last executing test programs: 30.992748971s ago: executing program 4 (id=1674): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000bc0)={0x8c, r1, 0x1, 0x70bd28, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x70, 0x33, @beacon={{{}, {0xde1}, @broadcast, @device_a, @initial, {0x0, 0x200}}, 0x8000003, @random=0x1, 0x1, @void, @val, @val={0x3, 0x1, 0xc}, @void, @val={0x6, 0x2, 0x7}, @val={0x5, 0x3, {0x19, 0x9a, 0x40}}, @val={0x25, 0x3, {0x0, 0x68, 0x7d}}, @val={0x2a, 0x1}, @val={0x3c, 0x4, {0x0, 0x7, 0xb, 0x5}}, @val={0x2d, 0x1a, {0x2, 0x0, 0x3, 0x0, {0xffffffffffffffff, 0xf34, 0x0, 0x5, 0x0, 0x1, 0x1, 0x3}, 0x7, 0x6, 0x8}}, @val={0x72, 0x6}, @void, @void, [{0xdd, 0x6, "51f449b4327d"}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000080) 30.938305888s ago: executing program 4 (id=1676): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) write$uinput_user_dev(r0, &(0x7f0000001740)={'syz1\x00', {0x8000}, 0x4, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x2, 0x0, 0xfffffffa, 0xc0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0xffffffff, 0xd6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1000, 0x10], [0x0, 0xffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x8001, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x2, 0x200, 0xfffffffe, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000002, 0x0, 0x0, 0x0, 0x400, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x806, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x20000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x681, 0x0, 0x0, 0x39c, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x2]}, 0x45c) ioctl$UI_DEV_CREATE(r0, 0x5501) ioctl$UI_DEV_SETUP(r0, 0x405c5503, 0x0) 30.878479196s ago: executing program 4 (id=1680): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x8c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x5c, 0x2, {{}, [@TCA_NETEM_RATE={0x14, 0xe}, @TCA_NETEM_SLOT={0x2c, 0xc, {0x5, 0x6, 0x0, 0x7, 0x4, 0x80000003}}]}}}]}, 0x8c}}, 0x0) 30.802795455s ago: executing program 4 (id=1683): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) mount$nfs4(&(0x7f0000000040)='/', &(0x7f0000000080)='./file0\x00', 0x0, 0x197841, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000240)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x102) 30.802184891s ago: executing program 4 (id=1684): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @empty}, 0x10) syz_emit_ethernet(0x42, &(0x7f0000000540)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x15}, @void, {@ipv6={0x86dd, @udp={0xa, 0x6, '\x00', 0xc, 0x11, 0x0, @local, @ipv4={'\x00', '\xff\xff', @loopback}, {[], {0x4e1f, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x100, @void}}}}}}}}, 0x0) 30.46781515s ago: executing program 4 (id=1696): timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(r0, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000640)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timer_delete(0x0) 30.395811527s ago: executing program 32 (id=1696): timer_create(0x3, 0x0, &(0x7f0000044000)=0x0) timer_settime(r0, 0x1, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000640)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) timer_delete(0x0) 22.15993408s ago: executing program 5 (id=2031): r0 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @remote}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x4, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x10001}}}}}, 0x0) 22.114260048s ago: executing program 5 (id=2034): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='syz_tun\x00', 0x10) syz_emit_ethernet(0x3a, &(0x7f00000001c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010100, @empty=0xe0000001}, {0x0, 0x4e20, 0x18, 0x0, @wg=@data={0x4, 0xb7, 0x80}}}}}}, 0x0) 22.062443473s ago: executing program 5 (id=2038): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000002240)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r0, r1, 0x6, 0x0, @val=@iter={0x0}}, 0x20) mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000100)='vfat\x00', 0x21c000, 0x0) 21.994742887s ago: executing program 5 (id=2041): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3ctvVNUfAPDvvX3S/n62EBPFhZAYA4nS0gKGGBPp3hB8/AOVFkIolLQ1sUDCkOjSuHFh4sqF+F8oiTvjwq0L94aEGMNCDJExd3qnTKcz0+c8mPl8kqH31Xu+t/Tbc+6Zc+4E0LOOZv+kEYcj4kYSMVaxrz/ynUfXjnv01+2L2SuJYvHDP5O4fScpVJ4ryb+O5t/871gkv6YRh/o2l7u8evPq7MLC/FK+Prly7cbk8urNE1euzV6evzx/ffqt6bNnTp85O3Vy79dX5btvniRT3/9+Polz8TSPLbuu6uOG9lRyVvbRKK55XLk9+7me3eO5O8XfY+Xfk2eS6g10rEt53g5ExEsxFn0V/5tj8fn7bQ0OaKpiEuU6Cug5SZ38/3mm0V+G4abFA7RKuR1QvrevdR+8WdrkVgnQCg9n1jqk1nJ/ICLK+d+f950Nl/oGRh4lG/p5kojYW8/cmqyMX346/1n2ijr9cEBzFO6We7mr6/+klJvjMVxaG3mUbsz/QrGY5i2BbPsHuyy/un9e/kPrFO5GxMt5/T8Y287/NM/dcv5/vMvy5T8AAAAAAADsn/szEfFmrfF/6fr4n8Ea439GI+LcPpS/9ft/6YN8Iak6dHAfioee9nAm4p2a43/Xx/iO9+Vr/y+NB7iVXLqyMH8yIl6IiOMxMJStT1Wdt3KE8IkvDn1dr/zK8X/ZKyu/PBYwP9OD/qqJuHOzK7N7vW4g4uHdiFdK43+P5Fs2jv/J6v+kRv2f5feNbZZx6PV7F+rt2zr/gWYpfhtxrGb9/6y5nTR+PsdkqT0wWW4VbPbqrS9/qFd+df434RKBOrL6f6Rx/g8llc/rWd7Z+bOb9FOr/cV6+3fb/h9MPuqLik6AT2dXVpamIgaT9zZvn95ZzNCt8nw4Enm+ZPl//LXG/X/r7f+KPDwQEYVtlDe8xX7tf2ifLP/nGtf/4xvr/50vTN8b/7Fe+Re2Vf+fLtXpx/Mt+v+g0ubncWw3QdsSLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA859KI+F8k6cT6cppOTESMRsSLMZIuLC6vvHFp8ZPrc9m+iPEYSMuf9Du2tp6UP/9/vGJ9umr9VEQcjIiv+g6U1icuLi7MtfviAQAAAAAAAAAAAAAAAAAAoEOMlub8F4eq5/9n/uhrd3RA0/XnX+U79J7+XX9ncWhfAwFabvf5DzzHsnv+HeT/QDNjAdqgfv4/flIsaWk4QAtp/0Pv2mX+e7sAuoD6H3rVNvv0hpsdB9AO6n8AAAAAAOgqB4/c/y2JiMLbB0qvzGC+z2B/6G5puwMA2sYYXuhd/YvtjgBoF/f4QLK+9E/Nyf71R/8nzQkIAAAAAAAAAAAAANjk2GHz/6FXNZ7/b2w/dLMG8/9rJb/HBUAXqf/RH+p+6Hbu8YGtanvz/wEAAAAAAAAAAACgAwzfvDq7sDC/tLz6/C282xlh7GyhMNsRYexgoXgnovExT5tT+kBEdMoPYWk5i6ZVZZUfwdHGS27z3yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDdfwEAAP//+sobJQ==") mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80) getdents64(r0, &(0x7f0000000400)=""/4096, 0x1000) 21.875363459s ago: executing program 5 (id=2045): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x54, r1, 0x1, 0x70bd2c, 0xffffffff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x2c, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x6}, @NL80211_KEY_DATA_WEP40={0x9, 0xa}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "8e0000001d00d18300"}]}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x54}}, 0x40) 21.570595688s ago: executing program 5 (id=2054): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x40, 0x4) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="480000001400190d7ebdeb75fd0d9c562c84d8c033aae421962ea6ff3cd3c461ebe430a2ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6", 0x48}], 0x1) 21.499815189s ago: executing program 33 (id=2054): r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x40, 0x4) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) writev(r1, &(0x7f0000000000)=[{&(0x7f0000000180)="480000001400190d7ebdeb75fd0d9c562c84d8c033aae421962ea6ff3cd3c461ebe430a2ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6", 0x48}], 0x1) 1.605276814s ago: executing program 3 (id=2722): setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@dev={0xfe, 0x80, '\x00', 0x3c}, 0xb73, 0x2, 0x0, 0x1, 0x5, 0xffff}, 0x20) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl(r0, 0x8b32, &(0x7f0000000040)) 1.485424206s ago: executing program 0 (id=2725): syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000200)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@noacl}, {@nodiscard}, {@jqfmt_vfsv0}, {@auto_da_alloc}], [], 0x2c}, 0x1, 0x469, &(0x7f0000001b00)="$eJzs28tvG8UfAPDvOnHf/SW/Uh4tBQzlEfFImrRAD1yKQOoFCQkO5RjStCp1G9QEiVYVDRzKEfUvAI5I/AWc6AUBJxBXuCOkCvVCQQItWnttTPzAseO6rT8faeOd3dnd+e7sJLMzTgAjq5T9SCJ2RMSPETEREWNrM5SqHzeuX1z4/frFhSTS9LVfk+yw+O36xYVa1iT/3J4npgr1TU2Wz184PV8uL57L0zMrZ96eWT5/4ZlTZ+ZPLp5cPDt3+PChg7PPPzf37IbEuTMr6973lvbtOfrGlVcWjl1585vPs8LtyPc3xlE12fc1S1FqewMe6/vst5ad+WfbCueWlLX18YgoVtr/RIxVUlUT8fIHQy0cMFBpmqabm7bWewCrKXAHS2LYJQCGo/aHPnv/rS03sfsxdNeOVF+Asrhv5Et1z3gU8jzFhvfbjVaKiGOrf3ycLdFyHAIAYGN9mfV/nm7V/yvEPQ35/pfPDU1GxP8jYldE3BURuyPi7ohK3nsj4r51Xr+0Jt3c//l+a0+BdenakUheyOe2/t3/q/X+YnIsT+2sxF9MTpwqLx7I78lUFDdn6dkO17j60g8ftdvX2P/Lluz6tb5gXo5fxtcM0B2fX5nvJ+ZG196vjAFeao4/qc8EJBGxJyL29nD+LRFx6snP9jXtaJgo6hx/B+M9FGiN9NOIJ6r1vxpr4m8saof5yZktUV48MFN7Kpp9+93lV9td/7/rf7Cy+t/W8vmvxz+ZNM7XLq//Gpd/+rDtO02vz/+m5PXK+qZ827vzKyvnZiM2JavN2+f+ObaWruXP4p/a37r974r465P8uPsjInuIH4iIByPiobzsD0fEIxGxv0P8X7/46Fu9xz9YWfzH11X/618ZO/3VF+2u3139H6qsTeVbuvn9120B+7l3AAAAcLsoVL4DnxSm6+uFwvR09Tv8u2Nboby0vPLUiaV3zh6vfld+MoqF2kjXRMN46Gw+5lJLz+VjxbX0wcq4cZqm6dZKenphqTyoOXWgO9vbtP/Mz2PDLh0wcOuaR/MfXnBH2YB5dOA2pf3D6NL+YXRp/zC6WrX/SxE3hlAU4Cbz9x9Gl/YPo0v7h9Gl/cNI6uf/+jut7Do6qDPfjitXI6JdnrGez7w5Ivot4ePbez08CsO+q92vFPOnvb6l0CLzn8MqYVaP3Wa+FDerYEP+xQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBB/g4AAP//rQblOA==") chdir(&(0x7f0000000140)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x10) ioctl$EXT4_IOC_SETFSUUID(r0, 0x4008662c, &(0x7f0000000000)={0x10, 0x700, "a94c73226e212948dc4a488b51caec42"}) 1.48345997s ago: executing program 6 (id=2727): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) 1.379484466s ago: executing program 3 (id=2729): r0 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4}}]}, 0x34}}, 0x0) 1.297326012s ago: executing program 6 (id=2732): r0 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(r0, &(0x7f0000000000)={0x1d, r1}, 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f00000002c0)=[{{0x2, 0x1, 0x1}, {0x0, 0x0, 0x1}}], 0x8) 1.253765941s ago: executing program 0 (id=2733): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r2, @ANYBLOB="0600340012f800000400bf00040046000a0006"], 0x38}, 0x1, 0x0, 0x0, 0x4010}, 0x0) 1.201663305s ago: executing program 3 (id=2735): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x10, 0x7fff0000}]}) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_clone(0x1000000, 0x0, 0xfffffd11, 0x0, 0x0, 0x0) fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) 1.198070581s ago: executing program 6 (id=2736): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00001700000000001c0037800b0001006970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x240080d8}, 0x0) 1.062018141s ago: executing program 6 (id=2740): bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x0, 0x8, 0x7, 0x0, 0x1, 0x3}, 0x50) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000080)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) 1.06130323s ago: executing program 0 (id=2741): unshare(0x28000600) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000ac0)=ANY=[@ANYBLOB="02"], 0x1008, 0x0) msgctl$IPC_RMID(0x0, 0x0) 973.491325ms ago: executing program 1 (id=2742): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) madvise(&(0x7f000050a000/0x4000)=nil, 0x4000, 0x64) 973.236266ms ago: executing program 6 (id=2743): unshare(0x2c020400) r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0) msgrcv(r0, &(0x7f0000001080)={0x0, ""/1}, 0x2000, 0x2, 0x3000) 970.876843ms ago: executing program 2 (id=2744): prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1) r0 = socket$kcm(0xa, 0x922000000003, 0x11) sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000002c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1={0xff, 0x2}}, 0x80, &(0x7f0000001500)=[{&(0x7f0000000000), 0x4c00}], 0x1}, 0x0) recvmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x1200, &(0x7f0000000040)=[{&(0x7f0000000340)=""/4106, 0x5a8}], 0x10}, 0x406) 969.423669ms ago: executing program 0 (id=2745): r0 = socket$kcm(0x10, 0x2, 0x4) r1 = socket$kcm(0xa, 0x1, 0x0) sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000280)=@in6={0xa, 0x4001, 0x0, @empty}, 0x80, 0x0}, 0x20000001) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x320, &(0x7f0000000180)=[{&(0x7f0000000340)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f1400000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec001210000140090c0c00bdad446b9bbc7a46e39882a5dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1, 0x0, 0x0, 0xff0f0000}, 0x0) 878.63358ms ago: executing program 6 (id=2746): syz_emit_ethernet(0xbe, &(0x7f0000000100)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0xff}, @multicast1}, {0x2, 0x0, 0x9c, 0x0, @wg=@initiation={0x1, 0x0, "d8faebab25c9440f1e0b429560dea05fcfa134c5886328060189b9c9d245a4ec", "ddff6f80bb17115c263975c19a199a87b509ec91752b1f6b9fe52dd68897d0dd66c8047ecb3c1ccab1b385024cd3ef42", "7af3756a000040002683eb956c290000000000220000000400000008", {"e311f95152ce9fab74b351abd67a3e95", "f543716814ec69725136619246be0a0c"}}}}}}}, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6, 0x0, 0x2}]}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0502103, &(0x7f0000000180)={0x0, 0xfff, 0x100fe}) 803.231054ms ago: executing program 3 (id=2747): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 802.314996ms ago: executing program 2 (id=2748): r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x400, 0x1, &(0x7f0000000280)=[r1], 0xffffffffffffffff, 0x0, 0x0}) 795.868937ms ago: executing program 0 (id=2749): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket(0xa, 0x1, 0x0) sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000180)={0x3c, r1, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r2}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x7ffb}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008040}, 0x20000000) 609.227466ms ago: executing program 1 (id=2750): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000280)={0x4403, 0x215, 0x1, 0x4, 0x7, 0x0, 0x40}, 0xc) listen(r0, 0xb) 529.050295ms ago: executing program 3 (id=2751): r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000400), r0) getsockname$packet(r0, &(0x7f0000000280)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x48, 0x10, 0x503, 0x81ff, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, 0x4817, 0x20040}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, r1, 0x826d, 0x68020}}}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x40850) 405.353459ms ago: executing program 1 (id=2752): r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000180)={0x1000, 0x2, 0x2, 0x0, 0xfe}) ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405668, &(0x7f0000000100)={0x0, 0x1, 0x2, 0x800}) close(r0) 399.428584ms ago: executing program 2 (id=2753): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78434c00088048000080200009801c000080060001000a00000008000200e0000002050003000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff08000100", @ANYRES32=r2], 0x8c}, 0x1, 0x0, 0x0, 0x20000001}, 0x0) 358.290939ms ago: executing program 1 (id=2754): r0 = socket$rds(0x15, 0x5, 0x0) bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) 272.765501ms ago: executing program 1 (id=2755): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_serviced\x00', 0x275a, 0x0) write$UHID_INPUT(r0, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125b2ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb03bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2033aae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b85b7b26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1111c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c669bb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b2967cbfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d6748c2ce5bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4658098549646bd63175adf77b5cdcf102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4baea02fa76fb4830aebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f8426a9049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21abfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e0068607000000fb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9fb4000000f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002afea6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b46e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae66444a8f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006) mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0) mq_timedreceive(r0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x989680}) 200.945646ms ago: executing program 2 (id=2756): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000}, 0x94) bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r1, r0, 0x15, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0}}, 0x30) 199.452138ms ago: executing program 0 (id=2757): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@resgid}, {@nodioread_nolock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resgid}, {@errors_remount}, {@grpid}, {@orlov}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181c42, 0x56) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) madvise(&(0x7f0000765000/0x2000)=nil, 0x2000, 0x3) 106.642442ms ago: executing program 2 (id=2758): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/key-users\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020) pread64(r0, &(0x7f0000002080)=""/108, 0x6c, 0x100000000000055) read$FUSE(r0, &(0x7f0000004240)={0x2020}, 0x2020) 44.081925ms ago: executing program 3 (id=2759): bpf$MAP_CREATE(0x0, 0x0, 0x50) syz_open_procfs(0x0, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="600000000002010400000000000000000a0000000400018004000380440002800c00028005000100000000002c00018014000300fc0000000000000004000000000000000e000400fe8000"/86], 0x60}}, 0x0) 255.969µs ago: executing program 2 (id=2760): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x480}) unshare(0x480) pselect6(0x40, &(0x7f0000001380)={0x6, 0xfffffffffffffffa, 0x9, 0x5d7, 0x6, 0x8, 0xc444}, &(0x7f00000013c0)={0xf, 0x9, 0x400, 0x6, 0x8000, 0xb, 0x4ea2, 0x400}, 0x0, 0x0, 0x0) 0s ago: executing program 1 (id=2761): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x40, r1, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random='n'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_KEYS={0x10, 0x51, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_KEY_MODE={0x5}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8041}, 0x0) kernel console output (not intermixed with test programs): .908524][ T6945] loop2: lost