last executing test programs: 4.151860761s ago: executing program 3 (id=686): bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x9}]}, &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x5}, 0x94) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x18, 0x5, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5}, 0x94) 4.05446507s ago: executing program 3 (id=688): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x24, 0x68, 0x309, 0x80000, 0x25dfdbfd, {}, [@NHA_BLACKHOLE={0x4}, @NHA_ID={0x8, 0x1, 0x1}]}, 0x24}}, 0x0) 4.053489845s ago: executing program 3 (id=691): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002400), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000000)={0x20, r3, 0x303, 0x70bd27, 0x25dfdbfc, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40008081}, 0x0) 4.037889067s ago: executing program 3 (id=693): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = getpid() r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x8000, &(0x7f0000000200)={0x7}, 0x20) 4.022479403s ago: executing program 3 (id=694): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0x200000000000003f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) getrusage(0x1, &(0x7f0000000340)) 3.337505682s ago: executing program 3 (id=713): r0 = socket$kcm(0xa, 0x1, 0x106) r1 = socket$netlink(0x10, 0x3, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x18) bind$netlink(r1, &(0x7f00000004c0)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000), 0x4) syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r1) sendmsg$kcm(r0, &(0x7f00000019c0)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x0, @dev, 0x5}, 0x80, 0x0}, 0x24004059) close(r0) 3.275843868s ago: executing program 2 (id=715): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', 0x0}) r2 = socket$can_j1939(0x1d, 0x2, 0x7) bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0x2}, 0x18) sendmsg$can_j1939(r2, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee) 2.085171863s ago: executing program 4 (id=729): r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0) 2.084925214s ago: executing program 0 (id=730): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24) sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0) 2.053922435s ago: executing program 4 (id=731): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) nanosleep(0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) socketpair$unix(0x1, 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x2501, 0x0) ioctl$SNAPSHOT_FREE(r4, 0x3305) 1.989639056s ago: executing program 0 (id=733): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) getpid() r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0) write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000680)) 1.989155062s ago: executing program 1 (id=734): bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b0000000500000002000000"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18) r0 = socket$tipc(0x1e, 0x2, 0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, 0x0, 0x0) sendmsg$tipc(r0, &(0x7f0000000280)={&(0x7f0000000040), 0x10, 0x0}, 0x0) bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x1010040, &(0x7f00000003c0)={[{@noquota}, {@debug}, {@jqfmt_vfsv0}, {@noauto_da_alloc}, {@resgid}]}, 0x3, 0x4eb, &(0x7f0000001fc0)="$eJzs3d9rW20dAPDvSX9u62ynXsyBc+ikG7ikXd1WvJgVRK8Gznlfa5uW0rQpbbqtZUiHf4Ag/kKvvPJG8FoE2Z8gwkDvRUQZus0LL973zUuSk3ddlrYpa5q2+Xzg6XnOj57v90k4T/LkHM4JoGtdiYipiOiJiOsRMZwuz6Qltmulst2rl09mKyWJcvnBf5JI0mX1fSXp9Fz6b4MR8d1vR/wgeTfu+ubW0kyhkF9L53Ol5dXc+ubWjcXlmYX8Qn5lamL89uSdyVuTY4fW1rvf/OfPf/zbb93901ce/X3639d+WElrKF23sx2t2G5xu1rT+6qvRV1vRKwdJNgx1pO2p6/TiQAA0JLKd/xPR8QXI+L1rzqdDQAAANAO5a8PxQdJRBkAAAA4tTLVa2CTTDa9FmAoMplstnYN72fjbKbQHxHzxY2Vudq1siPRl5lfLOTH0muFR6IvqcyPV+tv5m82zE9ExIWI+Onwmep8drZYmOv0jx8AAADQJc41jP//N1wb/wMAAACnzMgBtm1yLy8AAADgBDjI+B8AAAA4mXYd/ye9R5sIAAAA0A7fuXevUsr151/PPdzcWCo+vDGXX1/KLm/MZmeLa6vZhWJxoXrPvuX99lcoFle/Gisbj3Ol/Hopt765Nb1c3FgpTVef6z2d95xoAAAAOHoXvvDsb0lEbH/tTLVU9KfrWhirT7U3O6CdMgfb3N0/4BTp6XQCQMc0XODb36k8gKPnfDywz8D+Zw3zB/zZAAAAOA5GP/de5/+dD4QTzEAeupfz/9C93OALupfz/9DlBvbfZHC3FX8+5FwAAIC2GaqWJJNNzwUORSaTzUacrz4WoC+ZXyzkxyLiUxHx1+G+gcr8eKeTBgAAAAAAAAAAAAAAAAAAAAAAAIATplxOogwAAACcahGZfyXpg/xHh68ONf4+0J/8f7g6jYhHv37wi8czpdLaeGX5fz9ZXvpluvxmfQkAAADQSfVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH6dXLJ7P1cpRxX3wjIkaaxe+Nwep08A/DEXH2dRK9O/4viYieQ4i//TQiLr4dvyeNMFJNrZZFY/xMRJxpU/xoMf65Q4gP3exZpf+Zqhx/fQ3HXyauVKfNj7/etLyvF1d26/8y9f6v2s816//O773rwXrl0vPf53aN/zTiUm/z/qceP3nP/vf739va2m1d+TcRo/t8/lRi5UrLq7n1za0bi8szC/mF/MrExPjtyTuTtybHcvOLhXz6t2mMn3z+jx/t1f6zTePX+t+92n/13d0NNIvx4fPHLz+zR/xrX2r+/l/cI37ltf9y+jlQWT9ar2/X6jtd/t1fLu/V/rld2r/f+39tt502uH7/R/9ocVMA4Aisb24tzRQK+bWTUYmofSs/Lvl0tnI+jkUaKq1VhtJjbseqnrYHvf9u0NYqneuTAACA9njzpb/TmQAAAAAAAAAAAAAAAAAAAED3avudzwbevrPAYOeaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwp48DAAD//85EyV0=") bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000900)={0x44, 0x0, 0x8, 0x801, 0x0, 0x0, {0x3, 0x0, 0x2}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8809}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_TIMEWAIT={0x8, 0x7, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_DCCP_CLOSING={0x8, 0x6, 0x1, 0x0, 0x9}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x20024810}, 0x48000) 1.988872018s ago: executing program 2 (id=735): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc14000000", 0xffcf, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r2, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 1.159612024s ago: executing program 1 (id=736): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94) socket$kcm(0x2, 0xa, 0x73) socket$kcm(0x2, 0xa, 0x73) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000410"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000000c0)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) io_submit(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x80000000}]) syz_open_procfs(0x0, &(0x7f0000000040)='net/psched\x00') bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18) r3 = mq_open(&(0x7f0000000000)='batadv_slave_1\x00', 0x8c2, 0x30, &(0x7f0000000080)={0x8000000000000000, 0x8, 0x1, 0xc05}) mq_getsetattr(r3, &(0x7f0000000040)={0x0, 0x40, 0x4, 0x7ff}, 0x0) 1.040292453s ago: executing program 0 (id=737): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000380)={[{@errors_remount}, {@discard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@jqfmt_vfsv1}, {@abort}, {@data_err_ignore}]}, 0x1, 0x476, &(0x7f0000000540)="$eJzs3M1vFOUfAPDvzLblx2v7Q3wBUavE2PjS0oLKwYtGEw8YTfSAN2tbCKFQQ2sihEg1Bi8mhkTP6tHEv8CbF6OeTLzq3ZAQ5QJ6qpnZmbK7dLctLLuF/XySZZ9n5pl9nm9nnp1n5pklgJ41nP2TRGyLiN8jYrCarS8wXH27duXc1D9Xzk0lsbT05l9JXu7qlXNTZdFyu61FZiSNSD9JikrqzZ85e2JydnbmdJEfWzj53tj8mbPPHD85eWzm2MypiUOHDh4Yf/65iWfbEmcW19U9H87t3f3q2xdfmzpy8d2fv8vau61YXxtHg00N72s2nAX+91JueWFafXt83RFsbNtr0klfFxvCulQiIttd/Xn/H4xKXN95g/HKx11tHHBbZeemFie2xSXgLpZEt1sAdEd5os+uf8tXh4YeG8LlF6sXQFnc14pXdU1feameXxttv031D0fEkcV/v8pe0fo+BABAW3w29eXheHql8V8a99WU21HMoQxFxP8jYmdE3BMRuyLi3oi87P0R8cDqVaa1mcapoRvHP+mlmw5uDbLx3wvF3Fb9+G+5mUOVIrc9j78/OXp8dmZ/8TcZif5NWX68RR0/vPzb583W1Y7/sldWfzkWLNpxqa/hBt305MJkPihtg8sfRezpWyn+ZHkmIImI3RGxZ30fvaNMHH/y273NCq0efwttmGda+ibiier+X4yG+EtJ6/nJsf/F7Mz+sfKouNEvv154o1n9txR/G2T7f0v98d9YZCipna+dX38dF/74tOk1zc0e/wPJW/m2A8WyDyYXFk6PRwwkh/N83fKJ69uW+bJ8Fv/IvpX7/85imyz+ByMiO4gfioiHI+KRou2PRsRjEbGvRfw/vdR8XX38m7d1Y/9PN3z/bc7XLB//Dft//YnKiR+/X7n2r99Z2/4/mKdGiiX5998q1trAW/zzAQAAwB0hzZ+BT9LR5XSajo5Wn+HfFVvS2bn5haeOzr1/arr6rPxQ9Kflna7Bmvuh48li8YnV/ERxr7hcf6C4b/xFZXOeH52am53ucuzQ67Y26f+ZPyvdbh1w2600jzYx0IWGAB3X2P/T+uz51zvZGKCjmj5Hs6Wz7QA6b5Xn6NJOtQPoPP9fC/Sulfr/+Ya8uQC4Ozn/Q+/S/6F36f/Qu/R/6Emr/Ui+cou//Ze44xLJ2gpH2v2mboxEf0S05QMHNkQ4RaLb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADt8V8AAAD//5qI6jE=") 977.546717ms ago: executing program 4 (id=738): r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8) bind$vsock_stream(r0, &(0x7f0000000940), 0x10) listen(r0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000001480)=@base={0x6, 0x4, 0x8, 0x8}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={0xffffffffffffffff, 0x0, 0x0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, 0x0) ioctl$TIOCSLCKTRMIOS(r1, 0x8924, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = shmget(0x0, 0x1000, 0xa04, &(0x7f0000ffd000/0x1000)=nil) ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, 0x0) shmctl$IPC_RMID(r2, 0x0) socket(0x11, 0x3, 0x2) mount(0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x800) timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000880)=ANY=[@ANYBLOB="18050000000000000000000000dcc7d977080000000000007b8af8ff00000000b7480000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000792cac7551e93c6ef5b9001c9d200bc1ed4c7d77c1e62977b2b325832ebbd070b88aba18c5258729c5689948bafc895e7a3657a9be882d9a7e6836cf0acd5e369a833e10fa8c898e7edef41aeba58576b6c98ca48b", @ANYRES32, @ANYBLOB="0000000000000000b7040000080000008500000095000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) statx(0xffffffffffffffff, 0x0, 0x6000, 0x400, 0x0) 938.013234ms ago: executing program 1 (id=739): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r0}, &(0x7f0000000540), &(0x7f0000000600)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_io_uring_setup(0x10c, &(0x7f0000000140)={0x0, 0xb4fd, 0x800, 0x200007, 0x315}, &(0x7f0000000940)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r2, 0x47f9, 0x4db, 0x0, 0x0, 0x0) clock_nanosleep(0x2, 0x37dc12502000000, &(0x7f00000000c0)={0x0, 0x989680}, 0x0) 937.312905ms ago: executing program 4 (id=740): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x19397f931bb921c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) unshare(0x2040400) fsopen(&(0x7f0000000400)='cgroup2\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000006000000bca30000000000002403000020feffff620af8fff8ffffff71a4f2ff000000000f03000000000000e5000300000000002604fdffff02000016010000033800001d13f8ff000000007a0a30ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x7}, 0x10}, 0x94) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000040)=0x2) readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/238, 0xee}], 0x1) r5 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) fcntl$setsig(r5, 0xa, 0x13) fcntl$setlease(r5, 0x400, 0x0) timer_create(0x0, &(0x7f00000005c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280)=0x0) timer_settime(r6, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0) truncate(&(0x7f0000000040)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800"], 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000480)='kfree\x00', r8, 0x0, 0x7}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") r9 = open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc) fallocate(r9, 0x0, 0x0, 0x8800000) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) 888.163984ms ago: executing program 0 (id=741): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0xa}, 0x1c) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) listen(r0, 0xfff) shutdown(r0, 0x0) 749.521151ms ago: executing program 2 (id=742): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r0, 0x0, 0x14, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c000", 0x0, 0x86, 0x0, 0x31, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x50) 749.184006ms ago: executing program 0 (id=743): socket$nl_generic(0x10, 0x3, 0x10) openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket$rxrpc(0x21, 0x2, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)) socket$kcm(0x2, 0x5, 0x84) socket$can_raw(0x1d, 0x3, 0x1) socket$unix(0x1, 0x1, 0x0) socket$inet6(0xa, 0x5, 0x0) socket(0x10, 0x3, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x0, 0x0, 0x0}, 0x94) socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a0001"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0) 741.556122ms ago: executing program 2 (id=744): r0 = socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="00f7ffffffffffff130012800b00010062617461647600000400028008000a00", @ANYRES32], 0x3c}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0) 729.760386ms ago: executing program 1 (id=745): inotify_init1(0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f00000004c0)={0x1, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @empty}}}, 0x108) bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18) getpid() prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$ETHTOOL_MSG_COALESCE_GET(r3, 0x0, 0x4000000) syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f0000000340)={'ip6tnl0\x00', 0x0, 0x2f, 0x1, 0xf7, 0x3, 0x20, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast1, 0x7880, 0x20, 0x5, 0x319c}}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00'}) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r3, 0x0, 0x44) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7) socket$kcm(0x10, 0x2, 0x0) socket$pppl2tp(0x18, 0x1, 0x1) r5 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r5, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xc, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000ed07449e0000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x61980, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000740)='thermal_power_devfreq_get_power\x00', r2}, 0x18) bpf$PROG_LOAD(0x5, 0x0, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000ffff00000000020000000900020073797a31000000000500010006000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0xc4) 190.977743ms ago: executing program 1 (id=746): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) shutdown(r0, 0x2) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="fc", 0x1}], 0x1) 190.526207ms ago: executing program 1 (id=747): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x20040) syz_usb_disconnect(r1) syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), r2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r5], 0x20}, 0x1, 0x0, 0x0, 0x4000800}, 0x0) 166.378246ms ago: executing program 0 (id=748): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r2}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000680)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x473, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 71.07607ms ago: executing program 4 (id=749): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xa6}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffe3e) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]}) rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0) 21.462093ms ago: executing program 2 (id=750): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000800)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000200)='sys_enter\x00', r0}, 0x10) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x7f, 0x1) fadvise64(r1, 0x40007, 0x6, 0x2) 20.957839ms ago: executing program 2 (id=751): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x40010) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff) r1 = add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) keyctl$KEYCTL_MOVE(0x4, r2, r1, r1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) epoll_create1(0x0) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r3, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81) ioctl$HIDIOCSFEATURE(r4, 0xc0404806, 0x0) 0s ago: executing program 4 (id=752): bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18) r1 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0x20000014}) close_range(r1, r2, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.113' (ED25519) to the list of known hosts. [ 30.260082][ T6516] cgroup: Unknown subsys name 'net' [ 30.383041][ T6516] cgroup: Unknown subsys name 'cpuset' [ 30.384744][ T6516] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 30.511941][ T6516] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k SS [ 32.904063][ T6531] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 32.904665][ T6531] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 32.907175][ T6532] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 32.908621][ T6532] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 32.910746][ T6530] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 32.911266][ T6531] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 32.912696][ T6531] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 32.913769][ T6531] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 32.916505][ T6531] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 32.916575][ T6531] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 32.919110][ T6531] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 32.920819][ T6536] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 32.920894][ T6536] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 32.924025][ T6537] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 32.925941][ T6531] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 32.927694][ T6531] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 32.929610][ T6531] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 32.932098][ T6531] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 32.934120][ T6536] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 32.935772][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 32.971631][ T6536] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 32.972295][ T6536] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 32.974384][ T6536] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 32.976646][ T6536] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 32.978809][ T6536] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 33.073907][ T6533] chnl_net:caif_netlink_parms(): no params data found [ 33.125157][ T6533] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.125486][ T6533] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.125560][ T6533] bridge_slave_0: entered allmulticast mode [ 33.125990][ T6533] bridge_slave_0: entered promiscuous mode [ 33.127016][ T6533] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.127032][ T6533] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.127091][ T6533] bridge_slave_1: entered allmulticast mode [ 33.127483][ T6533] bridge_slave_1: entered promiscuous mode [ 33.152739][ T6527] chnl_net:caif_netlink_parms(): no params data found [ 33.162994][ T6533] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.163959][ T6533] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.168689][ T6535] chnl_net:caif_netlink_parms(): no params data found [ 33.189405][ T6533] team0: Port device team_slave_0 added [ 33.200725][ T6533] team0: Port device team_slave_1 added [ 33.204785][ T6526] chnl_net:caif_netlink_parms(): no params data found [ 33.210439][ T6533] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.212399][ T6533] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.212433][ T6533] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.223671][ T6533] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.223697][ T6533] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.223710][ T6533] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.248257][ T6527] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.248336][ T6527] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.248388][ T6527] bridge_slave_0: entered allmulticast mode [ 33.248810][ T6527] bridge_slave_0: entered promiscuous mode [ 33.249507][ T6527] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.249521][ T6527] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.249574][ T6527] bridge_slave_1: entered allmulticast mode [ 33.249941][ T6527] bridge_slave_1: entered promiscuous mode [ 33.267454][ T6540] chnl_net:caif_netlink_parms(): no params data found [ 33.268621][ T6535] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.271013][ T6535] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.271777][ T6535] bridge_slave_0: entered allmulticast mode [ 33.272206][ T6535] bridge_slave_0: entered promiscuous mode [ 33.277430][ T6533] hsr_slave_0: entered promiscuous mode [ 33.278810][ T6533] hsr_slave_1: entered promiscuous mode [ 33.286646][ T6535] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.286730][ T6535] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.286795][ T6535] bridge_slave_1: entered allmulticast mode [ 33.287206][ T6535] bridge_slave_1: entered promiscuous mode [ 33.292357][ T6527] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.293389][ T6527] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.321248][ T6526] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.324595][ T6526] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.324692][ T6526] bridge_slave_0: entered allmulticast mode [ 33.327238][ T6526] bridge_slave_0: entered promiscuous mode [ 33.329849][ T6535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.330785][ T6535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.335499][ T6527] team0: Port device team_slave_0 added [ 33.345587][ T6526] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.346851][ T6526] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.348193][ T6526] bridge_slave_1: entered allmulticast mode [ 33.349655][ T6526] bridge_slave_1: entered promiscuous mode [ 33.355104][ T6527] team0: Port device team_slave_1 added [ 33.366009][ T6535] team0: Port device team_slave_0 added [ 33.366778][ T6535] team0: Port device team_slave_1 added [ 33.383042][ T6526] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.384797][ T6526] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.389166][ T6535] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.389186][ T6535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.389203][ T6535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.394534][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.394544][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.394558][ T6527] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.395122][ T6527] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.395129][ T6527] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.395140][ T6527] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.408876][ T6540] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.408976][ T6540] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.409047][ T6540] bridge_slave_0: entered allmulticast mode [ 33.409477][ T6540] bridge_slave_0: entered promiscuous mode [ 33.414740][ T6535] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.414761][ T6535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.414786][ T6535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.419437][ T6540] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.419776][ T6540] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.419856][ T6540] bridge_slave_1: entered allmulticast mode [ 33.420310][ T6540] bridge_slave_1: entered promiscuous mode [ 33.449327][ T6540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 33.451763][ T6526] team0: Port device team_slave_0 added [ 33.454294][ T6535] hsr_slave_0: entered promiscuous mode [ 33.454624][ T6535] hsr_slave_1: entered promiscuous mode [ 33.454822][ T6535] debugfs: 'hsr0' already exists in 'hsr' [ 33.454855][ T6535] Cannot create hsr debugfs directory [ 33.463015][ T6540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 33.467506][ T6526] team0: Port device team_slave_1 added [ 33.477505][ T6527] hsr_slave_0: entered promiscuous mode [ 33.477796][ T6527] hsr_slave_1: entered promiscuous mode [ 33.477986][ T6527] debugfs: 'hsr0' already exists in 'hsr' [ 33.477996][ T6527] Cannot create hsr debugfs directory [ 33.494827][ T6526] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.494859][ T6526] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.495229][ T6526] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.495805][ T6526] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.495812][ T6526] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.495823][ T6526] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.512435][ T6540] team0: Port device team_slave_0 added [ 33.513235][ T6540] team0: Port device team_slave_1 added [ 33.520944][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 33.520975][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.520991][ T6540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 33.534654][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 33.534681][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 33.534695][ T6540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 33.547659][ T6526] hsr_slave_0: entered promiscuous mode [ 33.547969][ T6526] hsr_slave_1: entered promiscuous mode [ 33.548169][ T6526] debugfs: 'hsr0' already exists in 'hsr' [ 33.548178][ T6526] Cannot create hsr debugfs directory [ 33.568937][ T6540] hsr_slave_0: entered promiscuous mode [ 33.570518][ T6540] hsr_slave_1: entered promiscuous mode [ 33.571764][ T6540] debugfs: 'hsr0' already exists in 'hsr' [ 33.571795][ T6540] Cannot create hsr debugfs directory [ 33.594669][ T6533] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 33.612974][ T6533] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 33.627475][ T6533] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 33.641090][ T6533] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 33.645035][ T6535] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 33.647284][ T6535] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 33.651011][ T6535] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 33.655002][ T6535] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 33.717940][ T6533] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.718001][ T6533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.718164][ T6533] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.718203][ T6533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.727822][ T6527] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 33.730554][ T6527] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 33.733163][ T6527] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 33.735908][ T6535] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.735951][ T6535] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.736052][ T6535] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.736081][ T6535] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.746699][ T6527] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 33.777797][ T6526] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 33.785024][ T6527] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.785076][ T6527] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.785152][ T6527] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.785174][ T6527] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.793820][ T6526] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 33.799704][ T6533] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.813182][ T6535] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.813514][ T6526] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 33.815376][ T6526] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 33.826225][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.827779][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.830617][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.832577][ T14] bridge0: port 1(bridge_slave_0) entered disabled state [ 33.833889][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.835544][ T14] bridge0: port 2(bridge_slave_1) entered disabled state [ 33.846930][ T6540] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 33.851930][ T6533] 8021q: adding VLAN 0 to HW filter on device team0 [ 33.856107][ T6540] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 33.862369][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.862412][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.862984][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.863000][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.865649][ T6527] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.868485][ T6527] 8021q: adding VLAN 0 to HW filter on device team0 [ 33.870213][ T6540] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 33.875415][ T6540] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 33.880486][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.880523][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.884973][ T671] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.885127][ T671] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.894260][ T6535] 8021q: adding VLAN 0 to HW filter on device team0 [ 33.900645][ T671] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.900692][ T671] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.909059][ T6533] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 33.910779][ T6533] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 33.921022][ T4123] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.921058][ T4123] bridge0: port 2(bridge_slave_1) entered forwarding state [ 33.947992][ T6535] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 33.948035][ T6535] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 33.954091][ T6527] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 33.959425][ T6527] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 33.975252][ T6526] 8021q: adding VLAN 0 to HW filter on device bond0 [ 33.987845][ T6526] 8021q: adding VLAN 0 to HW filter on device team0 [ 33.994448][ T4097] bridge0: port 1(bridge_slave_0) entered blocking state [ 33.994497][ T4097] bridge0: port 1(bridge_slave_0) entered forwarding state [ 33.994813][ T4097] bridge0: port 2(bridge_slave_1) entered blocking state [ 33.994827][ T4097] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.045529][ T6540] 8021q: adding VLAN 0 to HW filter on device bond0 [ 34.066166][ T6527] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.076938][ T6533] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.080287][ T6535] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.088608][ T6527] veth0_vlan: entered promiscuous mode [ 34.095062][ T6540] 8021q: adding VLAN 0 to HW filter on device team0 [ 34.107431][ T14] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.107469][ T14] bridge0: port 1(bridge_slave_0) entered forwarding state [ 34.108376][ T6527] veth1_vlan: entered promiscuous mode [ 34.119897][ T6527] veth0_macvtap: entered promiscuous mode [ 34.125811][ T14] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.125852][ T14] bridge0: port 2(bridge_slave_1) entered forwarding state [ 34.136639][ T6527] veth1_macvtap: entered promiscuous mode [ 34.148475][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.149901][ T6526] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.152410][ T6535] veth0_vlan: entered promiscuous mode [ 34.167905][ T6535] veth1_vlan: entered promiscuous mode [ 34.173465][ T6533] veth0_vlan: entered promiscuous mode [ 34.176202][ T6533] veth1_vlan: entered promiscuous mode [ 34.187757][ T6535] veth0_macvtap: entered promiscuous mode [ 34.194620][ T6527] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.196929][ T6533] veth0_macvtap: entered promiscuous mode [ 34.206329][ T6533] veth1_macvtap: entered promiscuous mode [ 34.209763][ T6533] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.210693][ T6533] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.218261][ T6535] veth1_macvtap: entered promiscuous mode [ 34.230927][ T4123] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231154][ T4123] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231171][ T4123] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231185][ T4123] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231199][ T4123] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231211][ T4123] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231223][ T4123] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.231235][ T4123] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.279695][ T6540] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 34.294345][ T6535] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.303997][ T6535] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.309896][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.309943][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.317142][ T286] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.317643][ T286] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.318107][ T286] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.318320][ T286] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.324250][ T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.324281][ T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.337232][ T6526] veth0_vlan: entered promiscuous mode [ 34.342902][ T6526] veth1_vlan: entered promiscuous mode [ 34.346276][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.346314][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.365014][ T286] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.365040][ T286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.379064][ T6526] veth0_macvtap: entered promiscuous mode [ 34.380477][ T6526] veth1_macvtap: entered promiscuous mode [ 34.394264][ T4097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.394297][ T4097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.397082][ T6540] veth0_vlan: entered promiscuous mode [ 34.403967][ T6526] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.406452][ T6526] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.419452][ T6540] veth1_vlan: entered promiscuous mode [ 34.425685][ T6533] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 34.429906][ T4097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.429931][ T4097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.439097][ T4123] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.439349][ T4123] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.439445][ T4123] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.439468][ T4123] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.478023][ T671] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.478056][ T671] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.491258][ T671] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 34.493727][ T671] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 34.502346][ T6540] veth0_macvtap: entered promiscuous mode [ 34.504298][ T6540] veth1_macvtap: entered promiscuous mode [ 34.518645][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 34.520526][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 34.540383][ T41] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.540447][ T41] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.540468][ T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.540483][ T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 34.559603][ T6644] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 35.338421][ T6649] Injecting memory failure for pfn 0x1355fe at process virtual address 0x20ffe000 [ 35.338541][ T6649] Memory failure: 0x1355fe: recovery action for unsplit thp: Failed [ 35.365464][ T6536] Bluetooth: hci3: command tx timeout [ 35.365667][ T6536] Bluetooth: hci0: command tx timeout [ 35.365786][ T6536] Bluetooth: hci2: command tx timeout [ 35.365870][ T6536] Bluetooth: hci4: command tx timeout [ 35.366107][ T6531] Bluetooth: hci1: command tx timeout [ 35.576823][ T6654] loop0: detected capacity change from 0 to 24 [ 35.582540][ T6654] MTD: Attempt to mount non-MTD device "/dev/loop0" [ 35.606037][ T6654] romfs: Mounting image 'rom 637cf1fa' through the block layer [ 35.623652][ T6654] fuse: Unknown parameter '0xffffffffffffffff' [ 35.732173][ T286] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 35.732207][ T286] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 35.737568][ T6655] loop3: detected capacity change from 0 to 32768 [ 35.968339][ T6655] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.7 (6655) [ 35.979670][ T6655] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 35.979736][ T6655] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm [ 36.004667][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.004700][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.097368][ T6655] BTRFS info (device loop3): turning off barriers [ 36.097405][ T6655] BTRFS info (device loop3): enabling free space tree [ 36.097432][ T6655] BTRFS info (device loop3): use zlib compression, level 3 [ 36.177051][ T6683] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 36.177551][ T6683] Error validating options; rc = [-22] [ 36.207871][ T6683] loop4: detected capacity change from 0 to 64 [ 36.506777][ T6690] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 36.569343][ T6693] loop0: detected capacity change from 0 to 512 [ 36.591416][ T6695] loop1: detected capacity change from 0 to 512 [ 36.591893][ T6695] EXT4-fs: Ignoring removed nobh option [ 36.596886][ T6693] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002] [ 36.596987][ T6693] System zones: 1-12 [ 36.599657][ T6693] EXT4-fs error (device loop0): dx_probe:791: inode #2: comm syz.0.11: Directory hole found for htree index block 0 [ 36.602121][ T6695] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 36.603109][ T6695] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2: invalid indirect mapped block 256 (level 1) [ 36.605768][ T6695] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2: invalid indirect mapped block 2683928664 (level 1) [ 36.606475][ T6695] EXT4-fs (loop1): 1 truncate cleaned up [ 36.606924][ T6695] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.612008][ T6693] EXT4-fs (loop0): Remounting filesystem read-only [ 36.612083][ T6693] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117 [ 36.612188][ T6693] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117 [ 36.612676][ T6693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 36.634387][ T6695] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.2: invalid indirect mapped block 480848489 (level 1) [ 36.647247][ T6693] mmap: syz.0.11 (6693) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 36.653363][ T6655] Zero length message leads to an empty skb [ 36.672059][ T6693] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000. [ 36.762651][ T6527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 36.765920][ T6690] loop4: detected capacity change from 0 to 32768 [ 36.767408][ T6690] ======================================================= [ 36.767408][ T6690] WARNING: The mand mount option has been deprecated and [ 36.767408][ T6690] and is ignored by this kernel. Remove the mand [ 36.767408][ T6690] option from the mount to silence this warning. [ 36.767408][ T6690] ======================================================= [ 36.883435][ T6699] warning: `syz.0.12' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 36.892365][ T6699] loop0: detected capacity change from 0 to 128 [ 36.927684][ T6535] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 36.943305][ T6699] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2 [ 36.992598][ T6690] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names [ 37.011412][ T6690] allowing incompatible features above 0.0: (unknown version) [ 37.011953][ T6690] features: atomic_nlink [ 37.011975][ T6690] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0 [ 37.012023][ T6690] bcachefs (loop4): initializing new filesystem [ 37.028965][ T6690] bcachefs (loop4): going read-write [ 37.061664][ T6690] bcachefs (loop4): marking superblocks [ 37.107292][ T6690] bcachefs (loop4): initializing freespace [ 37.142725][ T6690] bcachefs (loop4): done initializing freespace [ 37.149875][ T6690] bcachefs (loop4): reading snapshots table [ 37.149943][ T6690] bcachefs (loop4): reading snapshots done [ 37.177736][ T6690] bcachefs (loop4): done starting filesystem [ 37.184904][ T6690] gretap1: entered promiscuous mode [ 37.184939][ T6690] gretap1: entered allmulticast mode [ 37.255760][ T6526] bcachefs (loop4): shutting down [ 37.255812][ T6526] bcachefs (loop4): going read-only [ 37.255915][ T6526] bcachefs (loop4): finished waiting for writes to stop [ 37.295956][ T6526] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3 [ 37.351058][ T6526] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3 [ 37.358307][ T6526] bcachefs (loop4): clean shutdown complete, journal seq 4 [ 37.358833][ T6526] bcachefs (loop4): marking filesystem clean [ 37.371799][ T6531] Bluetooth: hci4: command tx timeout [ 37.372991][ T6536] Bluetooth: hci2: command tx timeout [ 37.373034][ T6536] Bluetooth: hci0: command tx timeout [ 37.373065][ T6536] Bluetooth: hci3: command tx timeout [ 37.375882][ T6530] Bluetooth: hci1: command tx timeout [ 37.407523][ T6526] bcachefs (loop4): shutdown complete [ 37.725402][ T6658] loop2: detected capacity change from 0 to 262144 [ 37.738962][ T6658] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.8 (6658) [ 37.750816][ T6658] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 37.750981][ T6658] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm [ 37.756813][ T6540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 37.838664][ T6658] BTRFS info (device loop2): enabling ssd optimizations [ 37.838693][ T6658] BTRFS info (device loop2): enabling free space tree [ 37.908568][ T6658] syz.2.8 uses obsolete (PF_INET,SOCK_PACKET) [ 38.329625][ T6807] BTRFS info (device loop2): balance: start -d -m [ 38.335599][ T6807] BTRFS info (device loop2): relocating block group 30408704 flags metadata|dup [ 38.353952][ T6807] BTRFS info (device loop2): found 3 extents, stage: move data extents [ 38.361024][ T6807] BTRFS info (device loop2): relocating block group 13631488 flags data [ 38.393554][ T6807] BTRFS info (device loop2): found 1 extents, stage: move data extents [ 38.412973][ T6807] BTRFS info (device loop2): found 1 extents, stage: update data pointers [ 38.427504][ T6807] BTRFS info (device loop2): balance: ended with status: 0 [ 38.462750][ T6533] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53 [ 38.714814][ T6839] loop0: detected capacity change from 0 to 256 [ 38.784886][ T6845] tipc: Started in network mode [ 38.784922][ T6845] tipc: Node identity ac14140f, cluster identity 4711 [ 38.789057][ T6845] tipc: New replicast peer: 255.255.255.255 [ 38.789306][ T6845] tipc: Enabled bearer , priority 10 [ 38.860977][ T6854] loop0: detected capacity change from 0 to 512 [ 38.864313][ T6854] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 38.864335][ T6854] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem [ 38.870761][ T6854] EXT4-fs error (device loop0): __ext4_fill_super:5504: inode #2: comm syz.0.62: casefold flag without casefold feature [ 38.874124][ T6854] EXT4-fs (loop0): get root inode failed [ 38.874149][ T6854] EXT4-fs (loop0): mount failed [ 38.956768][ T31] audit: type=1326 audit(38.930:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.960977][ T31] audit: type=1326 audit(38.930:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.970881][ T31] audit: type=1326 audit(38.940:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977563][ T31] audit: type=1326 audit(38.950:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977602][ T31] audit: type=1326 audit(38.950:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977631][ T31] audit: type=1326 audit(38.950:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977650][ T31] audit: type=1326 audit(38.950:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977668][ T31] audit: type=1326 audit(38.950:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977683][ T31] audit: type=1326 audit(38.950:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 38.977697][ T31] audit: type=1326 audit(38.950:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6862 comm="syz.0.66" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 39.185265][ T6873] loop1: detected capacity change from 0 to 764 [ 39.213803][ T6873] rock: directory entry would overflow storage [ 39.213835][ T6873] rock: sig=0x4f50, size=4, remaining=3 [ 39.215494][ T6873] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 39.301469][ T6882] loop1: detected capacity change from 0 to 512 [ 39.317030][ T6882] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.74: bg 0: block 288: padding at end of block bitmap is not set [ 39.319665][ T6882] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem [ 39.322200][ T6882] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.74: attempt to clear invalid blocks 1024 len 1 [ 39.328126][ T6890] loop4: detected capacity change from 0 to 16 [ 39.328530][ T6890] MTD: Attempt to mount non-MTD device "/dev/loop4" [ 39.330231][ T6882] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.74: invalid indirect mapped block 1819239214 (level 0) [ 39.341548][ T6882] EXT4-fs (loop1): 1 truncate cleaned up [ 39.343610][ T6882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 39.397779][ T6540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.452198][ T6530] Bluetooth: hci1: command tx timeout [ 39.452212][ T6531] Bluetooth: hci4: command tx timeout [ 39.452238][ T6530] Bluetooth: hci3: command tx timeout [ 39.452254][ T6530] Bluetooth: hci0: command tx timeout [ 39.452267][ T6530] Bluetooth: hci2: command tx timeout [ 39.577238][ T6911] loop3: detected capacity change from 0 to 1024 [ 39.630863][ T6911] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.82: Failed to acquire dquot type 0 [ 39.636970][ T6911] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 39.637336][ T6911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.82: corrupted inode contents [ 39.638286][ T6911] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #13: comm syz.3.82: mark_inode_dirty error [ 39.638456][ T6911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.82: corrupted inode contents [ 39.638574][ T6911] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.82: mark_inode_dirty error [ 39.638715][ T6911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.82: corrupted inode contents [ 39.640381][ T6911] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 39.640578][ T6911] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.82: corrupted inode contents [ 39.640708][ T6911] EXT4-fs error (device loop3): ext4_truncate:4666: inode #13: comm syz.3.82: mark_inode_dirty error [ 39.646707][ T6911] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 39.648157][ T6911] EXT4-fs (loop3): 1 truncate cleaned up [ 39.648609][ T6911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 39.704163][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 39.839691][ T6925] ALSA: seq fatal error: cannot create timer (-19) [ 39.903465][ T6595] tipc: Node number set to 2886997007 [ 40.162442][ T6937] loop0: detected capacity change from 0 to 8192 [ 40.177870][ T6937] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 40.426736][ T6970] loop4: detected capacity change from 0 to 1024 [ 40.459478][ T6970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 40.483269][ T6970] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: block 3: comm syz.4.106: lblock 3 mapped to illegal pblock 3 (length 3) [ 40.495604][ T6970] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 40.495647][ T6970] EXT4-fs (loop4): This should not happen!! Data will be lost [ 40.495647][ T6970] [ 40.549490][ T41] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters [ 40.549962][ T41] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28 [ 40.549981][ T41] EXT4-fs (loop4): This should not happen!! Data will be lost [ 40.549981][ T41] [ 40.549991][ T41] EXT4-fs (loop4): Total free blocks count 0 [ 40.549999][ T41] EXT4-fs (loop4): Free/Dirty block details [ 40.550009][ T41] EXT4-fs (loop4): free_blocks=4293918720 [ 40.550021][ T41] EXT4-fs (loop4): dirty_blocks=48 [ 40.550028][ T41] EXT4-fs (loop4): Block reservation details [ 40.603459][ T3924] cfg80211: failed to load regulatory.db [ 40.629377][ T6985] loop2: detected capacity change from 0 to 1024 [ 40.656703][ T6985] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002] [ 40.656754][ T6985] System zones: 0-1, 3-8 [ 40.657280][ T6985] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 40.686674][ T6996] loop1: detected capacity change from 0 to 512 [ 40.695923][ T6992] loop3: detected capacity change from 0 to 512 [ 40.709744][ T6996] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.116: casefold flag without casefold feature [ 40.716997][ T6996] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.116: couldn't read orphan inode 15 (err -117) [ 40.717251][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 40.730294][ T6996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.743204][ T6992] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 40.768933][ T7006] netlink: 12 bytes leftover after parsing attributes in process `syz.2.118'. [ 40.772308][ T6992] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 40.789986][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.820135][ T6540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 40.834999][ T7013] loop1: detected capacity change from 0 to 128 [ 40.847494][ T7013] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 40.915308][ T7004] serio: Serial port ptm0 [ 40.919461][ T6540] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 41.021101][ T7034] bridge_slave_0: left allmulticast mode [ 41.023952][ T7034] bridge_slave_0: left promiscuous mode [ 41.024876][ T7035] netlink: 'syz.2.131': attribute type 11 has an invalid length. [ 41.026584][ T7034] bridge0: port 1(bridge_slave_0) entered disabled state [ 41.033482][ T7034] bridge_slave_1: left allmulticast mode [ 41.034568][ T7034] bridge_slave_1: left promiscuous mode [ 41.035786][ T7034] bridge0: port 2(bridge_slave_1) entered disabled state [ 41.045649][ T7034] bond0: (slave bond_slave_0): Releasing backup interface [ 41.076853][ T7036] netlink: 'syz.1.130': attribute type 10 has an invalid length. [ 41.076883][ T7036] netlink: 40 bytes leftover after parsing attributes in process `syz.1.130'. [ 41.081181][ T7034] bond0: (slave bond_slave_1): Releasing backup interface [ 41.113449][ T7034] team0: Port device team_slave_0 removed [ 41.133437][ T7034] team0: Port device team_slave_1 removed [ 41.133914][ T7034] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 41.133940][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 41.138974][ T7034] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 41.138998][ T7034] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 41.160707][ T7036] batman_adv: batadv0: Adding interface: virt_wifi0 [ 41.160748][ T7036] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 41.161043][ T7036] batman_adv: batadv0: Interface activated: virt_wifi0 [ 41.167707][ T7038] netlink: 96 bytes leftover after parsing attributes in process `syz.2.132'. [ 41.250978][ T7047] loop0: detected capacity change from 0 to 512 [ 41.281275][ T7047] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 41.298132][ T7047] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.135: invalid indirect mapped block 4294967295 (level 0) [ 41.298340][ T7047] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.135: invalid indirect mapped block 4294967295 (level 1) [ 41.298697][ T7047] EXT4-fs (loop0): 1 orphan inode deleted [ 41.298704][ T7047] EXT4-fs (loop0): 1 truncate cleaned up [ 41.299120][ T7047] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 41.353339][ T6527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 41.450548][ T7071] loop3: detected capacity change from 0 to 2048 [ 41.472332][ T7074] netlink: 'syz.2.146': attribute type 13 has an invalid length. [ 41.476805][ T7074] gretap0: refused to change device tx_queue_len [ 41.477910][ T7074] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 41.485106][ T6518] loop3: p1 < > p4 [ 41.519006][ T6518] loop3: p4 size 8388608 extends beyond EOD, truncated [ 41.525641][ T7071] loop3: p1 < > p4 [ 41.527251][ T7071] loop3: p4 size 8388608 extends beyond EOD, truncated [ 41.531421][ T6531] Bluetooth: hci2: command tx timeout [ 41.533111][ T6531] Bluetooth: hci0: command tx timeout [ 41.533153][ T6531] Bluetooth: hci3: command tx timeout [ 41.533177][ T6531] Bluetooth: hci1: command tx timeout [ 41.541809][ T6536] Bluetooth: hci4: command tx timeout [ 41.570960][ T7008] udevd[7008]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 41.572720][ T6666] udevd[6666]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 41.596979][ T6518] udevd[6518]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 41.598708][ T7008] udevd[7008]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 41.708486][ T7095] loop3: detected capacity change from 0 to 1024 [ 41.728602][ T7096] veth0_to_team: entered promiscuous mode [ 41.745069][ T7095] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.009870][ T7112] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 42.030926][ T7114] loop4: detected capacity change from 0 to 512 [ 42.155946][ T7121] loop2: detected capacity change from 0 to 1024 [ 42.185600][ T7121] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 42.216759][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.236962][ T7131] rdma_op 00000000941cba40 conn xmit_rdma 0000000000000000 [ 42.304618][ T7067] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 42.306408][ T7141] netlink: 4 bytes leftover after parsing attributes in process `syz.4.174'. [ 42.306461][ T7067] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 42.308641][ T7141] netlink: 32 bytes leftover after parsing attributes in process `syz.4.174'. [ 42.314211][ T7067] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 42.319377][ T7067] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 42.320517][ T7067] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 42.324987][ T7067] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 42.328115][ T7067] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 42.328264][ T7067] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 42.330445][ T7067] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 42.335805][ T7067] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 42.335851][ T7067] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 42.338288][ T7067] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 42.344398][ T7067] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 42.346325][ T7067] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 42.347889][ T7067] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 42.618820][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 42.638037][ T7171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.188'. [ 42.706149][ T7182] loop0: detected capacity change from 0 to 128 [ 42.709013][ T7182] EXT4-fs: Ignoring removed nobh option [ 42.716958][ T7182] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 42.735711][ T7186] netlink: 24 bytes leftover after parsing attributes in process `syz.2.187'. [ 42.768953][ T6527] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 42.862637][ T7201] loop2: detected capacity change from 0 to 1024 [ 42.868243][ T7207] Driver unsupported XDP return value 0 on prog (id 9) dev N/A, expect packet loss! [ 42.909262][ T7201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback. [ 42.942762][ T7215] pim6reg: entered allmulticast mode [ 42.951027][ T7215] pim6reg: left allmulticast mode [ 42.967191][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.4.205'. [ 42.967232][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.4.205'. [ 42.990901][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000. [ 43.007358][ T7223] netlink: 'syz.3.210': attribute type 6 has an invalid length. [ 43.246502][ T7245] hub 8-0:1.0: USB hub found [ 43.247111][ T7245] hub 8-0:1.0: 8 ports detected [ 43.691919][ T6536] Bluetooth: hci0: command 0x0c1a tx timeout [ 44.015572][ T7243] loop1: detected capacity change from 0 to 8192 [ 44.179444][ T31] kauditd_printk_skb: 107 callbacks suppressed [ 44.179477][ T31] audit: type=1326 audit(44.150:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198344][ T31] audit: type=1326 audit(44.170:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198382][ T31] audit: type=1326 audit(44.170:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=214 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198409][ T31] audit: type=1326 audit(44.170:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198425][ T31] audit: type=1326 audit(44.170:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198441][ T31] audit: type=1326 audit(44.170:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.198456][ T31] audit: type=1326 audit(44.170:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=81 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.232942][ T31] audit: type=1326 