set [ 112.127649][ T6285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.920'. [ 112.997708][ T6286] netem: change failed [ 113.077030][ T6293] netlink: '+}[@': attribute type 3 has an invalid length. [ 113.161491][ T6296] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled [ 113.177431][ T26] audit: type=1326 audit(113.150:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.205529][ T26] audit: type=1326 audit(113.180:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.213260][ T26] audit: type=1326 audit(113.190:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.230151][ T26] audit: type=1326 audit(113.190:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.235715][ T26] audit: type=1326 audit(113.190:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.305798][ T26] audit: type=1326 audit(113.200:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 113.727774][ T6304] loop1: detected capacity change from 0 to 1024 [ 114.132076][ T26] audit: type=1326 audit(113.200:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 114.586615][ T6304] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:476: comm syz.1.923: Invalid block bitmap block 0 in block_group 0 [ 114.593289][ T6304] EXT4-fs error (device loop1): ext4_acquire_dquot:6197: comm syz.1.923: Failed to acquire dquot type 0 [ 114.600129][ T6304] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.923: Freeing blocks not in datazone - block = 0, count = 4096 [ 114.605150][ T6304] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.923: Invalid inode bitmap blk 0 in block_group 0 [ 114.619384][ T6242] EXT4-fs error (device loop1): ext4_release_dquot:6220: comm kworker/u4:11: Failed to release dquot type 0 [ 114.623640][ T6304] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem [ 114.627800][ T6304] EXT4-fs (loop1): 1 orphan inode deleted [ 114.629368][ T6304] EXT4-fs (loop1): mounted filesystem without journal. Opts: ; nobarrier,grpid,,errors=continue. Quota mode: writeback. [ 115.652738][ T6304] lo speed is unknown, defaulting to 1000 [ 116.183623][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 116.183635][ T26] audit: type=1326 audit(115.170:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffaf13880c code=0x7ffc0000 [ 116.196759][ T26] audit: type=1326 audit(115.180:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaf24887c code=0x7ffc0000 [ 116.234772][ T6310] loop2: detected capacity change from 0 to 2048 [ 116.236461][ T26] audit: type=1326 audit(115.180:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffaf13880c code=0x7ffc0000 [ 116.257304][ T6307] netlink: 4 bytes leftover after parsing attributes in process `syz.3.927'. [ 116.268827][ T26] audit: type=1326 audit(115.180:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaf24887c code=0x7ffc0000 [ 116.282792][ T26] audit: type=1326 audit(115.180:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=77 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 116.291701][ T26] audit: type=1326 audit(115.180:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffaf13880c code=0x7ffc0000 [ 116.297005][ T26] audit: type=1326 audit(115.180:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=139 compat=0 ip=0xffffaf24887c code=0x7ffc0000 [ 116.302899][ T26] audit: type=1326 audit(115.180:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6294 comm="syz.0.933" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=77 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 116.495982][ T6310] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 116.549023][ T6322] netlink: 4 bytes leftover after parsing attributes in process `syz.4.930'. [ 116.553911][ T6324] loop1: detected capacity change from 0 to 512 [ 116.572365][ T6322] netlink: 4 bytes leftover after parsing attributes in process `syz.4.930'. [ 116.678456][ T6324] EXT4-fs (loop1): Ignoring removed nobh option [ 117.332316][ T6324] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #16: comm syz.1.931: corrupted inode contents [ 117.350356][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.352040][ T6324] EXT4-fs error (device loop1): ext4_dirty_inode:6010: inode #16: comm syz.1.931: mark_inode_dirty error [ 117.366483][ T6337] loop0: detected capacity change from 0 to 1024 [ 117.387650][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.400649][ T6324] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #16: comm syz.1.931: corrupted inode contents [ 117.419492][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.423717][ T6335] loop4: detected capacity change from 0 to 2048 [ 117.424099][ T6324] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #16: comm syz.1.931: mark_inode_dirty error [ 117.446070][ T6340] Soft offlining pfn 0x1b0bcc at process virtual address 0x20ffe000 [ 117.457196][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.458927][ T6324] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #16: comm syz.1.931: corrupted inode contents [ 117.482837][ T6335] EXT4-fs (loop4): Ignoring removed nobh option [ 117.484774][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.486370][ T6337] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 117.519507][ T6324] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem [ 117.532956][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.534738][ T6324] EXT4-fs error (device loop1): ext4_do_update_inode:5174: inode #16: comm syz.1.931: corrupted inode contents [ 117.539117][ T6340] Memory failure: 0x1b0bcc: unhandlable page. [ 117.551127][ T6335] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc,nobh,,errors=continue. Quota mode: none. [ 117.566261][ T26] audit: type=1326 audit(117.540:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.2.938" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 117.573681][ T26] audit: type=1326 audit(117.550:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6345 comm="syz.2.938" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff91157d28 code=0x7ffc0000 [ 117.589343][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.591000][ T6324] EXT4-fs error (device loop1): ext4_truncate:4272: inode #16: comm syz.1.931: mark_inode_dirty error [ 117.641815][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.643437][ T6324] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem [ 117.645972][ T6324] EXT4-fs (loop1): Remounting filesystem read-only [ 117.669968][ T6324] EXT4-fs (loop1): 1 truncate cleaned up [ 117.671421][ T6324] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nobh,. Quota mode: writeback. [ 117.856703][ T6361] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 117.895300][ T6364] netlink: 4 bytes leftover after parsing attributes in process `syz.2.944'. [ 118.357762][ T6385] team0: No ports can be present during mode change [ 118.367954][ T6373] lo speed is unknown, defaulting to 1000 [ 118.687794][ T6397] netlink: 4 bytes leftover after parsing attributes in process `syz.3.960'. [ 118.856937][ T6413] loop2: detected capacity change from 0 to 1024 [ 118.904638][ T6413] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 118.907715][ T6413] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 118.923475][ T6413] JBD2: no valid journal superblock found [ 118.926248][ T6413] EXT4-fs (loop2): error loading journal [ 118.938440][ T6418] rdma_rxe: rxe_register_device failed with error -23 [ 118.942848][ T6418] rdma_rxe: failed to add bond0 [ 118.948812][ T6418] netlink: 4 bytes leftover after parsing attributes in process `syz.4.967'. [ 119.065511][ T6418] lo speed is unknown, defaulting to 1000 [ 119.071331][ T6423] smc: removing ib device syz! [ 119.151813][ T6429] Cannot find set identified by id 0 to match [ 119.219825][ T6431] smc: net device bond0 applied user defined pnetid SYZ0 [ 119.510269][ T6452] netlink: 4 bytes leftover after parsing attributes in process `syz.2.978'. [ 119.808024][ T6460] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 119.943189][ T6460] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.036770][ T6460] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.068211][ T6485] netlink: 4 bytes leftover after parsing attributes in process `syz.2.993'. [ 120.131417][ T6460] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 120.150440][ T6487] loop3: detected capacity change from 0 to 512 [ 120.206214][ T6487] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 120.244367][ T6487] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters [ 120.256365][ T6487] EXT4-fs (loop3): 1 truncate cleaned up [ 120.258947][ T6487] EXT4-fs (loop3): mounted filesystem without journal. Opts: lazytime,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000002e,nombcache,quota,quota,,errors=continue. Quota mode: writeback. [ 120.436333][ T6460] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.454127][ T6460] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.464300][ T6460] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.479715][ T6460] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 120.753354][ T6510] loop0: detected capacity change from 0 to 512 [ 120.848398][ T6510] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 120.863927][ T6520] loop3: detected capacity change from 0 to 1024 [ 120.866820][ T6512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1005'. [ 120.900713][ T6510] netlink: 180900 bytes leftover after parsing attributes in process `gtp'. [ 120.905960][ T6510] openvswitch: netlink: Flow actions attr not present in new flow. [ 120.948117][ T6520] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 121.077358][ T6531] SET target dimension over the limit! [ 121.221969][ T6537] netlink: 'syz.0.1012': attribute type 1 has an invalid length. [ 