last executing test programs: 22.157843242s ago: executing program 0 (id=879): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x7c8e57edab868d16, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x18) r1 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x2f, 0x0, 0x0, 0xfffffffd, 0x1, @mcast1, @mcast2, 0x8000, 0x0, 0x2000002}}) r2 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', 0x0}) 22.054307794s ago: executing program 1 (id=881): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) exit(0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000003e000701fcfffffff6dbdf25017c0000080003804e2d"], 0x1c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000) 21.637889192s ago: executing program 0 (id=882): bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02) 21.593017312s ago: executing program 0 (id=884): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, r0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r6, r8, 0x25, 0x4}, 0x14) close_range(r5, 0xffffffffffffffff, 0x0) 19.357838776s ago: executing program 1 (id=889): bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x11ff, &(0x7f0000001280)="$eJzs3E+LHEUYB+B315iNG/ePGqMJiIVe9NJk9+BFL4tsQDKgJFkhEYSO26vDtDPD9LAwIkZPXv0cIojgTRBvetmL30DwthePEcSWndEko5PDSEiH5Xku80LVb6jqphuq6erD1774sLNXZXv5MBYXFmKxH5FupUixGP/4NF5+9cefnrty7fqlrVZr+3JKF7eubrySUlp9/vt3Pv7qhR+Gp9/+dvW7pThYf/fwt81fD84enDv88+oH7Sq1q9TtDVOebvR6w/xGWaTddtXJUnqrLPKqSO1uVQym2vfKXr8/Snl3d2W5PyiqKuXdUeoUozTspeFglPL383Y3ZVmWVpaD+Z24Xe18eauu64i6fjRORl3X9WOxHKfj8ViJ1ViL9Xginoyn4kw8HWfjmXg2vvnl69FRAgAAAAAAAAAAAAAAAAAAALh/5t3/f27cq+lRAwAAAAAAAAAAAAAAAAAAwPFy5dr1S1ut1vbllE5FlJ/v7+zvTH4n7Vt70Y4yirgQa/FHjHf/T0zqi2+0ti+ksfX4rLz5d/7m/s4j0/mN8ecEZuY3Jvk0nV+K5bvzm7EWZ2bnN2fmT8VLL96Vz2Itfn4velHGbhxl7+Q/2Ujp9Tdb/8qfH/cDAACA4yBLt81cv2fZvdon+TmeD0ytr4+y5080OnUiohp91MnLshgoHvriZLPD+L2u6+YPQkPFva+UpYj43/+8EBEPxwT/UzR9Z+JBuHPSmx4JAAAAAAAAAAAA83gQrxM2PUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YgeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHwVAAD//+pd0x0=") bpf$ENABLE_STATS(0x20, 0x0, 0x0) truncate(&(0x7f0000000040)='./file2\x00', 0x8000c00) 18.852388456s ago: executing program 1 (id=893): prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98<\xc8\x18E/\x8c\x1a\xe3\xbd') bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x1900000000000000, 0x0, 0x50) bpf$PROG_LOAD(0x5, 0x0, 0x0) ioperm(0x4, 0x9, 0x7343bbec) 18.647734769s ago: executing program 1 (id=896): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180), 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) ustat(0x1, &(0x7f0000000480)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = openat$binfmt_format(0xffffff9c, 0x0, 0x2, 0x0) r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcc2) close(r6) close_range(r5, 0xffffffffffffffff, 