audit(44.210:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.237222][ T31] audit: type=1326 audit(44.210:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.244613][ T31] audit: type=1326 audit(44.220:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7251 comm="syz.2.222" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 44.260177][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x4 [ 44.260217][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x2 [ 44.271266][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271301][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271477][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271485][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271493][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271500][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271506][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.271513][ T1824] hid-generic 0000:3000000:0000.0001: unknown main item tag 0x0 [ 44.283701][ T1824] hid-generic 0000:3000000:0000.0001: hidraw0: HID v0.00 Device [sy] on syz0 [ 44.314084][ T7264] fido_id[7264]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 44.331722][ T6536] Bluetooth: hci2: command 0x0c1a tx timeout [ 44.331769][ T6536] Bluetooth: hci1: command 0x0c1a tx timeout [ 44.388927][ T7271] loop0: detected capacity change from 0 to 512 [ 44.396429][ T7271] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 44.423342][ T6536] Bluetooth: hci3: command 0x0c1a tx timeout [ 44.424488][ T6531] Bluetooth: hci4: command 0x0c1a tx timeout [ 44.454088][ T7282] loop3: detected capacity change from 0 to 1024 [ 44.506257][ T7282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.566983][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.570109][ T7301] loop2: detected capacity change from 0 to 512 [ 44.573087][ T7301] EXT4-fs: Ignoring removed oldalloc option [ 44.573395][ T7299] loop0: detected capacity change from 0 to 1024 [ 44.577069][ T7301] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 44.603595][ T7301] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 11. Delete some EAs or run e2fsck. [ 44.603659][ T7301] EXT4-fs (loop2): 1 truncate cleaned up [ 44.604094][ T7301] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 44.639877][ T7299] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 44.677474][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.683288][ T6527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 44.821735][ T7326] IPv6: Can't replace route, no match found [ 44.846168][ T7330] process 'syz.1.252' launched '/dev/fd/3' with NULL argv: empty string added [ 44.858027][ T7318] 9pnet_fd: Insufficient options for proto=fd [ 44.903748][ T7334] ªªªªª: renamed from dummy0 (while UP) [ 45.097549][ T7351] syzkaller0: refused to change device tx_queue_len [ 45.137967][ T7355] syzkaller1: entered promiscuous mode [ 45.138000][ T7355] syzkaller1: entered allmulticast mode [ 45.628011][ T7387] loop7: detected capacity change from 0 to 16384 [ 45.778822][ T6531] Bluetooth: hci0: command 0x0c1a tx timeout [ 45.867840][ T7402] netlink: 26 bytes leftover after parsing attributes in process `syz.4.284'. [ 45.904003][ T7404] netlink: 12 bytes leftover after parsing attributes in process `syz.4.285'. [ 45.982741][ T7409] loop4: detected capacity change from 0 to 128 [ 46.048103][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048103][ T7410] loop4: rw=2049, sector=153, nr_sectors = 8 limit=128 [ 46.048183][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048183][ T7410] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 46.048223][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048223][ T7410] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 46.048260][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048260][ T7410] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 46.048298][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048298][ T7410] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 46.048335][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048335][ T7410] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 46.048368][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048368][ T7410] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 46.048400][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048400][ T7410] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 46.048436][ T7410] syz.4.287: attempt to access beyond end of device [ 46.048436][ T7410] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 46.050786][ T7410] syz.4.287: attempt to access beyond end of device [ 46.050786][ T7410] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 46.122920][ T7311] Set syz1 is full, maxelem 65536 reached [ 46.187510][ T7421] loop0: detected capacity change from 0 to 512 [ 46.200106][ T7421] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 46.257394][ T7421] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.292: invalid indirect mapped block 4294967295 (level 0) [ 46.260069][ T7421] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.292: invalid indirect mapped block 4294967295 (level 1) [ 46.264188][ T7421] EXT4-fs (loop0): 1 orphan inode deleted [ 46.264212][ T7421] EXT4-fs (loop0): 1 truncate cleaned up [ 46.264680][ T7421] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 46.304510][ T6527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.421444][ T6536] Bluetooth: hci2: command 0x0c1a tx timeout [ 46.421520][ T6531] Bluetooth: hci1: command 0x0c1a tx timeout [ 46.449444][ T7466] vhci_hcd: invalid port number 96 [ 46.449470][ T7466] vhci_hcd: default hub control req: 0000 vfffc i0060 l0 [ 46.485032][ T7473] syz.1.313 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 46.492146][ T6531] Bluetooth: hci4: command 0x0c1a tx timeout [ 46.492188][ T6531] Bluetooth: hci3: command 0x0c1a tx timeout [ 46.546994][ T7478] netlink: 4 bytes leftover after parsing attributes in process `syz.1.315'. [ 47.008669][ T7523] syz_tun: entered allmulticast mode [ 47.013524][ T7522] syz_tun: left allmulticast mode [ 47.079166][ T7529] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 47.079244][ T7529] FAT-fs (loop5): unable to read boot sector [ 47.167231][ T7535] loop2: detected capacity change from 0 to 512 [ 47.179912][ T7535] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.342: error while reading EA inode 32 err=-116 [ 47.203637][ T7535] EXT4-fs (loop2): Remounting filesystem read-only [ 47.204462][ T7535] EXT4-fs warning (device loop2): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 47.205177][ T7535] EXT4-fs (loop2): 1 orphan inode deleted [ 47.206272][ T7535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.286469][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.378656][ T7542] loop4: detected capacity change from 0 to 8192 [ 47.396808][ T7542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.345'. [ 47.491251][ T7554] netlink: 10 bytes leftover after parsing attributes in process `syz.2.348'. [ 47.495244][ T7554] loop2: detected capacity change from 0 to 7 [ 47.508367][ T7554] Dev loop2: unable to read RDB block 7 [ 47.508412][ T7554] loop2: AHDI p1 p2 p3 [ 47.508435][ T7554] loop2: partition table partially beyond EOD, truncated [ 47.508541][ T7554] loop2: p1 start 1601398130 is beyond EOD, truncated [ 47.508560][ T7554] loop2: p2 start 1702059890 is beyond EOD, truncated [ 47.644123][ T7569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.355'. [ 47.737823][ T7581] usb usb1: usbfs: process 7581 (syz.2.361) did not claim interface 0 before use [ 47.797451][ T7591] netlink: 3 bytes leftover after parsing attributes in process `syz.0.366'. [ 47.797629][ T7591] 0ªX¹¦À: renamed from caif0 [ 47.841554][ T7591] 0ªX¹¦À: entered allmulticast mode [ 47.841608][ T7591] A link change request failed with some changes committed already. Interface 60ªX¹¦À may have been left with an inconsistent configuration, please check. [ 47.853501][ T6536] Bluetooth: hci0: command 0x0c1a tx timeout [ 47.878534][ T7586] loop3: detected capacity change from 0 to 8192 [ 47.938421][ T7599] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 48.009198][ T7602] tipc: Enabled bearer , priority 0 [ 48.014127][ T7602] syzkaller0: entered promiscuous mode [ 48.014165][ T7602] syzkaller0: entered allmulticast mode [ 48.036491][ T7602] tipc: Resetting bearer [ 48.046235][ T7600] tipc: Resetting bearer [ 48.058037][ T7600] tipc: Disabling bearer [ 48.403154][ T7616] hub 9-0:1.0: USB hub found [ 48.403285][ T7616] hub 9-0:1.0: 8 ports detected [ 48.461258][ T7618] loop4: detected capacity change from 0 to 512 [ 48.495654][ T6536] Bluetooth: hci1: command 0x0c1a tx timeout [ 48.495719][ T6536] Bluetooth: hci2: command 0x0c1a tx timeout [ 48.553740][ T7620] loop4: detected capacity change from 0 to 512 [ 48.556842][ T7620] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 48.566113][ T7620] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 48.567770][ T7620] System zones: 0-2, 18-18, 34-34 [ 48.571608][ T6536] Bluetooth: hci4: command 0x0c1a tx timeout [ 48.571663][ T6531] Bluetooth: hci3: command 0x0c1a tx timeout [ 48.577456][ T7620] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 48.590413][ T7620] netlink: 'syz.4.377': attribute type 10 has an invalid length. [ 48.608570][ T7620] team0: Port device dummy0 added [ 48.614553][ T7620] netlink: 'syz.4.377': attribute type 10 has an invalid length. [ 48.616464][ T7620] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 48.623717][ T7620] team0: Failed to send options change via netlink (err -105) [ 48.625398][ T7620] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 48.627058][ T7620] team0: Port device dummy0 removed [ 48.630385][ T7620] bond0: (slave dummy0): Enslaving as an active interface with an up link [ 48.666712][ T6526] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 48.904927][ T7634] netlink: 4 bytes leftover after parsing attributes in process `syz.1.383'. [ 49.006949][ T7644] loop2: detected capacity change from 0 to 1024 [ 49.040417][ T7644] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.048326][ T7646] netlink: 4 bytes leftover after parsing attributes in process `syz.1.389'. [ 49.075410][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.117142][ T7661] netlink: 'syz.4.395': attribute type 1 has an invalid length. [ 49.252155][ T7685] loop1: detected capacity change from 0 to 512 [ 49.259798][ T7686] usb usb8: usbfs: process 7686 (syz.2.407) did not claim interface 0 before use [ 49.290687][ T7685] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 49.367223][ T7700] netlink: 228 bytes leftover after parsing attributes in process `syz.2.412'. [ 49.393114][ T31] kauditd_printk_skb: 324 callbacks suppressed [ 49.393153][ T31] audit: type=1326 audit(49.370:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.393174][ T31] audit: type=1326 audit(49.370:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.401280][ T31] audit: type=1326 audit(49.370:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.404848][ T31] audit: type=1326 audit(49.370:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.408231][ T31] audit: type=1326 audit(49.380:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.408270][ T31] audit: type=1326 audit(49.380:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.409984][ T6540] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 49.418192][ T31] audit: type=1326 audit(49.390:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.418308][ T31] audit: type=1326 audit(49.390:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.427221][ T31] audit: type=1326 audit(49.400:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=34 compat=0 ip=0xffff9835a474 code=0x7ffc0000 [ 49.432560][ T31] audit: type=1326 audit(49.410:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7701 comm="syz.2.414" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9835c068 code=0x7ffc0000 [ 49.510100][ C1] vxcan0: j1939_tp_rxtimer: 0x00000000b523daf5: rx timeout, send abort [ 49.510862][ C1] vxcan0: j1939_xtp_rx_abort_one: 0x00000000b523daf5: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 49.565905][ T7714] loop1: detected capacity change from 0 to 2048 [ 49.587697][ T7714] EXT4-fs (loop1): failed to initialize system zone (-117) [ 49.587788][ T7714] EXT4-fs (loop1): mount failed [ 49.631763][ T7728] loop4: detected capacity change from 0 to 128 [ 49.634952][ T7728] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 49.635700][ T7728] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 49.641043][ T7724] loop2: detected capacity change from 0 to 2048 [ 49.682117][ T7724] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 49.848072][ T286] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u8:4: bg 0: block 345: padding at end of block bitmap is not set [ 49.849012][ T286] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 79 with max blocks 1 with error 117 [ 49.849026][ T286] EXT4-fs (loop2): This should not happen!! Data will be lost [ 49.849026][ T286] [ 49.850768][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 50.170548][ T7755] netlink: 'syz.3.433': attribute type 4 has an invalid length. [ 50.339378][ T7768] loop2: detected capacity change from 0 to 128 [ 50.339842][ T7768] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 50.342897][ T7768] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 50.376638][ T7768] 8021q: adding VLAN 0 to HW filter on device bond1 [ 50.377046][ T7768] bridge0: port 3(bond1) entered blocking state [ 50.377073][ T7768] bridge0: port 3(bond1) entered disabled state [ 50.377133][ T7768] bond1: entered allmulticast mode [ 50.377748][ T7768] bond1: entered promiscuous mode [ 50.378026][ T7768] bridge0: port 3(bond1) entered blocking state [ 50.378086][ T7768] bridge0: port 3(bond1) entered forwarding state [ 50.386348][ T7775] loop0: detected capacity change from 0 to 164 [ 50.395632][ T7775] ISOFS: unable to read i-node block [ 50.395728][ T7775] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet. [ 50.519769][ T7788] IPv6: NLM_F_CREATE should be specified when creating new route [ 50.525930][ T7788] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 