121.292770][ T6540] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1014'. [ 121.514023][ T6551] loop3: detected capacity change from 0 to 512 [ 121.596989][ T6551] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 121.657370][ T6551] netlink: 180900 bytes leftover after parsing attributes in process `gtp'. [ 121.666794][ T6551] openvswitch: netlink: Flow actions attr not present in new flow. [ 121.832810][ T6556] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1019'. [ 121.867782][ T6563] netlink: 'syz.3.1020': attribute type 10 has an invalid length. [ 121.883047][ T6565] SET target dimension over the limit! [ 121.909133][ T6563] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 122.260369][ T6580] loop1: detected capacity change from 0 to 2048 [ 122.361759][ T6580] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 122.374379][ T6590] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 122.392570][ T6593] tipc: Started in network mode [ 122.393898][ T6593] tipc: Node identity aaaaaaaaaaaa, cluster identity 4711 [ 122.395980][ T6593] tipc: Enabled bearer , priority 10 [ 122.398642][ T6593] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1033'. [ 122.417822][ T6593] tipc: Disabling bearer [ 123.838368][ T6603] lo speed is unknown, defaulting to 1000 [ 124.573279][ T6611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1032'. [ 124.654646][ T26] kauditd_printk_skb: 42 callbacks suppressed [ 124.654657][ T26] audit: type=1326 audit(124.630:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.4.1038" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 124.681502][ T26] audit: type=1326 audit(124.660:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.4.1038" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=79 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 124.687025][ T26] audit: type=1326 audit(124.660:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6612 comm="syz.4.1038" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 124.727806][ T26] audit: type=1326 audit(124.670:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.3.1039" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 124.756705][ T26] audit: type=1326 audit(124.670:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.3.1039" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 124.775849][ T26] audit: type=1326 audit(124.670:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.3.1039" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff85d75d28 code=0x7ffc0000 [ 124.891492][ T6629] lo speed is unknown, defaulting to 1000 [ 124.897818][ T26] audit: type=1326 audit(124.870:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.0.1046" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 124.915123][ T26] audit: type=1326 audit(124.890:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.0.1046" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 124.928368][ T26] audit: type=1326 audit(124.890:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.0.1046" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 124.955673][ T26] audit: type=1326 audit(124.890:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6631 comm="syz.0.1046" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 124.969491][ T6639] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3) [ 124.971199][ T6639] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 124.981439][ T6639] vhci_hcd vhci_hcd.0: Device attached [ 124.988609][ T6640] vhci_hcd: connection closed [ 124.995983][ T6242] vhci_hcd: stop threads [ 124.998325][ T6242] vhci_hcd: release socket [ 125.000152][ T6242] vhci_hcd: disconnect device [ 125.106133][ T6645] loop2: detected capacity change from 0 to 2048 [ 125.143312][ T6645] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option [ 125.175613][ T6645] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodelalloc,jqfmt=vfsold,nomblk_io_submit,jqfmt=vfsv0,journal_dev=0x0000000000000008,inode_readahead_blks=0x0000000000000100,usrquota,noinit_itable,data_err=ignore,,errors=continue. Quota mode: writeback. [ 125.244279][ T6658] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1052'. [ 125.437497][ T6668] device hsr0 entered promiscuous mode [ 125.452980][ T6668] device hsr0 left promiscuous mode [ 125.764681][ T6683] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1064'. [ 125.957890][ T6694] netlink: 'syz.1.1069': attribute type 10 has an invalid length. [ 125.998654][ T6698] xt_hashlimit: max too large, truncated to 1048576 [ 126.014975][ T6701] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1068'. [ 126.500143][ T6720] loop3: detected capacity change from 0 to 512 [ 126.508504][ T6722] futex_wake_op: syz.4.1080 tries to shift op by -1; fix this program [ 126.574666][ T6720] EXT4-fs error (device loop3): ext4_acquire_dquot:6197: comm syz.3.1079: Failed to acquire dquot type 1 [ 126.590097][ T6720] EXT4-fs (loop3): 1 truncate cleaned up [ 126.593258][ T6720] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 127.057478][ T6749] loop2: detected capacity change from 0 to 1024 [ 127.107266][ T6749] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 127.341218][ T6766] netlink: 'syz.3.1099': attribute type 2 has an invalid length. [ 127.344212][ T6762] rdma_rxe: rxe_register_device failed with error -23 [ 127.346898][ T6766] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1099'. [ 127.350097][ T6762] rdma_rxe: failed to add bond0 [ 127.392818][ T6766] device macvlan0 entered promiscuous mode [ 127.439857][ T6766] device batadv_slave_1 entered promiscuous mode [ 127.479544][ T6766] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 127.482579][ T6766] Cannot create hsr debugfs directory [ 127.484425][ T6762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1098'. [ 127.487019][ T6768] tipc: Enabled bearer , priority 10 [ 127.499177][ T6770] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1100'. [ 127.507379][ T6770] tipc: Resetting bearer [ 127.527966][ T6770] tipc: Disabling bearer [ 127.534075][ T6769] lo speed is unknown, defaulting to 1000 [ 127.783752][ T6783] netlink: 'syz.2.1105': attribute type 10 has an invalid length. [ 127.831120][ T6783] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 128.242413][ T6810] lo speed is unknown, defaulting to 1000 [ 128.350759][ T6813] tipc: Enabled bearer , priority 10 [ 128.354868][ T6813] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1116'. [ 128.357196][ T6813] tipc: Resetting bearer [ 128.398120][ T6813] tipc: Disabling bearer [ 128.578476][ T6831] bridge0: Device is already in use. [ 129.366102][ T6874] lo speed is unknown, defaulting to 1000 [ 129.926101][ T6902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'. [ 130.761069][ T6902] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1151'. [ 130.871729][ T6913] loop2: detected capacity change from 0 to 128 [ 130.936382][ T6913] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 550) [ 130.938789][ T6913] FAT-fs (loop2): Filesystem has been set read-only [ 130.976661][ T4042] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 550) [ 131.003730][ T6921] netlink: 'syz.3.1157': attribute type 10 has an invalid length. [ 131.005912][ T6921] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.008067][ T6921] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.050668][ T2057] ieee802154 phy0 wpan0: encryption failed: -22 [ 131.052908][ T2057] ieee802154 phy1 wpan1: encryption failed: -22 [ 131.076318][ T26] kauditd_printk_skb: 72 callbacks suppressed [ 131.076328][ T26] audit: type=1326 audit(131.050:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6924 comm="syz.0.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 131.080584][ T6921] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.084858][ T6921] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.087531][ T6921] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.089333][ T6921] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.090719][ T26] audit: type=1326 audit(131.070:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6924 comm="syz.0.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 131.116098][ T26] audit: type=1326 audit(131.070:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6924 comm="syz.0.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 131.118233][ T6921] bond0: (slave bridge0): Enslaving as an active interface with an up link [ 131.169009][ T26] audit: type=1326 audit(131.080:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6924 comm="syz.0.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=234 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 131.188270][ T26] audit: type=1326 audit(131.080:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6924 comm="syz.0.1158" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 131.235238][ T6932] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1163'. [ 131.277870][ T6940] loop1: detected capacity change from 0 to 512 [ 131.432231][ T6950] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1170'. [ 131.436483][ T6948] loop0: detected capacity change from 0 to 512 [ 131.504191][ T6948] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 131.570661][ T6948] EXT4-fs (loop0): 1 truncate cleaned up [ 131.572201][ T6948] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,,errors=continue. Quota mode: none. [ 131.634259][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1172'. [ 131.879675][ T26] audit: type=1326 audit(131.860:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6967 comm="syz.1.1174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7fc00000 [ 131.899417][ T26] audit: type=1326 