filesystem error report for type 5 error -117 [ 45.908769][ T6945] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2972: inode #11: comm syz.2.923: corrupted xattr block 95: invalid header [ 45.908785][ T6945] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 45.910784][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 45.911026][ T6945] EXT4-fs warning (device loop2): ext4_evict_inode:287: xattr delete (err -117) [ 45.911071][ T6945] EXT4-fs (loop2): 1 orphan inode deleted [ 45.911527][ T6945] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 45.999333][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 46.221613][ T4781] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 46.350792][ T4781] usb 1-1: device descriptor read/64, error -71 [ 46.591557][ T4781] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 46.722331][ T4781] usb 1-1: device descriptor read/64, error -71 [ 46.794428][ T6997] netlink: 28 bytes leftover after parsing attributes in process `syz.4.936'. [ 46.832323][ T4781] usb usb1-port1: attempt power cycle [ 46.849603][ T7003] dummy0: entered allmulticast mode [ 46.850124][ T7003] dummy0: left allmulticast mode [ 46.870518][ T7007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.939'. [ 46.949221][ T7018] loop4: detected capacity change from 0 to 512 [ 46.961961][ T7018] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 46.976417][ T7018] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.943: invalid indirect mapped block 4294967295 (level 0) [ 46.976452][ T7018] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 46.980302][ T7018] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.943: invalid indirect mapped block 4294967295 (level 1) [ 46.980349][ T7018] loop4: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 46.980673][ C0] EXT4-fs (loop4): error count since last fsck: 2 [ 46.980685][ C0] EXT4-fs (loop4): initial error at time 46: ext4_free_branches:1023: inode 16 [ 46.980704][ C0] EXT4-fs (loop4): last error at time 46: ext4_free_branches:1023: inode 16 [ 46.982741][ T7018] EXT4-fs (loop4): 1 orphan inode deleted [ 46.982753][ T7018] EXT4-fs (loop4): 1 truncate cleaned up [ 46.983217][ T7018] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.003091][ T7018] EXT4-fs (loop4): shut down requested (2) [ 47.012837][ T7026] loop1: detected capacity change from 0 to 128 [ 47.019848][ T4682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.033669][ T7026] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 47.150749][ T4668] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 47.180905][ T4781] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 47.198143][ T7048] loop1: detected capacity change from 0 to 256 [ 47.201457][ T4781] usb 1-1: device descriptor read/8, error -71 [ 47.227957][ T7048] FAT-fs (loop1): Directory bread(block 64) failed [ 47.227997][ T7048] FAT-fs (loop1): Directory bread(block 65) failed [ 47.228023][ T7048] FAT-fs (loop1): Directory bread(block 66) failed [ 47.228035][ T7048] FAT-fs (loop1): Directory bread(block 67) failed [ 47.228058][ T7048] FAT-fs (loop1): Directory bread(block 68) failed [ 47.228069][ T7048] FAT-fs (loop1): Directory bread(block 69) failed [ 47.228090][ T7048] FAT-fs (loop1): Directory bread(block 70) failed [ 47.228101][ T7048] FAT-fs (loop1): Directory bread(block 71) failed [ 47.228213][ T7048] FAT-fs (loop1): Directory bread(block 72) failed [ 47.228227][ T7048] FAT-fs (loop1): Directory bread(block 73) failed [ 47.229972][ T7051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.956'. [ 47.319397][ T7057] netlink: 24 bytes leftover after parsing attributes in process `syz.2.959'. [ 47.385468][ T7067] CUSE: unknown device info "" [ 47.386432][ T7067] CUSE: unknown device info "" [ 47.387652][ T7067] CUSE: unknown device info "" [ 47.388730][ T7067] CUSE: zero length info key specified [ 47.440757][ T4781] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 47.458308][ T7076] loop1: detected capacity change from 0 to 512 [ 47.463208][ T4781] usb 1-1: device descriptor read/8, error -71 [ 47.484298][ T7076] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.969: inode has both inline data and extents flags [ 47.484332][ T7076] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 47.487300][ T7076] EXT4-fs error (device loop1): ext4_orphan_get:1402: comm syz.1.969: couldn't read orphan inode 15 (err -117) [ 47.487346][ T7076] loop1: lost filesystem error report for type 5 error -117 [ 47.490670][ C0] EXT4-fs (loop1): error count since last fsck: 2 [ 47.490685][ C0] EXT4-fs (loop1): initial error at time 47: ext4_orphan_get:1397: inode 15 [ 47.490703][ C0] EXT4-fs (loop1): last error at time 47: ext4_orphan_get:1402 [ 47.499931][ T7083] loop2: detected capacity change from 0 to 512 [ 47.502942][ T7076] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 47.503890][ T7083] EXT4-fs: Ignoring removed nobh option [ 47.526991][ T7083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 47.544845][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.554475][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 47.573101][ T4781] usb usb1-port1: unable to enumerate USB device [ 47.591888][ T7094] loop1: detected capacity change from 0 to 128 [ 47.594155][ T7094] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 47.596969][ T7094] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 47.656986][ T3004] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 47.686767][ T7101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.978'. [ 47.721920][ T7106] loop3: detected capacity change from 0 to 1024 [ 47.724050][ T7106] EXT4-fs: Ignoring removed bh option [ 47.841887][ T7118] loop1: detected capacity change from 0 to 4096 [ 47.864768][ T7122] IPVS: lblc: SCTP 172.20.20.187:0 - no destination available [ 48.013152][ T7130] netlink: 16 bytes leftover after parsing attributes in process `syz.1.991'. [ 48.706240][ T7150] FAT-fs (loop4): Directory bread(block 64) failed [ 48.706275][ T7150] FAT-fs (loop4): Directory bread(block 65) failed [ 48.706314][ T7150] FAT-fs (loop4): Directory bread(block 66) failed [ 48.706331][ T7150] FAT-fs (loop4): Directory bread(block 67) failed [ 48.706358][ T7150] FAT-fs (loop4): Directory bread(block 68) failed [ 48.706372][ T7150] FAT-fs (loop4): Directory bread(block 69) failed [ 48.706398][ T7150] FAT-fs (loop4): Directory bread(block 70) failed [ 48.706412][ T7150] FAT-fs (loop4): Directory bread(block 71) failed [ 48.706436][ T7150] FAT-fs (loop4): Directory bread(block 72) failed [ 48.706450][ T7150] FAT-fs (loop4): Directory bread(block 73) failed [ 48.818437][ T7157] EXT4-fs error (device loop2): ext4_xattr_inode_iget:441: inode #11: comm syz.2.1003: missing EA_INODE flag [ 48.826048][ T7157] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.1003: error while reading EA inode 11 err=-117 [ 49.825976][ T7211] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 49.859744][ T7211] EXT4-fs (loop3): 1 truncate cleaned up [ 50.016801][ T7224] FAT-fs (loop1): unable to read block(17179869180) for building NFS inode [ 50.034477][ T7218] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.1031: corrupted inode contents [ 50.046783][ T7218] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #15: comm syz.2.1031: mark_inode_dirty error [ 50.055147][ T7218] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.1031: corrupted inode contents [ 50.068466][ T7218] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1031: mark_inode_dirty error [ 50.075820][ T7218] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.1031: corrupted inode contents [ 50.078497][ T7218] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1031: mark_inode_dirty error [ 50.079542][ T7218] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.1031: corrupted inode contents [ 50.087526][ T7218] EXT4-fs error (device loop2): ext4_truncate:4690: inode #15: comm syz.2.1031: mark_inode_dirty error [ 50.101929][ T7218] EXT4-fs error (device loop2) in ext4_setattr:6120: Corrupt filesystem [ 50.128502][ T7229] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #15: comm syz.2.1031: corrupted inode contents [ 50.220313][ T4681] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 50.234957][ T10] IPVS: starting estimator thread 0... [ 50.235791][ T4681] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 50.243805][ T4681] EXT4-fs warning (device loop2): ext4_evict_inode:270: couldn't mark inode dirty (err -117) [ 50.321082][ T7238] IPVS: using max 58 ests per chain, 139200 per kthread [ 50.379410][ T7244] vxcan1: tx address claim with dlc 0 [ 50.675405][ T7263] EXT4-fs: Ignoring removed mblk_io_submit option [ 50.684821][ T7263] EXT4-fs (loop3): stripe (31940) is not aligned with cluster size (16), stripe is disabled [ 50.725115][ T7263] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1051: bg 0: block 234: padding at end of block bitmap is not set [ 50.757746][ T7263] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 50.760493][ T7263] EXT4-fs (loop3): This should not happen!! Data will be lost [ 50.760493][ T7263] [ 50.762258][ T7263] EXT4-fs (loop3): Total free blocks count 0 [ 50.763281][ T7263] EXT4-fs (loop3): Free/Dirty block details [ 50.764350][ T7263] EXT4-fs (loop3): free_blocks=0 [ 50.765156][ T7263] EXT4-fs (loop3): dirty_blocks=32 [ 50.765991][ T7263] EXT4-fs (loop3): Block reservation details [ 50.767022][ T7263] EXT4-fs (loop3): i_reserved_data_blocks=2 [ 50.868830][ T1234] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28 [ 50.868868][ T1234] EXT4-fs (loop3): This should not happen!! Data will be lost [ 50.868868][ T1234] [ 50.915715][ T4669] EXT4-fs warning (device loop3): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 50.985631][ T30] audit: type=1400 audit(50.970:3): lsm=SMACK fn=smack_inode_rename action=denied subject="_" object="lowerdir" requested=rw pid=7280 comm="syz.4.1059" name="file1" dev="tmpfs" ino=977 [ 51.092972][ T7285] macvlan2: entered promiscuous mode [ 51.094266][ T7285] bridge0: entered promiscuous mode [ 51.289155][ T7294] set_capacity_and_notify: 7 callbacks suppressed [ 51.292701][ T7294] loop3: detected capacity change from 0 to 128 [ 51.299788][ T7294] FAT-fs (loop3): Directory bread(block 32) failed [ 51.299823][ T7294] FAT-fs (loop3): Directory bread(block 33) failed [ 51.299846][ T7294] FAT-fs (loop3): Directory bread(block 34) failed [ 51.299858][ T7294] FAT-fs (loop3): Directory bread(block 35) failed [ 51.299879][ T7294] FAT-fs (loop3): Directory bread(block 36) failed [ 51.299890][ T7294] FAT-fs (loop3): Directory bread(block 37) failed [ 51.299911][ T7294] FAT-fs (loop3): Directory bread(block 38) failed [ 51.299921][ T7294] FAT-fs (loop3): Directory bread(block 39) failed [ 51.299942][ T7294] FAT-fs (loop3): Directory bread(block 40) failed [ 51.299952][ T7294] FAT-fs (loop3): Directory bread(block 41) failed [ 51.357893][ T7298] tap0: tun_chr_ioctl cmd 2148553947 [ 51.386914][ T7294] bio_check_eod: 5 callbacks suppressed [ 51.386956][ T7294] syz.3.1064: attempt to access beyond end of device [ 51.386956][ T7294] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128 [ 51.387117][ T7294] FAT-fs (loop3): Filesystem has been set read-only [ 51.387148][ T7294] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 51.387538][ T7294] FAT-fs (loop3): error, corrupted directory (invalid entries) [ 51.481708][ T7303] can0: slcan on ttyS3. [ 51.535792][ T7308] loop2: detected capacity change from 0 to 128 [ 51.543838][ T7303] can0 (unregistered): slcan off ttyS3. [ 51.565764][ T7308] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 51.565814][ T7308] System zones: 1-3, 19-19, 35-36 [ 51.968118][ T7350] loop2: detected capacity change from 0 to 256 [ 52.027008][ T7350] FAT-fs (loop2): Directory bread(block 64) failed [ 52.027045][ T7350] FAT-fs (loop2): Directory bread(block 65) failed [ 52.027088][ T7350] FAT-fs (loop2): Directory bread(block 66) failed [ 52.027105][ T7350] FAT-fs (loop2): Directory bread(block 67) failed [ 52.027132][ T7350] FAT-fs (loop2): Directory bread(block 68) failed [ 52.027147][ T7350] FAT-fs (loop2): Directory bread(block 69) failed [ 52.027175][ T7350] FAT-fs (loop2): Directory bread(block 70) failed [ 52.027189][ T7350] FAT-fs (loop2): Directory bread(block 71) failed [ 52.027217][ T7350] FAT-fs (loop2): Directory bread(block 72) failed [ 52.027231][ T7350] FAT-fs (loop2): Directory bread(block 73) failed [ 52.093711][ T7363] loop4: detected capacity change from 0 to 1024 [ 52.148122][ T7363] EXT4-fs error (device loop4): ext4_map_blocks:833: inode #15: block 3: comm syz.4.1094: lblock 3 mapped to illegal pblock 3 (length 3) [ 52.174833][ T7363] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117 [ 52.174884][ T7363] EXT4-fs (loop4): This should not happen!! Data will be lost [ 52.174884][ T7363] [ 52.196329][ T7363] EXT4-fs error (device loop4): ext4_free_blocks:6718: comm syz.4.1094: Freeing blocks not in datazone - block = 3, count = 3 [ 52.197679][ T7363] EXT4-fs error (device loop4): ext4_free_blocks:6718: comm syz.4.1094: Freeing blocks not in datazone - block = 0, count = 16 [ 52.220043][ T4682] EXT4-fs warning (device loop4): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 52.337552][ T7385] macvlan2: entered promiscuous mode [ 52.337595][ T7385] bridge0: entered promiscuous mode [ 52.545722][ T4688] block nbd1: Receive control failed (result -32) [ 52.546393][ T4680] block nbd1: Receive control failed (result -32) [ 52.649931][ T7422] loop2: detected capacity change from 0 to 1024 [ 52.655111][ T7422] EXT4-fs: inline encryption not supported [ 52.689376][ T7422] EXT4-fs (loop2): shut down requested (2) [ 52.770196][ T7439] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1117'. [ 52.816393][ T7442] tap0: tun_chr_ioctl cmd 1074025680 [ 52.827175][ T7444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1119'. [ 53.356229][ T7476] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1133'. [ 53.376997][ T7478] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1135'. [ 53.547208][ T7501] loop1: detected capacity change from 0 to 256 [ 53.569199][ T7504] loop0: detected capacity change from 0 to 512 [ 53.666107][ T7514] netlink: 888 bytes leftover after parsing attributes in process `syz.4.1150'. [ 53.673576][ T7515] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size. [ 53.744765][ T7524] loop2: detected capacity change from 0 to 512 [ 53.748853][ T7525] loop4: detected capacity change from 0 to 8 [ 53.753196][ T7525] squashfs: SQUASHFS error: Xattrs in filesystem, these will be ignored [ 53.753219][ T7525] unable to read xattr id index table [ 53.768774][ T7524] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1156'. [ 53.824806][ T4765] kernel read not supported for file /comedi0 (pid: 4765 comm: kworker/0:6) [ 53.892811][ T7535] macvlan3: entered promiscuous mode [ 53.892851][ T7535] bridge0: entered promiscuous mode [ 53.916153][ T7537] loop2: detected capacity change from 0 to 512 [ 53.917937][ T7537] EXT4-fs: Ignoring removed nobh option [ 53.950509][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #3: comm syz.2.1162: corrupted inode contents [ 53.950554][ T7537] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 53.951017][ C0] EXT4-fs (loop2): initial error at time 53: ext4_do_update_inode:5690: inode 3 [ 53.951042][ C0] EXT4-fs (loop2): last error at time 53: ext4_do_update_inode:5690: inode 3 [ 53.952253][ T7537] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #3: comm syz.2.1162: mark_inode_dirty error [ 53.952273][ T7537] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 53.953651][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #3: comm syz.2.1162: corrupted inode contents [ 53.953668][ T7537] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 53.954738][ T7537] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #3: comm syz.2.1162: mark_inode_dirty error [ 53.954765][ T7537] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117 [ 53.954940][ T7537] Quota error (device loop2): write_blk: dquota write failed [ 53.954993][ T7537] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 53.955011][ T7537] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.1162: Failed to acquire dquot type 0 [ 53.955022][ T7537] loop2: lost filesystem error report for type 5 error -117 [ 53.958342][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.1162: corrupted inode contents [ 53.958361][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.958713][ T7537] EXT4-fs error (device loop2): ext4_dirty_inode:6587: inode #16: comm syz.2.1162: mark_inode_dirty error [ 53.958728][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.958864][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.1162: corrupted inode contents [ 53.958875][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.958983][ T7537] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #16: comm syz.2.1162: mark_inode_dirty error [ 53.958994][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.959125][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.1162: corrupted inode contents [ 53.959137][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.959251][ T7537] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem [ 53.959260][ T7537] loop2: lost filesystem error report for type 5 error -117 [ 53.959389][ T7537] EXT4-fs error (device loop2): ext4_do_update_inode:5690: inode #16: comm syz.2.1162: corrupted inode contents [ 53.959399][ T7537] loop2: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 53.959504][ T7537] EXT4-fs error (device loop2): ext4_truncate:4690: inode #16: comm syz.2.1162: mark_inode_dirty error [ 53.959612][ T7537] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem [ 53.959620][ T7537] loop2: lost filesystem error report for type 5 error -117 [ 53.963319][ T7537] EXT4-fs (loop2): 1 truncate cleaned up [ 54.418538][ T7594] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1186'. [ 54.424528][ T856] kernel write not