50.525951][ T7788] IPv6: NLM_F_CREATE should be set when creating new route [ 50.527882][ T4097] bridge0: port 3(bond1) entered disabled state [ 50.631719][ T6595] hid_parser_main: 6 callbacks suppressed [ 50.632575][ T6595] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 50.632590][ T6595] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 50.632601][ T6595] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0 [ 50.638289][ T6595] hid-generic 0000:0004:0000.0002: hidraw0: HID v0.00 Device [syz0] on syz0 [ 50.648304][ T7805] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 50.676507][ T7806] fido_id[7806]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 50.699493][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.701432][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.702776][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.704109][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.705478][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.706795][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.708024][ T6595] hid-generic 0000:0006:0007.0003: unknown main item tag 0x0 [ 50.716133][ T6595] hid-generic 0000:0006:0007.0003: hidraw0: HID v0.0b Device [syz1] on syz1 [ 50.753177][ T7813] fido_id[7813]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 50.919253][ T7837] Unsupported ieee802154 address type: 0 [ 50.949863][ T7839] __nla_validate_parse: 3 callbacks suppressed [ 50.949906][ T7839] netlink: 4 bytes leftover after parsing attributes in process `syz.2.473'. [ 51.078860][ T7852] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 51.081960][ T7851] IPVS: stopping master sync thread 7852 ... [ 51.088381][ T7851] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 51.088916][ T7851] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32 [ 51.112809][ T7854] loop3: detected capacity change from 0 to 2048 [ 51.133988][ T7854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 51.168651][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.602464][ T7955] loop3: detected capacity change from 0 to 1024 [ 52.604111][ T7955] EXT4-fs: Ignoring removed orlov option [ 52.627462][ T7955] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.674833][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.720885][ T7839] Set syz1 is full, maxelem 65536 reached [ 52.802863][ T7982] loop2: detected capacity change from 0 to 1024 [ 52.808014][ T7982] EXT4-fs: Ignoring removed oldalloc option [ 52.808058][ T7982] EXT4-fs: Ignoring removed bh option [ 52.813372][ T7987] loop3: detected capacity change from 0 to 1024 [ 52.831729][ T7982] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 52.862514][ T7987] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 52.866400][ T7987] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.502: lblock 3 mapped to illegal pblock 3 (length 3) [ 52.866695][ T7987] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 52.866705][ T7987] EXT4-fs (loop3): This should not happen!! Data will be lost [ 52.866705][ T7987] [ 52.867887][ T7987] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 7: comm syz.3.502: lblock 7 mapped to illegal pblock 7 (length 9) [ 52.868021][ T7987] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 9 with error 117 [ 52.868030][ T7987] EXT4-fs (loop3): This should not happen!! Data will be lost [ 52.868030][ T7987] [ 52.879445][ T7982] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 18: block 433:freeing already freed block (bit 27); block bitmap corrupt. [ 52.908760][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 52.914253][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 52.947647][ T8002] netlink: 24 bytes leftover after parsing attributes in process `syz.3.505'. [ 53.045002][ T7998] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.135828][ T7998] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.299657][ T7998] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.354322][ T7998] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 53.384095][ T8025] netlink: 24 bytes leftover after parsing attributes in process `syz.4.515'. [ 53.486190][ T12] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.486243][ T12] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.496718][ T6650] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 53.508478][ T6650] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.018689][ T8056] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 54.192752][ T8081] netlink: 'syz.0.537': attribute type 4 has an invalid length. [ 54.230762][ T8086] netlink: 'syz.1.538': attribute type 21 has an invalid length. [ 54.230798][ T8086] netlink: 164 bytes leftover after parsing attributes in process `syz.1.538'. [ 54.265164][ T8088] loop2: detected capacity change from 0 to 1024 [ 54.267228][ T8088] EXT4-fs: Ignoring removed oldalloc option [ 54.268344][ T8088] EXT4-fs: Ignoring removed orlov option [ 54.272428][ T8088] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 54.286380][ T8092] loop3: detected capacity change from 0 to 512 [ 54.286941][ T8092] ext3: Unknown parameter 'noacl' [ 54.288765][ T8091] netlink: 12 bytes leftover after parsing attributes in process `syz.0.541'. [ 54.305191][ T8088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 54.330979][ T8088] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4183: comm syz.2.540: Allocating blocks 497-513 which overlap fs metadata [ 54.392030][ T6533] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 54.432442][ T31] kauditd_printk_skb: 179 callbacks suppressed [ 54.433500][ T31] audit: type=1326 audit(54.400:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 54.436937][ T31] audit: type=1326 audit(54.400:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8090 comm="syz.0.541" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 54.449152][ T6570] IPVS: starting estimator thread 0... [ 54.551752][ T8111] IPVS: using max 49 ests per chain, 117600 per kthread [ 54.740696][ T8137] netlink: 'syz.0.558': attribute type 6 has an invalid length. [ 54.916301][ T8143] loop0: detected capacity change from 0 to 512 [ 54.916717][ T8143] journal_path: Non-blockdev passed as './bus' [ 54.916730][ T8143] EXT4-fs: error: could not find journal device path [ 54.939479][ T31] audit: type=1326 audit(54.900:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8145 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb715c068 code=0x7ffc0000 [ 54.939534][ T31] audit: type=1326 audit(54.900:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8145 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb715c068 code=0x7ffc0000 [ 54.943620][ T31] audit: type=1326 audit(54.900:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8145 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb715c068 code=0x7ffc0000 [ 54.943645][ T31] audit: type=1326 audit(54.900:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8145 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb715c068 code=0x7ffc0000 [ 54.943658][ T31] audit: type=1326 audit(54.900:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8145 comm="syz.4.562" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=22 compat=0 ip=0xffffb715c068 code=0x7ffc0000 [ 55.165120][ T8159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.568'. [ 55.230511][ T8163] loop3: detected capacity change from 0 to 2048 [ 55.239195][ T8163] EXT4-fs: inline encryption not supported [ 55.263874][ T8163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.269767][ T8163] netlink: '+}[@': attribute type 4 has an invalid length. [ 55.300585][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 55.369655][ T8179] netlink: 4 bytes leftover after parsing attributes in process `syz.3.578'. [ 55.451824][ T8183] netlink: 168 bytes leftover after parsing attributes in process `syz.1.579'. [ 55.505885][ T8193] loop3: detected capacity change from 0 to 128 [ 55.588259][ T8196] loop0: detected capacity change from 0 to 1024 [ 55.639669][ T8196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 55.651393][ T31] audit: type=1326 audit(55.610:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8206 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 55.660875][ T31] audit: type=1326 audit(55.610:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8206 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 55.660937][ T31] audit: type=1326 audit(55.610:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8206 comm="syz.1.590" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=184 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 55.753621][ T6527] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 56.075598][ T8240] netlink: 8 bytes leftover after parsing attributes in process `syz.3.603'. [ 56.079902][ T8240] ip6gre1: entered allmulticast mode [ 56.267286][ T1824] kernel write not supported for file /vmstat (pid: 1824 comm: kworker/1:2) [ 56.301403][ T8255] netlink: 8 bytes leftover after parsing attributes in process `syz.3.608'. [ 56.301443][ T8255] netlink: 312 bytes leftover after parsing attributes in process `syz.3.608'. [ 56.419444][ T8266] loop3: detected capacity change from 0 to 512 [ 56.426933][ T8266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 56.712038][ T8291] netlink: 'syz.4.613': attribute type 3 has an invalid length. [ 56.714055][ T8291] syzkaller0: refused to change device tx_queue_len [ 56.799388][ T8298] syzkaller0: entered allmulticast mode [ 56.806755][ T8298] syzkaller0 (unregistering): left allmulticast mode [ 57.095105][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 57.815705][ T8381] tipc: Started in network mode [ 57.815740][ T8381] tipc: Node identity ac14140f, cluster identity 4711 [ 57.815814][ T8381] tipc: New replicast peer: 255.255.255.255 [ 57.815985][ T8381] tipc: Enabled bearer , priority 10 [ 57.961255][ T8379] loop3: detected capacity change from 0 to 512 [ 57.970633][ T8379] EXT4-fs (loop3): external journal device major/minor numbers have changed [ 58.064230][ T8379] EXT4-fs (loop3): failed to open journal device unknown-block(4,3) -6 [ 58.145532][ T8399] loop1: detected capacity change from 0 to 1024 [ 58.153726][ T8399] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 58.153773][ T8399] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 58.159877][ T8399] JBD2: no valid journal superblock found [ 58.159931][ T8399] EXT4-fs (loop1): Could not load journal inode [ 58.187412][ T8404] loop3: detected capacity change from 0 to 2048 [ 58.221696][ T8409] netlink: 'syz.2.644': attribute type 10 has an invalid length. [ 58.267134][ T8404] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 58.278777][ T6650] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:9: bg 0: block 345: padding at end of block bitmap is not set [ 58.278963][ T6650] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 79 with max blocks 1 with error 117 [ 58.278983][ T6650] EXT4-fs (loop3): This should not happen!! Data will be lost [ 58.278983][ T6650] [ 58.280349][ T6535] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 58.385720][ T8423] netlink: 32 bytes leftover after parsing attributes in process `syz.0.647'. [ 58.387296][ T8420] rdma_op 000000006fc6a542 conn xmit_rdma 0000000000000000 [ 58.439444][ T8428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.651'. [ 58.439556][ T8428] netlink: 8 bytes leftover after parsing attributes in process `syz.2.651'. [ 58.805044][ T8447] netlink: 8 bytes leftover after parsing attributes in process `syz.3.658'. [ 58.821103][ T3924] tipc: Node number set to 2886997007 [ 58.896969][ T8458] loop1: detected capacity change from 0 to 256 [ 58.897492][ T8458] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 58.910271][ T8458] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 59.106207][ T8474] netlink: 12 bytes leftover after parsing attributes in process `syz.0.670'. [ 59.180741][ T8481] loop3: detected capacity change from 0 to 512 [ 59.384406][ T8494] pim6reg1: entered promiscuous mode [ 59.384438][ T8494] pim6reg1: entered allmulticast mode [ 59.486360][ T8507] smc: net device bond0 applied user defined pnetid SYZ0 [ 59.488180][ T8507] smc: net device bond0 erased user defined pnetid SYZ0 [ 59.500458][ T31] kauditd_printk_skb: 124 callbacks suppressed [ 59.500506][ T31] audit: type=1326 audit(59.460:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.500539][ T31] audit: type=1326 audit(59.460:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510132][ T31] audit: type=1326 audit(59.480:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510156][ T31] audit: type=1326 audit(59.480:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510173][ T31] audit: type=1326 audit(59.480:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510186][ T31] audit: type=1326 audit(59.480:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510199][ T31] audit: type=1326 audit(59.480:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510211][ T31] audit: type=1326 audit(59.480:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510223][ T31] audit: type=1326 audit(59.480:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.510234][ T31] audit: type=1326 audit(59.480:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8512 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb375c068 code=0x7ffc0000 [ 59.555821][ T8515] loop2: detected capacity change from 0 to 512 [ 59.574779][ T8515] EXT4-fs (loop2): too many log groups per flexible block group [ 59.574929][ T8515] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 59.574967][ T8515] EXT4-fs (loop2): mount failed [ 59.697732][ T8536] netlink: 56 bytes leftover after parsing attributes in process `syz.0.695'. [ 59.699172][ T8536] netlink: 24 bytes leftover after parsing attributes in process `syz.0.695'. [ 59.825846][ T8540] loop4: detected capacity change from 0 to 1024 [ 59.827551][ T8540] EXT4-fs: Ignoring removed bh option [ 59.828590][ T8540] EXT4-fs: inline encryption not supported [ 59.830991][ T8540] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 59.837238][ T8540] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000] [ 59.847959][ T8540] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.697: lblock 2 mapped to illegal pblock 2 (length 1) [ 59.850502][ T8540] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.697: lblock 0 mapped to illegal pblock 48 (length 1) [ 59.851534][ T8540] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.697: Failed to acquire dquot type 0 [ 59.852398][ T8540] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 59.858664][ T8540] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.697: mark_inode_dirty error [ 59.865730][ T8540] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117) [ 59.865823][ T8540] EXT4-fs (loop4): 1 orphan inode deleted [ 59.884786][ T6650] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:9: lblock 1 mapped to illegal pblock 1 (length 1) [ 59.886687][ T6650] EXT4-fs error (device loop4): ext4_release_dquot:6973: comm kworker/u8:9: Failed to release dquot type 0 [ 59.898957][ T6526] EXT4-fs error (device loop4): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0 [ 59.903134][ T6526] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem [ 59.905351][ T6526] EXT4-fs error (device loop4): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error [ 60.071164][ T8549] loop4: detected capacity change from 0 to 2048 [ 60.073285][ T8549] ext4: Unknown parameter 'defcontext' [ 60.123072][ T8493] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 60.123524][ T8493] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 60.123611][ T8493] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 60.123654][ T8493] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 60.323158][ T8569] loop1: detected capacity change from 0 to 1024 [ 60.498696][ T8583] loop1: detected capacity change from 0 to 2048 [ 60.505519][ T6650] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.511933][ T6531] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 60.515022][ T6531] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 60.516237][ T6531] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 60.516653][ T6531] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 60.516860][ T6531] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 60.533931][ T6518] loop1: p1 < > p4 [ 60.536733][ T6518] loop1: p4 size 8388608 extends beyond EOD, truncated [ 60.542718][ T8589] loop4: detected capacity change from 0 to 128 [ 60.564463][ T8583] loop1: p1 < > p4 [ 60.566129][ T8583] loop1: p4 size 8388608 extends beyond EOD, truncated [ 60.593026][ T8591] loop4: detected capacity change from 0 to 128 [ 60.632782][ T7008] udevd[7008]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 60.635651][ T6650] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.667004][ T6518] udevd[6518]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 60.681088][ T8594] bio_check_eod: 102 callbacks suppressed [ 60.682682][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682682][ T8594] loop4: rw=2049, sector=145, nr_sectors = 16 limit=128 [ 60.682751][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682751][ T8594] loop4: rw=2049, sector=169, nr_sectors = 8 limit=128 [ 60.682792][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682792][ T8594] loop4: rw=2049, sector=185, nr_sectors = 8 limit=128 [ 60.682830][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682830][ T8594] loop4: rw=2049, sector=201, nr_sectors = 8 limit=128 [ 60.682867][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682867][ T8594] loop4: rw=2049, sector=217, nr_sectors = 8 limit=128 [ 60.682917][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682917][ T8594] loop4: rw=2049, sector=233, nr_sectors = 8 limit=128 [ 60.682952][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682952][ T8594] loop4: rw=2049, sector=249, nr_sectors = 8 limit=128 [ 60.682987][ T8594] syz.4.720: attempt to access beyond end of device [ 60.682987][ T8594] loop4: rw=2049, sector=265, nr_sectors = 8 limit=128 [ 60.683021][ T8594] syz.4.720: attempt to access beyond end of device [ 60.683021][ T8594] loop4: rw=2049, sector=281, nr_sectors = 8 limit=128 [ 60.683056][ T8594] syz.4.720: attempt to access beyond end of device [ 60.683056][ T8594] loop4: rw=2049, sector=297, nr_sectors = 8 limit=128 [ 60.730561][ T6520] udevd[6520]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory [ 60.732571][ T6518] udevd[6518]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory [ 60.753812][ T8597] ALSA: seq fatal error: cannot create timer (-19) [ 60.786124][ T6650] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.879304][ T6650] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.920614][ T8584] chnl_net:caif_netlink_parms(): no params data found [ 60.992541][ T8584] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.993928][ T8584] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.996310][ T8584] bridge_slave_0: entered allmulticast mode [ 60.997979][ T8584] bridge_slave_0: entered promiscuous mode [ 61.000206][ T8584] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.003850][ T8584] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.005140][ T8584] bridge_slave_1: entered allmulticast mode [ 61.006848][ T8584] bridge_slave_1: entered promiscuous mode [ 61.062153][ T8584] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.074236][ T8584] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.089366][ T6650] bridge_slave_1: left allmulticast mode [ 61.089422][ T6650] bridge_slave_1: left promiscuous mode [ 61.090439][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.100364][ T6650] bridge_slave_0: left allmulticast mode [ 61.100397][ T6650] bridge_slave_0: left promiscuous mode [ 61.100476][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.395249][ T8625] loop0: detected capacity change from 0 to 1024 [ 61.451290][ T6536] Bluetooth: hci0: command 0x0c1a tx timeout [ 61.479363][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 61.506402][ T8631] 9pnet_fd: Insufficient options for proto=fd [ 61.512793][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 61.532269][ T6650] bond0 (unregistering): Released all slaves [ 61.536148][ T6650] bond1 (unregistering): Released all slaves [ 61.549146][ T8584] team0: Port device team_slave_0 added [ 61.549971][ T8584] team0: Port device team_slave_1 added [ 61.593544][ T8584] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.594844][ T8584] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.594876][ T8584] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.613158][ T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.614607][ T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.615013][ T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.615398][ T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 61.615809][ T8584] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.615827][ T8584] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.615848][ T8584] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.683211][ C0] vcan0: j1939_tp_rxtimer: 0x0000000053551106: rx timeout, send abort [ 61.683385][ C0] vcan0: j1939_xtp_rx_abort_one: 0x0000000053551106: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 61.732894][ T8648] loop1: detected capacity change from 0 to 512 [ 61.738654][ T8648] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 61.757626][ T8648] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002] [ 61.757674][ T8648] System zones: 0-2, 18-18, 34-34 [ 61.828542][ T8658] random: crng reseeded on system resumption [ 61.857225][ T8658] Restarting kernel threads ... [ 61.857949][ T8658] Done restarting kernel threads. [ 62.171443][ T6531] Bluetooth: hci2: command 0x0c1a tx timeout [ 62.171840][ T6531] Bluetooth: hci1: command 0x0c1a tx timeout [ 62.175128][ T6536] Bluetooth: hci4: command 0x0c1a tx timeout [ 62.570437][ T8584] hsr_slave_0: entered promiscuous mode [ 62.572690][ T6536] Bluetooth: hci3: command tx timeout [ 62.576932][ T8584] hsr_slave_1: entered promiscuous mode [ 62.579557][ T8584] debugfs: 'hsr0' already exists in 'hsr' [ 62.588304][ T8584] Cannot create hsr debugfs directory [ 62.719939][ T8665] loop0: detected capacity change from 0 to 512 [ 62.743325][ T8665] EXT4-fs error (device loop0): ext4_xattr_inode_iget:442: comm syz.0.737: error while reading EA inode 32 err=-116 [ 62.744114][ T8665] EXT4-fs (loop0): Remounting filesystem read-only [ 62.744156][ T8665] EXT4-fs warning (device loop0): ext4_evict_inode:257: couldn't mark inode dirty (err -30) [ 62.744193][ T8665] EXT4-fs (loop0): 1 orphan inode deleted [ 62.776493][ T8677] serio: Serial port ptm0 [ 62.835813][ T8681] loop4: detected capacity change from 0 to 1024 [ 62.957716][ T8693] __nla_validate_parse: 1 callbacks suppressed [ 62.957752][ T8693] netlink: 3 bytes leftover after parsing attributes in process `syz.2.744'. [ 62.982471][ T6650] hsr_slave_0: left promiscuous mode [ 62.983842][ T6650] hsr_slave_1: left promiscuous mode [ 62.985561][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.985582][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 62.987982][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.987995][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 62.999628][ T6650] veth1_macvtap: left promiscuous mode [ 62.999701][ T6650] veth0_macvtap: left promiscuous mode [ 62.999750][ T6650] veth1_vlan: left promiscuous mode [ 63.000231][ T6650] veth0_vlan: left promiscuous mode [ 63.259684][ T6650] team0 (unregistering): Port device team_slave_1 removed [ 63.273153][ T6650] team0 (unregistering): Port device team_slave_0 removed [ 63.417705][ T8690] team_slave_0: entered promiscuous mode [ 63.417738][ T8690] team_slave_1: entered promiscuous mode [ 63.417794][ T8690] vlan2: entered promiscuous mode [ 63.417802][ T8690] team0: entered promiscuous mode [ 63.438844][ T8693] batadv1: entered promiscuous mode [ 63.438875][ T8693] batadv1: entered allmulticast mode [ 63.676670][ T8704] loop0: detected capacity change from 0 to 512 [ 63.696123][ T6595] hid_parser_main: 46 callbacks suppressed [ 63.701942][ T6595] hid-generic 0000:0000:0000.0004: unknown ** replaying previous printk message ** [ 63.701942][ T6595] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 63.703299][ T8704] [ 63.705445][ T8704] ====================================================== [ 63.706538][ T8704] WARNING: possible circular locking dependency detected [ 63.707696][ T8704] syzkaller #0 Not tainted [ 63.708370][ T8704] ------------------------------------------------------ SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 63.709526][ T8704] syz.0.748/8704 is trying to acquire lock: [ 63.710501][ T8704] ffff0000d58dcb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x150/0x2a0 [ 63.712229][ T8704] [ 63.712229][ T8704] but task is already holding lock: [ 63.713406][ T8704] ffff0000f49a43b8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 63.715063][ T8704] [ 63.715063][ T8704] which lock already depends on the new lock. [ 63.715063][ T8704] [ 63.716870][ T8704] [ 63.716870][ T8704] the existing dependency chain (in reverse order) is: [ 63.718293][ T8704] [ 63.718293][ T8704] -> #2 (&ei->xattr_sem){++++}-{4:4}: [ 63.719576][ T8704] down_write+0x50/0xc0 [ 63.720248][ T8704] ext4_xattr_set_handle+0x11c/0x1260 [ 63.721180][ T8704] ext4_initxattrs+0xa4/0x11c [ 63.722073][ T8704] security_inode_init_security+0x6dc/0x7f4 [ 63.723051][ T8704] ext4_init_security+0x44/0x58 [ 63.723870][ T8704] __ext4_new_inode+0x27f4/0x3190 [ 63.724753][ T8704] ext4_create+0x1f8/0x3fc [ 63.725575][ T8704] path_openat+0x12d8/0x2c40 [ 63.726378][ T8704] do_filp_open+0x18c/0x36c [ 63.727184][ T8704] do_sys_openat2+0x11c/0x1b4 [ 63.727965][ T8704] __arm64_sys_openat+0x120/0x158 [ 63.728848][ T8704] invoke_syscall+0x98/0x2b8 [ 63.729668][ T8704] el0_svc_common+0x130/0x23c [ 63.730431][ T8704] do_el0_svc+0x48/0x58 [ 63.731184][ T8704] el0_svc+0x58/0x180 [ 63.731888][ T8704] el0t_64_sync_handler+0x84/0x12c [ 63.732767][ T8704] el0t_64_sync+0x198/0x19c [ 63.733560][ T8704] [ 63.733560][ T8704] -> #1 (jbd2_handle){++++}-{0:0}: [ 63.734663][ T8704] start_this_handle+0xe74/0x10dc [ 63.735466][ T8704] jbd2__journal_start+0x288/0x51c [ 63.736402][ T8704] __ext4_journal_start_sb+0x378/0x88c [ 63.737438][ T8704] ext4_do_writepages+0xb94/0x39b4 [ 63.738391][ T8704] ext4_writepages+0x178/0x2a0 [ 63.739208][ T8704] do_writepages+0x270/0x468 [ 63.740025][ T8704] file_write_and_wait_range+0x1d0/0x2c4 [ 63.741008][ T8704] ext4_sync_file+0x274/0xb44 [ 63.741823][ T8704] __arm64_sys_fsync+0x170/0x1d4 [ 63.742772][ T8704] invoke_syscall+0x98/0x2b8 [ 63.743573][ T8704] el0_svc_common+0x130/0x23c [ 63.744328][ T8704] do_el0_svc+0x48/0x58 [ 63.745023][ T8704] el0_svc+0x58/0x180 [ 63.745736][ T8704] el0t_64_sync_handler+0x84/0x12c [ 63.746647][ T8704] el0t_64_sync+0x198/0x19c [ 63.747429][ T8704] [ 63.747429][ T8704] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 63.748964][ T8704] __lock_acquire+0x1774/0x30a4 [ 63.749764][ T8704] lock_acquire+0x14c/0x2e0 [ 63.750477][ T8704] percpu_down_read_internal+0x5c/0x298 [ 63.751337][ T8704] ext4_writepages+0x150/0x2a0 [ 63.752103][ T8704] do_writepages+0x270/0x468 [ 63.752851][ T8704] __writeback_single_inode+0x15c/0x13e8 [ 63.753727][ T8704] writeback_single_inode+0x18c/0x54c [ 63.754626][ T8704] write_inode_now+0x13c/0x1a4 [ 63.755357][ T8704] iput+0x570/0x83c [ 63.756009][ T8704] ext4_xattr_block_set+0x13dc/0x24bc [ 63.756996][ T8704] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 63.757937][ T8704] __ext4_expand_extra_isize+0x2a0/0x37c [ 63.758828][ T8704] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 63.759729][ T8704] ext4_evict_inode+0x930/0x1084 [ 63.760503][ T8704] evict+0x414/0x928 [ 63.761138][ T8704] iput+0x6e4/0x83c [ 63.761756][ T8704] ext4_process_orphan+0x240/0x2b4 [ 63.762559][ T8704] ext4_orphan_cleanup+0x930/0x107c [ 63.763351][ T8704] ext4_fill_super+0x4724/0x4ea4 [ 63.764185][ T8704] get_tree_bdev_flags+0x360/0x414 [ 63.765018][ T8704] get_tree_bdev+0x2c/0x3c [ 63.765694][ T8704] ext4_get_tree+0x28/0x38 [ 63.766390][ T8704] vfs_get_tree+0x90/0x28c [ 63.767111][ T8704] do_new_mount+0x278/0x7f4 [ 63.767965][ T8704] path_mount+0x5b4/0xde0 [ 63.768775][ T8704] __arm64_sys_mount+0x3e8/0x468 [ 63.769733][ T8704] invoke_syscall+0x98/0x2b8 [ 63.770578][ T8704] el0_svc_common+0x130/0x23c [ 63.771406][ T8704] do_el0_svc+0x48/0x58 [ 63.772140][ T8704] el0_svc+0x58/0x180 [ 63.772800][ T8704] el0t_64_sync_handler+0x84/0x12c [ 63.773701][ T8704] el0t_64_sync+0x198/0x19c [ 63.774564][ T8704] [ 63.774564][ T8704] other info that might help us debug this: [ 63.774564][ T8704] [ 63.776097][ T8704] Chain exists of: [ 63.776097][ T8704] &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem [ 63.776097][ T8704] [ 63.778071][ T8704] Possible unsafe locking scenario: [ 63.778071][ T8704] [ 63.779127][ T8704] CPU0 CPU1 [ 63.779854][ T8704] ---- ---- [ 63.780686][ T8704] lock(&ei->xattr_sem); [ 63.781297][ T8704] lock(jbd2_handle); [ 63.782295][ T8704] lock(&ei->xattr_sem); [ 63.783373][ T8704] rlock(&sbi->s_writepages_rwsem); [ 63.784239][ T8704] [ 63.784239][ T8704] *** DEADLOCK *** [ 63.784239][ T8704] [ 63.785563][ T8704] 3 locks held by syz.0.748/8704: [ 63.786362][ T8704] #0: ffff0000d58d80e0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x1a0/0x80c [ 63.787821][ T8704] #1: ffff0000d58d8618 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b0/0x1084 [ 63.789218][ T8704] #2: ffff0000f49a43b8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc [ 63.790793][ T8704] [ 63.790793][ T8704] stack backtrace: [ 63.791603][ T8704] CPU: 0 UID: 0 PID: 8704 Comm: syz.0.748 Not tainted syzkaller #0 PREEMPT [ 63.792837][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 63.794335][ T8704] Call trace: [ 63.794786][ T8704] show_stack+0x2c/0x3c (C) [ 63.795447][ T8704] __dump_stack+0x30/0x40 [ 63.796090][ T8704] dump_stack_lvl+0xd8/0x12c [ 63.796738][ T8704] dump_stack+0x1c/0x28 [ 63.797369][ T8704] print_circular_bug+0x324/0x32c [ 63.798204][ T8704] check_noncircular+0x154/0x174 [ 63.798956][ T8704] __lock_acquire+0x1774/0x30a4 [ 63.799665][ T8704] lock_acquire+0x14c/0x2e0 [ 63.800312][ T8704] percpu_down_read_internal+0x5c/0x298 [ 63.801191][ T8704] ext4_writepages+0x150/0x2a0 [ 63.801886][ T8704] do_writepages+0x270/0x468 [ 63.802591][ T8704] __writeback_single_inode+0x15c/0x13e8 [ 63.803406][ T8704] writeback_single_inode+0x18c/0x54c [ 63.804212][ T8704] write_inode_now+0x13c/0x1a4 [ 63.804953][ T8704] iput+0x570/0x83c [ 63.805535][ T8704] ext4_xattr_block_set+0x13dc/0x24bc [ 63.806360][ T8704] ext4_expand_extra_isize_ea+0xeb4/0x182c [ 63.807268][ T8704] __ext4_expand_extra_isize+0x2a0/0x37c [ 63.808173][ T8704] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 63.809035][ T8704] ext4_evict_inode+0x930/0x1084 [ 63.809804][ T8704] evict+0x414/0x928 [ 63.810387][ T8704] iput+0x6e4/0x83c [ 63.810957][ T8704] ext4_process_orphan+0x240/0x2b4 [ 63.811687][ T8704] ext4_orphan_cleanup+0x930/0x107c [ 63.812560][ T8704] ext4_fill_super+0x4724/0x4ea4 [ 63.813274][ T8704] get_tree_bdev_flags+0x360/0x414 [ 63.814013][ T8704] get_tree_bdev+0x2c/0x3c [ 63.814798][ T8704] ext4_get_tree+0x28/0x38 [ 63.815568][ T8704] vfs_get_tree+0x90/0x28c [ 63.816279][ T8704] do_new_mount+0x278/0x7f4 [ 63.816965][ T8704] path_mount+0x5b4/0xde0 [ 63.817641][ T8704] __arm64_sys_mount+0x3e8/0x468 [ 63.818397][ T8704] invoke_syscall+0x98/0x2b8 [ 63.819182][ T8704] el0_svc_common+0x130/0x23c [ 63.819909][ T8704] do_el0_svc+0x48/0x58 [ 63.820554][ T8704] el0_svc+0x58/0x180 [ 63.821191][ T8704] el0t_64_sync_handler+0x84/0x12c [ 63.821992][ T8704] el0t_64_sync+0x198/0x19c [ 63.848774][ T6595] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 63.935053][ T8704] ------------[ cut here ]------------ [ 63.935081][ T8704] EA inode 11 i_nlink=2 [ 63.936898][ T8704] WARNING: CPU: 1 PID: 8704 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x444/0x488 [ 63.938926][ T8704] Modules linked in: [ 63.939504][ T8704] CPU: 1 UID: 0 PID: 8704 Comm: syz.0.748 Not tainted syzkaller #0 PREEMPT [ 63.940727][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025 [ 63.942100][ T8704] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--) [ 63.943421][ T8704] pc : ext4_xattr_inode_update_ref+0x444/0x488 [ 63.944392][ T8704] lr : ext4_xattr_inode_update_ref+0x444/0x488 [ 63.945292][ T8704] sp : ffff80009dc06dc0 [ 63.945884][ T8704] x29: ffff80009dc06e50 x28: 0000000000000000 x27: 1fffe0001e932091 [ 63.947092][ T8704] x26: dfff800000000000 x25: ffff80009dc06dc0 x24: ffff700013b80db8 [ 63.948471][ T8704] x23: ffff800092e12000 x22: ffff0000f49902d8 x21: 0000000000000002 [ 63.949814][ T8704] x20: 0000000000000001 x19: ffff0000f4990298 x18: 1fffe0003379be88 [ 63.951133][ T8704] x17: ffff80008f7de000 x16: ffff80008b0141e8 x15: 0000000000000001 [ 63.952379][ T8704] x14: 1fffe0003379e908 x13: 0000000000000000 x12: 0000000000000000 [ 63.953674][ T8704] x11: 0000000000080000 x10: 0000000000000003 x9 : a565ffe5923a0c00 [ 63.954997][ T8704] x8 : a565ffe5923a0c00 x7 : 0000000000000000 x6 : ffff800080491290 [ 63.956342][ T8704] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000010 [ 63.957773][ T8704] x2 : ffff80009dc06980 x1 : ffff80008b668440 x0 : 0000000000000001 [ 63.959162][ T8704] Call trace: [ 63.959778][ T8704] ext4_xattr_inode_update_ref+0x444/0x488 (P) [ 63.960772][ T8704] ext4_xattr_set_entry+0x928/0x15c0 [ 63.961608][ T8704] ext4_xattr_ibody_set+0x204/0x5fc [ 63.962441][ T8704] ext4_expand_extra_isize_ea+0xefc/0x182c [ 63.963371][ T8704] __ext4_expand_extra_isize+0x2a0/0x37c [ 63.964351][ T8704] __ext4_mark_inode_dirty+0x3c0/0x6fc [ 63.965216][ T8704] ext4_evict_inode+0x930/0x1084 [ 63.966063][ T8704] evict+0x414/0x928 [ 63.966673][ T8704] iput+0x6e4/0x83c [ 63.967253][ T8704] ext4_process_orphan+0x240/0x2b4 [ 63.968056][ T8704] ext4_orphan_cleanup+0x930/0x107c [ 63.968870][ T8704] ext4_fill_super+0x4724/0x4ea4 [ 63.969633][ T8704] get_tree_bdev_flags+0x360/0x414 [ 63.970450][ T8704] get_tree_bdev+0x2c/0x3c [ 63.971153][ T8704] ext4_get_tree+0x28/0x38 [ 63.971887][ T8704] vfs_get_tree+0x90/0x28c [ 63.972597][ T8704] do_new_mount+0x278/0x7f4 [ 63.973357][ T8704] path_mount+0x5b4/0xde0 [ 63.974074][ T8704] __arm64_sys_mount+0x3e8/0x468 [ 63.974872][ T8704] invoke_syscall+0x98/0x2b8 [ 63.975565][ T8704] el0_svc_common+0x130/0x23c [ 63.976278][ T8704] do_el0_svc+0x48/0x58 [ 63.976905][ T8704] el0_svc+0x58/0x180 [ 63.977555][ T8704] el0t_64_sync_handler+0x84/0x12c [ 63.978333][ T8704] el0t_64_sync+0x198/0x19c [ 63.979043][ T8704] irq event stamp: 21093 [ 63.979688][ T8704] hardirqs last enabled at (21093): [] _raw_spin_unlock_irqrestore+0x38/0x98 [ 63.981421][ T8704] hardirqs last disabled at (21092): [] _raw_spin_lock_irqsave+0x2c/0x7c [ 63.983063][ T8704] softirqs last enabled at (20342): [] local_bh_enable+0x10/0x34 [ 63.984683][ T8704] softirqs last disabled at (20340): [] local_bh_disable+0x10/0x34 [ 63.986301][ T8704] ---[ end trace 0000000000000000 ]--- [ 64.027037][ T8704] EXT4-fs (loop0): 1 orphan inode deleted [ 64.293224][ T6650] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.293257][ T6650] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.343383][ T6650] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.343414][ T6650] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.422680][ T6650] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.422711][ T6650] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.452620][ T6650] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 64.452650][ T6650] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.492232][ T2413] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.562738][ T6650] bridge_slave_1: left allmulticast mode [ 64.562767][ T6650] bridge_slave_1: left promiscuous mode [ 64.562839][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.566412][ T6650] bridge_slave_0: left allmulticast mode [ 64.566431][ T6650] bridge_slave_0: left promiscuous mode [ 64.566496][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.667566][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 64.691458][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 64.721820][ T6650] bond0 (unregistering): (slave dummy0): Releasing backup interface [ 64.731497][ T6650] bond0 (unregistering): Released all slaves [ 65.083869][ T6650] hsr_slave_0: left promiscuous mode [ 65.084992][ T6650] hsr_slave_1: left promiscuous mode [ 65.086105][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.087289][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.088817][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.090047][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.093440][ T6650] veth1_macvtap: left promiscuous mode [ 65.093478][ T6650] veth0_macvtap: left promiscuous mode [ 65.093517][ T6650] veth1_vlan: left promiscuous mode [ 65.093544][ T6650] veth0_vlan: left promiscuous mode [ 65.175650][ T6650] team0 (unregistering): Port device team_slave_1 removed [ 65.184550][ T6650] team0 (unregistering): Port device team_slave_0 removed [ 66.212458][ T6650] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.272953][ T6650] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.313230][ T6650] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.353841][ T6650] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.460296][ T6650] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.492587][ T6650] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.525767][ T6650] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.576155][ T6650] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.672841][ T6650] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.715345][ T6650] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.747027][ T6650] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.795239][ T6650] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 66.878707][ T6650] bridge_slave_1: left allmulticast mode [ 66.879750][ T6650] bridge_slave_1: left promiscuous mode [ 66.883599][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.885424][ T6650] bridge_slave_0: left allmulticast mode [ 66.886335][ T6650] bridge_slave_0: left promiscuous mode [ 66.887345][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.896352][ T6650] bridge_slave_1: left allmulticast mode [ 66.896387][ T6650] bridge_slave_1: left promiscuous mode [ 66.896465][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.900791][ T6650] bridge_slave_0: left allmulticast mode [ 66.900809][ T6650] bridge_slave_0: left promiscuous mode [ 66.900867][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.904860][ T6650] bond1: left allmulticast mode [ 66.905819][ T6650] bond1: left promiscuous mode [ 66.906704][ T6650] bridge0: port 3(bond1) entered disabled state [ 66.908271][ T6650] bridge_slave_1: left allmulticast mode [ 66.909145][ T6650] bridge_slave_1: left promiscuous mode [ 66.910053][ T6650] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.912859][ T6650] bridge_slave_0: left allmulticast mode [ 66.913810][ T6650] bridge_slave_0: left promiscuous mode [ 66.914783][ T6650] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.144189][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.181210][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.201091][ T6650] bond0 (unregistering): Released all slaves [ 67.247007][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.271246][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.291082][ T6650] bond0 (unregistering): Released all slaves [ 67.292749][ T6650] bond1 (unregistering): Released all slaves [ 67.339272][ T6650] bond0 (unregistering): Released all slaves [ 67.413095][ T6650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.442341][ T6650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.460976][ T6650] bond0 (unregistering): Released all slaves [ 67.488425][ T6650] bond1 (unregistering): Released all slaves [ 67.523108][ T6650] tipc: Disabling bearer [ 67.523172][ T6650] tipc: Left network mode [ 67.571592][ T6650] tipc: Disabling bearer [ 67.572551][ T6650] tipc: Left network mode [ 68.702457][ T6650] hsr_slave_0: left promiscuous mode [ 68.703440][ T6650] hsr_slave_1: left promiscuous mode [ 68.704333][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.704603][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.707862][ T6650] hsr_slave_0: left promiscuous mode [ 68.708809][ T6650] hsr_slave_1: left promiscuous mode [ 68.709111][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.709121][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.709857][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.709865][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.714621][ T6650] hsr_slave_0: left promiscuous mode [ 68.715605][ T6650] hsr_slave_1: left promiscuous mode [ 68.715772][ T6650] batman_adv: batadv0: Interface deactivated: virt_wifi0 [ 68.715780][ T6650] batman_adv: batadv0: Removing interface: virt_wifi0 [ 68.719792][ T6650] hsr_slave_0: left promiscuous mode [ 68.721621][ T6650] hsr_slave_1: left promiscuous mode [ 68.721794][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.721803][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.722701][ T6650] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.722709][ T6650] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.732996][ T6650] veth1_macvtap: left promiscuous mode [ 68.733029][ T6650] veth0_macvtap: left promiscuous mode [ 68.733066][ T6650] veth1_vlan: left promiscuous mode [ 68.733091][ T6650] veth0_vlan: left promiscuous mode [ 68.736600][ T6650] veth1_macvtap: left promiscuous mode [ 68.736625][ T6650] veth0_macvtap: left promiscuous mode [ 68.736667][ T6650] veth1_vlan: left promiscuous mode [ 68.736694][ T6650] veth0_vlan: left promiscuous mode [ 68.740079][ T6650] veth1_vlan: left promiscuous mode [ 68.740114][ T6650] veth0_vlan: left promiscuous mode [ 68.840793][ T6650] team0 (unregistering): Port device team_slave_1 removed [ 68.842664][ T6650] team0 (unregistering): Port device team_slave_0 removed [ 68.924704][ T6650] team_slave_1 (unregistering): left promiscuous mode [ 68.925956][ T6650] team0 (unregistering): Port device team_slave_1 removed [ 68.932341][ T6650] team_slave_0 (unregistering): left promiscuous mode [ 68.933612][ T6650] team0 (unregistering): Port device team_slave_0 removed [ 69.168542][ T6650] team0 (unregistering): Port device team_slave_1 removed [ 69.180421][ T6650] team0 (unregistering): Port device team_slave_0 removed [ 70.184707][ T6650] IPVS: stop unused estimator thread 0...