0x0) close(r4) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140)) 17.563459651s ago: executing program 1 (id=899): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, 0x0) r2 = accept(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff) sendmsg$SEG6_CMD_GET_TUNSRC(r2, 0x0, 0x11) execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2) syz_open_dev$evdev(0x0, 0x19c5498e, 0x103902) r3 = socket$inet6(0xa, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) setsockopt$inet6_int(r3, 0x29, 0x3c, &(0x7f0000311ffc)=0x9, 0x4) setsockopt$inet6_buf(r3, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4) sendto$inet6(r3, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ec3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dfff01a9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea093680ffffff802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e2cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97107339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd500"/1453, 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x3, @mcast2}, 0x1c) sendto$inet6(r3, &(0x7f0000001380)="f26f01dee642b0491c8f905a4e6910b785d5a4ad508bf8ba13307092fb923bebcc12f52d8f084291e519cd1ee4e39ac22206da3e6dbc3d59b54db781f51fa7e4f31329f930b6f90d648c576822df0f95e2c1b9d225c7d79e24850ae3410257ca5cf9c56d59196e2e8c4b62009fb425683284e163747b28f01790afe36f206b4d2dd95006dba1a466f7b2ea72bd147fd9b01c6a73d63514dcf86ea5a1fd7cc9ab0fdce4d6529369b6ef20daa08f66cd52d46f824ae8d1f3bd4a4effed8fb291c6737d67221677551aa531e2eda3b6b84a7c7af18e964b6dcd7d39b1246d6a575913d48b18b03de48e0b2ae6a455461328b979dd2051eacd6963f30fb1bc9575f5a5e7d6e9f8c4131130ab1702139ce0167fa4e232562ca02b6550e4451d41d0fb563b67a83448466155c03170d9b5746bd0d2d6c349b3f28dc266a5d08fc9d7fd816e3c6422edc059ea902f4029b4b3c2f117dfe5c2daf5e8357b1003ca9d85b589174bb49d8a8b1b06ff8cc17eb0d41be3e7bcd9d660d5953b1c00ad963f185e9ec1b9de53a17590680fdff44d946092d1ac857baf24bc00b291fc9b00cb35dae98eff33476c0d1578f060aa995400f183927f6185341ae220b3f1b1ac3c1a6c307355dd11f96ca67b879ae7fd62af75005fb7ba5080c30987c99bbdb18170e398a1c071f6728043342d8c41454abb1d7d8e223236c3709382dca89f8b5bb01672bb594bc09de72934fc392df68fd23d927bac15dda81b03f7b78cdcf82ec5ec4c2c5bd68508fb3026019027424486bdb1d5fb150ac9fb3970fbe3c6612fcb15b531eda9561c608cae4dfb754d45af6bc4dd1bde0b04bf03d0e8c7117930bfa532f3f6c52773231178c6d65e6ddb550a8a2dc49c4096459e4b77918853ba9ba12dd8154ce119f2bbae093ae59131013b657900279a91fb2bde2090d513f47953a5faa6b531a931208c0afa1e7a1061189ca26025fb1f0b329b82d3a1adf01f5deb49ffd97bf363a72d83b39065d1a44cf112d6c95939e983372b6b090768b0dd4e5065935bf5e7bbbb723b59d1315b21ff031496a70a4e79b1d9ce89be0ff6cbfa616474c6a07960b35c7d370559ae8486f405411db45a317834eac8e0875545baf99ec38c33c3c034d9a42f93b07942673dbaf222f2d5796ad826fd92999e99913dedac52ee57066456a0380d7558848e92523f942485c47fbeffb70ac33a55529bc613a31f15