last executing test programs: 55.394057703s ago: executing program 1 (id=595): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000030000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a300000000040000380080001400000000008000240000000002c0003801400010063616966300000000000000000000000140001006d6163766c616e3100000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003"], 0x110}}, 0x800) 55.189615775s ago: executing program 1 (id=597): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000001d2, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x79b]}, 0x8, 0x80000) 55.001371056s ago: executing program 1 (id=602): r0 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_CMD_DISABLE_BEARER(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x2c, r0, 0x1, 0x0, 0x0, {{}, {}, {0x10, 0x13, @l2={'eth', 0x3a, 'dummy0\x00'}}}}, 0x2c}}, 0x0) 54.857730848s ago: executing program 1 (id=605): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f0000000180)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {@errors_remount}]}, 0x1, 0x782, &(0x7f0000002200)="$eJzs3MFrHFUYAPBvptmmTaMbwYNeqtBCC6WbpLm0J+NFvBQKBa81JJsQMsmW7KY2sdDUmyDU5qIiiN49ehVK/QO8SUHBu1C0xoN6WdnNZtumu9ttu+m28feDybw3O2++79vZvMxAZgP433qz9iOJGI6IcxGRb2xPI2J/vXUgYn1rv827V6ZrSxLV6vnfk9qw2Kzmm8dKGutDUR8Sr0XErVzEiY8ejlteXVuYyrLicqM/Wlm8OFpeXTs5vzg1V5wrLo1PnBk7PTFxemyiZ7Uefe/MwRs/vrOx8dN3leuHB04mMVmvOxq19SzQfbbek1xM7ti+tBvB+ijpYp+BZ5AHAACd1a7z9zWuzXKRj32drtJcwAEAAMALqTpY7dY/Xe8JAAAAPGeS6HcGAAAAwO7a/j+A7Wd7d+s52HbuvB0RI63iD9SfIY44ELmIGNpMHnj8INkaBk9l/VpE3Jxs8fnr5onmzsbuNQ/25oj02s3a/DPZav5Jm/NPtJh/Bra/O+EptZ//7sXf12b+O9dljO+/ej3Xans6tLX++HCr+EkzftIm/vtdxr++8cmNdq9Vv4k41vLvT/JArA7fDzE6O5+1+tVqpnvr3+O328W/cy1i6KH4SVKPmnSu/2KX9X+4+efCeof4x490Pv9b8QcfGFf7THzayCONiBuNda2/sSPGkcWff3g4crK+HX+mzfvf+vy/26z/6y7r//Xbwctd7goAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1aUQMR5IWmu00LRQiDkXEqzGUZqVy5cRsaWVppvZaxEjk0tn5rDgWEfmtflLrj9fb9/qndvQnIuKVXw5uBZ3PioXpUjbT7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoOhQRw5GkhYhII+KvfJoWCv3OCgAAAOi5kX4nAAAAAOw69/8AAACw9z3p/X/S4zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPe3c2bO1pbp598p0rT9zaXVloXTp5EyxvFBYXJkuTJeWLxbmSqW5rFiYLi0+6nhpRIyfiZXLo5ViuTJaXl27sFhaWapcmF+cmiteKOaeSVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ruH6kqSFiEjr7TQtFCJeioiRyCWz81lxLCJejojb+dxgrT/e76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoufLq2sJUlhWXX+xGdW+V03UjkojnII02jS8aZ6XTPsl6RN9TTRuJPs1xIh5n1NVHvC39brzRp/kIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+Kq+uLUxlWXG53O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6K/0tyQiasux/NHhna/uT/7O19cR8cGX5z+7PFWpLI/Xtv/R3F75vLH91H0Drz7LGgAAAGDPe+txdt6+T9++jwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhWeXVtYSrLisu72Ihr/a4SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Ev8FAAD//zvJt4Q=") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 54.673144029s ago: executing program 1 (id=607): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, 0x0, 0x0) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) unshare(0x60000000) 53.009668762s ago: executing program 1 (id=619): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r1, 0x0, 0x200}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r2, &(0x7f00000004c0)="a0a3", 0x2, 0x200080d1, 0x0, 0x0) recvfrom$unix(r3, 0x0, 0x0, 0x10102, 0x0, 0x0) 52.894206002s ago: executing program 32 (id=619): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r1, 0x0, 0x200}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) sendto$unix(r2, &(0x7f00000004c0)="a0a3", 0x2, 0x200080d1, 0x0, 0x0) recvfrom$unix(r3, 0x0, 0x0, 0x10102, 0x0, 0x0) 51.662943602s ago: executing program 4 (id=641): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r0, 0x0, 0x1}, 0x18) write$qrtrtun(0xffffffffffffffff, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000001c000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$unix(0x1, 0x1, 0x0) connect$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) 50.69942646s ago: executing program 4 (id=643): r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) dup(r0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r3, 0x0, 0x4}, 0x18) sendmsg$nl_route_sched(r1, 0x0, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20040054) r5 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0) 49.019707182s ago: executing program 4 (id=648): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', 0x0}) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10) bind$tipc(0xffffffffffffffff, 0x0, 0x0) unshare(0x2000400) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000140)={0x20, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x4001000000000000}, 0x0) 48.723189175s ago: executing program 4 (id=651): syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f0000000180)={[{@dioread_nolock}, {@minixdf}, {@nolazytime}, {@errors_remount}]}, 0x1, 0x782, &(0x7f0000002200)="$eJzs3MFrHFUYAPBvptmmTaMbwYNeqtBCC6WbpLm0J+NFvBQKBa81JJsQMsmW7KY2sdDUmyDU5qIiiN49ehVK/QO8SUHBu1C0xoN6WdnNZtumu9ttu+m28feDybw3O2++79vZvMxAZgP433qz9iOJGI6IcxGRb2xPI2J/vXUgYn1rv827V6ZrSxLV6vnfk9qw2Kzmm8dKGutDUR8Sr0XErVzEiY8ejlteXVuYyrLicqM/Wlm8OFpeXTs5vzg1V5wrLo1PnBk7PTFxemyiZ7Uefe/MwRs/vrOx8dN3leuHB04mMVmvOxq19SzQfbbek1xM7ti+tBvB+ijpYp+BZ5AHAACd1a7z9zWuzXKRj32drtJcwAEAAMALqTpY7dY/Xe8JAAAAPGeS6HcGAAAAwO7a/j+A7Wd7d+s52HbuvB0RI63iD9SfIY44ELmIGNpMHnj8INkaBk9l/VpE3Jxs8fnr5onmzsbuNQ/25oj02s3a/DPZav5Jm/NPtJh/Bra/O+EptZ//7sXf12b+O9dljO+/ej3Xans6tLX++HCr+EkzftIm/vtdxr++8cmNdq9Vv4k41vLvT/JArA7fDzE6O5+1+tVqpnvr3+O328W/cy1i6KH4SVKPmnSu/2KX9X+4+efCeof4x490Pv9b8QcfGFf7THzayCONiBuNda2/sSPGkcWff3g4crK+HX+mzfvf+vy/26z/6y7r//Xbwctd7goAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1aUQMR5IWmu00LRQiDkXEqzGUZqVy5cRsaWVppvZaxEjk0tn5rDgWEfmtflLrj9fb9/qndvQnIuKVXw5uBZ3PioXpUjbT7+IBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoOhQRw5GkhYhII+KvfJoWCv3OCgAAAOi5kX4nAAAAAOw69/8AAACw9z3p/X/S4zwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAPe3c2bO1pbp598p0rT9zaXVloXTp5EyxvFBYXJkuTJeWLxbmSqW5rFiYLi0+6nhpRIyfiZXLo5ViuTJaXl27sFhaWapcmF+cmiteKOaeSVUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ruH6kqSFiEjr7TQtFCJeioiRyCWz81lxLCJejojb+dxgrT/e76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoufLq2sJUlhWXX+xGdW+V03UjkojnII02jS8aZ6XTPsl6RN9TTRuJPs1xIh5n1NVHvC39brzRp/kIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+Kq+uLUxlWXG53O9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6K/0tyQiasux/NHhna/uT/7O19cR8cGX5z+7PFWpLI/Xtv/R3F75vLH91H0Drz7LGgAAAGDPe+txdt6+T9++jwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhWeXVtYSrLisu72Ihr/a4SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Ev8FAAD//zvJt4Q=") lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00') r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 48.417420507s ago: executing program 4 (id=653): getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prctl$PR_SVE_SET_VL(0x32, 0x1c05d) socket$inet6(0xa, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000076af3bd01f08000000000000003ce6ff"], 0x48) socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) truncate(&(0x7f0000000080)='./file0\x00', 0x2293bc0a) bind$netlink(r0, &(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r3 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000040)={@remote, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0) sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="3400000010001fff0000000008000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800900010076657468"], 0x34}}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x137b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x40800) 47.948596981s ago: executing program 4 (id=656): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000280)='ext2\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000080), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI") r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) io_uring_enter(0xffffffffffffffff, 0x6e2, 0x3900, 0x1, 0x0, 0x0) 47.790842402s ago: executing program 33 (id=656): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="000000000087fb00b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000280)='ext2\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, &(0x7f0000000080), 0xfe, 0x25e, &(0x7f0000001000)="$eJzs3T9o3FYcB/Cf7k9d16a47VIo/QOllNZg3KFQ6NIuLRhKMaUU2oJLKZ2CHXBssvkyZcmQzEnwlMWEbHEyhiwmSyCrk3hwlgwxGWIyJMMFne7C+Xwmjs93CtbnA7L09J70nkDfZ3mQHEBhjUXEDxFRjojxiKhGRNLe4LNsGWsWl4fXZiLq9d8eJ412WTnTOm4kImoR8V1EpVW3uPrX5tP1n788s1D94tLqn8ODur52W5sbv2xf/PX01alvFkvNfaPNdft1HKaky75KEvF+Pzp7QySVvEfAfkyfvHI3zf0HEfF5I//VKDUje3b+rZvV+PrCXseee3Tno0GOFTh89Xo1/R1YqwOFU2o8AyeliYjItkuliYnsGf5eOYljc/Mnxv+fW5j9L++ZCjgESS37u3fjp+tD10Y68v+wnOV/X77t80iBvkjz//v0yv10e7uc92iAgfg4W6X5H/9n6auQfygc+Yfikn8oLvmHI+CA2ZV/KC75h+KSfzjCqq2NWtdq+Yfikn8oro785/I+LpCP9vwDAMVSH8r7DWQgL3nPPwAAAAAAAAAAAAAAAAAAwG7Lw2szrWVQfd46H7H1Y0RUdvY/1KgtN/4fccTbjZ/vPEnSZi8l2WE9+fvTHk/Qo8s5v3397oN8+7/9SX/Oe2pncc9v2y3NRtTSxpOVyu77P2nefwf33ivqq//22MFrSjrK3/8x2P47PV/Jt/+p9Ygb6fwz2W3+K8WHjXX3+We0/RPLB3T8WY8nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGBeBAAA//9hymrI") r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0) open_by_handle_at(r1, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0) io_uring_enter(0xffffffffffffffff, 0x6e2, 0x3900, 0x1, 0x0, 0x0) 34.763357302s ago: executing program 5 (id=620): r0 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000a57000/0x3000)=nil, 0x3000, 0xf) getresuid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000100)=@req3={0x40, 0x1, 0x2, 0x0, 0x3, 0x4, 0x6}, 0x1c) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) dup3(r3, r2, 0x80000) syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200010, &(0x7f0000000040)={[{@jqfmt_vfsold}]}, 0xfe, 0x55d, &(0x7f0000000980)="$eJzs3d9rW1UcAPDvTX/sp66DMdQHKezByVy6tv6Y4MN8FB0O9H2G9q6Mpsto0rHWgduDe9mLDEHEgfgH+O7j8B/wrxjoYMgo+uBL5aY3XbYmbZZlSzSfD9ztnPuj55yce07OyUm4AQytyeyfQsSrEfFNEnGo6dho5AcnN89bf3htLtuS2Nj47M8kknxf4/wk//9AHnklIn79OuJEYXu61dW1xVK5nC7n8ana0uWp6urayYtLpYV0Ib00Mzt7+p3Zmfffe7dnZX3z3N/ff3r3o9O3jq1/9/P9w7eTOBMH82PN5XgG15sjkzGZvyZjceaJE6d7kNggSfqdAboykrfzscj6gEMxkrd64P/vq4jYAIZUov3DkGqMAxpz+x7Ng/8zHny4OQHaXv7Rzc9GYm99brR/PXlsZpTNdyd6kH6Wxi9/3LmdbdG7zyEAdnX9RkScGh3d3v8lef/XvVMdnPNkGvo/eHHuZuOft1qNfwpb459oMf450KLtdmP39l+43+KypFefUmfjvw9ajn+3Fq0mRvLYS/Ux31hy4WI5zfq2lyPieIztyeI7reecXr+30e5Y8/gv27L0G2PBPB/3R/c8fs18qVZ6ljI3e3Aj4rWW499kq/6TFvWfvR7nOkzjaHrn9XbHdi//87XxU8QbLev/0YpWsvP65FT9fphq3BXb/XXz6G/t0u93+bP6379z+SeS5vXa6tOn8ePef9J2x7q9/8eTz+vh8Xzf1VKttjwdMZ58sn3/zKNrG/HG+Vn5jx/buf9rdf/vi4gvOiz/zSM32546CPU//1T1//SBex9/+UO79Dur/7froeP5nk76v04z+CyvHQAAAAAAAAyaQkQcjKRQ3AoXCsXi5vc7jsT+QrlSrZ24UFm5NB/138pOxFihsdJ9qOn7ENP592Eb8Zkn4rMRcTgivh3ZV48X5yrl+X4XHgAAAAAAAAAAAAAAAAAAAAbEgTa//8/8PtLykvEXm0PgufLIbxheu7b/XjzpCRhI3v9heHXV/vf1Ph/Ai+f9H4bUWL8zAPST938YXto/DC/tH4aX9g8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9de7s2WzbWH94bS6Lz19ZXVmsXDk5n1YXi0src8W5yvLl4kKlslBOi3OVpd3+XrlSuTw9EytXp2pptTZVXV07v1RZuVQ7f3GptJCeTz1tCAAAAAAAAAAAAAAAAAAAALarrq4tlsrldFlAoKvA6GBkQ6ApcKsHrbvPHRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANPk3AAD//0unNek=") sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001100)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6b0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5, 0x0, 0x81}, 0x18) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c8}}, {@debug}, {@nogrpid}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=") accept4$llc(0xffffffffffffffff, 0x0, 0x0, 0x80800) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) write$binfmt_script(r6, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800003, 0x11, r6, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) 34.649637413s ago: executing program 2 (id=688): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=0x0) preadv(r0, &(0x7f0000000980)=[{&(0x7f0000000580)=""/109, 0x6d}, {0x0}], 0x2, 0xa, 0xfffffff9) sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, r2, 0x1, 0x70bd26, 0x23c, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}}, 0x0) 33.861591149s ago: executing program 5 (id=694): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x40482, 0x0) ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[{0x92e, 0xe8, 0x4, 0xf5}, {0x7, 0x1, 0x9, 0x7}, {0x8, 0x0, 0xfc, 0x2}, {0x3, 0x0, 0x7, 0xde1}]}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b165"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000001d40)='writeback_queue_io\x00', r2}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) getpriority(0x1, 0x0) io_setup(0x8, &(0x7f0000002740)=0x0) io_getevents(r3, 0x49, 0x5, &(0x7f0000001480)=[{}, {}, {}, {}, {}], 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='sys_enter\x00', 0xffffffffffffffff, 0x0, 0x7fffffff}, 0x18) rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8) r4 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00'}) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r7, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6) io_setup(0x2, &(0x7f0000002400)=0x0) io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2001000000, 0x4, 0x0, 0x1, 0x0, r7, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}]) io_submit(r8, 0x1, &(0x7f0000000200)=[&(0x7f0000000880)={0x0, 0x0, 0x0, 0x7, 0x9, r6, 0x0, 0x0, 0x6}]) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000004000000000000dd060000009500000000c81c3cb4000000"], &(0x7f0000000240)='syzkaller\x00', 0xd, 0x0, 0x0, 0xc1000, 0x5c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0xc, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18) syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000d40)='./file1\x00', 0x3200010, &(0x7f0000000200)=ANY=[], 0x1, 0x7c7, &(0x7f0000001540)="$eJzs3UtsHGcdAPD/uHYerhSqgkoUpekkKVIigru7aV2sHsp2PXamtXfN7holB9RWjVNFcR9qVUFzoOTSAgIhThxLrxUXbiAOSByAExI9cOGAVKknVCSQEAghGc3sbvzI+pHGTvr4/VbZb3bmm+/7z+xk/jvrnZkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACJpTFcq1STm8ubi+XRzjel2a36L6YP2frOu2KLfiKT4FwcOxOHeqMNfWJ18X/F0Io72Xh2NA0VxIK7efd89j31+dGQw/xYBfVTHd1gvifhuEdSVZ5eXl17Zg0Buox/8+qZn+c9K8TybNfNOK5+vz2Zp3mmlU5OTlYfOzXTSmXwu61zodLP5tNHO6t1WOz3VOJ1Wp6bOptnEhdZic3a6PpcNRj76lVqlMpk+ObGQ1dudVvOhJyc6jXP53FzenC3r1CrfiqLOo8WG+FTeTbtZfT5NL11eXjq7XahFpeq6MfvXbThHH7zng9fe/+flpWKD3KyRpL9h1qrVWq06+cjUI49WKqO1Sm39iMoGcb1GjEQUNfZko+UTZPd23nCLRvr5P+Yij2YsxvlII42R8nn1MRYHYjra0Yr54vWfxzZMvyH/f+mhv/9xq37X5v9Blj+8OvlIlPn/WO/VsU3yf7FT3hjHXj3uuh7b2rGvxutxNa7Es7Ecy7EUr9y2eHb4OLgh6pHdbX82smhGHvsjIo/5qJdj0sijE61IYyomYzIq8XSci5noRBozkcdcZNGJC9GJbmTlFtWIdmRRj260oh1pnIpGnI40qjEVU3E20shiIi5EKxajGbMxHfWylUtxuVzvZzfEdd93nvnV83/64O1i+Hql6hYLkhQf5opK/9iiUj+ZPxAfIf8Pasj/nzYHBv/Ddmg3dtuwK1bK/D96p8MAAAAA9lBSfvueRMRY3F8OzeRfv9NBAQAAALuq/F3z0aIYK4buj2Qmn8sqQ2q+d9tjAwAAAHZHUp5jl0TEeDzQGxqcLjXsSwAAAADgE6j8+/+xohiPeKMc4fgfAAAAPmW+t9k19t/f179Gb2dhfzK4+O3C+QeTF+rFUP2F/rh+8Y3rLXZnjiSH+o2UxeTo1buTiBhtZEeTwdUv/7e/V35YPh9ZvQDhZtf6T9rtseTa5gFct/K5iBsDKF/FD+N4r9Lxi73y4mBKr5fxmXwum2i05h6rJv0vR7qvvXj52xFF799vzh9K4tLl5aWJ515avljGcq1o5doL/cvDJxtX79CV0etxpb8G4v7hSzxWnojR73e8129l7fKP9GYf2brPZG2fb8aJXp0T471yfP3yHyj6rE48Vo16/dBINzvffW1lzdL3o6je4pK/GSd7dU6eOtkrhkRRWxfFizdGUVsbxc7WxY6jePv4G+f/9btWkp3dLoqztxgFwJ1yqbzqz2oWOlhmof+u9BT5f0PePThIuDezl7u0+iljcEH6NbluNHae3aM7M0g2Q/bop3p1TvU+T4weGZJXKkP26C9ffvn3/T36w+/+9GffPPaHX3z07PZunO7V6Rdx7283ybHFMv9oQ1Z9p5jjnU36LV7Wkhjr3TthdfLS80sv1mpnJysPVyqP1GKs/KjQL+QeAIbY9h47O7gLz8PDj6pjkPHuvf6Tgol4Ll6K5bgYZ8qzDSLigeGtjq/5GcKZbY5ax9fc4eXM1seWh1dPb6htrLv/ZBJ374sh7a5LlV/8SVn8e8/eEgDYcye2ycNb5P+xQf4/s81x9/pcfrp349zB0XFsnsuH+eperxAA+AzI2h8m4923knY7X3i6OjVVrXfPZWm71XgqbefTs1maN7tZuzH4prnVbTUGR8PTWSftLC4stNrddKbVThdanfx8eef3tH/r9042X29280ZnYS6rd7K00Wp2641uOp13GunC4hNzeedc1i5n7ixkjXwmb9S7eauZdlqL7UY2kaadLFtTMZ/Omt18Ji8Gm+lCO5+vt69FxNzifJZOZ51GO1/otnoNDvrKmzOt9nzZ7MSNi/+327muAeDj4tXXr155dnl56ZX1AyvJxjHDB/7y+tUrgz/Rb1o5YuUOLyUAsNbaLA0AAAAAAAAAAAAAAHw83Xi6XjF2u9P+1g2MxU1U3jCwf/OzBj+TA1/+ee9t2Y0Gb6Wdg+ve0339jWVPFvmuiNi7tfrM449f2azOE28cPvfX/Tvpffj/lGGnur51KGLfL3/cG/O127XZvNdfhzF6U7OvJFvUuWO7JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY1P8DAAD//9kVRuc=") socket$inet_udp(0x2, 0x2, 0x0) 32.854071106s ago: executing program 2 (id=698): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) write$nbd(r1, &(0x7f00000006c0)=ANY=[], 0x10) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x2b) 32.842437057s ago: executing program 5 (id=699): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000f"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0xc4000) 32.746525198s ago: executing program 2 (id=700): r0 = socket$inet6(0xa, 0x802, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c) sendto$inet6(r0, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0) 32.601513899s ago: executing program 5 (id=702): socket$netlink(0x10, 0x3, 0x4) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000200)='mm_collapse_huge_page_swapin\x00'}, 0x18) gettid() r0 = socket$xdp(0x2c, 0x3, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000700)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="36000900020800003d3511350fcfef75ae7bb94cf4b3b137399acc9cdac49dfb6bbaa8c165ebf55b8d9feec4bc835e9929f383b9c29b29d6f66a70a2c31b396a129605099563dfc0a43c2858d84ed13058d3d6e6fdd5c161c1864d6ace2c8cc1", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20) r1 = socket$netlink(0x10, 0x3, 0x400000000000004) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4) writev(r1, &(0x7f0000000100)=[{&(0x7f0000000180)="480000001400190d7ebdeb75fd0d9c562c84d8c033aae421962ea6ff3cd3c461ebe430a2ed7a80ffe0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6", 0x48}], 0x1) bind$xdp(r0, &(0x7f0000000080)={0x2c, 0x4, 0x0, 0x19}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000050006d80b2a0473fdff000000216b70ffa82372b5e4dfe6c54093467d35070f26af98d26d381f681490f91ba18360fcaa7f75d4ff903c0fbeea46502487c5cbea8c0dfb24f3782996", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000017732d18d22a42cb1467f865947afb3d15d7cb831c71cac0788ffb93e37b3ac53d8408d63f60d4a89e3ed95816ee2ca2b154507d250524c639753ca65bac802c687127387b0b0b08aab7f4ee287174c7e753ea154a88c66d9593d361a14d6e6f5994dcba307713d7e47ec3214114d42a4b42954936a19177664291e2b8cdf63468095f51efc4f288"], 0x48) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, r2, {0xe}}, './file0\x00'}) ppoll(&(0x7f0000000280)=[{r2, 0x1}, {r3, 0x1a}, {0xffffffffffffffff, 0x8040}, {r1, 0x100}], 0x4, &(0x7f00000002c0), &(0x7f0000000300)={[0x400]}, 0x8) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r5 = fcntl$dupfd(r4, 0x0, r4) ioctl$TUNSETIFF(r5, 0x400454ca, 0x0) r6 = memfd_create(&(0x7f0000000580)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec=\x9e\xc3\xfd\x85d\x0fl5\xf3\xbe\" 6\r<\xea\x8dz\xcf6\x99\x91\xear8p\xaaR\xd5\xa6\xab#N>\x9a\xdf\xea\x009\xfbB\xc1\xd0_\xc0\'Z\xeb\xd8\xaf\xf0\'J\xe2\xff\xe5x*;(p\xf7p\xce\xbb\xa7\xfe\x04\xd0t\x81\x1a\x1b?m/\x1ex\xf8\x88^\xbaU\xb9\xa6\xab\x8d\a\xa6\"\xd9\x13\xeb\xe2\rh\x8dsx\xaa!