last executing test programs: 1.990630422s ago: executing program 4 (id=2562): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1a0, 0x1c8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 1.970970074s ago: executing program 4 (id=2564): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) 1.914801818s ago: executing program 4 (id=2566): ioperm(0x0, 0x2, 0x2) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS") r0 = open(&(0x7f0000000400)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000005cd800000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008400"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000100)={'syzkaller0\x00', @random="2a754f352dcc"}) r5 = timerfd_create(0x7, 0x0) timerfd_gettime(r5, &(0x7f0000000040)) close(r3) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRES64=r1], 0xfdef) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000040)="fb0fcd52bafa89084b0c95878b85f489f9538d526d622f6f64d74d13a39a9508f1fa03aa4f152e00f7b03bc87be5308880b427699eb6248a0dadff86", &(0x7f0000000080)=""/151, 0x4}, 0x20) symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00') ftruncate(0xffffffffffffffff, 0x51a9497) 1.323044772s ago: executing program 4 (id=2575): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000200)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) lsm_get_self_attr(0x68, &(0x7f0000000640)={0x0, 0x0, 0x82, 0x62, ""/98}, &(0x7f0000000080)=0x82, 0x0) 1.21326041s ago: executing program 4 (id=2578): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f844", 0x3a}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100) 1.21264748s ago: executing program 3 (id=2579): syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') socket(0x2, 0x2, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x80a00) r2 = dup3(r1, r0, 0x0) read(r2, &(0x7f00000000c0)=""/226, 0xe2) read$watch_queue(r0, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='mlxsw_sp_acl_tcam_vregion_migrate\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, &(0x7f0000000300), &(0x7f00000003c0)=r3}, 0x20) r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4203c, &(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES8, @ANYRESHEX, @ANYRESDEC, @ANYRES32=r4, @ANYRESDEC, @ANYRESDEC, @ANYRES8=0x0, @ANYRES8, @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r5, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x6, 0x4, 0xff, 0x0, 0x1, 0x2}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="47e69d0f2a4ba931ab3e8bbd3aa1c645459b32453b3229c702575db98b16392c262f3e5b3ffce846fa299306385b5fbd523529649cc029cc048ec3be07a4aa34887482ef9e9da0b935cf6c61c2299de32c62f4715840ffb7e72eeee9dbd0bfa81c600ecdbec9f53eaf360ba9da5c2fdca1c556a3314d6259207664ed24893d131d9b3633c7c32009177ee0f6f47d577b5be0b54e739398af95f101f4dc898aa8cb6f0853f9f256bc395b29dfdc0deaa6ff02c3febd1aafd851e85f4e", @ANYBLOB="ba1f7c8d4f493c698b6a1539f22cf8aa852998c55420d19832a8f1dab3795783b53445cc4f2b502fb5d4c8376a7f64b19cbe77c7a12e", @ANYBLOB="a3c2e0661fb992983588185a577fdb38cf2027792dbd27cf3015dfbda7e4602141af6215c5a60fa0abd8741d8891b778d040843828426ab1952bb94976f9e302517183cc884ae227f7d30524007d7734c505d9c3e5b44e3c2207fc4a009fe92fa0a1506559d5e9d55fb19b305bc70707d17977b4b5235981484f32866ec280c1faa69ecd13cd90c9e6d62b", @ANYRES16], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setreuid(0x0, 0x0) r8 = syz_io_uring_setup(0x42ea, &(0x7f00000004c0)={0x0, 0x2, 0x1, 0x0, 0x0, 0x0, r2}, &(0x7f0000000100), &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) io_uring_register$IORING_REGISTER_PBUF_RING(r8, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) 1.098543139s ago: executing program 0 (id=2581): perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x9) 1.028871984s ago: executing program 0 (id=2582): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_SYMLINKAT={0x26, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0}) io_uring_enter(r1, 0x54, 0x0, 0x0, 0x0, 0x0) 1.028572064s ago: executing program 0 (id=2583): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9000000}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x0) 997.584296ms ago: executing program 0 (id=2585): socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup2(r0, r0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r5}, 0x10) syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00') sendmsg$NL80211_CMD_GET_MPATH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="2107000000000000000015"], 0x1c}}, 0x0) 900.590303ms ago: executing program 3 (id=2586): ioperm(0x0, 0x2, 0x2) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x80, 0x62d, &(0x7f0000000c40)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNv3szue98dvZ03MzuaAEprKhulEfsi4lwSMdmybCIaC6eK9R5+fft8NiRRr///qySSIq+5/qNiujsbJY3XfHwy4neV9eUu3bx1cbZWb7gTcXj50tXDSzdvHVq8NHth/sL85Zkj/zx6bPpfMx9uTZy7i+mp0//70+svv/iPhU9qh5I4HmdHX5qLtji2ylTj040sxNb8kYg4liU6fC6wnSrF3+NoRPwhJqOSzzVMxuJrA60c0Ff1SmP/VB+rA6WTxKBrAAxGsx/QPLbvx3HwMHtwIhvf6BD/SHH0vjM/Ntr1MGk5MspyI/ZsQfkrEfHj7f1vZ0N0OQ8xsgXldC3/bkT8sdP2T/L49+SRZvGnkba8LktPF+c2svr9ZxN1SFrSvf393dlEaT/3S+Jv3Q5Z/MeLaZZ/ssv7P+0Uz1TbfNnaHwCDsXqi2JFnHZFY2/9lPcNm/yfa+z/19/NrQ+37ro3ovv9Lt+Ddny7v/4102v839/c783142tYPS2Ll2zOd33K0PePzV0+92a38qZb+XzZk5Tf7gj3YdNfwwd2I/W3xv5J/9Mnj7Z906P9mq5zrsYz/fvrlqW7LNhn/ptXvRRzoePyz1ivNUm3XJ5NoXp88OnN4YbE2P90Ydyzjg49eeLdb+YOOP9v+u7rE/6Ttn+Vd7bGM987cu9RI7Vi3bOKp8adfjCVn89RYPl5rXmPJ6WKVxuTG7PLytSNPrktznXw604j/4F87t/8u8ecHH+PNr8weXH3u4sNuyza5/R/Ve1yxmyz+uQ1u/zd6LOO756//uduy9fGvnZMY32hQAAAAAAAAUFJpfg02SauP02laLS68/T52pbUrS8t/W7hy/fJcxMH895CjafNK92RjPsnmZ4rfwzbnj7TN/z0i9kbEW5XxfL56/kptbtDBAwAAAAAAAAAAAAAAAAAAwJDYXdz//6h4Htg3lTStVgddK2Db9PMBc8Bw0/6hvPL2vz3PWwOGjP0/lFfH9u9LAUpBU4fy0v6hvLR/KC/tH8pL+4fy6t7+1y252++6AAAAAABbZu9fVu+PRMTKv8fzITNWLBsdaM2AftPGobwqg64AMDCPL/C7/R9Kp6f+//fFPwfsf3WAAUg6Zeadg/qTG/9qx1cCAAAAAAAAAAAAAH1wYN/q/cT9/1BKbvuD8trY/f+Vjb8UGBqd/vW/x4FAOTjGh5Lr4STAzm4L3P8PAAAAAAAAAAAAANtmIh+StFr8DHgi0rRajfhNROyJ0WRhsTY/HRG/jYjPKqM7svmZQVcaAAAAAAAAAAAAAAAAAAAAnjFLN29dnK3V5q+1Jn5Yl/NsJ5pPPB2W+rQmIul7EWm05YxHxDDE3p/ESEtOErGSbfmteOdk838/MQyfT5EY8BcTAAAAAAAAAAAAAAAAAACUUMu9x53tf2ebawQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA22/t+f/9Sww6RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg1+mnAAAA//+EYjvS") r0 = open(&(0x7f0000000400)='.\x00', 0x0, 0x0) getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000280)={'batadv_slave_0\x00'}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$PROG_LOAD(0x5, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000005cd800000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b702000000000000850000008400"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) openat$ptp0(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000100)={'syzkaller0\x00', @random="2a754f352dcc"}) r5 = timerfd_create(0x7, 0x0) timerfd_gettime(r5, &(0x7f0000000040)) close(r3) write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYRES64=r1], 0xfdef) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000040)="fb0fcd52bafa89084b0c95878b85f489f9538d526d622f6f64d74d13a39a9508f1fa03aa4f152e00f7b03bc87be5308880b427699eb6248a0dadff86", &(0x7f0000000080)=""/151, 0x4}, 0x20) symlink(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='./file0\x00') ftruncate(0xffffffffffffffff, 0x51a9497) 863.982376ms ago: executing program 2 (id=2588): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x76, 0x1b, 0xaf, 0x40, 0x17cc, 0x1020, 0xab24, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe3, 0x0, 0x0, 0xbe, 0x4e, 0x80}}]}}]}}, 0x0) 488.067474ms ago: executing program 1 (id=2594): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0x0, &(0x7f0000000900)=ANY=[], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x1, 0x4, 0xfff, 0x5, 0x1000, 0xffffffffffffffff, 0xfffffffd, '\x00', 0x0, 0xffffffffffffffff, 0x2}, 0x48) socket$inet6(0xa, 0x1, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000540)=ANY=[@ANYBLOB="7c92e84d6221f1b0b92c0500da6d180009000000", @ANYBLOB], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000003c0)='ext4_journal_start\x00', r0}, 0x42) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000280)='kfree\x00', r0}, 0x10) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/bus/input/devices\x00', 0x0, 0x0) preadv(r4, &(0x7f0000000100)=[{&(0x7f0000000000)=""/221, 0xdd}], 0x1, 0x1c0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='spmi_write_begin\x00'}, 0x10) request_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)='overlay\x00', 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x5, 0x5, &(0x7f0000000700)=ANY=[@ANYBLOB="180000004830000000000000fa40000007010000080020007500feff000082009581031c4a6104a1148a8174f175f370fad969a6afee2f3d43b8009809b21ca8f437e3d1bcee29349a6833a347f79c6767d1eb726cbf342e3c0bf57983eee408f5a63d1813a508768a39925ddebfd483c415f7f1127ad4abfc9714c777e585d8785b6da085e9f77fdb84020642f213c82e86144b2b052c6387bc40e96b575479b495e0331d844d2aa236da8cca63a25443ea39fbba1bb9d4895d24b0a0a9ec647a6e4b50f51a186a31c13f4075a9ac2677aa2542a20c23158d03cc1efea1f154e259e5903adb738177ae4fcd60859d4b45de91cfe844e75684c575495c0d206a396c0f61445331"], &(0x7f00000006c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x60, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000840)=ANY=[@ANYRES64=r3, @ANYRESOCT=r2, @ANYRESOCT=0x0], &(0x7f0000000880)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0}, 0x3e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10) inotify_rm_watch(0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_JOIN_MCAST(r4, 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000004c0), 0x2f00, 0x0) r7 = getpgrp(0xffffffffffffffff) r8 = gettid() kcmp(r7, r8, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) prlimit64(0x0, 0x779882e1fd8ddf5a, &(0x7f0000000640)={0x4, 0x5}, 0x0) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r5) 487.742954ms ago: executing program 3 (id=2595): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9000000}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x0) 432.917398ms ago: executing program 3 (id=2596): ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000000)) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x100, 0x70bd2a, 0x25dfdbff, {{}, {}, {0x14, 0x18, {0x5, @bearer=@udp='udp:syz2\x00'}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x400c0}, 0x1) r2 = socket$packet(0x11, 0x2, 0x300) r3 = accept4$llc(0xffffffffffffffff, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000200)=0x10, 0x800) r4 = inotify_init() poll(&(0x7f0000000240)=[{r3, 0x2090}, {r2, 0x100}, {r4, 0x1100}, {r0, 0x10}, {r2, 0x7402}, {r0, 0x420}], 0x6, 0x5) r5 = fcntl$dupfd(r0, 0x52167f2b93d4793c, r2) setsockopt$inet_tcp_int(r5, 0x6, 0x6, &(0x7f0000000280), 0x4) syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0), r5) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f00000005c0)={'erspan0\x00', &(0x7f00000004c0)={'ip_vti0\x00', 0x0, 0x8, 0x20, 0x9, 0x7, {{0x30, 0x4, 0x2, 0x8, 0xc0, 0x65, 0x0, 0x1e, 0x29, 0x0, @rand_addr=0x64010102, @loopback, {[@cipso={0x86, 0x27, 0x3, [{0x0, 0x11, "52de60bef7ceedb27c2fb844adfb8a"}, {0x1, 0x10, "ad7dbb40c0af0d51d1e63fedad97"}]}, @timestamp_prespec={0x44, 0x1c, 0xf0, 0x3, 0x2, [{@broadcast, 0x100}, {@rand_addr=0x64010101, 0xfffffffd}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6}]}, @timestamp={0x44, 0x14, 0xf9, 0x0, 0x0, [0x80000001, 0x5, 0x96f, 0x2]}, @end, @timestamp_prespec={0x44, 0xc, 0xf8, 0x3, 0x2, [{@private=0xa010100, 0x8}]}, @rr={0x7, 0x1f, 0xae, [@remote, @rand_addr=0x64010102, @local, @private=0xa010101, @multicast2, @local, @multicast2]}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x23, 0xb9, [@local, @remote, @empty, @loopback, @dev={0xac, 0x14, 0x14, 0x38}, @loopback, @dev={0xac, 0x14, 0x14, 0x2c}, @loopback]}, @noop]}}}}}) r7 = dup3(r2, r3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x9, 0x13, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@call={0x85, 0x0, 0x0, 0x7f}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000003c0)='GPL\x00', 0x8, 0x84, &(0x7f0000000400)=""/132, 0x41100, 0x42, '\x00', r6, 0x31, r7, 0x8, &(0x7f0000000600)={0x4, 0x2}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0x3, 0x0, 0xfff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000680)=[{0x1, 0x5, 0x1, 0x6}], 0x10, 0x1}, 0x90) r8 = semget$private(0x0, 0x2, 0x1b0) write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000780)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0xb7}}, 0x10) setsockopt$IP_VS_SO_SET_ZERO(r7, 0x0, 0x48f, &(0x7f00000007c0)={0x2c, @empty, 0x4e21, 0x2, 'lblc\x00', 0x18, 0x5, 0x3a}, 0x2c) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$devlink(&(0x7f0000000840), r5) sendmsg$DEVLINK_CMD_RATE_NEW(r9, &(0x7f0000000900)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x32740b60a6a8ed72}, 0xc, &(0x7f00000008c0)={&(0x7f0000000880)={0x34, r10, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000040}, 0x80000) semctl$SEM_INFO(r8, 0x1, 0x13, &(0x7f0000000940)=""/210) sendmsg$DEVLINK_CMD_RATE_DEL(r5, &(0x7f0000000b00)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x30, r10, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40c1}, 0x8040000) splice(r0, &(0x7f0000000b40)=0x8, r3, &(0x7f0000000b80)=0x6, 0x9, 0xc) ioctl$TCSETAF(r7, 0x5408, &(0x7f0000000bc0)={0x5, 0x401, 0x7ff, 0x0, 0x19, "60142bde209b6f51"}) preadv(r7, &(0x7f0000000e80)=[{&(0x7f0000000c00)=""/192, 0xc0}, {&(0x7f0000000cc0)=""/182, 0xb6}, {&(0x7f0000000d80)=""/202, 0xca}], 0x3, 0x8, 0x101) sendmsg$DEVLINK_CMD_PORT_GET(r5, &(0x7f0000001080)={&(0x7f0000000ec0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000001040)={&(0x7f0000000f00)={0x140, r10, 0x100, 0x70bd28, 0x25dfdbff, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}, {{@pci={{0x8}, {0x11}}, {0x8}}}]}, 0x140}, 0x1, 0x0, 0x0, 0x40024}, 0x8008000) ioctl$PIO_FONT(r5, 0x4b61, &(0x7f00000010c0)="8b311e323463cb488f4e512a469f7e1ef50273908abe78835f4c29cdd95ef1911ca20704a8d4d5114297cb217ceae08bd51ff242a822fc4932a0f90edcef09896e9a6934c8812ae09fd03581d4d26ac8f64aee0cabf4797000e6330157854ed7f09f936707508ee9c7abdf86536d4d04743c6354ae89d436e95adf4ca97b7e53e969e9756d9db83c72d17142e748406b7fe07f5d5beb469f6d8f21c3d06cb650a449151bdc904ec42dd94a3f17bddf5f0c581f") openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001180), 0x400400, 0x0) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001200), r5) sendmsg$NL80211_CMD_SET_CHANNEL(r7, &(0x7f0000001340)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001300)={&(0x7f0000001280)={0x44, r11, 0x800, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x222}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x40) 406.42648ms ago: executing program 1 (id=2597): syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') socket(0x2, 0x2, 0x0) socket$can_j1939(0x1d, 0x2, 0x7) connect$can_j1939(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x80a00) r2 = dup3(r1, r0, 0x0) read(r2, &(0x7f00000000c0)=""/226, 0xe2) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000340)='mlxsw_sp_acl_tcam_vregion_migrate\x00', r2}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000300), &(0x7f00000003c0)=r4}, 0x20) r5 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000600)={[{@user_xattr}, {@data_err_abort}, {@resuid}, {@errors_remount}, {@norecovery}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x5}}, {@noinit_itable}, {@nomblk_io_submit}, {@grpquota}, {@nogrpid}]}, 0x1, 0x54f, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4203c, &(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES8, @ANYRESHEX, @ANYRESDEC, @ANYRES32=r5, @ANYRESDEC, @ANYRESDEC, @ANYRES8=0x0, @ANYRES8, @ANYRES64], 0x0, 0x0, &(0x7f0000000000)) r6 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r6, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x6, 0x4, 0xff, 0x0, 0x1, 