f0afe7ebdbad5a473f4914254df2c89e89615c0cf49f3dd7ab46f2d5f8e487f79a5e7de76b3dc7256b73049b5effd4a6b42253dacaaf682f83a9a1de23145beae5bb0e61ba89c6b66a6b85e069902791669c9c0dc4bc00c6ea2fe757feb0863a123127435252820b0245a722d53a51889ec32e314ad07e30430eabf0296bceca5292161fb89e68fa818ad4cc15b717f59a4cb80d3c24070c44afff375c03b520c669118468debf007a5d7ac3eaa9e0829a13a40e297320c6dff7dbd2173b895bd6b9121be72b90fc56a471b4ef43503c4a8ad09656b1039311e327afb064a33509a6f61a6c484db71b28b46f246fc382dae30cf52b94bd8cca40e8de13dc7b4dbac1b9ebf547dd00cdd1ffb0a3bcbe220ca73bc4e3097346936ba5ebab55edf9c58bf2844e3826fb89814207e0c2e0c167964244499a09dddb9d60adf27a606055021dc9270f5fd4f460c580e927d35ebace821fdaea496ce85e624a07dcb3390a2d72fb7ba0110a5117f3839794f5258689c2b0960cee2339da5af304ef2c0d37a8fe14c27bd2b995bd0fd28bba66f9a97223ec33ad18bca07c308afebee83882a446d7874d851fa8e61025337c0fe7bb483cb33258fd1cecc35c533fdd0c87b01dc63574fb186db8f1cda52b50240d9202241c234fdb6d4ba70a050fe52b0bf7bdc62967870c249315f8bd57bbb21ce6e37580d87b3f18b17d8c2935c4e82335366044fb85434212bf4629fbc737adc6efab82", 0x57b, 0x1, &(0x7f0000000400)={0xa, 0x4e23, 0xb, @remote, 0x5}, 0x1c) 16.457737962s ago: executing program 1 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) move_pages(0x0, 0x1ffffffffffffc17, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 9.468439057s ago: executing program 0 (id=929): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18) r2 = socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000040)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x2, [], 0x0, [0x4, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x0, 0x0, 0x2, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000) 8.677448942s ago: executing program 0 (id=935): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40004}, 0x40000) syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000011c0)={&(0x7f0000001080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x6c, 0x6c, 0x3, [@union={0x2, 0x7, 0x0, 0x5, 0x0, 0x7, [{0x2, 0x0, 0x3}, {0x0, 0x2}, {0xd, 0x5, 0x5d2}, {0x1, 0x4, 0x1}, {0x10, 0x5, 0x71}, {0xe, 0x1, 0x7}, {0x9, 0x5, 0x8}]}, @ptr={0xf, 0x0, 0x0, 0x2, 0x5}]}, {0x0, [0x2e]}}, &(0x7f0000001140)=""/122, 0x87, 0x7a, 0x0, 0x5, 0x10000}, 0x28) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000240), 0x9, 0x61a, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgXI6I7X/4fg9FV8dccjA9fbWtwQFMVkyi3UUDHSdbP/+7aTX3NCQZooXI/oPzefrX3wbXSJvdKgFZYPLM0SLaU+90RUc7/wtLYYPSVxgb6HyRV4zxJRGxtZG5JVsf33527ky1RZxwOaI6F2+VR7pXtf1LKzaHoK631P0ir8j+tWLLtr22y/uEV6/IfWmfhdkQ8lbf/PbHp/H9rk/XLfwAAAAAAANg+985ExPOrzf9Ll+f/9Kwy/2cgIk5vQ/3rf/6X3s8LyTZUB1RYPBPxUs38378qZwcPdeWf8/+7NB+gO714eXrqWET8JyKORHdvtj5WfdiqCcJHPznweb36K+f/ZUtWf3kuYH6o+4UVF+JOTsxNbM/ZQ2dbvB3xsDT/91C+pXr+T9b+JzXt/8evZAl+vcE6Djx793zVhl+e/HtYP/+BZil+GXF41et/nnS3k7XvzzFa6g+MlnsFtZ5