\xd5Q\xf8\xce*\x95\x0es\xfaZ\x94t\x19\xdc\xdc\xcf\x0f\x9a\xa2O>\xb9\xfc\x01\fW\xee\xffh\xbd\xb2\xb4z\xeb\x84\x13\x13u\x8f', 0x0) write$bt_hci(r6, &(0x7f0000000080)=ANY=[@ANYBLOB="01"], 0x2b) syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h") ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f00000006c0)={'veth1_to_bond\x00', {0x2, 0x0, @private}}) execveat(r6, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000180)={r5, &(0x7f0000000080)="a4e1477458bcb1fc1566bb483ea93a9b3f1244e4fc32a56b2b4146e585045b106b7443882a45024c852ce7e074c6"}, 0x20) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000181100003be90d54744726c19bc9155339a5b624c63a4c9622a1c836f2bd1478c5eca07e8bb90b122d730c1e52275c237c", @ANYRES32=r5, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x20000014}) close_range(r8, 0xffffffffffffffff, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) 32.54377171s ago: executing program 2 (id=704): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"}) syz_open_pts(r0, 0x900) read(0xffffffffffffffff, &(0x7f00000000c0)=""/226, 0xe2) 32.025695393s ago: executing program 5 (id=708): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)) preadv(r0, &(0x7f0000000980)=[{&(0x7f0000000580)=""/109, 0x6d}, {0x0}], 0x2, 0xa, 0xfffffff9) 31.339201929s ago: executing program 2 (id=713): r0 = socket$inet6(0xa, 0x802, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x4008840, &(0x7f0000000180)={0xa, 0x4e23, 0x0, @local}, 0x1c) sendto$inet6(r0, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0) 31.17367598s ago: executing program 2 (id=725): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="13146000000370", 0x7}], 0x7) 27.548210648s ago: executing program 3 (id=729): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x7, 0x0, 0x10001, 0x0}) 27.371467929s ago: executing program 3 (id=731): r0 = socket$inet(0xa, 0x801, 0x84) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) sendto$inet(r1, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0) sendto$inet6(r1, &(0x7f0000000200)='x', 0x1, 0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x2}, 0x2b) 27.29577864s ago: executing program 3 (id=732): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c250000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 27.19384311s ago: executing program 3 (id=734): r0 = socket$inet_smc(0x2b, 0x1, 0x0) connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) 25.405013684s ago: executing program 3 (id=740): socket$packet(0x11, 0x3, 0x300) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', 0x0}) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14) r2 = socket$packet(0x11, 0x3, 0x300) bind$packet(r2, &(0x7f0000000000)={0x11, 0x0, r1, 0x1, 0x10, 0x6, @link_local}, 0x14) syz_emit_ethernet(0x82, &(0x7f0000000440)={@random="c8fb14c138ae", @empty, @val={@val={0x88a8, 0x6, 0x1, 0x2}, {0x8100, 0x0, 0x0, 0x3}}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "f2a400", 0x44, 0x2f, 0x0, @dev, @dev={0xfe, 0x80, '\x00', 0x2b}, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x6558}, {}, {}, {0x289, 0x88be, 0x0, {{}, 0x1, {0xec5}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0x0, 0x0, 0x0, 0x1}}}}}}}}}, 0x0) 25.063018287s ago: executing program 3 (id=741): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000440)) 24.042619034s ago: executing program 0 (id=744): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000140)={0x0, 0x3, 0x3, 0x7, 0x0, 0x10001, 0x0}) 23.949724205s ago: executing program 0 (id=745): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18) semop(0x0, &(0x7f0000000140)=[{0x0, 0xfffb}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, 0x0) 23.949424845s ago: executing program 0 (id=746): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x200000000200}, 0x18) r2 = getpid() setreuid(0xee00, 0x0) r3 = syz_pidfd_open(r2, 0x0) setns(r3, 0x24020000) syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58) 23.885275736s ago: executing program 0 (id=747): r0 = socket$inet6(0xa, 0x802, 0x88) setsockopt$inet6_udp_int(r0, 0x11, 0x100000000a, &(0x7f00000003c0)=0x800000001, 0x4) sendto$inet6(r0, &(0x7f0000000000)="17", 0x1, 0x0, 0x0, 0x0) 23.850929586s ago: executing program 0 (id=748): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000001080)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000980)={r2, @in={{0x2, 0x4e22, @remote}}}, &(0x7f0000000500)=0x84) 17.040270839s ago: executing program 34 (id=708): r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)) preadv(r0, &(0x7f0000000980)=[{&(0x7f0000000580)=""/109, 0x6d}, {0x0}], 0x2, 0xa, 0xfffffff9) 16.034227956s ago: executing program 0 (id=750): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x80000000000000}, 0x18) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r0, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, 0x0, 0x4800) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="980000000002010400000000000000000a000000040001804400038006000340000100000c00028005000100930000002c00018014000300ff01000000000000000000000000000114000407000000000000000000000000000000aa3c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400"], 0x98}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfe, 0x478, &(0x7f0000000940)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapgJL60tLzIwYtGDQdNTPSA8VTbQiqFGloTIUSrBzwaEu/G/8J40otRL5p41bshIYYLqJc1szNT2mW37NJtF7qfTzLt88xM+zzffebZeWae3Qmgaw1lP5KI/0XE7xExkGeX7zCU/7p5/dLE39cvTSRRqbz1V1Ld78b1SxPlruXfbcszlUqR31Sn3MvvRozPzEydL/Ij82c/GJm7cPH56bPjp6dOT50bO378yOG9/cfGjrYlziyuG7s/nt2z68Q7V96YOHnlvZ+SNPK4oyaO9qjkPqm/9an2FtZx26NnMZ30Lt2y75db6XpHAp2UtVrWXH3V/j8QPbFlcdtAvPpZRysHrKnsFLXCu/JCBdjAkuh0DYDOKE/02fVvuazT0OOecO2l/AIoi/tmseRbeiPNE/v6qte3a2MoIk4u/PNVtsSa3IcAAFjuu2z881y98V8aD+eJ/uzH/4s5lMGIeCAidkTEgxGxMyIeiqju+0hEPNpi+UM1+dvHP+nVuw6uCdn478Vibmv5+C8tdxnsKXLbq/H3JaemZ6YOFa/JwejbdGo6mRpdoYzvX/nti0bblo7/siUrvxwLFvW42ltzg25yfH58NTEvde3TiN299eJPopzGSSJiV0Tsvssypp/pbbjtzvGvoPG/bVrl64in8/ZfiJr4S0nD+cnRF46NHR3ZHDNTh0bKo+J2P/96+c1G5a8q/jbI2n9r3eN/Mf7BZHPE3IWLZ6rztXOtl3H5j88bXtO0ePyf2F4c//3J29UV/cWGj8bn58+PRvQnr9++fuzWfyvz5f5Z/Af31+//O+LWK/FYROyJiL0R8Xh2UVjU/YmIeDIi9q8Q/48vH3i/9fjXZ640i3/yTu0fS9u/9UTPmR++vXP8myOiUfsfqaYOFmuaef9rtoKree0AAADgfpF/Bj5JhxfTaTo8nH+Gf2dsTWdm5+afPTX74bnJ/LPyg9GXlne6BpbcDx0t7g2X+bGa/OHivvGXPVuq+eGJ2ZnJTgcPXW5bg/6f+bOn07UD1lwb5tGA+5T+D92rtv/3dagewPpKnP+hq+n/0L3q9f9lz6068NqSzPA3a18jYL04/0P3aqL/L+S/GjzNErhvOf9D99L/oSs1/G58uqqv/K974t/ieYb3Sn02fiLSe6IaGz/R2/TDLFpIVAby/p+t2VR3n06/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTHfwEAAP//jkztZQ==") bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) r6 = socket$nl_rdma(0x10, 0x3, 0x14) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'dummy0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x4c810) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r7, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r8, 0x1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r7, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r8}}, 0x18) 16.018586546s ago: executing program 35 (id=725): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0) writev(r1, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="13146000000370", 0x7}], 0x7) 10.032250022s ago: executing program 36 (id=741): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000440)) 0s ago: executing program 37 (id=750): r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x40, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}}, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000b80)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x80000000000000}, 0x18) sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r0, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) r3 = socket$nl_rdma(0x10, 0x3, 0x14) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, 0x0, 0x4800) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="980000000002010400000000000000000a000000040001804400038006000340000100000c00028005000100930000002c00018014000300ff01000000000000000000000000000114000407000000000000000000000000000000aa3c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb14000400"], 0x98}}, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfe, 0x478, &(0x7f0000000940)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapgJL60tLzIwYtGDQdNTPSA8VTbQiqFGloTIUSrBzwaEu/G/8J40otRL5p41bshIYYLqJc1szNT2mW37NJtF7qfTzLt88xM+zzffebZeWae3Qmgaw1lP5KI/0XE7xExkGeX7zCU/7p5/dLE39cvTSRRqbz1V1Ld78b1SxPlruXfbcszlUqR31Sn3MvvRozPzEydL/Ij82c/GJm7cPH56bPjp6dOT50bO378yOG9/cfGjrYlziyuG7s/nt2z68Q7V96YOHnlvZ+SNPK4oyaO9qjkPqm/9an2FtZx26NnMZ30Lt2y75db6XpHAp2UtVrWXH3V/j8QPbFlcdtAvPpZRysHrKnsFLXCu/JCBdjAkuh0DYDOKE/02fVvuazT0OOecO2l/AIoi/tmseRbeiPNE/v6qte3a2MoIk4u/PNVtsSa3IcAAFjuu2z881y98V8aD+eJ/uzH/4s5lMGIeCAidkTEgxGxMyIeiqju+0hEPNpi+UM1+dvHP+nVuw6uCdn478Vibmv5+C8tdxnsKXLbq/H3JaemZ6YOFa/JwejbdGo6mRpdoYzvX/nti0bblo7/siUrvxwLFvW42ltzg25yfH58NTEvde3TiN299eJPopzGSSJiV0Tsvssypp/pbbjtzvGvoPG/bVrl64in8/ZfiJr4S0nD+cnRF46NHR3ZHDNTh0bKo+J2P/96+c1G5a8q/jbI2n9r3eN/Mf7BZHPE3IWLZ6rztXOtl3H5j88bXtO0ePyf2F4c//3J29UV/cWGj8bn58+PRvQnr9++fuzWfyvz5f5Z/Af31+//O+LWK/FYROyJiL0R8Xh2UVjU/YmIeDIi9q8Q/48vH3i/9fjXZ640i3/yTu0fS9u/9UTPmR++vXP8myOiUfsfqaYOFmuaef9rtoKree0AAADgfpF/Bj5JhxfTaTo8nH+Gf2dsTWdm5+afPTX74bnJ/LPyg9GXlne6BpbcDx0t7g2X+bGa/OHivvGXPVuq+eGJ2ZnJTgcPXW5bg/6f+bOn07UD1lwb5tGA+5T+D92rtv/3dagewPpKnP+hq+n/0L3q9f9lz6068NqSzPA3a18jYL04/0P3aqL/L+S/GjzNErhvOf9D99L/oSs1/G58uqqv/K974t/ieYb3Sn02fiLSe6IaGz/R2/TDLFpIVAby/p+t2VR3n06/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTHfwEAAP//jkztZQ==") bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) r6 = socket$nl_rdma(0x10, 0x3, 0x14) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'dummy0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x4c810) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={0xffffffffffffffff}, 0x111, 0x4}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r7, &(0x7f0000000040)={0x7, 0x8, 0xfa00, {r8, 0x1}}, 0x10) write$RDMA_USER_CM_CMD_DESTROY_ID(r7, &(0x7f0000000380)={0x1, 0x10, 0xfa00, {&(0x7f0000000300), r8}}, 0x18) kernel console output (not intermixed with test programs): 381] EXT4-fs (loop0): re-mounted. Quota mode: none. [ 42.877331][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 42.903115][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 42.905555][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 42.970641][ T4392] loop3: detected capacity change from 0 to 1024 [ 42.972625][ T4392] ======================================================= [ 42.972625][ T4392] WARNING: The mand mount option has been deprecated and [ 42.972625][ T4392] and is ignored by this kernel. Remove the mand [ 42.972625][ T4392] option from the mount to silence this warning. [ 42.972625][ T4392] ======================================================= [ 43.008014][ T4394] loop4: detected capacity change from 0 to 128 [ 43.054652][ T4392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 43.163729][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 43.177242][ T4381] infiniband syz2: set active [ 43.184318][ T4381] infiniband syz2: added dummy0 [ 43.214900][ T1516] dummy0 speed is unknown, defaulting to 1000 [ 43.230487][ T4393] dummy0 speed is unknown, defaulting to 1000 [ 43.310124][ T27] audit: type=1326 audit(43.290:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.318269][ T27] audit: type=1326 audit(43.290:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.353517][ T4381] RDS/IB: syz2: added [ 43.354922][ T4381] smc: adding ib device syz2 with port count 1 [ 43.356598][ T4381] smc: ib device syz2 port 1 has pnetid [ 43.359480][ T1516] dummy0 speed is unknown, defaulting to 1000 [ 43.368658][ T27] audit: type=1326 audit(43.310:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.387017][ T27] audit: type=1326 audit(43.360:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.396520][ T27] audit: type=1326 audit(43.370:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4407 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffb2185448 code=0x7ffc0000 [ 43.406231][ T27] audit: type=1326 audit(43.380:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.432295][ T27] audit: type=1326 audit(43.410:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=91 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.444001][ T27] audit: type=1326 audit(43.420:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.453014][ T27] audit: type=1326 audit(43.420:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb215ad28 code=0x7ffc0000 [ 43.455124][ T4409] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9'. [ 43.465389][ T27] audit: type=1326 audit(43.420:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4404 comm="syz.3.8" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb2159254 code=0x7ffc0000 [ 43.483442][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 43.624601][ T4411] loop1: detected capacity change from 0 to 512 [ 43.626646][ T4411] EXT4-fs: Ignoring removed nobh option [ 43.657153][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 43.661070][ T4411] EXT4-fs: Mount option(s) incompatible with ext3 [ 43.684099][ T202] kworker/u4:4: attempt to access beyond end of device [ 43.684099][ T202] loop4: rw=1, sector=145, nr_sectors = 560 limit=128 [ 43.700555][ T4296] Bluetooth: hci0: command 0x040f tx timeout [ 43.702134][ T4296] Bluetooth: hci2: command 0x040f tx timeout [ 43.703626][ T4296] Bluetooth: hci1: command 0x040f tx timeout [ 43.782631][ T47] Bluetooth: hci3: command 0x040f tx timeout [ 43.784161][ T47] Bluetooth: hci4: command 0x040f tx timeout [ 43.886335][ T4418] loop4: detected capacity change from 0 to 1024 [ 43.894111][ T4418] EXT4-fs: inline encryption not supported [ 43.920085][ T4418] EXT4-fs error (device loop4): ext4_map_blocks:744: inode #3: block 1: comm syz.4.13: lblock 1 mapped to illegal pblock 1 (length 1) [ 43.925600][ T4418] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.13: Failed to acquire dquot type 0 [ 43.933249][ T4418] EXT4-fs error (device loop4): ext4_free_blocks:6210: comm syz.4.13: Freeing blocks not in datazone - block = 0, count = 4096 [ 43.937961][ T4418] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.13: Invalid inode bitmap blk 0 in block_group 0 [ 43.944855][ T4418] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem [ 43.951203][ T4418] EXT4-fs (loop4): 1 orphan inode deleted [ 43.952679][ T4418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 44.003056][ T9] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:0: lblock 1 mapped to illegal pblock 1 (length 1) [ 44.008103][ T9] EXT4-fs error (device loop4): ext4_release_dquot:6818: comm kworker/u4:0: Failed to release dquot type 0 [ 44.027607][ T4418] EXT4-fs (loop4): re-mounted. Quota mode: writeback. [ 44.176470][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 44.205883][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 44.303062][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 44.400922][ T4381] dummy0 speed is unknown, defaulting to 1000 [ 44.552667][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 44.570748][ T4437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.19'. [ 44.662111][ T4439] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20'. [ 44.777611][ T4445] dummy0 speed is unknown, defaulting to 1000 [ 44.827363][ T4449] loop0: detected capacity change from 0 to 128 [ 45.802362][ T4296] Bluetooth: hci1: command 0x0419 tx timeout [ 45.803939][ T4296] Bluetooth: hci2: command 0x0419 tx timeout [ 45.805439][ T4296] Bluetooth: hci0: command 0x0419 tx timeout [ 45.859006][ T47] Bluetooth: hci4: command 0x0419 tx timeout [ 45.860617][ T47] Bluetooth: hci3: command 0x0419 tx timeout [ 46.375595][ T4460] dummy0 speed is unknown, defaulting to 1000 [ 46.467235][ T4472] syz.2.32 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 46.537516][ T4462] kworker/u4:9: attempt to access beyond end of device [ 46.537516][ T4462] loop0: rw=1, sector=145, nr_sectors = 896 limit=128 [ 46.793511][ T4483] ALSA: seq fatal error: cannot create timer (-19) [ 46.835258][ T4487] device vlan0 entered promiscuous mode [ 47.018131][ T4473] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 47.020112][ T4473] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 47.027356][ T4473] vhci_hcd vhci_hcd.0: Device attached [ 47.029846][ T4500] netlink: 996 bytes leftover after parsing attributes in process `syz.0.42'. [ 47.030756][ T4497] vhci_hcd: connection closed [ 47.033758][ T39] vhci_hcd: stop threads [ 47.036471][ T39] vhci_hcd: release socket [ 47.037742][ T39] vhci_hcd: disconnect device [ 47.344254][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 47.385932][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 47.388208][ T4513] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 47.400405][ T4513] device bridge_slave_0 left promiscuous