0x2}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="47e69d0f2a4ba931ab3e8bbd3aa1c645459b32453b3229c702575db98b16392c262f3e5b3ffce846fa299306385b5fbd523529649cc029cc048ec3be07a4aa34887482ef9e9da0b935cf6c61c2299de32c62f4715840ffb7e72eeee9dbd0bfa81c600ecdbec9f53eaf360ba9da5c2fdca1c556a3314d6259207664ed24893d131d9b3633c7c32009177ee0f6f47d577b5be0b54e739398af95f101f4dc898aa8cb6f0853f9f256bc395b29dfdc0deaa6ff02c3febd1aafd851e85f4e", @ANYBLOB="ba1f7c8d4f493c698b6a1539f22cf8aa852998c55420d19832a8f1dab3795783b53445cc4f2b502fb5d4c8376a7f64b19cbe77c7a12e", @ANYBLOB="a3c2e0661fb992983588185a577fdb38cf2027792dbd27cf3015dfbda7e4602141af6215c5a60fa0abd8741d8891b778d040843828426ab1952bb94976f9e302517183cc884ae227f7d30524007d7734c505d9c3e5b44e3c2207fc4a009fe92fa0a1506559d5e9d55fb19b305bc70707d17977b4b5235981484f32866ec280c1faa69ecd13cd90c9e6d62b", @ANYRES16=r3], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) setreuid(0x0, 0x0) r9 = syz_io_uring_setup(0x42ea, &(0x7f00000004c0)={0x0, 0x2, 0x1, 0x0, 0x0, 0x0, r2}, &(0x7f0000000100), &(0x7f0000000080)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) io_uring_register$IORING_REGISTER_PBUF_RING(r9, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1) 387.500911ms ago: executing program 3 (id=2598): r0 = fsopen(&(0x7f0000000040)='devpts\x00', 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000140)=0xf4240) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000280)=0x14) close_range(r0, 0xffffffffffffffff, 0x0) 386.949111ms ago: executing program 4 (id=2599): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000001240)='./file0\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) syz_clone(0x840000, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0xfffffffffffffc01, 0x800}, 0x0, 0x4, 0x4, 0x5, 0x0, 0x2, 0xffbb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r0, 0x0, 0x0, 0x1000f4) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000002480)=@filter={'filter\x00', 0xe, 0x4, 0x13c8, 0xffffffff, 0x0, 0x190, 0xc0, 0xffffffff, 0xffffffff, 0x1358, 0x1358, 0x1358, 0xffffffff, 0x4, 0x0, {[{{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2, 0x0, 0xffffff00, 'ip6tnl0\x00', 'macvlan1\x00', {0xff}, {0xff}, 0x2e, 0x2, 0x4}, 0x0, 0x70, 0x98}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x21}, 0xff000000, 0xff000000, 'syzkaller1\x00', 'veth1_to_batadv\x00', {0xff}, {0xff}, 0x73, 0x3, 0x54}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x6, 0x4, 0x0, 0xbc5c6e8455f233f1, 0x1], 0x1, 0x4}, {0x4, [0x0, 0x6, 0x7, 0x0, 0x4, 0x3], 0x2}}}}, {{@ip={@loopback, @empty, 0xff, 0xff000000, 'geneve1\x00', 'syzkaller0\x00', {}, {}, 0x0, 0x2, 0x82}, 0x0, 0x10a0, 0x11c8, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup.net/syz0\x00', 0x8039, {0x2}}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x9, 'system_u:object_r:wireless_device_t:s0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x1428) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x2, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000640)={0xf, 0x8, 0xfa00, {r1, 0xd}}, 0xfffffee1) pipe2$9p(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, 0x0, 0x15) r4 = dup(r2) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x1081000, 0x0) ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000400)={0x0, {}, 0x0, {}, 0x20006, 0x0, 0x19, 0x14, "5f722b55c6c3ded638f80ac6cbddceec66b86b99cb0354fe511efbba02462824ee2852a5f5c5f2525733de6fbccb41ad5da9a3b739baf75412265cf5b26bf197", "b7ec4732b4f4a9e4a9b4cada263dfb17c20ea0a5144af540674ffd3f9228dc0d", [0x0, 0x4]}) r5 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) perf_event_open(&(0x7f0000000240)={0x0, 0x80, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x10, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61f0}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_buf(r6, 0x29, 0x6, 0x0, 0x0) perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x66, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) getpid() ftruncate(0xffffffffffffffff, 0x80000) io_setup(0x5, &(0x7f0000000e80)) pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3) write$RDMA_USER_CM_CMD_NOTIFY(r5, &(0x7f00000002c0)={0xf, 0x8, 0xfa00, {r1, 0x6}}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x1}, 0x48) r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xab, 0xab, 0xc, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x0, [{0x5, 0x4}, {0x9, 0x2}, {0x4}]}, @int={0xe, 0x0, 0x0, 0x1, 0x0, 0x69, 0x0, 0x73, 0x4}, @restrict={0x9, 0x0, 0x0, 0xb, 0x5}, @typedef={0xe, 0x0, 0x0, 0x8, 0x2}, @datasec={0x7, 0x4, 0x0, 0xf, 0x3, [{0x2, 0x7f, 0x2}, {0x5, 0x3ff, 0x7}, {0x4, 0x0, 0x3ff}, {0x2, 0x5}], "2a89e5"}, @typedef={0xe, 0x0, 0x0, 0x8, 0x1}, @enum={0x1, 0x1, 0x0, 0x6, 0x4, [{0x10, 0x9}]}]}, {0x0, [0x0, 0x61, 0x61, 0x0, 0x5f, 0x2e, 0x2e, 0x0, 0x2e, 0x61]}}, &(0x7f0000000180)=""/142, 0xd0, 0x8e, 0x0, 0x6}, 0x20) getpeername$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000400)=0x14) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x1, 0x3, 0x3, 0x80, r7, 0x9, '\x00', r9, r8, 0x4, 0x1, 0x2}, 0x48) 364.542283ms ago: executing program 3 (id=2600): r0 = eventfd2(0x0, 0x0) poll(&(0x7f0000000080)=[{r0}], 0x1, 0x4da90) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)}, {0x0}], 0x2) read$eventfd(r0, &(0x7f0000002100), 0x8) 302.149868ms ago: executing program 2 (id=2601): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) lsm_get_self_attr(0x68, &(0x7f0000000640)={0x0, 0x0, 0x82, 0x62, ""/98}, &(0x7f0000000080)=0x82, 0x0) 246.908322ms ago: executing program 2 (id=2602): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000840)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000001000000000000000b00000000030014"], 0x30}}, 0x0) 246.558232ms ago: executing program 2 (id=2603): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x458, 0x1c0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x480, 0xffffffff, 0xffffffff, 0x480, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xc8, 0x60030000, {0x0, 0xff000000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x1c8, 0x4, 0x0, 'syz0\x00'}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0xffffffffffffffff}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8) 223.068544ms ago: executing program 2 (id=2604): syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff) sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) close(0xffffffffffffffff) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r0, &(0x7f0000000200)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x13, r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$chown(0x4, r2, 0xee01, 0xee00) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDFONTOP_SET(r3, 0x4b72, &(0x7f0000000000)={0x5, 0x0, 0x29, 0x1e, 0x280, &(0x7f0000000880)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a7309000000000000000f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700001800000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd4f4a2e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c175858575713be5ee3f7f4dcecc98123f9ded3afdebe13d79a7f7fcb2469ae0ac503111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd797963a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294de988cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb7f585786388d4042dbae1c95b769e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d1c773a6664b66ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af922462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"}) keyctl$chown(0x4, r2, 0x0, 0x0) add_key$user(&(0x7f0000000100), &(0x7f0000000180)={'syz', 0x0}, &(0x7f00000001c0)="48473f2f71450543b552e7552e115999fbe3bccf2fca8b39a0b1fc7bb1eb169ebe13a3cfd2e9f1adf186c9fb9dabdf950f25214ddab997b4e168b4f1c8e017a253d544e8ecd596bf787e1be58c7f1818de2187d449c39da220530bc80d2669af076220c5c23de50639631f1e52c5db1c7e16f9f8f2bdde4a659519d3b9bd5bfac8403a41f25af58bc211083f60a99991559c6fe04ef80ff8ee288cd149c867d571c89986fbfbbb5967c5a40d72c4b71c0d11c2c087e066c11c583d07d85a272d867702cb7eca881b13b8747e1caa91158e5335e680edea", 0xd7, r2) getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x11c, 0x1, 0x0, 0x20000000) r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x1b) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f0000000340)=0x8) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r5 = open(&(0x7f0000000140)='./file0\x00', 0x149442, 0x0) ftruncate(r5, 0x200002) r6 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r7 = socket$pppl2tp(0x18, 0x1, 0x1) r8 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r8, &(0x7f0000000480)={0x2, 0x0, @dev}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r8, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@dev, 0x0, 0x32}, 0x2, @in=@private, 0x0, 0x4}}, 0xe8) connect$pppl2tp(r7, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r8, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32) sendfile(r7, r6, 0x0, 0x80001d00c0d0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{}, 0x0, &(0x7f0000000300)}, 0x20) 160.195719ms ago: executing program 2 (id=2605): socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x6}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340), 0x3}, 0x0, 0xc8}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r4) recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0xffffffffffffffbc, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) r8 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(r8, 0x0, &(0x7f00000000c0)=0x0) r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10) sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r11, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r9}]}, 0x1c}}, 0x0) write$nci(r8, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$cgroup_subtree(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102030400fe08000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 100.071663ms ago: executing program 1 (id=2606): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x9000000}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x54}}, 0x0) 88.469494ms ago: executing program 0 (id=2607): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) fchown(0xffffffffffffffff, 0x0, 0x0) 76.122805ms ago: executing program 1 (id=2608): creat(0x0, 0x0) mount(0x0, 0x0, 0x0, 0x1000, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1876969df1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000440), 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x5, 0xff, 0x0, 0x1}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x9, 0xa, 0x5, 0x1}, 0x48) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c00000044983cdaadfa1810f578e342e3fb878a4fc271753193423a40347273317f60850b196dee4bed6e566ebef01a93bbd847a84abe88507d7aa76b78d07dc5559591907d0c3849e18e3405cb60708232d671a4a5a86e30b448e5ca042ac63592d0e4f56fb236c3edec3969427ff2a7c504d8a0d933b76ec6bff27e6a0fd39915e14ca0e72505f350c75fbac849bce60fbebc24de66958f3d70c99d5573a8a7a0b8a7b5127bed00e06e93e59cd07c6e6f12813a6062ece690747fe8343c4d53", @ANYRES16=0x0, @ANYBLOB="000000000000000000003b00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0) bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r3, &(0x7f0000000300), 0x20000000}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001b00)={r3, &(0x7f0000001a40), 0x0}, 0x20) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x80000, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, {0x2}}, './file0\x00'}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) ioctl$BTRFS_IOC_DEFRAG_RANGE(r4, 0x40309410, &(0x7f0000000040)={0x0, 0x2, 0x1, 0x3, 0x2, [0x80000000, 0xa, 0xa10a, 0xfffffffb]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10) syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000)={[{@prjquota}, {@grpquota}, {@init_itable}, {@user_xattr}, {@nomblk_io_submit}]}, 0x2, 0xbdc, &(0x7f0000002f80)="$eJzs3MtrXNcZAPDvXo1k2VY7cimlLoWqmGJD8VhykalNoXZx6aaLQrMNWMgjIzR+oFFwJGsxiv+BkGQdyCaQxCRkEa+9SUi22ST2NiGLgAmKlUAIicKdlyaWRpbtka8i/35wdM9jZs73zdXMPQdmJoCn1kj2J404GBHnkohisz+NiIF6bTCi1rjdyvLi5LfLi5NJrK7+/6skkoi4t7w42XqspHnc32wMRsTH/0riN9fXz1udX5iZqFTKs832sbmLV45V5xeOTl+cuFC+UL40duLv48fHT4yeHO9Zrt99dvrmN3/+zxe179/84cbXL7+exOkYao515tErIzHSfk46FSJioteT5aSvmU9nnknhAXdKtzkoAAC6SjvWcL+LYvTF2uKtGO9/kmtwAAAAQE+s9kWsAgAAALtcYv8PAAAAu1zrcwD3lhcnWyXfTyQ8WXfPRMRwI/+VZmmMFKJWPw5Gf0Tsu5dE59dak8bdHttIRHx+5+Q7WYlt+h7yZmpLEfH7jc5/Us9/uP4t7vX5pxEx2oP5R+5r/5LyP92D+fPOH4Cn060zjQvZ+utf2l7/xAbXv8IG165Hkff1r7X+W1m3/lvLv6/L+u9/W5zj2huvXu02luX/j5v/frtVsvmz42Ml9RDuLkX8obBR/kk7/6RL/ue2OEfxx6vlbmN557/6WsThaOW/FJ35tySb/z7RsanpSnm08XfDOZY+Gn+r2/x555+d/32x8flv/f5Tt/N/ZYtzPHv27LvrOu+sVTfPP/1yIHmmXqvHU4h4fmJubnYsYiD571p/NPuPbx5L6zatx8jyP3Jo89f/Rvln7wm15vOQ7QWWmses/cJ9c/7zxrX3usXT2v/lef7Pdzn/nfl/WFh//l/c4hx/+eClI93GOve/Wcnmb+2FAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAljYihSNJSu56mpVLE/oj4bexLK5erc3+duvzcpfPZWMRw9KdT05XyaEQUG+0ka4/V62vt4/e1/xYRByLileLeers0eblyPu/kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNsfEUORpKWISCNipZimpVLeUQEAAAA9N5x3AAAAAMC2s/8HAACA3c/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG124E+3bicRUTu1t14yA82x/lwjA7ZbmncAQG768g4AyE0h7wCA3DzkHt9yAXah5AHjg12792xHOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsUIcP3rqdRETt1N56yQw0x/pzjQzYbmneAQC56dtssPDk4gCePC9xeHrZ4wPJA8YH125T+/nIni73uH7o6B97EhoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO8hQvSRpKSIGmn2lUsSvImI4+pOp6Up5NCJ+HRGfFvv3ZO2xnGMGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg96rzCzMTlUp5Nquk0ay0e1TWKknjGavtlHhUHqmStP/nB2InxLNTK3m/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkIfq/MLMRKVSnq3mHQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQt+r8wsxEpVKeHWx2zFZXk4ispz30uJWcUwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEc/BQAA//+P/QYV") mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r7 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a4c66810000000000d3000dd602000000005cf7ce1fc986bcdf"}) r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0) pwrite64(r8, &(0x7f0000000140)='2', 0xfdef, 0xfecc) 59.584696ms ago: executing program 0 (id=2609): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r1, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f844", 0x3a}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x16}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0) recvmsg$unix(r2, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100) 14.450769ms ago: executing program 1 (id=2610): r0 = fsopen(&(0x7f0000000040)='devpts\x00', 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000140)=0xf4240) ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000280)=0x14) close_range(r0, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=2611): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x76, 0x1b, 0xaf, 0x40, 0x17cc, 0x1020, 0xab24, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe3, 0x0, 0x0, 0xbe, 0x4e, 0x80}}]}}]}}, 0x0) kernel console output (not intermixed with test programs): 5918][ T8881] loop3: detected capacity change from 0 to 1024 [ 108.232591][ T8881] EXT4-fs: Ignoring removed nomblk_io_submit option [ 108.241501][ T8878] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 108.250196][ T8882] loop4: detected capacity change from 0 to 1024 [ 108.250491][ T8881] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 108.277740][ T8882] EXT4-fs: Ignoring removed nomblk_io_submit option [ 108.278575][ T8881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.285782][ T8878] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 108.304261][ T8878] vhci_hcd: invalid port number 23 [ 108.308249][ T8882] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 108.322145][ T8881] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 108.349825][ T8882] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 108.381165][ T8882] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 108.450089][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.471186][ T8892] FAULT_INJECTION: forcing a failure. [ 108.471186][ T8892] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 108.484333][ T8892] CPU: 1 UID: 0 PID: 8892 Comm: syz.2.1800 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 108.495059][ T8892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 108.505159][ T8892] Call