supported for file /ppp (pid: 856 comm: kworker/1:2) [ 54.444106][ T7596] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1187'. [ 54.446005][ T7596] ip6gretap0: entered promiscuous mode [ 54.447221][ T7596] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1187'. [ 54.629876][ T7618] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 54.638934][ T7618] EXT4-fs (loop3): 1 truncate cleaned up [ 54.803758][ T7638] syz.1.1208: attempt to access beyond end of device [ 54.803758][ T7638] loop1: rw=0, sector=61, nr_sectors = 94 limit=128 [ 54.911575][ T7647] EXT4-fs (loop3): shut down requested (1) [ 54.979931][ T4781] kernel write not supported for file /comedi0 (pid: 4781 comm: kworker/0:8) [ 55.006079][ T7657] EXT4-fs: inline encryption not supported [ 55.019618][ T7657] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1214: bad orphan inode 15 [ 55.019661][ T7657] loop3: lost filesystem error report for type 5 error -117 [ 55.020008][ T7657] ext4_test_bit(bit=14, block=5) = 0 [ 55.031217][ T7657] EXT4-fs (loop3): shut down requested (0) [ 55.042940][ T7662] netlink: 'syz.1.1218': attribute type 4 has an invalid length. [ 55.056357][ T7664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 55.056562][ T7664] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 55.097525][ T7666] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1220: bg 0: block 112: padding at end of block bitmap is not set [ 55.099669][ T7666] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4099 with max blocks 1 with error 28 [ 55.099688][ T7666] EXT4-fs (loop0): This should not happen!! Data will be lost [ 55.099688][ T7666] [ 55.099696][ T7666] EXT4-fs (loop0): Total free blocks count 0 [ 55.099703][ T7666] EXT4-fs (loop0): Free/Dirty block details [ 55.099711][ T7666] EXT4-fs (loop0): free_blocks=0 [ 55.099724][ T7666] EXT4-fs (loop0): dirty_blocks=16 [ 55.099730][ T7666] EXT4-fs (loop0): Block reservation details [ 55.099736][ T7666] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 55.134050][ T4676] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 55.174442][ T7677] EXT4-fs: Ignoring removed i_version option [ 55.282025][ T7689] EXT4-fs: inline encryption not supported [ 55.285310][ T7689] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 55.285359][ T7689] EXT4-fs (loop0): Test dummy encryption mode enabled [ 55.290082][ T7689] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c1a8, mo2=0003] [ 55.290161][ T7689] System zones: 0-5 [ 55.352718][ T7699] netlink: 'syz.1.1233': attribute type 10 has an invalid length. [ 55.359229][ T7699] syz_tun: entered promiscuous mode [ 55.376954][ T7699] bond0: (slave syz_tun): Enslaving as an active interface with an up link [ 55.467402][ T7712] netlink: 'syz.3.1239': attribute type 12 has an invalid length. [ 55.467440][ T7712] netlink: 'syz.3.1239': attribute type 29 has an invalid length. [ 55.467463][ T7712] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1239'. [ 55.467477][ T7712] netlink: 'syz.3.1239': attribute type 1 has an invalid length. [ 55.467485][ T7712] netlink: 'syz.3.1239': attribute type 2 has an invalid length. [ 55.612844][ T7733] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c019, mo2=0002] [ 55.612981][ T7733] System zones: 1-12 [ 55.618961][ T7733] EXT4-fs warning (device loop3): ext4_xattr_inode_get:546: inode #11: comm syz.3.1249: ea_inode file size=0 entry size=6 [ 55.622588][ T7733] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.1249: iget: bad extra_isize 90 (inode size 256) [ 55.630744][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 55.630788][ C1] EXT4-fs (loop3): initial error at time 55: ext4_xattr_inode_iget:441: inode 11 [ 55.630819][ C1] EXT4-fs (loop3): last error at time 55: ext4_xattr_inode_iget:441: inode 11 [ 55.631853][ T7733] EXT4-fs error (device loop3): ext4_xattr_inode_iget:446: comm syz.3.1249: error while reading EA inode 11 err=-117 [ 55.631876][ T7733] loop3: lost filesystem error report for type 5 error -117 [ 55.639190][ T7733] EXT4-fs (loop3): 1 orphan inode deleted [ 55.659413][ T7739] FAT-fs (loop4): Directory bread(block 64) failed [ 55.659451][ T7739] FAT-fs (loop4): Directory bread(block 65) failed [ 55.659491][ T7739] FAT-fs (loop4): Directory bread(block 66) failed [ 55.659508][ T7739] FAT-fs (loop4): Directory bread(block 67) failed [ 55.659535][ T7739] FAT-fs (loop4): Directory bread(block 68) failed [ 55.659550][ T7739] FAT-fs (loop4): Directory bread(block 69) failed [ 55.659576][ T7739] FAT-fs (loop4): Directory bread(block 70) failed [ 55.659590][ T7739] FAT-fs (loop4): Directory bread(block 71) failed [ 55.659615][ T7739] FAT-fs (loop4): Directory bread(block 72) failed [ 55.659629][ T7739] FAT-fs (loop4): Directory bread(block 73) failed [ 55.675891][ T7733] EXT4-fs error (device loop3): ext4_nfs_get_inode:1575: inode #11: comm syz.3.1249: iget: bad extra_isize 90 (inode size 256) [ 55.736442][ T7744] mmap: syz.0.1254 (7744) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 56.171627][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.252366][ T7800] batman_adv: batadv0: Adding interface: macvtap1 [ 56.256100][ T7800] batman_adv: batadv0: The MTU of interface macvtap1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 56.261317][ T7800] batman_adv: batadv0: Not using interface macvtap1 (retrying later): interface not active [ 56.313210][ T7806] set_capacity_and_notify: 11 callbacks suppressed [ 56.313251][ T7806] loop3: detected capacity change from 0 to 1024 [ 56.355004][ T7806] EXT4-fs error (device loop3): ext4_generic_delete_entry:2673: inode #12: block 7: comm syz.3.1283: bad entry in directory: inode out of bounds - offset=0, inode=150994957, rec_len=16, size=56 fake=0 [ 56.374821][ T7806] EXT4-fs (loop3): Remounting filesystem read-only [ 56.410784][ T4688] Bluetooth: hci4: command 0x2016 tx timeout [ 56.412760][ T856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.467308][ T7823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 56.746255][ T30] audit: type=1326 audit(56.730:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.746378][ T30] audit: type=1326 audit(56.730:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.746764][ T30] audit: type=1326 audit(56.730:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.746852][ T30] audit: type=1326 audit(56.730:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.746923][ T30] audit: type=1326 audit(56.730:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.746988][ T30] audit: type=1326 audit(56.730:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.747059][ T30] audit: type=1326 audit(56.730:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.747274][ T30] audit: type=1326 audit(56.730:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.747428][ T30] audit: type=1326 audit(56.730:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.747487][ T30] audit: type=1326 audit(56.730:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7846 comm="syz.1.1301" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3577a28 code=0x7ffc0000 [ 56.805976][ T7823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.121844][ T7879] loop4: detected capacity change from 0 to 512 [ 57.129760][ T7881] input: syz0 as /devices/virtual/input/input4 [ 57.133664][ T1146] wlan1: Trigger new scan to find an IBSS to join [ 57.141134][ T7823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.146639][ T7879] EXT4-fs error (device loop4): ext4_orphan_get:1423: comm syz.4.1317: bad orphan inode 15 [ 57.146674][ T7879] loop4: lost filesystem error report for type 5 error -117 [ 57.148527][ T7879] ext4_test_bit(bit=14, block=18) = 1 [ 57.148583][ T7879] is_bad_inode(inode)=0 [ 57.148604][ T7879] NEXT_ORPHAN(inode)=1023 [ 57.148614][ T7879] max_ino=32 [ 57.148626][ T7879] i_nlink=0 [ 57.150677][ C0] EXT4-fs (loop4): error count since last fsck: 1 [ 57.150694][ C0] EXT4-fs (loop4): initial error at time 57: ext4_orphan_get:1423 [ 57.150708][ C0] EXT4-fs (loop4): last error at time 57: ext4_orphan_get:1423 [ 57.157821][ T7879] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2972: inode #15: comm syz.4.1317: corrupted xattr block 19: invalid header [ 57.158152][ T7879] EXT4-fs warning (device loop4): ext4_evict_inode:287: xattr delete (err -117) [ 57.167049][ T7879] EXT4-fs (loop4): shut down requested (1) [ 57.168480][ T7884] netlink: 'syz.3.1318': attribute type 2 has an invalid length. [ 57.286801][ T7823] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.395823][ T7902] Injecting memory failure for pfn 0x1230a6 at process virtual address 0x20000000 [ 57.405566][ T7902] Memory failure: 0x1230a6: Sending SIGBUS to syz.3.1326:7902 due to hardware memory corruption [ 57.408598][ T7911] loop4: detected capacity change from 0 to 128 [ 57.410756][ T7902] Memory failure: 0x1230a6: recovery action for dirty LRU page: Recovered [ 57.410794][ T7902] Injecting memory failure for pfn 0x12134b at process virtual address 0x20001000 [ 57.411093][ T7902] Memory failure: 0x12134b: Sending SIGBUS to syz.3.1326:7902 due to hardware memory corruption [ 57.411118][ T7902] Memory failure: 0x12134b: recovery action for dirty LRU page: Recovered [ 57.411140][ T7902] Injecting memory failure for pfn 0x21d0b2 at process virtual address 0x20002000 [ 57.411163][ T7902] Memory failure: 0x21d0b2: Sending SIGBUS to syz.3.1326:7902 due to hardware memory corruption [ 57.411176][ T7902] Memory failure: 0x21d0b2: recovery action for already poisoned page: Failed [ 57.453130][ T4781] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.462343][ T4853] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 57.462630][ T7911] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002] [ 57.462663][ T7911] System zones: 1-3, 19-19, 35-36 [ 57.472733][ T7911] EXT4-fs warning (device loop4): ext4_group_add:1735: No reserved GDT blocks, can't resize [ 57.552274][ T7932] loop1: detected capacity change from 0 to 128 [ 57.676239][ T7951] loop1: detected capacity change from 0 to 128 [ 57.825249][ T7970] loop7: detected capacity change from 0 to 7 [ 57.898764][ T7970] Dev loop7: unable to read RDB block 7 [ 57.898820][ T7970] loop7: unable to read partition table [ 57.898911][ T7970] loop7: partition table beyond EOD, truncated [ 57.898942][ T7970] loop_reread_partitions: partition scan of loop7 (Sj %`ր5) failed (rc=-5) [ 57.911259][ T7977] netlink: 'syz.4.1354': attribute type 13 has an invalid length. [ 57.922754][ T7977] __nla_validate_parse: 4 callbacks suppressed [ 57.922806][ T7977] netlink: 152 bytes leftover after parsing attributes in process `syz.4.1354'. [ 57.923432][ T7977] syz_tun: refused to change device tx_queue_len [ 57.923450][ T7977] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 57.948240][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2 [ 57.948287][ C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2 [ 58.068151][ T7997] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1365'. [ 58.092987][ T8001] loop1: detected capacity change from 0 to 1024 [ 58.093813][ T1426] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 58.108652][ T8001] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended [ 58.109710][ T8001] EXT4-fs (loop1): Errors on filesystem, clearing orphan list. [ 58.134673][ T8006] sctp: [Deprecated]: syz.3.1368 (pid 8006) Use of int in max_burst socket option deprecated. [ 58.134673][ T8006] Use struct sctp_assoc_value instead [ 58.144536][ T8008] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1369'. [ 58.144574][ T8008] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1369'. [ 58.161753][ T8001] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro. [ 58.198738][ T8012] loop3: detected capacity change from 0 to 1024 [ 58.245237][ T8012] EXT4-fs error (device loop3): ext4_free_blocks:6718: comm syz.3.1371: Freeing blocks not in datazone - block = 0, count = 16 [ 58.247620][ T8022] loop1: detected capacity change from 0 to 512 [ 58.247987][ T8022] EXT4-fs: Ignoring removed mblk_io_submit option [ 58.425368][ T8041] loop1: detected capacity change from 0 to 512 [ 58.427157][ T8041] EXT4-fs: inline encryption not supported [ 58.437167][ T8041] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 58.441571][ T8041] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.1378: bad orphan inode 131083 [ 58.441599][ T8041] loop1: lost filesystem error report for type 5 error -117 [ 58.456149][ T8046] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1381'. [ 58.492608][ T4688] Bluetooth: hci4: command 0x2016 tx timeout [ 58.507545][ T8046] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.507917][ T8046] bridge_slave_1: left allmulticast mode [ 58.518086][ T8046] bridge_slave_1: left promiscuous mode [ 58.518229][ T8046] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.627036][ T8066] FAT-fs (loop3): Directory bread(block 64) failed [ 58.627076][ T8066] FAT-fs (loop3): Directory bread(block 65) failed [ 58.627101][ T8066] FAT-fs (loop3): Directory bread(block 66) failed [ 58.627112][ T8066] FAT-fs (loop3): Directory bread(block 67) failed [ 58.627135][ T8066] FAT-fs (loop3): Directory bread(block 68) failed [ 58.627146][ T8066] FAT-fs (loop3): Directory bread(block 69) failed [ 58.627167][ T8066] FAT-fs (loop3): Directory bread(block 70) failed [ 58.627177][ T8066] FAT-fs (loop3): Directory bread(block 71) failed [ 58.627199][ T8066] FAT-fs (loop3): Directory bread(block 72) failed [ 58.627209][ T8066] FAT-fs (loop3): Directory bread(block 73) failed [ 58.667816][ T8071] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1390'. [ 58.669570][ T8071] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1390'. [ 58.716684][ T8077] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 58.716731][ T8077] vhci_hcd vhci_hcd.2: invalid port number 96 [ 58.716758][ T8077] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0 [ 58.771821][ T8088] dummy0: entered allmulticast mode [ 58.954008][ T8113] binder: 8113 RLIMIT_NICE not set [ 58.967433][ T8081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.967650][ T8081] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 59.009781][ T8120] binder: 8118:8120 got transaction to invalid handle, 1 [ 59.009891][ T8120] binder: 8118:8120 cannot find target node [ 59.009956][ T8120] binder: 8118:8120 transaction call to 0:0 failed 2/29201/-22, code 0 size 0-0 line 3236 [ 59.011472][ T4765] binder: undelivered TRANSACTION_ERROR: 29201 [ 59.261385][ T8152] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1428'. [ 59.261974][ T8152] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1428'. [ 59.296293][ T8154] EXT4-fs: Ignoring removed orlov option [ 59.328776][ T8154] EXT4-fs (loop2): shut down requested (1) [ 59.392162][ T8169] erspan0: entered promiscuous mode [ 59.471677][ T8177] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 59.711762][ T8207] netpci0: tun_chr_ioctl cmd 1074025681 [ 59.852677][ T4766] kernel read not supported for file /usbmon9 (pid: 4766 comm: kworker/1:3) [ 59.947978][ T8235] FAT-fs (loop0): bogus number of reserved sectors [ 59.948026][ T8235] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 59.948065][ T8235] FAT-fs (loop0): Can't find a valid FAT filesystem [ 60.091071][ T15] wlan1: Trigger new scan to find an IBSS to join [ 60.261643][ T8266] netlink: 540 bytes leftover after parsing attributes in process `syz.1.1478'. [ 60.287522][ T8270] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 60.310150][ T8270] EXT4-fs (loop4): 1 truncate cleaned up [ 60.405001][ T4781] kernel write not supported for file /media4 (pid: 4781 comm: kworker/0:8) [ 60.455251][ T8285] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 60.474693][ T8285] EXT4-fs (loop1): 1 truncate cleaned up [ 60.612055][ T8298] EXT4-fs: inline encryption not supported [ 60.615720][ T8298] EXT4-fs (loop0): can't mount with both data=journal and delalloc [ 60.672642][ T8305] Bluetooth: MGMT ver 1.23 [ 60.931717][ T4781] hid-generic 0005:0C45:7FFF.0002: item fetching failed at offset 0/1 [ 60.931903][ T4781] hid-generic 0005:0C45:7FFF.0002: probe with driver hid-generic failed with error -22 [ 61.014272][ T8338] tap0: tun_chr_ioctl cmd 1074025677 [ 61.015692][ T8338] tap0: linktype set to 823 [ 61.215376][ T8345] net_ratelimit: 11 callbacks suppressed [ 61.215421][ T8345] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 61.256297][ T8349] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.259241][ T8349] bridge0: entered allmulticast mode [ 61.623206][ T856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 61.661860][ T8364] veth1_macvtap: left promiscuous mode [ 61.675005][ T8367] netlink: 'syz.2.1525': attribute type 32 has an invalid length. [ 61.689852][ T8367] bond1: option coupled_control: invalid value (118) [ 61.695449][ T8367] bond1 (unregistering): Released all slaves [ 61.787079][ T8383] MPI: mpi too large (32776 bits) [ 61.792737][ T8382] bond0: option miimon: invalid value (18446744073709551612) [ 61.792772][ T8382] bond0: option miimon: allowed values 0 - 2147483647 [ 61.908980][ T4688] Bluetooth: Unknown BR/EDR signaling command 0x0e [ 61.909019][ T4688] Bluetooth: Wrong link type (-22) [ 61.919737][ T8390] set_capacity_and_notify: 11 callbacks suppressed [ 61.920766][ T8390] loop4: detected capacity change from 0 to 8192 [ 61.999970][ T15] Bluetooth: hci5: Frame reassembly failed (-84) [ 62.072094][ T8416] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 62.130340][ T8422] loop4: detected capacity change from 0 to 128 [ 62.246344][ T8435] loop4: detected capacity change from 0 to 512 [ 62.250341][ T8435] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended [ 62.253924][ T8435] EXT4-fs (loop4): orphan cleanup on readonly fs [ 62.261277][ T8435] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4222: comm syz.4.1556: Allocating blocks 41-42 which overlap fs metadata [ 62.261312][ T8435] loop4: lost filesystem error report for type 5 error -117 [ 62.265045][ T8435] __quota_error: 21 callbacks suppressed [ 