mode [ 47.402819][ T4513] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.273166][ T4513] device bridge_slave_1 left promiscuous mode [ 48.274863][ T4513] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.317200][ T4527] mmap: syz.1.51 (4527) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 48.355492][ T27] kauditd_printk_skb: 41 callbacks suppressed [ 48.355505][ T27] audit: type=1326 audit(48.330:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.377416][ T4513] bond0: (slave bond_slave_0): Releasing backup interface [ 48.380662][ T27] audit: type=1326 audit(48.360:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.387425][ T27] audit: type=1326 audit(48.360:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.410347][ T4529] loop1: detected capacity change from 0 to 512 [ 48.419866][ T27] audit: type=1326 audit(48.370:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.424774][ T27] audit: type=1326 audit(48.370:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.448628][ T27] audit: type=1326 audit(48.370:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.456196][ T4513] bond0: (slave bond_slave_1): Releasing backup interface [ 48.464800][ T27] audit: type=1326 audit(48.370:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.485501][ T4529] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 48.496939][ T4532] loop2: detected capacity change from 0 to 1024 [ 48.511276][ T4535] loop3: detected capacity change from 0 to 1024 [ 48.514797][ T4535] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 48.517339][ T4535] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 48.518571][ T27] audit: type=1326 audit(48.370:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffff9b55ad28 code=0x7ffc0000 [ 48.521977][ T4535] EXT4-fs error (device loop3): ext4_get_journal_inode:5723: inode #5: comm syz.3.54: unexpected bad inode w/o EXT4_IGET_BAD [ 48.529008][ T4535] EXT4-fs (loop3): no journal found [ 48.530464][ T4535] EXT4-fs (loop3): can't get journal size [ 48.533566][ T4532] EXT4-fs: Ignoring removed nobh option [ 48.535011][ T4532] EXT4-fs: Ignoring removed bh option [ 48.539187][ T4532] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 48.543075][ T4535] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 48.565666][ T27] audit: type=1326 audit(48.370:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff9b55ad5c code=0x7ffc0000 [ 48.571647][ T4513] team0: Port device team_slave_0 removed [ 48.575499][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 48.607839][ T4513] team0: Port device team_slave_1 removed [ 48.610617][ T4513] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 48.612396][ T4513] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 48.614765][ T4532] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 48.624540][ T27] audit: type=1326 audit(48.370:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4528 comm="syz.1.52" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffff9b5593f0 code=0x7ffc0000 [ 48.636661][ T4532] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.53: Allocating blocks 385-513 which overlap fs metadata [ 48.642945][ T4513] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 48.644838][ T4513] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 48.654315][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 48.686200][ T4519] dummy0 speed is unknown, defaulting to 1000 [ 48.729629][ T4532] EXT4-fs (loop2): pa 00000000dc1c54da: logic 16, phys. 129, len 24 [ 48.732201][ T4532] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 48.847513][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 49.001594][ T4557] Zero length message leads to an empty skb [ 49.100227][ T4559] dummy0 speed is unknown, defaulting to 1000 [ 49.378294][ T4571] loop4: detected capacity change from 0 to 1024 [ 49.417245][ T4571] EXT4-fs: Ignoring removed nobh option [ 49.432165][ T4571] EXT4-fs: Ignoring removed bh option [ 49.444166][ T4571] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 49.484420][ T4571] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 49.516859][ T4571] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.70: Allocating blocks 385-513 which overlap fs metadata [ 49.571321][ T4571] EXT4-fs (loop4): pa 00000000a1202e5e: logic 16, phys. 129, len 24 [ 49.573401][ T4571] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 49.701731][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 49.878305][ T4598] loop3: detected capacity change from 0 to 512 [ 49.892330][ T4590] dummy0 speed is unknown, defaulting to 1000 [ 49.976084][ T4598] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 50.051577][ T4607] loop4: detected capacity change from 0 to 512 [ 50.086757][ T4609] loop1: detected capacity change from 0 to 512 [ 50.090469][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 50.093528][ T4609] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 50.096677][ T4609] EXT4-fs (loop1): filesystem is read-only [ 50.148674][ T4607] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 50.185225][ T4607] EXT4-fs (loop4): unmounting filesystem. [ 50.245758][ T4617] loop1: detected capacity change from 0 to 1024 [ 50.269330][ T4617] EXT4-fs: Ignoring removed nobh option [ 50.270849][ T4617] EXT4-fs: Ignoring removed bh option [ 50.277927][ T4617] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 50.317080][ T4617] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 50.336892][ T4617] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.87: Allocating blocks 385-513 which overlap fs metadata [ 50.366507][ T4617] EXT4-fs (loop1): pa 00000000698749d7: logic 16, phys. 129, len 24 [ 50.368682][ T4617] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 50.474161][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 50.553971][ T4626] loop3: detected capacity change from 0 to 1024 [ 50.556275][ T4626] EXT4-fs: Ignoring removed nobh option [ 50.564553][ T4626] EXT4-fs: Ignoring removed bh option [ 50.571651][ T4626] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 50.606517][ T4625] infiniband syz0: set active [ 50.607899][ T4625] infiniband syz0: added bond0 [ 50.614510][ T4626] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 50.665231][ T4626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 50.667710][ T4626] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 50.685303][ T4625] RDS/IB: syz0: added [ 50.686406][ T4625] smc: adding ib device syz0 with port count 1 [ 50.688074][ T4625] smc: ib device syz0 port 1 has pnetid [ 50.781241][ T4626] dummy0 speed is unknown, defaulting to 1000 [ 51.228269][ T4649] netlink: 4 bytes leftover after parsing attributes in process `syz.1.98'. [ 51.438787][ T4655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.101'. [ 51.459923][ T4655] device macvlan0 entered promiscuous mode [ 51.462872][ T4655] netlink: 4 bytes leftover after parsing attributes in process `syz.4.101'. [ 51.927555][ T4635] smc: removing ib device syz2 [ 52.601613][ T4688] loop1: detected capacity change from 0 to 1024 [ 52.618589][ T4688] EXT4-fs: Ignoring removed nobh option [ 52.623269][ T4688] EXT4-fs: Ignoring removed bh option [ 52.625461][ T4688] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 53.372374][ T4688] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 53.426210][ T4688] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.115: Allocating blocks 385-513 which overlap fs metadata [ 53.436501][ T4688] EXT4-fs (loop1): pa 00000000fe355406: logic 16, phys. 129, len 24 [ 53.440361][ T4688] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 53.526772][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 53.790990][ T4713] netlink: 'syz.1.122': attribute type 4 has an invalid length. [ 53.863966][ T4714] netlink: 'syz.1.122': attribute type 4 has an invalid length. [ 54.066920][ T4721] netlink: 24 bytes leftover after parsing attributes in process `syz.2.127'. [ 54.073770][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 54.107144][ T27] kauditd_printk_skb: 24 callbacks suppressed [ 54.107156][ T27] audit: type=1326 audit(54.080:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4722 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 54.122439][ T27] audit: type=1326 audit(54.080:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4722 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=443 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 54.151598][ T27] audit: type=1326 audit(54.080:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4722 comm="syz.0.128" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 54.218189][ T4726] loop3: detected capacity change from 0 to 1024 [ 54.244766][ T4726] EXT4-fs: Ignoring removed nobh option [ 54.254236][ T4726] EXT4-fs: Ignoring removed bh option [ 54.262724][ T4726] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 54.286086][ T4726] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 54.341032][ T4726] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.129: Allocating blocks 385-513 which overlap fs metadata [ 54.416602][ T4726] EXT4-fs (loop3): pa 0000000030c78dc5: logic 16, phys. 129, len 24 [ 54.419309][ T4726] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 54.507529][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 54.676279][ T4743] loop2: detected capacity change from 0 to 1024 [ 54.678352][ T4743] EXT4-fs: Ignoring removed i_version option [ 54.724674][ T4743] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 54.759189][ T4743] Quota error (device loop2): do_check_range: Getting block 64 out of range 1-5 [ 54.761585][ T4743] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0 [ 54.763668][ T4743] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.136: Failed to acquire dquot type 0 [ 54.878975][ T4750] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 54.880868][ T4750] vhci_hcd: default hub control req: 6031 v8001 i0001 l0 [ 54.886386][ T4743] EXT4-fs error (device loop2): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 54.906816][ T4743] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #13: comm syz.2.136: corrupted inode contents [ 54.926162][ T4752] loop1: detected capacity change from 0 to 1024 [ 54.933294][ T4752] EXT4-fs: Ignoring removed nobh option [ 54.934711][ T4752] EXT4-fs: inline encryption not supported [ 54.936120][ T4752] EXT4-fs: Ignoring removed bh option [ 54.937941][ T4752] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 54.945336][ T4743] EXT4-fs error (device loop2): ext4_dirty_inode:6089: inode #13: comm syz.2.136: mark_inode_dirty error [ 54.948905][ T4743] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #13: comm syz.2.136: corrupted inode contents [ 54.957745][ T4743] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #13: comm syz.2.136: mark_inode_dirty error [ 54.961291][ T4743] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #13: comm syz.2.136: corrupted inode contents [ 54.966867][ T4743] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem [ 54.972905][ T4743] EXT4-fs error (device loop2): ext4_do_update_inode:5224: inode #13: comm syz.2.136: corrupted inode contents [ 54.995216][ T4743] EXT4-fs error (device loop2): ext4_truncate:4311: inode #13: comm syz.2.136: mark_inode_dirty error [ 55.016783][ T4752] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 55.034617][ T4743] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem [ 55.037777][ T4757] capability: warning: `syz.3.141' uses deprecated v2 capabilities in a way that may be insecure [ 55.059431][ T4743] EXT4-fs (loop2): 1 truncate cleaned up [ 55.061976][ T4743] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 55.167835][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 55.230737][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 55.450594][ T4776] netlink: 'syz.1.147': attribute type 4 has an invalid length. [ 55.500361][ T4776] netlink: 'syz.1.147': attribute type 4 has an invalid length. [ 55.746164][ T4788] atomic_op 00000000ea08f402 conn xmit_atomic 0000000000000000 [ 56.365012][ T4816] loop1: detected capacity change from 0 to 512 [ 56.388394][ T4816] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 56.442743][ T4816] block device autoloading is deprecated and will be removed. [ 56.449470][ T4816] EXT4-fs (loop1): external journal has bad superblock [ 56.535752][ T4823] hub 4-0:1.0: USB hub found [ 56.544882][ T4823] hub 4-0:1.0: 8 ports detected [ 56.777177][ T4838] netlink: 'syz.0.176': attribute type 4 has an invalid length. [ 56.803853][ T4836] loop3: detected capacity change from 0 to 2048 [ 56.829995][ T4838] netlink: 'syz.0.176': attribute type 4 has an invalid length. [ 56.855789][ T4836] loop3: p3 p4 < > [ 56.937879][ T4841] netlink: 12 bytes leftover after parsing attributes in process `syz.2.178'. [ 57.010855][ T4843] netlink: 18 bytes leftover after parsing attributes in process `syz.3.179'. [ 57.032701][ T4574] udevd[4574]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 57.050769][ T4289] udevd[4289]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 57.120015][ T4847] device sit0 entered promiscuous mode [ 57.131857][ T4847] netlink: 'syz.3.181': attribute type 1 has an invalid length. [ 57.133761][ T4847] netlink: 1 bytes leftover after parsing attributes in process `syz.3.181'. [ 57.376252][ T4853] loop2: detected capacity change from 0 to 1024 [ 57.400203][ T4855] loop3: detected capacity change from 0 to 1024 [ 57.402394][ T4853] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.184: Invalid block bitmap block 0 in block_group 0 [ 57.404755][ T4855] EXT4-fs: Ignoring removed nobh option [ 57.410902][ T4855] EXT4-fs: Ignoring removed bh option [ 57.413990][ T4853] Quota error (device loop2): write_blk: dquota write failed [ 57.415899][ T4853] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 57.418283][ T4853] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.184: Failed to acquire dquot type 0 [ 57.431629][ T4853] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.184: Freeing blocks not in datazone - block = 0, count = 4096 [ 57.438192][ T4853] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.184: Invalid inode bitmap blk 0 in block_group 0 [ 57.446416][ T4855] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 57.449926][ T4520] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-7 [ 57.452459][ T4520] EXT4-fs error (device loop2): ext4_release_dquot:6818: comm kworker/u4:10: Failed to release dquot type 0 [ 57.480127][ T4855] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 57.485088][ T4853] EXT4-fs error (device loop2) in ext4_free_inode:362: Corrupt filesystem [ 57.508061][ T4853] EXT4-fs (loop2): 1 orphan inode deleted [ 57.519735][ T4853] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 57.553489][ T4855] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.185: Allocating blocks 385-513 which overlap fs metadata [ 57.564293][ T4854] EXT4-fs (loop3): pa 00000000d9e02026: logic 16, phys. 129, len 24 [ 57.566455][ T4854] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 57.657727][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 57.740478][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 57.828790][ T4866] team0: Device ipvlan2 failed to register rx_handler [ 57.850880][ T4870] rdma_op 0000000040ae8a30 conn xmit_rdma 0000000000000000 [ 58.226779][ T4886] netlink: 'syz.4.197': attribute type 4 has an invalid length. [ 58.267586][ T4889] loop2: detected capacity change from 0 to 128 [ 58.268112][ T4886] netlink: 'syz.4.197': attribute type 4 has an invalid length. [ 58.314796][ T4891] loop1: detected capacity change from 0 to 1024 [ 58.319229][ T4891] EXT4-fs: Ignoring removed nobh option [ 58.320957][ T4891] EXT4-fs: Ignoring removed bh option [ 58.328494][ T4891] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 58.348199][ T4891] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 58.377846][ T4891] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.200: Allocating blocks 385-513 which overlap fs metadata [ 58.391036][ T4890] EXT4-fs (loop1): pa 000000004ffe9b0a: logic 16, phys. 129, len 24 [ 58.393205][ T4890] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 58.419080][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 59.373844][ T4929] smc: net device bond0 applied user defined pnetid SYZ0 [ 59.386926][ T4929] smc: net device bond0 erased user defined pnetid SYZ0 [ 59.437181][ T4929] loop1: detected capacity change from 0 to 512 [ 59.449909][ T4929] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 59.495193][ T4929] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 59.499677][ T4929] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2186: inode #15: comm syz.1.216: corrupted in-inode xattr [ 59.513794][ T4929] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.216: couldn't read orphan inode 15 (err -117) [ 59.517139][ T4929] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 59.563696][ T4929] EXT4-fs (loop1): re-mounted. Quota mode: none. [ 59.566431][ T4929] lo speed is unknown, defaulting to 1000 [ 59.577815][ T4929] lo speed is unknown, defaulting to 1000 [ 59.587295][ T4929] lo speed is unknown, defaulting to 1000 [ 59.622683][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 59.624952][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 59.626676][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 59.636039][ T4929] infiniband sz1: set active [ 59.637280][ T4327] lo speed is unknown, defaulting to 1000 [ 59.642871][ T4944] netlink: 'syz.2.221': attribute type 4 has an invalid length. [ 59.671222][ T4929] infiniband sz1: added lo [ 59.691642][ T4944] netlink: 'syz.2.221': attribute type 4 has an invalid length. [ 59.832041][ T4929] RDS/IB: sz1: added [ 59.837777][ T4929] smc: adding ib device sz1 with