Trace: [ 108.508427][ T8892] [ 108.511395][ T8892] dump_stack_lvl+0xf2/0x150 [ 108.516136][ T8892] dump_stack+0x15/0x20 [ 108.520290][ T8892] should_fail_ex+0x229/0x230 [ 108.525015][ T8892] should_fail+0xb/0x10 [ 108.529231][ T8892] should_fail_usercopy+0x1a/0x20 [ 108.534272][ T8892] strncpy_from_user+0x25/0x270 [ 108.539120][ T8892] strncpy_from_bpfptr+0x38/0x60 [ 108.544064][ T8892] bpf_prog_load+0x868/0x1070 [ 108.548896][ T8892] __sys_bpf+0x463/0x7a0 [ 108.553138][ T8892] __x64_sys_bpf+0x43/0x50 [ 108.557587][ T8892] x64_sys_call+0x2625/0x2d60 [ 108.562258][ T8892] do_syscall_64+0xc9/0x1c0 [ 108.566802][ T8892] ? clear_bhb_loop+0x55/0xb0 [ 108.571486][ T8892] ? clear_bhb_loop+0x55/0xb0 [ 108.576658][ T8892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.582550][ T8892] RIP: 0033:0x7fa33384ceb9 [ 108.587000][ T8892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.606607][ T8892] RSP: 002b:00007fa3324c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 108.615006][ T8892] RAX: ffffffffffffffda RBX: 00007fa333a05f80 RCX: 00007fa33384ceb9 [ 108.622993][ T8892] RDX: 0000000000000090 RSI: 00000000200000c0 RDI: 0000000000000005 [ 108.630991][ T8892] RBP: 00007fa3324c7090 R08: 0000000000000000 R09: 0000000000000000 [ 108.639136][ T8892] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 108.647093][ T8892] R13: 0000000000000000 R14: 00007fa333a05f80 R15: 00007ffca2f32218 [ 108.655060][ T8892] [ 108.670051][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 108.724065][ T29] kauditd_printk_skb: 1037 callbacks suppressed [ 108.724079][ T29] audit: type=1326 audit(1725426434.936:41844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.728349][ T8911] loop2: detected capacity change from 0 to 1024 [ 108.738153][ T29] audit: type=1326 audit(1725426434.946:41845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.784127][ T29] audit: type=1326 audit(1725426434.946:41846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.807696][ T29] audit: type=1326 audit(1725426434.946:41847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.823180][ T8914] loop4: detected capacity change from 0 to 8192 [ 108.831462][ T29] audit: type=1326 audit(1725426434.946:41848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.838636][ T8911] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 108.861232][ T29] audit: type=1326 audit(1725426434.946:41849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=312 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.893431][ T29] audit: type=1326 audit(1725426434.946:41850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.917024][ T29] audit: type=1326 audit(1725426434.946:41851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.940647][ T29] audit: type=1326 audit(1725426434.946:41852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 108.964171][ T29] audit: type=1326 audit(1725426434.946:41853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8904 comm="syz.4.1803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7faf9ce0ed4c code=0x7ffc0000 [ 108.968122][ T8921] loop3: detected capacity change from 0 to 1024 [ 109.005596][ T8921] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 109.007257][ T8911] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 109.022463][ T8911] vhci_hcd: invalid port number 23 [ 109.079181][ T8927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 109.094330][ T8927] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 109.212399][ T8935] netlink: 332 bytes leftover after parsing attributes in process `syz.2.1814'. [ 109.236956][ T8935] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1814'. [ 109.246036][ T8935] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1814'. [ 109.273819][ T8935] loop2: detected capacity change from 0 to 128 [ 109.296114][ T8935] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 109.331941][ T8935] ext4 filesystem being mounted at /153/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 109.384304][ T8935] EXT4-fs error (device loop2): __ext4_find_entry:1652: inode #11: comm syz.2.1814: checksumming directory block 0 [ 109.430988][ T6489] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 109.441302][ T8941] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 109.515573][ T8944] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1815'. [ 109.525646][ T8941] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1815'. [ 109.880895][ T8962] can0: slcan on pts0. [ 109.922283][ T8961] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 109.939702][ T8961] vhci_hcd: invalid port number 23 [ 109.945121][ T8962] can0 (unregistered): slcan off pts0. [ 110.145562][ T8970] loop3: detected capacity change from 0 to 2048 [ 110.166690][ T8978] loop4: detected capacity change from 0 to 1024 [ 110.174964][ T8970] loop3: p1 < > p4 [ 110.181328][ T8970] loop3: p4 size 8388608 extends beyond EOD, truncated [ 110.183223][ T8978] EXT4-fs: Ignoring removed nobh option [ 110.193889][ T8978] EXT4-fs: Ignoring removed orlov option [ 110.199578][ T8978] EXT4-fs: Ignoring removed nomblk_io_submit option [ 110.232715][ T8978] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 110.248810][ T8986] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 110.267543][ T8986] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 110.285786][ T8981] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12) [ 110.292469][ T8981] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 110.300079][ T8981] vhci_hcd vhci_hcd.0: Device attached [ 110.315631][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 110.339551][ T8991] serio: Serial port ptm0 [ 110.346406][ T8994] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 110.374274][ T8981] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 110.385150][ T8981] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(18) [ 110.387434][ T8996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1833'. [ 110.391752][ T8981] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 110.391794][ T8981] vhci_hcd vhci_hcd.0: Device attached [ 110.404789][ T8997] vhci_hcd: connection closed [ 110.433633][ T8988] vhci_hcd: connection closed [ 110.445295][ T69] vhci_hcd: stop threads [ 110.454334][ T69] vhci_hcd: release socket [ 110.458780][ T69] vhci_hcd: disconnect device [ 110.474425][ T69] vhci_hcd: stop threads [ 110.478705][ T69] vhci_hcd: release socket [ 110.483142][ T69] vhci_hcd: disconnect device [ 110.506346][ T9004] loop4: detected capacity change from 0 to 8192 [ 110.559828][ T9005] loop3: detected capacity change from 0 to 8192 [ 111.041885][ T9024] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 111.048486][ T9024] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 111.056019][ T9024] vhci_hcd vhci_hcd.0: Device attached [ 111.209864][ T9031] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1841'. [ 111.227474][ T9025] vhci_hcd: connection closed [ 111.227668][ T7358] vhci_hcd: stop threads [ 111.236714][ T7358] vhci_hcd: release socket [ 111.241122][ T7358] vhci_hcd: disconnect device [ 111.482235][ T9035] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1844'. [ 111.492805][ T9033] netlink: 'syz.4.1842': attribute type 1 has an invalid length. [ 111.500589][ T9033] netlink: 15231 bytes leftover after parsing attributes in process `syz.4.1842'. [ 111.633346][ T9052] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 111.665922][ T9054] loop4: detected capacity change from 0 to 164 [ 111.672959][ T9054] Unable to read rock-ridge attributes [ 111.680181][ T9054] Unable to read rock-ridge attributes [ 111.749983][ T9061] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1855'. [ 111.797671][ T9064] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 111.805992][ T9064] vhci_hcd: invalid port number 23 [ 112.121787][ T9081] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1863'. [ 112.160825][ T9081] bridge_slave_1: left allmulticast mode [ 112.166692][ T9081] bridge_slave_1: left promiscuous mode [ 112.172561][ T9081] bridge0: port 2(bridge_slave_1) entered disabled state [ 112.182221][ T9081] bridge_slave_0: left allmulticast mode [ 112.187959][ T9081] bridge_slave_0: left promiscuous mode [ 112.193649][ T9081] bridge0: port 1(bridge_slave_0) entered disabled state [ 112.467881][ T9106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.479483][ T9106] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.600909][ T9126] netlink: 'syz.0.1883': attribute type 21 has an invalid length. [ 112.609059][ T9126] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1883'. [ 112.638790][ T9133] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 112.645410][ T9133] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 112.652923][ T9133] vhci_hcd vhci_hcd.0: Device attached [ 112.658864][ T9134] vhci_hcd: connection closed [ 112.659046][ T3272] vhci_hcd: stop threads [ 112.668115][ T3272] vhci_hcd: release socket [ 112.672566][ T3272] vhci_hcd: disconnect device [ 113.040335][ T9173] loop2: detected capacity change from 0 to 1024 [ 113.053777][ T9173] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 113.160136][ T9187] loop2: detected capacity change from 0 to 1024 [ 113.172912][ T9187] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 113.204278][ T9187] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.211633][ T9187] vhci_hcd: invalid port number 23 [ 113.225684][ T9194] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.233157][ T9194] vhci_hcd: invalid port number 23 [ 113.258071][ T9197] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1909'. [ 113.350537][ T9211] loop2: detected capacity change from 0 to 1024 [ 113.357612][ T9211] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 113.469223][ T9227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 113.491957][ T9226] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 113.492069][ T9227] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 113.510420][ T9226] vhci_hcd: invalid port number 23 [ 113.643078][ T9248] loop3: detected capacity change from 0 to 1024 [ 113.652802][ T9248] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 113.754555][ T29] kauditd_printk_skb: 1757 callbacks suppressed [ 113.754567][ T29] audit: type=1326 audit(1725426439.976:43611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.756758][ T9255] loop4: detected capacity change from 0 to 8192 [ 113.766895][ T29] audit: type=1326 audit(1725426439.976:43612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.814528][ T29] audit: type=1326 audit(1725426439.976:43613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.838148][ T29] audit: type=1326 audit(1725426439.976:43614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.861806][ T29] audit: type=1326 audit(1725426439.976:43615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.885323][ T29] audit: type=1326 audit(1725426439.976:43616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.908830][ T29] audit: type=1326 audit(1725426439.976:43617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.932436][ T29] audit: type=1326 audit(1725426439.976:43618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.959261][ T29] audit: type=1326 audit(1725426440.146:43619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 113.986957][ T29] audit: type=1326 audit(1725426440.196:43620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9260 comm="syz.3.1935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faa7e6bceb9 code=0x7ffc0000 [ 114.064124][ T9273] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 114.072351][ T9273] vhci_hcd: invalid port number 23 [ 114.262206][ T9304] loop2: detected capacity change from 0 to 1024 [ 114.287740][ T9304] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.323275][ T9304] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 114.392574][ T9304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.409178][ T9304] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 114.549751][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.660794][ T9333] __nla_validate_parse: 4 callbacks suppressed [ 114.660809][ T9333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1959'. [ 114.702455][ T9333] loop3: detected capacity change from 0 to 1024 [ 114.717535][ T9333] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 114.722892][ T9341] loop2: detected capacity change from 0 to 1024 [ 114.728439][ T9333] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 114.752585][ T9341] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.760940][ T9342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 114.769647][ T9333] JBD2: no valid journal superblock found [ 114.770172][ T9341] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 114.775435][ T9333] EXT4-fs (loop3): Could not load journal inode [ 114.791444][ T9342] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 114.800644][ T9341] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 114.823733][ T9341] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 114.918022][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 114.962216][ T9351] loop3: detected capacity change from 0 to 1024 [ 114.980033][ T9351] EXT4-fs: Ignoring removed nomblk_io_submit option [ 114.995876][ T9350] loop2: detected capacity change from 0 to 8192 [ 115.002658][ T9351] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 115.027698][ T9351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.047020][ T9356] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1964'. [ 115.047885][ T9347] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 115.092612][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.137060][ T9364] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 115.143697][ T9364] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 115.151114][ T9364] vhci_hcd vhci_hcd.0: Device attached [ 115.161748][ T9365] vhci_hcd: connection closed [ 115.161899][ T3272] vhci_hcd: stop threads [ 115.170832][ T3272] vhci_hcd: release socket [ 115.175316][ T3272] vhci_hcd: disconnect device [ 115.319270][ T9374] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 115.419606][ T9387] Cannot find del_set index 0 as target [ 115.443082][ T9389] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1975'. [ 115.591715][ T9401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.600479][ T9401] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.622044][ T9402] loop2: detected capacity change from 0 to 1024 [ 115.628896][ T9402] EXT4-fs: Ignoring removed nomblk_io_submit option [ 115.637194][ T9402] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 115.656373][ T9402] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 115.669918][ T9402] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 115.753502][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 115.885051][ T9421] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1981'. [ 115.914341][ T9423] loop2: detected capacity change from 0 to 1024 [ 115.921424][ T9423] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 116.063118][ T9425] loop2: detected capacity change from 0 to 8192 [ 116.379465][ T9435] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 116.386010][ T9435] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 116.393511][ T9435] vhci_hcd vhci_hcd.0: Device attached [ 116.414314][ T9436] vhci_hcd: connection closed [ 116.414529][ T7358] vhci_hcd: stop threads [ 116.423484][ T7358] vhci_hcd: release socket [ 116.427949][ T7358] vhci_hcd: disconnect device [ 116.643365][ T9440] loop3: detected capacity change from 0 to 1024 [ 116.654321][ T9440] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.674886][ T9440] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 116.705940][ T9440] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.725335][ T9440] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 116.790364][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 