audit(131.860:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6967 comm="syz.1.1174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8cf02d28 code=0x7fc00000 [ 131.922175][ T6977] netlink: 'syz.3.1177': attribute type 3 has an invalid length. [ 132.156986][ T6976] loop4: detected capacity change from 0 to 8192 [ 132.205420][ T6976] loop4: p1 p2 < > p3 p4 < p5 > [ 132.206757][ T6976] loop4: partition table partially beyond EOD, truncated [ 132.211200][ T6976] loop4: p1 size 100663296 extends beyond EOD, truncated [ 132.228185][ T6976] loop4: p2 start 591104 is beyond EOD, truncated [ 132.231597][ T6976] loop4: p3 start 33572980 is beyond EOD, truncated [ 132.238204][ T6976] loop4: p5 size 100663296 extends beyond EOD, truncated [ 132.290282][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1181'. [ 132.461131][ T6991] loop4: detected capacity change from 0 to 512 [ 132.569254][ T6999] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1185'. [ 132.595421][ T26] audit: type=1326 audit(132.570:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6967 comm="syz.1.1174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffff8cefa80c code=0x7fc00000 [ 132.621206][ T6991] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 132.723517][ T6991] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8 [ 132.726318][ T6991] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 132.728760][ T6991] EXT4-fs error (device loop4): ext4_acquire_dquot:6197: comm syz.4.1184: Failed to acquire dquot type 0 [ 132.766394][ T4021] udevd[4021]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 132.790692][ T4345] udevd[4345]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 132.817023][ T4344] udevd[4344]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory [ 132.905961][ T7011] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1191'. [ 133.450961][ T7026] xt_CT: You must specify a L4 protocol and not use inversions on it [ 135.362593][ T7041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1199'. [ 135.547745][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1213'. [ 135.572931][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1213'. [ 135.628102][ T7047] loop1: detected capacity change from 0 to 8192 [ 135.708066][ T7047] loop1: p1 p2 < > p3 p4 < p5 > [ 135.709356][ T7047] loop1: partition table partially beyond EOD, truncated [ 135.711268][ T7047] loop1: p1 size 100663296 extends beyond EOD, truncated [ 135.719941][ T7047] loop1: p2 start 591104 is beyond EOD, truncated [ 135.721520][ T7047] loop1: p3 start 33572980 is beyond EOD, truncated [ 135.745315][ T7060] loop3: detected capacity change from 0 to 512 [ 135.748855][ T7047] loop1: p5 size 100663296 extends beyond EOD, truncated [ 135.787376][ T7062] loop0: detected capacity change from 0 to 128 [ 135.793679][ T7059] loop4: detected capacity change from 0 to 2048 [ 135.805094][ T3643] loop1: p1 p2 < > p3 p4 < p5 > [ 135.806773][ T3643] loop1: partition table partially beyond EOD, truncated [ 135.828756][ T3643] loop1: p1 size 100663296 extends beyond EOD, truncated [ 135.840101][ T3643] loop1: p2 start 591104 is beyond EOD, truncated [ 135.849821][ T3643] loop1: p3 start 33572980 is beyond EOD, truncated [ 135.859241][ T3643] loop1: p5 size 100663296 extends beyond EOD, truncated [ 135.864636][ T7060] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 135.868313][ T7060] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1207: inode #1: comm syz.3.1207: iget: illegal inode # [ 135.898274][ T7060] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1207: error while reading EA inode 1 err=-117 [ 135.918065][ T7060] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.1207: inode #1: comm syz.3.1207: iget: illegal inode # [ 135.957098][ T7060] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1207: error while reading EA inode 1 err=-117 [ 135.982627][ T7060] EXT4-fs (loop3): 1 orphan inode deleted [ 135.984066][ T7060] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,resgid=0x0000000000000000,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,debug,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 136.085925][ T4109] udevd[4109]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 136.113850][ T4023] udevd[4023]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 136.136677][ T7067] loop0: detected capacity change from 0 to 164 [ 136.164541][ T4344] udevd[4344]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 136.171162][ T7067] Unable to read rock-ridge attributes [ 136.175247][ T7067] Unable to read rock-ridge attributes [ 136.197342][ T7067] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 136.334680][ T26] audit: type=1326 audit(136.310:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7072 comm="syz.0.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 136.360522][ T26] audit: type=1326 audit(136.340:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7072 comm="syz.0.