62.266008][ T8435] Quota error (device loop4): write_blk: dquota write failed [ 62.266076][ T8435] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 62.266551][ T8435] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz.4.1556: Failed to acquire dquot type 0 [ 62.266722][ T8435] loop4: lost filesystem error report for type 5 error -117 [ 62.270673][ C1] EXT4-fs (loop4): error count since last fsck: 2 [ 62.270690][ C1] EXT4-fs (loop4): initial error at time 62: ext4_mb_mark_diskspace_used:4222 [ 62.270704][ C1] EXT4-fs (loop4): last error at time 62: ext4_acquire_dquot:7034 [ 62.277836][ T8435] EXT4-fs error (device loop4): mb_free_blocks:2049: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt. [ 62.279064][ T8435] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #12: comm syz.4.1556: corrupted inode contents [ 62.279085][ T8435] fserror_report: 3 callbacks suppressed [ 62.279090][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.279807][ T8435] EXT4-fs error (device loop4): ext4_dirty_inode:6587: inode #12: comm syz.4.1556: mark_inode_dirty error [ 62.279824][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.280263][ T8435] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #12: comm syz.4.1556: corrupted inode contents [ 62.280283][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.280428][ T8435] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #12: comm syz.4.1556: mark_inode_dirty error [ 62.280446][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.280562][ T8435] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #12: comm syz.4.1556: corrupted inode contents [ 62.280574][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.282127][ T8435] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem [ 62.282151][ T8435] loop4: lost filesystem error report for type 5 error -117 [ 62.282298][ T8435] EXT4-fs error (device loop4): ext4_do_update_inode:5690: inode #12: comm syz.4.1556: corrupted inode contents [ 62.282312][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.283744][ T8435] EXT4-fs error (device loop4): ext4_truncate:4690: inode #12: comm syz.4.1556: mark_inode_dirty error [ 62.283766][ T8435] loop4: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117 [ 62.284417][ T8435] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem [ 62.284440][ T8435] loop4: lost filesystem error report for type 5 error -117 [ 62.284638][ T8435] EXT4-fs (loop4): 1 truncate cleaned up [ 62.321525][ T8435] EXT4-fs (loop4): pa 00000000a58d7056: logic 1, phys. 41, len 23 [ 62.321564][ T8435] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5459: group 0, free 22, pa_free 23 [ 62.444906][ T8454] No such timeout policy "syz1" [ 62.650866][ T856] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 62.675746][ T8470] Injecting memory failure for pfn 0x14110e at process virtual address 0x2010e000 [ 62.682671][ T8470] Memory failure: 0x14110e: recovery action for dirty LRU page: Recovered [ 63.044625][ T8528] loop2: detected capacity change from 0 to 512 [ 63.045154][ T8528] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 63.094633][ T8533] __nla_validate_parse: 3 callbacks suppressed [ 63.095983][ T8533] netlink: 3 bytes leftover after parsing attributes in process `syz.4.1600'. [ 63.109649][ T8535] loop2: detected capacity change from 0 to 512 [ 63.130980][ T1234] wlan1: Creating new IBSS network, BSSID 82:e0:a0:fe:82:d8 [ 63.134189][ T8541] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1604'. [ 63.218863][ T8550] loop0: detected capacity change from 0 to 128 [ 63.411577][ T8566] loop0: detected capacity change from 0 to 512 [ 63.518341][ T1146] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 63.524825][ T1146] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2048 with error 28 [ 63.524859][ T1146] EXT4-fs (loop2): This should not happen!! Data will be lost [ 63.524859][ T1146] [ 63.524882][ T1146] EXT4-fs (loop2): Total free blocks count 0 [ 63.524894][ T1146] EXT4-fs (loop2): Free/Dirty block details [ 63.524906][ T1146] EXT4-fs (loop2): free_blocks=65280 [ 63.524917][ T1146] EXT4-fs (loop2): dirty_blocks=8193 [ 63.524927][ T1146] EXT4-fs (loop2): Block reservation details [ 63.524937][ T1146] EXT4-fs (loop2): i_reserved_data_blocks=8193 [ 63.545474][ T1146] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28 [ 63.548530][ T1146] EXT4-fs (loop2): This should not happen!! Data will be lost [ 63.548530][ T1146] [ 63.559207][ T4681] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 63.585188][ T8584] overlayfs: upper fs does not support file handles, falling back to index=off. [ 63.659751][ T8592] netlink: 'syz.4.1627': attribute type 1 has an invalid length. [ 63.661322][ T8592] netlink: 2704 bytes leftover after parsing attributes in process `syz.4.1627'. [ 63.685703][ T8594] netlink: 'syz.4.1628': attribute type 10 has an invalid length. [ 63.692026][ T8594] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 63.694393][ T8594] team0: Port device netdevsim1 added [ 63.700827][ T4766] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 63.760392][ T8600] sctp: [Deprecated]: syz.4.1631 (pid 8600) Use of int in max_burst socket option deprecated. [ 63.760392][ T8600] Use struct sctp_assoc_value instead [ 63.769421][ T8603] TCP: TCP_TX_DELAY enabled [ 63.814049][ T3004] Bluetooth: hci6: Frame reassembly failed (-84) [ 63.814172][ T8608] Bluetooth: hci6: received HCILL_GO_TO_SLEEP_ACK in state 2 [ 63.829691][ T8612] loop2: detected capacity change from 0 to 128 [ 63.883722][ T8612] EXT4-fs (loop2): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 63.962318][ T8625] loop2: detected capacity change from 0 to 2048 [ 64.011164][ T4688] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 64.124831][ T8637] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1642: bg 0: block 345: padding at end of block bitmap is not set [ 64.125862][ T8637] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 117 [ 64.125879][ T8637] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.125879][ T8637] [ 64.132285][ T1426] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 512 with max blocks 1117 with error 28 [ 64.132321][ T1426] EXT4-fs (loop2): This should not happen!! Data will be lost [ 64.132321][ T1426] [ 64.132331][ T1426] EXT4-fs (loop2): Total free blocks count 0 [ 64.132341][ T1426] EXT4-fs (loop2): Free/Dirty block details [ 64.132351][ T1426] EXT4-fs (loop2): free_blocks=0 [ 64.132359][ T1426] EXT4-fs (loop2): dirty_blocks=1120 [ 64.132366][ T1426] EXT4-fs (loop2): Block reservation details [ 64.132372][ T1426] EXT4-fs (loop2): i_reserved_data_blocks=70 [ 64.176585][ T4781] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 64.187996][ T4681] EXT4-fs warning (device loop2): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 64.425341][ T8669] loop0: detected capacity change from 0 to 4096 [ 64.492877][ T857] cfg80211: failed to load regulatory.db [ 64.493919][ T1575] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.493955][ T1575] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.591811][ T8683] overlayfs: workdir and upperdir must reside under the same mount [ 64.610749][ T8685] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1669'. [ 64.654678][ T8694] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1672'. [ 64.674837][ T8691] bond1 (unregistering): Released all slaves [ 64.717307][ T8700] input: syz1 as /devices/virtual/input/input5 [ 64.773375][ T8707] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1679'. [ 64.780309][ T1426] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 64.780429][ T1426] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 64.789037][ T8708] netlink: 'syz.4.1680': attribute type 14 has an invalid length. [ 64.805767][ T8710] netlink: 60 bytes leftover after parsing attributes in process `syz.3.1681'. [ 64.810852][ T4766] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 64.861688][ T4853] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 64.867436][ T8716] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1685'. [ 64.876645][ T8716] vlan2: entered promiscuous mode [ 64.877738][ T8716] bond0: entered promiscuous mode [ 64.878675][ T8716] bond_slave_0: entered promiscuous mode [ 64.879782][ T8716] bond_slave_1: entered promiscuous mode [ 64.952697][ T8727] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 64.963210][ T8727] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1688: invalid indirect mapped block 4294967295 (level 0) [ 64.966212][ T8727] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 64.966635][ T8727] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.1688: invalid indirect mapped block 4294967295 (level 1) [ 64.970675][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 64.970690][ C0] EXT4-fs (loop3): initial error at time 64: ext4_free_branches:1023: inode 16 [ 64.970708][ C0] EXT4-fs (loop3): last error at time 64: ext4_free_branches:1023: inode 16 [ 64.975966][ T8727] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 64.976530][ T8727] EXT4-fs (loop3): 1 orphan inode deleted [ 64.976558][ T8727] EXT4-fs (loop3): 1 truncate cleaned up [ 64.983383][ T8727] EXT4-fs mount: 82 callbacks suppressed [ 64.986239][ T8727] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 64.998948][ T8727] EXT4-fs (loop3): shut down requested (2) [ 65.001902][ T8727] EXT4-fs warning (device loop3): ext4_empty_dir:3104: inode #2: comm syz.3.1688: directory missing '..' [ 65.016822][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 65.085964][ T8743] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2 [ 65.313000][ T4688] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 65.315258][ T4688] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 65.316882][ T4688] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 65.321760][ T4853] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 65.323084][ T4688] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 65.323407][ T4688] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 65.347326][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 65.347522][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 65.365815][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1700'. [ 65.367432][ T8774] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1700'. [ 65.420044][ T8785] netem: change failed [ 65.652637][ T8769] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.654119][ T8769] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.655650][ T8769] bridge_slave_0: entered allmulticast mode [ 65.657286][ T8769] bridge_slave_0: entered promiscuous mode [ 65.663506][ T8769] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.665141][ T8769] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.666657][ T8769] bridge_slave_1: entered allmulticast mode [ 65.668338][ T8769] bridge_slave_1: entered promiscuous mode [ 65.696588][ T8769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.697630][ T8769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.728448][ T8769] team0: Port device team_slave_0 added [ 65.729430][ T8769] team0: Port device team_slave_1 added [ 65.756846][ T8769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 65.756877][ T8769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 65.756895][ T8769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 65.761474][ T8769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 65.761483][ T8769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 65.761493][ T8769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 65.788438][ T8769] hsr_slave_0: entered promiscuous mode [ 65.788816][ T8769] hsr_slave_1: entered promiscuous mode [ 65.789014][ T8769] debugfs: 'hsr0' already exists in 'hsr' [ 65.789024][ T8769] Cannot create hsr debugfs directory [ 65.850884][ T4680] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 65.945422][ T8859] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled [ 65.964166][ T8859] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.007193][ T8873] EXT4-fs: Ignoring removed nobh option [ 66.017943][ T8859] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.018146][ T8873] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2 [ 66.018444][ T8873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1721: invalid indirect mapped block 256 (level 1) [ 66.018469][ T8873] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 66.029793][ T8873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1721: invalid indirect mapped block 2683928664 (level 1) [ 66.031599][ C1] EXT4-fs (loop3): error count since last fsck: 2 [ 66.031609][ C1] EXT4-fs (loop3): initial error at time 66: ext4_free_branches:1023: inode 13 [ 66.031627][ C1] EXT4-fs (loop3): last error at time 66: ext4_free_branches:1023: inode 13 [ 66.039846][ T8873] EXT4-fs (loop3): 1 truncate cleaned up [ 66.040389][ T8873] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.060452][ T8873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1721: invalid indirect mapped block 4294967295 (level 0) [ 66.064110][ T8873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1721: invalid indirect mapped block 4294967295 (level 0) [ 66.067127][ T8873] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1721: invalid indirect mapped block 480848489 (level 1) [ 66.068525][ T8769] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 66.078621][ T8769] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 66.079357][ T8769] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 66.105719][ T8769] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 66.120996][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.134548][ T8769] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 66.136875][ T8769] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 66.137242][ T8769] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 66.144138][ T8769] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 66.190164][ T8769] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.190222][ T8769] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.190313][ T8769] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.190346][ T8769] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.227501][ T8769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 66.239922][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.241595][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.249354][ T8769] 8021q: adding VLAN 0 to HW filter on device team0 [ 66.266370][ T39] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.266418][ T39] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.269497][ T39] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.269533][ T39] bridge0: port 2(bridge_slave_1) entered forwarding state [ 66.281770][ T8769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 66.283674][ T8769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 66.449611][ T8931] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 66.495706][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.586746][ T8769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.652747][ T8966] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e01c, mo2=0002] [ 66.652838][ T8966] System zones: 1-12 [ 66.653011][ T8966] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1743: Directory hole found for htree index block 0 [ 66.660674][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 66.660704][ C0] EXT4-fs (loop1): initial error at time 66: dx_probe:791: inode 2 [ 66.660742][ C0] EXT4-fs (loop1): last error at time 66: dx_probe:791: inode 2 [ 66.674076][ T8966] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -117 [ 66.674144][ T8966] EXT4-fs error (device loop1): dx_probe:791: inode #2: comm syz.1.1743: Directory hole found for htree index block 0 [ 66.685280][ T8966] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 66.685779][ T8966] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 66.712969][ T8966] EXT4-fs (loop1): shut down requested (1) [ 66.745208][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 66.839750][ T8769] veth0_vlan: entered promiscuous mode [ 66.855841][ T8769] veth1_vlan: entered promiscuous mode [ 66.888942][ T8769] veth0_macvtap: entered promiscuous mode [ 66.907354][ T8769] veth1_macvtap: entered promiscuous mode [ 66.921443][ T8769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 66.936532][ T8769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 66.954699][ T1234] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.955082][ T1234] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.955103][ T1234] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.955119][ T1234] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 66.992267][ T39] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 66.992318][ T39] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.068917][ T9021] set_capacity_and_notify: 5 callbacks suppressed [ 67.068954][ T9021] loop0: detected capacity change from 0 to 256 [ 67.077507][ T1234] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.077536][ T1234] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.115590][ T856] kernel read not supported for file /media4 (pid: 856 comm: kworker/1:2) [ 67.118943][ T39] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 67.118990][ T39] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.152028][ T3004] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.152059][ T3004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.202086][ T39] team0: Port device netdevsim1 removed [ 67.205512][ T39] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 67.207967][ T39] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.289011][ T39] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0 [ 67.289054][ T39] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 67.298825][ T9046] loop0: detected capacity change from 0 to 256 [ 67.370921][ T4672] Bluetooth: hci4: command tx timeout [ 67.453147][ T9065] vcan0: tx drop: invalid da for name 0x00000000000000ee [ 67.556011][ T39] bridge_slave_1: left allmulticast mode [ 67.556064][ T39] bridge_slave_1: left promiscuous mode [ 67.556381][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.565407][ T39] bridge_slave_0: left allmulticast mode [ 67.566903][ T39] bridge_slave_0: left promiscuous mode [ 67.568393][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.659185][ T9100] loop1: detected capacity change from 0 to 512 [ 67.689884][ T9100] EXT4-fs error (device loop1): ext4_iget_extra_inode:5128: inode #15: comm syz.1.1790: corrupted in-inode xattr: e_value size too large [ 67.689949][ T9100] fserror_report: 3 callbacks suppressed [ 67.689972][ T9100] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 67.692594][ T9100] EXT4-fs (loop1): Remounting filesystem read-only [ 67.693131][ T9100] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 67.732140][ T9100] EXT4-fs (loop1): shut down requested (2) [ 67.777620][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 67.823990][ T9116] loop1: detected capacity change from 0 to 256 [ 67.907926][ T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 67.922397][ T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 67.941960][ T39] bond0 (unregistering): Released all slaves [ 67.950395][ T4357] 8021q: adding VLAN 0 to HW filter on device eth1 [ 68.032525][ T9126] loop2: detected capacity change from 0 to 8192 [ 68.258745][ T9156] loop0: detected capacity change from 0 to 256 [ 68.276458][ T9156] FAT-fs (loop0): Directory bread(block 64) failed [ 68.276493][ T9156] FAT-fs (loop0): Directory bread(block 65) failed [ 68.276535][ T9156] FAT-fs (loop0): Directory bread(block 66) failed [ 68.276553][ T9156] FAT-fs (loop0): Directory bread(block 67) failed [ 68.276581][ T9156] FAT-fs (loop0): Directory bread(block 68) failed [ 68.276597][ T9156] FAT-fs (loop0): Directory bread(block 69) failed [ 68.276627][ T9156] FAT-fs (loop0): Directory bread(block 70) failed [ 68.276645][ T9156] FAT-fs (loop0): Directory bread(block 71) failed [ 68.276695][ T9156] FAT-fs (loop0): Directory bread(block 72) failed [ 68.276710][ T9156] FAT-fs (loop0): Directory bread(block 73) failed [ 68.405321][ T9167] syzkaller1: tun_chr_ioctl cmd 1074025677 [ 68.405470][ T9167] syzkaller1: linktype set to 805 [ 68.445341][ T9177] loop0: detected capacity change from 0 to 1024 [ 68.465863][ T9177] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 68.490556][ T4357] 8021q: adding VLAN 0 to HW filter on device eth0 [ 68.513819][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 68.523579][ T39] hsr_slave_0: left promiscuous mode [ 68.524700][ T39] hsr_slave_1: left promiscuous mode [ 68.525112][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 68.525129][ T39] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 68.526239][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 68.526251][ T39] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 68.534995][ T9183] loop2: detected capacity change from 0 to 512 [ 68.535358][ T9183] EXT4-fs: inline encryption not supported [ 68.535369][ T9183] EXT4-fs: inline encryption not supported [ 68.556325][ T39] veth1_macvtap: left promiscuous mode [ 68.556384][ T39] veth0_macvtap: left promiscuous mode [ 68.559720][ T39] veth1_vlan: left promiscuous mode [ 68.559819][ T39] veth0_vlan: left promiscuous mode [ 68.567764][ T9183] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 68.589585][ T9183] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 68.589868][ T9183] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1821: bg 0: block 248: padding at end of block bitmap is not set [ 68.589883][ T9183] loop2: lost filesystem error report for type 5 error -117 [ 68.590092][ T9183] Quota error (device loop2): write_blk: dquota write failed [ 68.590119][ T9183] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota [ 68.590136][ T9183] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.1821: Failed to acquire dquot type 1 [ 68.590146][ T9183] loop2: lost filesystem error report for type 5 error -28 [ 68.590594][ T9183] EXT4-fs (loop2): 1 truncate cleaned up [ 68.591098][ T9183] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 68.637669][ T9183] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0008-000000000000 ro. [ 68.660786][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 68.667467][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 68.755345][ T39] team0 (unregistering): Port device team_slave_1 removed [ 68.762964][ T39] team0 (unregistering): Port device team_slave_0 removed [ 68.833524][ T9195] __nla_validate_parse: 5 callbacks suppressed [ 68.833772][ T9195] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1826'. [ 68.869671][ T9205] loop2: detected capacity change from 0 to 1024 [ 68.872373][ T9205] EXT4-fs: Ignoring removed mblk_io_submit option [ 68.873952][ T9205] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 68.879017][ T9205] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 68.904611][ T9205] EXT4-fs error (device loop2): ext4_ext_check_inode:521: inode #11: comm syz.2.1831: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 68.904658][ T9205] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 68.905104][ T9205] EXT4-fs error (device loop2): ext4_orphan_get:1402: comm syz.2.1831: couldn't read orphan inode 11 (err -117) [ 68.905125][ T9205] loop2: lost filesystem error report for type 5 error -117 [ 68.905889][ T9205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 68.922805][ T9215] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1833'. [ 68.937521][ T9205] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1831: Invalid block bitmap block 0 in block_group 0 [ 68.940303][ T9205] Quota error (device loop2): write_blk: dquota write failed [ 68.940353][ T9205] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 68.940393][ T9205] EXT4-fs error (device loop2): ext4_acquire_dquot:7034: comm syz.2.1831: Failed to acquire dquot type 0 [ 68.973179][ T9219] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.1831: Invalid inode bitmap blk 137438953472 in block_group 0 [ 68.997704][ T9225] loop3: detected capacity change from 0 to 256 [ 69.029112][ T15] EXT4-fs error (device loop2): __ext4_get_inode_loc:4885: comm kworker/u8:1: Invalid inode table block 8589934593 in block_group 0 [ 69.032630][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.064854][ T9230] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 69.066247][ T9230] EXT4-fs (loop0): 1 truncate cleaned up [ 69.066705][ T9230] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 69.150104][ T9230] EXT4-fs error (device loop0): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.0.1839: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 69.158421][ T9230] EXT4-fs error (device loop0) in ext4_delete_entry:2744: Corrupt filesystem [ 69.160345][ T9230] EXT4-fs warning (device loop0): ext4_rename_delete:3739: inode #2: comm syz.0.1839: Deleting old file: nlink 5, error=-117 [ 69.205079][ T39] IPVS: stop unused estimator thread 0... [ 69.239099][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 69.259119][ T9259] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended [ 69.270376][ T4357] 8021q: adding VLAN 0 to HW filter on device eth2 [ 69.298753][ T9259] EXT4-fs error (device loop3): ext4_orphan_get:1423: comm syz.3.1849: bad orphan inode 13 [ 69.298792][ T9259] loop3: lost filesystem error report for type 5 error -117 [ 69.300710][ C1] EXT4-fs (loop3): error count since last fsck: 1 [ 69.300728][ C1] EXT4-fs (loop3): last error at time 69: ext4_orphan_get:1423 [ 69.308757][ T9259] ext4_test_bit(bit=12, block=18) = 1 [ 69.308794][ T9259] is_bad_inode(inode)=0 [ 69.308814][ T9259] NEXT_ORPHAN(inode)=0 [ 69.308825][ T9259] max_ino=32 [ 69.308835][ T9259] i_nlink=1 [ 69.309340][ T9259] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback. [ 69.353143][ T9259] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 69.365748][ T9259] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1849: bg 0: block 248: padding at end of block bitmap is not set [ 69.376178][ T9259] Quota error (device loop3): write_blk: dquota write failed [ 69.376230][ T9259] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota [ 69.376270][ T9259] EXT4-fs error (device loop3): ext4_acquire_dquot:7034: comm syz.3.1849: Failed to acquire dquot type 1 [ 69.392172][ T9270] syzkaller0: tun_chr_ioctl cmd 1074025672 [ 69.392209][ T9270] syzkaller0: ignored: set checksum disabled [ 69.415887][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000. [ 69.450885][ T4672] Bluetooth: hci4: command tx timeout [ 69.767137][ T4357] 8021q: adding VLAN 0 to HW filter on device eth3 [ 69.894515][ T9313] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1863'. [ 70.034068][ T9325] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 70.073389][ T9330] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 70.086122][ T9330] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e01c, mo2=0002] [ 70.086232][ T9330] EXT4-fs (loop3): orphan cleanup on readonly fs [ 70.099014][ T9330] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1869: bg 0: block 361: padding at end of block bitmap is not set [ 70.100007][ T9330] loop3: lost filesystem error report for type 5 error -117 [ 70.100717][ C0] EXT4-fs (loop3): error count since last fsck: 1 [ 70.100737][ C0] EXT4-fs (loop3): initial error at time 70: ext4_validate_block_bitmap:441 [ 70.100751][ C0] EXT4-fs (loop3): last error at time 70: ext4_validate_block_bitmap:441 [ 70.106504][ T9330] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 70.106525][ T9330] loop3: lost filesystem error report for type 5 error -117 [ 70.111923][ T9330] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.1869: attempt to clear invalid blocks 33685516 len 1 [ 70.111955][ T9330] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 70.117024][ T9330] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1869: invalid indirect mapped block 1811939328 (level 0) [ 70.117065][ T9330] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 70.117606][ T9330] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.1869: invalid indirect mapped block 2185560079 (level 1) [ 70.117632][ T9330] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 70.126131][ T9330] EXT4-fs (loop3): 1 truncate cleaned up [ 70.126606][ T9330] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none. [ 70.140271][ T9330] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.1869: dx entry: limit 0 != root limit 125 [ 70.140308][ T9330] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.1869: Corrupt directory, running e2fsck is recommended [ 70.152909][ T9338] netlink: 'syz.1.1872': attribute type 3 has an invalid length. [ 70.180766][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 70.203357][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 70.278023][ T9345] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.356501][ T8769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.362324][ T9354] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 70.373749][ T9354] EXT4-fs (loop2): 1 orphan inode deleted [ 70.373779][ T9354] EXT4-fs (loop2): 1 truncate cleaned up [ 70.374557][ T9354] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.413504][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.470273][ T9368] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1885'. [ 70.549558][ T9378] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1891'. [ 70.552236][ T9378] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1891'. [ 70.632543][ T9387] tap0: tun_chr_ioctl cmd 1074025677 [ 70.632712][ T9387] tap0: linktype set to 773 [ 70.683748][ T9393] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 70.693461][ T9393] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.1896: invalid indirect mapped block 4294967295 (level 0) [ 70.693507][ T9393] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 70.694024][ T9393] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #16: comm syz.1.1896: invalid indirect mapped block 4294967295 (level 1) [ 70.694052][ T9393] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117 [ 70.694931][ T9393] EXT4-fs (loop1): 1 orphan inode deleted [ 70.694944][ T9393] EXT4-fs (loop1): 1 truncate cleaned up [ 70.695485][ T9393] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 70.741320][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 70.788232][ T9401] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1898'. [ 70.788309][ T9401] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1898'. [ 70.792856][ C0] vxcan1: j1939_tp_rxtimer: 0x000000002abdfd69: rx timeout, send abort [ 70.809756][ T9399] EXT4-fs: inline encryption not supported [ 70.811253][ T9399] EXT4-fs: Ignoring removed bh option [ 70.816856][ T9399] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 70.816898][ T9399] EXT4-fs (loop3): Test dummy encryption mode enabled [ 70.819109][ T9399] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 70.819143][ T9399] System zones: 0-5 [ 70.823808][ T9399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 70.853995][ T9406] bond1: option fail_over_mac: invalid value (102) [ 70.860172][ T9406] bond1 (unregistering): Released all slaves [ 70.871271][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 71.081814][ T9436] netlink: 'syz.2.1912': attribute type 8 has an invalid length. [ 71.293660][ C0] vxcan1: j1939_tp_rxtimer: 0x000000002abdfd69: abort rx timeout. Force session deactivation [ 71.530930][ T4672] Bluetooth: hci4: command tx timeout [ 71.659519][ T9500] EXT4-fs: Ignoring removed orlov option [ 71.665122][ T9500] EXT4-fs: Ignoring removed orlov option [ 71.677659][ T9500] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 71.799766][ T9522] netlink: 'syz.0.1952': attribute type 14 has an invalid length. [ 71.820932][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.016738][ T9550] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1966'. [ 72.016775][ T9550] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1966'. [ 72.086587][ T9556] set_capacity_and_notify: 9 callbacks suppressed [ 72.086641][ T9556] loop1: detected capacity change from 0 to 1024 [ 72.094135][ T9556] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none. [ 72.111955][ T9556] EXT4-fs error (device loop1): ext4_free_blocks:6718: comm syz.1.1967: Freeing blocks not in datazone - block = 0, count = 16 [ 72.145365][ T15] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u8:1: bg 0: block 112: padding at end of block bitmap is not set [ 72.149666][ T15] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 72.149709][ T15] EXT4-fs (loop1): This should not happen!! Data will be lost [ 72.149709][ T15] [ 72.149726][ T15] EXT4-fs (loop1): Total free blocks count 0 [ 72.149740][ T15] EXT4-fs (loop1): Free/Dirty block details [ 72.149752][ T15] EXT4-fs (loop1): free_blocks=16 [ 72.149765][ T15] EXT4-fs (loop1): dirty_blocks=16 [ 72.149775][ T15] EXT4-fs (loop1): Block reservation details [ 72.149785][ T15] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 72.163863][ T4668] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 72.164613][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000. [ 72.419576][ T9594] loop3: detected capacity change from 0 to 1024 [ 72.434343][ T9594] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 72.564171][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 72.710439][ T9615] loop1: detected capacity change from 0 to 256 [ 72.861868][ T9608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 72.862058][ T9608] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 73.015929][ T9642] loop5: detected capacity change from 0 to 128 [ 73.033243][ T9642] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.038451][ T9642] fscrypt (loop5, inode 12): Unsupported encryption flags (0x3d) [ 73.065015][ T8769] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.185105][ T9661] loop0: detected capacity change from 0 to 512 [ 73.185520][ T9661] EXT4-fs: Ignoring removed bh option [ 73.186041][ T9661] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 73.189228][ T9661] EXT4-fs (loop0): 1 truncate cleaned up [ 73.189740][ T9661] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.233105][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.272926][ T9670] loop0: detected capacity change from 0 to 128 [ 73.416185][ T9685] loop3: detected capacity change from 0 to 128 [ 73.423547][ T9685] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 73.451063][ T4669] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 73.553506][ T9704] loop3: detected capacity change from 0 to 512 [ 73.556607][ T9704] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 73.559476][ T9704] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ce01c, mo2=0002] [ 73.559539][ T9704] System zones: 1-12 [ 73.559631][ T9704] EXT4-fs (loop3): orphan cleanup on readonly fs [ 73.560562][ T9704] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2035: invalid indirect mapped block 12 (level 1) [ 73.560576][ T9704] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 73.561811][ T9704] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.2035: invalid indirect mapped block 2 (level 2) [ 73.561828][ T9704] loop3: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 73.562149][ T9704] EXT4-fs (loop3): 1 truncate cleaned up [ 73.563071][ T9704] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback. [ 73.595111][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007. [ 73.610923][ T4672] Bluetooth: hci4: command tx timeout [ 73.617249][ T9709] /dev/nullb0: Can't open blockdev [ 73.670337][ T9717] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 73.688628][ T9721] loop3: detected capacity change from 0 to 512 [ 73.692423][ T9721] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 73.695490][ T9718] loop5: detected capacity change from 0 to 1024 [ 73.700244][ T9718] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 73.700311][ T9718] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 73.700369][ T9718] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 73.704145][ T9718] EXT4-fs error (device loop5): ext4_get_journal_inode:5896: inode #32: comm syz.5.2041: iget: special inode unallocated [ 73.704176][ T9718] loop5: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117 [ 73.704335][ T9718] EXT4-fs (loop5): no journal found [ 73.704344][ T9718] EXT4-fs (loop5): can't get journal size [ 73.709616][ T9718] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 73.715335][ T9721] EXT4-fs (loop3): 1 truncate cleaned up [ 73.724274][ T9721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.725216][ T9718] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 73.726226][ T9718] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1332: inode #12: block 16: comm syz.5.2041: path /: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0 [ 73.762557][ T8769] EXT4-fs error (device loop5): __ext4_iget:5481: inode #15: block 1803188595: comm syz-executor: invalid block [ 73.764218][ T8769] EXT4-fs error (device loop5): __ext4_iget:5481: inode #15: block 1803188595: comm syz-executor: invalid block [ 73.772897][ T9725] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 73.785743][ T9725] EXT4-fs (loop0): 1 truncate cleaned up [ 73.786234][ T9725] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 73.816774][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 73.845115][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.042981][ T8769] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.117504][ T39] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.201718][ T39] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.217641][ T4680] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 74.222164][ T4680] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 74.224399][ T4680] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 74.229046][ T4680] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 74.236648][ T4680] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 74.273956][ T39] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.355893][ T39] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.416355][ T9776] netlink: 'syz.2.2063': attribute type 9 has an invalid length. [ 74.485960][ T9783] __nla_validate_parse: 1 callbacks suppressed [ 74.486000][ T9783] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2066'. [ 74.594930][ T9797] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 74.627418][ T9797] syz.2.2074: attempt to access beyond end of device [ 74.627418][ T9797] loop2: rw=0, sector=17179852721, nr_sectors = 1 limit=512 [ 74.627521][ T9797] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00) [ 74.627569][ T9797] FAT-fs (loop2): error, invalid access to FAT (entry 0x0fffff00) [ 74.684581][ T39] bridge_slave_1: left allmulticast mode [ 74.684619][ T39] bridge_slave_1: left promiscuous mode [ 74.684720][ T39] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.685380][ T9801] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem [ 74.693201][ T39] bridge_slave_0: left allmulticast mode [ 74.693235][ T39] bridge_slave_0: left promiscuous mode [ 74.693313][ T39] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.696397][ T9801] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.2076: bg 0: block 104: invalid block bitmap [ 74.696421][ T9801] loop2: lost filesystem error report for type 5 error -117 [ 74.697482][ T9801] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6679: Corrupt filesystem [ 74.697498][ T9801] loop2: lost filesystem error report for type 5 error -117 [ 74.697666][ T9801] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.2076: invalid indirect mapped block 1 (level 1) [ 74.697681][ T9801] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 74.697957][ T9801] EXT4-fs (loop2): 1 truncate cleaned up [ 74.699142][ T9801] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 74.717534][ T9801] EXT4-fs (loop2): shut down requested (2) [ 74.751873][ T4681] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 74.927725][ T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 74.943723][ T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 74.952915][ T39] bond0 (unregistering): Released all slaves [ 74.960240][ T9804] : renamed from bond_slave_0 (while UP) [ 75.146230][ T9852] buffer_io_error: 3 callbacks suppressed [ 75.146474][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146522][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146556][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146593][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146631][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146666][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146697][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146718][ T9852] ldm_validate_partition_table(): Disk read failed. [ 75.146733][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146762][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146791][ T9852] Buffer I/O error on dev loop9, logical block 0, async page read [ 75.146835][ T9852] Dev loop9: unable to read RDB block 0 [ 75.146910][ T9852] loop9: unable to read partition table [ 75.146982][ T9852] loop9: partition table beyond EOD, truncated [ 75.146990][ T9852] loop_reread_partitions: partition scan of loop9 (7x~Sj̖P@?X) failed (rc=-5) [ 75.152854][ T9852] ldm_validate_partition_table(): Disk read failed. [ 75.152958][ T9852] Dev loop9: unable to read RDB block 0 [ 75.153063][ T9852] loop9: unable to read partition table [ 75.153127][ T9852] loop9: partition table beyond EOD, truncated [ 75.252493][ T9867] EXT4-fs (loop2): Test dummy encryption mode enabled [ 75.263081][ T9867] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 75.281494][ T9867] fscrypt: AES-256-XTS using implementation "xts-aes-ce" [ 75.326938][ T4681] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 75.372178][ T9885] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only [ 75.372212][ T9885] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 75.372219][ T9885] overlayfs: fs on './file0' does not support file handles, falling back to xino=off. [ 75.372369][ T9885] overlayfs: conflicting lowerdir path [ 75.468061][ T4357] 8021q: adding VLAN 0 to HW filter on device eth4 [ 75.483331][ T9899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2113'. [ 75.520424][ T9906] Bluetooth: MGMT ver 1.23 [ 75.575982][ T9755] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.576031][ T9755] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.576105][ T9755] bridge_slave_0: entered allmulticast mode [ 75.576688][ T9755] bridge_slave_0: entered promiscuous mode [ 75.577339][ T9755] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.577363][ T9755] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.577416][ T9755] bridge_slave_1: entered allmulticast mode [ 75.577968][ T9755] bridge_slave_1: entered promiscuous mode [ 75.592761][ T9912] EXT4-fs error (device loop0): ext4_orphan_get:1397: inode #15: comm syz.0.2118: inode has both inline data and extents flags [ 75.592800][ T9912] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 75.598002][ T9912] EXT4-fs error (device loop0): ext4_orphan_get:1402: comm syz.0.2118: couldn't read orphan inode 15 (err -117) [ 75.598038][ T9912] loop0: lost filesystem error report for type 5 error -117 [ 75.601853][ C1] EXT4-fs (loop0): error count since last fsck: 2 [ 75.601866][ C1] EXT4-fs (loop0): initial error at time 75: ext4_orphan_get:1397: inode 15 [ 75.601882][ C1] EXT4-fs (loop0): last error at time 75: ext4_orphan_get:1402 [ 75.611757][ T9912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 75.636821][ T39] hsr_slave_0: left promiscuous mode [ 75.637261][ T39] hsr_slave_1: left promiscuous mode [ 75.637535][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.637552][ T39] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.637898][ T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.637913][ T39] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.646117][ T39] veth1_macvtap: left promiscuous mode [ 75.646160][ T39] veth0_macvtap: left promiscuous mode [ 75.646215][ T39] veth1_vlan: left promiscuous mode [ 75.646248][ T39] veth0_vlan: left promiscuous mode [ 75.681815][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 75.881002][ T39] team0 (unregistering): Port device team_slave_1 removed [ 75.896573][ T39] team0 (unregistering): Port device team_slave_0 removed [ 75.970420][ T9917] can0: slcan on ptm0. [ 75.983861][ T9755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 76.008833][ T9755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 76.042441][ T9916] can0 (unregistered): slcan off ptm0. [ 76.075375][ T9755] team0: Port device team_slave_0 added [ 76.077404][ T9755] team0: Port device team_slave_1 added [ 76.111493][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 76.111521][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.111550][ T9755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 76.117135][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 76.117150][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 76.117167][ T9755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 76.187269][ T9755] hsr_slave_0: entered promiscuous mode [ 76.188024][ T9755] hsr_slave_1: entered promiscuous mode [ 76.188242][ T9755] debugfs: 'hsr0' already exists in 'hsr' [ 76.188253][ T9755] Cannot create hsr debugfs directory [ 76.250991][ T4680] Bluetooth: hci4: command tx timeout [ 76.303590][ T9755] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 76.324040][ T9755] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 76.325863][ T9755] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 76.330514][ T9755] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 76.335895][ T9755] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 76.364317][ T9755] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 76.367723][ T9755] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 76.377470][ T9755] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 76.439741][ T9993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2149'. [ 76.517564][T10006] tun0: tun_chr_ioctl cmd 1074812117 [ 76.582216][ T9755] 8021q: adding VLAN 0 to HW filter on device bond0 [ 76.598908][ T4357] 8021q: adding VLAN 0 to HW filter on device eth6 [ 76.643249][ T9755] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.650784][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 76.661727][ T15] bridge0: port 1(bridge_slave_0) entered blocking state [ 76.661780][ T15] bridge0: port 1(bridge_slave_0) entered forwarding state [ 76.662341][ T15] bridge0: port 2(bridge_slave_1) entered blocking state [ 76.662368][ T15] bridge0: port 2(bridge_slave_1) entered forwarding state [ 76.670137][ T9755] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 76.670180][ T9755] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 76.674011][T10023] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2158'. [ 76.762260][T10027] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.2159: inode has both inline data and extents flags [ 76.762297][T10027] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 76.762410][T10027] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2159: couldn't read orphan inode 15 (err -117) [ 76.762424][T10027] loop3: lost filesystem error report for type 5 error -117 [ 76.762947][T10027] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 76.817137][ T4669] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.003664][ T9755] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 77.012452][T10064] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.020450][T10073] binder: 10072:10073 ioctl 4018620d 0 returned -22 [ 77.024109][T10073] binder: 10072:10073 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 77.024143][T10073] binder: 10073 RLIMIT_NICE not set [ 77.035720][T10064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 77.054997][T10064] EXT4-fs (loop1): Online resizing not supported with bigalloc [ 77.065873][ T4668] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 77.075192][T10081] binder: 10072:10081 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 77.075233][T10081] binder: 10081 RLIMIT_NICE not set [ 77.215839][ T4357] 8021q: adding VLAN 0 to HW filter on device eth5 [ 77.226760][ T9755] veth0_vlan: entered promiscuous mode [ 77.239002][ T9755] veth1_vlan: entered promiscuous mode [ 77.266288][ T9755] veth0_macvtap: entered promiscuous mode [ 77.269848][ T9755] veth1_macvtap: entered promiscuous mode [ 77.280283][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.287633][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.297914][ T3004] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.299975][ T1426] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.300005][ T1426] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.300027][ T1426] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.333695][T10102] set_capacity_and_notify: 8 callbacks suppressed [ 77.335617][T10102] loop3: detected capacity change from 0 to 512 [ 77.391407][ T3004] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.391440][ T3004] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.402791][ T15] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.402819][ T15] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.477711][T10118] loop6: detected capacity change from 0 to 128 [ 77.538848][T10118] fscrypt (loop6, inode 12): Unsupported encryption flags (0x10) [ 77.610328][T10128] loop6: detected capacity change from 0 to 256 [ 77.675483][ T4357] 8021q: adding VLAN 0 to HW filter on device eth7 [ 77.994706][T10173] loop3: detected capacity change from 0 to 512 [ 77.995112][T10173] EXT4-fs: Ignoring removed mblk_io_submit option [ 77.999939][T10173] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 78.017752][T10173] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.2203: inode has both inline data and extents flags [ 78.017793][T10173] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 78.017979][T10173] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2203: couldn't read orphan inode 15 (err -117) [ 78.017992][T10173] loop3: lost filesystem error report for type 5 error -117 [ 78.092121][T10185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2208'. [ 78.125679][ T4765] kernel read not supported for file /comedi0 (pid: 4765 comm: kworker/0:6) [ 78.233478][T10197] nbd2: detected capacity change from 0 to 549764202496 [ 78.235356][ T4680] block nbd2: Receive control failed (result -32) [ 78.267845][ T4866] block nbd2: Dead connection, failed to find a fallback [ 78.267888][ T4866] block nbd2: shutting down sockets [ 78.267916][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268101][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268144][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268185][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268264][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268308][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268353][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268390][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268416][ T4866] ldm_validate_partition_table(): Disk read failed. [ 78.268434][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268472][ T4866] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 78.268597][ T4866] Dev nbd2: unable to read RDB block 0 [ 78.268768][ T4866] nbd2: unable to read partition table [ 78.312429][ T4866] ldm_validate_partition_table(): Disk read failed. [ 78.312562][ T4866] Dev nbd2: unable to read RDB block 0 [ 78.312703][ T4866] nbd2: unable to read partition table [ 78.330893][ T4680] Bluetooth: hci4: command tx timeout [ 78.336628][T10211] loop2: detected capacity change from 0 to 4096 [ 78.433282][T10229] loop1: detected capacity change from 0 to 1024 [ 78.680561][T10261] loop0: detected capacity change from 0 to 512 [ 78.712659][T10270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2242'. [ 78.752987][ T40] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1317: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters [ 78.753091][ T40] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 31 with max blocks 2 with error 28 [ 78.753108][ T40] EXT4-fs (loop0): This should not happen!! Data will be lost [ 78.753108][ T40] [ 78.753120][ T40] EXT4-fs (loop0): Total free blocks count 0 [ 78.753130][ T40] EXT4-fs (loop0): Free/Dirty block details [ 78.753142][ T40] EXT4-fs (loop0): free_blocks=65280 [ 78.753153][ T40] EXT4-fs (loop0): dirty_blocks=2 [ 78.753163][ T40] EXT4-fs (loop0): Block reservation details [ 78.753171][ T40] EXT4-fs (loop0): i_reserved_data_blocks=2 [ 78.759696][ T4676] EXT4-fs warning (device loop0): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost [ 78.797063][T10277] loop1: detected capacity change from 0 to 512 [ 78.827798][T10282] loop6: detected capacity change from 0 to 256 [ 78.828292][T10282] vfat: Unknown parameter 'rodilcte' [ 78.900996][T10289] EXT4-fs: Ignoring removed bh option [ 78.903116][T10286] pim6reg1: tun_chr_ioctl cmd 1074025678 [ 78.903150][T10286] pim6reg1: group set to 805 [ 78.905136][T10289] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 78.911518][T10289] EXT4-fs (loop1): 1 truncate cleaned up [ 78.973420][ T4680] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 78.973536][ T4680] Bluetooth: hci1: Injecting HCI hardware error event [ 78.974321][ T4680] Bluetooth: hci1: hardware error 0x00 [ 79.379206][T10341] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2273'. [ 79.391738][T10343] Falling back ldisc for ttyS3. [ 79.425620][T10349] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 79.427354][T10349] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 79.767814][T10386] Injecting