last executing test programs: 5.752435732s ago: executing program 4 (id=5797): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000040)) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xbffffff7fffffdfc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) futex(&(0x7f0000000080)=0x2, 0x0, 0x2, &(0x7f0000000100)={0x0, 0x3938700}, 0x0, 0x0) mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0) ioctl$FS_IOC_RESVSP(r1, 0x5421, 0x0) 3.016323876s ago: executing program 2 (id=5809): openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xa, 0x4, 0x3, 0x8}, 0x48) close(r1) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='scsi_dispatch_cmd_start\x00', r2}, 0x10) write$cgroup_type(r0, &(0x7f0000000140), 0x9) 2.629315641s ago: executing program 2 (id=5814): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000000580)="6700000011008188040f56ecdb4cb9cca7480ef434000000e3bd6efb440009000e000a0010000000ba80010000005a8c3774fa0af3dc59a933c1e7a6d3361d83b20000319cdf5656826edaaa11032701c61ec666d482078ccebcb9a4f187f7a4e98f09cdc2649f", 0x67}], 0x1}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], &(0x7f00000005c0)='GPL\x00'}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x0, 0x3, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) socket$kcm(0x2c, 0x3, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0) 2.616586251s ago: executing program 0 (id=5815): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) readv(r0, &(0x7f0000000400)=[{&(0x7f0000011240)=""/4071, 0xfe7}], 0x1) r1 = msgget$private(0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) recvmsg$unix(r2, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x20) msgrcv(r1, 0x0, 0x0, 0x0, 0x0) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RSETATTR(r3, &(0x7f0000010040)={0x4}, 0xffffff23) write$P9_RLOPEN(r3, 0x0, 0x0) rt_sigreturn() msgctl$IPC_RMID(r1, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x5451, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) write$binfmt_script(r4, &(0x7f0000000340), 0xffffff46) futex(&(0x7f0000000700)=0x2, 0x0, 0x2, 0x0, 0x0, 0x0) fcntl$setownex(0xffffffffffffffff, 0xf, 0x0) 2.38669449s ago: executing program 1 (id=5817): socket$unix(0x1, 0x2, 0x0) memfd_create(0x0, 0x0) mmap(&(0x7f000036a000/0x1000)=nil, 0x1000, 0x0, 0x2012, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x6, 0x0, 0x0) sched_setscheduler(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) mmap(&(0x7f00005ac000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0) syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff) sendfile(r3, r4, 0x0, 0xc7) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r5, 0x0, 0x27, &(0x7f0000000180)={@multicast2, @dev={0xac, 0x14, 0x14, 0xd}}, 0xc) socket$inet_tcp(0x2, 0x1, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) close(r5) futex(0x0, 0xb, 0x0, 0x0, &(0x7f0000000340), 0x0) 2.053260193s ago: executing program 0 (id=5819): socketpair(0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x90) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x4030582a, &(0x7f0000000040)) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, 0xffffffffffffffff) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x4, 0xbf25}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r2, &(0x7f00000000c0), 0x20000000}, 0x20) 1.925052908s ago: executing program 2 (id=5820): perf_event_open(&(0x7f00000002c0)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = socket$kcm(0x2, 0x3, 0x2) sendmsg$inet(r0, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x4008804) sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f00000002c0)=@l2tp={0x2, 0x0, @empty}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000600)="3282db78e0ea55c52d87bc2a166b9e46818f5faca0b3a411e056b7928ccacd30019d925e47ecd2f92675d1d8c795dd0ab0a9c457007d002ae359e2b5d768e71db355cf220bb96b7a64e1d2629c3e21c5decd0e2e6f107c35a8081587d3dc42a0bc0d0c5e85c355c9cbadd6e8f8014acb52d24b961a3989d5102d540829ad660fdca299e7e74a71ed264d75a3e1dfb8331f1b441972bc5982dbe74341fa418cfee6039c15eda91b1ecf8887e008b15c4c7505c31efe20a7b838369c2857906c492432ba88cd2591215c875a7c854aa65bcc2e04eabc2ef716297c6d5c1357ed811a106739f968547df4ae455ecd6b0566ef52705630df27d81e2a544ecc09f8c73cec559d206644acdc56c717e19f04613456b8d7a386c0a700c032d0165c3b3f5716aa7f24e6fca522f91350793d13ba7f887e7b48cd3e6e41139d0deb8de9aeac59bf750ce01a", 0x147}, {&(0x7f0000000fc0)="da752f575198baaac222d34e85893d37a6bd281687872ed9151c56f415698f3fecf56eebf5edb42ed5d54e0419b2a13128d3ad19b6eed6b450aad46baaa57203e0d4f567d8d79fe07e7b3142de43e55cf69c65db2469175cf60c82f49d0f9d3f2ac908fd7099c4c4dde733a14d57f4117ed2f46aea5950ff0176d73349c2808eee62ce1c7d846ffdf65211f3192dabf5b3ac1516ad90e618d0ca9e4ac2778acabeac244f2f90af2616647e5cf8ab5e2ac404ebf2a866c8a73f68ae2cc4523e63e3a1aa5ab60a23e4c47534bda546042120c5333d91fefc68226bc9149d282937797a2fe036a58c9ecd19e54bcfb85d3f75ec7c74d86be94ef6b9191e0fa86d2a9330af3f592e24bc30b84632e5121bf04abc0e12f4073f6678ad97b786cc73b8175e35eda542e3631d283a3ca6fef91607ec7dee1b4a62bae169cc8fb64e8bdef95474f0b3c526f69ce55281e18016a4785875ba99e313fd63f66cfd36234bcc6048f25bce8cce39cf709eb10e1ea88497ff7401aae0d4a7e07f14691b6c4b75dc16e2586744317ffbb9966d8bfb16efcdf6ab308426e5c1aec6a6636122ffaca89af3b03834612b93989d0bbb251a42c1b48b86ac7162ad8d5cbf3d6cfccdc590724ff6caa85320f9d5beea2370b8c0533c19422c9097a7164651ad9d8f9cca4ea7815e53fd9c42eab1cb76b451cd3b18cf31c16d01731efd1506b844f52d2f173c825a7f8814ada5f6361a48f20250df6b98965d0c85f3df3b72b2ac49f3ed52e6fa30d7d3d54d95e8bd13ec2ed4883feb3b778d624ff0c1a3ec900671acd0ff00edc7b96d1cad51fba25565c67ce0e62302dbff8f68c0de8330c44704b2f019a7afc753538ed61f3744f286735af18a8f5e7ae3fd66e4562565b31a9e5d947a06ea69ee5f0ea97d2e832e1bbc9e74498a2f99473ef8822ad0254013fefff6c4c35d84072307633de00985a6477ff6480e75171a50915838168d3b1a5864450cc9b2fb1f71364095c0fd0c94610e4b9785dc39501ba75496d10907ada3ffa622225897c79c8e8efa27396ada49844f7664bd2eee3a156c0c89fc8ded3f1b8be73d1e60521c2789837b71fe63a320f233032f2bc0472f53165423fb6c8755e5f18ac54ea180f0486914f917f8b16b13b286248c2ed33bf7b95efc5b3c15664d036fcb721d19011d09a7efbb4863b021bd7b75c632a2bb13676a1ab1fed3f1101196625c09244c987825b515d662f4fcac27b9a4cf92ba0683b7eecbbff92c7250bf7c04bcc660840d91620bb214b46581f7f406b45019f01249be3a7ca79b97c9be7ae35f6d3594687c5207c029a2774f3a7df6681a206a59a9dd40a8f114e03f3b6a44a4e88960c9d6c79b5ac3ddfc4481ca5cdbf31816bfa9291879e0d7ea617add447d819aa30e2c3f9502c393cc9cce52dcbdac5e3c55a08a9b8ddaf52de96915f6635065a905aa94b7b2", 0x40d}], 0x2}, 0x8400) sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x0, @empty}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000780)="07ccc1e7769aa1cb3676ef1e9b77696e45fab66a5141154ecb32abfb83b3b3a1787a4b65498fe5ed493489d14292693e592771846bb6805e90e11e7e6b7b2d1481d84b19bcd8ea5ba24a17f60624c44c0242e8436b7e0363fc8677cd394cee2e1e", 0x61}], 0x1}, 0x0) 1.625664919s ago: executing program 3 (id=5821): perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0xec, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events.local\x00', 0x26e1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x7f, 0x4, 0x2}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000100)="ed5f95a9b308f2662ff322e5ff7a58136c3ad001c5a1a308975c892d467c90", 0x20000000}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r0, &(0x7f0000000240)}, 0x20) 1.565387081s ago: executing program 4 (id=5822): perf_event_open(&(0x7f0000000480)={0x2, 0x80, 0xb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0x97}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0) 1.416527157s ago: executing program 2 (id=5823): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) fchdir(r0) mkdir(&(0x7f0000000000)='./control\x00', 0x0) r1 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0) getdents64(r1, 0x0, 0x0) 1.366193819s ago: executing program 3 (id=5824): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x95, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000900)={'bridge0\x00'}) r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000a80)=ANY=[@ANYBLOB="850000000800000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a39484809539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6cf68f96b4a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6ea508000000c576331b2b571bed5647323478a996810000000571cbb17d9f37282462f0e9c147c0d497c61433c6ccc35601eef97ee611be8c97f4151fcda6cb799c6e924966a7f90bf80f1e75ee76bd72346cfb00000000a7fe5e68949a3b304723177d356c4604bca492ecec37e83efceefd78a2533659edc8bef9cb85451c6a145074343caea5c4bf690441974b155f5adc681a03c0bbb8358856175e2ce8b0cbbbe3c033e54ffcebde1d9d3d350000000000000000e0f209150a07682c4e14e3a83558df6f3fc97f1730a136bdee07e98cb984b2e2204a1b63afefdb636e56bbaae4e62136574bc6371a0bb2be1a962aae9c1258da6ef590e1d85ea9e12b3025f43e7e08ccffc5064dea4c39cf4b98e1fc6efb5978f51e16b678eca0b658a56008948e5a61561a9845e4ff29e2bd43b5b923b272341c5e093fd66a2946501559335781092cf8ce987c56cd31121624d7455f2a3666276c8f7e8ad23c0e812b28e2f30d035cee5d0e77a3c72308ec651cc0ae637fa474816bc59d2e2a00092419304b338a987e9d3044d856ce24f370030be3b5f79f030b8d3ebcef5af469abe753314fae31a09c3a041a1e7b55c4e81dba1e12289ee34463aaf28345bde0c195bc9f022ca8ce37ed85464c31679053e7f9d04bb5cb51da0b7958989fd70f241262d0af3246eb4fc4bda345360200000001fbddeacd3adaa4d2715e21c772ccd44341f7fd53df58ae791ee8b489a7c9efe3625a9d971b5997485d6a063dc6f7359e2eccc2fb39d419de1a7b5c9dc22c96295a0600adf59d44e58eb1c60b3475be31a9b7cf42b6402312d2725b8d9fa7000008000000000000117ca65fc86c2dce97aa03279a66ec87122219b0f796ab92b1adecae50fdb408c8a80f7f02f750d6c977a1919f9f69a6cfefdf879d447df53f3b9b70d10355b07466d1ef0056b5af553d18a6cd50feeb7bfad9b7be3283b6450d264e7712d2f1d7004548b19162cef04d18d4f5987baab97a9bfbd8f185b5a71e0d7696caba172745c7dd919ffb631820420b75b6522c0e21c882c66f4f25ffb6d95e07e068000000000000eb5b63e45d5d80fe52734093ae5aa3c0b4f3f45bfff201000000000000002e31560e4ba0a765d20b30f87af976a46f9a9a1ac7dea1ea6845f9aa66237e0dacc107f532348cc2116473381e961f3d9c8c21578fe32450cbc2ecd9e51427b9f6cd72b5da6d0252803c66730cd5eac907f09b9695906313f8873522608c6f0100000000000000f721303e6b89e5c54d680ac66de8ae90dbf50ee69a39265964279d174b0000000000000000000000fa08ad157e2b565e7e1a08265e7f1f4c2d97f4680b135f87c228ce69418a282b6caa2481a0df1774fa7d94944bb92d2b89f73f0e8b63f6316c5762f3288bc970720f48b5647dd177db6810fae0533496b6d58da50ee80a6b9a7038978c5465113f668eb4484350048289d07dbef325d3221a7cb35f812f257941a9781e3214c2a3dcf89d99844b762a9cf17548c54fccad2c7ae8072b82e0880815daf966bd5343c1635e123f868a7167cfcff33320253af570f4ef9c0254afdd89ac3943562b530dd88da8a94013bbaf204bebc3e3252370ae96e36007dbf4880abab85d91cc2711f4d1f6dcc928d1578a093c072e0b92babc76f47ee367e72c480c1518b40889c9ffc245a024a2278319d9a4d1378482b74c516647652bfb6e9300fe78232e3ae24588734487062437da23e1efa6ef7674108aaa3ffac859c3577c2637bb3bdc69bc365b1f20dba96b8acca62f3f80045318de0facf2ed44b814e842c2a520159bb6c320cec0910c0b8bd3d547bdfba2e09d24d117ed03b936e743ffbad2f9c77c9c1314a16ffe64f5e3744a2fffd7039670f5706e589a4c3868db06fd892d68a547477f8ef686ff0dba7b8c18c94d5a89b0567a851750a35d9cc2217db890d89385fcaa00f0f2e524672e6f4c8bedfd5da5b157709b8265cf511dc5846ab1d85916c4a6b2d1b408575982e11230cbac0a9c6eaa03c945645581f678403c2a936c53ae72940aa92bcf22b82c6bc028e0acdddf9fef595f0f7a9f80c0e4c659ced769ec463d26a81e468846761a8e1efd6a031ab7adc8665e267be0065cc315aa23012423ec8b8492d9b50fa4d8c5891959b761eec6dc988532782fda13239c63737039350db59e25c796b79cc04f3d1a5a130000000058649e9f33fe3b02879dd24c68697c1bdd58a0d5eeacb63eabb8dad0ddab06df6287871f2b4d9fb72327f0a44188a6eb6c61d338c118fefc8bcbabafac6795ea000000000000000000000000000000ffd873a0b668bb43aaf6895368abac06"], &(0x7f0000000000)='GPL\x00', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) close(r0) 1.301375741s ago: executing program 0 (id=5825): r0 = gettid() r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0) read(r1, &(0x7f0000000100)=""/140, 0xde) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000040)={0x37, @time}) tkill(r0, 0x7) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0x80045300, &(0x7f0000000380)={0x0, 0x0, 0x0, 'queue1\x00'}) 1.301093601s ago: executing program 4 (id=5826): r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x989680}}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46) sendmsg$unix(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)='D', 0x1}], 0x1}, 0x0) close(r1) socket$unix(0x1, 0x1, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000640)=[{{&(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) rt_sigreturn() futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) rt_sigreturn() mlockall(0x1) mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_timeval(r2, 0x1, 0x0, 0x0, 0x0) 1.288182932s ago: executing program 1 (id=5827): close(0x3) socketpair$nbd(0x1, 0x1, 0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 1.157458647s ago: executing program 2 (id=5828): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751"], 0x6, 0x2a4, &(0x7f0000002680)="$eJzs3T1re1UYAPDnpmkSdUgGJxG8oIPTn7arS4qkUMykZFAHLbYFaYLQQsEXDJ1cXRz9BILg5pdw8RsIroKbHQpHbnIvSWuaNtK0vvx+Q3t67vOc85zTQ18oOf3w5dHJYR7HF1/8Eq1WFrVudOMyi07UopJSSjHT/ToAgH+zy5Ti9zS1Sl4WEa31lQUArNHK3/9/WHtJAMCavfPue2/t9vu9t/O8FXujr84HxW/2xfvp893j+DiGcRRb0Y6r6d8Cqp8Wird7KaVxPS904rXR+HxQZI4++Kkcf/e3iEn+drSjM+m6nr/f723nU3P546KO58v5u0X+TrTjxQXz7/d7OwvyY9CI11+dq/9ZtOPnj+KTGMbhpIhZ/pfbef5m+uaPz98vyivys/H5oDmJm0kbj/ypAQAAAAAAAAAAAAAAAAAAAADgP+xZeXdOMyb39xRd5f07G1fFB5uRVzrX7+eZ5mfVQDfuBxqn+DalZj2i39vK8zyVgbP8erxUj/rTrBoAAAAAAAAAAAAAAAAAAAD+Wc4+/ezkYDg8On2QRnUbQPWy/r87Tneu55VYHtyczVUrm0tGjo0qJotYWkaxiAfalrsaz91W83ffrzpg6+6YzWX78zCN6nSdHGSL97AZVU+rOiQ/zsc04p5zNW57lFY6fo2Fj9orr73xwqQxXhIT2bLC3vh1unNlT3ZzFY3Jri5M3ywbc+k3zsZK5/mvXysyt3UAAAAAAAAAAAAAAAAAAMBazV70u+DhxdLUWmqurSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFSz//+/QmNcJt8juBGnZ0+8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP4H/gwAAP//GX9i/A==") r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0xff2e) dup3(0xffffffffffffffff, r0, 0x0) r1 = inotify_init() inotify_add_watch(r1, &(0x7f0000000240)='./file0\x00', 0x8c7) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000e00851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000480000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x90) r2 = socket(0x10, 0x3, 0x0) sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x32}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f00000003c0)={0x3, 0x80, 0x8, 0x1, 0x1, 0xe2, 0x0, 0x9, 0x10000, 0x4, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000180), 0x10}, 0x110846, 0xee6d, 0xd7, 0x2, 0x8000000003, 0x8, 0x8, 0x0, 0xffffffff, 0x0, 0x2000000000000}, 0x0, 0xc, 0xffffffffffffffff, 0x6) syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x2906000, 0x0, 0x1, 0x0, &(0x7f0000000000)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) listen(0xffffffffffffffff, 0x400) 981.331043ms ago: executing program 3 (id=5829): r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2) r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'}) 981.194993ms ago: executing program 1 (id=5830): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x40, r1, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_PEER_V4={0x8, 0x8, @private=0xa010100}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x5}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x40}}, 0x0) 977.756783ms ago: executing program 4 (id=5831): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc901, &(0x7f00000002c0), 0x1, 0x4d3, &(0x7f0000000540)="$eJzs3c9vG1UeAPDvTOJu06abdHcP3UrbrbZdpdVunabZ7UZ76Hal1fZUCSj3EhIniuLEUey0TVRBKv4AJIQAiRMnLvwHSKhnTgipEtwRIBCCFg4coEa2x/0R7CZRnbhNPh/pZd788vf7Ynk8b+bJE8CudTQizkfE3Wq1ejIiBrLlaVZitVFq2925fX2iVpKoVi99m0SSLWu+VpJN92e77Y2I5y5EvJj8Om55eWV2vFgsLGbzw5W5heHy8sqpmbnx6cJ0YX50dOTsWOfaWcvp3P++fOPVd/9/7oO/X/3s8tcnXqql1Z+tf7AdndRoeq7+v2jqjYjFrQjWBT1Ze3LdTgQAgA2pneP/LiL+EhEnYyB66mdzAAAAwE5S/U9//JREVAEAAIAdK62PgU3SfDYWoD/SNJ9vjJf9Q+xLi6Vy5W9TpaX5ycZY2cHIpVMzxcLpbKzwYOSS2vxIvX5//sya+dGIOBgRrw/01efzE6XiZLcvfgAAAMAusX9N//+HgUb/HwAAANhhBrudAAAAALDl9P8BAABg59P/BwAAgB3tmYsXa6XafP715JXlpdnSlVOThfJsfm5pIj9RWlzIT5dK0/Xf7Jtb7/WKpdLCP2J+6dpwpVCuDJeXVy7PlZbmK5dnHnoENgAAALCNDv755qdJRKz+u69eavZ0OylgW1zYzMZfbF0ewPbr6XYCQNf0djsBoGty3U4A6LrkfjVttb7t4J2PtiYfAACg84b+2P7+/6OvDay27CcATw8fYti93P+H3Wuz9/8/3KI8gO2XcwYAu16yzvrHv/9frW4qIQAAoOP66yVJ89m9wP5I03w+4kD9sQC5ZGqmWDgdEb+NiE8Gcr+pzY/U90zW7TMAAAAAAAAAAAAAAAAAAAAAAAAAAA3VahJVAAAAYEeLSL9Ksud/DQ0c7197fWBP8uNAfRoRV9++9Oa18UplcaS2/Lt7yytvZcvPdOMKBgAAALBWs5/e7McDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQCfduX19olm2M+43/42IwVbxe2Nvfbo3chGx7/skeh/YL4mIng7EX70REYdaxU9qacVglkWr+H0diZ9mtfXj5+7t1Re1vfZ3ID7sZjdrx5/zrT7/aRytT1t//nuz8rjaH//Se8e/njbHnwMbjHH4VmP7lvFvRBzubX38a8ZP2sQ/tsH4Lzy/stJuXfWdiKGW3z/JQ7GGK3MLw+XllVMzc+PThenC/OjoyNmxf439c+z08NRMsZD9bRnjtT+9f7dd/Fr797WJP7hO+49vsP0/37p2+/eNaq5V/BPHWr//h9rET7Pvvr9m9dr6oWZ9tVF/0JH3Pj7yqPZPtmn/eu//iQ22/+Szr3y+wU0BgG1QXl6ZHS8WC4tPbaU3nog0VJ7CystPRhpPZKXbRyYAAKDT7p/0dzsTAAAAAAAAAAAAAAAAAAAA2L02/8Ngyab3WhtztTtNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4pF8CAAD//y/V1FU=") 