last executing test programs: 6.13082182s ago: executing program 3 (id=2598): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000000)={0xe6, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10) getrusage(0x1, &(0x7f0000000680)) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r2}, 0x18) r3 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10) sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0xf00) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @multicast2, 0x0, 0x0, 'wrr\x00', 0x31, 0x7fff, 0x6}, 0x2c) syz_genetlink_get_family_id$ipvs(&(0x7f00000018c0), 0xffffffffffffffff) sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000004c0)=ANY=[@ANYBLOB='x\x00', @ANYBLOB], 0x78}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) shutdown(0xffffffffffffffff, 0x1) 5.72594604s ago: executing program 3 (id=2600): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c) sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) shutdown(r2, 0x1) 5.62669441s ago: executing program 3 (id=2601): setxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x9) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10) connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10) 5.507236632s ago: executing program 3 (id=2604): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) rt_sigaction(0x1b, 0x0, 0x0, 0x0, 0x0) 5.506907472s ago: executing program 3 (id=2606): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f00000001c0)='workqueue_queue_work\x00', r1, 0x0, 0x3}, 0x18) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000001000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94) 5.492063993s ago: executing program 3 (id=2607): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_REG(r0, 0x0, 0x20000080) r1 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'team_slave_1\x00', 0x0}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x1, 0x4}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x20, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x48}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0xe, 0x1}, {0x0, 0x3}, {0x0, 0xffff}}}, 0x24}}, 0x800) 4.674600435s ago: executing program 0 (id=2630): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e80)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0) ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) 4.61504647s ago: executing program 0 (id=2631): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) r0 = syz_io_uring_setup(0x3369, &(0x7f0000000500)={0x0, 0x7d10, 0x100, 0x3, 0x2b5}, &(0x7f00000002c0)=0x0, &(0x7f0000000580)=0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r5 = socket(0x2a, 0x2, 0x800) getsockname$packet(r5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x60, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}) io_uring_enter(r0, 0x46bc, 0x3, 0x20, 0x0, 0x20) 4.614831211s ago: executing program 0 (id=2632): unshare(0x2a020400) r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83) fchown(r0, 0xffffffffffffffff, 0x0) 4.614664941s ago: executing program 0 (id=2633): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x210000, &(0x7f0000002f40)={[{@nodelalloc}, {@dioread_lock}, {@barrier_val={'barrier', 0x3d, 0x4}}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@errors_remount}, {@stripe={'stripe', 0x3d, 0x5}}, {@bh}, {@init_itable}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=") mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262) 4.578565044s ago: executing program 0 (id=2634): readahead(0xffffffffffffffff, 0xfffffffffffffffa, 0x4) 3.849940507s ago: executing program 0 (id=2638): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3b}}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}], 0x20) 3.810431721s ago: executing program 32 (id=2638): r0 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3b}}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}], 0x20) 2.235788578s ago: executing program 1 (id=2671): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010002000000000000000000000a20000000000a0500000000000000000001000000f5ff7caf73797a30000000004c000000090a010400000000000000000100000008000a400000000308"], 0x94}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xe}, {0x5, 0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0xc0000000, 0xfffffffe, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xe}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0xd3ee}, @TCA_FQ_PIE_TARGET={0x8, 0x3, 0x4}]}}]}, 0x44}}, 0x20004055) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r0 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0) 2.075122533s ago: executing program 2 (id=2674): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001803000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x400000000000004}, 0x18) openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000740)={0x0, 0x0, 0x35, 0x0, 0x1}, 0x28) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) io_setup(0x4, 0x0) prctl$PR_SET_MM_EXE_FILE(0x39, 0xd, 0xffffffffffffffff) bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_mount_image$msdos(&(0x7f0000000000), &(0x7f0000000400)='./file0\x00', 0xc002, &(0x7f0000001a80)=ANY=[@ANYBLOB="71756965742c646f74732c6572726f72733d636f6e74696e75652c6e6f646c617865642c646f733178666c6f7070792c6e66732c646f74732c6e6f646f74732c0052bbde30ad1b84bbd4c68ac5df60afc617ca0829fb9a153080d7fe1db0f2c220c8"], 0x0, 0x268, &(0x7f0000001800)="$eJzs3TFrE2EYB/DH5NqGOti5OBy4OAV1cg1SQQwIkQw6GagurQjXJTrlY/gZ/DTOfoxO3U7shSZtz1JTry/N/X4Q7oF/3vDcG8ib4X2TDw8/H+x/OfpU/voevV4eWcSsLCN2ohPdqNybXzun9WYsmwUAcNeMRpNB6h5oVlEMJhsRsXUpGf9I0hAAAAAAAAAAAAA3Vrf/P07s/weAdba8/383bSs0pCgGk+3597fz7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0jkpywflFY/U/QEA/5/1HwDax/oPAO1j/QeA9nn77v3rwXC4N8rzXsTxbDqejqtrlb98Ndx7kp/aWYw6nk7H3bP8aZXn5/ON2J7nz2rzzXj8qMr/ZC/eDC/kW7F/ud1OA1MAAAAAAAAAAAAAAAAAAAAAyfXzM7Xn+/v9v+VVtfT7ABfO72exm93abQAAAAAAAAAAAAAAAAAAAMCddvT128Hk8PBjcUVRXuM5rSjux6rDs7jFVuN56om6adGNFUbFyu/OWhY1s5H9y+uk/mQCAAAAAAAAAAAAAAAAAID2WRz6vf6Yn002BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJLP7/v7kiImZlJfXtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGvsdwAAAP//a+CY+g==") bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='attr/exec\x00') writev(r2, &(0x7f0000000240)=[{&(0x7f00000004c0)='\n', 0x1}, {&(0x7f0000000080)='=', 0x1}], 0x2) 2.023379449s ago: executing program 4 (id=2675): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18) r1 = socket(0x2, 0x80805, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x12, 0x0}, &(0x7f0000000600)=0x10) 1.963262825s ago: executing program 2 (id=2676): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x11223}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x6}, @IFLA_BR_MCAST_STATS_ENABLED={0x5, 0x2a, 0x1}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x20040040) 1.963059735s ago: executing program 4 (id=2677): r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000280)='macvlan0\x00', 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e25, @multicast1}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = socket$packet(0x11, 0x2, 0x300) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000140), 0x4) 1.952097136s ago: executing program 4 (id=2678): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000340)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x78f, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSRNk/a95MGD9/pWgQcaKJ2YGlsFF3ElgoWCrm3DZBpqJpmSmZQmZNEightBxYWgm679UXdu/bFwo/+FC2mpmhYrLiRy50czTWbSSZqZCeTzgZs55/7IOd8595577sxlbgCH1lj6JxNxIiLeSyJGavOTiBiopPojpqvrPVhfy6VTEhsbr/2aVNa5v76Wi4ZtUsdqmf9GxLdvR5zMbC+3tLI6P1Mo5Jdq+YnywpWJ0srqqcsLM3P5ufzimcmpqdNnnzt7Zv9i/f3H1eN33n/56S+m/3zrP7fe/S6J6TheW9YYx34Zi7HaezKQvoWbRva7pN5Lel0B9iQ9NPuqR3mciJHoq6RaGOpmzQCATtkAAA6hxBgAAA6Z+ucA99fXcvWpt59IdNfdlyLiaDX++veb1SX9MR2DlYUDETF8P3nkm5EkIkb3ofyxiPjkqzc+S6eotYPv0oBuuH4jIi6Ojm3v/5NH71nYg2d2WrgxWHkZ2zL7sJ1/oJe+Tsc/zzcb/2Vqx//Ryt+t45/BJsfuXjz++M/c3rrN96/vQ8E16fjvxYZ72x40xF8z2lfL/aMy5htILl0u5NO+7Z8RMR4Dg2l+srJq85Hb+L2/7rUqv3H899sHb36alp++bq6Rud0/+Og2szPlmSeNu+7ujYj/9TeLP3nY/kmL8e/5Nst45YV3Pm61LI0/jbc+bY+/szZuRjzVtP032zLZ8f7EicruMFHfKZr48qePhluV39j+6ZSWX78W6Ia0/Yd3jn80abxfs7T7Mn64OfJNq2WPj7/5/n8kqXYCR2rzrs2Uy0uTEUeSV7fPP725bT1fXz+Nf/z/zY//arHN9//0mvBim/H33/nl873H31lp/LO7av/dJ249mO9rVX577T9VSY3X5rTT/7VbwSd57wAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOB5JJvswnclks9VneP87hjOFYql88lJxeXE2Ks/KHo2BTP2nLkcafg91svZ7+PX86S35ZyPiXxHx4eBQJZ/NFQuzvQ4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGqOtXj+f+rnwV7XDgDomKO9rgAA0HXO/wBw+Ozu/D/UsXoAAN3j+h8ADp+2z/8XO1sPAKB7XP8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQYefPnUunjT/W13JpfvbqyvJ88eqp2XxpPruwnMvmiktXsnPF4lwhn80VF1r+o+vVl0KxeGUqFpevTZTzpfJEaWX1wkJxebF84fLCzFz+Qn6ga5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQPtKK6vzM4VCfklix8TQwajGgUn0x4GohkTHEo29xFDvOigAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+7vAAAA//9oei8M") r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000002, 0x28011, r1, 0x0) madvise(&(0x7f0000573000/0x3000)=nil, 0x3000, 0x3) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94) syz_io_uring_setup(0x19a, &(0x7f0000000000)={0x0, 0x715a, 0x2000, 0x3, 0x2ce}, &(0x7f0000000080), &(0x7f0000000180)) bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4d, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000180)={0xeffffb, 0x0, 0xfffffffd, 0x1}, 0x10) write(r3, &(0x7f0000000000)="1c0000001a005f0214f9f407000904ff8000000020000000000000000800040001", 0x21) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="9feb010018000000000000007a0000007a000000040000000e00000000000010100000000a0000000700000f0200000002000000050000000400000002000000fcffffff040000000400040000000000ffffff7f020000009e772668f000000005002000ff07000000010000040000000065cc0b966e00000400000006000000080000003f4e0d0000000000000a01000000000000305f00bc467e2fe79c89305d99cf348b173241b80ae69ac173a80089f2e0d1f354d68f168b8b0988b0c4e3570b01cbdc842c6412c1"], &(0x7f0000000ac0)=""/4096, 0x98, 0x1000, 0x1, 0xad, 0x10000, @value=r4}, 0x28) r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000008c0)={0xffffffffffffffff, 0x80000000, 0x18}, 0xc) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r0, 0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)=r2}, 0x20) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001ac0)={0x11, 0x4, &(0x7f00000005c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}], &(0x7f0000000600)='GPL\x00', 0x8, 0xfd, &(0x7f0000000640)=""/253, 0x40f00, 0x41, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000840)={0x4, 0x3}, 0x8, 0x10, &(0x7f0000000880)={0x3, 0x8, 0xd828, 0x100}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000900)=[r0, r0, r6, r0, r0, r0, r0, r0], 0x0, 0x10, 0x4}, 0x94) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2) quotactl_fd$Q_SYNC(r7, 0xffffffff80000101, 0x0, 0x0) 1.896184842s ago: executing program 2 (id=2679): r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x1, {0x0, r3}}) io_uring_enter(r0, 0x351a, 0x100, 0x0, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) r5 = socket(0xa, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r6, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) clock_gettime(0x1, &(0x7f0000000000)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000040)={r8, r9+10000000}) r10 = socket$nl_xfrm(0x10, 0x3, 0x6) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r11}, 0x20) r12 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc4}, &(0x7f0000000100)={0x0, "de442bfc7910e10ac69ac014b0fa7807b11d2c99ed1f40d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d49025ceab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff) keyctl$chown(0x4, r12, 0xee01, 0xee00) keyctl$chown(0x4, r12, 0x0, 0x0) add_key$keyring(&(0x7f0000000200), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r12) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a31000000000000000000000000000000000000000000000000000000b315cc000000000000000000000000000000000000000000000000000000000000000000d800dc06020000000100000000007200060000006e22472d1b93f536347ca8c8785c5e371df045f46854a4ebe036dc4b83ad8ae351673a5729f2786504179633e627078571210e66fc366b5435017b746a6bf49fb321e26593658392678df1a64ef1235624619818b7f2fe0a5278f2ccdcd228711a402f46dea40f4df42544034dd53f6ca5ba1a9f62d4d3167f9e5ce05451a8bbfad7cc2dc978f82f3d59f6c1cfdcc4c36e31bec1e5b0d031ad300535ed148cc24c0dbef033c98606b8c6f1ec87e6f96db7f52f11b5b199236f317983b30fc4c83ce2847ae6ed71d8c346831d88ce844be02c19a28e"], 0x1f0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r5, 0x89fa, &(0x7f0000000480)={'sit0\x00', &(0x7f0000000400)={@mcast1, @multicast1, 0x11, 0x1e}}) r13 = socket$inet6(0xa, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000010) sendmmsg$inet(r13, &(0x7f0000000b00)=[{{&(0x7f0000000600)={0x2, 0x4e20, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000bc0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x7, 0x3, "e6"}]}}}], 0x18}}], 0x1, 0x8000004) sendmsg$nl_xfrm(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="c0020000100063d10000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa0000000000000000000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc01000000000000000000000000000000000000330000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000b000000000000000000000000000000ffffffffffffffff000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001600000000020000000000000000000000bf010100636d61632861657329"], 0x2c0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20) socket$unix(0x1, 0x2, 0x0) 1.895985931s ago: executing program 1 (id=2680): bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18) r1 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf10xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r2}, 0x10) r3 = dup(r1) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) 1.498585231s ago: executing program 4 (id=2684): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000008c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="8b3300000000fffff00005"], 0x28}}, 0x0) 1.496806811s ago: executing program 1 (id=2693): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0x1, 0x20727ff}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4006, 0x5, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x50) 1.480657863s ago: executing program 2 (id=2685): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) getrlimit(0xc, &(0x7f0000000000)) 1.461991125s ago: executing program 2 (id=2686): bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@errors_remount}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T") bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) semop(0x0, &(0x7f0000000080)=[{0x1, 0x8001, 0x1000}], 0x1) semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000140)=[0x6, 0x7fff]) 1.340637977s ago: executing program 4 (id=2687): prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)}) bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) write$cgroup_int(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=") r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0x8004587d, &(0x7f0000000100)={0x0, 0xffffffffffffffff, 0x9cf, 0x1, 0x800000000001004}) getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) sched_getparam(0xffffffffffffffff, &(0x7f00000010c0)) r5 = socket(0x2, 0x80805, 0x0) sendmmsg$inet_sctp(r5, &(0x7f0000005140)=[{&(0x7f0000000280)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000340)}], 0x1, 0x0, 0x70, 0x24040000}], 0x1, 0x240000c0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r6 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x0, 0x0, 0x0, 0x8400}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x16}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) 87.077502ms ago: executing program 2 (id=2688): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==") 0s ago: executing program 4 (id=2689): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18) unshare(0x62040200) kernel console output (not intermixed with test programs): c 0x2031 length: 9 > 1 [ 102.021406][ T7837] hfsplus: b-tree write err: -5, ino 3 [ 102.166182][ T7845] loop1: detected capacity change from 0 to 256 [ 102.179818][ T7845] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 102.462365][ T7849] loop3: detected capacity change from 0 to 1024 [ 102.469257][ T7849] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only. [ 103.589737][ T7871] loop2: detected capacity change from 0 to 2048 [ 