memory failure for pfn 0x1422b4 at process virtual address 0x20000000 [ 79.781774][T10386] Memory failure: 0x1422b4: corrupted page was clean: dropped without side effects [ 79.782116][T10386] Memory failure: 0x1422b4: recovery action for clean LRU page: Recovered [ 79.845862][T10390] FAT-fs (loop0): Directory bread(block 64) failed [ 79.845904][T10390] FAT-fs (loop0): Directory bread(block 65) failed [ 79.845954][T10390] FAT-fs (loop0): Directory bread(block 66) failed [ 79.845976][T10390] FAT-fs (loop0): Directory bread(block 67) failed [ 79.846021][T10390] FAT-fs (loop0): Directory bread(block 68) failed [ 79.846038][T10390] FAT-fs (loop0): Directory bread(block 69) failed [ 79.846066][T10390] FAT-fs (loop0): Directory bread(block 70) failed [ 79.846082][T10390] FAT-fs (loop0): Directory bread(block 71) failed [ 79.846109][T10390] FAT-fs (loop0): Directory bread(block 72) failed [ 79.846123][T10390] FAT-fs (loop0): Directory bread(block 73) failed [ 79.988318][T10408] team0: No ports can be present during mode change [ 80.100095][T10421] EXT4-fs (loop0): Test dummy encryption mode enabled [ 80.116288][T10421] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003] [ 80.116374][T10421] System zones: 0-5 [ 80.159704][T10429] bond1: entered promiscuous mode [ 80.203751][T10435] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2314'. [ 80.235617][T10437] squashfs: SQUASHFS error: Xattrs in filesystem, these will be ignored [ 80.238154][T10437] unable to read xattr id index table [ 80.244965][T10435] veth1_to_batadv: entered promiscuous mode [ 80.248912][T10437] SQUASHFS error: zlib decompression failed, data probably corrupt [ 80.250926][T10437] SQUASHFS error: Failed to read block 0x9b: -5 [ 80.254486][T10437] SQUASHFS error: Unable to read metadata cache entry [99] [ 80.254532][T10437] SQUASHFS error: Unable to read inode 0x127 [ 80.257687][T10435] veth1_to_batadv: left promiscuous mode [ 80.410756][ T4672] Bluetooth: hci4: command tx timeout [ 80.422655][T10455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2324'. [ 80.545520][T10469] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 80.559612][T10469] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 80.752339][T10479] EXT4-fs: inline encryption not supported [ 80.755051][T10479] EXT4-fs: Ignoring removed oldalloc option [ 80.783891][T10479] EXT4-fs (loop3): 1 truncate cleaned up [ 80.865339][T10475] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 80.944129][T10474] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 548) [ 80.944270][T10474] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 548) [ 80.944298][T10474] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 548) [ 81.105703][T10512] FAT-fs (loop0): Directory bread(block 64) failed [ 81.105739][T10512] FAT-fs (loop0): Directory bread(block 65) failed [ 81.105766][T10512] FAT-fs (loop0): Directory bread(block 66) failed [ 81.105778][T10512] FAT-fs (loop0): Directory bread(block 67) failed [ 81.105802][T10512] FAT-fs (loop0): Directory bread(block 68) failed [ 81.105813][T10512] FAT-fs (loop0): Directory bread(block 69) failed [ 81.105835][T10512] FAT-fs (loop0): Directory bread(block 70) failed [ 81.105846][T10512] FAT-fs (loop0): Directory bread(block 71) failed [ 81.105868][T10512] FAT-fs (loop0): Directory bread(block 72) failed [ 81.105878][T10512] FAT-fs (loop0): Directory bread(block 73) failed [ 81.131229][ T4680] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 81.493214][T10561] netlink: 428 bytes leftover after parsing attributes in process `syz.3.2361'. [ 81.494936][T10561] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2361'. [ 81.781770][T10593] netlink: 220 bytes leftover after parsing attributes in process `syz.2.2372'. [ 81.882822][T10607] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended [ 81.894600][T10607] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1148: updating to rev 1 because of new feature flag, running e2fsck is recommended [ 81.912180][T10607] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.2376: bg 0: block 248: padding at end of block bitmap is not set [ 81.912234][T10607] loop6: lost filesystem error report for type 5 error -117 [ 81.919012][T10607] Quota error (device loop6): write_blk: dquota write failed [ 81.919061][T10607] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota [ 81.919095][T10607] EXT4-fs error (device loop6): ext4_acquire_dquot:7034: comm syz.6.2376: Failed to acquire dquot type 1 [ 81.919113][T10607] loop6: lost filesystem error report for type 5 error -28 [ 81.921705][ C1] EXT4-fs (loop6): error count since last fsck: 2 [ 81.921720][ C1] EXT4-fs (loop6): last error at time 82: ext4_acquire_dquot:7034 [ 81.929854][T10607] EXT4-fs (loop6): 1 truncate cleaned up [ 81.945458][ T1426] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5 [ 81.945507][ T1426] EXT4-fs error (device loop6): ext4_release_dquot:7070: comm kworker/u8:6: Failed to release dquot type 1 [ 82.004790][T10613] EXT4-fs error (device loop3): ext4_xattr_inode_iget:441: inode #11: comm syz.3.2377: missing EA_INODE flag [ 82.007116][T10613] EXT4-fs (loop3): Remounting filesystem read-only [ 82.162850][T10636] : renamed from lo (while UP) [ 82.181460][T10637] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 82.181460][T10637] The task syz.1.2382 (10637) triggered the difference, watch for misbehavior. [ 82.224168][T10615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 82.224359][T10615] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 82.465413][T10660] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2394'. [ 82.467043][T10660] netlink: 'syz.6.2394': attribute type 3 has an invalid length. [ 82.468703][T10660] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2394'. [ 82.470594][T10660] netlink: 'syz.6.2394': attribute type 3 has an invalid length. [ 82.491196][ T4680] Bluetooth: hci4: command tx timeout [ 82.512278][T10662] binder: 10661:10662 cannot find target node [ 82.513866][T10662] binder: 10661:10662 transaction async to 0:0 failed 3/29189/-22, code 0 size 0-0 line 3236 [ 82.758585][T10688] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2402'. [ 82.784346][T10691] set_capacity_and_notify: 13 callbacks suppressed [ 82.787825][T10691] loop6: detected capacity change from 0 to 256 [ 82.809973][ T30] audit: type=1400 audit(83.786:35): lsm=SMACK fn=smack_inode_remove_acl action=denied subject="_" object="vfat" requested=w pid=10689 comm="syz.6.2403" name="bus" dev="loop6" ino=1048718 [ 82.871797][T10696] erspan0: entered promiscuous mode [ 83.008902][T10709] loop6: detected capacity change from 0 to 512 [ 83.010579][T10709] EXT4-fs: Ignoring removed i_version option [ 83.015087][T10709] EXT4-fs: Ignoring removed oldalloc option [ 83.057658][T10716] syz.1.2414 uses obsolete (PF_INET,SOCK_PACKET) [ 83.198675][T10729] binder: 10728 BINDER_GET_NODE_INFO_FOR_REF: only handle may be non-zero. [ 83.198708][T10729] binder: 10728:10729 ioctl c018620c 20000040 returned -22 [ 83.310563][T10742] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.2426'. [ 83.359737][T10748] input: syz1 as /devices/virtual/input/input7 [ 83.599363][T10777] loop6: detected capacity change from 0 to 512 [ 83.601684][T10777] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 83.606572][T10777] EXT4-fs (loop6): 1 truncate cleaned up [ 83.637649][T10777] EXT4-fs error (device loop6): ext4_generic_delete_entry:2673: inode #2: block 13: comm syz.6.2443: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0 [ 83.643428][T10777] EXT4-fs error (device loop6) in ext4_delete_entry:2744: Corrupt filesystem [ 83.649623][T10777] EXT4-fs warning (device loop6): ext4_rename_delete:3739: inode #2: comm syz.6.2443: Deleting old file: nlink 4, error=-117 [ 83.744436][T10794] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method [ 83.816535][T10799] support for the xor transformation has been removed. [ 83.925336][T10814] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2460'. [ 83.986171][T10822] loop1: detected capacity change from 0 to 128 [ 84.224768][T10854] loop2: detected capacity change from 0 to 512 [ 84.230532][T10854] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended [ 84.260403][T10854] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4222: comm syz.2.2477: Allocating blocks 41-42 which overlap fs metadata [ 84.260448][T10854] loop2: lost filesystem error report for type 5 error -117 [ 84.260849][ C1] EXT4-fs (loop2): initial error at time 85: ext4_mb_mark_diskspace_used:4222 [ 84.260884][ C1] EXT4-fs (loop2): last error at time 85: ext4_mb_mark_diskspace_used:4222 [ 84.269802][T10854] EXT4-fs (loop2): Remounting filesystem read-only [ 84.269944][T10854] Quota error (device loop2): write_blk: dquota write failed [ 84.269971][T10854] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5 [ 84.270055][T10854] Quota error (device loop2): write_blk: dquota write failed [ 84.270100][T10854] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 84.270170][T10854] EXT4-fs (loop2): 1 truncate cleaned up [ 84.521620][T10892] syzkaller0: tun_chr_ioctl cmd 2147767517 [ 84.578209][ C1] vxcan1: j1939_xtp_rx_rts_session_active: 0x00000000451b0779: connection exists (00 00). last cmd: 14 [ 85.256753][T10930] __nla_validate_parse: 4 callbacks suppressed [ 85.256800][T10930] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2510'. [ 85.256819][T10930] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2510'. [ 85.335097][T10933] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2513'. [ 86.366636][T10991] sctp: [Deprecated]: syz.1.2541 (pid 10991) Use of struct sctp_assoc_value in delayed_ack socket option. [ 86.366636][T10991] Use struct sctp_sack_info instead [ 86.515532][T11003] loop6: detected capacity change from 0 to 512 [ 86.543189][T11003] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 86.696848][T11020] netlink: 27 bytes leftover after parsing attributes in process `syz.3.2554'. [ 86.723899][T11022] loop0: detected capacity change from 0 to 1024 [ 86.811961][T11022] EXT4-fs: Ignoring removed bh option [ 86.852850][T11022] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 87.060994][T11011] Injecting memory failure for pfn 0x13f9f3 at process virtual address 0x20000000 [ 87.546116][T11011] Memory failure: 0x13f9f3: keeping poisoned page in swap cache [ 87.553244][T11011] Memory failure: 0x13f9f3: recovery action for clean swapcache page: Recovered [ 87.776441][T11065] loop1: detected capacity change from 0 to 512 [ 87.785547][T11065] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349) [ 87.791151][T11065] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e12c, mo2=0002] [ 87.793925][T11065] System zones: 1-12 [ 87.801012][T11065] EXT4-fs (loop1): orphan cleanup on readonly fs [ 87.810123][T11065] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2569: bg 0: block 361: padding at end of block bitmap is not set [ 87.810171][T11065] loop1: lost filesystem error report for type 5 error -117 [ 87.810874][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 87.810904][ C0] EXT4-fs (loop1): initial error at time 88: ext4_validate_block_bitmap:441 [ 87.810931][ C0] EXT4-fs (loop1): last error at time 88: ext4_validate_block_bitmap:441 [ 87.820446][T11065] EXT4-fs (loop1): Remounting filesystem read-only [ 87.820690][T11065] EXT4-fs (loop1): 1 truncate cleaned up [ 87.970374][T11077] loop2: detected capacity change from 0 to 256 [ 88.287921][T11091] GUP no longer grows the stack in syz.0.2580 (11091): 20004000-20005000 (20001000) [ 88.290579][T11091] CPU: 0 UID: 0 PID: 11091 Comm: syz.0.2580 Tainted: G L syzkaller #0 PREEMPT [ 88.290603][T11091] Tainted: [L]=SOFTLOCKUP [ 88.290607][T11091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 88.290613][T11091] Call trace: [ 88.290616][T11091] show_stack+0x2c/0x3c (C) [ 88.290644][T11091] __dump_stack+0x30/0x40 [ 88.290655][T11091] dump_stack_lvl+0xd8/0x12c [ 88.290666][T11091] dump_stack+0x1c/0x28 [ 88.290676][T11091] gup_vma_lookup+0x1b4/0x1d4 [ 88.290687][T11091] __get_user_pages+0x2fc/0x20f0 [ 88.290697][T11091] __gup_longterm_locked+0x9e8/0xfe4 [ 88.290707][T11091] pin_user_pages_remote+0xe0/0x13c [ 88.290717][T11091] process_vm_rw+0x4f4/0x928 [ 88.290725][T11091] __arm64_sys_process_vm_writev+0xdc/0xf8 [ 88.290733][T11091] invoke_syscall+0x98/0x244 [ 88.290744][T11091] el0_svc_common+0xe8/0x23c [ 88.290755][T11091] do_el0_svc+0x48/0x58 [ 88.290765][T11091] el0_svc+0x64/0x260 [ 88.290778][T11091] el0t_64_sync_handler+0x48/0x148 [ 88.290790][T11091] el0t_64_sync+0x198/0x19c [ 88.324572][T11087] Injecting memory failure for pfn 0x141ebd at process virtual address 0x20ff7000 [ 88.350161][T11087] Memory failure: 0x141ebd: Sending SIGBUS to syz.2.2578:11087 due to hardware memory corruption [ 88.350240][T11087] Memory failure: 0x141ebd: recovery action for dirty LRU page: Recovered [ 88.350270][T11087] Injecting memory failure for pfn 0x140ad6 at process virtual address 0x20ff8000 [ 88.350524][T11087] Memory failure: 0x140ad6: Sending SIGBUS to syz.2.2578:11087 due to hardware memory corruption [ 88.350549][T11087] Memory failure: 0x140ad6: recovery action for dirty LRU page: Recovered [ 88.350562][T11087] Injecting memory failure for pfn 0x11fdcc at process virtual address 0x20ff9000 [ 88.350619][T11087] Memory failure: 0x11fdcc: Sending SIGBUS to syz.2.2578:11087 due to hardware memory corruption [ 88.363977][T11087] Memory failure: 0x11fdcc: recovery action for dirty LRU page: Recovered [ 88.364018][T11087] Injecting memory failure for pfn 0x140080 at process virtual address 0x20ffa000 [ 88.364203][T11087] Memory failure: 0x140080: Sending SIGBUS to syz.2.2578:11087 due to hardware memory corruption [ 88.364228][T11087] Memory failure: 0x140080: recovery action for dirty LRU page: Recovered [ 88.494492][T11102] loop0: detected capacity change from 0 to 512 [ 88.836778][T11125] loop6: detected capacity change from 0 to 256 [ 88.895104][ T4765] atkbd serio2: keyboard reset failed on [ 89.153009][ T4781] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 89.190133][ T4781] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 89.205761][T11147] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2601'. [ 89.547163][T11174] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2612'. [ 89.678352][T11163] fido_id[11163]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 89.872963][T11198] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2622'. [ 90.083129][T11217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2628'. [ 90.102828][T11218] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2629'. [ 90.107128][T11218] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2629'. [ 90.431327][T11238] overlayfs: conflicting lowerdir path [ 90.537935][T11245] loop3: detected capacity change from 0 to 512 [ 90.557313][T11245] EXT4-fs error (device loop3): ext4_iget_extra_inode:5128: inode #15: comm syz.3.2639: corrupted in-inode xattr: e_value size too large [ 90.557350][T11245] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117 [ 90.560528][T11245] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.2639: couldn't read orphan inode 15 (err -117) [ 90.560564][T11245] loop3: lost filesystem error report for type 5 error -117 [ 90.560692][ C0] EXT4-fs (loop3): error count since last fsck: 2 [ 90.560714][ C0] EXT4-fs (loop3): initial error at time 91: ext4_iget_extra_inode:5128: inode 15 [ 90.560750][ C0] EXT4-fs (loop3): last error at time 91: ext4_orphan_get:1402 [ 90.982011][T11270] loop1: detected capacity change from 0 to 512 [ 90.999241][T11270] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 91.036153][T11270] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.2648: invalid block [ 91.036214][T11270] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117 [ 91.040686][ C0] EXT4-fs (loop1): error count since last fsck: 1 [ 91.040722][ C0] EXT4-fs (loop1): initial error at time 92: ext4_get_branch:178: inode 11: block 4294967295 [ 91.040776][ C0] EXT4-fs (loop1): last error at time 92: ext4_get_branch:178: inode 11: block 4294967295 [ 91.054307][T11270] EXT4-fs (loop1): Remounting filesystem read-only [ 91.054479][T11270] EXT4-fs (loop1): 2 truncates cleaned up [ 91.146902][ T1426] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) [ 91.371921][ C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured! [ 91.457322][T11298] netlink: 'syz.1.2654': attribute type 10 has an invalid length. [ 91.463668][T11295] tap0: tun_chr_ioctl cmd 1074025677 [ 91.481199][T11295] tap0: linktype set to 6 [ 91.734570][ T4680] block nbd3: Receive control failed (result -32) [ 92.232733][T11344] syz_tun: tun_net_xmit 54 [ 92.329190][T11348] Injecting memory failure for pfn 0x141039 at process virtual address 0x20001000 [ 92.422540][T11348] Memory failure: 0x141039: recovery action for clean LRU page: Recovered [ 92.425453][T11348] Injecting memory failure for pfn 0x140487 at process virtual address 0x20002000 [ 92.427735][T11348] Memory failure: 0x140487: recovery action for clean LRU page: Recovered [ 92.427778][T11348] Injecting memory failure for pfn 0x21d0b2 at process virtual address 0x20003000 [ 92.427805][T11348] Memory failure: 0x21d0b2: Sending SIGBUS to syz.0.2677:11348 due to hardware memory corruption [ 92.427834][T11348] Memory failure: 0x21d0b2: recovery action for already poisoned page: Failed [ 92.894095][T11381] __nla_validate_parse: 1 callbacks suppressed [ 92.894135][T11381] netlink: 136 bytes leftover after parsing attributes in process `syz.1.2693'. [ 93.173921][T11393] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2698'. [ 93.382734][ T30] audit: type=1400 audit(94.366:36): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=11396 comm="syz.3.2700" name="538" dev="tmpfs" ino=2797 [ 93.583615][T11410] loop1: detected capacity change from 0 to 256 [ 93.690979][ T4765] atkbd serio3: keyboard reset failed on [ 93.785722][T11430] netlink: 'syz.2.2715': attribute type 12 has an invalid length. [ 