892.589247ms ago: executing program 0 (id=5832): perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r1) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000c00000000000000008500000007000000040000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x24, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r2}, 0x10) 727.081273ms ago: executing program 1 (id=5833): bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000400)={@map, 0xffffffffffffffff, 0x19}, 0x20) 726.824263ms ago: executing program 3 (id=5834): epoll_create1(0x80000) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_WANTACK(r0, 0x0, 0x0, &(0x7f0000000000), 0x4) (async) socket$nl_route(0x10, 0x3, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async) ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3, 0x4}, 0x0, 0x0, 'id0\x00', 'timer0\x00'}) (async) r1 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32) r2 = socket$inet_udplite(0x2, 0x2, 0x88) (rerun: 32) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async) mount$tmpfs(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000280), 0x2104009, &(0x7f0000000300)=ANY=[@ANYBLOB="6d706f6c3d62696e643a302d314ee030b7b39671373a", @ANYRES8, @ANYRESHEX=0x0]) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', 0x0}) (async) r4 = syz_open_dev$usbfs(&(0x7f00000002c0), 0xfffffffffffffff6, 0x600100) ioctl$USBDEVFS_DISCONNECT_CLAIM(r4, 0x8108551b, &(0x7f0000000080)={0x0, 0x2, "27092d0055570ca192bffa2716dd2f9323cfe7b40d8b108ce6707549cb26c6c14c886e5bde7477a20e3772522b9b15dd0650e83716c1240aa1d0251a1e4996723eceba0f9af00a979e132db2d3d18da77f695be20bcb5b6cc37b02eae8a78cc781698e7858feda720e1fc83af7557b0f97916ce0ccab55f985f37d332037c56d9423fd3979ebac50aa40722562a94171016dceb1b3fff148c736662a8ef9216d75a957b104c49f9ede0b770568b1e23580c1783668eb1e8631f5794bc35acb9a71b9a7238b5d0ba3ec928ba0b5bab037b38429be05e85731f77722d8f3762181dcc4a3895ea0b277e8ce07c7035d9def50e408b65668351d7ae7d9c3f3174a77"}) ioctl$USBDEVFS_CONNECTINFO(r4, 0x8004550f, &(0x7f0000001980)) sendmsg$nl_route(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYRESDEC=r1, @ANYRES32=r2, @ANYBLOB="0000000080"], 0x24}}, 0x0) (async) r5 = accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) (async) socket$nl_netfilter(0x10, 0x3, 0xc) close(0xffffffffffffffff) (async) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0x1}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$keyring(&(0x7f0000000380), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe) (async) keyctl$KEYCTL_RESTRICT_KEYRING(0xa, 0x0, &(0x7f0000000440)='asymmetric\x00', &(0x7f0000000580)) (async, rerun: 32) recvfrom$packet(r5, &(0x7f00000001c0)=""/132, 0x84, 0x0, &(0x7f0000000280)={0x11, 0x1b, r3, 0x1, 0x2, 0x6, @remote}, 0x14) (async, rerun: 32) setsockopt$inet_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000140)=0x200, 0x4) (async) ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000400)=0x2) (async) setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000f40)=ANY=[], 0x210) (async, rerun: 64) r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/softnet_stat\x00') (rerun: 64) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async) setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000700)=ANY=[@ANYBLOB="2c06000200010000ff010000000000000000000000000001fe80000000f900aadbc5809f28dadd53a46e8080eed100000000020000000000000000000001a0b2a2e46784de05f4ba49fbefaff6a025c390796ffce69246033cd4bee6f28433d729bc08f5b9bce11e75a57d94a5ddffeb0c7551910e772428051ffc34b4ab3c74bf63eb4d682e25d58f77481e13ff3451907ad1859f3ddc78950cd0"], 0x38) 557.743079ms ago: executing program 4 (id=5835): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e74657200380000000c0a010100005979b9a10000070000000900020073797a31000000000900010073797a30000000000c00038008000080040001"], 0xcc}}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_emit_ethernet(0x7e, &(0x7f0000000600)={@local, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr, @multicast1, {[@ssrr={0x89, 0x3b, 0x0, [@multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @multicast2, @multicast2, @multicast1, @private, @empty, @multicast2, @empty, @rand_addr, @loopback, @remote]}, @timestamp={0x44, 0x4}]}}}}}}}, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x1c) connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) syz_open_dev$vcsa(&(0x7f0000000000), 0xa8f, 0x0) bpf$MAP_LOOKUP_BATCH(0x1b, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18}, './file0\x00'}) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 473.309232ms ago: executing program 0 (id=5836): bpf$PROG_LOAD(0x5, 0x0, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) close(0xffffffffffffffff) recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10) setresuid(0x0, 0xee01, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000100)={0x0, 0xd000000, &(0x7f0000000280)={&(0x7f0000000040)={0x20, r3, 0x65aebf9dafbebb59, 0x0, 0x0, {{}, {@void, @void, @val={0xc}}}}, 0x20}}, 0x0) sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040), 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008081}, 0x40) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x40, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IE={0x11, 0x2a, [@random={0xdd, 0xb, 'abcdefghijk'}]}, @NL80211_ATTR_SCAN_SSIDS={0x10, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ap_ssid}]}]}, 0x40}}, 0x0) sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x2, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x84, 0x39}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10) syz_emit_ethernet(0xbe, &(0x7f0000000000)=ANY=[@ANYBLOB="fffffffbffff905695de91265a1f450000b00000040000000678ac1e0001ac1414aa0300907800000000450000000000000000010000ac14140000000000015149c045d45768dc1eb516857b98a62c037f00000100000000ac1414bbffffffff444c0001ac1e00010000000000000000000000000000000000000000ac1414aa000000007f000001000000000000000000000000e000000200000000ffffffff00000000ffffffff0000000044080000000000001e00"], 0x0) memfd_create(&(0x7f0000000040)='\xfb\"a&\x8fe\x11\x8c\xd64\xf9xp#\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?\xd9\x96\xab\xc7\x06\xfd\x9b\xab\xc8\x1e\x89]\x13bZ\x8d /#k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\xa1\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xdeL\x1d\x98Zq\xcc%\x98\xb0Yc\xec\xb7\xb5m(9\xde\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1jOB\xdas\xe3\xb47}%)\xb9\xbf{\xce\x94^\xec\xdf\xbcW\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x842kgA]\x1e\x88\xecif\xee]\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96Z\xf7\x06\xbe\xc9', 0x0) socket$inet_udp(0x2, 0x2, 0x0) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRESOCT], 0xcfa4) 367.773997ms ago: executing program 1 (id=5837): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x1d, 0x18, 0x0, 0x34, 0x34, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0xf}]}, @datasec={0x0, 0x0, 0x0, 0xf, 0x3, [], "1a85a3"}, @datasec={0x0, 0x0, 0x0, 0xf, 0x1, [], '['}]}}, 0x0, 0x4e, 0x0, 0x1}, 0x20) 351.015447ms ago: executing program 3 (id=5838): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0) socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10) sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000000800020005000000080007"], 0x34}}, 0x0) r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) perf_event_open$cgroup(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r3 = perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x80}}, 0x1c}}, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x4, 0x4, 0xbf25}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000080)={r6, &(0x7f00000000c0), 0x20000000}, 0x20) dup(r2) bpf$MAP_CREATE(0x0, 0x0, 0x0) r7 = socket$inet(0x2, 0x4000000805, 0x0) listen(r7, 0x35b) sendmmsg(r7, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x0, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)="ae", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="100000000000000084f9ff0001000000"], 0x10}}], 0x2, 0x0) 165.377434ms ago: executing program 0 (id=5839): r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) mkdir(&(0x7f0000000140)='./control\x00', 0x0) close(r0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r4 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$sock_SIOCETHTOOL(r4, 0x8946, 0x0) inotify_init1(0x0) fcntl$setstatus(r0, 0x4, 0x2c00) gettid() setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./control\x00', &(0x7f00000000c0), &(0x7f0000000200)={'L+'}, 0x16, 0x2) socket$unix(0x1, 0x1, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) bind$unix(r5, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56) 157.905484ms ago: executing program 4 (id=5840): bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) socket$netlink(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) mq_timedreceive(0xffffffffffffffff, 0x0, 0x3d, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e20, 0x400, @mcast2}}, [0x8000, 0xfffffffffffffffe, 0xffff, 0x0, 0x8, 0x0, 0x4, 0x100400000, 0x10000, 0x44773838, 0x0, 0x4, 0x795, 0x2, 0x8]}, &(0x7f00000001c0)=0x100) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e20, 0x8, @mcast2, 0xe9}}, 0x800, 0x1}, 0x90) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000100000000000008001700ffffffff06001500000005000c00090000fe043f", @ANYRES32=0x0, @ANYBLOB], 0x38}}, 0x0) sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, 0x0, 0x8800) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000100)={'veth1_vlan\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x2c, 0x2}}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f00000000c0)={'veth1_vlan\x00'}) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, r0) 156.786384ms ago: executing program 1 (id=5841): setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) quotactl$Q_SETQUOTA(0x0, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9d}) futex_waitv(&(0x7f0000001080)=[{0x120000000000000, 0x0, 0x2}], 0x1, 0x0, &(0x7f0000001500), 0x0) r1 = socket(0x15, 0x5, 0x0) getsockopt$nfc_llcp(r1, 0x114, 0x8, 0x0, 0x20000000) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x48) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000140)={0x8, 0x0, 0xfffffffc, 0xffffffff}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/locks\x00', 0x0, 0x0) preadv(r4, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x0, 0x0) r5 = open(&(0x7f00009e1000)='./file0\x00', 0x1e5041, 0x0) fcntl$setlease(r5, 0x400, 0x0) fcntl$setlease(r5, 0x400, 0x2) write(r3, &(0x7f0000000000)="240000001a005f0214f9f407000904020000000000000002000200000800040001000000", 0x24) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000680)=ANY=[@ANYBLOB="380100001000030400e9ffffffffffffff000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000f400128009000100766c616e00000000e40002800600010000000000040003800c00020004000000020000000c000200540a0000180000001c0004800c00010004000000000800000c0001000600000006000000700004800c00010000000100100001000c00010005000000680000000c00010005000000ee9500000c00010003000000018000000c000100220b0000010000000c00010004000000010000000c00010006000000020000000c0001007fae0000010000000c0001008000000006000000280003800c00010040000000060000000c00010000040000000000000c00010006000000090000000600050088a8000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB="08000500", @ANYRES32=r7], 0x138}, 0x1, 0xba01}, 0x0) 95.972027ms ago: executing program 3 (id=5842): socket$igmp6(0xa, 0x3, 0x3a) socket(0x10, 0x2, 0x0) r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/key-users\x00', 0x0, 0x0) preadv2(r0, 0x0, 0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) chdir(0x0) creat(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="044301000000000014000300766c616e30000000000000000000000008000a00", @ANYRES32=r2], 0x3c}}, 0x0) 0s ago: executing program 2 (id=5843): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x8, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000400), 0x8) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700) write$cgroup_type(r0, &(0x7f0000000000), 0x248800) kernel console output (not intermixed with test programs): [ 427.662265][T19913] EXT4-fs (loop2): orphan cleanup on readonly fs [ 427.674257][T19913] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5007: Invalid block bitmap block 0 in block_group 0 [ 427.675440][T19916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5010'. [ 427.697895][T19913] EXT4-fs (loop2): Remounting filesystem read-only [ 427.706629][T19913] Quota error (device loop2): write_blk: dquota write failed [ 427.714146][T19913] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 427.730089][T19913] EXT4-fs (loop2): 1 orphan inode deleted [ 427.751672][T19913] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 427.766790][T19913] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 427.774542][T19913] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 427.917935][T19920] dccp_v6_rcv: dropped packet with invalid checksum [ 427.970728][T19922] loop4: detected capacity change from 0 to 512 [ 427.992396][T19922] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 428.001606][T19922] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 428.015214][T19922] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002] [ 428.026012][T19922] System zones: 0-2, 18-18, 34-34 [ 428.034082][T19922] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 428.055800][T19922] EXT4-fs (loop4): 1 truncate cleaned up [ 428.064217][T19922] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 428.076595][T19927] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1107 sclass=netlink_route_socket pid=19927 comm=syz.0.5013 [ 428.095011][T19927] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5013'. [ 428.109355][T19923] EXT4-fs error (device loop4): ext4_find_dest_de:2111: inode #2: block 3: comm syz.4.5012: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1 [ 428.130539][T19927] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5013'. [ 428.244055][T19815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 428.507348][T19940] loop4: detected capacity change from 0 to 256 [ 428.562514][T19940] FAT-fs (loop4): Directory bread(block 64) failed [ 428.572248][T19940] FAT-fs (loop4): Directory bread(block 65) failed [ 428.583935][T19940] FAT-fs (loop4): Directory bread(block 66) failed [ 428.592496][T19940] FAT-fs (loop4): Directory bread(block 67) failed [ 428.601735][T19940] FAT-fs (loop4): Directory bread(block 68) failed [ 428.608736][T19940] FAT-fs (loop4): Directory bread(block 69) failed [ 428.616800][T19940] FAT-fs (loop4): Directory bread(block 70) failed [ 428.635317][T19940] FAT-fs (loop4): Directory bread(block 71) failed [ 428.644608][T19940] FAT-fs (loop4): Directory bread(block 72) failed [ 428.652630][T19940] FAT-fs (loop4): Directory bread(block 73) failed [ 428.804660][T19947] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5016'. [ 429.135506][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.135506][T13495] loop4: rw=1, sector=1224, nr_sectors = 608 limit=256 [ 429.158578][T19954] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5023'. [ 429.164595][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.164595][T13495] loop4: rw=1, sector=1864, nr_sectors = 2984 limit=256 [ 429.200752][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.200752][T13495] loop4: rw=1, sector=4848, nr_sectors = 2048 limit=256 [ 429.223559][T19956] loop1: detected capacity change from 0 to 512 [ 429.244263][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.244263][T13495] loop4: rw=1, sector=6896, nr_sectors = 4040 limit=256 [ 429.262445][T19956] EXT4-fs: Ignoring removed mblk_io_submit option [ 429.270518][T19956] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 429.290343][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.290343][T13495] loop4: rw=1, sector=10936, nr_sectors = 5656 limit=256 [ 429.310747][T19956] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 429.320382][T19956] EXT4-fs (loop1): orphan cleanup on readonly fs [ 429.336957][ T29] audit: type=1326 audit(428.788:9899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19957 comm="syz.2.5025" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdedd6dfb99 code=0x0 [ 429.337876][T19956] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5024: Invalid block bitmap block 0 in block_group 0 [ 429.362276][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.362276][T13495] loop4: rw=1, sector=16592, nr_sectors = 7504 limit=256 [ 429.394422][T19956] EXT4-fs (loop1): Remounting filesystem read-only [ 429.404824][T19956] Quota error (device loop1): write_blk: dquota write failed [ 429.412322][T19956] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 429.441905][T13495] kworker/u8:20: attempt to access beyond end of device [ 429.441905][T13495] loop4: rw=1, sector=24096, nr_sectors = 9704 limit=256 [ 429.443626][T19956] EXT4-fs (loop1): 1 orphan inode deleted [ 429.474305][T19956] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 429.479340][T19960] lo speed is unknown, defaulting to 1000 [ 429.495527][T19956] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 429.520308][T19956] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 429.915914][T19971] syzkaller1: entered promiscuous mode [ 429.921477][T19971] syzkaller1: entered allmulticast mode [ 429.933115][T19975] loop4: detected capacity change from 0 to 512 [ 429.962466][T19975] EXT4-fs: Ignoring removed mblk_io_submit option [ 429.987684][T19975] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 430.000426][T19975] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 430.009644][T19975] EXT4-fs (loop4): orphan cleanup on readonly fs [ 430.031806][T19975] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5026: Invalid block bitmap block 0 in block_group 0 [ 430.053270][T19975] EXT4-fs (loop4): Remounting filesystem read-only [ 430.061484][T19975] Quota error (device loop4): write_blk: dquota write failed [ 430.069018][T19975] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 430.081780][T19975] EXT4-fs (loop4): 1 orphan inode deleted [ 430.089309][T19975] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 430.104774][T19975] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 430.113159][T19975] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 430.655949][T19992] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5037'. [ 430.698477][ T29] audit: type=1326 audit(430.148:9900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.734240][ T29] audit: type=1326 audit(430.148:9901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.757364][ T29] audit: type=1326 audit(430.148:9902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.780378][ T29] audit: type=1326 audit(430.148:9903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.803299][ T29] audit: type=1326 audit(430.148:9904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.826163][ T29] audit: type=1326 audit(430.168:9905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.849077][ T29] audit: type=1326 audit(430.168:9906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.872669][ T29] audit: type=1326 audit(430.188:9907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.895515][ T29] audit: type=1326 audit(430.188:9908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.918623][ T29] audit: type=1326 audit(430.188:9909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19991 comm="syz.4.5038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x7ffc0000 [ 430.975553][T19999] tipc: Resetting bearer [ 430.981739][T19999] veth0_vlan: left allmulticast mode [ 430.987114][T19999] vlan0: entered promiscuous mode [ 431.239040][T20006] bridge0: port 1(syz_tun) entered blocking state [ 431.245564][T20006] bridge0: port 1(syz_tun) entered disabled state [ 431.255810][T20006] syz_tun: entered promiscuous mode [ 431.262522][T20006] bridge0: port 1(syz_tun) entered blocking state [ 431.269212][T20006] bridge0: port 1(syz_tun) entered forwarding state [ 431.283687][T20006] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 431.424790][T20011] loop4: detected capacity change from 0 to 512 [ 431.444475][T20011] EXT4-fs: Ignoring removed mblk_io_submit option [ 431.455714][T20011] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 431.470209][T20011] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 431.481210][T20011] EXT4-fs (loop4): orphan cleanup on readonly fs [ 431.492533][T20011] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5042: Invalid block bitmap block 0 in block_group 0 [ 431.514027][T20011] EXT4-fs (loop4): Remounting filesystem read-only [ 431.522225][T20011] EXT4-fs (loop4): 1 orphan inode deleted [ 431.532262][T20011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 431.545919][T20011] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 431.560154][T20011] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 431.690404][T20018] netlink: 4684 bytes leftover after parsing attributes in process `syz.1.5046'. [ 431.958211][T20027] syz_tun: entered allmulticast mode [ 431.975729][T20027] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5049'. [ 432.008946][T20030] loop3: detected capacity change from 0 to 256 [ 432.080516][T20030] FAT-fs (loop3): Directory bread(block 64) failed [ 432.088721][T20030] FAT-fs (loop3): Directory bread(block 65) failed [ 432.100654][T20030] FAT-fs (loop3): Directory bread(block 66) failed [ 432.110264][T20030] FAT-fs (loop3): Directory bread(block 67) failed [ 432.122810][T20030] FAT-fs (loop3): Directory bread(block 68) failed [ 432.130069][T20030] FAT-fs (loop3): Directory bread(block 69) failed [ 432.141564][T20030] FAT-fs (loop3): Directory bread(block 70) failed [ 432.151195][T20030] FAT-fs (loop3): Directory bread(block 71) failed [ 432.160015][T20030] FAT-fs (loop3): Directory bread(block 72) failed [ 432.167144][T20030] FAT-fs (loop3): Directory bread(block 73) failed [ 432.194758][T20030] syz.3.5052: attempt to access beyond end of device [ 432.194758][T20030] loop3: rw=1, sector=1224, nr_sectors = 4 limit=256 [ 432.725328][T20050] loop4: detected capacity change from 0 to 512 [ 432.750085][T20050] EXT4-fs: Ignoring removed mblk_io_submit option [ 432.765269][T20050] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 432.790949][T20051] loop2: detected capacity change from 0 to 512 [ 432.798490][T20050] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 432.808703][T20050] EXT4-fs (loop4): orphan cleanup on readonly fs [ 432.817953][T20050] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5058: Invalid block bitmap block 0 in block_group 0 [ 432.845104][T20050] EXT4-fs (loop4): Remounting filesystem read-only [ 432.855935][T20050] EXT4-fs (loop4): 1 orphan inode deleted [ 432.865124][T20050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 432.882312][T20051] EXT4-fs: Ignoring removed mblk_io_submit option [ 432.890006][T20051] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 432.902907][T20050] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 432.912019][T20050] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 432.925119][T20051] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 432.936273][T20051] EXT4-fs (loop2): orphan cleanup on readonly fs [ 432.943224][T20051] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5059: Invalid block bitmap block 0 in block_group 0 [ 432.959426][T20051] EXT4-fs (loop2): Remounting filesystem read-only [ 432.973723][T20051] EXT4-fs (loop2): 1 orphan inode deleted [ 432.995516][T20051] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 433.011405][T20051] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 433.018580][T20051] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 433.203554][T20061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5063'. [ 433.299751][T20066] vlan0: entered promiscuous mode [ 433.305190][T20066] vlan0: entered allmulticast mode [ 433.332064][T20066] veth0_vlan: entered allmulticast mode [ 433.368965][T20066] team0: Port device vlan0 added [ 434.388648][T20093] loop1: detected capacity change from 0 to 2048 [ 434.440589][T20093] loop1: p2 < > [ 434.444697][T20094] loop3: detected capacity change from 0 to 512 [ 434.462260][T20094] EXT4-fs: Ignoring removed mblk_io_submit option [ 434.471287][T20094] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 434.484032][T20094] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 434.492914][T20094] EXT4-fs (loop3): orphan cleanup on readonly fs [ 434.501248][T20094] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5076: Invalid block bitmap block 0 in block_group 0 [ 434.522144][T20094] EXT4-fs (loop3): Remounting filesystem read-only [ 434.529594][T20094] EXT4-fs (loop3): 1 orphan inode deleted [ 434.536456][T20094] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 434.551391][T20094] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 434.560079][T20094] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 434.584239][T20098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5077'. [ 434.954019][T20109] loop3: detected capacity change from 0 to 512 [ 435.001021][T20109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 435.111694][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.188610][T20120] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5083'. [ 435.553767][T20137] loop2: detected capacity change from 0 to 2048 [ 435.617963][T20137] loop2: p2 < > [ 435.623175][T20138] loop4: detected capacity change from 0 to 512 [ 435.643344][T20138] EXT4-fs: Ignoring removed mblk_io_submit option [ 435.659731][T20138] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 435.673669][T20138] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 435.684422][T20138] EXT4-fs (loop4): orphan cleanup on readonly fs [ 435.692915][T20138] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5091: Invalid block bitmap block 0 in block_group 0 [ 435.710904][T20138] EXT4-fs (loop4): Remounting filesystem read-only [ 435.717932][T20138] __quota_error: 123 callbacks suppressed [ 435.717945][T20138] Quota error (device loop4): write_blk: dquota write failed [ 435.731153][T20138] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 435.747173][T20138] EXT4-fs (loop4): 1 orphan inode deleted [ 435.753387][T20138] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 435.769664][T20138] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 435.780473][T20138] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 435.806615][ T29] audit: type=1326 audit(435.258:10025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.849092][ T29] audit: type=1326 audit(435.258:10026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.872265][ T29] audit: type=1326 audit(435.258:10027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.899843][ T29] audit: type=1326 audit(435.258:10028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.922864][ T29] audit: type=1326 audit(435.278:10029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.947137][ T29] audit: type=1326 audit(435.278:10030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.970491][ T29] audit: type=1326 audit(435.278:10031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 435.993394][ T29] audit: type=1326 audit(435.288:10032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20139 comm="syz.3.5092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 436.383396][T20149] loop2: detected capacity change from 0 to 512 [ 436.414200][T20149] EXT4-fs: Ignoring removed mblk_io_submit option [ 436.425695][T20149] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 436.454104][T20149] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 436.463170][T20149] EXT4-fs (loop2): orphan cleanup on readonly fs [ 436.472164][T20158] loop3: detected capacity change from 0 to 512 [ 436.472682][T20149] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5095: Invalid block bitmap block 0 in block_group 0 [ 436.472898][T20149] EXT4-fs (loop2): Remounting filesystem read-only [ 436.473011][T20149] EXT4-fs (loop2): 1 orphan inode deleted [ 436.473627][T20149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 436.519359][T20149] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 436.519670][T20149] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.560355][T20158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 436.633191][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 436.981797][T20170] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5100'. [ 437.301845][T20180] loop2: detected capacity change from 0 to 512 [ 437.329362][T20180] EXT4-fs: Ignoring removed mblk_io_submit option [ 437.340324][T20180] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 437.353137][T20180] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 437.363081][T20180] EXT4-fs (loop2): orphan cleanup on readonly fs [ 437.381189][T20180] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5106: Invalid block bitmap block 0 in block_group 0 [ 437.396290][T20180] EXT4-fs (loop2): Remounting filesystem read-only [ 437.403530][T20180] EXT4-fs (loop2): 1 orphan inode deleted [ 437.412321][T20180] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 437.424882][T20180] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 437.434249][T20180] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 437.645417][T20186] x_tables: duplicate underflow at hook 3 [ 437.713160][T20192] loop3: detected capacity change from 0 to 512 [ 437.748021][T20192] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 437.802073][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.014178][T20205] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5114'. [ 438.356227][T20224] loop2: detected capacity change from 0 to 2048 [ 438.378662][T20224] loop2: p2 < > [ 438.564734][T20229] loop1: detected capacity change from 0 to 512 [ 438.588006][T20229] EXT4-fs: Ignoring removed mblk_io_submit option [ 438.595421][T20229] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 438.612854][T20229] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 438.621900][T20229] EXT4-fs (loop1): orphan cleanup on readonly fs [ 438.631935][T20229] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5122: Invalid block bitmap block 0 in block_group 0 [ 438.649902][T20229] EXT4-fs (loop1): Remounting filesystem read-only [ 438.656773][T20229] EXT4-fs (loop1): 1 orphan inode deleted [ 438.663414][T20229] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 438.676190][T20229] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 438.692919][T20229] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 438.810049][T20234] x_tables: duplicate underflow at hook 3 [ 438.855889][T20235] loop2: detected capacity change from 0 to 512 [ 438.883793][T20237] loop3: detected capacity change from 0 to 512 [ 438.893207][T20235] EXT4-fs: Ignoring removed mblk_io_submit option [ 438.900917][T20235] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 438.913555][T20235] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 438.922083][T20235] EXT4-fs (loop2): orphan cleanup on readonly fs [ 438.937255][T20237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 438.940428][T20235] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5124: Invalid block bitmap block 0 in block_group 0 [ 438.969311][T20235] EXT4-fs (loop2): Remounting filesystem read-only [ 438.990264][T20235] EXT4-fs (loop2): 1 orphan inode deleted [ 438.999968][T20235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 439.017600][T20235] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 439.024690][T20235] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.054137][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 439.089452][T20235] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5124'. [ 439.172208][T20246] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5128'. [ 439.420802][T20251] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5130'. [ 439.449955][T20251] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 439.458910][T20251] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 439.467779][T20251] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 439.476867][T20251] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 439.486395][T20251] geneve3: entered allmulticast mode [ 439.572398][T20257] loop4: detected capacity change from 0 to 512 [ 439.598136][T20257] EXT4-fs: Ignoring removed mblk_io_submit option [ 439.606786][T20257] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 439.628628][T20257] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 439.638018][T20257] EXT4-fs (loop4): orphan cleanup on readonly fs [ 439.645834][T20257] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5133: Invalid block bitmap block 0 in block_group 0 [ 439.662749][T20257] EXT4-fs (loop4): Remounting filesystem read-only [ 