port count 1 [ 59.857498][ T4929] smc: ib device sz1 port 1 has pnetid [ 59.865208][ T27] audit: type=1326 audit(59.840:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.875163][ T27] audit: type=1326 audit(59.850:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.886637][ T4339] lo speed is unknown, defaulting to 1000 [ 59.889288][ T4929] lo speed is unknown, defaulting to 1000 [ 59.895287][ T27] audit: type=1326 audit(59.850:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.917283][ T27] audit: type=1326 audit(59.850:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.946485][ T27] audit: type=1326 audit(59.850:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=45 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.976456][ T27] audit: type=1326 audit(59.850:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 59.987529][ T27] audit: type=1326 audit(59.850:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4951 comm="syz.0.223" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 60.127839][ T4929] lo speed is unknown, defaulting to 1000 [ 60.276664][ T4929] lo speed is unknown, defaulting to 1000 [ 60.448597][ T4963] loop0: detected capacity change from 0 to 512 [ 60.450660][ T4963] EXT4-fs: Ignoring removed oldalloc option [ 60.485242][ T4963] EXT4-fs (loop0): 1 truncate cleaned up [ 60.486678][ T4963] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 60.488317][ T4929] lo speed is unknown, defaulting to 1000 [ 60.606884][ T4971] loop4: detected capacity change from 0 to 164 [ 60.650109][ T4574] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 60.662368][ T4929] lo speed is unknown, defaulting to 1000 [ 60.798681][ T4942] infiniband syz2: set active [ 60.799953][ T4942] infiniband syz2: added dummy0 [ 60.803597][ T4942] infiniband syz2: Couldn't open port 1 [ 60.806646][ T4327] dummy0 speed is unknown, defaulting to 1000 [ 60.841573][ T4942] RDS/IB: syz2: added [ 60.843420][ T4942] smc: adding ib device syz2 with port count 1 [ 60.845599][ T4942] smc: ib device syz2 port 1 has pnetid [ 60.847195][ T4339] dummy0 speed is unknown, defaulting to 1000 [ 60.854404][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 60.859189][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 61.010162][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 61.171588][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 61.294521][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 61.317753][ T5001] netlink: 'syz.3.240': attribute type 4 has an invalid length. [ 61.361988][ T5001] netlink: 'syz.3.240': attribute type 4 has an invalid length. [ 61.377242][ T5003] netlink: 96 bytes leftover after parsing attributes in process `syz.0.242'. [ 61.396398][ T4942] dummy0 speed is unknown, defaulting to 1000 [ 61.453973][ T27] audit: type=1326 audit(61.430:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5005 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 61.461724][ T27] audit: type=1326 audit(61.440:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5005 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=116 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 61.490684][ T27] audit: type=1326 audit(61.470:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5005 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 61.603397][ T5012] loop0: detected capacity change from 0 to 1024 [ 61.615580][ T5012] EXT4-fs: Ignoring removed nobh option [ 61.618618][ T5012] EXT4-fs: Ignoring removed bh option [ 61.624676][ T5012] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 61.637722][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 61.679531][ T5012] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 61.703622][ T5012] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.244: Allocating blocks 385-513 which overlap fs metadata [ 61.722629][ T5011] EXT4-fs (loop0): pa 00000000aeb7449d: logic 16, phys. 129, len 24 [ 61.724772][ T5011] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 61.788282][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 61.826974][ T5022] loop1: detected capacity change from 0 to 512 [ 61.836071][ T5022] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 61.850498][ T5022] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2186: inode #15: comm syz.1.246: corrupted in-inode xattr [ 61.858200][ T5022] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.246: couldn't read orphan inode 15 (err -117) [ 61.866406][ T5022] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 61.897445][ T5027] IPv6: sit1: Disabled Multicast RS [ 62.006152][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 62.184945][ T5041] loop2: detected capacity change from 0 to 1024 [ 62.220392][ T5041] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 62.231468][ T5041] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 62.244181][ T5041] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28 [ 62.254184][ T5041] EXT4-fs (loop2): This should not happen!! Data will be lost [ 62.254184][ T5041] [ 62.256551][ T5041] EXT4-fs (loop2): Total free blocks count 0 [ 62.268332][ T5041] EXT4-fs (loop2): Free/Dirty block details [ 62.292301][ T5041] EXT4-fs (loop2): free_blocks=68451041280 [ 62.293775][ T5041] EXT4-fs (loop2): dirty_blocks=16 [ 62.294957][ T5041] EXT4-fs (loop2): Block reservation details [ 62.296300][ T5041] EXT4-fs (loop2): i_reserved_data_blocks=1 [ 62.305688][ T5048] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28 [ 62.839017][ T5067] loop3: detected capacity change from 0 to 1024 [ 62.856123][ T5067] EXT4-fs: Ignoring removed nobh option [ 62.857753][ T5067] EXT4-fs: Ignoring removed bh option [ 62.878558][ T5067] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 62.912929][ T5067] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 62.971388][ T5067] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.257: Allocating blocks 385-513 which overlap fs metadata [ 63.017093][ T5065] EXT4-fs (loop3): pa 000000005fdaa0ac: logic 16, phys. 129, len 24 [ 63.019346][ T5065] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 63.082055][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 63.302725][ T5103] syz.0.264 uses obsolete (PF_INET,SOCK_PACKET) [ 63.413714][ T5106] netlink: 'syz.1.265': attribute type 4 has an invalid length. [ 63.437434][ T5106] infiniband sz1: set down [ 63.442696][ T5111] netlink: 'syz.1.265': attribute type 4 has an invalid length. [ 63.453366][ T5113] loop2: detected capacity change from 0 to 764 [ 63.461598][ T5111] infiniband sz1: set active [ 63.559381][ T4502] lo speed is unknown, defaulting to 1000 [ 63.561349][ T4379] lo speed is unknown, defaulting to 1000 [ 63.644970][ T4502] lo speed is unknown, defaulting to 1000 [ 63.841086][ T5130] loop0: detected capacity change from 0 to 1024 [ 63.861855][ T5130] EXT4-fs: Ignoring removed nobh option [ 63.876019][ T5130] EXT4-fs: Ignoring removed bh option [ 63.883258][ T5130] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 63.931315][ T5130] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 63.975034][ T5130] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.271: Allocating blocks 385-513 which overlap fs metadata [ 64.002671][ T5129] EXT4-fs (loop0): pa 00000000e327436e: logic 16, phys. 129, len 24 [ 64.004909][ T5129] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 64.036684][ T5128] loop4: detected capacity change from 0 to 2048 [ 64.137277][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 64.185315][ T5128] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 64.208053][ T5132] lo speed is unknown, defaulting to 1000 [ 64.217499][ T5128] netlink: 16 bytes leftover after parsing attributes in process `syz.4.270'. [ 64.221706][ T5128] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.270: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 64.425214][ T5166] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 64.427576][ T5166] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 64.453248][ T5166] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 64.455597][ T5166] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 64.458210][ T5166] device geneve2 entered promiscuous mode [ 64.500749][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 64.502788][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 64.531592][ T5132] dummy0 speed is unknown, defaulting to 1000 [ 64.555275][ T5175] netlink: 104 bytes leftover after parsing attributes in process `syz.3.285'. [ 64.651323][ T5181] netlink: 'syz.0.286': attribute type 4 has an invalid length. [ 64.680804][ T5184] loop3: detected capacity change from 0 to 1024 [ 64.684178][ T5184] EXT4-fs: Ignoring removed nobh option [ 64.685615][ T5184] EXT4-fs: Ignoring removed bh option [ 64.687835][ T5184] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 64.719187][ T5185] netlink: 'syz.1.288': attribute type 4 has an invalid length. [ 64.739218][ T5185] infiniband sz1: set down [ 64.741614][ T5181] netlink: 'syz.0.286': attribute type 4 has an invalid length. [ 64.751122][ T5184] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 64.765308][ T4327] lo speed is unknown, defaulting to 1000 [ 64.768366][ T5185] netlink: 'syz.1.288': attribute type 4 has an invalid length. [ 64.777002][ T5185] infiniband sz1: set active [ 64.778570][ T4401] lo speed is unknown, defaulting to 1000 [ 64.779975][ T4502] lo speed is unknown, defaulting to 1000 [ 64.783649][ T5184] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.289: Allocating blocks 385-513 which overlap fs metadata [ 64.809365][ T5183] EXT4-fs (loop3): pa 000000005e446748: logic 16, phys. 129, len 24 [ 64.811518][ T5183] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 64.950913][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 65.025466][ T5204] device lo entered promiscuous mode [ 65.027720][ T5204] device tunl0 entered promiscuous mode [ 65.054810][ T5204] device gre0 entered promiscuous mode [ 65.056725][ T5204] device gretap0 entered promiscuous mode [ 65.060008][ T5204] device erspan0 entered promiscuous mode [ 65.062209][ T5204] device ip_vti0 entered promiscuous mode [ 65.064090][ T5204] device ip6_vti0 entered promiscuous mode [ 65.105453][ T27] kauditd_printk_skb: 49 callbacks suppressed [ 65.105466][ T27] audit: type=1326 audit(65.080:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.116694][ T27] audit: type=1326 audit(65.080:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.133464][ T27] audit: type=1326 audit(65.080:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.152751][ T27] audit: type=1326 audit(65.080:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.154890][ T5204] device ip6tnl0 entered promiscuous mode [ 65.172246][ T27] audit: type=1326 audit(65.100:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.174992][ T5204] device ip6gre0 entered promiscuous mode [ 65.184879][ T5204] device syz_tun entered promiscuous mode [ 65.189464][ T27] audit: type=1326 audit(65.100:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.206315][ T5204] device ip6gretap0 entered promiscuous mode [ 65.206622][ T27] audit: type=1326 audit(65.100:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.216777][ T27] audit: type=1326 audit(65.100:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.218959][ T5204] device bridge0 entered promiscuous mode [ 65.226399][ T27] audit: type=1326 audit(65.100:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.234862][ T5204] device vcan0 entered promiscuous mode [ 65.239794][ T5204] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 65.241621][ T5204] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 65.243465][ T5204] device bond0 entered promiscuous mode [ 65.244980][ T27] audit: type=1326 audit(65.100:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5210 comm="syz.0.296" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=83 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 65.273950][ T5204] device bond_slave_0 entered promiscuous mode [ 65.275593][ T5204] device bond_slave_1 entered promiscuous mode [ 65.294721][ T5204] infiniband syz0: set active [ 65.296490][ T5204] infiniband syz0: set active [ 65.306140][ T5204] device team0 entered promiscuous mode [ 65.307725][ T5204] device team_slave_0 entered promiscuous mode [ 65.308273][ T5222] loop0: detected capacity change from 0 to 128 [ 65.310099][ T5204] device team_slave_1 entered promiscuous mode [ 65.313831][ T5204] device dummy0 entered promiscuous mode [ 65.315756][ T5204] device nlmon0 entered promiscuous mode [ 65.319973][ T5222] EXT4-fs: Ignoring removed nobh option [ 65.328048][ T5222] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 65.348870][ T5204] device caif0 entered promiscuous mode [ 65.350484][ T5204] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 65.365581][ T5207] netlink: 24 bytes leftover after parsing attributes in process `syz.3.294'. [ 65.376653][ T5219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.294'. [ 65.394063][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 65.551604][ T5230] usb usb1: usbfs: process 5230 (syz.0.299) did not claim interface 0 before use [ 65.713153][ T5237] loop0: detected capacity change from 0 to 1024 [ 65.715226][ T5237] EXT4-fs: Ignoring removed nobh option [ 65.716685][ T5237] EXT4-fs: Ignoring removed bh option [ 65.738757][ T5241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'. [ 65.739119][ T5237] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 65.811425][ T5237] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 65.841579][ T5237] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.304: Allocating blocks 385-513 which overlap fs metadata [ 65.856217][ T5236] EXT4-fs (loop0): pa 000000004ffe9b0a: logic 16, phys. 129, len 24 [ 65.858265][ T5236] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 65.965651][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 66.014197][ T5256] netlink: 'syz.2.312': attribute type 4 has an invalid length. [ 66.063266][ T5256] netlink: 'syz.2.312': attribute type 4 has an invalid length. [ 66.385786][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 66.391134][ T5273] netlink: 4 bytes leftover after parsing attributes in process `syz.3.320'. [ 66.403123][ T5273] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 66.410948][ T5273] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 66.413220][ T5273] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 66.417609][ T5273] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 66.424998][ T5273] device geneve2 entered promiscuous mode [ 66.443320][ T5275] loop0: detected capacity change from 0 to 1024 [ 66.446397][ T5275] EXT4-fs: Ignoring removed nobh option [ 66.447828][ T5275] EXT4-fs: Ignoring removed bh option [ 66.451449][ T5275] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 66.485950][ T5275] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 66.517034][ T5275] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.321: Allocating blocks 385-513 which overlap fs metadata [ 66.545113][ T5274] EXT4-fs (loop0): pa 0000000030c78dc5: logic 16, phys. 129, len 24 [ 66.547236][ T5274] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 66.656052][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 67.223533][ T5316] netlink: 4 bytes leftover after parsing attributes in process `syz.2.334'. [ 67.287557][ T5316] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 67.293621][ T5316] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 67.295666][ T5316] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 67.297776][ T5316] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 67.315963][ T5316] device geneve2 entered promiscuous mode [ 67.496357][ T5325] loop2: detected capacity change from 0 to 1024 [ 67.498364][ T5325] EXT4-fs: Ignoring removed nobh option [ 67.527286][ T5325] EXT4-fs: Ignoring removed bh option [ 67.538623][ T5325] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 67.557645][ T5331] netlink: 'syz.0.338': attribute type 4 has an invalid length. [ 67.593611][ T5331] netlink: 'syz.0.338': attribute type 4 has an invalid length. [ 67.596921][ T5325] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 67.635777][ T5325] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3841: comm syz.2.336: Allocating blocks 385-513 which overlap fs metadata [ 67.654405][ T5336] netlink: 4 bytes leftover after parsing attributes in process `syz.1.333'. [ 67.706894][ T5324] EXT4-fs (loop2): pa 00000000542332dd: logic 16, phys. 129, len 24 [ 67.709220][ T5324] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 67.828682][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 68.588148][ T5381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.348'. [ 68.647351][ T5386] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 68.651107][ T5386] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 68.657884][ T5386] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 68.678888][ T5386] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 68.684943][ T5386] device geneve2 entered promiscuous mode [ 68.866934][ T5394] loop4: detected capacity change from 0 to 1024 [ 68.869180][ T5394] EXT4-fs: Ignoring removed nobh option [ 68.875181][ T5394] EXT4-fs: Ignoring removed bh option [ 68.884391][ T5394] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 68.951336][ T5394] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 68.958902][ T5403] loop2: detected capacity change from 0 to 128 [ 68.971890][ T5394] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.350: Allocating blocks 385-513 which overlap fs metadata [ 69.008357][ T5393] EXT4-fs (loop4): pa 00000000fe355406: logic 16, phys. 129, len 24 [ 69.010680][ T5393] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 