93.787241][T11430] netlink: 'syz.2.2715': attribute type 29 has an invalid length. [ 93.789234][T11430] netlink: 148 bytes leftover after parsing attributes in process `syz.2.2715'. [ 94.055201][T11445] autofs4:pid:11445:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(0.3801088), cmd(0xc0189379) [ 94.055237][T11445] autofs4:pid:11445:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc0189379) [ 94.222076][T11452] loop0: detected capacity change from 0 to 512 [ 94.228459][T11452] EXT4-fs: Ignoring removed nobh option [ 94.284835][T11452] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 94.286717][T11452] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2725: invalid indirect mapped block 256 (level 1) [ 94.286753][T11452] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 94.289763][T11452] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.2725: invalid indirect mapped block 2683928664 (level 1) [ 94.289808][T11452] loop0: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117 [ 94.290665][ C0] EXT4-fs (loop0): error count since last fsck: 2 [ 94.290686][ C0] EXT4-fs (loop0): initial error at time 95: ext4_free_branches:1023: inode 13 [ 94.290715][ C0] EXT4-fs (loop0): last error at time 95: ext4_free_branches:1023: inode 13 [ 94.293856][T11452] EXT4-fs (loop0): 1 truncate cleaned up [ 94.514646][T11473] netlink: 'syz.6.2736': attribute type 1 has an invalid length. [ 94.518630][T11473] netlink: 'syz.6.2736': attribute type 2 has an invalid length. [ 94.622020][T11486] netlink: 116 bytes leftover after parsing attributes in process `syz.2.2739'. [ 94.715755][T11492] Injecting memory failure for pfn 0x141b0a at process virtual address 0x2050a000 [ 94.795115][T11492] Memory failure: 0x141b0a: recovery action for clean LRU page: Recovered [ 94.880033][ T30] audit: type=1326 audit(95.856:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11497 comm="syz.6.2746" exe="/root/ci-upstream-gce-arm64/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb7177a28 code=0x0 [ 95.387402][T11505] block nbd4: server does not support multiple connections per device. [ 95.390464][T11505] block nbd4: shutting down sockets [ 95.584162][T11525] loop0: detected capacity change from 0 to 1024 [ 95.588058][T11525] EXT4-fs: Ignoring removed orlov option [ 95.625637][T11525] EXT4-fs mount: 50 callbacks suppressed [ 95.628689][T11525] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 95.677264][T11533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2759'. [ 95.680439][T11525] [ 95.680795][T11525] ====================================================== [ 95.681973][T11525] WARNING: possible circular locking dependency detected [ 95.683148][T11525] syzkaller #0 Tainted: G L [ 95.684109][T11525] ------------------------------------------------------ [ 95.685345][T11525] syz.0.2757/11525 is trying to acquire lock: [ 95.686357][T11525] ffff800088bd5840 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x140/0x4b0 [ 95.688112][T11525] [ 95.688112][T11525] but task is already holding lock: [ 95.689347][T11525] ffff0000f22797d0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0xb20/0x1420 [ 95.691039][T11525] [ 95.691039][T11525] which lock already depends on the new lock. [ 95.691039][T11525] [ 95.692755][T11525] [ 95.692755][T11525] the existing dependency chain (in reverse order) is: [ 95.694279][T11525] [ 95.694279][T11525] -> #8 (mapping.invalidate_lock#2){++++}-{4:4}: [ 95.695809][T11525] down_read+0x58/0x2bc [ 95.696598][T11525] do_page_cache_ra+0xec/0x11c [ 95.697476][T11525] page_cache_ra_order+0x84c/0xe28 [ 95.698366][T11525] page_cache_async_ra+0x5c4/0xd38 [ 95.699304][T11525] filemap_fault+0x5c4/0x1420 [ 95.700117][T11525] __do_fault+0xf4/0x4a0 [ 95.700996][T11525] do_pte_missing+0x1918/0x28a4 [ 95.701916][T11525] handle_mm_fault+0x1564/0x245c [ 95.702876][T11525] __get_user_pages+0x678/0x20f0 [ 95.703758][T11525] get_dump_page+0x16c/0x374 [ 95.704651][T11525] dump_user_range+0x178/0x7c0 [ 95.705544][T11525] elf_core_dump+0x2b6c/0x30f0 [ 95.706388][T11525] coredump_write+0x1044/0x181c [ 95.707273][T11525] vfs_coredump+0x29f0/0x37e0 [ 95.708247][T11525] get_signal+0xd88/0x1094 [ 95.709102][T11525] arch_do_signal_or_restart+0x1dc/0x43a0 [ 95.710190][T11525] exit_to_user_mode_loop+0x70/0x17c [ 95.711148][T11525] el0_da+0x1a4/0x254 [ 95.711904][T11525] el0t_64_sync_handler+0x10c/0x148 [ 95.712847][T11525] el0t_64_sync+0x198/0x19c [ 95.713676][T11525] [ 95.713676][T11525] -> #7 (&mm->mmap_lock){++++}-{4:4}: [ 95.715046][T11525] __might_fault+0xc0/0x114 [ 95.715926][T11525] _inline_copy_from_user+0x38/0x204 [ 95.716915][T11525] csum_and_copy_from_iter_full+0x190/0x1590 [ 95.718060][T11525] ip_generic_getfrag+0x128/0x278 [ 95.719046][T11525] raw6_getfrag+0x234/0x338 [ 95.719910][T11525] __ip6_append_data+0x2b44/0x37d0 [ 95.720907][T11525] ip6_append_data+0x100/0x27c [ 95.721773][T11525] rawv6_sendmsg+0xe78/0x1454 [ 95.722634][T11525] inet_sendmsg+0xb4/0xd8 [ 95.723454][T11525] __sock_sendmsg+0xc8/0x138 [ 95.724335][T11525] ____sys_sendmsg+0x418/0x70c [ 95.725265][T11525] ___sys_sendmsg+0x198/0x224 [ 95.726160][T11525] __sys_sendmsg+0x160/0x214 [ 95.727041][T11525] __arm64_sys_sendmsg+0x80/0x94 [ 95.727989][T11525] invoke_syscall+0x98/0x244 [ 95.728825][T11525] el0_svc_common+0xe8/0x23c [ 95.729647][T11525] do_el0_svc+0x48/0x58 [ 95.730450][T11525] el0_svc+0x64/0x260 [ 95.731282][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.732164][T11525] el0t_64_sync+0x198/0x19c [ 95.732972][T11525] [ 95.732972][T11525] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}: [ 95.734204][T11525] lock_sock_nested+0x58/0x110 [ 95.735033][T11525] inet_shutdown+0x74/0x34c [ 95.735878][T11525] kernel_sock_shutdown+0x6c/0x80 [ 95.736868][T11525] nbd_mark_nsock_dead+0x27c/0x4f4 [ 95.737859][T11525] sock_shutdown+0x154/0x23c [ 95.738790][T11525] nbd_config_put+0x274/0x52c [ 95.739668][T11525] nbd_genl_connect+0x1234/0x1564 [ 95.740629][T11525] genl_family_rcv_msg_doit+0x1e4/0x2d8 [ 95.741624][T11525] genl_rcv_msg+0x444/0x620 [ 95.742447][T11525] netlink_rcv_skb+0x22c/0x410 [ 95.743368][T11525] genl_rcv+0x38/0x50 [ 95.744114][T11525] netlink_unicast+0x610/0x800 [ 95.744980][T11525] netlink_sendmsg+0x63c/0x920 [ 95.745906][T11525] __sock_sendmsg+0xc8/0x138 [ 95.746779][T11525] ____sys_sendmsg+0x418/0x70c [ 95.747632][T11525] ___sys_sendmsg+0x198/0x224 [ 95.748471][T11525] __sys_sendmsg+0x160/0x214 [ 95.749281][T11525] __arm64_sys_sendmsg+0x80/0x94 [ 95.750149][T11525] invoke_syscall+0x98/0x244 [ 95.751010][T11525] el0_svc_common+0xe8/0x23c [ 95.751797][T11525] do_el0_svc+0x48/0x58 [ 95.752534][T11525] el0_svc+0x64/0x260 [ 95.753333][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.754210][T11525] el0t_64_sync+0x198/0x19c [ 95.754993][T11525] [ 95.754993][T11525] -> #5 (&nsock->tx_lock){+.+.}-{4:4}: [ 95.756203][T11525] __mutex_lock+0x160/0xef8 [ 95.757055][T11525] mutex_lock_nested+0x24/0x30 [ 95.757934][T11525] nbd_queue_rq+0x208/0xc44 [ 95.758772][T11525] blk_mq_dispatch_rq_list+0x3bc/0x13a4 [ 95.759817][T11525] __blk_mq_sched_dispatch_requests+0xa40/0x10bc [ 95.761036][T11525] blk_mq_sched_dispatch_requests+0xa4/0x154 [ 95.762141][T11525] blk_mq_run_hw_queue+0x300/0x4dc [ 95.763081][T11525] blk_mq_dispatch_list+0xa2c/0xb2c [ 95.764051][T11525] blk_mq_flush_plug_list+0x3a4/0x484 [ 95.765144][T11525] __blk_flush_plug+0x338/0x410 [ 95.766022][T11525] __submit_bio+0x39c/0x478 [ 95.766873][T11525] submit_bio_noacct_nocheck+0x284/0xa98 [ 95.767996][T11525] submit_bio_noacct+0xd90/0x1814 [ 95.768892][T11525] submit_bio+0x38c/0x528 [ 95.769695][T11525] submit_bh_wbc+0x4b0/0x594 [ 95.770549][T11525] block_read_full_folio+0x69c/0x734 [ 95.771435][T11525] blkdev_read_folio+0x28/0x38 [ 95.772290][T11525] filemap_read_folio+0xf0/0x2fc [ 95.773129][T11525] do_read_cache_folio+0x368/0x5b8 [ 95.773923][T11525] read_cache_folio+0x68/0x84 [ 95.774766][T11525] read_part_sector+0xcc/0x708 [ 95.775580][T11525] adfspart_check_ICS+0xa4/0x6fc [ 95.776391][T11525] bdev_disk_changed+0x6fc/0x11c8 [ 95.777237][T11525] blkdev_get_whole+0x15c/0x240 [ 95.778033][T11525] bdev_open+0x2d8/0x8cc [ 95.778748][T11525] blkdev_open+0x2d8/0x404 [ 95.779430][T11525] do_dentry_open+0x5c8/0x10dc [ 95.780286][T11525] vfs_open+0x44/0x2d4 [ 95.781040][T11525] path_openat+0x2234/0x2a6c [ 95.781832][T11525] do_file_open+0x1c4/0x2e4 [ 95.782569][T11525] do_sys_openat2+0x114/0x1e8 [ 95.783397][T11525] do_sys_open+0xac/0xdc [ 95.784146][T11525] __arm64_sys_openat+0x9c/0xb8 [ 95.784961][T11525] invoke_syscall+0x98/0x244 [ 95.785721][T11525] el0_svc_common+0xe8/0x23c [ 95.786598][T11525] do_el0_svc+0x48/0x58 [ 95.787294][T11525] el0_svc+0x64/0x260 [ 95.787996][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.788833][T11525] el0t_64_sync+0x198/0x19c [ 95.789598][T11525] [ 95.789598][T11525] -> #4 (&cmd->lock){+.+.}-{4:4}: [ 95.790714][T11525] __mutex_lock+0x160/0xef8 [ 95.791443][T11525] mutex_lock_nested+0x24/0x30 [ 95.792235][T11525] nbd_queue_rq+0xb0/0xc44 [ 95.792936][T11525] blk_mq_dispatch_rq_list+0x3bc/0x13a4 [ 95.793797][T11525] __blk_mq_sched_dispatch_requests+0xa40/0x10bc [ 95.794769][T11525] blk_mq_sched_dispatch_requests+0xa4/0x154 [ 95.795799][T11525] blk_mq_run_hw_queue+0x300/0x4dc [ 95.796682][T11525] blk_mq_dispatch_list+0xa2c/0xb2c [ 95.797589][T11525] blk_mq_flush_plug_list+0x3a4/0x484 [ 95.798461][T11525] __blk_flush_plug+0x338/0x410 [ 95.799286][T11525] __submit_bio+0x39c/0x478 [ 95.800064][T11525] submit_bio_noacct_nocheck+0x284/0xa98 [ 95.800984][T11525] submit_bio_noacct+0xd90/0x1814 [ 95.801795][T11525] submit_bio+0x38c/0x528 [ 95.802532][T11525] submit_bh_wbc+0x4b0/0x594 [ 95.803311][T11525] block_read_full_folio+0x69c/0x734 [ 95.804213][T11525] blkdev_read_folio+0x28/0x38 [ 95.804968][T11525] filemap_read_folio+0xf0/0x2fc [ 95.805863][T11525] do_read_cache_folio+0x368/0x5b8 [ 95.806784][T11525] read_cache_folio+0x68/0x84 [ 95.807599][T11525] read_part_sector+0xcc/0x708 [ 95.808418][T11525] adfspart_check_ICS+0xa4/0x6fc [ 95.809277][T11525] bdev_disk_changed+0x6fc/0x11c8 [ 95.810087][T11525] blkdev_get_whole+0x15c/0x240 [ 95.810868][T11525] bdev_open+0x2d8/0x8cc [ 95.811647][T11525] blkdev_open+0x2d8/0x404 [ 95.812399][T11525] do_dentry_open+0x5c8/0x10dc [ 95.813271][T11525] vfs_open+0x44/0x2d4 [ 95.813995][T11525] path_openat+0x2234/0x2a6c [ 95.814774][T11525] do_file_open+0x1c4/0x2e4 [ 95.815526][T11525] do_sys_openat2+0x114/0x1e8 [ 95.816319][T11525] do_sys_open+0xac/0xdc [ 95.817157][T11525] __arm64_sys_openat+0x9c/0xb8 [ 95.818085][T11525] invoke_syscall+0x98/0x244 [ 95.818939][T11525] el0_svc_common+0xe8/0x23c [ 95.819833][T11525] do_el0_svc+0x48/0x58 [ 95.820640][T11525] el0_svc+0x64/0x260 [ 95.821422][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.822384][T11525] el0t_64_sync+0x198/0x19c [ 95.823309][T11525] [ 95.823309][T11525] -> #3 (set->srcu){.+.+}-{0:0}: [ 95.824509][T11525] __synchronize_srcu+0xc8/0x268 [ 95.825486][T11525] synchronize_srcu+0x41c/0x604 [ 95.826384][T11525] blk_mq_wait_quiesce_done+0x88/0xb0 [ 95.827401][T11525] blk_mq_quiesce_queue+0x70/0x8c [ 95.828396][T11525] elevator_switch+0x128/0x384 [ 95.829329][T11525] elevator_change+0x200/0x358 [ 95.830208][T11525] elevator_set_default+0x190/0x2b0 [ 95.831161][T11525] blk_register_queue+0x2f8/0x3d0 [ 95.832085][T11525] __add_disk+0x568/0xb3c [ 95.832917][T11525] add_disk_fwnode+0xe8/0x42c [ 95.833815][T11525] device_add_disk+0x38/0x4c [ 95.834694][T11525] nbd_dev_add+0x588/0x85c [ 95.835558][T11525] nbd_init+0x15c/0x174 [ 95.836393][T11525] do_one_initcall+0x274/0xc20 [ 95.837249][T11525] do_initcall_level+0x128/0x1c4 [ 95.838112][T11525] do_initcalls+0x70/0xd0 [ 95.838921][T11525] do_basic_setup+0x7c/0x90 [ 95.839810][T11525] kernel_init_freeable+0x268/0x3a8 [ 95.840792][T11525] kernel_init+0x24/0x1dc [ 95.841666][T11525] ret_from_fork+0x10/0x20 [ 95.842532][T11525] [ 95.842532][T11525] -> #2 (&q->elevator_lock){+.+.}-{4:4}: [ 95.843878][T11525] __mutex_lock+0x160/0xef8 [ 95.844738][T11525] mutex_lock_nested+0x24/0x30 [ 95.845677][T11525] elevator_change+0x184/0x358 [ 95.846565][T11525] elevator_set_none+0xa8/0x13c [ 95.847475][T11525] blk_mq_update_nr_hw_queues+0x4ec/0x11fc [ 95.848595][T11525] nbd_start_device+0x15c/0xa38 [ 95.849521][T11525] nbd_genl_connect+0xfac/0x1564 [ 95.850481][T11525] genl_family_rcv_msg_doit+0x1e4/0x2d8 [ 95.851544][T11525] genl_rcv_msg+0x444/0x620 [ 95.852415][T11525] netlink_rcv_skb+0x22c/0x410 [ 95.853335][T11525] genl_rcv+0x38/0x50 [ 95.854119][T11525] netlink_unicast+0x610/0x800 [ 95.855002][T11525] netlink_sendmsg+0x63c/0x920 [ 95.855961][T11525] __sock_sendmsg+0xc8/0x138 [ 95.856830][T11525] ____sys_sendmsg+0x418/0x70c [ 95.857787][T11525] ___sys_sendmsg+0x198/0x224 [ 95.858653][T11525] __sys_sendmsg+0x160/0x214 [ 95.859540][T11525] __arm64_sys_sendmsg+0x80/0x94 [ 95.860492][T11525] invoke_syscall+0x98/0x244 [ 95.861351][T11525] el0_svc_common+0xe8/0x23c [ 95.862282][T11525] do_el0_svc+0x48/0x58 [ 95.863088][T11525] el0_svc+0x64/0x260 [ 95.863851][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.864808][T11525] el0t_64_sync+0x198/0x19c [ 95.865674][T11525] [ 95.865674][T11525] -> #1 (&q->q_usage_counter(io)#34){++++}-{0:0}: [ 95.867134][T11525] blk_alloc_queue+0x47c/0x57c [ 95.868066][T11525] blk_mq_alloc_queue+0x148/0x294 [ 95.869011][T11525] __blk_mq_alloc_disk+0x38/0x10c [ 95.870018][T11525] nbd_dev_add+0x3c0/0x85c [ 95.870938][T11525] nbd_init+0x15c/0x174 [ 95.871742][T11525] do_one_initcall+0x274/0xc20 [ 95.872653][T11525] do_initcall_level+0x128/0x1c4 [ 95.873578][T11525] do_initcalls+0x70/0xd0 [ 95.874447][T11525] do_basic_setup+0x7c/0x90 [ 95.875351][T11525] kernel_init_freeable+0x268/0x3a8 [ 95.876313][T11525] kernel_init+0x24/0x1dc [ 95.877149][T11525] ret_from_fork+0x10/0x20 [ 95.877980][T11525] [ 95.877980][T11525] -> #0 (fs_reclaim){+.+.}-{0:0}: [ 95.879255][T11525] __lock_acquire+0x1780/0x2f44 [ 95.880171][T11525] lock_acquire+0x140/0x368 [ 95.880979][T11525] fs_reclaim_acquire+0x90/0x110 [ 95.881910][T11525] prepare_alloc_pages+0x140/0x4b0 [ 95.882871][T11525] __alloc_frozen_pages_noprof+0x134/0x31c [ 95.883875][T11525] alloc_pages_mpol+0x1ec/0x464 [ 95.884823][T11525] alloc_frozen_pages_noprof+0xc4/0x114 [ 95.885872][T11525] alloc_pages_noprof+0x30/0x148 [ 95.886805][T11525] folio_alloc_noprof+0x2c/0x148 [ 95.887744][T11525] filemap_alloc_folio_noprof+0x108/0x434 [ 95.888846][T11525] __filemap_get_folio_mpol+0x424/0xc18 [ 95.889925][T11525] filemap_fault+0xb48/0x1420 [ 95.890896][T11525] __do_fault+0xf4/0x4a0 [ 95.891699][T11525] do_pte_missing+0x1918/0x28a4 [ 95.892588][T11525] handle_mm_fault+0x1564/0x245c [ 95.893564][T11525] __get_user_pages+0x678/0x20f0 [ 95.894510][T11525] populate_vma_page_range+0x260/0x358 [ 95.895581][T11525] __mm_populate+0x200/0x324 [ 95.896464][T11525] vm_mmap_pgoff+0x3a4/0x470 [ 95.897293][T11525] ksys_mmap_pgoff+0x398/0x5b4 [ 95.898189][T11525] __arm64_sys_mmap+0xf8/0x110 [ 95.899128][T11525] invoke_syscall+0x98/0x244 [ 95.900034][T11525] el0_svc_common+0xe8/0x23c [ 95.900928][T11525] do_el0_svc+0x48/0x58 [ 95.901734][T11525] el0_svc+0x64/0x260 [ 95.902539][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.903519][T11525] el0t_64_sync+0x198/0x19c [ 95.904402][T11525] [ 95.904402][T11525] other info that might help us debug this: [ 95.904402][T11525] [ 95.906281][T11525] Chain exists of: [ 95.906281][T11525] fs_reclaim --> &mm->mmap_lock --> mapping.invalidate_lock#2 [ 95.906281][T11525] [ 95.908569][T11525] Possible unsafe locking scenario: [ 95.908569][T11525] [ 95.909837][T11525] CPU0 CPU1 [ 95.910788][T11525] ---- ---- [ 95.911741][T11525] rlock(mapping.invalidate_lock#2); [ 95.912724][T11525] lock(&mm->mmap_lock); [ 95.913932][T11525] lock(mapping.invalidate_lock#2); [ 95.915297][T11525] lock(fs_reclaim); [ 95.915978][T11525] [ 95.915978][T11525] *** DEADLOCK *** [ 95.915978][T11525] [ 95.917361][T11525] 1 lock held by syz.0.2757/11525: [ 95.918234][T11525] #0: ffff0000f22797d0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0xb20/0x1420 [ 95.920074][T11525] [ 95.920074][T11525] stack backtrace: [ 95.921123][T11525] CPU: 0 UID: 0 PID: 11525 Comm: syz.0.2757 Tainted: G L syzkaller #0 PREEMPT [ 95.922848][T11525] Tainted: [L]=SOFTLOCKUP [ 95.923599][T11525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 95.925361][T11525] Call trace: [ 95.925891][T11525] show_stack+0x2c/0x3c (C) [ 95.926671][T11525] __dump_stack+0x30/0x40 [ 95.927397][T11525] dump_stack_lvl+0xd8/0x12c [ 95.928240][T11525] dump_stack+0x1c/0x28 [ 95.928998][T11525] print_circular_bug+0x328/0x330 [ 95.929850][T11525] check_noncircular+0x158/0x174 [ 95.930649][T11525] __lock_acquire+0x1780/0x2f44 [ 95.931469][T11525] lock_acquire+0x140/0x368 [ 95.932271][T11525] fs_reclaim_acquire+0x90/0x110 [ 95.933133][T11525] prepare_alloc_pages+0x140/0x4b0 [ 95.933998][T11525] __alloc_frozen_pages_noprof+0x134/0x31c [ 95.934968][T11525] alloc_pages_mpol+0x1ec/0x464 [ 95.935795][T11525] alloc_frozen_pages_noprof+0xc4/0x114 [ 95.936761][T11525] alloc_pages_noprof+0x30/0x148 [ 95.937608][T11525] folio_alloc_noprof+0x2c/0x148 [ 95.938477][T11525] filemap_alloc_folio_noprof+0x108/0x434 [ 95.939500][T11525] __filemap_get_folio_mpol+0x424/0xc18 [ 95.940445][T11525] filemap_fault+0xb48/0x1420 [ 95.941222][T11525] __do_fault+0xf4/0x4a0 [ 95.941905][T11525] do_pte_missing+0x1918/0x28a4 [ 95.942752][T11525] handle_mm_fault+0x1564/0x245c [ 95.943568][T11525] __get_user_pages+0x678/0x20f0 [ 95.944394][T11525] populate_vma_page_range+0x260/0x358 [ 95.945319][T11525] __mm_populate+0x200/0x324 [ 95.946082][T11525] vm_mmap_pgoff+0x3a4/0x470 [ 95.946852][T11525] ksys_mmap_pgoff+0x398/0x5b4 [ 95.947571][T11525] __arm64_sys_mmap+0xf8/0x110 [ 95.948331][T11525] invoke_syscall+0x98/0x244 [ 95.949072][T11525] el0_svc_common+0xe8/0x23c [ 95.949860][T11525] do_el0_svc+0x48/0x58 [ 95.950537][T11525] el0_svc+0x64/0x260 [ 95.951188][T11525] el0t_64_sync_handler+0x48/0x148 [ 95.951996][T11525] el0t_64_sync+0x198/0x19c [ 96.188019][ T4676] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.