+/9Nv6tUv/6F9sva/f+38700q79czu7Hj90TE8flCsd7+zfb/e5I3usrHz7w3MTd3YyyiJzlbu318YzHDXlXOh3K+ZPl/5Jm1x/+W+/8VebgvIhYarPN/jwd+rrdP+w/tk+X/5Nrt/1B1+7/RQl+M3x36Nr/FWI3zDbX/J0pt+pF8i/E/qFR7P45GE7Qt4QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALpdGxL8iSUeWy2k6MhIxEBH/jf50emZ27rmLM+9cm8z2VT//f3BpPSk//3+oYn18xfrxiNgfEZ917Sutj1yYmZ5s98kDAAAAAAAAAAAAAAAAAADADjFQuua/2Lvy+v/Mr13tjg5oukL+Xb5D5yls+pXF3m0NBGi5zec/sNs1nv/dTY0DaL36+f/wUbGkpeEALaT/D51rk/nv4wLYA7T/0KkaHNPra3YcQDs03P4vNjcOAAAAAABgW+w/dO/HJCIWXtxXWjI9+T6T/WFvS9sdANA25vBC5yrMtDsCoF28xweS5dKfq17sX3/2f9KcgAAAAAAAAAAAAACAGocPuv4fOlUascYjvM3th71sjev/V0t+twuAPaT+oz8aafsTPQTYxbzHB9Zrx13/DwAAAAAAAAAAAAA7QN/NKxPT01M3Zud3X+HlnRHGxgoLEzsijG0tPF7vZ8qPmd/YkbsjYmecYKsL5VtwtDGMNv5PAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqvwTAAD//9ywLb8=") sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001d00)=ANY=[@ANYBLOB="3c00000010000305000000000007000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000001400128009000100626f6e64000000000400028008000a00", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 7.385480928s ago: executing program 0 (id=940): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(0x0, r0) syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x18) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000300)={r6, r8, 0x25, 0x4}, 0x14) close_range(r5, 0xffffffffffffffff, 0x0) 6.278262249s ago: executing program 2 (id=942): syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000440)=ANY=[@ANYBLOB="696f636861727365743d63703835352c757466382c757466382c646d6f64653d3078303030303030303030303030393063382c63727566742c6f76657272696465726f636b7065726d2c636865636b3d7374726963742c6d61703d6f66662c6d6f64653d3078303030303030303030303030303030312c6d61703d6f66662c6f76657272696465726f636b7065726d2c696f636861727365743d64656661756c742c00553459239cc27347a48417c0f93ac0ba095e7cffc5c4fddc72b0acbb858ade3fa8677c39e605a858f1fc03aa3bb441f12627176b75e5312fd7b76a313eafaed505a653df3f3e4755d83dbfae9108d0698e5c7dd588899b31e82cc76d03aa10466b2c8cf82a352e67b4942d149ea42a7612de672d0824c9e3534784c0dd0e80f86758ea33fe023501c9caf88b760bca5be74b221f9b42d23d812d3628e05751725edf05033ecf2aede9bc0000000000000000000000001932664a95e40c386b4e989f0e60bd9c00bc7d00"/375], 0x12, 0xa06, &(0x7f00000005c0)="$eJzs3c1vXFfdB/Dv9UviulWSpnn69InaZpI+Sd3WOLZDE6IuILEniYtfkO1IjVg0pXFQFEOhpVJbIZFKiBUVSCAWsKtYISFVqpCohFB3sIMVCyTUf6FiFVZG987YGccvE7uOnaafTzQv997fPed35t65JzO+c0/YWZcfWm/pjRVzFvYum1pYqG6bnL74u8+SOp9/Z0c/ef+D98rbuzeyK515vvhj0pOklnQleSzpHhmdnppoU9D15HKSj5Miye40Hu/I5RQ/S8vb4OMUvynrXdOuOy2Zdhb4Qtvp/Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO5Fxcjo4OBQsStjkxdfqjUktRVGRqeniiwsrFyyuE7DR9Wo38VHbetNivKWnp7Fob4fO3Br8aNJakfyeGPq8WpA8vTknQcf3ffCI10di+uvlc1nsvvOi33j7XeuvzI/P/f6XUnk3ne+Pjk2MzU2ceZ8vTY2M1U7ffLk4PEL52Zq58bG6zOXZmbrE7WR6fqZ2anpWt/IM7Wh06dP1