69.111328][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 69.269491][ T5416] netlink: 'syz.2.356': attribute type 4 has an invalid length. [ 69.317284][ T5416] netlink: 'syz.2.356': attribute type 4 has an invalid length. [ 69.371665][ T5419] netlink: 16 bytes leftover after parsing attributes in process `syz.0.357'. [ 69.906451][ T5421] lo speed is unknown, defaulting to 1000 [ 70.095747][ T14] cfg80211: failed to load regulatory.db [ 70.099009][ T5421] dummy0 speed is unknown, defaulting to 1000 [ 70.312152][ T5428] loop1: detected capacity change from 0 to 512 [ 70.316640][ T5426] loop0: detected capacity change from 0 to 1024 [ 70.318857][ T5426] EXT4-fs: Ignoring removed nobh option [ 70.320257][ T5426] EXT4-fs: Ignoring removed bh option [ 70.325385][ T5426] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 70.747541][ T5446] netlink: 4 bytes leftover after parsing attributes in process `syz.4.362'. [ 70.749991][ T4401] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 70.765695][ T5451] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 70.767813][ T5451] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 70.780565][ T5451] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 70.782660][ T5451] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 70.803067][ T5451] device geneve2 entered promiscuous mode [ 70.903857][ T5456] loop1: detected capacity change from 0 to 1024 [ 70.906055][ T5456] EXT4-fs: Ignoring removed nobh option [ 70.908763][ T4401] usb 1-1: device descriptor read/64, error -71 [ 70.941798][ T5456] EXT4-fs: Ignoring removed bh option [ 70.943661][ T5456] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 71.024955][ T5456] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:3841: comm syz.1.365: Allocating blocks 385-513 which overlap fs metadata [ 71.040150][ T5454] EXT4-fs (loop1): pa 00000000ef5b9180: logic 16, phys. 129, len 24 [ 71.042191][ T5454] EXT4-fs error (device loop1): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 71.075451][ T5283] Set syz1 is full, maxelem 65536 reached [ 71.198659][ T4401] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 71.306308][ T5473] netlink: 'syz.3.370': attribute type 4 has an invalid length. [ 71.348581][ T4401] usb 1-1: device descriptor read/64, error -71 [ 71.412907][ T5473] netlink: 'syz.3.370': attribute type 4 has an invalid length. [ 71.483208][ T4401] usb usb1-port1: attempt power cycle [ 71.583413][ T5485] netlink: 24 bytes leftover after parsing attributes in process `syz.4.376'. [ 71.732816][ T5490] loop4: detected capacity change from 0 to 1024 [ 71.736413][ T5490] EXT4-fs: Ignoring removed nobh option [ 71.738307][ T5490] EXT4-fs: Ignoring removed bh option [ 71.744412][ T5491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.378'. [ 71.747364][ T5490] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 71.851641][ T5490] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.379: Allocating blocks 385-513 which overlap fs metadata [ 71.888611][ T4401] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 71.919535][ T4401] usb 1-1: device descriptor read/8, error -71 [ 71.924740][ T5488] EXT4-fs (loop4): pa 0000000092d64d9b: logic 16, phys. 129, len 24 [ 71.926827][ T5488] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 72.063945][ T5505] netlink: 28 bytes leftover after parsing attributes in process `syz.1.384'. [ 72.203944][ T4401] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 72.239181][ T4401] usb 1-1: device descriptor read/8, error -71 [ 72.335733][ T5516] netlink: 24 bytes leftover after parsing attributes in process `syz.1.389'. [ 72.343154][ T27] kauditd_printk_skb: 47 callbacks suppressed [ 72.343170][ T27] audit: type=1326 audit(72.320:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.356933][ T27] audit: type=1326 audit(72.330:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.368816][ T4401] usb usb1-port1: unable to enumerate USB device [ 72.377075][ T27] audit: type=1326 audit(72.340:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.397264][ T27] audit: type=1326 audit(72.340:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.420451][ T27] audit: type=1326 audit(72.340:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.457180][ T27] audit: type=1326 audit(72.340:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.462678][ T27] audit: type=1326 audit(72.350:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.470902][ T27] audit: type=1326 audit(72.350:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.480579][ T27] audit: type=1326 audit(72.350:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.486444][ T5520] device macvlan1 entered promiscuous mode [ 72.500466][ T5518] loop4: detected capacity change from 0 to 512 [ 72.514969][ T27] audit: type=1326 audit(72.350:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5517 comm="syz.4.391" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 72.525433][ T5518] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.391: bg 0: block 35: padding at end of block bitmap is not set [ 72.529766][ T5520] device ipvlan0 entered promiscuous mode [ 72.531936][ T5520] device ipvlan0 left promiscuous mode [ 72.539300][ T5520] device macvlan1 left promiscuous mode [ 72.540990][ T5518] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 72.543443][ T5518] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.391: invalid indirect mapped block 4294967295 (level 1) [ 72.546993][ T5518] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.391: invalid indirect mapped block 4294967295 (level 2) [ 72.551292][ T5518] EXT4-fs (loop4): 1 truncate cleaned up [ 72.634342][ T5523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.392'. [ 72.637072][ T5528] loop4: detected capacity change from 0 to 1024 [ 72.639541][ T5528] EXT4-fs: Ignoring removed nobh option [ 72.640961][ T5528] EXT4-fs: Ignoring removed bh option [ 72.654455][ T5528] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 72.676564][ T5528] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3841: comm syz.4.393: Allocating blocks 385-513 which overlap fs metadata [ 72.686351][ T5527] EXT4-fs (loop4): pa 00000000393f1654: logic 16, phys. 129, len 24 [ 72.688694][ T5527] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 8 [ 72.727250][ T4305] EXT4-fs unmount: 10 callbacks suppressed [ 72.727267][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 72.981852][ T5542] netlink: 'syz.4.397': attribute type 4 has an invalid length. [ 73.026939][ T5542] netlink: 'syz.4.397': attribute type 4 has an invalid length. [ 73.153807][ T5552] netlink: 24 bytes leftover after parsing attributes in process `syz.1.402'. [ 73.297006][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 73.912683][ T5558] lo speed is unknown, defaulting to 1000 [ 74.058642][ T5558] dummy0 speed is unknown, defaulting to 1000 [ 74.243880][ T5565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.405'. [ 74.316750][ T5575] loop3: detected capacity change from 0 to 256 [ 74.334741][ T5575] FAT-fs (loop3): Directory bread(block 64) failed [ 74.350852][ T5575] FAT-fs (loop3): Directory bread(block 65) failed [ 74.352579][ T5575] FAT-fs (loop3): Directory bread(block 66) failed [ 74.354199][ T5575] FAT-fs (loop3): Directory bread(block 67) failed [ 74.360287][ T5575] FAT-fs (loop3): Directory bread(block 68) failed [ 74.361933][ T5575] FAT-fs (loop3): Directory bread(block 69) failed [ 74.363412][ T5575] FAT-fs (loop3): Directory bread(block 70) failed [ 74.365008][ T5575] FAT-fs (loop3): Directory bread(block 71) failed [ 74.368180][ T5575] FAT-fs (loop3): Directory bread(block 72) failed [ 74.370408][ T5575] FAT-fs (loop3): Directory bread(block 73) failed [ 74.527959][ T5583] netlink: 24 bytes leftover after parsing attributes in process `syz.0.414'. [ 74.606851][ T5585] Set syz1 is full, maxelem 65536 reached [ 74.774511][ T5597] netlink: 'syz.0.417': attribute type 4 has an invalid length. [ 74.801068][ T5580] loop2: detected capacity change from 0 to 512 [ 74.805610][ T5597] netlink: 'syz.0.417': attribute type 4 has an invalid length. [ 74.814461][ T5580] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 74.836399][ T5601] netlink: 8 bytes leftover after parsing attributes in process `syz.3.420'. [ 74.840777][ T5580] EXT4-fs (loop2): 1 truncate cleaned up [ 74.842448][ T5580] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 74.978375][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 75.128281][ T5613] netlink: 24 bytes leftover after parsing attributes in process `syz.3.425'. [ 75.206521][ T5616] loop4: detected capacity change from 0 to 1024 [ 75.278814][ T5616] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 75.338095][ T5627] netlink: 8 bytes leftover after parsing attributes in process `syz.2.432'. [ 75.678138][ T5645] netlink: 24 bytes leftover after parsing attributes in process `syz.3.439'. [ 76.032899][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 76.041672][ T5657] netlink: 8 bytes leftover after parsing attributes in process `syz.3.444'. [ 76.158212][ T5663] netlink: 4 bytes leftover after parsing attributes in process `syz.3.447'. [ 76.311142][ T5668] netlink: 'syz.4.448': attribute type 4 has an invalid length. [ 76.350614][ T5668] netlink: 'syz.4.448': attribute type 4 has an invalid length. [ 76.395525][ T5670] serio: Serial port ptm0 [ 76.416872][ T5672] netlink: 12 bytes leftover after parsing attributes in process `syz.1.451'. [ 76.747976][ T5682] loop0: detected capacity change from 0 to 512 [ 76.770165][ T5682] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 76.797893][ T5682] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ee018, mo2=0002] [ 76.807410][ T5682] System zones: 1-12 [ 76.812456][ T5682] EXT4-fs (loop0): 1 truncate cleaned up [ 76.816092][ T5682] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 76.852180][ T5682] netlink: 8 bytes leftover after parsing attributes in process `syz.0.456'. [ 76.948740][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 77.155780][ T5695] netlink: 12 bytes leftover after parsing attributes in process `syz.4.462'. [ 77.490603][ T27] kauditd_printk_skb: 129 callbacks suppressed [ 77.490617][ T27] audit: type=1326 audit(77.470:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5701 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 77.504387][ T27] audit: type=1326 audit(77.480:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5701 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 77.527695][ T27] audit: type=1326 audit(77.500:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5701 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 78.284534][ T27] audit: type=1326 audit(78.260:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5701 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 78.309644][ T27] audit: type=1326 audit(78.290:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffbd785448 code=0x7ffc0000 [ 78.383887][ T5714] loop3: detected capacity change from 0 to 1024 [ 78.390435][ T5714] EXT4-fs: Ignoring removed nobh option [ 78.392621][ T5714] EXT4-fs: Ignoring removed bh option [ 78.395016][ T5714] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 78.460703][ T5714] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 78.467734][ T27] audit: type=1326 audit(78.440:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5711 comm="syz.0.463" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=93 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 78.618077][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 78.723137][ T5731] netlink: 'syz.1.472': attribute type 4 has an invalid length. [ 78.764470][ T5731] infiniband sz1: set down [ 78.768745][ T1516] lo speed is unknown, defaulting to 1000 [ 78.770403][ T1516] lo speed is unknown, defaulting to 1000 [ 78.783689][ T5731] netlink: 'syz.1.472': attribute type 4 has an invalid length. [ 78.797992][ T5731] infiniband sz1: set active [ 78.809820][ T4502] lo speed is unknown, defaulting to 1000 [ 78.811350][ T4502] lo speed is unknown, defaulting to 1000 [ 78.956791][ T5739] Set syz1 is full, maxelem 65536 reached [ 79.124932][ T5746] loop4: detected capacity change from 0 to 2048 [ 79.177199][ T5741] lo speed is unknown, defaulting to 1000 [ 79.192083][ T5746] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 79.240126][ T27] audit: type=1326 audit(79.220:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 79.249631][ T27] audit: type=1326 audit(79.230:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=267 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 79.263847][ T27] audit: type=1326 audit(79.230:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 79.293392][ T27] audit: type=1326 audit(79.230:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5740 comm="syz.4.479" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f55ad28 code=0x7ffc0000 [ 79.315068][ T5746] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.479: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 79.342082][ T5741] dummy0 speed is unknown, defaulting to 1000 [ 79.546495][ T5762] __nla_validate_parse: 5 callbacks suppressed [ 79.546509][ T5762] netlink: 12 bytes leftover after parsing attributes in process `syz.2.487'. [ 79.702404][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 80.114335][ T5793] netlink: 12 bytes leftover after parsing attributes in process `syz.0.501'. [ 80.117405][ T5797] netlink: 'syz.2.500': attribute type 4 has an invalid length. [ 80.211843][ T5799] netlink: 'syz.2.500': attribute type 4 has an invalid length. [ 80.225276][ T5803] Set syz1 is full, maxelem 65536 reached [ 80.525074][ T5818] loop4: detected capacity change from 0 to 128 [ 81.357614][ T5819] loop3: detected capacity change from 0 to 512 [ 81.558583][ T5826] loop2: detected capacity change from 0 to 1024 [ 81.567753][ T5819] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 81.598249][ T5826] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 81.638717][ T5826] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 81.669402][ T5826] EXT4-fs (loop2): orphan cleanup on readonly fs [ 81.681289][ T5826] EXT4-fs error (device loop2): ext4_free_blocks:6210: comm syz.2.513: Freeing blocks not in datazone - block = 0, count = 4096 [ 81.712283][ T5826] EXT4-fs (loop2): Remounting filesystem read-only [ 81.722005][ T5826] EXT4-fs (loop2): 1 orphan inode deleted [ 81.723788][ T5826] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 81.919205][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 82.147114][ T5834] loop1: detected capacity change from 0 to 512 [ 82.157924][ T5834] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 82.176753][ T5834] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 82.235974][ T5834] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.517: invalid indirect mapped block 4294967295 (level 1) [ 82.273568][ T5834] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.517: invalid indirect mapped block 4294967295 (level 1) [ 82.299229][ T5834] EXT4-fs (loop1): 2 truncates cleaned up [ 82.302080][ T5834] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 82.368424][ C1] sched: RT throttling activated [ 82.495858][ T5841] netlink: 12 bytes leftover after parsing attributes in process `syz.3.516'. [ 82.506341][ T5839] loop0: detected capacity change from 0 to 1024 [ 82.531834][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 82.602469][ T5839] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.519: Invalid block bitmap block 0 in block_group 0 [ 82.616437][ T5839] __quota_error: 38 callbacks suppressed [ 82.616451][ T5839] Quota error (device loop0): write_blk: dquota write failed [ 82.659470][ T5839] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 82.661919][ T5839] EXT4-fs error (device loop0): ext4_acquire_dquot:6795: comm syz.0.519: Failed to acquire dquot type 0 [ 82.696097][ T5839] EXT4-fs error (device loop0): ext4_free_blocks:6210: comm syz.0.519: Freeing blocks not in datazone - block = 0, count = 4096 [ 82.744889][ T5839] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.519: Invalid inode bitmap blk 0 in block_group 0 [ 82.750039][ T202] Quota error (device loop0): do_check_range: Getting block 0 out of range 1-7 [ 82.752415][ T202] EXT4-fs error (device loop0): ext4_release_dquot:6818: comm kworker/u4:4: Failed to release dquot type 0 [ 82.768259][ T27] audit: type=1326 audit(82.738:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.783951][ T5839] EXT4-fs error (device loop0) in ext4_free_inode:362: Corrupt filesystem [ 82.803949][ T5839] EXT4-fs (loop0): 1 orphan inode deleted [ 82.805616][ T5839] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 82.879280][ T27] audit: type=1326 audit(82.858:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.884878][ T27] audit: type=1326 audit(82.858:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.901799][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 82.910383][ T27] audit: type=1326 audit(82.858:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.919711][ T27] audit: type=1326 audit(82.858:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.925198][ T27] audit: type=1326 audit(82.858:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.952866][ T27] audit: type=1326 audit(82.858:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5821 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 82.956425][ T5853] Set syz1 is full, maxelem 65536 reached [ 82.987095][ T5857] netlink: 'syz.1.523': attribute type 4 has an invalid length. [ 83.017732][ T5857] infiniband sz1: set down [ 83.030446][ T5858] netlink: 20 bytes leftover after parsing attributes in process `syz.0.525'. [ 83.128889][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 83.217699][ T1516] lo speed is