116.883920][ T9461] loop3: detected capacity change from 0 to 1024 [ 116.890898][ T9461] EXT4-fs: Ignoring removed nomblk_io_submit option [ 116.897863][ T9461] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 116.915495][ T9461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 116.928504][ T9461] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 117.019467][ T9468] loop4: detected capacity change from 0 to 8192 [ 117.415880][ T9476] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 117.617093][ T9494] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5) [ 117.623639][ T9494] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 117.631160][ T9494] vhci_hcd vhci_hcd.0: Device attached [ 117.638647][ T9495] vhci_hcd: connection closed [ 117.639193][ T3272] vhci_hcd: stop threads [ 117.648332][ T3272] vhci_hcd: release socket [ 117.652783][ T3272] vhci_hcd: disconnect device [ 117.685457][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 117.731867][ T9504] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 117.739307][ T9504] vhci_hcd: invalid port number 23 [ 117.789530][ T9507] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 117.797071][ T9507] vhci_hcd: invalid port number 23 [ 117.845351][ T9511] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2017'. [ 117.941546][ T9517] loop3: detected capacity change from 0 to 1024 [ 117.950838][ T9517] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 118.001828][ T9529] serio: Serial port ptm0 [ 118.038135][ T9527] loop2: detected capacity change from 0 to 8192 [ 118.053375][ T9531] loop3: detected capacity change from 0 to 2048 [ 118.094439][ T9531] loop3: p1 < > p4 [ 118.101238][ T9531] loop3: p4 size 8388608 extends beyond EOD, truncated [ 118.189524][ T9539] loop3: detected capacity change from 0 to 1024 [ 118.200832][ T9539] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 118.245004][ T9539] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 118.252471][ T9539] vhci_hcd: invalid port number 23 [ 118.386623][ T9552] loop3: detected capacity change from 0 to 164 [ 118.395588][ T9552] Unable to read rock-ridge attributes [ 118.412753][ T9552] Unable to read rock-ridge attributes [ 118.505880][ T9559] loop3: detected capacity change from 0 to 1024 [ 118.512822][ T9559] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 118.576807][ T9563] serio: Serial port ptm1 [ 118.648727][ T9573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 118.657553][ T9573] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 118.657753][ T9571] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2040'. [ 118.697725][ T9575] loop4: detected capacity change from 0 to 1024 [ 118.706837][ T9575] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 118.713482][ T9579] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2039'. [ 118.739160][ T9575] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 118.749812][ T9575] vhci_hcd: invalid port number 23 [ 118.767405][ T9585] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 118.780435][ T9587] loop2: detected capacity change from 0 to 1024 [ 118.788222][ T9587] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 118.801538][ T29] kauditd_printk_skb: 927 callbacks suppressed [ 118.801552][ T29] audit: type=1326 audit(1725426445.016:44548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.818794][ T9591] loop4: detected capacity change from 0 to 2048 [ 118.833943][ T29] audit: type=1326 audit(1725426445.016:44549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.861503][ T29] audit: type=1326 audit(1725426445.016:44550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.885000][ T29] audit: type=1326 audit(1725426445.016:44551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.908496][ T29] audit: type=1326 audit(1725426445.016:44552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.932042][ T29] audit: type=1326 audit(1725426445.016:44553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.955865][ T29] audit: type=1326 audit(1725426445.016:44554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 118.979577][ T29] audit: type=1326 audit(1725426445.016:44555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 119.003114][ T29] audit: type=1326 audit(1725426445.026:44556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 119.026943][ T29] audit: type=1326 audit(1725426445.026:44557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9590 comm="syz.4.2049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 119.084692][ T9595] loop4: p1 < > p4 [ 119.089074][ T9595] loop4: p4 size 8388608 extends beyond EOD, truncated [ 119.105809][ T9599] serio: Serial port ptm0 [ 119.107365][ T9591] loop4: p1 < > p4 [ 119.121249][ T9591] loop4: p4 size 8388608 extends beyond EOD, truncated [ 119.148936][ T9603] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2053'. [ 119.223338][ T9615] Cannot find del_set index 0 as target [ 119.228729][ T9612] loop2: detected capacity change from 0 to 8192 [ 119.254658][ T9618] loop3: detected capacity change from 0 to 1024 [ 119.265620][ T9618] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 119.293188][ T9621] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.300819][ T9621] vhci_hcd: invalid port number 23 [ 119.306257][ T9618] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 119.313713][ T9618] vhci_hcd: invalid port number 23 [ 119.662477][ T9640] serio: Serial port ptm0 [ 119.749466][ T9647] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.758014][ T9647] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.032652][ T9649] Cannot find del_set index 0 as target [ 120.083811][ T9655] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 120.091263][ T9655] vhci_hcd: invalid port number 23 [ 120.151327][ T9663] loop4: detected capacity change from 0 to 1024 [ 120.158618][ T9663] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 120.272594][ T9679] loop3: detected capacity change from 0 to 164 [ 120.280978][ T9679] Unable to read rock-ridge attributes [ 120.288279][ T9679] Unable to read rock-ridge attributes [ 120.299899][ T9681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2081'. [ 120.354613][ T9691] FAULT_INJECTION: forcing a failure. [ 120.354613][ T9691] name failslab, interval 1, probability 0, space 0, times 0 [ 120.367391][ T9691] CPU: 1 UID: 0 PID: 9691 Comm: syz.1.2084 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 120.372372][ T9693] loop3: detected capacity change from 0 to 1024 [ 120.378063][ T9691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 120.378078][ T9691] Call Trace: [ 120.378086][ T9691] [ 120.378100][ T9691] dump_stack_lvl+0xf2/0x150 [ 120.378124][ T9691] dump_stack+0x15/0x20 [ 120.378141][ T9691] should_fail_ex+0x229/0x230 [ 120.378163][ T9691] ? __anon_vma_prepare+0xcf/0x310 [ 120.378190][ T9691] should_failslab+0x8f/0xb0 [ 120.385865][ T9693] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 120.394543][ T9691] kmem_cache_alloc_noprof+0x4c/0x290 [ 120.394575][ T9691] __anon_vma_prepare+0xcf/0x310 [ 120.394596][ T9691] ? do_wp_page+0xfb8/0x22c0 [ 120.447500][ T9691] do_wp_page+0xfc0/0x22c0 [ 120.452024][ T9691] ? __rcu_read_lock+0x36/0x50 [ 120.456858][ T9691] ? __rcu_read_lock+0x36/0x50 [ 120.461701][ T9691] handle_mm_fault+0xc4d/0x2a30 [ 120.466560][ T9691] exc_page_fault+0x3b9/0x650 [ 120.471334][ T9691] asm_exc_page_fault+0x26/0x30 [ 120.476183][ T9691] RIP: 0033:0x7f9efbe60bf3 [ 120.480589][ T9691] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c [ 120.500458][ T9691] RSP: 002b:00007f9efac164a0 EFLAGS: 00010202 [ 120.506602][ T9691] RAX: 0000000000000400 RBX: 00007f9efac16540 RCX: 00007f9ef27f7000 [ 120.514695][ T9691] RDX: 00007f9efac166e0 RSI: 0000000000000009 RDI: 00007f9efac165e0 [ 120.522765][ T9691] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000a6 [ 120.530762][ T9691] R10: 00000000000000be R11: 00007f9efac16540 R12: 0000000000000001 [ 120.538731][ T9691] R13: 00007f9efc023500 R14: 0000000000000020 R15: 00007f9efac165e0 [ 120.546734][ T9691] [ 120.549846][ T9691] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 120.571338][ T9693] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 120.579217][ T9693] vhci_hcd: invalid port number 23 [ 120.591605][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2087'. [ 120.608728][ T9700] loop2: detected capacity change from 0 to 1024 [ 120.626027][ T9700] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 120.636958][ T9700] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 120.647804][ T9700] JBD2: no valid journal superblock found [ 120.653634][ T9700] EXT4-fs (loop2): Could not load journal inode [ 120.700778][ T9711] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 120.710387][ T9711] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.727251][ T9713] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2093'. [ 121.217214][ T9736] loop4: detected capacity change from 0 to 1024 [ 121.230708][ T9736] EXT4-fs: Ignoring removed nomblk_io_submit option [ 121.245788][ T9736] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 121.257000][ T9740] Cannot find del_set index 0 as target [ 121.257816][ T9738] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 121.280434][ T9743] loop2: detected capacity change from 0 to 512 [ 121.282951][ T9738] vhci_hcd: invalid port number 23 [ 121.292621][ T9736] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 121.306920][ T9743] EXT4-fs error (device loop2): ext4_quota_enable:7018: comm syz.2.2102: Bad quota inum: 196608, type: 0 [ 121.307215][ T9736] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 121.341471][ T9743] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=196608). Please run e2fsck to fix. [ 121.357770][ T9743] EXT4-fs (loop2): mount failed [ 121.371057][ T9743] loop2: detected capacity change from 0 to 1024 [ 121.379005][ T9743] EXT4-fs: Ignoring removed nobh option [ 121.407632][ T9743] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.422322][ T9743] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 121.430045][ T9743] vhci_hcd: invalid port number 23 [ 121.439889][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.449699][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.472300][ T9753] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2104'. [ 121.480532][ T9757] loop2: detected capacity change from 0 to 512 [ 121.505849][ T9757] EXT4-fs error (device loop2): ext4_quota_enable:7018: comm syz.2.2105: Bad quota inum: 196608, type: 0 [ 121.517419][ T9757] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=196608). Please run e2fsck to fix. [ 121.533594][ T9757] EXT4-fs (loop2): mount failed [ 121.553223][ T9757] loop2: detected capacity change from 0 to 1024 [ 121.563000][ T9757] EXT4-fs: Ignoring removed nobh option [ 121.578865][ T9757] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 121.608002][ T9757] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 121.621470][ T9757] vhci_hcd: invalid port number 23 [ 121.644665][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 121.671516][ T9784] Cannot find del_set index 0 as target [ 121.671669][ T9782] loop4: detected capacity change from 0 to 1024 [ 121.692380][ T9782] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 121.713680][ T9790] loop2: detected capacity change from 0 to 512 [ 121.725304][ T9790] EXT4-fs error (device loop2): ext4_quota_enable:7018: comm syz.2.2115: Bad quota inum: 196608, type: 0 [ 121.726464][ T9782] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 121.746525][ T9782] vhci_hcd: invalid port number 23 [ 121.747546][ T9790] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=0, err=-117, ino=196608). Please run e2fsck to fix. [ 121.766993][ T9790] EXT4-fs (loop2): mount failed [ 121.777503][ T9797] FAULT_INJECTION: forcing a failure. [ 121.777503][ T9797] name failslab, interval 1, probability 0, space 0, times 0 [ 121.790175][ T9797] CPU: 1 UID: 0 PID: 9797 Comm: syz.0.2117 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 121.800950][ T9797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 121.811022][ T9797] Call Trace: [ 121.814291][ T9797] [ 121.817212][ T9797] dump_stack_lvl+0xf2/0x150 [ 121.821943][ T9797] dump_stack+0x15/0x20 [ 121.826087][ T9797] should_fail_ex+0x229/0x230 [ 121.830827][ T9797] ? __alloc_skb+0x10b/0x310 [ 121.835406][ T9797] should_failslab+0x8f/0xb0 [ 121.840074][ T9797] kmem_cache_alloc_node_noprof+0x51/0x2b0 [ 121.845879][ T9797] __alloc_skb+0x10b/0x310 [ 121.850285][ T9797] audit_log_start+0x368/0x6b0 [ 121.855047][ T9797] audit_seccomp+0x4b/0x130 [ 121.859555][ T9797] __seccomp_filter+0x6fa/0x1180 [ 121.864537][ T9797] ? proc_fail_nth_write+0x130/0x160 [ 121.869813][ T9797] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 121.875487][ T9797] ? vfs_write+0x5a5/0x900 [ 121.879990][ T9797] ? __fget_files+0x1da/0x210 [ 121.884676][ T9797] __secure_computing+0x9f/0x1c0 [ 121.889635][ T9797] syscall_trace_enter+0xd1/0x1f0 [ 121.894752][ T9797] ? fpregs_assert_state_consistent+0x83/0xa0 [ 121.900867][ T9797] do_syscall_64+0xaa/0x1c0 [ 121.905364][ T9797] ? clear_bhb_loop+0x55/0xb0 [ 121.910031][ T9797] ? clear_bhb_loop+0x55/0xb0 [ 121.914699][ T9797] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.920621][ T9797] RIP: 0033:0x7f803429ceb9 [ 121.925069][ T9797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.944722][ T9797] RSP: 002b:00007f8032f17038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f [ 121.953129][ T9797] RAX: ffffffffffffffda RBX: 00007f8034455f80 RCX: 00007f803429ceb9 [ 121.961102][ T9797] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020000080 [ 121.969065][ T9797] RBP: 00007f8032f17090 R08: 0000000000000000 R09: 0000000000000000 [ 121.977075][ T9797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.985037][ T9797] R13: 0000000000000000 R14: 00007f8034455f80 R15: 00007ffd2adf69d8 [ 121.993016][ T9797] [ 122.002574][ T9790] loop2: detected capacity change from 0 to 1024 [ 122.009508][ T9790] EXT4-fs: Ignoring removed nobh option [ 122.026495][ T9790] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.029751][ T9799] loop3: detected capacity change from 0 to 2048 [ 122.046961][ T9790] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 122.058903][ T9790] vhci_hcd: invalid port number 23 [ 122.075711][ T9799] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.2118: bad orphan inode 8192 [ 122.082206][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.094466][ T9799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 122.134214][ T9799] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2118'. [ 122.149735][ T9799] bridge_slave_1: left allmulticast mode [ 122.155468][ T9799] bridge_slave_1: left promiscuous mode [ 122.161164][ T9799] bridge0: port 2(bridge_slave_1) entered disabled state [ 122.179368][ T9799] bridge_slave_0: left allmulticast mode [ 122.185151][ T9799] bridge_slave_0: left promiscuous mode [ 122.190784][ T9799] bridge0: port 1(bridge_slave_0) entered disabled state [ 122.353209][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 122.553130][ T9833] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2128'. [ 122.951584][ T9837] loop4: detected capacity change from 0 to 1024 [ 122.958423][ T9837] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities [ 122.971955][ T9839] loop2: detected capacity change from 0 to 1024 [ 122.978935][ T9839] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 122.990274][ T9837] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 122.998553][ T9839] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 122.998661][ T9837] vhci_hcd: invalid port number 23 [ 123.011830][ T9839] EXT4-fs (loop2): orphan cleanup on readonly fs [ 123.018588][ T9839] EXT4-fs error (device loop2): ext4_free_blocks:6590: comm syz.2.2131: Freeing blocks not in datazone - block = 0, count = 4096 [ 123.033298][ T9839] EXT4-fs (loop2): 1 orphan inode deleted [ 123.039588][ T9839] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 123.054322][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz.2.2131: path /226/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 123.077538][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.125637][ T9848] loop4: detected capacity change from 0 to 164 [ 123.132215][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 18: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.156713][ T9848] Unable to read rock-ridge attributes [ 123.156707][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 19: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.166680][ T9848] Unable to read rock-ridge attributes [ 123.186703][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 20: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.212746][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 21: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.265741][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 22: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.326017][ T9839] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 23: comm syz.2.2131: path /226/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 123.358641][ T9854] loop4: detected capacity change from 0 to 8192 [ 123.368094][ T9858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.389109][ T9858] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.413313][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 123.676717][ T9876] Cannot find del_set index 0 as target [ 123.707069][ T9878] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 123.715825][ T9878] vhci_hcd: invalid port number 23 [ 123.791992][ T9882] tun0: tun_chr_ioctl cmd 35108 [ 123.797500][ T9882] bond0: entered promiscuous mode [ 123.802550][ T9882] bond_slave_0: entered promiscuous mode [ 123.808315][ T9882] bond_slave_1: entered promiscuous mode [ 123.814073][ T9882] bridge0: entered promiscuous mode [ 123.828526][ T9882] bond0: (slave bond_slave_0): Releasing backup interface [ 123.836562][ T9882] bond_slave_0: left promiscuous mode [ 123.849776][ T9889] serio: Serial port ptm0 [ 123.924887][ T9885] bond0: left promiscuous mode [ 123.929683][ T9885] bond_slave_1: left promiscuous mode [ 123.935207][ T9885] bridge0: left promiscuous mode [ 123.942225][ T29] kauditd_printk_skb: 914 callbacks suppressed [ 123.942237][ T29] audit: type=1326 audit(1725426450.156:45470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 123.972106][ T29] audit: type=1326 audit(1725426450.156:45471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 123.995657][ T29] audit: type=1326 audit(1725426450.156:45472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.019415][ T29] audit: type=1326 audit(1725426450.156:45473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.043092][ T29] audit: type=1326 audit(1725426450.156:45474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.066652][ T29] audit: type=1326 audit(1725426450.156:45475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.090205][ T29] audit: type=1326 audit(1725426450.156:45476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.114119][ T29] audit: type=1326 audit(1725426450.156:45477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.137578][ T29] audit: type=1326 audit(1725426450.156:45478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.161071][ T29] audit: type=1326 audit(1725426450.156:45479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9894 comm="syz.1.2152" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9efbf9ceb9 code=0x7ffc0000 [ 124.219463][ T9903] loop4: detected capacity change from 0 to 2048 [ 124.239526][ T9911] loop3: detected capacity change from 0 to 164 [ 124.252159][ T9911] Unable to read rock-ridge attributes [ 124.258155][ T9911] Unable to read rock-ridge attributes [ 124.290771][ T9903] loop4: p1 < > p4 [ 124.300907][ T9903] loop4: p4 size 8388608 extends beyond EOD, truncated [ 124.313560][ T9917] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 124.339985][ T9917] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 124.451495][ T9925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2165'. [ 124.465192][ T9926] loop2: detected capacity change from 0 to 1024 [ 124.482341][ T9926] EXT4-fs: Ignoring removed nomblk_io_submit option [ 124.502782][ T9926] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 124.539965][ T9926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 124.587040][ T9923] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 124.596216][ T9937] loop4: detected capacity change from 0 to 1024 [ 124.610971][ T9937] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 124.621892][ T9937] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 124.644136][ T9937] JBD2: no valid journal superblock found [ 124.649903][ T9937] EXT4-fs (loop4): Could not load journal inode [ 124.670459][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 124.776492][ T9944] loop2: detected capacity change from 0 to 2048 [ 124.792551][ T9946] loop3: detected capacity change from 0 to 1024 [ 124.808696][ T9946] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 124.814631][ T9944] loop2: p1 < > p4 [ 124.821713][ T9944] loop2: p4 size 8388608 extends beyond EOD, truncated [ 124.904803][ T9960] Cannot find del_set index 0 as target [ 124.919229][ T9959] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2177'. [ 124.989908][ T9968] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 124.998137][ T9968] vhci_hcd: invalid port number 23 [ 125.175484][ T9988] loop3: detected capacity change from 0 to 1024 [ 125.194083][ T9988] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 125.205014][ T9988] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 125.228193][ T9988] JBD2: no valid journal superblock found [ 125.234026][ T9988] EXT4-fs (loop3): Could not load journal inode [ 125.236095][ T9991] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2190'. [ 125.345637][T10003] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 125.354220][T10003] vhci_hcd: invalid port number 23 [ 125.360928][T10005] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2197'. [ 125.440968][T10013] loop3: detected capacity change from 0 to 2048 [ 125.487286][T10013] loop3: p1 < > p4 [ 125.512746][T10013] loop3: p4 size 8388608 extends beyond EOD, truncated [ 125.580420][T10021] loop2: detected capacity change from 0 to 1024 [ 125.601149][T10021] EXT4-fs: Ignoring removed nomblk_io_submit option [ 125.615605][T10021] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 125.627759][T10025] Cannot find del_set index 0 as target [ 125.637012][T10027] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2204'. [ 125.656957][T10021] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 125.693197][T10021] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 125.731618][T10043] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2211'. [ 125.775925][T10048] loop4: detected capacity change from 0 to 1024 [ 125.782928][T10048] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 125.819222][T10048] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 125.830565][T10048] EXT4-fs (loop4): orphan cleanup on readonly fs [ 125.846988][T10048] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz.4.2214: Freeing blocks not in datazone - block = 0, count = 4096 [ 125.861113][T10048] EXT4-fs (loop4): 1 orphan inode deleted [ 125.869252][T10048] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 125.885160][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.2214: path /440/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 125.906887][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 125.929014][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 18: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 125.953343][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.000070][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 19: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 126.021741][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 20: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 126.051182][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 21: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 126.052603][T10064] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2220'. [ 126.072994][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 22: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 126.101570][T10048] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 23: comm syz.4.2214: path /440/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 126.129540][T10071] loop2: detected capacity change from 0 to 1024 [ 126.148768][T10071] EXT4-fs: Ignoring removed nomblk_io_submit option [ 126.158357][T10071] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 126.194872][T10071] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.218665][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.229905][T10071] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 126.260403][T10085] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2225'. [ 126.322689][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.338351][T10092] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1012 sclass=netlink_route_socket pid=10092 comm=syz.1.2229 [ 126.373548][T10098] loop2: detected capacity change from 0 to 1024 [ 126.389222][T10098] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 126.400248][T10098] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 126.407293][T10101] loop4: detected capacity change from 0 to 1024 [ 126.411856][T10098] JBD2: no valid journal superblock found [ 126.422041][T10098] EXT4-fs (loop2): Could not load journal inode [ 126.444870][T10101] EXT4-fs: Ignoring removed nomblk_io_submit option [ 126.452536][T10101] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 126.486446][T10101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 126.502584][T10101] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 126.604454][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 126.615802][T10108] loop3: detected capacity change from 0 to 8192 [ 126.625835][T10112] loop2: detected capacity change from 0 to 1024 [ 126.647924][T10112] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 126.764277][T10129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.781120][T10129] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.066696][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2246'. [ 127.075741][T10144] bridge_slave_1: left allmulticast mode [ 127.081358][T10144] bridge_slave_1: left promiscuous mode [ 127.087003][T10144] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.094791][T10144] bridge_slave_0: left allmulticast mode [ 127.100439][T10144] bridge_slave_0: left promiscuous mode [ 127.106183][T10144] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.404384][T10171] loop2: detected capacity change from 0 to 1024 [ 127.419682][T10171] EXT4-fs: Ignoring removed nomblk_io_submit option [ 127.433077][T10170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2253'. [ 127.435322][T10171] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 127.488452][T10171] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 127.525571][T10168] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 127.566400][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 127.778849][T10196] loop4: detected capacity change from 0 to 2048 [ 127.805604][T10196] EXT4-fs error (device loop4): ext4_orphan_get:1417: comm syz.4.2264: bad orphan inode 8192 [ 127.816546][T10196] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 127.837698][T10196] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2264'. [ 127.853514][T10196] bridge_slave_1: left allmulticast mode [ 127.859248][T10196] bridge_slave_1: left promiscuous mode [ 127.865012][T10196] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.876027][T10196] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.897554][T10196] bond0: (slave bridge0): Releasing backup interface [ 127.996572][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 128.259349][T10228] loop3: detected capacity change from 0 to 512 [ 128.275409][T10228] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 128.299221][T10228] EXT4-fs (loop3): 1 truncate cleaned up [ 128.322131][T10228] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 128.484080][T10228] loop3: detected capacity change from 512 to 64 [ 128.518835][T10228] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 128:freeing already freed block (bit 127); block bitmap corrupt. [ 128.533419][T10228] EXT4-fs (loop3): pa ffff8881068160e0: logic 0, phys. 65, len 64 [ 128.541244][T10228] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5368: group 0, free 64, pa_free 63 [ 128.575292][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.600966][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.616738][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.636977][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.650805][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.664336][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.678017][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.692659][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.706317][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.720383][ T8166] EXT4-fs warning (device loop3): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 128.848685][T10258] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2286'. [ 128.870928][T10256] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2285'. [ 129.006617][ T8166] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.018772][ T29] kauditd_printk_skb: 953 callbacks suppressed [ 129.018785][ T29] audit: type=1326 audit(1725426455.236:46433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.049384][ T29] audit: type=1326 audit(1725426455.246:46434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.050996][ T69] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.073044][ T29] audit: type=1326 audit(1725426455.246:46435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.106759][ T29] audit: type=1326 audit(1725426455.246:46436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.130363][ T29] audit: type=1326 audit(1725426455.246:46437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.154345][ T29] audit: type=1326 audit(1725426455.246:46438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.178486][ T29] audit: type=1326 audit(1725426455.246:46439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.202211][ T29] audit: type=1326 audit(1725426455.246:46440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.225775][ T29] audit: type=1326 audit(1725426455.246:46441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.249329][ T29] audit: type=1326 audit(1725426455.246:46442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10259 comm="syz.4.2287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 129.307447][ T69] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.349900][ T69] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.402589][T10279] loop4: detected capacity change from 0 to 1024 [ 129.410230][ T69] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 129.421765][T10279] EXT4-fs: Ignoring removed nomblk_io_submit option [ 129.435490][T10279] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 129.466040][T10265] chnl_net:caif_netlink_parms(): no params data found [ 129.473605][T10279] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 129.476213][T10285] loop2: detected capacity change from 0 to 512 [ 129.498023][T10279] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 129.507347][T10285] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 129.525258][T10285] EXT4-fs (loop2): 1 truncate cleaned up [ 