OoDl6YuTp4fHRivL8489aXhwcGTtRcHvlE/Mz0zNXn8xYGZkQtj4+Njk+ermHJxGXOq3BG/PjZbm62fmajVrl6bnztxW06duW3/LYOG2rWkDBpuFzQ8ODw8NDQ8PPRuc/TspRknnz/9/KnBwa7B22RFxF3aabm3PLD2Zt76gzhsUkej/0/GM5bJXMxLqa36bySjmc5UJtZY3rTY/x89Xl+33tb+v9nLd7UsPljeHcmTzcmeNfr/NXLZvn9v5O28k+t5JfOZz1xe3+oa3tzpFq7/73zqmcxYZjKVsUzkTDWn1pxTy+mczMkM5uVcyKHMpJZzGct46pnJpcxkNvVqjxrJdOo5k9lMZTq19GUkz6SWoZzO6ZxILfUM5FKmcjGTOZ/RnKlKuZpr1et+Yp0cl4KG7iRoeJ2gFZ35hvv/+u3/OeELZ+sP4rBJC83+f1f70L6R7UgIAAAA2HL/99fsObD/L/9KijxRfS9/bmy8PrjTaQEAAABbqDpd7/Hyobt89kQKn/8BAADgflNUv7ErkvTmUOPZ4i+hfAkAAAAA94nq7/9Ppjh0a4bP/wAAAHCfaX+N/bYRRf/i5X9rVxqPV5oRjami99zYeH1gZGr8haEcq64yUP3SYEVpnUnRXf384NkcbkQd7m089t4qsayzp4waGnhhKM/mSLMhfU+VD0/1rRI53Ih8uhH5dGtkZ5ZFnigjAeB+d2Sd/vhO+/9n09+I6D9YdfldB1fpgwf1rABwr6jG2Cn79f80hzRbpf9vjsLz5Fr9/5fX+fxfRuzP1UONUwoG8mpey3yupD/NMw4OrVbq4mgEjdMQ+tt8G9DbPGXh76f+lP4V3wf0LLW1NXYuw+lf9RuBlnKLxRxONOI679pmAIBtdSRLZ/6t+fm/Xf/f3+bzf69TCgHgnrI0gv1dfLLTbQQAltNLAwAAAAAAAAAAAAAAAAAAAAAAAAAAwNZrXv/3D+tewP9vx5L5+blkGwYLWHrSszzDz1JgR7Yp5x1/0plkp2r/aja8VrmN75WXzpPlT3b4wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC2KJLO1eZ3JLuTDCY5vv1Z3T03djqBrVLb3GrFzdzMW9mz1ekAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzRNa//35HG44ONWenqSI4muZzkmzud41a6udMJ7JjvVPct1//vSLqzUKSrsdlTdI+MTk9NlJu/2F0u/+T9D94rb+3LXjmqQllAWcOywSWaNbTM6V6+1sPVWr2jc29c/8Fr36uNnq12zLOz58ZHJ85Pf+1W4KPFh40hEFqHQVjM94dH//zzltm7mpV/WLZ0Ue+69Z6r6h1dWe//rtb6Neq9A9fm54bLmmbrL82++d1rb7Us2p/DyVN9Sd/ymr5d3tao6fDtr+dyxafFT4o9+VUuV9u/fDWKhaLcRHur9j9w9dr83MCrr81fWcrpR8ty2pdDSa4kPXee06HqeLKqaq/r6C5rHayCyrsDbcpbV0uJQ2u8rg9Xu0zvhtpQW7sNlTavezOjE6tm9IvvP5JjG97Sx9rUuKri0+KfxYX8Iz9uGf+jo9z+R7Pqu3OVIqrIlj2ldVnXsjY3IquWD7cuePn2Mrs23hI27af5Vr6ytP07Wo7/zW21PcejlhpXf18kG39f/Hbvih7llqpHOnBbj9Q8+qy1TjPPA42oNfL8nzyXdB3c0BHluTZHlLv1/v910Zd/54bxfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHtfkXSuNr8jOZpkX5K95XQtWWgs+f3+xZgbm6ivo7fYdK5bYTM5f/4Uaza0uJmbeSt7tjsjAAAAAAAAAO6Os6OfvP/Be+Wt+nt8Z/6/o7mklnQl2Vf8sntkdHpqok1B3cnlxT/p92wsh8vl3UO3pj8upx5rs9LOnj4AAJ9r/w0AAP//Ta9x7g==") 6.049751024s ago: executing program 2 (id=943): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10) io_setup(0x400, &(0x7f0000000340)) 3.62580668s ago: executing program 3 (id=949): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) get_mempolicy(0x0, 0x0, 0x2, &(0x7f0000146000/0x4000)=nil, 0x2) bpf$MAP_CREATE(0x0, 0x0, 0x48) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020782500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000001100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='sched_switch\x00', r0, 0x0, 0x100a}, 0x18) writev(0xffffffffffffffff, 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280), 0x181000, 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) 3.440205584s ago: executing program 4 (id=951): r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612) 