unknown, defaulting to 1000 [ 83.219819][ T1516] lo speed is unknown, defaulting to 1000 [ 83.246566][ T5857] netlink: 'syz.1.523': attribute type 4 has an invalid length. [ 83.255780][ T5857] infiniband sz1: set active [ 83.259399][ T7] lo speed is unknown, defaulting to 1000 [ 83.261649][ T7] lo speed is unknown, defaulting to 1000 [ 83.321055][ T5860] lo speed is unknown, defaulting to 1000 [ 83.358216][ T5860] dummy0 speed is unknown, defaulting to 1000 [ 83.458945][ T5869] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 83.643701][ T5880] loop2: detected capacity change from 0 to 2048 [ 83.686443][ T5880] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 83.734672][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 83.798324][ T5891] netlink: 20 bytes leftover after parsing attributes in process `syz.3.539'. [ 84.150751][ T5905] lo speed is unknown, defaulting to 1000 [ 84.234404][ T5905] dummy0 speed is unknown, defaulting to 1000 [ 84.463177][ T5920] device pim6reg1 entered promiscuous mode [ 84.557515][ T5925] netlink: 20 bytes leftover after parsing attributes in process `syz.2.554'. [ 84.565541][ T5926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.553'. [ 84.574341][ T5926] device ipvlan2 entered promiscuous mode [ 84.576877][ T5926] 8021q: adding VLAN 0 to HW filter on device ipvlan2 [ 84.581752][ T5926] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 84.676841][ T5928] loop1: detected capacity change from 0 to 1024 [ 84.737740][ T5928] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 84.769394][ T5928] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 84.786262][ T5928] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28 [ 84.789680][ T5928] EXT4-fs (loop1): This should not happen!! Data will be lost [ 84.789680][ T5928] [ 84.792088][ T5928] EXT4-fs (loop1): Total free blocks count 0 [ 84.793462][ T5928] EXT4-fs (loop1): Free/Dirty block details [ 84.794886][ T5928] EXT4-fs (loop1): free_blocks=68451041280 [ 84.796522][ T5928] EXT4-fs (loop1): dirty_blocks=16 [ 84.797779][ T5928] EXT4-fs (loop1): Block reservation details [ 84.799385][ T5928] EXT4-fs (loop1): i_reserved_data_blocks=1 [ 84.820262][ T5928] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28 [ 85.083542][ T5944] process 'syz.1.560' launched './file0' with NULL argv: empty string added [ 85.294832][ T5940] lo speed is unknown, defaulting to 1000 [ 85.386973][ T5940] dummy0 speed is unknown, defaulting to 1000 [ 85.533845][ T5955] netlink: 20 bytes leftover after parsing attributes in process `syz.2.567'. [ 85.534983][ T5953] loop3: detected capacity change from 0 to 512 [ 85.540919][ T5953] EXT4-fs: Ignoring removed mblk_io_submit option [ 85.542651][ T5953] ext4: Unknown parameter 'seclabel' [ 85.913716][ T5966] loop3: detected capacity change from 0 to 128 [ 86.129755][ T5978] loop1: detected capacity change from 0 to 512 [ 86.138569][ T5978] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 86.210281][ T5978] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 86.333560][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 86.452061][ T5993] netlink: 20 bytes leftover after parsing attributes in process `syz.1.581'. [ 86.565064][ T5997] 9p: Unknown access argument : -22 [ 86.808074][ T6003] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1 [ 86.831728][ T6003] batman_adv: batadv0: Adding interface: gretap1 [ 86.833527][ T6003] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.851736][ T6003] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active [ 87.272654][ T6014] netlink: 20 bytes leftover after parsing attributes in process `syz.3.593'. [ 87.290933][ T6016] smc: net device bond0 applied user defined pnetid SYZ0 [ 87.305084][ T6016] smc: net device bond0 erased user defined pnetid SYZ0 [ 87.317091][ T6019] netlink: 4 bytes leftover after parsing attributes in process `syz.4.594'. [ 87.324508][ T6020] netlink: 44 bytes leftover after parsing attributes in process `syz.1.595'. [ 87.334244][ T6016] loop0: detected capacity change from 0 to 512 [ 87.342156][ T6016] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 87.356425][ T6016] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 87.469150][ T6016] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.592: corrupted in-inode xattr [ 87.472763][ T6016] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.592: couldn't read orphan inode 15 (err -117) [ 87.478682][ T6016] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 87.487836][ T6016] rdma_rxe: rxe_register_device failed with error -23 [ 87.491607][ T6016] rdma_rxe: failed to add lo [ 87.547993][ T6030] netlink: 'syz.3.600': attribute type 1 has an invalid length. [ 87.554096][ T6030] netlink: 'syz.3.600': attribute type 2 has an invalid length. [ 87.556372][ T6030] netlink: 4 bytes leftover after parsing attributes in process `syz.3.600'. [ 87.594951][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 87.804538][ T6044] loop1: detected capacity change from 0 to 2048 [ 87.844283][ T6044] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 87.873758][ T6044] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.605: bg 0: block 345: padding at end of block bitmap is not set [ 87.893003][ T6044] EXT4-fs (loop1): Remounting filesystem read-only [ 87.955073][ T4299] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /131/file1: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 87.962554][ T4299] EXT4-fs (loop1): Remounting filesystem read-only [ 87.999188][ T4299] EXT4-fs error (device loop1): ext4_lookup:1858: inode #13: comm syz-executor: iget: bogus i_mode (0) [ 88.003646][ T4299] EXT4-fs (loop1): Remounting filesystem read-only [ 88.005717][ T4299] EXT4-fs error (device loop1): ext4_lookup:1858: inode #13: comm syz-executor: iget: bogus i_mode (0) [ 88.021374][ T4299] EXT4-fs (loop1): Remounting filesystem read-only [ 88.140892][ T6057] loop4: detected capacity change from 0 to 512 [ 88.167497][ T6057] EXT4-fs (loop4): 1 orphan inode deleted [ 88.169781][ T6057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 88.186288][ T4692] __quota_error: 79 callbacks suppressed [ 88.186303][ T4692] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 88.198866][ T4692] EXT4-fs error (device loop4): ext4_release_dquot:6818: comm kworker/u4:11: Failed to release dquot type 1 [ 89.218238][ T6064] loop2: detected capacity change from 0 to 512 [ 89.223964][ T6064] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 89.232854][ T6047] netlink: 20 bytes leftover after parsing attributes in process `syz.0.606'. [ 89.268236][ T6064] EXT4-fs (loop2): 1 truncate cleaned up [ 89.274991][ T6064] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 89.416120][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 89.429727][ T6061] lo speed is unknown, defaulting to 1000 [ 89.467144][ T6061] dummy0 speed is unknown, defaulting to 1000 [ 89.533102][ T4299] EXT4-fs (loop1): unmounting filesystem. [ 89.812188][ T6083] loop0: detected capacity change from 0 to 512 [ 89.839874][ T6083] EXT4-fs (loop0): too many log groups per flexible block group [ 89.841976][ T6083] EXT4-fs (loop0): failed to initialize mballoc (-12) [ 89.843824][ T6083] EXT4-fs (loop0): mount failed [ 89.902340][ T47] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 89.909077][ T47] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 89.993150][ T47] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 89.995833][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 90.009251][ T4298] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.011669][ T4298] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.026944][ T4298] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.039285][ T4296] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.042241][ T4296] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.044295][ T4296] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.046674][ T4296] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.050189][ T4296] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 90.060392][ T4296] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.071727][ T27] audit: type=1326 audit(90.048:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.076895][ T27] audit: type=1326 audit(90.048:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.110870][ T27] audit: type=1326 audit(90.068:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.116345][ T27] audit: type=1326 audit(90.068:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.139021][ T27] audit: type=1326 audit(90.068:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.144483][ T27] audit: type=1326 audit(90.068:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.147492][ T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.153320][ T27] audit: type=1326 audit(90.068:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.159018][ T27] audit: type=1326 audit(90.068:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.162529][ T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 90.164148][ T27] audit: type=1326 audit(90.068:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6074 comm="syz.2.617" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 90.223803][ T6091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.624'. [ 90.352041][ T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.354680][ T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 90.542191][ T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.544849][ T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 90.555017][ T6086] lo speed is unknown, defaulting to 1000 [ 90.631365][ T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 90.634059][ T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 90.692098][ T6086] dummy0 speed is unknown, defaulting to 1000 [ 90.700283][ T6122] loop2: detected capacity change from 0 to 512 [ 90.802016][ T6122] EXT4-fs (loop2): 1 orphan inode deleted [ 90.803454][ T6122] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 90.866777][ T6127] netlink: 20 bytes leftover after parsing attributes in process `syz.4.637'. [ 90.878932][ T4693] EXT4-fs error (device loop2): ext4_release_dquot:6818: comm kworker/u4:12: Failed to release dquot type 1 [ 91.934399][ T6143] loop3: detected capacity change from 0 to 1024 [ 91.987892][ T6143] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 92.066116][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 92.098745][ T4298] Bluetooth: hci1: command 0x0409 tx timeout [ 92.602491][ T6140] lo speed is unknown, defaulting to 1000 [ 93.405726][ T6140] dummy0 speed is unknown, defaulting to 1000 [ 93.543076][ T6175] netlink: 28 bytes leftover after parsing attributes in process `syz.0.647'. [ 93.545277][ T6175] netlink: 16 bytes leftover after parsing attributes in process `syz.0.647'. [ 93.557055][ T6086] chnl_net:caif_netlink_parms(): no params data found [ 93.681722][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 93.733363][ T27] kauditd_printk_skb: 7 callbacks suppressed [ 93.733376][ T27] audit: type=1326 audit(93.708:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.744005][ T27] audit: type=1326 audit(93.718:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=141 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.754885][ T27] audit: type=1326 audit(93.718:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.760909][ T27] audit: type=1326 audit(93.718:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=0 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.766479][ T27] audit: type=1326 audit(93.728:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.772445][ T27] audit: type=1326 audit(93.728:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=4 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.778057][ T27] audit: type=1326 audit(93.728:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.783962][ T27] audit: type=1326 audit(93.728:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.789803][ T27] audit: type=1326 audit(93.728:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.795361][ T27] audit: type=1326 audit(93.728:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6186 comm="syz.2.649" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa175ad28 code=0x7ffc0000 [ 93.817305][ T6187] loop2: detected capacity change from 0 to 764 [ 93.842976][ T4574] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 93.846904][ T6086] bridge0: port 1(bridge_slave_0) entered blocking state [ 93.861798][ T6086] bridge0: port 1(bridge_slave_0) entered disabled state [ 93.877536][ T6086] device bridge_slave_0 entered promiscuous mode [ 93.957099][ T6086] bridge0: port 2(bridge_slave_1) entered blocking state [ 93.959240][ T6086] bridge0: port 2(bridge_slave_1) entered disabled state [ 93.961848][ T6086] device bridge_slave_1 entered promiscuous mode [ 94.007749][ T6086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.028881][ T6195] loop4: detected capacity change from 0 to 2048 [ 94.077857][ T6195] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 94.103903][ T6086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.119941][ T6195] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.651: bg 0: block 345: padding at end of block bitmap is not set [ 94.150122][ T6195] EXT4-fs (loop4): Remounting filesystem read-only [ 94.179622][ T4298] Bluetooth: hci1: command 0x041b tx timeout [ 94.210552][ T4305] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /109/file1: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0 [ 94.217814][ T4305] EXT4-fs (loop4): Remounting filesystem read-only [ 94.224366][ T4305] EXT4-fs error (device loop4): ext4_lookup:1858: inode #13: comm syz-executor: iget: bogus i_mode (0) [ 94.234737][ T4305] EXT4-fs (loop4): Remounting filesystem read-only [ 94.243810][ T4305] EXT4-fs error (device loop4): ext4_lookup:1858: inode #13: comm syz-executor: iget: bogus i_mode (0) [ 94.259621][ T4305] EXT4-fs (loop4): Remounting filesystem read-only [ 94.288318][ T6086] team0: Port device team_slave_0 added [ 94.292257][ T6086] team0: Port device team_slave_1 added [ 94.389317][ T6191] loop0: detected capacity change from 0 to 512 [ 94.404116][ T6191] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 94.417886][ T6191] EXT4-fs (loop0): 1 truncate cleaned up [ 94.421555][ T6191] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 94.473292][ T6086] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 94.475352][ T6086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.486426][ T6086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 94.492278][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 94.493922][ T6086] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 94.495677][ T6086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 94.503448][ T6086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 94.631846][ T4305] EXT4-fs (loop4): unmounting filesystem. [ 94.693749][ T6218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.655'. [ 94.727306][ T6218] device macvtap1 entered promiscuous mode [ 94.731048][ T6218] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 94.794245][ T9] batman_adv: batadv0: Removing interface: gretap1 [ 94.854851][ T6086] device hsr_slave_0 entered promiscuous mode [ 94.892098][ T6086] device hsr_slave_1 entered promiscuous mode [ 94.906848][ T6222] loop0: detected capacity change from 0 to 2048 [ 94.945400][ T6086] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 94.947276][ T6086] Cannot create hsr debugfs directory [ 94.967227][ T6218] netlink: 4 bytes leftover after parsing attributes in process `syz.3.655'. [ 94.987632][ T6222] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 95.040882][ T4298] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 95.044163][ T4298] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 95.046670][ T4298] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 95.084127][ T4298] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 95.087245][ T4298] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 95.089937][ T47] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 95.101537][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 95.152638][ T6232] loop3: detected capacity change from 0 to 512 [ 95.243093][ T6232] EXT4-fs (loop3): 1 orphan inode deleted [ 95.244615][ T6232] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 95.264257][ T4520] EXT4-fs error (device loop3): ext4_release_dquot:6818: comm kworker/u4:10: Failed to release dquot type 1 [ 95.353090][ T6246] loop2: detected capacity change from 0 to 512 [ 95.486467][ T6246] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 95.507824][ T6246] EXT4-fs (loop2): unmounting filesystem. [ 96.338610][ T4298] Bluetooth: hci1: command 0x040f tx timeout [ 96.661947][ T6255] lo speed is unknown, defaulting to 1000 [ 96.699248][ T6255] dummy0 speed is unknown, defaulting to 1000 [ 96.948863][ T4306] EXT4-fs (loop3): unmounting filesystem. [ 97.149695][ T4296] Bluetooth: hci4: command 0x0409 tx timeout [ 97.149963][ T6272] loop3: detected capacity change from 0 to 764 [ 97.174850][ T6226] lo speed is unknown, defaulting to 1000 [ 97.205625][ T6086] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 97.317404][ T6086] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 97.350943][ T6086] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 97.387671][ T6226] dummy0 speed is unknown, defaulting to 1000 [ 97.390980][ T6086] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 97.634685][ T6086] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.677239][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 97.680193][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 97.684980][ T6086] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.727296][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 