103.617010][ T7873] loop1: detected capacity change from 0 to 1024 [ 103.625471][ T7871] EXT4-fs (loop2): cluster size (2048) smaller than block size (4096) [ 103.650004][ T7873] hfsplus: b-tree write err: -5, ino 3 [ 103.740179][ T7891] loop0: detected capacity change from 0 to 1024 [ 103.789882][ T7891] EXT4-fs error (device loop0): ext4_map_blocks:745: inode #3: block 2: comm syz.0.1453: lblock 2 mapped to illegal pblock 2 (length 1) [ 103.796206][ T7891] Quota error (device loop0): write_blk: dquota write failed [ 103.800969][ T7891] Quota error (device loop0): find_free_dqentry: Can't write quota data block 2 [ 103.819783][ T7891] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 103.832051][ T7891] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.1453: Failed to acquire dquot type 0 [ 103.836976][ T7901] loop2: detected capacity change from 0 to 8 [ 103.841901][ T7891] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.1453: lblock 2 mapped to illegal pblock 2 (length 1) [ 103.849648][ T7901] SQUASHFS error: lzo decompression failed, data probably corrupt [ 103.856335][ T7901] SQUASHFS error: Failed to read block 0x91: -5 [ 103.859510][ T7891] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 103.866635][ T7901] SQUASHFS error: Unable to read metadata cache entry [8f] [ 103.869111][ T7891] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.1453: Failed to acquire dquot type 0 [ 103.882444][ T7901] SQUASHFS error: Unable to read inode 0x13f [ 103.892133][ T7891] EXT4-fs error (device loop0): ext4_free_blocks:6205: comm syz.0.1453: Freeing blocks not in datazone - block = 0, count = 4096 [ 103.912474][ T7891] EXT4-fs error (device loop0): ext4_map_blocks:635: inode #3: block 2: comm syz.0.1453: lblock 2 mapped to illegal pblock 2 (length 1) [ 103.934410][ T7891] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 103.940521][ T7891] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.1453: Failed to acquire dquot type 0 [ 103.942473][ T7905] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 103.943657][ T7905] IPv6: NLM_F_CREATE should be set when creating new route [ 103.944792][ T7905] IPv6: NLM_F_CREATE should be set when creating new route [ 103.951826][ T7891] EXT4-fs (loop0): 1 orphan inode deleted [ 103.952943][ T7891] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 103.961784][ T7909] loop2: detected capacity change from 0 to 1024 [ 103.990324][ T4323] EXT4-fs (loop0): unmounting filesystem. [ 104.008043][ T4321] Bluetooth: hci2: unexpected cc 0x2031 length: 9 > 1 [ 104.015840][ T7909] hfsplus: b-tree write err: -5, ino 3 [ 104.057035][ T7913] loop0: detected capacity change from 0 to 8192 [ 104.156085][ T27] audit: type=1326 audit(117.136:5866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7923 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 104.159515][ T27] audit: type=1326 audit(117.136:5867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7923 comm="syz.2.1468" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 104.281544][ T7937] loop2: detected capacity change from 0 to 128 [ 104.290568][ T7935] loop0: detected capacity change from 0 to 1024 [ 104.311077][ T4321] Bluetooth: hci3: unexpected cc 0x2031 length: 9 > 1 [ 104.328497][ T7935] hfsplus: b-tree write err: -5, ino 3 [ 104.493800][ T7959] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1485'. [ 104.495565][ T7959] netem: unknown loss type 13 [ 104.628850][ T7973] loop3: detected capacity change from 0 to 1024 [ 104.657660][ T4321] Bluetooth: hci1: unexpected cc 0x2031 length: 9 > 1 [ 104.662526][ T7973] hfsplus: b-tree write err: -5, ino 3 [ 104.980500][ T8001] loop0: detected capacity change from 0 to 1024 [ 105.020746][ T8007] tmpfs: Bad value for 'size' [ 105.021563][ T4321] Bluetooth: hci3: unexpected cc 0x2031 length: 9 > 1 [ 105.037281][ T8001] hfsplus: b-tree write err: -5, ino 3 [ 105.086986][ T8015] loop0: detected capacity change from 0 to 512 [ 105.092176][ T8015] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 105.121553][ T8015] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.1511: invalid indirect mapped block 4294967295 (level 0) [ 105.126861][ T8015] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #16: comm syz.0.1511: invalid indirect mapped block 4294967295 (level 1) [ 105.131827][ T8015] EXT4-fs (loop0): 1 orphan inode deleted [ 105.132673][ T8015] EXT4-fs (loop0): 1 truncate cleaned up [ 105.134696][ T8015] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 105.161515][ T4323] EXT4-fs (loop0): unmounting filesystem. [ 105.172090][ T8024] loop4: detected capacity change from 0 to 512 [ 105.177475][ T8024] EXT4-fs (loop4): ea_inode feature is not supported for Hurd [ 105.391299][ T8049] loop3: detected capacity change from 0 to 1024 [ 105.400196][ T4321] Bluetooth: hci1: unexpected cc 0x2031 length: 9 > 1 [ 105.414830][ T9] hfsplus: b-tree write err: -5, ino 3 [ 105.818495][ T8059] loop3: detected capacity change from 0 to 256 [ 105.823749][ T8059] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d) [ 106.010416][ T8081] loop4: detected capacity change from 0 to 16 [ 106.012837][ T8077] loop0: detected capacity change from 0 to 1024 [ 106.021638][ T4321] Bluetooth: hci3: unexpected cc 0x2031 length: 9 > 1 [ 106.024690][ T8081] erofs: (device loop4): mounted with root inode @ nid 36. [ 106.318023][ T8088] loop0: detected capacity change from 0 to 1024 [ 106.397505][ T4321] Bluetooth: hci3: unexpected cc 0x2031 length: 9 > 1 [ 106.624689][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1545'. [ 107.282389][ T8122] loop4: detected capacity change from 0 to 2048 [ 107.287564][ T8122] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 107.289323][ T8122] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found! [ 107.290841][ T8122] UDF-fs: Scanning with blocksize 512 failed [ 107.293150][ T4388] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 107.294957][ T8122] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 107.296254][ T8122] UDF-fs: Scanning with blocksize 1024 failed [ 107.299059][ T8122] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 107.301799][ T8122] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 107.306625][ T8122] UDF-fs: Scanning with blocksize 2048 failed [ 107.308193][ T8122] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256 [ 107.310276][ T8122] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512 [ 107.312238][ T8122] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found [ 107.313864][ T8122] UDF-fs: Scanning with blocksize 4096 failed [ 107.314867][ T8122] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1) [ 107.364931][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 107.364942][ T27] audit: type=1326 audit(120.337:5896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.369004][ T27] audit: type=1326 audit(120.347:5897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=293 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.371926][ T27] audit: type=1326 audit(120.347:5898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.382439][ T27] audit: type=1326 audit(120.347:5899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.392784][ T8130] loop1: detected capacity change from 0 to 1024 [ 107.398821][ T27] audit: type=1326 audit(120.347:5900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.402160][ T27] audit: type=1326 audit(120.347:5901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.422645][ T27] audit: type=1326 audit(120.347:5902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.436477][ T27] audit: type=1326 audit(120.347:5903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.439769][ T27] audit: type=1326 audit(120.347:5904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=91 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.454605][ T27] audit: type=1326 audit(120.347:5905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8125 comm="syz.2.1556" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 107.473005][ T4388] usb 1-1: Using ep0 maxpacket: 32 [ 107.474525][ T4388] usb 1-1: too many configurations: 9, using maximum allowed: 8 [ 107.476430][ T4388] usb 1-1: config index 0 descriptor too short (expected 258, got 36) [ 107.477651][ T4388] usb 1-1: config 0 has no interfaces? [ 107.479276][ T4388] usb 1-1: config index 1 descriptor too short (expected 258, got 36) [ 107.480539][ T4388] usb 1-1: config 0 has no interfaces? [ 107.486417][ T4388] usb 1-1: config index 2 descriptor too short (expected 258, got 36) [ 107.487632][ T4388] usb 1-1: config 0 has no interfaces? [ 107.492173][ T4388] usb 1-1: config index 3 descriptor too short (expected 258, got 36) [ 107.497182][ T4388] usb 1-1: config 0 has no interfaces? [ 107.501072][ T4388] usb 1-1: config index 4 descriptor too short (expected 258, got 36) [ 107.502475][ T4388] usb 1-1: config 0 has no interfaces? [ 107.513874][ T4388] usb 1-1: config index 5 descriptor too short (expected 258, got 36) [ 107.515153][ T4388] usb 1-1: config 0 has no interfaces? [ 107.517893][ T4388] usb 1-1: config index 6 descriptor too short (expected 258, got 36) [ 107.519224][ T4388] usb 1-1: config 0 has no interfaces? [ 107.521156][ T4388] usb 1-1: config index 7 descriptor too short (expected 258, got 36) [ 107.522419][ T4388] usb 1-1: config 0 has no interfaces? [ 107.534940][ T4388] usb 1-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= b.5d [ 107.536342][ T4388] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 107.537689][ T4388] usb 1-1: Product: syz [ 107.538294][ T4388] usb 1-1: Manufacturer: syz [ 107.538981][ T4388] usb 1-1: SerialNumber: syz [ 107.541737][ T8144] loop3: detected capacity change from 0 to 2048 [ 107.542140][ T8148] input: syz1 as /devices/virtual/input/input10 [ 107.546536][ T8144] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000) [ 107.549519][ T4388] usb 1-1: config 0 descriptor?? [ 107.604866][ T8154] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 107.606554][ T8154] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 107.608173][ T8151] xt_connbytes: Forcing CT accounting to be enabled [ 107.609696][ T8151] Cannot find del_set index 1 as target [ 107.645542][ T8160] loop4: detected capacity change from 0 to 1024 [ 107.701562][ T8164] netlink: 'syz.4.1575': attribute type 11 has an invalid length. [ 107.756413][ T4388] usb 1-1: USB disconnect, device number 15 [ 107.777754][ T8172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 107.779220][ T8172] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 107.979986][ T8184] netlink: 220 bytes leftover after parsing attributes in process `syz.3.1582'. [ 108.266045][ T8188] loop4: detected capacity change from 0 to 1024 [ 108.335814][ T8197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.338304][ T8197] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.357558][ T8194] netlink: 'syz.1.1586': attribute type 11 has an invalid length. [ 108.397277][ T8202] loop1: detected capacity change from 0 to 16 [ 108.402494][ T8202] erofs: (device loop1): mounted with root inode @ nid 36. [ 108.530242][ T8212] input: syz0 as /devices/virtual/input/input11 [ 108.541502][ T8214] loop2: detected capacity change from 0 to 1024 [ 108.683349][ T8231] netlink: 'syz.0.1600': attribute type 11 has an invalid length. [ 108.688902][ T8233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 108.690418][ T8233] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 108.696528][ T8230] loop2: detected capacity change from 0 to 512 [ 108.729253][ T8230] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 108.757002][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 108.801165][ T8245] loop0: detected capacity change from 0 to 1024 [ 109.945316][ T8269] loop1: detected capacity change from 0 to 1024 [ 109.992701][ T8277] loop1: detected capacity change from 0 to 1024 [ 110.011606][ T8281] netlink: 'syz.2.1617': attribute type 11 has an invalid length. [ 110.156082][ T8294] loop1: detected capacity change from 0 to 1024 [ 110.157497][ T8294] EXT4-fs: Ignoring removed orlov option [ 111.556895][ T8295] netlink: 'syz.2.1626': attribute type 4 has an invalid length. [ 111.558183][ T8295] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1626'. [ 111.567937][ T4321] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 111.570432][ T4321] Bluetooth: hci2: Injecting HCI hardware error event [ 111.579752][ T4324] Bluetooth: hci2: hardware error 0x00 [ 111.917486][ T4321] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 111.918906][ T4321] Bluetooth: hci1: Injecting HCI hardware error event [ 111.921354][ T4330] Bluetooth: hci1: hardware error 0x00 [ 112.238669][ T8294] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 112.611839][ T8310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 112.619609][ T8310] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 112.654528][ T8312] loop4: detected capacity change from 0 to 1024 [ 112.656892][ T8314] loop0: detected capacity change from 0 to 128 [ 112.658885][ T8314] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 112.661265][ T8314] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 113.044619][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 113.105514][ T8323] loop4: detected capacity change from 0 to 128 [ 113.126355][ T8326] loop1: detected capacity change from 0 to 512 [ 113.132265][ T8326] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 113.155940][ T8326] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1640: corrupted in-inode xattr [ 113.158239][ T8326] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1640: couldn't read orphan inode 15 (err -117) [ 113.165519][ T8326] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 113.208276][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 113.350076][ T8344] loop1: detected capacity change from 0 to 256 [ 113.373450][ T8344] exfat: Bad value for 'uid' [ 113.375872][ T8343] loop0: detected capacity change from 0 to 1024 [ 114.309309][ T8376] loop1: detected capacity change from 0 to 128 [ 114.357889][ T8379] loop2: detected capacity change from 0 to 1024 [ 114.454162][ T4324] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 114.493110][ T4330] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 114.578547][ T8397] loop3: detected capacity change from 0 to 8 [ 114.595152][ T8397] unable to read fragment index table [ 114.782264][ T8399] loop4: detected capacity change from 0 to 164 [ 114.837984][ T8402] loop0: detected capacity change from 0 to 2048 [ 114.864265][ T4332] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 114.867446][ T4332] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 114.871226][ T8406] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1674'. [ 114.875706][ T8406] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check. [ 114.912690][ T8408] loop4: detected capacity change from 0 to 2048 [ 114.920081][ T8408] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 114.975787][ T8417] loop2: detected capacity change from 0 to 1024 [ 114.995361][ T8420] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1678'. [ 115.031161][ T27] kauditd_printk_skb: 35 callbacks suppressed [ 115.031170][ T27] audit: type=1326 audit(128.017:5941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.037916][ T27] audit: type=1326 audit(128.017:5942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.049242][ T27] audit: type=1326 audit(128.037:5943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.052400][ T27] audit: type=1326 audit(128.037:5944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.081923][ T27] audit: type=1326 audit(128.037:5945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=20 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.088986][ T27] audit: type=1326 audit(128.037:5946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.089525][ T8429] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 115.101045][ T27] audit: type=1326 audit(128.037:5947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.104836][ T27] audit: type=1326 audit(128.057:5948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.107913][ T8429] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 115.108025][ T27] audit: type=1326 audit(128.057:5949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.112161][ T27] audit: type=1326 audit(128.057:5950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8422 comm="syz.2.1681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=19 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 115.212973][ T22] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 115.286869][ T8445] loop3: detected capacity change from 0 to 1024 [ 115.676566][ T22] usb 1-1: Using ep0 maxpacket: 32 [ 115.684166][ T22] usb 1-1: config 0 has an invalid interface number: 196 but max is 0 [ 115.685317][ T22] usb 1-1: config 0 has no interface number 0 [ 115.686223][ T22] usb 1-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528 [ 115.687665][ T22] usb 1-1: config 0 interface 196 has no altsetting 0 [ 115.695244][ T22] usb 1-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 115.696755][ T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 115.697953][ T22] usb 1-1: Product: syz [ 115.698560][ T22] usb 1-1: Manufacturer: syz [ 115.702839][ T22] usb 1-1: SerialNumber: syz [ 115.711226][ T22] usb 1-1: config 0 descriptor?? [ 115.712452][ T8411] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 115.986097][ T8482] loop3: detected capacity change from 0 to 1024 [ 115.994602][ T22] ipheth 1-1:0.196: ipheth_get_macaddr: usb_control_msg: -71 [ 115.996000][ T22] ipheth: probe of 1-1:0.196 failed with error -71 [ 115.998665][ T22] usb 1-1: USB disconnect, device number 16 [ 116.138023][ T8486] loop4: detected capacity change from 0 to 8 [ 116.252862][ T8486] unable to read fragment index table [ 116.315916][ T4942] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 116.351194][ T8490] loop1: detected capacity change from 0 to 136 [ 116.373561][ T8490] Attempt to read inode for relocated directory [ 116.452523][ T8493] loop2: detected capacity change from 0 to 16 [ 116.458590][ T8493] erofs: (device loop2): erofs_init_device: empty device tag @ pos 0 [ 116.739630][ T4942] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 116.809757][ T8498] loop1: detected capacity change from 0 to 512 [ 116.817308][ T8498] EXT4-fs: Ignoring removed oldalloc option [ 116.829891][ T8498] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.1711: dx entry: limit 1024 != root limit 124 [ 116.831857][ T8498] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.1711: Corrupt directory, running e2fsck is recommended [ 116.838993][ T8498] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117 [ 116.841691][ T8498] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.1711: corrupted in-inode xattr [ 116.849432][ T8498] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1711: couldn't read orphan inode 15 (err -117) [ 116.852034][ T8498] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 116.859290][ T8498] EXT4-fs error (device loop1): ext4_xattr_set_entry:1629: inode #2: comm syz.1.1711: corrupted xattr entries [ 116.878322][ T8512] loop2: detected capacity change from 0 to 1024 [ 116.880588][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 116.894031][ T8510] loop0: detected capacity change from 0 to 256 [ 116.898121][ T8510] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d) [ 116.977252][ T8520] loop2: detected capacity change from 0 to 512 [ 116.998527][ T8520] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.1720: Invalid block bitmap block 0 in block_group 0 [ 117.003182][ T8520] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 117.010188][ T8520] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1720: attempt to clear invalid blocks 983261 len 1 [ 117.012657][ T8520] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1720: invalid indirect mapped block 2683928664 (level 0) [ 117.037124][ T8520] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.1720: Invalid inode table block 0 in block_group 0 [ 117.040520][ T8525] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.042169][ T8525] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.043198][ T8520] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 117.045078][ T8520] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 117.048718][ T8520] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.1720: Invalid inode table block 0 in block_group 0 [ 117.063042][ T8520] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5929: Corrupt filesystem [ 117.066797][ T8520] EXT4-fs error (device loop2): ext4_truncate:4318: inode #13: comm syz.2.1720: mark_inode_dirty error [ 117.071980][ T8520] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 117.080033][ T8520] EXT4-fs error (device loop2): __ext4_get_inode_loc:4513: comm syz.2.1720: Invalid inode table block 0 in block_group 0 [ 117.090531][ T8520] EXT4-fs (loop2): 1 truncate cleaned up [ 117.091380][ T8520] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 117.127460][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 117.208364][ T8533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 117.225873][ T8533] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 117.563734][ T8530] loop0: detected capacity change from 0 to 8 [ 117.569574][ T8530] unable to read fragment index table [ 117.594872][ T4459] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 118.420206][ T8568] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 118.617873][ T8574] loop4: detected capacity change from 0 to 512 [ 118.719372][ T8574] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.1739: inode has both inline data and extents flags [ 118.721881][ T8574] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.1739: couldn't read orphan inode 15 (err -117) [ 118.726778][ T8574] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 118.950845][ T8580] loop1: detected capacity change from 0 to 8 [ 118.955387][ T8580] unable to read fragment index table [ 119.031726][ T4942] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 119.082511][ T8588] loop3: detected capacity change from 0 to 1024 [ 119.134567][ T8588] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 119.513923][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 119.517439][ T8588] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.1741: inode has both inline data and extents flags [ 119.577584][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 119.578523][ T8603] loop4: detected capacity change from 0 to 512 [ 119.610420][ T8603] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 119.629413][ T8609] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 119.630963][ T8609] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 120.197179][ T4373] usb 1-1: new full-speed USB device number 17 using dummy_hcd [ 120.781685][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 120.931604][ T8641] loop1: detected capacity change from 0 to 512 [ 120.951802][ T4373] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64 [ 120.954482][ T4373] usb 1-1: New USB device found, idVendor=056a, idProduct=032f, bcdDevice= 0.00 [ 120.955897][ T4373] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 121.250440][ T4373] usb 1-1: config 0 descriptor?? [ 121.255188][ T8617] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 121.267687][ T8641] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.1758: inode has both inline data and extents flags [ 121.270152][ T8641] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.1758: couldn't read orphan inode 15 (err -117) [ 121.272088][ T8641] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 121.296868][ T27] kauditd_printk_skb: 14 callbacks suppressed [ 121.296877][ T27] audit: type=1326 audit(134.287:5965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.302401][ T27] audit: type=1326 audit(134.287:5966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.309703][ T27] audit: type=1326 audit(134.297:5967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.314409][ T27] audit: type=1326 audit(134.307:5968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.321891][ T27] audit: type=1326 audit(134.307:5969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.331130][ T27] audit: type=1326 audit(134.307:5970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.338680][ T27] audit: type=1326 audit(134.307:5971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.342238][ T27] audit: type=1326 audit(134.307:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=100 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.349063][ T27] audit: type=1326 audit(134.307:5973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8648 comm="syz.2.1763" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 121.851913][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 121.884886][ T8666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 121.886567][ T8666] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 122.024391][ T4373] wacom 0003:056A:032F.0006: hidraw0: USB HID v0.05 Device [HID 056a:032f] on usb-dummy_hcd.0-1/input0 [ 122.201020][ T8680] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 122.377408][ T4388] usb 1-1: USB disconnect, device number 17 [ 122.950599][ T8701] loop0: detected capacity change from 0 to 8 [ 122.955516][ T8701] SQUASHFS error: Failed to read block 0x707: -5 [ 122.962277][ T8701] SQUASHFS error: Unable to read metadata cache entry [705] [ 122.964620][ T8701] SQUASHFS error: Unable to read inode 0x11f [ 123.376851][ T8704] vhci_hcd: default hub control req: 8013 v0000 i0000 l31125 [ 123.735337][ T8728] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 123.736766][ T8728] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 123.771595][ T8733] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 123.776109][ T8733] FAT-fs (loop9): unable to read boot sector [ 123.801787][ T8736] loop4: detected capacity change from 0 to 8 [ 123.813835][ T8736] SQUASHFS error: Failed to read block 0x707: -5 [ 123.814877][ T8736] SQUASHFS error: Unable to read metadata cache entry [705] [ 123.815915][ T8736] SQUASHFS error: Unable to read inode 0x11f [ 123.849103][ T27] audit: type=1326 audit(136.837:5974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8743 comm="syz.4.1803" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x0 [ 124.002708][ T8764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1814'. [ 124.046415][ T8771] loop3: detected capacity change from 0 to 256 [ 124.138874][ T8780] Injecting memory failure for pfn 0x13c9e1 at process virtual address 0x20001000 [ 124.143701][ T8780] Memory failure: 0x13c9e1: recovery action for dirty LRU page: Recovered [ 124.145106][ T8780] Injecting memory failure for pfn 0x2112a2 at process virtual address 0x20002000 [ 124.153269][ T8780] Memory failure: 0x2112a2: recovery action for reserved kernel page: Ignored [ 124.178924][ T8786] loop1: detected capacity change from 0 to 512 [ 124.186602][ T8786] EXT4-fs (loop1): external journal device major/minor numbers have changed [ 124.191718][ T8786] EXT4-fs (loop1): failed to open journal device unknown-block(128,0) -6 [ 124.270634][ T8789] loop0: detected capacity change from 0 to 1024 [ 124.274110][ T8789] EXT4-fs: Ignoring removed orlov option [ 125.228925][ T8788] loop3: detected capacity change from 0 to 1024 [ 125.244740][ T8789] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 125.264054][ T8795] loop2: detected capacity change from 0 to 128 [ 125.407003][ T4323] EXT4-fs (loop0): unmounting filesystem. [ 125.458351][ T8816] loop0: detected capacity change from 0 to 2048 [ 125.462014][ T8818] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 125.464458][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.465328][ T8818] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 125.467268][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.468976][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.476424][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.479164][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.480883][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.483197][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.485299][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.487270][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.489386][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.494686][ T8816] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=385, location=385 [ 125.496317][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.497918][ T8816] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 125.499349][ T8816] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1) [ 125.540620][ T5008] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 126.092911][ T8847] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 126.158694][ T8848] loop2: detected capacity change from 0 to 512 [ 126.186375][ T2061] ieee802154 phy0 wpan0: encryption failed: -22 [ 126.195941][ T2061] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.649868][ T8864] loop3: detected capacity change from 0 to 764 [ 126.662650][ T8864] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 126.764832][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 126.766148][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 126.788625][ T8877] loop2: detected capacity change from 0 to 8 [ 126.810478][ T8877] SQUASHFS error: zlib decompression failed, data probably corrupt [ 126.811728][ T8877] SQUASHFS error: Failed to read block 0x9b: -5 [ 126.812675][ T8877] SQUASHFS error: Unable to read metadata cache entry [99] [ 126.816751][ T8877] SQUASHFS error: Unable to read inode 0x127 [ 126.906891][ T8881] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 127.130239][ T8883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 127.132198][ T8883] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 127.147532][ T8885] loop3: detected capacity change from 0 to 512 [ 127.154096][ T8885] ext4: Unknown parameter 'subj_type' [ 127.332521][ T8899] loop1: detected capacity change from 0 to 512 [ 127.704324][ T8904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1874'. [ 127.734504][ T8909] loop3: detected capacity change from 0 to 8 [ 127.737071][ T8909] SQUASHFS error: zlib decompression failed, data probably corrupt [ 127.738344][ T8909] SQUASHFS error: Failed to read block 0x9b: -5 [ 127.739473][ T8909] SQUASHFS error: Unable to read metadata cache entry [99] [ 127.740664][ T8909] SQUASHFS error: Unable to read inode 0x127 [ 127.771385][ T8911] loop0: detected capacity change from 0 to 512 [ 127.780584][ T8911] EXT4-fs (loop0): orphan cleanup on readonly fs [ 127.782032][ T8911] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #4: comm syz.0.1878: pblk 0 bad header/extent: too large eh_depth - magic f30a, entries 1, max 4(4), depth 2048(2048) [ 127.787480][ T8911] EXT4-fs error (device loop0): ext4_quota_enable:7020: comm syz.0.1878: Bad quota inode: 4, type: 1 [ 127.789657][ T8911] EXT4-fs warning (device loop0): ext4_enable_quotas:7061: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 127.792344][ T8911] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 127.793505][ T8911] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 127.845173][ T4323] EXT4-fs (loop0): unmounting filesystem. [ 128.411546][ T8938] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 128.684330][ T8947] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 128.685866][ T8947] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 128.868108][ T8963] loop2: detected capacity change from 0 to 1024 [ 128.874849][ T8969] loop0: detected capacity change from 0 to 512 [ 128.892713][ T8969] EXT4-fs warning (device loop0): read_mmp_block:115: Error -74 while reading MMP block 13 [ 128.899681][ T8963] hfsplus: xattr exists yet [ 128.945317][ T8976] loop3: detected capacity change from 0 to 764 [ 128.956910][ T4942] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 128.976439][ T8977] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1905'. [ 129.176898][ T8993] x_tables: ip6_tables: socket match: used from hooks FORWARD, but only valid from PREROUTING/INPUT [ 129.601821][ T8994] loop3: detected capacity change from 0 to 512 [ 129.862823][ T4330] Bluetooth: hci3: command 0x0407 tx timeout [ 130.040436][ T27] audit: type=1326 audit(143.027:5975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.044944][ T27] audit: type=1326 audit(143.027:5976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.048021][ T27] audit: type=1326 audit(143.027:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.071046][ T27] audit: type=1326 audit(143.027:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.074439][ T27] audit: type=1326 audit(143.027:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.077482][ T27] audit: type=1326 audit(143.027:5980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.093084][ T27] audit: type=1326 audit(143.027:5981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.096483][ T27] audit: type=1326 audit(143.027:5982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=292 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.099566][ T27] audit: type=1326 audit(143.027:5983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1913" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 130.136734][ T9006] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1914'. [ 130.140680][ T9006] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 130.142529][ T9006] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1) [ 130.146940][ T9006] bridge_slave_0: default FDB implementation only supports local addresses [ 130.578356][ T9025] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 130.579864][ T9025] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 130.937094][ T9037] loop0: detected capacity change from 0 to 8 [ 130.949425][ T9037] SQUASHFS error: lzo decompression failed, data probably corrupt [ 130.949442][ T9037] SQUASHFS error: Failed to read block 0x28d: -5 [ 130.949450][ T9037] SQUASHFS error: Unable to read metadata cache entry [28b] [ 130.949457][ T9037] SQUASHFS error: Unable to read inode 0x11f [ 130.982555][ T4942] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 131.035519][ T9041] netlink: 'syz.1.1930': attribute type 4 has an invalid length. [ 131.080821][ T9046] netlink: 'syz.1.1930': attribute type 4 has an invalid length. [ 131.093439][ T9048] loop0: detected capacity change from 0 to 16 [ 131.097417][ T9048] erofs: (device loop0): mounted with root inode @ nid 36. [ 131.161459][ T9055] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1935'. [ 131.360945][ T9073] netlink: 'syz.4.1945': attribute type 4 has an invalid length. [ 131.406127][ T9073] netlink: 'syz.4.1945': attribute type 4 has an invalid length. [ 131.787983][ T9112] netlink: 'syz.2.1961': attribute type 4 has an invalid length. [ 131.833246][ T9112] netlink: 'syz.2.1961': attribute type 4 has an invalid length. [ 131.854301][ T9116] loop1: detected capacity change from 0 to 2048 [ 131.891884][ T9116] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 132.012262][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 132.326319][ T9129] loop1: detected capacity change from 0 to 128 [ 132.349538][ T9129] FAT-fs (loop1): bogus number of reserved sectors [ 132.353895][ T9129] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero [ 132.356520][ T9129] FAT-fs (loop1): Can't find a valid FAT filesystem [ 132.449350][ T9143] loop4: detected capacity change from 0 to 256 [ 132.452531][ T9143] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 132.464967][ T9143] exFAT-fs (loop4): Medium has reported failures. Some data may be lost. [ 132.476123][ T9143] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0x7a885448, utbl_chksum : 0xe619d30d) [ 132.542848][ T9151] netlink: 'syz.0.1978': attribute type 4 has an invalid length. [ 132.571978][ T9151] netlink: 'syz.0.1978': attribute type 4 has an invalid length. [ 132.587650][ T27] audit: type=1326 audit(145.577:5984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9153 comm="syz.4.1980" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 132.820310][ T9164] netlink: 'syz.0.1984': attribute type 13 has an invalid length. [ 132.838873][ T9164] gretap0: refused to change device tx_queue_len [ 132.840325][ T9164] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 133.712208][ T9171] loop2: detected capacity change from 0 to 128 [ 133.764022][ T9171] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 133.811306][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 133.895376][ T9185] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1990'. [ 133.896913][ T9185] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1990'. [ 133.976096][ T9195] loop0: detected capacity change from 0 to 256 [ 133.977982][ T9195] exfat: Deprecated parameter 'namecase' [ 133.979192][ T9200] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1998'. [ 133.980576][ T9200] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1998'. [ 133.998053][ T9195] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d) [ 134.090192][ T9206] netlink: 'syz.2.1999': attribute type 13 has an invalid length. [ 134.122119][ T9206] gretap0: refused to change device tx_queue_len [ 134.123631][ T9206] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 134.922209][ T9211] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.931763][ T9211] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 135.042144][ T4373] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 135.043291][ T4373] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 135.044406][ T4373] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0 [ 135.046070][ T4373] hid-generic 0000:0004:0000.0007: hidraw0: HID v0.00 Device [syz0] on syz0 [ 135.078296][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2009'. [ 135.271032][ T9239] loop3: detected capacity change from 0 to 256 [ 135.276921][ T9239] exfat: Deprecated parameter 'namecase' [ 135.286920][ T9239] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d) [ 135.738966][ T9234] fido_id[9234]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 135.804349][ T9249] loop1: detected capacity change from 0 to 16 [ 135.807489][ T9249] erofs: (device loop1): mounted with root inode @ nid 36. [ 135.871442][ T9255] loop2: detected capacity change from 0 to 8 [ 135.925709][ T9255] unable to read inode lookup table [ 136.305240][ T9274] loop0: detected capacity change from 0 to 8 [ 136.401952][ T9278] netlink: 'syz.3.2028': attribute type 13 has an invalid length. [ 136.408186][ T9278] gretap0: refused to change device tx_queue_len [ 136.409500][ T9278] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 136.657259][ T3898] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 137.529723][ T9298] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 137.531236][ T9298] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 137.822400][ T9300] loop1: detected capacity change from 0 to 256 [ 137.831227][ T9300] exfat: Deprecated parameter 'namecase' [ 137.832626][ T3898] usb 1-1: config 220 has an invalid interface number: 76 but max is 2 [ 137.836322][ T3898] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping [ 137.838216][ T9298] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 137.851425][ T3898] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config [ 137.853517][ T3898] usb 1-1: config 220 has no interface number 2 [ 137.854445][ T3898] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12 [ 137.856000][ T9300] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d) [ 137.856321][ T3898] usb 1-1: config 220 interface 0 has no altsetting 0 [ 137.859054][ T3898] usb 1-1: config 220 interface 76 has no altsetting 0 [ 137.860070][ T3898] usb 1-1: config 220 interface 1 has no altsetting 0 [ 137.874596][ T3898] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9 [ 137.876026][ T3898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 137.879857][ T3898] usb 1-1: Product: syz [ 137.880598][ T3898] usb 1-1: Manufacturer: syz [ 137.881323][ T3898] usb 1-1: SerialNumber: syz [ 137.910012][ T9304] netlink: 220 bytes leftover after parsing attributes in process `syz.3.2040'. [ 138.373419][ T3898] usb 1-1: selecting invalid altsetting 0 [ 138.374800][ T3898] usb 1-1: Found UVC 7.01 device syz (8086:0b07) [ 138.375700][ T3898] usb 1-1: No valid video chain found. [ 138.395232][ T3898] usb 1-1: selecting invalid altsetting 0 [ 138.396237][ T3898] usbtest: probe of 1-1:220.1 failed with error -22 [ 138.405764][ T3898] usb 1-1: USB disconnect, device number 18 [ 138.457976][ T9316] loop3: detected capacity change from 0 to 256 [ 138.492124][ T9318] loop2: detected capacity change from 0 to 256 [ 138.506230][ T9318] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d) [ 138.701211][ T9339] netlink: 'syz.4.2050': attribute type 13 has an invalid length. [ 138.707891][ T9339] gretap0: refused to change device tx_queue_len [ 138.709484][ T9339] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 139.588118][ T9340] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 139.589504][ T9340] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 139.620712][ T9340] netlink: 'syz.3.2054': attribute type 16 has an invalid length. [ 139.622143][ T9340] netlink: 'syz.3.2054': attribute type 17 has an invalid length. [ 139.648734][ T9340] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 139.649946][ T9340] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 139.651103][ T9340] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 139.827608][ T9340] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 139.855690][ T9359] loop1: detected capacity change from 0 to 256 [ 139.864453][ T9359] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d) [ 139.881363][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.885565][ T9361] loop4: detected capacity change from 0 to 164 [ 139.890005][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.894197][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.898120][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.901974][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.906924][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.911275][ T9359] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008) [ 139.939555][ T9365] loop2: detected capacity change from 0 to 256 [ 139.942311][ T9365] exfat: Deprecated parameter 'namecase' [ 139.975842][ T9365] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x8d1bf2bd, utbl_chksum : 0xe619d30d) [ 139.999968][ T9369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 140.001338][ T9369] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 140.016982][ T9372] loop4: detected capacity change from 0 to 256 [ 140.018489][ T9372] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 140.024689][ T9372] FAT-fs (loop4): Directory bread(block 64) failed [ 140.025623][ T9372] FAT-fs (loop4): Directory bread(block 65) failed [ 140.026665][ T9372] FAT-fs (loop4): Directory bread(block 66) failed [ 140.027690][ T9372] FAT-fs (loop4): Directory bread(block 67) failed [ 140.028717][ T9372] FAT-fs (loop4): Directory bread(block 68) failed [ 140.029582][ T9372] FAT-fs (loop4): Directory bread(block 69) failed [ 140.030553][ T9372] FAT-fs (loop4): Directory bread(block 70) failed [ 140.031631][ T9372] FAT-fs (loop4): Directory bread(block 71) failed [ 140.032578][ T9372] FAT-fs (loop4): Directory bread(block 72) failed [ 140.035854][ T9372] FAT-fs (loop4): Directory bread(block 73) failed [ 140.511467][ T9388] loop0: detected capacity change from 0 to 256 [ 140.529598][ T9388] FAT-fs (loop0): Directory bread(block 64) failed [ 140.530668][ T9388] FAT-fs (loop0): Directory bread(block 65) failed [ 140.531762][ T9388] FAT-fs (loop0): Directory bread(block 66) failed [ 140.532660][ T9388] FAT-fs (loop0): Directory bread(block 67) failed [ 140.534860][ T9388] FAT-fs (loop0): Directory bread(block 68) failed [ 140.538530][ T9388] FAT-fs (loop0): Directory bread(block 69) failed [ 140.539484][ T9388] FAT-fs (loop0): Directory bread(block 70) failed [ 140.540534][ T9388] FAT-fs (loop0): Directory bread(block 71) failed [ 140.541623][ T9388] FAT-fs (loop0): Directory bread(block 72) failed [ 140.542651][ T9388] FAT-fs (loop0): Directory bread(block 73) failed [ 140.582915][ T9391] loop4: detected capacity change from 0 to 128 [ 140.634839][ T9394] loop3: detected capacity change from 0 to 512 [ 140.639138][ T9394] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 140.650132][ T9399] loop4: detected capacity change from 0 to 128 [ 140.659537][ T9394] EXT4-fs (loop3): 1 truncate cleaned up [ 140.661667][ T9394] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 140.696915][ T9402] loop0: detected capacity change from 0 to 8192 [ 140.714230][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 140.804686][ T9408] loop1: detected capacity change from 0 to 256 [ 140.870220][ T9418] loop3: detected capacity change from 0 to 128 [ 140.949739][ T9432] loop2: detected capacity change from 0 to 8 [ 140.974841][ T9432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.658860][ T9432] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.871633][ T9449] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 141.891626][ T9449] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 141.926103][ T9449] loop3: detected capacity change from 0 to 512 [ 141.947464][ T9449] EXT4-fs (loop3): 1 truncate cleaned up [ 141.948436][ T9449] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 142.188846][ T9464] netlink: 'syz.1.2108': attribute type 30 has an invalid length. [ 142.418771][ T9479] loop4: detected capacity change from 0 to 2048 [ 142.743167][ T9479] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 142.763401][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 142.892551][ T9498] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2123'. [ 142.977655][ T9507] loop0: detected capacity change from 0 to 8 [ 142.980094][ T9507] SQUASHFS error: lzo decompression failed, data probably corrupt [ 142.981539][ T9507] SQUASHFS error: Failed to read block 0x1b2: -5 [ 142.982462][ T9507] SQUASHFS error: Unable to read metadata cache entry [1b0] [ 142.985343][ T9507] SQUASHFS error: Unable to read inode 0x11f [ 143.536842][ T9535] loop4: detected capacity change from 0 to 1024 [ 143.596410][ T9535] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 143.617598][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 143.664475][ T9550] loop4: detected capacity change from 0 to 8 [ 143.680140][ T9550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 143.683734][ T9550] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.717817][ T27] kauditd_printk_skb: 12 callbacks suppressed [ 143.717826][ T27] audit: type=1326 audit(156.707:5997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.729794][ T27] audit: type=1326 audit(156.717:5998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.734934][ T27] audit: type=1326 audit(156.727:5999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=147 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.752160][ T27] audit: type=1326 audit(156.727:6000): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.761746][ T27] audit: type=1326 audit(156.727:6001): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.786619][ T27] audit: type=1326 audit(156.727:6002): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.790044][ T27] audit: type=1326 audit(156.727:6003): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.813752][ T27] audit: type=1326 audit(156.727:6004): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.816813][ T27] audit: type=1326 audit(156.727:6005): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=140 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.837726][ T27] audit: type=1326 audit(156.727:6006): auid=4294967295 uid=60928 gid=0 ses=4294967295 subj=unconfined pid=9554 comm="syz.1.2146" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 143.955904][ T9573] loop2: detected capacity change from 0 to 512 [ 143.986246][ T9573] EXT4-fs error (device loop2): __ext4_fill_super:5397: inode #2: comm syz.2.2155: inode has both inline data and extents flags [ 143.988926][ T9573] EXT4-fs (loop2): get root inode failed [ 143.989909][ T9573] EXT4-fs (loop2): mount failed [ 144.082510][ T9586] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 144.084880][ T9586] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 144.512958][ T1514] usb 1-1: new full-speed USB device number 19 using dummy_hcd [ 144.703859][ T1514] usb 1-1: not running at top speed; connect to a high speed hub [ 144.706093][ T1514] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3 [ 144.707519][ T1514] usb 1-1: config 1 has no interface