3.345761966s ago: executing program 4 (id=952): socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket(0x2, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) sched_setscheduler(0x0, 0x2, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) bind$can_j1939(r0, &(0x7f0000000740)={0x1d, 0x0, 0x0, {0x2, 0xf0, 0x3}, 0x1}, 0x18) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 3.294480477s ago: executing program 3 (id=953): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) readahead(r0, 0x0, 0x101) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000c9ded30ec7", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0xc044) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800"/11], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0xf0, 0x30, 0xffff, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x1}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x6c, 0x2, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1b1, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x26e6}}, @TCA_GACT_PROB={0xfffffffffffffe74, 0x3, {0x1, 0x18a8, 0x6}}]}, {0x4}, {0xc, 0x3}, {0xfffffffffffffe00}}}]}]}, 0xf0}}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) 3.014613982s ago: executing program 2 (id=954): r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0) close(r0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00') r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r3 = socket$kcm(0x2, 0xa, 0x2) r4 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r2, &(0x7f0000000340)={@val={0xa}, @void, @eth={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}, @local, @void, {@ipv6={0x86dd, @udp={0xd, 0x6, '\x00 \x00', 0xc, 0x11, 0xff, @empty, @empty, {[], {0x4f19, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x3, 0x5, 0x100, @void}}}}}}}}}, 0x46) 2.175888669s ago: executing program 3 (id=955): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x101}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000640)='kfree\x00', r0, 0x0, 0x2}, 0x18) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a80000000060a010400000000000000000a0000010900010073797a310000000054000480500001800b00010074617267657400004000028008000240000000012c0003007339f2f10455afb9fdd672bad09dfb78c7699c74e891a0c70000000000000000000000000000000008000100544545000900020073797a32"], 0xa8}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) 1.917801004s ago: executing program 3 (id=956): syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x1000848, &(0x7f0000000080)=ANY=[], 0x1, 