439.669792][T20257] EXT4-fs (loop4): 1 orphan inode deleted [ 439.676835][T20257] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 439.694113][T20257] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 439.703336][T20255] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5132'. [ 439.716443][T20257] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 440.070867][T20272] warn_alloc: 1 callbacks suppressed [ 440.070885][T20272] syz.4.5138: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0 [ 440.091751][T20272] CPU: 0 PID: 20272 Comm: syz.4.5138 Not tainted 6.10.0-rc6-syzkaller #0 [ 440.100634][T20272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 440.110714][T20272] Call Trace: [ 440.114006][T20272] [ 440.117000][T20272] dump_stack_lvl+0xf2/0x150 [ 440.121608][T20272] dump_stack+0x15/0x20 [ 440.125786][T20272] warn_alloc+0x145/0x1b0 [ 440.130264][T20272] ? __vmalloc_node_range_noprof+0x8c/0xef0 [ 440.136224][T20272] ? update_load_avg+0x1f7/0x7c0 [ 440.141174][T20272] ? enqueue_task_fair+0x5d7/0x760 [ 440.146294][T20272] __vmalloc_node_range_noprof+0xac/0xef0 [ 440.152052][T20272] ? probe_sched_wakeup+0x81/0xa0 [ 440.157108][T20272] ? ttwu_do_activate+0x183/0x1c0 [ 440.162178][T20272] ? avc_has_perm_noaudit+0x1cc/0x210 [ 440.167701][T20272] ? xskq_create+0x36/0xd0 [ 440.172137][T20272] vmalloc_user_noprof+0x59/0x70 [ 440.177116][T20272] ? xskq_create+0x79/0xd0 [ 440.181554][T20272] xskq_create+0x79/0xd0 [ 440.185883][T20272] xsk_init_queue+0x82/0xd0 [ 440.190412][T20272] xsk_setsockopt+0x388/0x520 [ 440.195108][T20272] ? __pfx_xsk_setsockopt+0x10/0x10 [ 440.200328][T20272] __sys_setsockopt+0x1d8/0x250 [ 440.205213][T20272] __x64_sys_setsockopt+0x66/0x80 [ 440.210351][T20272] x64_sys_call+0x1183/0x2d70 [ 440.215048][T20272] do_syscall_64+0xc9/0x1c0 [ 440.219672][T20272] ? clear_bhb_loop+0x55/0xb0 [ 440.224830][T20272] ? clear_bhb_loop+0x55/0xb0 [ 440.229596][T20272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.235521][T20272] RIP: 0033:0x7fe6dde67b99 [ 440.239957][T20272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.259804][T20272] RSP: 002b:00007fe6dd0e9048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 440.268336][T20272] RAX: ffffffffffffffda RBX: 00007fe6ddff5fa0 RCX: 00007fe6dde67b99 [ 440.276368][T20272] RDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000003 [ 440.284365][T20272] RBP: 00007fe6ddee877e R08: 0000000000000004 R09: 0000000000000000 [ 440.292359][T20272] R10: 00000000200013c0 R11: 0000000000000246 R12: 0000000000000000 [ 440.300448][T20272] R13: 000000000000000b R14: 00007fe6ddff5fa0 R15: 00007ffec162bee8 [ 440.308462][T20272] [ 440.311828][T20272] Mem-Info: [ 440.314982][T20272] active_anon:115 inactive_anon:3243 isolated_anon:0 [ 440.314982][T20272] active_file:17044 inactive_file:24132 isolated_file:0 [ 440.314982][T20272] unevictable:14 dirty:243 writeback:0 [ 440.314982][T20272] slab_reclaimable:3541 slab_unreclaimable:23872 [ 440.314982][T20272] mapped:25888 shmem:213 pagetables:810 [ 440.314982][T20272] sec_pagetables:0 bounce:0 [ 440.314982][T20272] kernel_misc_reclaimable:0 [ 440.314982][T20272] free:1874191 free_pcp:3019 free_cma:0 [ 440.360258][T20272] Node 0 active_anon:460kB inactive_anon:12972kB active_file:68176kB inactive_file:96528kB unevictable:56kB isolated(anon):0kB isolated(file):0kB mapped:103552kB dirty:972kB writeback:0kB shmem:852kB writeback_tmp:0kB kernel_stack:3936kB pagetables:3240kB sec_pagetables:0kB all_unreclaimable? no [ 440.388224][T20272] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 440.415998][T20272] lowmem_reserve[]: 0 2874 7852 0 [ 440.421907][T20272] Node 0 DMA32 free:2957056kB boost:0kB min:4144kB low:7084kB high:10024kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2960692kB mlocked:0kB bounce:0kB free_pcp:3636kB local_pcp:96kB free_cma:0kB [ 440.452275][T20272] lowmem_reserve[]: 0 0 4978 0 [ 440.457169][T20272] Node 0 Normal free:4524348kB boost:0kB min:7180kB low:12276kB high:17372kB reserved_highatomic:0KB active_anon:460kB inactive_anon:12972kB active_file:68176kB inactive_file:96528kB unevictable:56kB writepending:952kB present:5242880kB managed:5098208kB mlocked:56kB bounce:0kB free_pcp:8408kB local_pcp:4608kB free_cma:0kB [ 440.487745][T20272] lowmem_reserve[]: 0 0 0 0 [ 440.492346][T20272] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 440.505102][T20272] Node 0 DMA32: 2*4kB (M) 1*8kB (M) 3*16kB (M) 4*32kB (M) 3*64kB (M) 3*128kB (M) 2*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 720*4096kB (M) = 2957056kB [ 440.523344][T20272] Node 0 Normal: 47*4kB (E) 154*8kB (UE) 41*16kB (UME) 367*32kB (UME) 363*64kB (UME) 381*128kB (UME) 356*256kB (UME) 257*512kB (UME) 139*1024kB (UM) 79*2048kB (UE) 955*4096kB (UM) = 4524348kB [ 440.545166][T20272] Node 0 hugepages_total=6 hugepages_free=6 hugepages_surp=2 hugepages_size=2048kB [ 440.554705][T20272] 40576 total pagecache pages [ 440.560270][T20272] 202 pages in swap cache [ 440.565303][T20272] Free swap = 123336kB [ 440.569695][T20272] Total swap = 124996kB [ 440.574029][T20272] 2097051 pages RAM [ 440.578095][T20272] 0 pages HighMem/MovableOnly [ 440.582927][T20272] 78486 pages reserved [ 440.878779][T20278] loop4: detected capacity change from 0 to 512 [ 440.904444][T20280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5142'. [ 440.921391][T20278] EXT4-fs: Ignoring removed mblk_io_submit option [ 440.931615][T20278] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 440.955144][T20278] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 440.968073][T20278] EXT4-fs (loop4): orphan cleanup on readonly fs [ 440.975059][T20278] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5141: Invalid block bitmap block 0 in block_group 0 [ 440.992368][T20278] EXT4-fs (loop4): Remounting filesystem read-only [ 440.999733][T20278] __quota_error: 34 callbacks suppressed [ 440.999751][T20278] Quota error (device loop4): write_blk: dquota write failed [ 441.012906][T20278] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 441.030328][T20278] EXT4-fs (loop4): 1 orphan inode deleted [ 441.040720][T20278] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 441.055229][T20278] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 441.093864][T20278] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.163171][T20278] netlink: 60 bytes leftover after parsing attributes in process `syz.4.5141'. [ 441.289437][T20293] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5146'. [ 441.431593][T20297] loop1: detected capacity change from 0 to 512 [ 441.452143][T20297] EXT4-fs: Ignoring removed bh option [ 441.460110][T20297] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.5147: invalid indirect mapped block 256 (level 2) [ 441.479882][T20297] EXT4-fs (loop1): 2 truncates cleaned up [ 441.489366][T20297] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 441.633567][T17261] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 441.791049][T20311] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 441.973051][ T29] audit: type=1326 audit(441.418:10057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 441.997571][ T29] audit: type=1326 audit(441.418:10058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.020906][ T29] audit: type=1326 audit(441.418:10059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.021952][T20321] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5156'. [ 442.043947][ T29] audit: type=1326 audit(441.418:10060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.075954][ T29] audit: type=1326 audit(441.418:10061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.099107][ T29] audit: type=1326 audit(441.418:10062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.122732][ T29] audit: type=1326 audit(441.518:10063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.146027][ T29] audit: type=1326 audit(441.518:10064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20315 comm="syz.3.5157" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7ffc0000 [ 442.415130][T20330] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5161'. [ 442.462344][T20331] loop3: detected capacity change from 0 to 512 [ 442.488864][T20331] EXT4-fs: Ignoring removed mblk_io_submit option [ 442.509420][T20331] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 442.522294][T20331] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 442.538314][T20331] EXT4-fs (loop3): orphan cleanup on readonly fs [ 442.545086][T20331] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5160: Invalid block bitmap block 0 in block_group 0 [ 442.562437][T20331] EXT4-fs (loop3): Remounting filesystem read-only [ 442.571219][T20331] EXT4-fs (loop3): 1 orphan inode deleted [ 442.579854][T20331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 442.592523][T20331] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 442.599638][T20331] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 442.641540][T20334] x_tables: duplicate underflow at hook 3 [ 442.650703][T20331] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5160'. [ 443.072615][T20346] bridge0: port 3(syz_tun) entered blocking state [ 443.079157][T20346] bridge0: port 3(syz_tun) entered disabled state [ 443.136410][T20346] syz_tun: entered promiscuous mode [ 443.136630][T20346] bridge0: port 3(syz_tun) entered blocking state [ 443.136692][T20346] bridge0: port 3(syz_tun) entered forwarding state [ 443.470380][T20358] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5171'. [ 443.750038][T18297] bridge0: port 3(syz_tun) entered disabled state [ 443.829314][T18297] syz_tun (unregistering): left allmulticast mode [ 443.835793][T18297] syz_tun (unregistering): left promiscuous mode [ 443.842247][T18297] bridge0: port 3(syz_tun) entered disabled state [ 443.914041][T20368] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5174'. [ 443.986202][ T36] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.040496][ T36] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.072619][T20362] lo speed is unknown, defaulting to 1000 [ 444.100168][ T36] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.126213][T20376] loop3: detected capacity change from 0 to 512 [ 444.155587][T20376] EXT4-fs: Ignoring removed mblk_io_submit option [ 444.167125][ T36] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 444.178477][T20376] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 444.195486][T20376] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 444.206810][T20376] EXT4-fs (loop3): orphan cleanup on readonly fs [ 444.226872][T20376] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5176: Invalid block bitmap block 0 in block_group 0 [ 444.288599][T20376] EXT4-fs (loop3): Remounting filesystem read-only [ 444.308935][T20376] EXT4-fs (loop3): 1 orphan inode deleted [ 444.319285][T20376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 444.331947][ T36] bridge_slave_1: left allmulticast mode [ 444.337675][ T36] bridge_slave_1: left promiscuous mode [ 444.343550][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 444.351053][T20376] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 444.358757][ T36] bridge_slave_0: left allmulticast mode [ 444.364505][ T36] bridge_slave_0: left promiscuous mode [ 444.370328][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 444.376493][T20376] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 444.539539][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 444.559978][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 444.576623][ T36] bond0 (unregistering): Released all slaves [ 444.590366][ T36] bond1 (unregistering): Released all slaves [ 444.599988][T20376] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5176'. [ 444.640593][T20362] chnl_net:caif_netlink_parms(): no params data found [ 444.643768][T20389] loop1: detected capacity change from 0 to 2048 [ 444.666788][T20389] loop1: p2 < > [ 444.731115][ T36] hsr_slave_0: left promiscuous mode [ 444.743688][ T36] hsr_slave_1: left promiscuous mode [ 444.751293][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 444.758838][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 444.770359][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 444.777873][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 444.790629][ T36] veth1_macvtap: left promiscuous mode [ 444.796327][ T36] veth0_macvtap: left promiscuous mode [ 444.801901][ T36] veth0_vlan: left promiscuous mode [ 444.893638][ T36] team0 (unregistering): Port device vlan0 removed [ 444.939819][ T36] team0 (unregistering): Port device team_slave_1 removed [ 444.955146][ T36] team0 (unregistering): Port device team_slave_0 removed [ 445.035676][T20396] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 445.057617][T20362] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.057663][T20362] bridge0: port 1(bridge_slave_0) entered disabled state [ 445.057784][T20362] bridge_slave_0: entered allmulticast mode [ 445.066625][T20362] bridge_slave_0: entered promiscuous mode [ 445.076498][T20362] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.094774][T20362] bridge0: port 2(bridge_slave_1) entered disabled state [ 445.100256][T20362] bridge_slave_1: entered allmulticast mode [ 445.112400][T20362] bridge_slave_1: entered promiscuous mode [ 445.141675][T20362] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 445.156043][T20362] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 445.188407][T20362] team0: Port device team_slave_0 added [ 445.195260][T20362] team0: Port device team_slave_1 added [ 445.229253][T20401] loop3: detected capacity change from 0 to 2048 [ 445.243927][T20362] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 445.250997][T20362] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.277049][T20362] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 445.290335][T20362] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 445.297338][T20362] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 445.323312][T20362] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 445.347853][T20401] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 445.374130][T20362] hsr_slave_0: entered promiscuous mode [ 445.399415][T20362] hsr_slave_1: entered promiscuous mode [ 445.408015][T20362] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 445.415638][T20362] Cannot create hsr debugfs directory [ 445.437600][T20407] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5184'. [ 445.518610][T13495] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:20: bg 0: block 234: padding at end of block bitmap is not set [ 445.533672][T13495] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 25 with error 117 [ 445.546224][T13495] EXT4-fs (loop3): This should not happen!! Data will be lost [ 445.546224][T13495] [ 445.576054][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 445.754603][T20415] loop1: detected capacity change from 0 to 164 [ 445.787003][T20362] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 445.796628][T20362] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 445.805524][T20362] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 445.823411][T20362] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 445.850865][T20362] bridge0: port 2(bridge_slave_1) entered blocking state [ 445.858090][T20362] bridge0: port 2(bridge_slave_1) entered forwarding state [ 445.865508][T20362] bridge0: port 1(bridge_slave_0) entered blocking state [ 445.872667][T20362] bridge0: port 1(bridge_slave_0) entered forwarding state [ 445.891925][T20415] IPv6: sit1: Disabled Multicast RS [ 445.900990][T20415] sit1: entered allmulticast mode [ 445.913748][T20419] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5186'. [ 445.961148][T20362] 8021q: adding VLAN 0 to HW filter on device bond0 [ 446.005090][ T3171] bridge0: port 1(bridge_slave_0) entered disabled state [ 446.033527][ T3171] bridge0: port 2(bridge_slave_1) entered disabled state [ 446.066699][T20362] 8021q: adding VLAN 0 to HW filter on device team0 [ 446.087869][T10366] bridge0: port 1(bridge_slave_0) entered blocking state [ 446.095014][T10366] bridge0: port 1(bridge_slave_0) entered forwarding state [ 446.104017][T10366] bridge0: port 2(bridge_slave_1) entered blocking state [ 446.111180][T10366] bridge0: port 2(bridge_slave_1) entered forwarding state [ 446.237951][T20362] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 446.369064][T20362] veth0_vlan: entered promiscuous mode [ 446.387738][T20441] loop4: detected capacity change from 0 to 2048 [ 446.397147][T20362] veth1_vlan: entered promiscuous mode [ 446.436978][T20362] veth0_macvtap: entered promiscuous mode [ 446.447997][T20441] loop4: p2 < > [ 446.453204][T20362] veth1_macvtap: entered promiscuous mode [ 446.490015][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.500613][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.510496][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.521113][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.531177][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.541644][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.551548][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.562005][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.572030][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.582579][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.592437][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.603032][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.612968][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 446.623651][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.640258][T20362] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 446.653384][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.663991][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.673912][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.684430][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.694349][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.705058][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.715008][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.725465][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.735510][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.746055][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.755983][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.766488][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.776376][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.786872][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.796772][T20362] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 446.807295][T20362] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 446.819416][T20362] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 446.830225][T20362] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 446.839160][T20362] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 446.847980][T20362] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 446.856795][T20362] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 447.072575][T20455] x_tables: duplicate underflow at hook 3 [ 447.122017][T20457] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5196'. [ 447.432269][T20466] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5200'. [ 447.628703][T20471] veth0_vlan: left allmulticast mode [ 447.929417][T20484] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5207'. [ 448.134173][T20488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5210'. [ 448.187225][T20491] x_tables: duplicate underflow at hook 3 [ 448.526404][T20503] loop1: detected capacity change from 0 to 2048 [ 448.569300][T20503] loop1: p2 < > [ 448.584252][ T29] kauditd_printk_skb: 12 callbacks suppressed [ 448.584268][ T29] audit: type=1400 audit(448.028:10073): avc: denied { create } for pid=20499 comm="syz.2.5215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1 [ 448.611875][ T29] audit: type=1400 audit(448.028:10074): avc: denied { write } for pid=20499 comm="syz.2.5215" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=netlink_netfilter_socket permissive=1 [ 448.753629][T20508] veth0_vlan: left allmulticast mode [ 449.106483][T20519] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5223'. [ 449.185960][T18814] bridge0: port 1(syz_tun) entered disabled state [ 449.210805][T18814] syz_tun (unregistering): left allmulticast mode [ 449.217423][T18814] syz_tun (unregistering): left promiscuous mode [ 449.223791][T18814] bridge0: port 1(syz_tun) entered disabled state [ 449.310781][T20520] lo speed is unknown, defaulting to 1000 [ 449.417357][ T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.439745][ T29] audit: type=1326 audit(448.888:10075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20529 comm="syz.4.5224" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x0 [ 449.464048][T20534] syz_tun: entered allmulticast mode [ 449.473538][T20538] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5225'. [ 449.551500][ T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.645624][ T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.688396][T20520] chnl_net:caif_netlink_parms(): no params data found [ 449.728966][ T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 449.769691][T20520] bridge0: port 1(bridge_slave_0) entered blocking state [ 449.776926][T20520] bridge0: port 1(bridge_slave_0) entered disabled state [ 449.788167][T20520] bridge_slave_0: entered allmulticast mode [ 449.800906][T20520] bridge_slave_0: entered promiscuous mode [ 449.824881][T20520] bridge0: port 2(bridge_slave_1) entered blocking state [ 449.832035][T20520] bridge0: port 2(bridge_slave_1) entered disabled state [ 449.839627][T20520] bridge_slave_1: entered allmulticast mode [ 449.848094][T20520] bridge_slave_1: entered promiscuous mode [ 449.878347][T20520] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 450.004119][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 450.014838][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 450.025957][ T36] bond0 (unregistering): Released all slaves [ 450.043611][T20520] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 450.060217][T20549] netlink: 36 bytes leftover after parsing attributes in process `syz.2.5228'. [ 450.092441][T20520] team0: Port device team_slave_0 added [ 450.106784][T20520] team0: Port device team_slave_1 added [ 450.116947][ T36] IPVS: stopping backup sync thread 18055 ... [ 450.136517][T20553] loop4: detected capacity change from 0 to 2048 [ 450.180363][T20520] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 450.187535][T20520] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.213543][T20520] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 450.225955][T20553] loop4: p2 < > [ 450.234752][ T36] hsr_slave_0: left promiscuous mode [ 450.250040][ T36] hsr_slave_1: left promiscuous mode [ 450.259286][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 450.266875][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 450.277766][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 450.285329][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 450.302670][ T36] veth1_macvtap: left promiscuous mode [ 450.308246][ T36] veth0_macvtap: left promiscuous mode [ 450.313769][ T36] veth0_vlan: left promiscuous mode [ 450.470313][T20557] loop2: detected capacity change from 0 to 256 [ 450.493688][ T29] audit: type=1400 audit(449.938:10076): avc: denied { override_creds } for pid=20556 comm="syz.0.5232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 450.508589][T20557] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 450.526271][ T36] team0 (unregistering): Port device team_slave_1 removed [ 450.545366][ T36] team0 (unregistering): Port device team_slave_0 removed [ 450.553094][T20557] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 450.657825][T20520] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 450.664813][T20520] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 450.691070][T20520] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 450.734697][T20520] hsr_slave_0: entered promiscuous mode [ 450.746533][T20520] hsr_slave_1: entered promiscuous mode [ 450.755090][T20520] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 450.768710][T20520] Cannot create hsr debugfs directory [ 451.004167][T20571] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5237'. [ 451.133358][T20520] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 451.144768][T20520] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 451.162217][T20520] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 451.174632][T20520] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 451.264873][T20520] 8021q: adding VLAN 0 to HW filter on device bond0 [ 451.304692][T20520] 8021q: adding VLAN 0 to HW filter on device team0 [ 451.342664][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 451.350184][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 451.403409][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 451.410566][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 451.527520][T20520] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 451.681669][T20520] veth0_vlan: entered promiscuous mode [ 451.693148][T20520] veth1_vlan: entered promiscuous mode [ 451.733505][T20520] veth0_macvtap: entered promiscuous mode [ 451.749627][T20520] veth1_macvtap: entered promiscuous mode [ 451.772748][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.783369][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.793329][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.804414][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.814494][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.825062][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.835138][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.845690][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.856457][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.866933][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.876875][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.887325][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.897231][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 451.907698][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.921281][T20520] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 451.934547][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.945171][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.955166][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.966032][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.976254][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 451.986711][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 451.996621][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.007263][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.017203][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.027763][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.037912][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.048632][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.058476][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.069109][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.079013][T20520] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 452.089828][T20520] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 452.104713][ T29] audit: type=1326 audit(451.528:10077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20575 comm="syz.3.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7fc00000 [ 452.128658][ T29] audit: type=1326 audit(451.528:10078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20575 comm="syz.3.5239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1daca96b99 code=0x7fc00000 [ 452.157355][T20520] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 452.167906][T20520] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.177177][T20520] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.185934][T20520] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.194728][T20520] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 452.472975][T20612] loop4: detected capacity change from 0 to 2048 [ 452.509083][T20614] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5245'. [ 452.522199][T20612] loop4: p2 < > [ 452.569885][T20615] loop2: detected capacity change from 0 to 512 [ 452.603027][T20615] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 452.670538][T20362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 452.703749][T20621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5249'. [ 452.959169][T20628] loop4: detected capacity change from 0 to 512 [ 452.993610][T20628] EXT4-fs (loop4): orphan cleanup on readonly fs [ 453.005014][T20628] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.5251: corrupted in-inode xattr: bad e_name length [ 453.034351][T20628] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.5251: couldn't read orphan inode 15 (err -117) [ 453.051989][T20628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 453.074833][T20628] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 453.249323][T20636] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5255'. [ 453.651674][T20646] loop1: detected capacity change from 0 to 2048 [ 453.699919][T20646] loop1: p2 < > [ 453.841395][T20650] loop3: detected capacity change from 0 to 512 [ 453.868925][T20650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 453.891665][T20654] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5263'. [ 453.958029][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 454.319520][T20670] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5268'. [ 455.071637][T20684] loop1: detected capacity change from 0 to 2048 [ 455.129101][T20684] loop1: p2 < > [ 455.307798][T20690] loop4: detected capacity change from 0 to 512 [ 455.345448][T20690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 455.364932][T20694] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5278'. [ 455.424302][T19815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 455.514237][T20698] loop3: detected capacity change from 0 to 512 [ 455.541768][T20698] EXT4-fs: Ignoring removed mblk_io_submit option [ 455.549689][T20698] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 455.567719][T20698] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 455.582270][T20698] EXT4-fs (loop3): orphan cleanup on readonly fs [ 455.589496][T20698] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5280: Invalid block bitmap block 0 in block_group 0 [ 455.603612][T20698] EXT4-fs (loop3): Remounting filesystem read-only [ 455.610392][T20698] Quota error (device loop3): write_blk: dquota write failed [ 455.617833][T20698] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 455.628026][T20698] EXT4-fs (loop3): 1 orphan inode deleted [ 455.635413][T20698] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 455.651079][T20698] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 455.660688][T20698] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.274116][T20717] loop2: detected capacity change from 0 to 512 [ 456.311803][T20717] EXT4-fs: Ignoring removed mblk_io_submit option [ 456.319616][T20717] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 456.341427][T20717] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 456.352501][T20717] EXT4-fs (loop2): orphan cleanup on readonly fs [ 456.363201][T20717] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5288: Invalid block bitmap block 0 in block_group 0 [ 456.380544][T20717] EXT4-fs (loop2): Remounting filesystem read-only [ 456.388183][T20717] Quota error (device loop2): write_blk: dquota write failed [ 456.395815][T20717] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 456.409527][T20717] EXT4-fs (loop2): 1 orphan inode deleted [ 456.419630][T20717] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 456.441100][T20717] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 456.456348][T20717] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 456.512164][T20717] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5288'. [ 456.552688][T20725] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5292'. [ 457.440294][T20743] loop3: detected capacity change from 0 to 512 [ 457.467512][T20743] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 457.488344][T20743] EXT4-fs (loop3): orphan cleanup on readonly fs [ 457.503445][T20743] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5299: bg 0: block 248: padding at end of block bitmap is not set [ 457.532464][T20743] Quota error (device loop3): write_blk: dquota write failed [ 457.539956][T20743] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota [ 457.550010][T20743] EXT4-fs error (device loop3): ext4_acquire_dquot:6860: comm syz.3.5299: Failed to acquire dquot type 1 [ 457.568929][T20743] EXT4-fs (loop3): 1 truncate cleaned up [ 457.584934][T20743] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 457.603267][T20743] ext4: Unknown parameter '0xffffffffffffffff00000000000000000000000"C"o"'ή_0-%+ t6P'k;/|%T9i(%Z@G~ͱ\%S:UVTOvO7MfOJjN"Bn]XZ [ 457.603267][T20743] o*e4bL*' [ 457.689398][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 