number 1 [ 144.708402][ T1514] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 144.711958][ T1514] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 144.713823][ T1514] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 144.715173][ T1514] usb 1-1: Product: syz [ 144.715831][ T1514] usb 1-1: Manufacturer: syz [ 144.716621][ T1514] usb 1-1: SerialNumber: syz [ 144.914210][ T9614] binder: Bad value for 'max' [ 144.923718][ T1514] usb 1-1: 2:1: invalid format type 0x1002 is detected, processed as PCM [ 144.930728][ T1514] usb 1-1: failed to enable PITCH for EP 0x82 [ 144.946925][ T1514] usb 1-1: USB disconnect, device number 19 [ 145.036754][ T9625] 9pnet: p9_errstr2errno: server reported unknown error n$Ž[ [ 145.036754][ T9625] Q&|xùXºX<%ØbÀ½Øê#oq@ž«Öøx+ËvÓ7ÄkwB°• [ 145.087759][ T9630] loop4: detected capacity change from 0 to 2048 [ 145.131621][ T9630] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 145.162483][ T9641] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2185'. [ 145.169788][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 145.200458][ T4941] udevd[4941]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 145.389151][ T9659] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 145.394441][ T9661] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2193'. [ 146.249401][ T9694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2205'. [ 146.307989][ T9700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 146.309520][ T9700] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 146.995029][ T9659] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.999888][ T9706] pimreg: tun_chr_ioctl cmd 1074812117 [ 147.000753][ T9707] pimreg: tun_chr_ioctl cmd 1074025673 [ 147.124878][ T9659] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.217222][ T9659] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.279069][ T9738] loop4: detected capacity change from 0 to 512 [ 147.287550][ T9738] EXT4-fs: Ignoring removed bh option [ 147.290294][ T9738] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 147.318774][ T9738] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz.4.2222: inode #1: comm syz.4.2222: iget: illegal inode # [ 147.324281][ T9738] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.2222: error while reading EA inode 1 err=-117 [ 147.330424][ T9738] EXT4-fs (loop4): 1 orphan inode deleted [ 147.331299][ T9738] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 147.344931][ T9743] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.346468][ T9743] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.367861][ T9738] IPv6: addrconf: prefix option has invalid lifetime [ 147.404522][ T9659] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.417479][ T9659] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.420570][ T9659] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.425097][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 147.426077][ T9659] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.445998][ T9749] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2227'. [ 147.546862][ T9757] loop2: detected capacity change from 0 to 8192 [ 147.594064][ T9757] loop2: p1 p2 p3 p4 [ 147.594831][ T9757] loop2: partition table partially beyond EOD, truncated [ 147.596103][ T9757] loop2: p1 start 13435904 is beyond EOD, truncated [ 147.597093][ T9757] loop2: p2 start 4195840 is beyond EOD, truncated [ 147.598070][ T9757] loop2: p3 start 458783 is beyond EOD, truncated [ 147.599057][ T9757] loop2: p4 start 65537 is beyond EOD, truncated [ 147.920783][ T9766] netlink: 'syz.0.2234': attribute type 13 has an invalid length. [ 147.925711][ T9769] loop4: detected capacity change from 0 to 1024 [ 147.927032][ T9769] EXT4-fs: Ignoring removed bh option [ 147.927883][ T9769] EXT4-fs: inline encryption not supported [ 147.928745][ T9769] ext4: Unknown parameter 'smackfstransmute' [ 147.933493][ T9766] gretap0: refused to change device tx_queue_len [ 147.934838][ T9766] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 147.962764][ T9778] loop3: detected capacity change from 0 to 2048 [ 147.966924][ T4459] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 147.977450][ T9780] loop1: detected capacity change from 0 to 512 [ 148.047213][ T9780] EXT4-fs error (device loop1): ext4_acquire_dquot:6809: comm syz.1.2238: Failed to acquire dquot type 1 [ 148.050376][ T9788] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.053993][ T9790] binfmt_misc: register: failed to install interpreter file ./file2 [ 148.059312][ T9780] EXT4-fs (loop1): 1 truncate cleaned up [ 148.060248][ T9780] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 148.062390][ T9788] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 148.136098][ T9795] ALSA: seq fatal error: cannot create timer (-19) [ 148.150828][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 148.153174][ T14] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4 [ 148.154393][ T14] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2 [ 148.155608][ T14] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x3 [ 148.178030][ T14] hid-generic 0000:3000000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 148.192695][ T9805] sch_tbf: peakrate 7 is lower than or equals to rate 7 ! [ 148.253669][ T9808] fido_id[9808]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 148.363093][ T9821] loop3: detected capacity change from 0 to 512 [ 148.386195][ T9821] EXT4-fs (loop3): orphan cleanup on readonly fs [ 148.387629][ T9821] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.2260: bad orphan inode 13 [ 148.393419][ T9821] ext4_test_bit(bit=12, block=18) = 1 [ 148.394283][ T9821] is_bad_inode(inode)=0 [ 148.394985][ T9821] NEXT_ORPHAN(inode)=2130706432 [ 148.395905][ T9821] max_ino=32 [ 148.396398][ T9821] i_nlink=1 [ 148.397001][ T9821] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 148.400256][ T9828] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3) [ 148.401275][ T9828] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 148.413196][ T9828] vhci_hcd vhci_hcd.0: Device attached [ 148.415202][ T9829] vhci_hcd: connection closed [ 148.417120][ T1610] vhci_hcd: stop threads [ 148.418930][ T1610] vhci_hcd: release socket [ 148.419612][ T1610] vhci_hcd: disconnect device [ 148.435095][ T9821] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended [ 148.458033][ T9821] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2260: bg 0: block 248: padding at end of block bitmap is not set [ 148.470359][ T9821] EXT4-fs error (device loop3): ext4_acquire_dquot:6809: comm syz.3.2260: Failed to acquire dquot type 1 [ 148.477582][ T9821] EXT4-fs warning (device loop3): ext4_enable_quotas:7061: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 148.600412][ T9849] loop2: detected capacity change from 0 to 164 [ 148.607089][ T9849] ISOFS: unable to read i-node block [ 148.608377][ T9849] isofs_fill_super: get root inode failed [ 148.991410][ T9866] loop0: detected capacity change from 0 to 512 [ 148.994326][ T9866] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 149.010858][ T9866] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 149.030872][ T4323] EXT4-fs (loop0): unmounting filesystem. [ 149.087028][ T9872] device ip6tnl1 entered promiscuous mode [ 149.135935][ T9874] loop0: detected capacity change from 0 to 512 [ 149.145794][ T9874] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 149.147736][ T9874] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 149.168347][ T4596] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x05417272 (sector = 1) [ 149.188457][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 149.274846][ T9887] loop1: detected capacity change from 0 to 512 [ 149.277261][ T9887] EXT4-fs: Ignoring removed orlov option [ 149.281511][ T9887] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem [ 149.299613][ T9887] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.2288: corrupted in-inode xattr [ 149.305160][ T9887] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.2288: couldn't read orphan inode 15 (err -117) [ 149.310161][ T9887] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 149.348238][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 149.513922][ T9897] loop3: detected capacity change from 0 to 512 [ 149.874571][ T9897] EXT4-fs (loop3): 1 orphan inode deleted [ 149.875605][ T9897] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 149.897543][ T4413] __quota_error: 71 callbacks suppressed [ 149.897565][ T4413] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14 [ 149.900148][ T4413] EXT4-fs error (device loop3): ext4_release_dquot:6845: comm kworker/u4:6: Failed to release dquot type 1 [ 150.338258][ T9909] loop2: detected capacity change from 0 to 128 [ 150.343049][ T27] audit: type=1326 audit(163.247:6074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.346391][ T27] audit: type=1326 audit(163.247:6075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.349493][ T27] audit: type=1326 audit(163.247:6076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.368806][ T27] audit: type=1326 audit(163.247:6077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.377373][ T9908] loop4: detected capacity change from 0 to 2048 [ 150.390428][ T27] audit: type=1326 audit(163.247:6078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.408586][ T27] audit: type=1326 audit(163.247:6079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9902 comm="gtp" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=228 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 150.414388][ T9908] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 150.435723][ T27] audit: type=1326 audit(163.277:6080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9904 comm="syz.0.2295" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbcf5b9e8 code=0x7ffc0000 [ 150.438750][ T27] audit: type=1326 audit(163.277:6081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9904 comm="syz.0.2295" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbcf5b9e8 code=0x7ffc0000 [ 150.442104][ T27] audit: type=1326 audit(163.277:6082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9904 comm="syz.0.2295" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=83 compat=0 ip=0xffffbcf5b9e8 code=0x7ffc0000 [ 150.446395][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 150.488790][ T9913] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.2296: bg 0: block 345: padding at end of block bitmap is not set [ 150.496345][ T9913] EXT4-fs (loop4): Remounting filesystem read-only [ 150.506748][ T9917] loop9: detected capacity change from 0 to 7 [ 150.512005][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.512799][ T9919] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2300'. [ 150.513903][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.518546][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.519984][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.521490][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.522978][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.525028][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.526518][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.527941][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.529524][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.533326][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.534832][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.538460][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.539858][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.541216][ T9917] ldm_validate_partition_table(): Disk read failed. [ 150.542432][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 150.543558][ C1] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.544805][ C1] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.547941][ C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 150.549460][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.554027][ C0] Buffer I/O error on dev loop9, logical block 0, async page read [ 150.555859][ T9917] Dev loop9: unable to read RDB block 0 [ 150.569238][ T9917] loop9: unable to read partition table [ 150.570291][ T9917] loop9: partition table beyond EOD, truncated [ 150.571162][ T9917] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¬§½dG¤´à–ƒÝ¡¯ â·û [ 150.571162][ T9917] ) failed (rc=-5) [ 150.675197][ T9932] can0: slcan on ptm0. [ 150.711614][ T9937] loop2: detected capacity change from 0 to 512 [ 150.729769][ T9942] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2311'. [ 150.741719][ T9937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 150.762688][ T9937] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2309: corrupted inode contents [ 150.770458][ T9937] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2309: mark_inode_dirty error [ 150.774910][ T9937] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2309: corrupted inode contents [ 150.793486][ T9932] can0 (unregistered): slcan off ptm0. [ 150.799091][ T9937] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2309: corrupted inode contents [ 150.802425][ T9937] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2309: mark_inode_dirty error [ 150.805202][ T9937] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2309: corrupted inode contents [ 150.811651][ T9950] loop1: detected capacity change from 0 to 1024 [ 150.814972][ T9937] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.2309: mark_inode_dirty error [ 150.816808][ T9937] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2309: corrupted inode contents [ 150.819564][ T9937] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2309: mark_inode_dirty error [ 150.839366][ T9950] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 150.847300][ T9950] EXT4-fs error (device loop1): ext4_map_blocks:745: inode #15: comm syz.1.2315: lblock 0 mapped to illegal pblock 0 (length 1) [ 150.855788][ T9950] EXT4-fs (loop1): Remounting filesystem read-only [ 150.858581][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 150.891678][ T9952] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.901069][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 150.979544][ T9952] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.027872][ T9952] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.046866][ T9952] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 151.219483][ T9985] netlink: 'syz.0.2330': attribute type 10 has an invalid length. [ 151.259299][ T9985] team0: Port device dummy0 added [ 151.267162][ T9985] netlink: 'syz.0.2330': attribute type 10 has an invalid length. [ 151.269395][ T9985] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 151.281715][ T9985] team0: Failed to send options change via netlink (err -105) [ 151.283300][ T9985] team0: Failed to send port change of device dummy0 via netlink (err -105) [ 151.288393][ T9985] team0: Port device dummy0 removed [ 151.399013][ T9995] netlink: 'syz.0.2335': attribute type 12 has an invalid length. [ 151.586666][T10009] tipc: Started in network mode [ 151.587482][T10009] tipc: Node identity ae01a506359f, cluster identity 4711 [ 151.588732][T10009] tipc: Enabled bearer , priority 0 [ 151.590205][T10009] device syzkaller0 entered promiscuous mode [ 151.594223][T10008] tipc: Resetting bearer [ 151.654132][T10008] tipc: Disabling bearer [ 151.681153][T10017] loop2: detected capacity change from 0 to 512 [ 151.960984][T10027] loop1: detected capacity change from 0 to 512 [ 151.969768][T10027] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 151.978445][T10027] EXT4-fs (loop1): 1 truncate cleaned up [ 151.979390][T10027] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 151.993208][ T1514] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 152.000526][ T4319] EXT4-fs (loop1): unmounting filesystem. [ 152.142943][ T1514] usb 1-1: device descriptor read/64, error -71 [ 152.413137][ T1514] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 152.562975][ T1514] usb 1-1: device descriptor read/64, error -71 [ 152.684365][ T1514] usb usb1-port1: attempt power cycle [ 152.700045][T10038] loop2: detected capacity change from 0 to 2048 [ 152.722288][T10050] netlink: 'wg1': attribute type 6 has an invalid length. [ 152.728792][T10038] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 