97.730625][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 97.733370][ T4520] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.735947][ T4520] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.774069][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 97.776459][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 97.781710][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 97.787362][ T4520] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.789278][ T4520] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.803017][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 97.819764][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 97.826074][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 97.833674][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 97.865308][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 97.868871][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 97.871702][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 97.907055][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 97.909912][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 97.922586][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 97.925357][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 97.940887][ T6086] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 97.991116][ T9] device hsr_slave_0 left promiscuous mode [ 98.073733][ T9] device hsr_slave_1 left promiscuous mode [ 98.172013][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 98.173935][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 98.176842][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 98.196339][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 98.202968][ T9] device bridge_slave_1 left promiscuous mode [ 98.205911][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 98.263988][ T9] device bridge_slave_0 left promiscuous mode [ 98.265763][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 98.429581][ T4298] Bluetooth: hci1: command 0x0419 tx timeout [ 98.488938][ T9] device veth1_macvtap left promiscuous mode [ 98.491110][ T9] device veth0_macvtap left promiscuous mode [ 98.493633][ T9] device veth1_vlan left promiscuous mode [ 98.496527][ T9] device veth0_vlan left promiscuous mode [ 98.734833][ T9] infiniband syz2: set down [ 98.752557][ T9] infiniband sz1: set down [ 99.228526][ T4296] Bluetooth: hci4: command 0x041b tx timeout [ 99.482178][ T6312] rdma_rxe: rxe_register_device failed with error -23 [ 99.483950][ T6312] rdma_rxe: failed to add bond0 [ 99.497109][ T6312] loop0: detected capacity change from 0 to 1024 [ 99.502182][ T6312] EXT4-fs: Ignoring removed nobh option [ 99.503650][ T6312] EXT4-fs: Ignoring removed bh option [ 99.506143][ T6312] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 99.557046][ T6312] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 99.858603][ T4783] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 100.008605][ T4783] usb 1-1: device descriptor read/64, error -71 [ 100.298605][ T4783] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 100.448598][ T4783] usb 1-1: device descriptor read/64, error -71 [ 100.522688][ T9] team0 (unregistering): Port device team_slave_1 removed [ 100.568731][ T4783] usb usb1-port1: attempt power cycle [ 100.692086][ T9] team0 (unregistering): Port device team_slave_0 removed [ 100.871478][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 100.988596][ T4783] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 101.019122][ T4783] usb 1-1: device descriptor read/8, error -71 [ 101.090338][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 101.298634][ T4783] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 101.298773][ T4296] Bluetooth: hci4: command 0x040f tx timeout [ 101.339322][ T4783] usb 1-1: device descriptor read/8, error -71 [ 101.459985][ T4783] usb usb1-port1: unable to enumerate USB device [ 102.166357][ T4693] smc: removing ib device syz2 [ 102.514959][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 103.380020][ T4296] Bluetooth: hci4: command 0x0419 tx timeout [ 103.572066][ T9] bond0 (unregistering): Released all slaves [ 103.743390][ T4461] smc: removing ib device sz1 [ 103.751877][ T6301] netlink: 20 bytes leftover after parsing attributes in process `syz.2.666'. [ 103.798510][ T4327] dummy0 speed is unknown, defaulting to 1000 [ 103.801084][ T4342] infiniband syz2: ib_query_port failed (-19) [ 103.803701][ T14] lo speed is unknown, defaulting to 1000 [ 103.806340][ T6321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.670'. [ 103.812805][ T6321] device bond_slave_0 entered promiscuous mode [ 103.814573][ T6321] device bond_slave_1 entered promiscuous mode [ 103.822450][ T6321] device macvtap1 entered promiscuous mode [ 103.826454][ T6321] device bond0 entered promiscuous mode [ 103.836007][ T6321] 8021q: adding VLAN 0 to HW filter on device macvtap1 [ 103.854450][ T6323] netlink: 4 bytes leftover after parsing attributes in process `syz.0.670'. [ 103.858149][ T6323] device bond0 left promiscuous mode [ 103.867491][ T6323] device bond_slave_0 left promiscuous mode [ 103.869103][ T6323] device bond_slave_1 left promiscuous mode [ 103.955727][ T6226] chnl_net:caif_netlink_parms(): no params data found [ 104.234020][ T6340] loop0: detected capacity change from 0 to 512 [ 104.253152][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 104.255193][ T4520] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 104.349259][ T6226] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.351265][ T6226] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.355210][ T6226] device bridge_slave_0 entered promiscuous mode [ 104.358589][ T6340] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 104.363934][ T6226] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.365819][ T6226] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.379858][ T6340] EXT4-fs (loop0): unmounting filesystem. [ 104.380343][ T6226] device bridge_slave_1 entered promiscuous mode [ 104.452865][ T6086] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.519956][ T6226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.559333][ T6226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.694686][ T6226] team0: Port device team_slave_0 added [ 104.697939][ T6226] team0: Port device team_slave_1 added [ 104.797913][ T6226] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.804132][ T6226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.828202][ T6226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.870002][ T6226] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.871840][ T6226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.896579][ T6226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.180576][ T6226] device hsr_slave_0 entered promiscuous mode [ 105.201893][ T6226] device hsr_slave_1 entered promiscuous mode [ 105.248629][ T6226] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 105.250523][ T6226] Cannot create hsr debugfs directory [ 105.252414][ T6364] netlink: 4 bytes leftover after parsing attributes in process `syz.0.677'. [ 105.313836][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 105.317557][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 105.445594][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 105.448044][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 105.454754][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 105.457243][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 105.482382][ T6086] device veth0_vlan entered promiscuous mode [ 105.597139][ T6086] device veth1_vlan entered promiscuous mode [ 105.702640][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 105.705509][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 105.717738][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 105.727570][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 105.782077][ T6086] device veth0_macvtap entered promiscuous mode [ 105.812698][ T6086] device veth1_macvtap entered promiscuous mode [ 105.849811][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 105.853574][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 105.886741][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.892901][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.895367][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.897845][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.900630][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.903395][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.906966][ T6086] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.932179][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 105.935966][ T4364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 105.970351][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.972883][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.975220][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.977596][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.008138][ T6086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.010792][ T6086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.023631][ T6086] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.092776][ T27] kauditd_printk_skb: 170 callbacks suppressed [ 106.092790][ T27] audit: type=1326 audit(106.068:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 106.120178][ T27] audit: type=1326 audit(106.078:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=230 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 106.177055][ T27] audit: type=1326 audit(106.148:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 106.208993][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 106.216093][ T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 106.221438][ T6226] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 106.223831][ T27] audit: type=1326 audit(106.188:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6386 comm="syz.0.679" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.029812][ T6086] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.032147][ T6086] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.034235][ T6086] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.036234][ T6086] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.076418][ T6226] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 107.125301][ T6387] loop0: detected capacity change from 0 to 512 [ 107.138240][ T6387] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 107.160490][ T6226] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 107.167471][ T6387] EXT4-fs (loop0): 1 truncate cleaned up [ 107.175626][ T6387] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 107.190975][ T6226] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 107.348943][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 107.425874][ T6404] netlink: 4 bytes leftover after parsing attributes in process `syz.2.682'. [ 107.428930][ T27] audit: type=1326 audit(107.408:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.436273][ T27] audit: type=1326 audit(107.408:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.452740][ T27] audit: type=1326 audit(107.418:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.459910][ T27] audit: type=1326 audit(107.428:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.467688][ T202] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.471329][ T202] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.483246][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 107.485411][ T27] audit: type=1326 audit(107.428:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.507529][ T27] audit: type=1326 audit(107.428:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6405 comm="syz.0.683" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=428 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 107.584575][ T6412] loop2: detected capacity change from 0 to 512 [ 107.588911][ T6412] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 107.598287][ T6412] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.685: corrupted in-inode xattr [ 107.615878][ T1830] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.618012][ T1830] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.651192][ T6412] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.685: couldn't read orphan inode 15 (err -117) [ 107.656718][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 107.682901][ T6412] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 107.788867][ T6226] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.796517][ T4295] EXT4-fs (loop2): unmounting filesystem. [ 107.845112][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 107.847632][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 107.879291][ T6226] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.969583][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 107.972329][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 107.975179][ T4692] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.976955][ T4692] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.983841][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 107.999108][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 108.019854][ T4692] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.021684][ T4692] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.023799][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 108.030326][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 108.036334][ T4692] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 108.344495][ T6428] loop5: detected capacity change from 0 to 1024 [ 108.374610][ T6428] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 108.535771][ T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.543423][ T9] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 108.603409][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 108.606518][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 108.616462][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 108.625409][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 108.643271][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 108.661606][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 108.664093][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 108.675374][ T6226] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.685644][ T6226] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 108.740424][ T6086] EXT4-fs (loop5): unmounting filesystem. [ 108.751140][ T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 108.754871][ T9] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 108.857058][ T6461] loop5: detected capacity change from 0 to 764 [ 108.900351][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 108.903618][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 108.934477][ T6455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.693'. [ 109.180623][ T6466] loop3: detected capacity change from 0 to 1024 [ 109.189460][ T6466] EXT4-fs: Ignoring removed orlov option [ 109.191086][ T6466] EXT4-fs: Ignoring removed nomblk_io_submit option [ 109.232387][ T6466] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 109.463094][ T6466] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal [ 109.602483][ T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.606948][ T9] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 109.811645][ T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.814256][ T9] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0 [ 110.135896][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 110.138948][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 110.163230][ T6226] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 110.166091][ T6495] loop5: detected capacity change from 0 to 128 [ 110.426253][ T6508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.706'. [ 110.592999][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 110.595743][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 110.674438][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 110.676918][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 110.681160][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 110.688212][ T4461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 110.702395][ T6226] device veth0_vlan entered promiscuous mode [ 110.716348][ T6226] device veth1_vlan entered promiscuous mode [ 110.747269][ T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 111.020093][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 111.023061][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 111.041069][ T6226] device veth0_macvtap entered promiscuous mode [ 111.215091][ T6226] device veth1_macvtap entered promiscuous mode [ 111.272777][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 111.278982][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.281320][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 111.284079][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.289567][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 111.314473][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.317283][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 111.336459][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.356393][ T6226] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 111.405136][ T6547] loop3: detected capacity change from 0 to 512 [ 111.424754][ T6547] EXT4-fs (loop3): failed to initialize system zone (-117) [ 111.426667][ T6547] EXT4-fs (loop3): mount failed [ 111.472514][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 111.476395][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 111.479826][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 