457.877027][T20752] bridge0: port 3(syz_tun) entered blocking state [ 457.883615][T20752] bridge0: port 3(syz_tun) entered disabled state [ 457.892645][T20752] syz_tun: entered promiscuous mode [ 457.900757][T20752] bridge0: port 3(syz_tun) entered blocking state [ 457.907285][T20752] bridge0: port 3(syz_tun) entered forwarding state [ 457.915755][T20752] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 458.271100][T20763] loop2: detected capacity change from 0 to 512 [ 458.306934][T20763] EXT4-fs: Ignoring removed mblk_io_submit option [ 458.316098][T20763] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 458.331434][T20763] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 458.342944][T20763] EXT4-fs (loop2): orphan cleanup on readonly fs [ 458.352711][T20763] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5307: Invalid block bitmap block 0 in block_group 0 [ 458.369347][T20763] EXT4-fs (loop2): Remounting filesystem read-only [ 458.381057][T20763] Quota error (device loop2): write_blk: dquota write failed [ 458.388521][T20763] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 458.400825][T20763] EXT4-fs (loop2): 1 orphan inode deleted [ 458.409530][T20763] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 458.424583][T20763] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 458.433227][T20763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 458.495810][T20763] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5307'. [ 458.659293][T20774] netlink: 'syz.4.5313': attribute type 5 has an invalid length. [ 458.812562][T20781] vlan0: entered promiscuous mode [ 458.817771][T20781] vlan0: entered allmulticast mode [ 458.837060][T20781] veth0_vlan: entered allmulticast mode [ 458.853296][T20781] team0: Port device vlan0 added [ 459.738509][T20808] loop2: detected capacity change from 0 to 512 [ 459.772500][T20808] EXT4-fs: Ignoring removed mblk_io_submit option [ 459.801228][T20808] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 459.836692][T20808] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 459.860678][T20808] EXT4-fs (loop2): orphan cleanup on readonly fs [ 459.886706][T20808] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5326: Invalid block bitmap block 0 in block_group 0 [ 459.930049][T20808] EXT4-fs (loop2): Remounting filesystem read-only [ 459.943238][T20812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5327'. [ 459.973094][T20808] Quota error (device loop2): write_blk: dquota write failed [ 459.980554][T20808] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 460.018430][T20808] EXT4-fs (loop2): 1 orphan inode deleted [ 460.044848][T20808] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 460.076912][T20808] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 460.094318][T20808] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 460.170974][T20808] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5326'. [ 460.358248][T20821] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5330'. [ 461.171067][T20848] syz_tun: entered allmulticast mode [ 461.188606][T20848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5340'. [ 461.743025][T20860] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5344'. [ 461.773903][T20862] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 462.093626][T20873] loop2: detected capacity change from 0 to 512 [ 462.121429][T20873] EXT4-fs: Ignoring removed mblk_io_submit option [ 462.130353][T20873] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 462.143094][T20873] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 462.151900][T20873] EXT4-fs (loop2): orphan cleanup on readonly fs [ 462.158732][T20873] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5349: Invalid block bitmap block 0 in block_group 0 [ 462.175141][T20873] EXT4-fs (loop2): Remounting filesystem read-only [ 462.182410][T20873] Quota error (device loop2): write_blk: dquota write failed [ 462.189765][T20878] loop3: detected capacity change from 0 to 512 [ 462.189852][T20873] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 462.216324][T20873] EXT4-fs (loop2): 1 orphan inode deleted [ 462.231182][T20878] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 462.245954][T20873] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 462.266166][T20873] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 462.273285][T20873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.349091][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 462.492154][T20888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5353'. [ 462.791205][T20899] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5358'. [ 463.000715][T20907] loop3: detected capacity change from 0 to 128 [ 463.165674][T20911] loop4: detected capacity change from 0 to 2048 [ 463.222262][T20911] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 463.371087][T19815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 463.598673][T20923] loop1: detected capacity change from 0 to 512 [ 463.643082][T20923] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 463.732125][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 464.380635][T20940] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5372'. [ 464.479159][T20942] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 464.883775][T20955] loop4: detected capacity change from 0 to 512 [ 464.919492][T20955] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 464.990790][T19815] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 465.015666][T20961] vlan0: entered promiscuous mode [ 465.020770][T20961] vlan0: entered allmulticast mode [ 465.073938][T20961] veth0_vlan: entered allmulticast mode [ 465.097869][T20961] team0: Port device vlan0 added [ 465.744479][T20970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5382'. [ 465.835451][ T29] audit: type=1326 audit(465.278:10079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20972 comm="syz.1.5385" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a2d305b99 code=0x0 [ 466.085120][T20980] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5386'. [ 466.104046][T20981] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 466.227628][T20975] loop1: detected capacity change from 0 to 256 [ 466.252725][T20975] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001) [ 466.260859][T20975] FAT-fs (loop1): Filesystem has been set read-only [ 466.502868][T20991] loop3: detected capacity change from 0 to 512 [ 466.548798][T20991] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 466.652813][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 466.970478][T21003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5396'. [ 467.218375][T21010] netlink: 56 bytes leftover after parsing attributes in process `syz.3.5400'. [ 467.485144][T21017] loop4: detected capacity change from 0 to 512 [ 467.509454][T21017] EXT4-fs: Ignoring removed mblk_io_submit option [ 467.590497][T21017] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 467.653074][T21017] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 467.707916][T21017] EXT4-fs (loop4): orphan cleanup on readonly fs [ 467.735243][T21017] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5402: Invalid block bitmap block 0 in block_group 0 [ 467.757750][T21017] EXT4-fs (loop4): Remounting filesystem read-only [ 467.764443][T21017] Quota error (device loop4): write_blk: dquota write failed [ 467.771940][T21017] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 467.782455][T21017] EXT4-fs (loop4): 1 orphan inode deleted [ 467.790579][T21017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 467.803458][T21017] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 467.811274][T21017] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 468.063188][T21032] veth0_vlan: left allmulticast mode [ 468.377354][T21042] loop3: detected capacity change from 0 to 256 [ 468.421469][T21044] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5413'. [ 468.773558][T21054] loop1: detected capacity change from 0 to 512 [ 468.799795][T21054] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.5417: iget: bad extended attribute block 1 [ 468.815460][T21054] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.5417: couldn't read orphan inode 15 (err -117) [ 468.835033][T21054] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 468.878507][T21054] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 13: comm syz.1.5417: lblock 0 mapped to illegal pblock 13 (length 1) [ 468.968269][T21054] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 13: comm syz.1.5417: lblock 0 mapped to illegal pblock 13 (length 1) [ 469.086748][T21066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5419'. [ 469.195355][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 469.801426][T21081] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5424'. [ 470.029159][ T29] audit: type=1326 audit(469.478:10080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21082 comm="syz.1.5425" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a2d305b99 code=0x0 [ 470.120435][T21087] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5427'. [ 470.157784][ T29] audit: type=1326 audit(469.608:10081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21084 comm="syz.0.5426" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efecb0e0b99 code=0x0 [ 470.217082][ T29] audit: type=1326 audit(469.658:10082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21084 comm="syz.0.5426" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efecb0e0b99 code=0x0 [ 470.280503][T21092] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 470.733108][T21105] loop3: detected capacity change from 0 to 512 [ 470.760640][T21105] EXT4-fs: Ignoring removed mblk_io_submit option [ 470.769338][T21105] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 470.783401][T21105] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 470.794829][T21105] EXT4-fs (loop3): orphan cleanup on readonly fs [ 470.804215][T21105] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5432: Invalid block bitmap block 0 in block_group 0 [ 470.821739][T21105] EXT4-fs (loop3): Remounting filesystem read-only [ 470.829597][T21105] Quota error (device loop3): write_blk: dquota write failed [ 470.837265][T21105] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 470.849532][T21105] EXT4-fs (loop3): 1 orphan inode deleted [ 470.862067][T21105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 470.874983][T21105] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 470.883252][T21105] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 471.064146][T21108] loop2: detected capacity change from 0 to 256 [ 471.098227][T21108] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 471.114886][T21108] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 471.232186][T21112] veth0_vlan: left allmulticast mode [ 471.271647][T21115] loop3: detected capacity change from 0 to 256 [ 471.296016][T21115] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 471.312642][T21115] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 471.541790][T21119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5437'. [ 472.029076][T21131] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5440'. [ 472.699329][T21144] loop4: detected capacity change from 0 to 512 [ 472.718572][T21144] EXT4-fs: Ignoring removed mblk_io_submit option [ 472.730402][T21144] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 472.743489][T21144] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 472.765064][T21144] EXT4-fs (loop4): orphan cleanup on readonly fs [ 472.773153][T21144] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5446: Invalid block bitmap block 0 in block_group 0 [ 472.790413][T21144] EXT4-fs (loop4): Remounting filesystem read-only [ 472.797095][T21144] Quota error (device loop4): write_blk: dquota write failed [ 472.804531][T21144] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 472.818443][T21144] EXT4-fs (loop4): 1 orphan inode deleted [ 472.825325][T21144] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 472.840453][T21144] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 472.847738][T21144] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 472.870356][T21152] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5450'. [ 473.072848][T21155] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 473.230281][T21161] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5454'. [ 474.111175][T21174] loop2: detected capacity change from 0 to 1024 [ 474.132704][T21174] EXT4-fs: Ignoring removed nomblk_io_submit option [ 474.140877][T21174] EXT4-fs: Ignoring removed orlov option [ 474.147566][T21174] journal_path: Lookup failure for './file0' [ 474.153640][T21174] EXT4-fs: error: could not find journal device path [ 474.493476][T21186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5463'. [ 474.750500][T21197] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 475.080351][ T29] audit: type=1326 audit(474.528:10083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21206 comm="syz.4.5471" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe6dde67b99 code=0x0 [ 475.125680][T21211] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5473'. [ 475.267611][T21215] loop1: detected capacity change from 0 to 512 [ 475.299534][T21215] EXT4-fs: Ignoring removed mblk_io_submit option [ 475.312361][T21215] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 475.326050][T21215] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 475.334204][T21215] EXT4-fs (loop1): orphan cleanup on readonly fs [ 475.343276][T21215] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5474: Invalid block bitmap block 0 in block_group 0 [ 475.359647][T21215] EXT4-fs (loop1): Remounting filesystem read-only [ 475.366341][T21215] Quota error (device loop1): write_blk: dquota write failed [ 475.373766][T21215] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 475.383749][T21215] EXT4-fs (loop1): 1 orphan inode deleted [ 475.394241][T21215] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 475.409068][T21215] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 475.416416][T21215] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 475.743488][T21225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5478'. [ 475.800184][T21227] loop1: detected capacity change from 0 to 2048 [ 475.841490][T21227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 475.982589][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 476.060790][T21238] loop3: detected capacity change from 0 to 128 [ 476.083245][T21238] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4591: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 476.101960][T21238] EXT4-fs (loop3): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 476.514323][T21252] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5486'. [ 476.648032][T21257] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 476.808831][T21263] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5491'. [ 476.818981][T21264] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5493'. [ 476.942356][T21269] openvswitch: netlink: Key type 31 is not supported [ 476.960196][T21269] loop3: detected capacity change from 0 to 512 [ 476.976472][T21269] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 476.990588][T21269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e842e11c, mo2=0002] [ 477.000660][T21269] System zones: 1-12 [ 477.005793][T21269] EXT4-fs (loop3): orphan cleanup on readonly fs [ 477.019303][T21269] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5494: bg 0: block 361: padding at end of block bitmap is not set [ 477.037617][T21269] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem [ 477.048716][T21269] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.5494: attempt to clear invalid blocks 33619980 len 1 [ 477.071896][T21269] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.5494: invalid indirect mapped block 1811939328 (level 0) [ 477.089421][T21269] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.5494: invalid indirect mapped block 2 (level 2) [ 477.105190][T21269] EXT4-fs (loop3): 1 truncate cleaned up [ 477.115031][ T29] audit: type=1326 audit(476.568:10084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21272 comm="syz.1.5495" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a2d305b99 code=0x0 [ 477.115285][T21269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 477.202960][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 477.919419][T21292] loop3: detected capacity change from 0 to 512 [ 477.956402][T21292] EXT4-fs: Ignoring removed mblk_io_submit option [ 477.963828][T21292] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 477.976950][T21292] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 477.988473][T21292] EXT4-fs (loop3): orphan cleanup on readonly fs [ 477.996760][T21292] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5501: Invalid block bitmap block 0 in block_group 0 [ 478.013629][T21292] EXT4-fs (loop3): Remounting filesystem read-only [ 478.021100][T21292] Quota error (device loop3): write_blk: dquota write failed [ 478.025611][T21296] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5502'. [ 478.028592][T21292] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 478.049208][T21292] EXT4-fs (loop3): 1 orphan inode deleted [ 478.055526][T21292] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 478.068616][T21292] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 478.075597][T21292] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 478.305702][T21304] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5505'. [ 478.423211][T21307] netlink: 'syz.2.5507': attribute type 3 has an invalid length. [ 478.431054][T21307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5507'. [ 478.784032][T21321] loop2: detected capacity change from 0 to 1024 [ 478.808690][T21321] EXT4-fs: Invalid want_extra_isize 5 [ 479.242302][T21330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5518'. [ 479.253373][T21332] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5516'. [ 479.904931][T21350] loop4: detected capacity change from 0 to 256 [ 479.933248][T21350] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 479.950748][T21350] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 479.971622][T21349] loop3: detected capacity change from 0 to 512 [ 480.007046][T21349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 480.351038][T21362] dccp_invalid_packet: P.CsCov 12 exceeds packet length 256 [ 480.369448][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.680358][T21366] __nla_validate_parse: 1 callbacks suppressed [ 480.680378][T21366] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5531'. [ 480.701171][T21367] loop2: detected capacity change from 0 to 512 [ 480.740077][T21367] EXT4-fs: Ignoring removed mblk_io_submit option [ 480.752845][T21367] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 480.770615][T21367] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 480.780726][T21367] EXT4-fs (loop2): orphan cleanup on readonly fs [ 480.787671][T21367] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5532: Invalid block bitmap block 0 in block_group 0 [ 480.803513][T21367] EXT4-fs (loop2): Remounting filesystem read-only [ 480.810387][T21367] Quota error (device loop2): write_blk: dquota write failed [ 480.817825][T21367] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 480.827876][T21367] EXT4-fs (loop2): 1 orphan inode deleted [ 480.834211][T21367] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 480.849843][T21367] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 480.859625][T21367] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 480.952967][T21371] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 481.248957][T21380] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 481.523445][T21389] loop2: detected capacity change from 0 to 512 [ 481.561965][T21389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 481.610658][ T29] audit: type=1400 audit(481.058:10085): avc: denied { watch watch_reads } for pid=21390 comm="syz.3.5542" path="/root/syzkaller.jCw1Kj/201/file0" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1 [ 481.622404][T21395] loop3: detected capacity change from 0 to 1024 [ 481.652683][T21395] EXT4-fs: Ignoring removed orlov option [ 481.658488][T21395] EXT4-fs: Ignoring removed nomblk_io_submit option [ 481.672024][T21395] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 481.713529][T20362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 481.805272][T19815] bridge0: port 3(syz_tun) entered disabled state [ 481.843085][T21395] loop3: detected capacity change from 0 to 2048 [ 481.861270][T19815] syz_tun (unregistering): left allmulticast mode [ 481.867840][T19815] syz_tun (unregistering): left promiscuous mode [ 481.874207][T19815] bridge0: port 3(syz_tun) entered disabled state [ 481.892364][T21402] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5544'. [ 481.912872][T21395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 481.977490][T21390] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 482.030832][T21390] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28 [ 482.043209][T21390] EXT4-fs (loop3): This should not happen!! Data will be lost [ 482.043209][T21390] [ 482.052908][T21390] EXT4-fs (loop3): Total free blocks count 0 [ 482.058942][T21390] EXT4-fs (loop3): Free/Dirty block details [ 482.064844][T21390] EXT4-fs (loop3): free_blocks=2415919104 [ 482.070607][T21390] EXT4-fs (loop3): dirty_blocks=32 [ 482.075771][T21390] EXT4-fs (loop3): Block reservation details [ 482.081838][T21390] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 482.112387][T21399] lo speed is unknown, defaulting to 1000 [ 482.123223][ T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.197341][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.212447][ T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.256714][T21416] loop2: detected capacity change from 0 to 512 [ 482.273527][ T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.308278][T21399] chnl_net:caif_netlink_parms(): no params data found [ 482.310637][T21416] EXT4-fs: Ignoring removed mblk_io_submit option [ 482.332944][T21416] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 482.355258][ T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 482.370036][T21416] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 482.378557][T21416] EXT4-fs (loop2): orphan cleanup on readonly fs [ 482.394041][T21416] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.5546: Invalid block bitmap block 0 in block_group 0 [ 482.418835][T21399] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.426000][T21399] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.440471][T21416] EXT4-fs (loop2): Remounting filesystem read-only [ 482.450657][T21399] bridge_slave_0: entered allmulticast mode [ 482.457575][T21399] bridge_slave_0: entered promiscuous mode [ 482.464881][T21416] Quota error (device loop2): write_blk: dquota write failed [ 482.472370][T21416] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 482.509613][T21399] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.516816][T21399] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.527298][T21416] EXT4-fs (loop2): 1 orphan inode deleted [ 482.534715][T21399] bridge_slave_1: entered allmulticast mode [ 482.543277][T21399] bridge_slave_1: entered promiscuous mode [ 482.553400][T21416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 482.572003][T21416] SELinux: (dev loop2, type ext4) getxattr errno 5 [ 482.584793][T21416] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 482.596802][ T36] bridge_slave_1: left allmulticast mode [ 482.602700][ T36] bridge_slave_1: left promiscuous mode [ 482.608447][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.629770][ T36] bridge_slave_0: left allmulticast mode [ 482.635547][ T36] bridge_slave_0: left promiscuous mode [ 482.641312][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.858809][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 482.891500][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 482.902707][ T36] bond0 (unregistering): Released all slaves [ 482.915819][T21399] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 482.925672][T21416] netlink: 60 bytes leftover after parsing attributes in process `syz.2.5546'. [ 482.947635][T21399] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.983048][T21399] team0: Port device team_slave_0 added [ 482.990463][T21399] team0: Port device team_slave_1 added [ 483.019671][T21399] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.026715][T21399] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.052816][T21399] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.074139][T21399] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.081221][T21399] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 483.107359][T21399] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 483.128214][ T36] hsr_slave_0: left promiscuous mode [ 483.138454][ T36] hsr_slave_1: left promiscuous mode [ 483.144479][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 483.152120][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 483.162418][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 483.169979][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 483.186799][ T36] veth1_macvtap: left promiscuous mode [ 483.192300][ T36] veth0_macvtap: left promiscuous mode [ 483.197995][ T36] veth0_vlan: left promiscuous mode [ 483.290379][ T36] team0 (unregistering): Port device vlan0 removed [ 483.329262][ T36] team0 (unregistering): Port device team_slave_1 removed [ 483.343978][ T36] team0 (unregistering): Port device team_slave_0 removed [ 483.401327][T21441] loop3: detected capacity change from 0 to 164 [ 483.430710][T21441] rock: directory entry would overflow storage [ 483.436944][T21441] rock: sig=0x5245, size=8, remaining=3 [ 483.494463][T21399] hsr_slave_0: entered promiscuous mode [ 483.509206][T21399] hsr_slave_1: entered promiscuous mode [ 483.523078][T21399] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 483.540488][T21399] Cannot create hsr debugfs directory [ 483.696907][T21449] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5557'. [ 483.928018][T21399] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 483.944030][T21399] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 483.968214][T21399] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 483.990506][T21399] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 484.078782][T21399] 8021q: adding VLAN 0 to HW filter on device bond0 [ 484.100361][T21399] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.120003][ T8] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.127192][ T8] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.141743][ T8] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.148914][ T8] bridge0: port 2(bridge_slave_1) entered forwarding state [ 484.265702][T21399] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 484.273022][T21459] loop2: detected capacity change from 0 to 256 [ 484.309340][T21459] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 484.326333][T21459] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 484.506490][T21399] veth0_vlan: entered promiscuous mode [ 484.517034][T21399] veth1_vlan: entered promiscuous mode [ 484.534750][T21399] veth0_macvtap: entered promiscuous mode [ 484.543721][T21399] veth1_macvtap: entered promiscuous mode [ 484.556026][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.566648][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.576619][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.587072][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.596987][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.607552][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.617386][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.627823][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.637675][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.648107][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.658518][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.668960][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.678817][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 484.689258][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.703045][T21399] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 484.711642][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.722378][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.732540][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.743142][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.753131][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.763595][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.773449][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.784009][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.793831][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.804310][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.814158][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.824628][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.834465][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.844967][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.854790][T21399] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 484.865237][T21399] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 484.876647][T21399] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 484.890297][T21399] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.899156][T21399] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.907970][T21399] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.916742][T21399] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 484.997609][T21491] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 485.043226][T21493] loop4: detected capacity change from 0 to 512 [ 485.060329][T21493] EXT4-fs: Ignoring removed mblk_io_submit option [ 485.090176][T21493] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 485.104603][T21493] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 485.118559][T21493] EXT4-fs (loop4): orphan cleanup on readonly fs [ 485.125887][T21493] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.5547: Invalid block bitmap block 0 in block_group 0 [ 485.144567][T21493] EXT4-fs (loop4): Remounting filesystem read-only [ 485.154305][T21493] Quota error (device loop4): write_blk: dquota write failed [ 485.161852][T21493] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota [ 485.176752][T21493] EXT4-fs (loop4): 1 orphan inode deleted [ 485.185721][T21493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 485.201890][T21493] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 485.211526][T21493] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.351130][T21498] loop1: detected capacity change from 0 to 512 [ 485.380251][T21498] EXT4-fs: Ignoring removed mblk_io_submit option [ 485.400832][T21498] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 485.415043][T21498] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 485.425759][T21498] EXT4-fs (loop1): orphan cleanup on readonly fs [ 485.437343][T21498] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5568: Invalid block bitmap block 0 in block_group 0 [ 485.455660][T21498] EXT4-fs (loop1): Remounting filesystem read-only [ 485.464330][T21498] Quota error (device loop1): write_blk: dquota write failed [ 485.471802][T21498] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 485.481863][T21498] EXT4-fs (loop1): 1 orphan inode deleted [ 485.500087][T21506] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5569'. [ 485.512307][T21498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 485.525243][T21498] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 485.536712][T21498] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 485.602195][T21498] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5568'. [ 485.786424][T21513] (unnamed net_device) (uninitialized): option miimon: invalid value (18446744073709551614) [ 485.796653][T21513] (unnamed net_device) (uninitialized): option miimon: allowed values 0 - 2147483647 [ 485.832270][T21513] bond0: entered promiscuous mode [ 485.837439][T21513] bond_slave_0: entered promiscuous mode [ 485.843201][T21513] bond_slave_1: entered promiscuous mode [ 485.861963][T21513] team0: entered promiscuous mode [ 485.867075][T21513] team_slave_0: entered promiscuous mode [ 485.872778][T21513] team_slave_1: entered promiscuous mode [ 486.055128][T21522] loop4: detected capacity change from 0 to 512 [ 486.070130][T21522] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4. [ 486.104220][T21528] netlink: 48 bytes leftover after parsing attributes in process `syz.1.5578'. [ 486.279395][T21532] loop1: detected capacity change from 0 to 256 [ 486.298938][T21532] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 486.332928][T21532] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 486.551074][T21539] netlink: 