129.539276][T10285] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 129.566478][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 129.603266][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 129.634614][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 129.646171][ T69] bond0 (unregistering): Released all slaves [ 129.676090][T10285] loop2: detected capacity change from 512 to 64 [ 129.700665][T10265] bridge0: port 1(bridge_slave_0) entered blocking state [ 129.707847][T10265] bridge0: port 1(bridge_slave_0) entered disabled state [ 129.716461][T10285] EXT4-fs error (device loop2): mb_free_blocks:1948: group 0, inode 15: block 128:freeing already freed block (bit 127); block bitmap corrupt. [ 129.731059][T10285] EXT4-fs (loop2): pa ffff888105bc2850: logic 0, phys. 65, len 64 [ 129.739072][T10285] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5368: group 0, free 64, pa_free 63 [ 129.743687][T10265] bridge_slave_0: entered allmulticast mode [ 129.758615][T10265] bridge_slave_0: entered promiscuous mode [ 129.765600][T10265] bridge0: port 2(bridge_slave_1) entered blocking state [ 129.772667][T10265] bridge0: port 2(bridge_slave_1) entered disabled state [ 129.776320][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.780381][T10265] bridge_slave_1: entered allmulticast mode [ 129.799885][T10265] bridge_slave_1: entered promiscuous mode [ 129.801834][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.819843][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.834083][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.847651][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.863496][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.877096][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.890640][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.892513][T10265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 129.904225][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.926721][ T6489] EXT4-fs warning (device loop2): ext4_empty_dir:3115: inode #11: lblock 5: comm syz-executor: error -12 reading directory block [ 129.941407][ T69] hsr_slave_0: left promiscuous mode [ 129.947721][ T69] hsr_slave_1: left promiscuous mode [ 129.953563][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 129.961155][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 129.969764][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 129.977207][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 129.986439][ T69] veth1_macvtap: left promiscuous mode [ 129.991927][ T69] veth0_macvtap: left promiscuous mode [ 129.997468][ T69] veth1_vlan: left promiscuous mode [ 130.002689][ T69] veth0_vlan: left promiscuous mode [ 130.115834][ T69] team0 (unregistering): Port device team_slave_1 removed [ 130.127504][ T69] team0 (unregistering): Port device team_slave_0 removed [ 130.173265][T10265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.207079][T10315] serio: Serial port ptm0 [ 130.225906][T10265] team0: Port device team_slave_0 added [ 130.234587][T10265] team0: Port device team_slave_1 added [ 130.257367][T10265] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.264388][T10265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.290372][T10265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.302306][T10265] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.309300][T10265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.335304][T10265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 130.363465][T10265] hsr_slave_0: entered promiscuous mode [ 130.370694][T10265] hsr_slave_1: entered promiscuous mode [ 130.415555][ T6489] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 130.510991][T10330] __nla_validate_parse: 2 callbacks suppressed [ 130.511006][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2305'. [ 130.630851][T10324] chnl_net:caif_netlink_parms(): no params data found [ 130.678463][T10324] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.685575][T10324] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.692837][T10324] bridge_slave_0: entered allmulticast mode [ 130.699792][T10324] bridge_slave_0: entered promiscuous mode [ 130.718081][T10324] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.725184][T10324] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.733343][T10324] bridge_slave_1: entered allmulticast mode [ 130.739950][T10324] bridge_slave_1: entered promiscuous mode [ 130.764728][T10324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.780604][T10324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.808841][T10324] team0: Port device team_slave_0 added [ 130.827055][ T69] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.842891][T10324] team0: Port device team_slave_1 added [ 130.868981][T10265] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 130.878804][T10265] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 130.887887][T10324] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.895637][T10324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.921851][T10324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.939184][ T69] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.950238][T10265] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 130.958660][T10324] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.965660][T10324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.991748][T10324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.008294][T10265] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 131.019845][ T69] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.058628][T10324] hsr_slave_0: entered promiscuous mode [ 131.065521][T10324] hsr_slave_1: entered promiscuous mode [ 131.071474][T10324] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 131.073041][T10356] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 131.080231][T10324] Cannot create hsr debugfs directory [ 131.111182][ T69] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.181727][T10265] 8021q: adding VLAN 0 to HW filter on device bond0 [ 131.207518][T10265] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.255838][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.263009][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.273588][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.280857][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.284472][T10376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.295179][ T69] bridge_slave_1: left allmulticast mode [ 131.302026][ T69] bridge_slave_1: left promiscuous mode [ 131.308060][ T69] bridge0: port 2(bridge_slave_1) entered disabled state [ 131.308069][T10376] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 131.323769][ T69] bridge0: port 1(bridge_slave_0) entered disabled state [ 131.456134][ T69] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 131.466544][ T69] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 131.476947][ T69] bond0 (unregistering): Released all slaves [ 131.501547][T10265] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 131.552529][T10265] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.591225][T10383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2325'. [ 131.627749][ T69] hsr_slave_0: left promiscuous mode [ 131.633391][ T69] hsr_slave_1: left promiscuous mode [ 131.639134][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 131.646732][ T69] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 131.654586][ T69] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 131.661959][ T69] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 131.670994][ T69] dummy0: left promiscuous mode [ 131.675910][ T69] veth1_macvtap: left promiscuous mode [ 131.681429][ T69] veth0_macvtap: left promiscuous mode [ 131.686942][ T69] veth1_vlan: left promiscuous mode [ 131.692210][ T69] veth0_vlan: left promiscuous mode [ 131.761154][ T69] team0 (unregistering): Port device team_slave_1 removed [ 131.771267][ T69] team0 (unregistering): Port device team_slave_0 removed [ 131.810467][T10265] veth0_vlan: entered promiscuous mode [ 131.821666][T10265] veth1_vlan: entered promiscuous mode [ 131.850577][T10265] veth0_macvtap: entered promiscuous mode [ 131.861007][T10265] veth1_macvtap: entered promiscuous mode [ 131.879610][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.890109][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.899933][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.910679][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.920527][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 131.931007][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.942009][T10265] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 131.952734][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.963365][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.973609][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 131.984228][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 131.994253][T10265] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.004768][T10265] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.017447][T10265] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.026114][T10265] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.034938][T10265] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.043698][T10265] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.052540][T10265] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.066056][T10407] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2328'. [ 132.109962][T10409] loop4: detected capacity change from 0 to 4096 [ 132.134520][T10324] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 132.144321][T10409] EXT4-fs: Ignoring removed nomblk_io_submit option [ 132.157801][T10324] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 132.175324][T10409] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement. [ 132.187013][T10324] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 132.213276][T10324] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 132.357870][T10324] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.386390][T10324] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.407597][ T7379] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.414753][ T7379] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.436695][ T7379] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.443838][ T7379] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.464451][T10420] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 132.481500][T10420] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.608025][T10324] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.671099][T10324] veth0_vlan: entered promiscuous mode [ 132.680416][T10324] veth1_vlan: entered promiscuous mode [ 132.695377][T10324] veth0_macvtap: entered promiscuous mode [ 132.702725][T10324] veth1_macvtap: entered promiscuous mode [ 132.719674][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.730260][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.740268][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.750710][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.760674][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.771468][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.781362][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 132.792063][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.805086][T10324] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 132.815488][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.826108][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.831478][T10446] Cannot find del_set index 0 as target [ 132.836129][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.852193][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.862023][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.872599][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.882554][T10324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 132.893078][T10324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 132.909091][T10324] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.934603][T10324] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.943768][T10324] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.952725][T10324] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.961465][T10324] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.088095][T10471] loop2: detected capacity change from 0 to 1024 [ 133.099451][T10471] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 133.141611][T10471] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 133.188954][T10471] EXT4-fs (loop2): orphan cleanup on readonly fs [ 133.209762][T10471] EXT4-fs error (device loop2): ext4_free_blocks:6590: comm syz.2.2350: Freeing blocks not in datazone - block = 0, count = 4096 [ 133.237402][T10471] EXT4-fs (loop2): 1 orphan inode deleted [ 133.243661][T10471] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 133.273439][T10477] syz.1.2351[10477] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.273494][T10477] syz.1.2351[10477] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 133.291985][T10482] Cannot find del_set index 0 as target [ 133.333302][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 16: comm syz.2.2350: path /1/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 133.374915][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 17: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.403106][T10491] EXT4-fs error (device loop2): ext4_search_dir:1505: inode #2: block 16: comm syz.2.2350: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 133.416657][T10493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.430766][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 18: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.448525][T10497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 133.451404][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 19: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.480514][T10493] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.481516][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 20: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.495841][T10497] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 133.510965][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 21: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.536612][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 22: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.558974][T10471] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 23: comm syz.2.2350: path /1/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 133.600915][T10324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.690727][T10507] loop2: detected capacity change from 0 to 1024 [ 133.697589][T10507] EXT4-fs: Ignoring removed nomblk_io_submit option [ 133.705299][T10507] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 133.725474][T10507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 133.739034][T10507] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 133.790698][T10516] Cannot find del_set index 0 as target [ 133.812390][T10518] loop4: detected capacity change from 0 to 164 [ 133.819772][T10518] Unable to read rock-ridge attributes [ 133.825852][T10518] Unable to read rock-ridge attributes [ 133.832342][T10324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 133.855016][T10520] loop4: detected capacity change from 0 to 1024 [ 133.861992][T10520] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 133.872963][T10520] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 133.883774][T10520] JBD2: no valid journal superblock found [ 133.889578][T10520] EXT4-fs (loop4): Could not load journal inode [ 133.909225][T10526] netlink: 'syz.4.2370': attribute type 29 has an invalid length. [ 133.917149][T10526] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2370'. [ 