153.093108][ T1514] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 153.137933][ T1514] usb 1-1: device descriptor read/8, error -71 [ 153.155771][T10058] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2361'. [ 153.157426][T10058] IPVS: Unknown mcast interface: ve [ 153.163784][T10058] loop1: detected capacity change from 0 to 128 [ 153.171088][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 153.178632][T10058] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 54) [ 153.180172][T10058] FAT-fs (loop1): Filesystem has been set read-only [ 153.200034][T10057] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 54) [ 153.230437][T10062] loop2: detected capacity change from 0 to 128 [ 153.232127][T10062] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 153.235588][T10062] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 153.264608][ T4405] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 153.359569][T10077] loop2: detected capacity change from 0 to 512 [ 153.374376][T10080] netlink: 'syz.1.2371': attribute type 12 has an invalid length. [ 153.377886][T10077] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 153.394474][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 153.403224][ T1514] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 153.433645][ T1514] usb 1-1: device descriptor read/8, error -71 [ 153.553531][ T1514] usb usb1-port1: unable to enumerate USB device [ 153.798533][ T9952] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.808225][ T9952] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.813670][ T9952] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.827147][ T9952] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.829946][T10122] netlink: 57 bytes leftover after parsing attributes in process `syz.4.2391'. [ 153.938280][T10136] loop3: detected capacity change from 0 to 512 [ 153.967444][T10136] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 154.175631][T10150] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.274196][T10150] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.328754][T10157] futex_wake_op: syz.2.2407 tries to shift op by -1; fix this program [ 154.330728][T10157] random: crng reseeded on system resumption [ 154.350201][T10157] Restarting kernel threads ... done. [ 154.388711][T10150] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.475308][T10150] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.580371][T10168] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw' [ 154.595587][T10150] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.612797][T10150] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.636500][T10150] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.651530][T10150] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 154.691884][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 154.796900][T10194] xt_hashlimit: size too large, truncated to 1048576 [ 154.819954][T10198] loop0: detected capacity change from 0 to 512 [ 155.101235][ T27] kauditd_printk_skb: 94 callbacks suppressed [ 155.101248][ T27] audit: type=1326 audit(168.087:6177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.123427][ T27] audit: type=1326 audit(168.107:6178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.127002][ T27] audit: type=1326 audit(168.107:6179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.133519][ T27] audit: type=1326 audit(168.107:6180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.146854][ T27] audit: type=1326 audit(168.107:6181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.158880][ T27] audit: type=1326 audit(168.107:6182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=32 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.170099][ T27] audit: type=1326 audit(168.107:6183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10220 comm="syz.1.2437" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 155.258203][T10214] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.646878][T10214] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.794279][T10214] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.954410][T10214] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.122810][T10214] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.138664][T10214] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.146495][T10214] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 156.150443][T10214] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.293037][ T4330] Bluetooth: hci3: command 0x0405 tx timeout [ 157.408569][T10277] loop2: detected capacity change from 0 to 512 [ 157.435962][T10272] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.475813][T10277] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 157.488493][T10277] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2458: corrupted inode contents [ 157.506150][T10277] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2458: mark_inode_dirty error [ 157.515668][T10277] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2458: corrupted inode contents [ 157.530390][T10277] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2458: corrupted inode contents [ 157.547303][T10272] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.553646][T10277] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2458: mark_inode_dirty error [ 157.555748][ T27] audit: type=1326 audit(170.547:6184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.1.2460" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 157.560435][ T27] audit: type=1326 audit(170.547:6185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.1.2460" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 157.568548][T10277] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2458: corrupted inode contents [ 157.573438][ T27] audit: type=1326 audit(170.567:6186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10283 comm="syz.1.2460" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 157.580107][T10277] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.2458: mark_inode_dirty error [ 157.606891][T10277] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #2: comm syz.2.2458: corrupted inode contents [ 157.613241][T10277] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #2: comm syz.2.2458: mark_inode_dirty error [ 157.647796][T10272] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.657983][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 157.724510][T10272] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 157.882845][T10272] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.888171][T10272] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.902067][T10272] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 157.912116][T10272] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 158.285112][T10304] netlink: 176 bytes leftover after parsing attributes in process `syz.1.2469'. [ 158.900039][T10327] netlink: 4 bytes leftover after parsing attributes in process `gtp'. [ 159.105494][T10334] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2485'. [ 159.561601][T10348] loop7: detected capacity change from 0 to 16384 [ 159.654242][T10353] loop3: detected capacity change from 0 to 512 [ 159.679661][T10353] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 159.684529][T10351] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2491'. [ 159.695390][T10350] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2491'. [ 159.760820][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 159.861685][T10366] loop3: detected capacity change from 0 to 2048 [ 159.907226][T10366] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 160.316055][T10373] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2497: bg 0: block 345: padding at end of block bitmap is not set [ 160.318783][T10373] EXT4-fs (loop3): Remounting filesystem read-only [ 160.388922][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 160.417780][ T27] kauditd_printk_skb: 28 callbacks suppressed [ 160.417793][ T27] audit: type=1326 audit(173.407:6215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.422068][ T27] audit: type=1326 audit(173.407:6216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.426095][ T27] audit: type=1326 audit(173.407:6217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.431494][ T27] audit: type=1326 audit(173.407:6218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.445502][ T27] audit: type=1326 audit(173.407:6219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.446578][T10388] loop3: detected capacity change from 0 to 764 [ 160.451686][ T27] audit: type=1326 audit(173.407:6220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=59 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.458552][ T27] audit: type=1326 audit(173.407:6221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz.4.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab95b9e8 code=0x7ffc0000 [ 160.534324][T10398] netlink: 'syz.3.2509': attribute type 10 has an invalid length. [ 160.561857][T10398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 160.602022][T10400] vhci_hcd: invalid port number 96 [ 160.602847][T10400] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 160.904263][T10398] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 160.906296][T10401] netlink: 'syz.3.2509': attribute type 10 has an invalid length. [ 160.907602][T10401] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2509'. [ 160.908994][T10401] device batadv0 entered promiscuous mode [ 160.913347][T10401] bond0: (slave batadv0): Releasing backup interface [ 160.959012][T10401] bridge0: port 3(batadv0) entered blocking state [ 160.960122][T10401] bridge0: port 3(batadv0) entered disabled state [ 161.089843][T10419] loop3: detected capacity change from 0 to 1024 [ 161.091940][T10421] loop4: detected capacity change from 0 to 164 [ 161.121276][T10419] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 161.131662][T10419] EXT4-fs error (device loop3): ext4_map_blocks:745: inode #15: comm syz.3.2518: lblock 0 mapped to illegal pblock 0 (length 1) [ 161.138395][T10419] EXT4-fs (loop3): Remounting filesystem read-only [ 161.164386][ T4320] EXT4-fs (loop3): unmounting filesystem. [ 161.398138][ T27] audit: type=1326 audit(174.387:6222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 161.402229][ T27] audit: type=1326 audit(174.387:6223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 161.406574][ T27] audit: type=1326 audit(174.397:6224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10447 comm="syz.2.2531" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9595b9e8 code=0x7ffc0000 [ 161.425479][ T4596] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 161.427088][ T4596] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 161.437828][T10452] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2532'. [ 161.576049][T10455] loop2: detected capacity change from 0 to 512 [ 161.576252][T10465] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.600325][T10455] EXT4-fs error (device loop2): ext4_orphan_get:1426: comm syz.2.2534: bad orphan inode 11862016 [ 161.603644][T10455] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 161.627893][T10465] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.661323][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 161.697525][T10465] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.755742][T10465] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.888267][T10465] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.899249][T10465] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.912532][T10465] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.918377][T10465] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.021509][T10501] loop2: detected capacity change from 0 to 1024 [ 162.069257][T10501] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 162.135704][T10501] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3836: comm syz.2.2554: Allocating blocks 497-513 which overlap fs metadata [ 162.175720][T10510] EXT4-fs (loop2): pa 0000000073b59663: logic 131104, phys. 177, len 21 [ 162.177208][T10510] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1 [ 162.257004][T10502] loop3: detected capacity change from 0 to 32768 [ 162.282430][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 162.314820][T10502] loop3: p1 p2 p3 < > p4 < p5 p6 > [ 162.315785][T10502] loop3: p1 start 460800 is beyond EOD, truncated [ 162.316719][T10502] loop3: p2 size 83886080 extends beyond EOD, truncated [ 162.325831][T10502] loop3: p5 start 460800 is beyond EOD, truncated [ 162.326862][T10502] loop3: p6 size 83886080 extends beyond EOD, truncated [ 162.470890][T10534] netlink: 'syz.3.2567': attribute type 10 has an invalid length. [ 162.500415][T10534] team0: Port device dummy0 added [ 162.505817][ T4366] kernel write not supported for file [eventfd] (pid: 4366 comm: kworker/0:3) [ 162.577676][T10542] netlink: 'syz.4.2569': attribute type 10 has an invalid length. [ 162.578880][T10542] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2569'. [ 162.580418][T10542] device batadv0 entered promiscuous mode [ 162.587316][T10542] bridge0: port 3(batadv0) entered blocking state [ 162.591814][T10542] bridge0: port 3(batadv0) entered disabled state [ 162.596962][T10542] bridge0: port 3(batadv0) entered blocking state [ 162.599014][T10542] bridge0: port 3(batadv0) entered forwarding state [ 162.622150][ T4459] udevd[4459]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 162.626071][ T5008] udevd[5008]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 162.627288][ T4941] udevd[4941]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory [ 162.646890][ T4942] udevd[4942]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 162.664393][T10550] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2572'. [ 162.670813][T10550] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2572'. [ 163.387784][ T1610] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 163.389242][ T1610] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 163.920760][T10588] loop4: detected capacity change from 0 to 1024 [ 163.922118][T10588] EXT4-fs: inline encryption not supported [ 163.936999][T10588] EXT4-fs: Ignoring removed i_version option [ 163.941895][T10588] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 164.011964][T10600] device bridge1 entered promiscuous mode [ 164.025974][T10588] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 164.082567][T10588] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3836: comm syz.4.2589: Allocating blocks 497-513 which overlap fs metadata [ 164.115562][T10588] EXT4-fs (loop4): pa 00000000ec9e60e8: logic 256, phys. 385, len 8 [ 164.116992][T10588] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 1 [ 164.240359][T10614] loop2: detected capacity change from 0 to 1024 [ 164.445943][T10614] ext4: Unknown parameter 'smackfsdef' [ 164.471686][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 164.484741][ T4942] blk_print_req_error: 10 callbacks suppressed [ 164.484755][ T4942] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 164.492272][T10611] loop2: detected capacity change from 0 to 512 [ 164.492359][ T4942] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 164.536289][T10611] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 164.537819][T10611] EXT4-fs (loop2): orphan cleanup on readonly fs [ 164.546043][T10611] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm syz.2.2596: corrupted inode contents [ 164.547962][T10611] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #16: comm syz.2.2596: mark_inode_dirty error [ 164.550121][T10611] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm syz.2.2596: corrupted inode contents [ 164.552205][T10611] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm syz.2.2596: mark_inode_dirty error [ 164.554658][T10611] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm syz.2.2596: corrupted inode contents [ 164.556673][T10611] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 164.558073][T10611] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm syz.2.2596: corrupted inode contents [ 164.559875][T10611] EXT4-fs error (device loop2): ext4_truncate:4318: inode #16: comm syz.2.2596: mark_inode_dirty error [ 