111.483658][ T1830] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 111.508889][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.511828][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.524385][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.526933][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.548747][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.551373][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.577316][ T6226] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 111.581047][ T6226] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 111.585328][ T6226] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 111.595489][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 111.597942][ T202] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 111.688023][ T6226] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.695157][ T6226] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.697372][ T6226] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.700847][ T6226] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.705414][ T6559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.718'. [ 112.067285][ T6582] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported [ 112.222326][ T6575] IPv6: NLM_F_CREATE should be specified when creating new route [ 112.755427][ T6607] loop3: detected capacity change from 0 to 128 [ 115.247473][ T6662] netlink: 4 bytes leftover after parsing attributes in process `syz.0.730'. [ 115.660856][ T6677] loop0: detected capacity change from 0 to 2048 [ 115.693858][ T6677] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 115.747887][ T27] kauditd_printk_skb: 79 callbacks suppressed [ 115.747901][ T27] audit: type=1326 audit(115.718:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.753271][ T6677] netlink: 16 bytes leftover after parsing attributes in process `syz.0.735'. [ 115.754876][ T27] audit: type=1326 audit(115.718:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=267 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.761807][ T27] audit: type=1326 audit(115.718:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.766622][ T27] audit: type=1326 audit(115.718:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.772051][ T27] audit: type=1326 audit(115.718:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.777298][ T27] audit: type=1326 audit(115.728:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.783025][ T27] audit: type=1326 audit(115.728:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.788583][ T27] audit: type=1326 audit(115.728:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.794109][ T27] audit: type=1326 audit(115.728:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.799332][ T27] audit: type=1326 audit(115.728:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6676 comm="syz.0.735" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbd75ad28 code=0x7ffc0000 [ 115.805585][ T6677] EXT4-fs error (device loop0): ext4_find_extent:936: inode #2: comm syz.0.735: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4) [ 115.867331][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 116.169557][ T6710] loop0: detected capacity change from 0 to 128 [ 118.548066][ T6756] netlink: 4 bytes leftover after parsing attributes in process `syz.0.743'. [ 125.940529][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.942143][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.624376][ T6873] smc: net device bond0 applied user defined pnetid SYZ0 [ 126.627262][ T6873] smc: net device bond0 erased user defined pnetid SYZ0 [ 126.639742][ T6873] loop0: detected capacity change from 0 to 512 [ 126.653696][ T6873] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 126.683656][ T6873] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 126.687512][ T6873] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.750: corrupted in-inode xattr [ 126.698115][ T6873] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.750: couldn't read orphan inode 15 (err -117) [ 126.701928][ T6873] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 126.729076][ T6873] EXT4-fs (loop0): re-mounted. Quota mode: none. [ 126.731776][ T6873] lo speed is unknown, defaulting to 1000 [ 126.735225][ T6873] lo speed is unknown, defaulting to 1000 [ 126.736916][ T6873] lo speed is unknown, defaulting to 1000 [ 126.772520][ T6873] infiniband sz1: set active [ 126.773790][ T14] lo speed is unknown, defaulting to 1000 [ 126.775274][ T6873] infiniband sz1: added lo [ 126.796330][ T6873] RDS/IB: sz1: added [ 126.797465][ T6873] smc: adding ib device sz1 with port count 1 [ 126.799988][ T6873] smc: ib device sz1 port 1 has pnetid [ 126.801876][ T6873] lo speed is unknown, defaulting to 1000 [ 126.805825][ T4502] lo speed is unknown, defaulting to 1000 [ 126.853123][ T6873] lo speed is unknown, defaulting to 1000 [ 126.913620][ T6873] lo speed is unknown, defaulting to 1000 [ 126.951060][ T6873] lo speed is unknown, defaulting to 1000 [ 126.989681][ T6873] lo speed is unknown, defaulting to 1000 [ 127.026334][ T6873] lo speed is unknown, defaulting to 1000 [ 127.062350][ T6873] lo speed is unknown, defaulting to 1000 [ 127.099892][ T6873] lo speed is unknown, defaulting to 1000 [ 127.136772][ T6873] lo speed is unknown, defaulting to 1000 [ 127.172906][ T6873] lo speed is unknown, defaulting to 1000 [ 127.208459][ T6873] lo speed is unknown, defaulting to 1000 [ 127.244243][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.246824][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.253216][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.293141][ T6880] infiniband syz2: set active [ 127.294627][ T4379] dummy0 speed is unknown, defaulting to 1000 [ 127.296268][ T6880] infiniband syz2: added dummy0 [ 127.310159][ T6880] RDS/IB: syz2: added [ 127.311209][ T6880] smc: adding ib device syz2 with port count 1 [ 127.312715][ T6880] smc: ib device syz2 port 1 has pnetid [ 127.314183][ T14] dummy0 speed is unknown, defaulting to 1000 [ 127.319689][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.355276][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.389766][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.424276][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.459517][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.493939][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.528402][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.564143][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.599518][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.633938][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 127.669431][ T6880] dummy0 speed is unknown, defaulting to 1000 [ 187.381410][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.383183][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 248.819789][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.821413][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.978650][ T28] INFO: task kworker/u4:0:9 blocked for more than 143 seconds. [ 260.980469][ T28] Not tainted 6.1.131-syzkaller #0 [ 260.981849][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 260.984024][ T28] task:kworker/u4:0 state:D stack:0 pid:9 ppid:2 flags:0x00000008 [ 260.986138][ T28] Workqueue: netns cleanup_net [ 260.987286][ T28] Call trace: [ 260.988027][ T28] __switch_to+0x308/0x598 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 261.011133][ T28] __schedule+0xef4/0x1d44 [ 261.012338][ T28] schedule+0xc4/0x170 [ 261.013291][ T28] schedule_preempt_disabled+0x18/0x2c [ 261.014702][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 261.015957][ T28] mutex_lock_nested+0x38/0x44 [ 261.031620][ T28] rfkill_unregister+0xb8/0x210 [ 261.032940][ T28] wiphy_unregister+0x1e8/0xa58 [ 261.034066][ T28] ieee80211_unregister_hw+0x194/0x278 [ 261.035370][ T28] mac80211_hwsim_del_radio+0x21c/0x3d8 [ 261.036652][ T28] hwsim_exit_net+0x51c/0x5e4 [ 261.037737][ T28] cleanup_net+0x640/0xaec [ 261.039501][ T28] process_one_work+0x804/0x1484 [ 261.040705][ T28] worker_thread+0x8e4/0xfec [ 261.041737][ T28] kthread+0x250/0x2d8 [ 261.042742][ T28] ret_from_fork+0x10/0x20 [ 261.043865][ T28] INFO: task kworker/1:3:4339 blocked for more than 143 seconds. [ 261.045675][ T28] Not tainted 6.1.131-syzkaller #0 [ 261.046996][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 261.051644][ T28] task:kworker/1:3 state:D stack:0 pid:4339 ppid:2 flags:0x00000008 [ 261.053851][ T28] Workqueue: events rfkill_global_led_trigger_worker [ 261.055340][ T28] Call trace: [ 261.056073][ T28] __switch_to+0x308/0x598 [ 261.057108][ T28] __schedule+0xef4/0x1d44 [ 261.058165][ T28] schedule+0xc4/0x170 [ 261.059893][ T28] schedule_preempt_disabled+0x18/0x2c [ 261.061209][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 261.062499][ T28] mutex_lock_nested+0x38/0x44 [ 261.063504][ T28] rfkill_global_led_trigger_worker+0x30/0xe4 [ 261.064885][ T28] process_one_work+0x804/0x1484 [ 261.066113][ T28] worker_thread+0x8e4/0xfec [ 261.067269][ T28] kthread+0x250/0x2d8 [ 261.068284][ T28] ret_from_fork+0x10/0x20 [ 261.071284][ T28] INFO: task syz-executor:6226 blocked for more than 143 seconds. [ 261.073207][ T28] Not tainted 6.1.131-syzkaller #0 [ 261.074501][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 261.076532][ T28] task:syz-executor state:D stack:0 pid:6226 ppid:1 flags:0x00000001 [ 261.079174][ T28] Call trace: [ 261.079982][ T28] __switch_to+0x308/0x598 [ 261.081033][ T28] __schedule+0xef4/0x1d44 [ 261.082077][ T28] schedule+0xc4/0x170 [ 261.083064][ T28] schedule_preempt_disabled+0x18/0x2c [ 261.084384][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 261.085629][ T28] mutex_lock_nested+0x38/0x44 [ 261.086718][ T28] rfkill_fop_open+0x12c/0x5c8 [ 261.087899][ T28] misc_open+0x2f0/0x368 [ 261.090085][ T28] chrdev_open+0x3e8/0x4fc [ 261.091216][ T28] do_dentry_open+0x734/0xfa0 [ 261.092386][ T28] vfs_open+0x7c/0x90 [ 261.093339][ T28] path_openat+0x1e14/0x2548 [ 261.094496][ T28] do_filp_open+0x1bc/0x3cc [ 261.095611][ T28] do_sys_openat2+0x128/0x3e0 [ 261.096848][ T28] __arm64_sys_openat+0x1f0/0x240 [ 261.097971][ T28] invoke_syscall+0x98/0x2bc [ 261.099901][ T28] el0_svc_common+0x138/0x258 [ 261.101032][ T28] do_el0_svc+0x58/0x13c [ 261.102075][ T28] el0_svc+0x58/0x168 [ 261.103012][ T28] el0t_64_sync_handler+0x84/0xf0 [ 261.104213][ T28] el0t_64_sync+0x18c/0x190 [ 261.105381][ T28] INFO: task syz.5.708:6519 blocked for more than 143 seconds. [ 261.107194][ T28] Not tainted 6.1.131-syzkaller #0 [ 261.109105][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 261.111269][ T28] task:syz.5.708 state:D stack:0 pid:6519 ppid:6086 flags:0x0000000d [ 261.113420][ T28] Call trace: [ 261.114179][ T28] __switch_to+0x308/0x598 [ 261.115304][ T28] __schedule+0xef4/0x1d44 [ 261.116392][ T28] schedule+0xc4/0x170 [ 261.117316][ T28] schedule_preempt_disabled+0x18/0x2c [ 261.119149][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 261.120475][ T28] mutex_lock_nested+0x38/0x44 [ 261.121521][ T28] rfkill_unregister+0xb8/0x210 [ 261.122690][ T28] nfc_unregister_device+0x98/0x290 [ 261.123847][ T28] nci_unregister_device+0x1dc/0x21c [ 261.125058][ T28] virtual_ncidev_close+0x70/0xb0 [ 261.126241][ T28] __fput+0x1c8/0x7c8 [ 261.127200][ T28] ____fput+0x20/0x30 [ 261.128190][ T28] task_work_run+0x240/0x2f0 [ 261.130519][ T28] get_signal+0x1330/0x1528 [ 261.131664][ T28] do_notify_resume+0x388/0x2cb8 [ 261.132876][ T28] el0_svc+0x9c/0x168 [ 261.133787][ T28] el0t_64_sync_handler+0x84/0xf0 [ 261.134932][ T28] el0t_64_sync+0x18c/0x190 [ 261.136014][ T28] INFO: task syz.2.725:6553 blocked for more than 143 seconds. [ 261.137747][ T28] Not tainted 6.1.131-syzkaller #0 [ 261.139850][ T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 261.142061][ T28] task:syz.2.725 state:D stack:0 pid:6553 ppid:4295 flags:0x00000009 [ 261.144256][ T28] Call trace: [ 261.145089][ T28] __switch_to+0x308/0x598 [ 261.146090][ T28] __schedule+0xef4/0x1d44 [ 261.147182][ T28] schedule+0xc4/0x170 [ 261.148107][ T28] schedule_preempt_disabled+0x18/0x2c [ 261.150166][ T28] __mutex_lock_common+0xbd8/0x21a0 [ 261.151519][ T28] mutex_lock_nested+0x38/0x44 [ 261.152637][ T28] nfc_rfkill_set_block+0x50/0x2d0 [ 261.153749][ T28] rfkill_set_block+0x18c/0x37c [ 261.154905][ T28] rfkill_fop_write+0x578/0x734 [ 261.156073][ T28] do_iter_write+0x3e0/0x964 [ 261.157179][ T28] do_writev+0x220/0x3ec [ 261.158221][ T28] __arm64_sys_writev+0x80/0x94 [ 261.159577][ T28] invoke_syscall+0x98/0x2bc [ 261.160657][ T28] el0_svc_common+0x138/0x258 [ 261.161841][ T28] do_el0_svc+0x58/0x13c [ 261.162918][ T28] el0_svc+0x58/0x168 [ 261.163942][ T28] el0t_64_sync_handler+0x84/0xf0 [ 261.165129][ T28] el0t_64_sync+0x18c/0x190 [ 261.166336][ T28] [ 261.166336][ T28] Showing all locks held in the system: [ 261.169883][ T28] 4 locks held by kworker/u4:0/9: [ 261.171243][ T28] #0: ffff0000c0845138 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x6bc/0x1484 [ 261.173781][ T28] #1: ffff80001d2c7c20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x6fc/0x1484 [ 261.176147][ T28] #2: ffff80001817d750 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x13c/0xaec [ 261.178614][ T28] #3: ffff80001843dce8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 [ 261.181032][ T28] 1 lock held by rcu_tasks_kthre/12: [ 261.182371][ T28] #0: ffff800015cd79b0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 [ 261.184916][ T28] 1 lock held by rcu_tasks_trace/13: [ 261.186226][ T28] #0: ffff800015cd81b0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 [ 261.188988][ T28] 1 lock held by khungtaskd/28: [ 261.190161][ T28] #0: ffff800015cd77e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 [ 261.192449][ T28] 2 locks held by getty/4055: [ 261.193528][ T28] #0: ffff0000d60fb098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c [ 261.195844][ T28] #1: ffff80001d9002f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 [ 261.198744][ T28] 3 locks held by kworker/1:3/4339: [ 261.200081][ T28] #0: ffff0000c0020938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x6bc/0x1484 [ 261.202493][ T28] #1: ffff800021627c20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x6fc/0x1484 [ 261.205568][ T28] #2: ffff80001843dce8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x30/0xe4 [ 261.208391][ T28] 2 locks held by syz-executor/6226: [ 261.209704][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.211789][ T28] #1: ffff80001843dce8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_open+0x12c/0x5c8 [ 261.214407][ T28] 2 locks held by syz.5.708/6519: [ 261.215718][ T28] #0: ffff0000f1d44100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x6c/0x290 [ 261.218031][ T28] #1: ffff80001843dce8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xb8/0x210 [ 261.220745][ T28] 2 locks held by syz.2.725/6553: [ 261.221971][ T28] #0: ffff80001843dce8 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x234/0x734 [ 261.224250][ T28] #1: ffff0000f1d44100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x50/0x2d0 [ 261.226633][ T28] 1 lock held by syz.3.741/6729: [ 261.227736][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.229924][ T28] 1 lock held by syz-executor/6871: [ 261.231144][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.233057][ T28] 1 lock held by syz.0.750/6883: [ 261.234237][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.236427][ T28] 1 lock held by syz-executor/6878: [ 261.237707][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.239936][ T28] 1 lock held by syz-executor/7017: [ 261.241212][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.243246][ T28] 1 lock held by syz-executor/7019: [ 261.244489][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.246553][ T28] 1 lock held by syz-executor/7021: [ 261.247840][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.250047][ T28] 1 lock held by syz-executor/7031: [ 261.251279][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.253330][ T28] 1 lock held by syz-executor/7033: [ 261.254558][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.256651][ T28] 1 lock held by syz-executor/7035: [ 261.257900][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.260118][ T28] 1 lock held by syz-executor/7037: [ 261.261417][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.263592][ T28] 1 lock held by syz-executor/7043: [ 261.264774][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.266712][ T28] 1 lock held by syz-executor/7045: [ 261.267884][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.270212][ T28] 1 lock held by syz-executor/7047: [ 261.271595][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.273713][ T28] 1 lock held by syz-executor/7049: [ 261.274956][ T28] #0: ffff800016f2e708 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x6c/0x368 [ 261.277090][ T28] [ 261.277720][ T28] ============================================= [ 261.277720][ T28] [ 261.279864][ T28] Kernel panic - not syncing: hung_task: blocked tasks [ 261.281421][ T28] CPU: 0 PID: 28 Comm: khungtaskd Not tainted 6.1.131-syzkaller #0 [ 261.283373][ T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 261.285731][ T28] Call trace: [ 261.286532][ T28] dump_backtrace+0x1c8/0x1f4 [ 261.287653][ T28] show_stack+0x2c/0x3c [ 261.288678][ T28] dump_stack_lvl+0x108/0x170 [ 261.289894][ T28] dump_stack+0x1c/0x58 [ 261.290901][ T28] panic+0x300/0x804 [ 261.291918][ T28] hung_task_panic+0x0/0x2c [ 261.292967][ T28] kthread+0x250/0x2d8 [ 261.293931][ T28] ret_from_fork+0x10/0x20 [ 261.295021][ T28] SMP: stopping secondary CPUs [ 261.296271][ T28] Kernel Offset: disabled [ 261.297336][ T28] CPU features: 0x080000,02070084,26017203 [ 261.298833][ T28] Memory Limit: none [ 261.568764][ T28] Rebooting in 86400 seconds..