134.056145][T10532] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 134.063555][T10532] vhci_hcd: invalid port number 23 [ 134.202868][T10540] Cannot find del_set index 0 as target [ 134.297940][T10550] loop3: detected capacity change from 0 to 1024 [ 134.304823][T10550] EXT4-fs: Ignoring removed nomblk_io_submit option [ 134.311894][T10550] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 134.321746][ T29] kauditd_printk_skb: 513 callbacks suppressed [ 134.321757][ T29] audit: type=1326 audit(1725426460.526:46956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.351546][ T29] audit: type=1326 audit(1725426460.526:46957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.375468][ T29] audit: type=1326 audit(1725426460.526:46958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.399179][ T29] audit: type=1326 audit(1725426460.526:46959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.423064][ T29] audit: type=1326 audit(1725426460.526:46960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.446913][ T29] audit: type=1326 audit(1725426460.526:46961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.452262][T10550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 134.470713][ T29] audit: type=1326 audit(1725426460.526:46962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.470772][ T29] audit: type=1326 audit(1725426460.526:46963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.470796][ T29] audit: type=1326 audit(1725426460.526:46964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.470818][ T29] audit: type=1326 audit(1725426460.526:46965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10546 comm="syz.0.2379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f803429ceb9 code=0x7ffc0000 [ 134.490222][T10542] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 134.509105][T10556] 9pnet_fd: Insufficient options for proto=fd [ 134.602842][T10265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 134.621549][T10558] loop3: detected capacity change from 0 to 128 [ 134.678969][T10560] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2382'. [ 134.719673][T10566] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 134.727284][T10566] vhci_hcd: invalid port number 23 [ 134.743468][T10567] loop3: detected capacity change from 0 to 8192 [ 134.881975][T10570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2386'. [ 134.968237][T10579] Cannot find del_set index 0 as target [ 135.001021][T10582] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2391'. [ 135.078683][T10592] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2395'. [ 135.114086][T10587] 9pnet_fd: Insufficient options for proto=fd [ 135.135512][T10594] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 135.142870][T10594] vhci_hcd: invalid port number 23 [ 135.219142][T10605] Cannot find del_set index 0 as target [ 135.241307][T10608] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2402'. [ 135.250751][T10601] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2399'. [ 135.577982][T10633] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 135.585408][T10633] vhci_hcd: invalid port number 23 [ 135.591085][T10631] 9pnet_fd: Insufficient options for proto=fd [ 135.672972][T10636] Cannot find del_set index 0 as target [ 135.757829][T10640] __nla_validate_parse: 1 callbacks suppressed [ 135.757839][T10640] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2414'. [ 135.812100][T10648] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2418'. [ 135.841623][T10650] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 135.849128][T10650] vhci_hcd: USB_PORT_FEAT_BH_PORT_RESET req not supported for USB 2.0 roothub [ 135.949740][T10662] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 135.957248][T10662] vhci_hcd: invalid port number 23 [ 136.035469][T10667] Cannot find del_set index 0 as target [ 136.082024][T10676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2429'. [ 136.122101][T10685] loop3: detected capacity change from 0 to 1024 [ 136.129105][T10685] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 136.140161][T10685] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 136.148625][T10685] EXT4-fs (loop3): orphan cleanup on readonly fs [ 136.155334][T10685] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.2433: Freeing blocks not in datazone - block = 0, count = 4096 [ 136.169429][T10685] EXT4-fs (loop3): 1 orphan inode deleted [ 136.176262][T10685] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 136.177786][T10691] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 136.190357][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.2433: path /18/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 136.196024][T10691] vhci_hcd: invalid port number 23 [ 136.222109][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.242488][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 18: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.263169][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 19: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.284170][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 20: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.304786][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 21: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.318887][T10697] Cannot find del_set index 0 as target [ 136.326243][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 22: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.351161][T10693] EXT4-fs error (device loop3): ext4_search_dir:1505: inode #2: block 16: comm syz.3.2433: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 136.370197][T10685] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 23: comm syz.3.2433: path /18/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 136.410011][T10265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 136.447138][T10708] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2442'. [ 136.471401][T10712] loop3: detected capacity change from 0 to 1024 [ 136.478706][T10712] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities [ 136.776442][T10738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2455'. [ 136.802415][T10741] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2456'. [ 136.919784][T10752] loop2: detected capacity change from 0 to 8192 [ 136.995570][T10762] loop3: detected capacity change from 0 to 512 [ 137.003941][T10762] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 137.026004][T10762] EXT4-fs (loop3): 1 truncate cleaned up [ 137.035832][T10762] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 137.043386][T10770] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2466'. [ 137.113881][T10265] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /32/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.138899][T10265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.160063][T10265] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /32/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.192679][T10265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.220105][T10265] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /32/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.258290][T10265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.283933][T10776] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 137.295023][T10265] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /32/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.327252][T10265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.348823][T10265] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /32/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 137.373597][T10265] EXT4-fs error (device loop3): ext4_empty_dir:3126: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0 [ 137.412154][T10796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2477'. [ 137.456350][T10799] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2478'. [ 137.472016][T10799] loop4: detected capacity change from 0 to 1024 [ 137.479528][T10799] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 137.490540][T10799] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 137.502172][T10799] JBD2: no valid journal superblock found [ 137.507999][T10799] EXT4-fs (loop4): Could not load journal inode [ 137.546054][T10812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 137.546712][T10811] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 137.564500][T10812] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 137.674328][T10820] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2488'. [ 137.690262][T10821] loop2: detected capacity change from 0 to 128 [ 137.726769][T10265] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 137.737751][ T3272] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.787224][ T3272] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.837667][ T3272] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.888710][ T3272] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.969355][ T3272] bridge_slave_1: left allmulticast mode [ 137.975172][ T3272] bridge_slave_1: left promiscuous mode [ 137.980839][ T3272] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.989418][ T3272] bridge_slave_0: left allmulticast mode [ 137.995192][ T3272] bridge_slave_0: left promiscuous mode [ 138.000838][ T3272] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.106749][ T3272] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.118592][ T3272] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.128788][ T3272] bond0 (unregistering): Released all slaves [ 138.142640][T10826] chnl_net:caif_netlink_parms(): no params data found [ 138.175417][T10826] bridge0: port 1(bridge_slave_0) entered blocking state [ 138.182495][T10826] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.189658][T10826] bridge_slave_0: entered allmulticast mode [ 138.196141][T10826] bridge_slave_0: entered promiscuous mode [ 138.206324][T10826] bridge0: port 2(bridge_slave_1) entered blocking state [ 138.213406][T10826] bridge0: port 2(bridge_slave_1) entered disabled state [ 138.220717][T10826] bridge_slave_1: entered allmulticast mode [ 138.227117][T10826] bridge_slave_1: entered promiscuous mode [ 138.239920][ T3272] hsr_slave_0: left promiscuous mode [ 138.245615][ T3272] hsr_slave_1: left promiscuous mode [ 138.251239][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.258881][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 138.266441][ T3272] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.273875][ T3272] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 138.285078][ T3272] veth1_macvtap: left promiscuous mode [ 138.290613][ T3272] veth0_macvtap: left promiscuous mode [ 138.296161][ T3272] veth1_vlan: left promiscuous mode [ 138.301429][ T3272] veth0_vlan: left promiscuous mode [ 138.456629][ T3272] team0 (unregistering): Port device team_slave_1 removed [ 138.478323][ T3272] team0 (unregistering): Port device team_slave_0 removed [ 138.594355][T10826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.597649][T10873] loop2: detected capacity change from 0 to 1024 [ 138.625685][T10826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.636968][T10873] EXT4-fs: Ignoring removed nomblk_io_submit option [ 138.649784][T10873] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 138.678655][T10826] team0: Port device team_slave_0 added [ 138.688215][T10826] team0: Port device team_slave_1 added [ 138.695205][T10873] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 138.710063][T10873] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 138.727837][T10826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.734938][T10826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.761023][T10826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.772565][T10826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.779543][T10826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.805596][T10826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.832250][T10324] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 138.849971][T10826] hsr_slave_0: entered promiscuous mode [ 138.856061][T10826] hsr_slave_1: entered promiscuous mode [ 138.956959][T10895] loop4: detected capacity change from 0 to 164 [ 138.963503][T10895] iso9660: Bad value for 'check' [ 139.038830][T10900] loop2: detected capacity change from 0 to 8192 [ 139.056429][T10904] loop4: detected capacity change from 0 to 1024 [ 139.063626][T10904] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 139.074565][T10904] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 139.084902][T10904] JBD2: no valid journal superblock found [ 139.090621][T10904] EXT4-fs (loop4): Could not load journal inode [ 139.111747][T10908] FAULT_INJECTION: forcing a failure. [ 139.111747][T10908] name failslab, interval 1, probability 0, space 0, times 0 [ 139.124489][T10908] CPU: 0 UID: 0 PID: 10908 Comm: syz.4.2516 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 139.135336][T10908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 139.145462][T10908] Call Trace: [ 139.148791][T10908] [ 139.151716][T10908] dump_stack_lvl+0xf2/0x150 [ 139.156312][T10908] dump_stack+0x15/0x20 [ 139.160471][T10908] should_fail_ex+0x229/0x230 [ 139.165213][T10908] ? copy_fs_struct+0x31/0x110 [ 139.169996][T10908] should_failslab+0x8f/0xb0 [ 139.174806][T10908] kmem_cache_alloc_noprof+0x4c/0x290 [ 139.180286][T10908] copy_fs_struct+0x31/0x110 [ 139.184887][T10908] __se_sys_setns+0x355/0xf10 [ 139.189574][T10908] ? fput+0x13b/0x180 [ 139.193612][T10908] ? ksys_write+0x178/0x1b0 [ 139.198129][T10908] __x64_sys_setns+0x31/0x40 [ 139.202732][T10908] x64_sys_call+0x2bed/0x2d60 [ 139.207417][T10908] do_syscall_64+0xc9/0x1c0 [ 139.211929][T10908] ? clear_bhb_loop+0x55/0xb0 [ 139.216675][T10908] ? clear_bhb_loop+0x55/0xb0 [ 139.221368][T10908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.227356][T10908] RIP: 0033:0x7faf9ce0ceb9 [ 139.231773][T10908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.251392][T10908] RSP: 002b:00007faf9ba87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 139.259860][T10908] RAX: ffffffffffffffda RBX: 00007faf9cfc5f80 RCX: 00007faf9ce0ceb9 [ 139.267840][T10908] RDX: 0000000000000000 RSI: 0000000034020000 RDI: 0000000000000003 [ 139.275860][T10908] RBP: 00007faf9ba87090 R08: 0000000000000000 R09: 0000000000000000 [ 139.283833][T10908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.291801][T10908] R13: 0000000000000000 R14: 00007faf9cfc5f80 R15: 00007ffe5bedbcd8 [ 139.299872][T10908] [ 139.327037][T10826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 139.335734][T10826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 139.345037][T10826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 139.355029][T10826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 139.363246][ T29] kauditd_printk_skb: 667 callbacks suppressed [ 139.363260][ T29] audit: type=1326 audit(1725426465.576:47633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.397536][ T29] audit: type=1326 audit(1725426465.576:47634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.403784][T10826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.421155][ T29] audit: type=1326 audit(1725426465.576:47635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.421209][ T29] audit: type=1326 audit(1725426465.576:47636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.421232][ T29] audit: type=1326 audit(1725426465.576:47637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.436572][T10826] 8021q: adding VLAN 0 to HW filter on device team0 [ 139.451344][ T29] audit: type=1326 audit(1725426465.576:47638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.451370][ T29] audit: type=1326 audit(1725426465.576:47639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.508157][ T3272] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.528914][ T29] audit: type=1326 audit(1725426465.576:47640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.552485][ T3272] bridge0: port 1(bridge_slave_0) entered forwarding state [ 139.559501][ T29] audit: type=1326 audit(1725426465.576:47641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.601509][T10826] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 139.613888][ T29] audit: type=1326 audit(1725426465.576:47642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10910 comm="syz.4.2517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7faf9ce0ceb9 code=0x7ffc0000 [ 139.624201][T10826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 139.675285][ T3272] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.682532][ T3272] bridge0: port 2(bridge_slave_1) entered forwarding state [ 139.772168][T10927] loop4: detected capacity change from 0 to 1024 [ 139.779651][T10927] EXT4-fs: Ignoring removed nomblk_io_submit option [ 139.792266][T10927] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 139.821384][T10826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 139.836357][T10927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 139.872978][T10927] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 139.934230][T10826] veth0_vlan: entered promiscuous mode [ 139.943483][T10826] veth1_vlan: entered promiscuous mode [ 139.964088][T10826] veth0_macvtap: entered promiscuous mode [ 139.975752][T10951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.986981][T10826] veth1_macvtap: entered promiscuous mode [ 139.999286][T10951] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 140.006575][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.017477][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.027324][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.037873][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.047776][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.058288][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.068134][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 140.078565][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.091006][T10826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 140.104819][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.115353][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.125217][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.135653][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.145496][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.156018][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.165834][T10826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 140.176391][T10826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 140.186611][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.187469][T10826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 140.205593][T10826] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.214357][T10826] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.223126][T10826] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.231920][T10826] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 140.367744][T10969] loop4: detected capacity change from 0 to 1024 [ 140.380408][T10969] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 140.396129][T10964] loop3: detected capacity change from 0 to 8192 [ 140.413329][T10969] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 140.443629][T10969] EXT4-fs (loop4): orphan cleanup on readonly fs [ 140.453822][T10969] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz.4.2530: Freeing blocks not in datazone - block = 0, count = 4096 [ 140.480300][T10969] EXT4-fs (loop4): 1 orphan inode deleted [ 140.494502][T10969] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 140.521947][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.2530: path /512/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 140.557770][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.585377][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 18: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.612239][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 19: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.653555][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 20: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.693266][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 21: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.715610][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 22: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.738707][T10969] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 23: comm syz.4.2530: path /512/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 140.834187][T10974] EXT4-fs error (device loop4): ext4_search_dir:1505: inode #2: block 16: comm syz.4.2530: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 140.916316][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.999134][T10994] __nla_validate_parse: 6 callbacks suppressed [ 140.999149][T10994] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2534'. [ 141.066796][T11000] loop4: detected capacity change from 0 to 1024 [ 141.090590][T11000] EXT4-fs: Ignoring removed nomblk_io_submit option [ 141.111608][T11000] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 141.149947][T11000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 141.185421][T11000] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 141.244146][T11009] FAULT_INJECTION: forcing a failure. [ 141.244146][T11009] name failslab, interval 1, probability 0, space 0, times 0 [ 141.257028][T11009] CPU: 0 UID: 0 PID: 11009 Comm: syz.2.2542 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 141.267862][T11009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 141.277916][T11009] Call Trace: [ 141.281186][T11009] [ 141.284110][T11009] dump_stack_lvl+0xf2/0x150 [ 141.288814][T11009] dump_stack+0x15/0x20 [ 141.293047][T11009] should_fail_ex+0x229/0x230 [ 141.297720][T11009] ? alloc_empty_file+0xd0/0x310 [ 141.302652][T11009] should_failslab+0x8f/0xb0 [ 141.307264][T11009] kmem_cache_alloc_noprof+0x4c/0x290 [ 141.312706][T11009] alloc_empty_file+0xd0/0x310 [ 141.317527][T11009] alloc_file_pseudo+0xc3/0x140 [ 141.322450][T11009] anon_inode_getfd+0xc2/0x180 [ 141.327215][T11009] do_inotify_init+0x221/0x270 [ 141.331987][T11009] __x64_sys_inotify_init1+0x1e/0x30 [ 141.337346][T11009] x64_sys_call+0x2b6b/0x2d60 [ 141.342028][T11009] do_syscall_64+0xc9/0x1c0 [ 141.346527][T11009] ? clear_bhb_loop+0x55/0xb0 [ 141.351204][T11009] ? clear_bhb_loop+0x55/0xb0 [ 141.355877][T11009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.361776][T11009] RIP: 0033:0x7fc36867ceb9 [ 141.366189][T11009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.385891][T11009] RSP: 002b:00007fc3672f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000126 [ 141.394317][T11009] RAX: ffffffffffffffda RBX: 00007fc368835f80 RCX: 00007fc36867ceb9 [ 141.402278][T11009] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 141.410275][T11009] RBP: 00007fc3672f7090 R08: 0000000000000000 R09: 0000000000000000 [ 141.418247][T11009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 141.426281][T11009] R13: 0000000000000000 R14: 00007fc368835f80 R15: 00007fffa5db6a08 [ 141.434307][T11009] [ 141.492728][T11011] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.516189][T11011] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.534511][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 141.573267][T11015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2546'. [ 141.611539][T11021] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2548'. [ 141.626804][T11021] loop2: detected capacity change from 0 to 1024 [ 141.640333][T11021] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 141.651325][T11021] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 141.670423][T11021] JBD2: no valid journal superblock found [ 141.676295][T11021] EXT4-fs (loop2): Could not load journal inode [ 141.792216][T11044] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2557'. [ 141.853878][T11049] loop2: detected capacity change from 0 to 8192 [ 142.255269][T11056] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2560'. [ 142.464638][T11069] loop4: detected capacity change from 0 to 1024 [ 142.472032][T11069] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 142.485137][T11069] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 142.518939][T11069] EXT4-fs (loop4): orphan cleanup on readonly fs [ 142.543142][T11069] EXT4-fs error (device loop4): ext4_free_blocks:6590: comm syz.4.2566: Freeing blocks not in datazone - block = 0, count = 4096 [ 142.633405][T11069] EXT4-fs (loop4): 1 orphan inode deleted [ 142.662386][T11069] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 142.694063][T11077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2568'. [ 142.735659][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.2566: path /517/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 142.776469][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 142.801001][T11081] loop2: detected capacity change from 0 to 8192 [ 142.827173][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 18: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 142.853571][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 19: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 142.889975][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 20: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 142.932155][T11089] EXT4-fs error (device loop4): ext4_search_dir:1505: inode #2: block 16: comm syz.4.2566: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 142.974620][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 21: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 142.999899][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 22: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.020580][T11069] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 23: comm syz.4.2566: path /517/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.065169][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2574'. [ 143.084818][ T3266] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.108994][T11098] loop3: detected capacity change from 0 to 1024 [ 143.116853][T11098] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 143.127758][T11098] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 143.138779][T11098] JBD2: no valid journal superblock found [ 143.144618][T11098] EXT4-fs (loop3): Could not load journal inode [ 143.306302][T11115] loop3: detected capacity change from 0 to 1024 [ 143.316319][T11115] EXT4-fs: Ignoring removed nomblk_io_submit option [ 143.323373][T11115] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 143.345959][T11115] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 143.359899][T11115] ext4: Unknown parameter 'ÿÿÿÿÿÿÿÿÿ0xffffffffffffffff18446744073709551615' [ 143.497523][T10826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 143.525169][T11129] loop3: detected capacity change from 0 to 1024 [ 143.532015][T11129] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 143.540130][T11133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.543068][T11129] EXT4-fs (loop3): revision level too high, forcing read-only mode [ 143.558829][T11133] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.559798][T11129] EXT4-fs (loop3): orphan cleanup on readonly fs [ 143.573200][T11129] EXT4-fs error (device loop3): ext4_free_blocks:6590: comm syz.3.2586: Freeing blocks not in datazone - block = 0, count = 4096 [ 143.588039][T11129] EXT4-fs (loop3): 1 orphan inode deleted [ 143.595801][T11129] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 143.616539][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.2586: path /6/file1: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 143.639870][T11136] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2585'. [ 143.671646][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.722046][T11138] EXT4-fs error (device loop3): ext4_search_dir:1505: inode #2: block 16: comm syz.3.2586: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0 [ 143.742666][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 18: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.764939][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 19: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.790685][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 20: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.812574][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 21: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.839229][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 22: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.860773][T11129] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 23: comm syz.3.2586: path /6/file1: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0 [ 143.910018][T10826] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 144.098213][T11160] loop4: detected capacity change from 0 to 8192 [ 144.404817][T11196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.414384][T11196] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.452409][T11160] ================================================================== [ 144.460521][T11160] BUG: KCSAN: data-race in dio_bio_end_io / dio_new_bio [ 144.467469][T11160] [ 144.469770][T11160] read-write to 0xffff888116558a58 of 8 bytes by interrupt on cpu 1: [ 144.477839][T11160] dio_bio_end_io+0x53/0xd0 [ 144.482341][T11160] bio_endio+0x369/0x410 [ 144.486567][T11160] blk_update_request+0x382/0x880 [ 144.491572][T11160] blk_mq_end_request+0x26/0x50 [ 144.496405][T11160] lo_complete_rq+0xce/0x180 [ 144.500984][T11160] blk_done_softirq+0x74/0xb0 [ 144.505638][T11160] handle_softirqs+0xc3/0x280 [ 144.510292][T11160] run_ksoftirqd+0x1c/0x30 [ 144.514700][T11160] smpboot_thread_fn+0x31c/0x4c0 [ 144.519614][T11160] kthread+0x1d1/0x210 [ 144.523672][T11160] ret_from_fork+0x4b/0x60 [ 144.528065][T11160] ret_from_fork_asm+0x1a/0x30 [ 144.532808][T11160] [ 144.535107][T11160] read to 0xffff888116558a58 of 8 bytes by task 11160 on cpu 0: [ 144.542710][T11160] dio_new_bio+0x249/0x460 [ 144.547127][T11160] dio_send_cur_page+0x1f2/0x7a0 [ 144.552044][T11160] submit_page_section+0x1a3/0x5b0 [ 144.557140][T11160] __blockdev_direct_IO+0x11c1/0x1e90 [ 144.562506][T11160] fat_direct_IO+0x110/0x1e0 [ 144.567077][T11160] generic_file_direct_write+0xaf/0x200 [ 144.572599][T11160] __generic_file_write_iter+0xae/0x120 [ 144.578120][T11160] generic_file_write_iter+0x7d/0x1d0 [ 144.583479][T11160] do_iter_readv_writev+0x3b0/0x470 [ 144.588669][T11160] vfs_writev+0x2e0/0x880 [ 144.592979][T11160] __se_sys_pwritev2+0x10c/0x1d0 [ 144.597898][T11160] __x64_sys_pwritev2+0x78/0x90 [ 144.602731][T11160] x64_sys_call+0x271f/0x2d60 [ 144.607389][T11160] do_syscall_64+0xc9/0x1c0 [ 144.611954][T11160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.617841][T11160] [ 144.620147][T11160] value changed: 0xffff88810f1b4d80 -> 0xffff88810f1b4240 [ 144.627250][T11160] [ 144.629550][T11160] Reported by Kernel Concurrency Sanitizer on: [ 144.635673][T11160] CPU: 0 UID: 0 PID: 11160 Comm: syz.4.2599 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0 [ 144.646428][T11160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 144.656463][T11160] ================================================================== [ 145.050143][ T29] kauditd_printk_skb: 795 callbacks suppressed [ 145.050171][ T29] audit: type=1326 audit(1725426471.266:48438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11177 comm="syz.2.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36867ceb9 code=0x7ffc0000 [ 145.080603][ T29] audit: type=1326 audit(1725426471.266:48439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11177 comm="syz.2.2605" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc36867ceb9 code=0x7ffc0000