164.561923][T10611] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 164.566331][T10611] EXT4-fs (loop2): 1 truncate cleaned up [ 164.568627][ T4475] EXT4-fs error (device loop2): ext4_release_dquot:6845: comm kworker/u4:9: Failed to release dquot type 1 [ 164.570672][T10611] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 164.598951][T10621] loop4: detected capacity change from 0 to 2048 [ 164.718132][T10635] __nla_validate_parse: 1 callbacks suppressed [ 164.718146][T10635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2607'. [ 164.791583][T10635] team0: Port device team_slave_1 removed [ 164.921587][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 164.929314][T10645] loop4: detected capacity change from 0 to 512 [ 164.982851][T10645] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 164.987159][T10651] loop2: detected capacity change from 0 to 1024 [ 164.998734][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 165.008191][T10651] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 165.046892][T10659] tipc: Started in network mode [ 165.050108][T10659] tipc: Node identity , cluster identity 4711 [ 165.051036][T10659] tipc: Failed to obtain node identity [ 165.071127][T10659] tipc: Enabling of bearer rejected, failed to enable media [ 165.138346][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 165.165554][T10665] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2619'. [ 165.173999][T10669] loop2: detected capacity change from 0 to 2048 [ 165.204442][T10669] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 165.224127][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 165.304398][T10682] xt_TPROXY: Can be used only with -p tcp or -p udp [ 165.597649][T10700] loop0: detected capacity change from 0 to 1024 [ 165.600613][T10700] EXT4-fs: Ignoring removed bh option [ 165.607013][T10700] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 165.626307][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.631429][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.634324][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.637844][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.639111][ T4323] EXT4-fs error (device loop0): empty_inline_dir:1885: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 165.645777][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.646955][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.649993][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.653595][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.654616][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.658029][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.659298][ T4323] EXT4-fs error (device loop0): empty_inline_dir:1885: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 165.662671][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.664332][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.666712][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.670231][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.671219][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.675522][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.676644][ T4323] EXT4-fs error (device loop0): empty_inline_dir:1885: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is too small for name_len - offset=20, inode=14, rec_len=40, size=60 fake=0 [ 165.679700][ T4323] EXT4-fs (loop0): Remounting filesystem read-only [ 165.680898][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.683713][ T4323] EXT4-fs error (device loop0): ext4_read_inline_dir:1601: inode #12: block 7: comm syz-executor: path /441/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0 [ 165.687779][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.690830][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.694167][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.697160][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.700325][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.703291][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 165.706394][ T4323] EXT4-fs warning (device loop0): empty_inline_dir:1892: bad inline directory (dir #12) - inode 14, rec_len 40, name_len 255inline size 60 [ 166.215498][T10706] loop2: detected capacity change from 0 to 512 [ 166.219663][T10706] EXT4-fs: Ignoring removed orlov option [ 166.245587][T10706] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 166.250511][T10706] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002] [ 166.261936][T10706] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2196: inode #15: comm syz.2.2636: corrupted in-inode xattr [ 166.264387][T10706] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2636: couldn't read orphan inode 15 (err -117) [ 166.266400][T10706] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 166.455721][ T27] kauditd_printk_skb: 181 callbacks suppressed [ 166.455735][ T27] audit: type=1326 audit(179.447:6405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10718 comm="syz.1.2642" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 166.459837][ T27] audit: type=1326 audit(179.447:6406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10718 comm="syz.1.2642" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=96 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 166.464891][ T27] audit: type=1326 audit(179.447:6407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10718 comm="syz.1.2642" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 166.472742][ T27] audit: type=1326 audit(179.447:6408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10718 comm="syz.1.2642" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 166.501246][ T4330] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 166.504300][ T4330] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 166.506530][ T4330] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 166.508115][ T4330] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 166.509853][ T4330] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 166.511141][ T4330] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 166.645657][T10724] chnl_net:caif_netlink_parms(): no params data found [ 166.672264][T10724] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.675986][T10724] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.677629][T10724] device bridge_slave_0 entered promiscuous mode [ 166.679949][T10724] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.681065][T10724] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.682578][T10724] device bridge_slave_1 entered promiscuous mode [ 166.696401][T10724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 166.699400][T10724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 166.711416][T10724] team0: Port device team_slave_0 added [ 166.717656][T10724] team0: Port device team_slave_1 added [ 166.733656][T10724] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 166.734744][T10724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.738529][T10724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 166.740766][T10724] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 166.741764][T10724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 166.745507][T10724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 166.804134][T10724] device hsr_slave_0 entered promiscuous mode [ 166.843165][T10724] device hsr_slave_1 entered promiscuous mode [ 166.883000][T10724] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 166.885312][T10724] Cannot create hsr debugfs directory [ 167.077156][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 167.168343][T10724] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 167.208771][T10724] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 167.255783][T10724] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 167.554575][T10724] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 167.669348][ T4596] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.716068][T10724] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.719877][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 167.721499][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 167.730905][T10782] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2661'. [ 167.734947][T10724] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.775502][ T4596] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.783918][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 167.785460][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 167.786965][ T4475] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.788047][ T4475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.789373][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 167.790833][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 167.792289][ T4475] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.793514][ T4475] bridge0: port 2(bridge_slave_1) entered forwarding state [ 167.795571][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 167.797181][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 167.798803][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 167.801045][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 167.806621][T10724] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 167.808203][T10724] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 167.816266][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 167.816464][T10792] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2665'. [ 167.817776][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 167.826244][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 167.835098][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 167.836660][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 167.838074][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 167.845363][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 167.847124][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 167.914195][ T4596] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.917092][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 167.918698][T10796] netlink: 172 bytes leftover after parsing attributes in process `syz.4.2666'. [ 167.996527][ T4596] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.999350][T10806] IPv6: Can't replace route, no match found [ 168.008828][T10724] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 168.010824][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 168.012109][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 168.013933][T10808] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2671'. [ 168.017330][T10808] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.018815][T10808] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.020150][T10808] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.021533][T10808] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.039092][T10808] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.039139][T10808] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.039151][T10808] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.039163][T10808] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.114974][T10810] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2672'. [ 168.148489][T10818] loop2: detected capacity change from 0 to 512 [ 168.154407][T10808] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2671'. [ 168.157710][T10808] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.158983][T10808] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.160203][T10808] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.161403][T10808] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 168.174132][T10808] netdevsim netdevsim1 eth0: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.175668][T10808] netdevsim netdevsim1 eth1: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.176920][T10808] netdevsim netdevsim1 eth2: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.178130][T10808] netdevsim netdevsim1 eth3: unset [0, 0] type 1 family 0 port 8472 - 0 [ 168.251595][T10823] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms) [ 168.297770][T10829] loop4: detected capacity change from 0 to 2048 [ 168.331229][T10724] device veth0_vlan entered promiscuous mode [ 168.335979][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 168.337628][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 168.339255][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 168.340753][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 168.343329][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 168.344662][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 168.356505][T10724] device veth1_vlan entered promiscuous mode [ 168.393316][T10829] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 168.404588][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 168.405965][ T27] audit: type=1326 audit(181.397:6409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.409536][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 168.410879][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 168.415376][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 168.416543][ T27] audit: type=1326 audit(181.407:6410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.419627][ T27] audit: type=1326 audit(181.407:6411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.429881][T10724] device veth0_macvtap entered promiscuous mode [ 168.432248][T10724] device veth1_macvtap entered promiscuous mode [ 168.433629][ T27] audit: type=1326 audit(181.417:6412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.436976][ T27] audit: type=1326 audit(181.417:6413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.440156][ T27] audit: type=1326 audit(181.417:6414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10842 comm="syz.1.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa555b9e8 code=0x7ffc0000 [ 168.462604][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.470097][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.471665][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.494519][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.495983][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.497471][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.498868][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 168.500438][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.531611][T10724] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.533165][T10845] IPv6: Can't replace route, no match found [ 168.534647][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 168.536076][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 168.537432][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 168.539011][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 168.554238][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.555871][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.557160][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.558677][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.560172][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.574031][ T4324] Bluetooth: hci3: command 0x0409 tx timeout [ 168.590421][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.591973][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.597864][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.599568][T10724] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 168.601618][T10724] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 168.627061][T10724] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 168.629357][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 168.631624][ T4475] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 168.649145][T10832] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2679'. [ 168.657403][T10724] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.658690][T10724] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.659944][T10724] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.661198][T10724] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.673828][ T4475] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters [ 168.676620][ T4475] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 168.678535][ T4475] EXT4-fs (loop4): This should not happen!! Data will be lost [ 168.678535][ T4475] [ 