56 bytes leftover after parsing attributes in process `syz.0.5583'. [ 486.859227][ T29] audit: type=1326 audit(486.308:10086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21542 comm="syz.0.5585" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efecb0e0b99 code=0x0 [ 486.930456][T21546] loop2: detected capacity change from 0 to 2048 [ 486.978530][T21546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 487.114652][T20362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.360966][T21565] loop3: detected capacity change from 0 to 512 [ 487.380665][T21567] netlink: 48 bytes leftover after parsing attributes in process `syz.2.5590'. [ 487.400793][T21565] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.447637][T21571] loop1: detected capacity change from 0 to 512 [ 487.483727][T21571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 487.516461][T21565] batadv_slave_1: entered promiscuous mode [ 487.529981][T21562] batadv_slave_1: left promiscuous mode [ 487.583965][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.693824][T18468] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 487.740686][T21578] netlink: 56 bytes leftover after parsing attributes in process `syz.2.5595'. [ 487.967028][T21584] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 488.219528][T21595] loop3: detected capacity change from 0 to 256 [ 488.243227][T21595] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 488.259613][T21595] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 488.521753][T21604] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5603'. [ 488.621248][T21607] loop2: detected capacity change from 0 to 512 [ 488.661505][T21607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 488.705407][T20362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.025932][ T29] audit: type=1326 audit(488.468:10087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21613 comm="syz.2.5609" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f061feb8b99 code=0x0 [ 489.052756][T21617] loop1: detected capacity change from 0 to 512 [ 489.059443][T21618] netlink: 56 bytes leftover after parsing attributes in process `syz.4.5610'. [ 489.086421][T21617] EXT4-fs: Ignoring removed mblk_io_submit option [ 489.097806][T21617] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 489.108788][T21617] EXT4-fs (loop1): revision level too high, forcing read-only mode [ 489.119218][T21617] EXT4-fs (loop1): orphan cleanup on readonly fs [ 489.127334][T21617] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.5611: Invalid block bitmap block 0 in block_group 0 [ 489.143135][T21617] EXT4-fs (loop1): Remounting filesystem read-only [ 489.149808][T21617] Quota error (device loop1): write_blk: dquota write failed [ 489.157491][T21617] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota [ 489.171521][T21617] EXT4-fs (loop1): 1 orphan inode deleted [ 489.179421][T21617] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 489.194622][T21617] SELinux: (dev loop1, type ext4) getxattr errno 5 [ 489.202168][T21617] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 489.324356][T21623] vlan0: entered promiscuous mode [ 489.329765][T21623] vlan0: entered allmulticast mode [ 489.348166][T21623] veth0_vlan: entered allmulticast mode [ 489.367484][T21623] team0: Port device vlan0 added [ 489.404923][T21620] loop2: detected capacity change from 0 to 256 [ 489.427981][T21620] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 489.435908][T21620] FAT-fs (loop2): Filesystem has been set read-only [ 489.665297][T21632] loop4: detected capacity change from 0 to 512 [ 489.690024][T21632] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 489.709024][T21632] Quota error (device loop4): v2_read_file_info: Free block number 58381 out of range (1, 6). [ 489.719569][T21632] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 489.835010][T21399] EXT4-fs (loop4): unmounting filesystem 00800000-0000-0000-0000-000000000000. [ 489.894466][T21640] loop1: detected capacity change from 0 to 512 [ 489.917941][T21640] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 489.969563][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.238696][T21653] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5623'. [ 490.366878][T21657] loop3: detected capacity change from 0 to 512 [ 490.390420][T21657] EXT4-fs: Ignoring removed mblk_io_submit option [ 490.401483][T21658] 9pnet_fd: Insufficient options for proto=fd [ 490.408279][T21657] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 490.419811][T21659] loop7: detected capacity change from 0 to 16384 [ 490.442040][T21657] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 490.470031][T21657] EXT4-fs (loop3): orphan cleanup on readonly fs [ 490.493489][T21657] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5625: Invalid block bitmap block 0 in block_group 0 [ 490.512663][T21657] EXT4-fs (loop3): Remounting filesystem read-only [ 490.529742][T21657] Quota error (device loop3): write_blk: dquota write failed [ 490.537237][T21657] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 490.550560][T21657] EXT4-fs (loop3): 1 orphan inode deleted [ 490.557268][T21657] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 490.576276][ T1135] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 0 [ 490.591240][T21657] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 490.598260][T21657] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 490.617422][T21662] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 490.626736][T21662] Buffer I/O error on dev loop7, logical block 0, async page read [ 490.634576][T21662] loop7: unable to read partition table [ 490.645999][T21657] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5625'. [ 490.656134][T21662] loop7: partition table beyond EOD, truncated [ 490.662416][T21662] loop_reread_partitions: partition scan of loop7 () failed (rc=-5) [ 491.003868][T21677] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 491.019997][T21678] loop1: detected capacity change from 0 to 512 [ 491.048001][T21678] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 491.081977][ T29] audit: type=1326 audit(490.528:10088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21676 comm="syz.2.5634" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f061feb8b99 code=0x0 [ 491.130834][T20520] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.354587][T21683] loop2: detected capacity change from 0 to 256 [ 491.381031][T21683] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001) [ 491.388959][T21683] FAT-fs (loop2): Filesystem has been set read-only [ 491.505662][T21693] loop3: detected capacity change from 0 to 512 [ 491.528798][T21693] EXT4-fs: Ignoring removed mblk_io_submit option [ 491.545139][T21693] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 491.570608][T21693] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 491.586599][T21693] EXT4-fs (loop3): orphan cleanup on readonly fs [ 491.594753][T21693] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.5639: Invalid block bitmap block 0 in block_group 0 [ 491.612362][T21693] EXT4-fs (loop3): Remounting filesystem read-only [ 491.619653][T21693] Quota error (device loop3): write_blk: dquota write failed [ 491.627253][T21693] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 491.641463][T21693] EXT4-fs (loop3): 1 orphan inode deleted [ 491.651706][T21693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 491.668965][T21693] SELinux: (dev loop3, type ext4) getxattr errno 5 [ 491.680130][T21693] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 491.771873][ T29] audit: type=1400 audit(491.218:10089): avc: denied { append } for pid=21698 comm="syz.0.5641" name="sg0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1 [ 491.948751][T21705] netlink: 'syz.1.5643': attribute type 10 has an invalid length. [ 491.990971][T21705] bond0: (slave netdevsim1): Enslaving as an active interface with an up link [ 492.566467][ T29] audit: type=1400 audit(492.008:10090): avc: denied { execute_no_trans } for pid=21722 comm="syz.3.5650" path=2F6D656D66643A202864656C6574656429 dev="tmpfs" ino=1571 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 494.027395][T21759] netlink: 16186 bytes leftover after parsing attributes in process `syz.0.5660'. [ 494.877894][T21776] netlink: 'syz.4.5668': attribute type 15 has an invalid length. [ 494.885832][T21776] netlink: 5 bytes leftover after parsing attributes in process `syz.4.5668'. [ 495.049856][T21779] netlink: 'syz.0.5669': attribute type 10 has an invalid length. [ 495.937126][T21795] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 496.570337][T21813] team_slave_0: entered promiscuous mode [ 496.576080][T21813] team_slave_1: entered promiscuous mode [ 496.587626][T21813] netlink: 'syz.1.5682': attribute type 10 has an invalid length. [ 496.666148][T21813] team_slave_0: left promiscuous mode [ 496.671640][T21813] team_slave_1: left promiscuous mode [ 496.747163][T21813] team_slave_0: entered promiscuous mode [ 496.752877][T21813] team_slave_1: entered promiscuous mode [ 496.839281][T21813] 8021q: adding VLAN 0 to HW filter on device team0 [ 496.887483][T21813] bond0: (slave team0): Enslaving as an active interface with an up link [ 496.942201][T21811] team_slave_0: left promiscuous mode [ 496.947758][T21811] team_slave_1: left promiscuous mode [ 501.274807][T21908] loop2: detected capacity change from 0 to 512 [ 501.329797][T21908] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 501.419867][T20362] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 501.860940][T21923] netlink: 72 bytes leftover after parsing attributes in process `syz.4.5727'. [ 501.892526][T21925] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5725'. [ 502.624730][T21941] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5733'. [ 503.228112][T21956] loop4: detected capacity change from 0 to 512 [ 503.268837][T21956] EXT4-fs (loop4): orphan cleanup on readonly fs [ 503.281063][T21956] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #4: comm syz.4.5739: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 5(4), depth 0(0) [ 503.327826][T21956] EXT4-fs error (device loop4): ext4_quota_enable:7037: comm syz.4.5739: Bad quota inode: 4, type: 1 [ 503.350252][T21956] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 503.380397][T21956] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 503.394668][T21956] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 503.495339][T21399] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 503.502223][ T29] audit: type=1400 audit(502.948:10091): avc: denied { sys_ptrace } for pid=21960 comm="syz.2.5741" capability=19 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1 [ 503.899420][T21967] loop4: detected capacity change from 0 to 256 [ 504.282286][ T29] audit: type=1400 audit(503.728:10092): avc: denied { nlmsg_write } for pid=21975 comm="syz.1.5746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 504.511364][ T29] audit: type=1400 audit(503.958:10093): avc: denied { mount } for pid=21979 comm="syz.2.5749" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 504.544094][T21981] devtmpfs: Unknown parameter 'n' [ 504.556916][ T29] audit: type=1400 audit(503.988:10094): avc: denied { remount } for pid=21979 comm="syz.2.5749" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 505.349462][T22005] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5756'. [ 505.864293][T22012] netlink: 'syz.1.5759': attribute type 11 has an invalid length. [ 505.872190][T22012] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5759'. [ 506.130006][T22025] devtmpfs: Unknown parameter 'n' [ 507.153981][T22049] netlink: 'syz.1.5773': attribute type 11 has an invalid length. [ 507.161928][T22049] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5773'. [ 507.692177][T22063] loop4: detected capacity change from 0 to 512 [ 507.712979][T22063] EXT4-fs (loop4): orphan cleanup on readonly fs [ 507.720662][T22063] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #4: comm syz.4.5778: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 5(4), depth 0(0) [ 507.738608][T22063] EXT4-fs error (device loop4): ext4_quota_enable:7037: comm syz.4.5778: Bad quota inode: 4, type: 1 [ 507.750996][T22063] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 507.769841][T22063] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 507.777926][T22063] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 507.859163][T21399] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 508.134857][T22081] loop4: detected capacity change from 0 to 512 [ 508.163956][T22081] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 508.184809][T22081] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c198, mo2=0002] [ 508.206116][T22081] System zones: 1-12 [ 508.232437][T22081] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #15: comm syz.4.5784: corrupted in-inode xattr: e_value size too large [ 508.273483][T22081] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.5784: couldn't read orphan inode 15 (err -117) [ 508.318873][T22081] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 508.398962][T21399] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 512.201857][T22136] netlink: 'syz.3.5802': attribute type 4 has an invalid length. [ 513.817590][T22167] netlink: 'syz.2.5814': attribute type 10 has an invalid length. [ 513.825472][T22167] netlink: 55 bytes leftover after parsing attributes in process `syz.2.5814'. [ 514.039800][T22167] team0: Port device vlan0 removed [ 514.103213][T22180] netlink: 'syz.1.5817': attribute type 4 has an invalid length. [ 515.281782][T22207] loop2: detected capacity change from 0 to 256 [ 515.309460][T22207] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 515.325530][T22207] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 515.454233][T22213] loop4: detected capacity change from 0 to 512 [ 515.472308][T22213] EXT4-fs (loop4): orphan cleanup on readonly fs [ 515.485267][T22213] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #4: comm syz.4.5831: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 5(4), depth 0(0) [ 515.502967][T22213] EXT4-fs error (device loop4): ext4_quota_enable:7037: comm syz.4.5831: Bad quota inode: 4, type: 1 [ 515.523537][T22213] EXT4-fs warning (device loop4): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 515.543002][T22213] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 515.550468][T22213] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 515.647855][T21399] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 516.001012][T22231] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5838'. [ 516.350052][T22237] ================================================================== [ 516.358172][T22237] BUG: KCSAN: data-race in ____sys_recvmsg / fasync_insert_entry [ 516.365930][T22237] [ 516.368265][T22237] read-write to 0xffff888100ee0048 of 4 bytes by task 22242 on cpu 1: [ 516.376419][T22237] fasync_insert_entry+0x124/0x150 [ 516.381817][T22237] fasync_helper+0x5d/0xc0 [ 516.386243][T22237] sock_fasync+0x60/0xd0 [ 516.390511][T22237] do_fcntl+0xc0b/0xe20 [ 516.394683][T22237] __se_sys_fcntl+0xc4/0x190 [ 516.399302][T22237] __x64_sys_fcntl+0x43/0x50 [ 516.403941][T22237] x64_sys_call+0x292f/0x2d70 [ 516.408649][T22237] do_syscall_64+0xc9/0x1c0 [ 516.413179][T22237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.419110][T22237] [ 516.421448][T22237] read to 0xffff888100ee0048 of 4 bytes by task 22237 on cpu 0: [ 516.429091][T22237] ____sys_recvmsg+0xc8/0x280 [ 516.433796][T22237] do_recvmmsg+0x2eb/0x720 [ 516.438239][T22237] __x64_sys_recvmmsg+0xe2/0x170 [ 516.443300][T22237] x64_sys_call+0x271d/0x2d70 [ 516.448013][T22237] do_syscall_64+0xc9/0x1c0 [ 516.452553][T22237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.458476][T22237] [ 516.460813][T22237] value changed: 0x00000002 -> 0x00002c02 [ 516.466980][T22237] [ 516.469315][T22237] Reported by Kernel Concurrency Sanitizer on: [ 516.475477][T22237] CPU: 0 PID: 22237 Comm: syz.0.5839 Not tainted 6.10.0-rc6-syzkaller #0 [ 516.483992][T22237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 516.494066][T22237] ================================================================== [ 516.843142][T22243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5841'. [ 516.859779][T22243] bridge0: port 3(vlan2) entered blocking state [ 516.866253][T22243] bridge0: port 3(vlan2) entered disabled state [ 516.872707][T22243] vlan2: entered allmulticast mode [ 516.878365][T22243] vlan2: left allmulticast mode