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=189 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 136.374261][ T26] audit: type=1326 audit(136.350:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7072 comm="syz.0.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 136.400826][ T4021] loop4: unable to read partition table [ 136.402265][ T4021] loop4: partition table beyond EOD, truncated [ 136.404009][ T26] audit: type=1326 audit(136.350:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7072 comm="syz.0.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffaf140d28 code=0x7ffc0000 [ 136.541677][ T4023] udevd[4023]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 136.609596][ T4109] udevd[4109]: inotify_add_watch(7, /dev/loop1p5, 10) failed: No such file or directory [ 136.613669][ T7071] infiniband syz1: set active [ 136.614950][ T7071] infiniband syz1: added veth0_virt_wifi [ 136.631114][ T7071] infiniband syz1: Couldn't open port 1 [ 136.643572][ T4344] udevd[4344]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 136.651625][ T7059] loop4: unable to read partition table [ 136.653161][ T7059] loop4: partition table beyond EOD, truncated [ 136.707785][ T7059] loop_reread_partitions: partition scan of loop4 () failed (rc=-5) [ 136.726118][ T7071] RDS/IB: syz1: added [ 136.727208][ T7071] smc: adding ib device syz1 with port count 1 [ 136.728639][ T7071] smc: ib device syz1 port 1 has pnetid SYZ0 (user defined) [ 136.915129][ T3643] loop4: unable to read partition table [ 136.922455][ T3643] loop4: partition table beyond EOD, truncated [ 137.041870][ T7081] loop4: detected capacity change from 0 to 2048 [ 137.216706][ T7081] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nodelalloc,,errors=continue. Quota mode: writeback. [ 137.217256][ T26] audit: type=1326 audit(137.190:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7086 comm="syz.1.1218" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x0 [ 137.275418][ T26] audit: type=1326 audit(137.250:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 137.309177][ T26] audit: type=1326 audit(137.250:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 137.332613][ T7088] xt_CT: You must specify a L4 protocol and not use inversions on it [ 137.345410][ T26] audit: type=1326 audit(137.260:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff9dbe2254 code=0x7ffc0000 [ 137.390247][ T26] audit: type=1326 audit(137.260:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 137.395603][ T26] audit: type=1326 audit(137.260:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.4.1216" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9dbe3d28 code=0x7ffc0000 [ 137.423656][ T7090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1219'. [ 137.435690][ T7090] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1219'. [ 138.005115][ T7096] loop0: detected capacity change from 0 to 2048 [ 138.092601][ T7096] loop0: p1 < > p4 [ 138.117987][ T7096] loop0: p4 size 8388608 extends beyond EOD, truncated [ 138.355693][ T7106] netlink: 'syz.1.1228': attribute type 21 has an invalid length. [ 138.358016][ T7106] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1228'. [ 138.365851][ T7106] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1228'. [ 138.410174][ T4345] udevd[4345]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 138.431350][ T4021] udevd[4021]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory [ 138.974512][ T7126] loop0: detected capacity change from 0 to 512 [ 139.052760][ T7126] EXT4-fs (loop0): Unrecognized mount option "rootcontext=user_u" or missing value [ 139.056055][ T7132] netlink: 38 bytes leftover after parsing attributes in process `syz.4.1240'. [ 139.181500][ T7126] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1237'. [ 139.183985][ T7126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1237'. [ 139.250659][ T7143] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1241'. [ 139.589541][ T7160] loop1: detected capacity change from 0 to 512 [ 140.509059][ T7160] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 140.565671][ T7171] loop4: detected capacity change from 0 to 2048 [ 140.568200][ T7160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1252: inode #1: comm syz.1.1252: iget: illegal inode # [ 140.591271][ T7160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1252: error while reading EA inode 1 err=-117 [ 140.597345][ T7160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.1252: inode #1: comm syz.1.1252: iget: illegal inode # [ 140.604275][ T7160] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1252: error while reading EA inode 1 err=-117 [ 140.608003][ T7160] EXT4-fs (loop1): 1 orphan inode deleted [ 140.613644][ T7160] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,resgid=0x0000000000000000,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,debug,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 140.639885][ T7171] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 140.976805][ T7190] team0 (unregistering): Port device team_slave_0 removed [ 141.000028][ T7190] team0 (unregistering): Port device team_slave_1 removed [ 141.127797][ T7193] rdma_rxe: rxe_register_device failed with error -23 [ 141.130728][ T7193] rdma_rxe: failed to add veth0_virt_wifi [ 141.356417][ T7206] loop2: detected capacity change from 0 to 512 [ 141.383287][ T7206] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 141.439469][ T7206] EXT4-fs (loop2): 1 truncate cleaned up [ 141.440960][ T7206] EXT4-fs (loop2): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000200,,errors=continue. Quota mode: none. [ 141.800714][ T7218] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1272'. [ 142.044484][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 142.044497][ T26] audit: type=1326 audit(142.020:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.078677][ T26] audit: type=1326 audit(142.040:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.113211][ T26] audit: type=1326 audit(142.040:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.130075][ T26] audit: type=1326 audit(142.040:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.175584][ T26] audit: type=1326 audit(142.040:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.188426][ T26] audit: type=1326 audit(142.070:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.195861][ T26] audit: type=1326 audit(142.070:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.202230][ T26] audit: type=1326 audit(142.070:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.213368][ T7236] rdma_rxe: rxe_register_device failed with error -23 [ 142.215295][ T7236] rdma_rxe: failed to add bond0 [ 142.217554][ T26] audit: type=1326 audit(142.070:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.231188][ T7236] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1281'. [ 142.236934][ T26] audit: type=1326 audit(142.070:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.1.1279" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cf02d28 code=0x7ffc0000 [ 142.298655][ T7242] loop4: detected capacity change from 0 to 512 [ 142.418042][ T7248] loop2: detected capacity change from 0 to 2048 [ 142.468328][ T7248] EXT4-fs (loop2): Ignoring removed bh option [ 142.497811][ T7242] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=802c198, mo2=0002] [ 142.501181][ T21] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 142.548060][ T7242] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.1283: inode #1: comm syz.4.1283: iget: illegal inode # [ 142.556188][ T7242] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1283: error while reading EA inode 1 err=-117 [ 142.574327][ T7242] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.1283: inode #1: comm syz.4.1283: iget: illegal inode # [ 142.579998][ T7248] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none. [ 142.594219][ T7242] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.1283: error while reading EA inode 1 err=-117 [ 142.600213][ T7242] EXT4-fs (loop4): 1 orphan inode deleted [ 142.601543][ T7242] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,stripe=0x0000000000000003,norecovery,noinit_itable,resgid=0x0000000000000000,minixdf,usrjquota=,debug_want_extra_isize=0x000000000000005c,debug,dioread_lock,noblock_validity,noquota,,errors=continue. Quota mode: none. [ 142.646859][ T7248] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 142.689451][ T21] usb 1-1: device descriptor read/64, error -71 [ 142.916629][ T7266] rdma_rxe: rxe_register_device failed with error -23 [ 142.920101][ T7266] rdma_rxe: failed to add veth0_virt_wifi [ 142.979442][ T21] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 143.031231][ T7278] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING [ 143.049884][ T7277] ================================================================== [ 143.052158][ T7277] BUG: KASAN: slab-out-of-bounds in __xfrm_decode_session+0x1520/0x1d20 [ 143.054357][ T7277] Read of size 1 at addr ffff0000d0bdb557 by task syz.1.1299/7277 [ 143.056371][ T7277] [ 143.056999][ T7277] CPU: 0 PID: 7277 Comm: syz.1.1299 Not tainted 5.15.179-syzkaller #0 [ 143.059042][ T7277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 143.061645][ T7277] Call trace: [ 143.062517][ T7277] dump_backtrace+0x0/0x530 [ 143.063752][ T7277] show_stack+0x2c/0x3c [ 143.064858][ T7277] dump_stack_lvl+0x108/0x170 [ 143.066055][ T7277] print_address_description+0x7c/0x3f0 [ 143.067544][ T7277] kasan_report+0x174/0x1e4 [ 143.068767][ T7277] __asan_report_load1_noabort+0x44/0x50 [ 143.070218][ T7277] __xfrm_decode_session+0x1520/0x1d20 [ 143.071575][ T7277] icmpv6_route_lookup+0x398/0x558 [ 143.072943][ T7277] icmp6_send+0xe18/0x1b1c [ 143.074074][ T7277] ip6_link_failure+0x44/0x4a8 [ 143.075292][ T7277] ip6_tnl_xmit+0x1014/0x22a8 [ 143.076561][ T7277] ip6_tnl_start_xmit+0xd60/0x13d8 [ 143.077845][ T7277] dev_hard_start_xmit+0x2bc/0x92c [ 143.079224][ T7277] sch_direct_xmit+0x2e0/0x484 [ 143.080451][ T7277] __qdisc_run+0x878/0x1fc0 [ 143.081635][ T7277] __dev_queue_xmit+0x1038/0x2ac8 [ 143.082951][ T7277] dev_queue_xmit+0x24/0x34 [ 143.084089][ T7277] neigh_connected_output+0x334/0x378 [ 143.085520][ T7277] ip6_finish_output2+0x1360/0x1cec [ 143.086909][ T7277] __ip6_finish_output+0x580/0x6ec [ 143.088252][ T7277] ip6_finish_output+0x40/0x218 [ 143.089480][ T7277] ip6_output+0x274/0x594 [ 143.090599][ T7277] ip6_local_out+0x120/0x160 [ 143.091748][ T7277] ip6_send_skb+0x1a8/0x584 [ 143.092915][ T7277] udp_v6_send_skb+0x8ac/0x1474 [ 143.094093][ T7277] udpv6_sendmsg+0x1a00/0x2850 [ 143.095307][ T7277] inet6_sendmsg+0xb4/0xd8 [ 143.096462][ T7277] ____sys_sendmsg+0x584/0x870 [ 143.097705][ T7277] ___sys_sendmsg+0x214/0x294 [ 143.098859][ T7277] __sys_sendmmsg+0x23c/0x648 [ 143.100059][ T7277] __arm64_sys_sendmmsg+0xa0/0xbc [ 143.101393][ T7277] invoke_syscall+0x98/0x2b8 [ 143.102633][ T7277] el0_svc_common+0x138/0x258 [ 143.103848][ T7277] do_el0_svc+0x58/0x14c [ 143.104960][ T7277] el0_svc+0x7c/0x1f0 [ 143.105976][ T7277] el0t_64_sync_handler+0x84/0xe4 [ 143.107375][ T7277] el0t_64_sync+0x1a0/0x1a4 [ 143.108567][ T7277] [ 143.109151][ T7277] Allocated by task 1: [ 143.110233][ T7277] ____kasan_kmalloc+0xbc/0xfc [ 143.111528][ T7277] __kasan_kmalloc+0x10/0x1c [ 143.112734][ T7277] kmem_cache_alloc_trace+0x27c/0x47c [ 143.114178][ T7277] cec_allocate_adapter+0xa8/0x4e4 [ 143.115484][ T7277] vivid_cec_alloc_adap+0xec/0x150 [ 143.116852][ T7277] vivid_probe+0x40fc/0x6b50 [ 143.118037][ T7277] platform_probe+0x148/0x1c0 [ 143.119308][ T7277] really_probe+0x26c/0xaec [ 143.120517][ T7277] __driver_probe_device+0x194/0x3b4 [ 143.121927][ T7277] driver_probe_device+0x78/0x34c [ 143.123273][ T7277] __driver_attach+0x3ec/0x5ec [ 143.124557][ T7277] bus_for_each_dev+0x14c/0x1cc [ 143.125805][ T7277] driver_attach+0x4c/0x5c [ 143.126990][ T7277] bus_add_driver+0x2ec/0x570 [ 143.128138][ T7277] driver_register+0x200/0x374 [ 143.129433][ T7277] __platform_driver_register+0x74/0x8c [ 143.130971][ T7277] vivid_init+0x4c/0x8c [ 143.132065][ T7277] do_one_initcall+0x234/0x990 [ 143.133255][ T7277] do_initcall_level+0x154/0x214 [ 143.134582][ T7277] do_initcalls+0x58/0xac [ 143.135798][ T7277] do_basic_setup+0x8c/0xa0 [ 143.136944][ T7277] kernel_init_freeable+0x460/0x640 [ 143.138344][ T7277] kernel_init+0x24/0x294 [ 143.139505][ T7277] ret_from_fork+0x10/0x20 [ 143.140650][ T7277] [ 143.141295][ T7277] The buggy address belongs to the object at ffff0000d0bda000 [ 143.141295][ T7277] which belongs to the cache kmalloc-4k of size 4096 [ 143.145070][ T7277] The buggy address is located 1367 bytes to the right of [ 143.145070][ T7277] 4096-byte region [ffff0000d0bda000, ffff0000d0bdb000) [ 143.148755][ T7277] The buggy address belongs to the page: [ 143.150265][ T7277] page:00000000afad9f46 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x110bd8 [ 143.152910][ T7277] head:00000000afad9f46 order:3 compound_mapcount:0 compound_pincount:0 [ 143.155004][ T7277] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 143.157033][ T7277] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0002a80 [ 143.159381][ T7277] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 143.161629][ T7277] page dumped because: kasan: bad access detected [ 143.163302][ T7277] [ 143.163927][ T7277] Memory state around the buggy address: [ 143.165467][ T7277] ffff0000d0bdb400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 143.167631][ T7277] ffff0000d0bdb480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 143.169776][ T7277] >ffff0000d0bdb500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 143.171862][ T7277] ^ [ 143.173738][ T7277] ffff0000d0bdb580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 143.175799][ T7277] ffff0000d0bdb600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 143.177933][ T7277] ================================================================== [ 143.179980][ T7277] Disabling lock debugging due to kernel taint [ 143.189428][ T21] usb 1-1: device descriptor read/64, error -71 [ 143.309600][ T21] usb usb1-port1: attempt power cycle [ 143.729418][ T21] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 143.819450][ T21] usb 1-1: device descriptor read/8, error -71 [ 144.089545][ T21] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 144.179476][ T21] usb 1-1: device descriptor read/8, error -71 [ 144.300216][ T21] usb usb1-port1: unable to enumerate USB device