168.679911][ T4475] EXT4-fs (loop4): Total free blocks count 0 [ 168.680805][ T4475] EXT4-fs (loop4): Free/Dirty block details [ 168.681737][ T4475] EXT4-fs (loop4): free_blocks=2415919504 [ 168.687211][ T4475] EXT4-fs (loop4): dirty_blocks=2272 [ 168.688047][ T4475] EXT4-fs (loop4): Block reservation details [ 168.692446][ T4475] EXT4-fs (loop4): i_reserved_data_blocks=142 [ 168.732520][ T4475] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 216 with error 28 [ 168.779445][T10864] loop2: detected capacity change from 0 to 512 [ 168.781224][T10864] EXT4-fs: Ignoring removed nobh option [ 168.819875][T10866] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2684'. [ 168.829533][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #3: comm +}[@: corrupted inode contents [ 168.832779][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.837631][T10864] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #3: comm +}[@: mark_inode_dirty error [ 168.842612][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.856074][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #3: comm +}[@: corrupted inode contents [ 168.858988][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.860394][T10864] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #3: comm +}[@: mark_inode_dirty error [ 168.862258][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.867436][T10864] EXT4-fs error (device loop2): ext4_acquire_dquot:6809: comm +}[@: Failed to acquire dquot type 0 [ 168.869158][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.870549][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm +}[@: corrupted inode contents [ 168.872735][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.875563][T10864] EXT4-fs error (device loop2): ext4_dirty_inode:6133: inode #16: comm +}[@: mark_inode_dirty error [ 168.882658][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.884183][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm +}[@: corrupted inode contents [ 168.886197][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.887392][T10864] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #16: comm +}[@: mark_inode_dirty error [ 168.889165][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.890335][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm +}[@: corrupted inode contents [ 168.892237][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.896662][T10864] EXT4-fs error (device loop2) in ext4_orphan_del:301: Corrupt filesystem [ 168.898151][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.899214][T10864] EXT4-fs error (device loop2): ext4_do_update_inode:5268: inode #16: comm +}[@: corrupted inode contents [ 168.901069][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.901991][T10864] EXT4-fs error (device loop2): ext4_truncate:4318: inode #16: comm +}[@: mark_inode_dirty error [ 168.904916][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.905818][T10864] EXT4-fs error (device loop2) in ext4_process_orphan:343: Corrupt filesystem [ 168.907234][T10864] EXT4-fs (loop2): Remounting filesystem read-only [ 168.908818][T10864] EXT4-fs (loop2): 1 truncate cleaned up [ 168.909690][T10864] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 169.135853][T10876] loop4: detected capacity change from 0 to 512 [ 169.927734][T10876] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 169.958694][T10875] EXT4-fs (loop4): shut down requested (0) [ 170.084934][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 170.140917][T10882] loop2: detected capacity change from 0 to 512 [ 170.156062][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.157540][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.197355][ T4332] EXT4-fs (loop4): unmounting filesystem. [ 170.209475][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 170.218174][T10882] [ 170.218591][T10882] ====================================================== [ 170.219654][T10882] WARNING: possible circular locking dependency detected [ 170.220640][T10882] syzkaller #0 Not tainted [ 170.221368][T10882] ------------------------------------------------------ [ 170.222414][T10882] syz.2.2688/10882 is trying to acquire lock: [ 170.223341][T10882] ffff0000d925cb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x188/0x284c [ 170.224913][T10882] [ 170.224913][T10882] but task is already holding lock: [ 170.225972][T10882] ffff0000f6a400c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 170.227393][T10882] [ 170.227393][T10882] which lock already depends on the new lock. [ 170.227393][T10882] [ 170.228916][T10882] [ 170.228916][T10882] the existing dependency chain (in reverse order) is: [ 170.230395][T10882] [ 170.230395][T10882] -> #1 (&ei->xattr_sem){++++}-{3:3}: [ 170.231588][T10882] down_read+0x64/0x304 [ 170.232299][T10882] ext4_xattr_get+0xec/0x544 [ 170.233064][T10882] ext4_get_acl+0x94/0x5f0 [ 170.233834][T10882] get_acl+0x160/0x33c [ 170.234495][T10882] posix_acl_create+0x104/0x3d0 [ 170.235218][T10882] ext4_init_acl+0xac/0x340 [ 170.235941][T10882] __ext4_new_inode+0x27b8/0x3340 [ 170.236729][T10882] ext4_ext_migrate+0x498/0xbfc [ 170.237576][T10882] ext4_ioctl+0x1a38/0x4198 [ 170.238364][T10882] __arm64_sys_ioctl+0x14c/0x1c8 [ 170.239122][T10882] invoke_syscall+0x98/0x2bc [ 170.239856][T10882] el0_svc_common+0x138/0x258 [ 170.240669][T10882] do_el0_svc+0x58/0x13c [ 170.241286][T10882] el0_svc+0x58/0x138 [ 170.241966][T10882] el0t_64_sync_handler+0x84/0xf0 [ 170.242705][T10882] el0t_64_sync+0x18c/0x190 [ 170.243419][T10882] [ 170.243419][T10882] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}: [ 170.244687][T10882] __lock_acquire+0x293c/0x6544 [ 170.245468][T10882] lock_acquire+0x20c/0x644 [ 170.246194][T10882] percpu_down_read+0x70/0x2a8 [ 170.246949][T10882] ext4_writepages+0x188/0x284c [ 170.247776][T10882] do_writepages+0x2c0/0x4fc [ 170.248532][T10882] __writeback_single_inode+0x164/0x157c [ 170.249377][T10882] writeback_single_inode+0x1c0/0x720 [ 170.250224][T10882] write_inode_now+0x144/0x1b0 [ 170.250930][T10882] iput+0x5cc/0x7f4 [ 170.251619][T10882] ext4_xattr_block_set+0x17a4/0x2810 [ 170.252517][T10882] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 170.253524][T10882] __ext4_expand_extra_isize+0x298/0x358 [ 170.254427][T10882] __ext4_mark_inode_dirty+0x3e4/0x790 [ 170.255352][T10882] ext4_evict_inode+0xb58/0x1270 [ 170.256206][T10882] evict+0x3c8/0x810 [ 170.256833][T10882] iput+0x764/0x7f4 [ 170.257511][T10882] ext4_process_orphan+0x240/0x2b4 [ 170.258361][T10882] ext4_orphan_cleanup+0x908/0x104c [ 170.259200][T10882] ext4_fill_super+0x6440/0x68a8 [ 170.259908][T10882] get_tree_bdev+0x358/0x544 [ 170.260666][T10882] ext4_get_tree+0x28/0x38 [ 170.261401][T10882] vfs_get_tree+0x90/0x274 [ 170.262135][T10882] do_new_mount+0x228/0x810 [ 170.262842][T10882] path_mount+0x5b4/0xe78 [ 170.263559][T10882] __arm64_sys_mount+0x49c/0x584 [ 170.264312][T10882] invoke_syscall+0x98/0x2bc [ 170.265032][T10882] el0_svc_common+0x138/0x258 [ 170.265695][T10882] do_el0_svc+0x58/0x13c [ 170.266355][T10882] el0_svc+0x58/0x138 [ 170.266983][T10882] el0t_64_sync_handler+0x84/0xf0 [ 170.267807][T10882] el0t_64_sync+0x18c/0x190 [ 170.268492][T10882] [ 170.268492][T10882] other info that might help us debug this: [ 170.268492][T10882] [ 170.270107][T10882] Possible unsafe locking scenario: [ 170.270107][T10882] [ 170.271172][T10882] CPU0 CPU1 [ 170.271969][T10882] ---- ---- [ 170.272804][T10882] lock(&ei->xattr_sem); [ 170.273424][T10882] lock(&sbi->s_writepages_rwsem); [ 170.274436][T10882] lock(&ei->xattr_sem); [ 170.275448][T10882] lock(&sbi->s_writepages_rwsem); [ 170.276191][T10882] [ 170.276191][T10882] *** DEADLOCK *** [ 170.276191][T10882] [ 170.277372][T10882] 3 locks held by syz.2.2688/10882: [ 170.278177][T10882] #0: ffff0000d925a0e0 (&type->s_umount_key#26/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804 [ 170.279669][T10882] #1: ffff0000d925a650 (sb_internal){++++}-{0:0}, at: ext4_evict_inode+0x3dc/0x1270 [ 170.281179][T10882] #2: ffff0000f6a400c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x37c/0x790 [ 170.282667][T10882] [ 170.282667][T10882] stack backtrace: [ 170.283484][T10882] CPU: 0 PID: 10882 Comm: syz.2.2688 Not tainted syzkaller #0 [ 170.284581][T10882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 170.286071][T10882] Call trace: [ 170.286545][T10882] dump_backtrace+0x1c8/0x1f4 [ 170.287269][T10882] show_stack+0x2c/0x3c [ 170.287867][T10882] __dump_stack+0x30/0x40 [ 170.288496][T10882] dump_stack_lvl+0xf8/0x160 [ 170.289152][T10882] dump_stack+0x1c/0x5c [ 170.289792][T10882] print_circular_bug+0x148/0x1b0 [ 170.290575][T10882] check_noncircular+0x240/0x2d4 [ 170.291289][T10882] __lock_acquire+0x293c/0x6544 [ 170.292030][T10882] lock_acquire+0x20c/0x644 [ 170.292678][T10882] percpu_down_read+0x70/0x2a8 [ 170.293375][T10882] ext4_writepages+0x188/0x284c [ 170.294053][T10882] do_writepages+0x2c0/0x4fc [ 170.294683][T10882] __writeback_single_inode+0x164/0x157c [ 170.295433][T10882] writeback_single_inode+0x1c0/0x720 [ 170.296190][T10882] write_inode_now+0x144/0x1b0 [ 170.296888][T10882] iput+0x5cc/0x7f4 [ 170.297414][T10882] ext4_xattr_block_set+0x17a4/0x2810 [ 170.298183][T10882] ext4_expand_extra_isize_ea+0xcb8/0x15cc [ 170.299006][T10882] __ext4_expand_extra_isize+0x298/0x358 [ 170.299861][T10882] __ext4_mark_inode_dirty+0x3e4/0x790 [ 170.300610][T10882] ext4_evict_inode+0xb58/0x1270 [ 170.301290][T10882] evict+0x3c8/0x810 [ 170.301913][T10882] iput+0x764/0x7f4 [ 170.302429][T10882] ext4_process_orphan+0x240/0x2b4 [ 170.303132][T10882] ext4_orphan_cleanup+0x908/0x104c [ 170.303849][T10882] ext4_fill_super+0x6440/0x68a8 [ 170.304579][T10882] get_tree_bdev+0x358/0x544 [ 170.305187][T10882] ext4_get_tree+0x28/0x38 [ 170.305886][T10882] vfs_get_tree+0x90/0x274 [ 170.306502][T10882] do_new_mount+0x228/0x810 [ 170.307170][T10882] path_mount+0x5b4/0xe78 [ 170.307888][T10882] __arm64_sys_mount+0x49c/0x584 [ 170.308630][T10882] invoke_syscall+0x98/0x2bc [ 170.309286][T10882] el0_svc_common+0x138/0x258 [ 170.309954][T10882] do_el0_svc+0x58/0x13c [ 170.310569][T10882] el0_svc+0x58/0x138 [ 170.311170][T10882] el0t_64_sync_handler+0x84/0xf0 [ 170.311916][T10882] el0t_64_sync+0x18c/0x190 [ 170.312585][ C0] vkms_vblank_simulate: vblank timer overrun [ 170.342643][T10882] ------------[ cut here ]------------ [ 170.343560][T10882] EA inode 11 i_nlink=2 [ 170.343690][T10882] WARNING: CPU: 0 PID: 10882 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x42c/0x470 [ 170.345976][T10882] Modules linked in: [ 170.346552][T10882] CPU: 0 PID: 10882 Comm: syz.2.2688 Not tainted syzkaller #0 [ 170.347602][T10882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025 [ 170.349025][T10882] pstate: 62400005 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 170.350142][T10882] pc : ext4_xattr_inode_update_ref+0x42c/0x470 [ 170.351075][T10882] lr : ext4_xattr_inode_update_ref+0x42c/0x470 [ 170.351946][T10882] sp : ffff800021526e00 [ 170.352539][T10882] x29: ffff800021526ea0 x28: 0000000000000000 x27: dfff800000000000 [ 170.353691][T10882] x26: 1fffe0001c451a9d x25: ffff7000042a4dc4 x24: 0000000000000000 [ 170.354881][T10882] x23: ffff800017a8a000 x22: ffff0000e228d330 x21: 0000000000000002 [ 170.356139][T10882] x20: 0000000000000001 x19: ffff0000e228d2f0 x18: ffff800011abbcc0 [ 170.357298][T10882] x17: 1fffe00033ed797e x16: ffff800008042d90 x15: ffff8000150bd000 [ 170.358511][T10882] x14: 0000000000000100 x13: 0000000000000130 x12: 0000000000000001 [ 170.359695][T10882] x11: 1fffe000195ede50 x10: 0000000000000000 x9 : 4a1c93acc17c7200 [ 170.360901][T10882] x8 : 4a1c93acc17c7200 x7 : 0000000000000004 x6 : ffff800008251e80 [ 170.362036][T10882] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800008240ddc [ 170.363366][T10882] x2 : 0000000000000001 x1 : 0000000000000004 x0 : 0000000000000001 [ 170.364733][T10882] Call trace: [ 170.365230][T10882] ext4_xattr_inode_update_ref+0x42c/0x470 [ 170.366136][T10882] ext4_xattr_set_entry+0x918/0x15ac [ 170.367054][T10882] ext4_xattr_ibody_set+0x204/0x600 [ 170.367833][T10882] ext4_expand_extra_isize_ea+0xd00/0x15cc [ 170.368723][T10882] __ext4_expand_extra_isize+0x298/0x358 [ 170.369584][T10882] __ext4_mark_inode_dirty+0x3e4/0x790 [ 170.370406][T10882] ext4_evict_inode+0xb58/0x1270 [ 170.371157][T10882] evict+0x3c8/0x810 [ 170.371745][T10882] iput+0x764/0x7f4 [ 170.372290][T10882] ext4_process_orphan+0x240/0x2b4 [ 170.373045][T10882] ext4_orphan_cleanup+0x908/0x104c [ 170.373859][T10882] ext4_fill_super+0x6440/0x68a8 [ 170.374574][T10882] get_tree_bdev+0x358/0x544 [ 170.375306][T10882] ext4_get_tree+0x28/0x38 [ 170.375897][T10882] vfs_get_tree+0x90/0x274 [ 170.376568][T10882] do_new_mount+0x228/0x810 [ 170.377264][T10882] path_mount+0x5b4/0xe78 [ 170.377961][T10882] __arm64_sys_mount+0x49c/0x584 [ 170.378772][T10882] invoke_syscall+0x98/0x2bc [ 170.379466][T10882] el0_svc_common+0x138/0x258 [ 170.380145][T10882] do_el0_svc+0x58/0x13c [ 170.380785][T10882] el0_svc+0x58/0x138 [ 170.381460][T10882] el0t_64_sync_handler+0x84/0xf0 [ 170.382189][T10882] el0t_64_sync+0x18c/0x190 [ 170.382865][T10882] irq event stamp: 3081 [ 170.383432][T10882] hardirqs last enabled at (3081): [] _raw_spin_unlock_irqrestore+0x48/0xac [ 170.384897][T10882] hardirqs last disabled at (3080): [] _raw_spin_lock_irqsave+0xa4/0xb4 [ 170.386216][T10882] softirqs last enabled at (2158): [] local_bh_enable+0x10/0x34 [ 170.387536][T10882] softirqs last disabled at (2156): [] local_bh_disable+0x10/0x34 [ 170.388935][T10882] ---[ end trace 0000000000000000 ]--- [ 170.389769][ C0] vkms_vblank_simulate: vblank timer overrun [ 170.395502][T10724] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 170.401979][T10882] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #18: comm syz.2.2688: iget: bad extra_isize 90 (inode size 256) [ 170.404882][ T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 170.405985][ T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 170.407743][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 170.409722][T10882] EXT4-fs (loop2): Remounting filesystem read-only [ 170.410849][T10882] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2688: error while reading EA inode 18 err=-117 [ 170.412845][T10882] EXT4-fs (loop2): Remounting filesystem read-only [ 170.413983][T10882] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #18: comm syz.2.2688: iget: bad extra_isize 90 (inode size 256) [ 170.423998][T10882] EXT4-fs (loop2): Remounting filesystem read-only [ 170.425116][T10882] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2688: error while reading EA inode 18 err=-117 [ 170.427488][T10882] EXT4-fs (loop2): Remounting filesystem read-only [ 170.428502][T10882] EXT4-fs (loop2): 1 orphan inode deleted [ 170.429301][T10882] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 170.459248][ T4325] EXT4-fs (loop2): unmounting filesystem. [ 170.652973][ T4324] Bluetooth: hci3: command 0x041b tx timeout [ 171.394839][ T4596] device hsr_slave_0 left promiscuous mode [ 171.443461][ T4596] device hsr_slave_1 left promiscuous mode [ 171.532951][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.534393][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.535812][ T4596] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.536995][ T4596] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.538325][ T4596] device bridge_slave_1 left promiscuous mode [ 171.539294][ T4596] bridge0: port 2(bridge_slave_1) entered disabled state [ 171.573308][ T4596] device bridge_slave_0 left promiscuous mode [ 171.574287][ T4596] bridge0: port 1(bridge_slave_0) entered disabled state [ 171.743011][ T4596] device veth1_macvtap left promiscuous mode [ 171.744049][ T4596] device veth0_macvtap left promiscuous mode [ 171.745016][ T4596] device veth1_vlan left promiscuous mode [ 171.745961][ T4596] device veth0_vlan left promiscuous mode [ 172.742932][ T4324] Bluetooth: hci3: command 0x040f tx timeout [ 173.513469][ T4596] team0 (unregistering): Port device team_slave_1 removed [ 173.683984][ T4596] team0 (unregistering): Port device team_slave_0 removed [ 173.843242][ T4596] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.043225][ T4596] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.812920][ T4330] Bluetooth: hci3: command 0x0419 tx timeout [ 176.424427][ T4596] bond0 (unregistering): Released all slaves