0x35b, &(0x7f00000004c0)="$eJzs3U9oI1UYAPAvO2nSXVjbg7AoCKM3Qcu24kFPLUsXFnNRCf45iMHtqjR1ocFg99BsvYhHwYugJz150IOHPYugiDcPXl1BVsWD7m3BxZEkk3bSpN1c0rXs73cIX977vnnvdYZm+icvry7H+sWZuHTz5o2YnS1FefncctwqxXwkMXA1RlXGtAEAx8OtLIu/s74JS0pTnhIAMGW91//XTxda3v32sPzMqz8AHHv5z/8nD86oDj+dKcSXpzYtAGCKRn7//8hQd2X4T/3lwn8FAADH1fMvvfzMSi3iuTSdjdh4r11v1+Ppvf6VS/FmNGMtzsZc3I7o3yh0H0q9x/MXaqtn0zTtxG/zUe9WtOsRG512vX+nsJL06quxGHMxn9fndxtZliXnv6qtLqY9EXG10xs/Nkrt+kycysf/+VSsxVKkcf9IfcSF2upSmh+gvjGo70TsxOxgEd35L8Rc/PhaXI5mXIxu7eC2pra6vZim57LaUH27Xu3l9c0e3QkBAAAAAAAAAAAAAAAAAAAAAOCesJDumt/d/ybb279nYWFMf29/nH59vj/QTn9/oKyaRZb99c7j9feTGNofaP/+PO16OU7c3aUDAAAAAAAAAAAAAAAAAADA/0ZrqxKNZnNts7V1Zb0YdDZbWyciotvy1vdffHMyRnPGBZ99FIMDlvMxCjlp3nRlvZElg6osGcrJg6Q7+KDl82u7My7mVHdXMW4+8wd3NZrN0w//+vFey0PJ4Mj/7uUkMX6lyb5pFION+/pTuuMXalywdIec61mWHVS+/cpoVZQiyhOeuImDrBt8d+ONB55onXmy1/J11vfoY3MvXP/w0z/WG83uyNE7g5XN1u1svZE/H3+xHRwkheunFP2gVLwSyoeV7wy3NJKf/nzxwQ9+mGz0rNjy9picpL+cL/d3VfpBd5r7uk6OG2tmzMU/heDMJ8uNa9u//D5pVeGbhI06AAAAAAAAAAAAAAAAAADgSBTeK57L3+w7c1jVU89Of2YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHT2Pv+/EOyMtEwS/NOJ0a7q2mYronK3lwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3uvwAAAP//G/ptkQ==") r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fd/3\x00') r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0) fcntl$notify(r1, 0x402, 0x8000001f) getdents64(r0, &(0x7f0000002f40)=""/4098, 0x1002) 1.877446885s ago: executing program 2 (id=957): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18) r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x108000) ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x81, 0x0, 0x1, 0x101, 0x0}) 1.238281356s ago: executing program 32 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) move_pages(0x0, 0x1ffffffffffffc17, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32, @ANYBLOB="01000000010000001c0012000c000100"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) 1.220689997s ago: executing program 2 (id=959): r0 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x40004}, 0x40000) syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF") mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008000000"], 0x48) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18) syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000240), 0x9, 0x61a, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgXI6I7X/4fg9FV8dccjA9fbWtwQFMVkyi3UUDHSdbP/+7aTX3NCQZooXI/oPzefrX3wbXSJvdKgFZYPLM0SLaU+90RUc7/wtLYYPSVxgb6HyRV4zxJRGxtZG5JVsf33527ky1RZxwOaI6F2+VR7pXtf1LKzaHoK631P0ir8j+tWLLtr22y/uEV6/IfWmfhdkQ8lbf/PbHp/H9rk/XLfwAAAAAAANg+985ExPOrzf9Ll+f/9Kwy/2cgIk5vQ/3rf/6X3s8LyTZUB1RYPBPxUs38378qZwcPdeWf8/+7NB+gO714eXrqWET8JyKORHdvtj5WfdiqCcJHPznweb36K+f/ZUtWf3kuYH6o+4UVF+JOTsxNbM/ZQ2dbvB3xsDT/91C+pXr+T9b+JzXt/8evZAl+vcE6Djx793zVhl+e/HtYP/+BZil+GXF41et/nnS3k7XvzzFa6g+MlnsFtZ5+/9Nv6tUv/6F9sva/f+38700q79czu7Hj90TE8flCsd7+zfb/e5I3usrHz7w3MTd3YyyiJzlbu318YzHDXlXOh3K+ZPl/5Jm1x/+W+/8VebgvIhYarPN/jwd+rrdP+w/tk+X/5Nrt/1B1+7/RQl+M3x36Nr/FWI3zDbX/J0pt+pF8i/E/qFR7P45GE7Qt4QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALpdGxL8iSUeWy2k6MhIxEBH/jf50emZ27rmLM+9cm8z2VT//f3BpPSk//3+oYn18xfrxiNgfEZ917Sutj1yYmZ5s98kDAAAAAAAAAAAAAAAAAADADjFQuua/2Lvy+v/Mr13tjg5oukL+Xb5D5yls+pXF3m0NBGi5zec/sNs1nv/dTY0DaL36+f/wUbGkpeEALaT/D51rk/nv4wLYA7T/0KkaHNPra3YcQDs03P4vNjcOAAAAAABgW+w/dO/HJCIWXtxXWjI9+T6T/WFvS9sdANA25vBC5yrMtDsCoF28xweS5dKfq17sX3/2f9KcgAAAAAAAAAAAAACAGocPuv4fOlUascYjvM3th71sjev/V0t+twuAPaT+oz8aafsTPQTYxbzHB9Zrx13/DwAAAAAAAAAAAAA7QN/NKxPT01M3Zud3X+HlnRHGxgoLEzsijG0tPF7vZ8qPmd/YkbsjYmecYKsL5VtwtDGMNv5PAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqvwTAAD//9ywLb8=") sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001d00)=ANY=[@ANYRES32=0x0, @ANYBLOB, @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) 1.184397128s ago: executing program 4 (id=960): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000340)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a3ff2", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x14}}}}}}}, 0x0) 909.734683ms ago: executing program 3 (id=961): syz_read_part_table(0x5c2, &(0x7f0000000e00)="$eJzs0z9LZFcUAPDzZnfy3CSbGULIFkkh7JSbBEyxW8xAFpkdpsnIYoJFUgcLUxhSWIiiFlYmfoEE/zU2kjIgpAkaEIWxEkvxCyg2VhOc95KIWATUROX3K96de865c97lzAR3WiF+yz910ohI4418m56vmrwQKXafj+KL1fqrZu/Ay9eDEUl8FRH1D9/u5pKzx4N/TvySr638W5ppX3thq/94tbz9dHezkjzM8+uFrNvIwXKpG/hm/trvzP2xVtsoTc+MNubGasN7jfHDT+PNLPF8sTrx5ZPqUCHbrmfrrzfdv9J+sbLTaR1F+a8/QaZz3Y25FS7O/+f3pvanTj9P4vtPnr27//vEj/lv4CT5v98UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC479YeRWl6ZrQxN1Yb/m424uulj+of/FD/dv75YnUifVIdKmR164VLjz+8cv/axt/9Jxvjh5X2i5WdTuvop8cfFzfbp31/5HXPkqt24jbK5x9n899r9ERET0QxT56b+UkS8f7Fw2/9hy8KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANwZ9VfN3oGXrwcjku6+v1Aunq2dNMtn0ZjtyetbebyZ9rUXtvqPV8vbT3c3K0sDafTG44hOIWIyIkYOlksRn13W8kG2vHPDN+Pf+DMAAP//S9JxCQ==") r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20) fallocate(r0, 0x3, 0x9, 0x10000) 853.267924ms ago: executing program 4 (id=962): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000070601080000001e000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80) 506.065921ms ago: executing program 4 (id=963): r0 = socket(0x2b, 0x1, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x12}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000100)={0x90002004}) 441.736402ms ago: executing program 2 (id=964): r0 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x10) prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000100)) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$netlink(0x10, 0x3, 0x0) close_range(r0, r1, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000140)={[{@grpid}, {@user_xattr}]}, 0xff, 0x48f, &(0x7f0000000b80)="$eJzs3MtvVNUfAPDvvW15/Hi0P0QUBK2gkfhoaUFl4UKNJi40MdEFLmtbEBmooTUR0mgxBpeGxL1xaeJf4M6NURfGxK0mLg0J0caE4qrmvugwnZa2tB3pfD7JdM6Ze+6c8733nplz7+mdANpWb/YnidgeEb9GRHeRvbVAb/E0Mz05fGN6cjiJ2dk3/kzyctenJ4erotV628rM4TQi/SSJ55P59Y5fuHhmqFYbPV/m+yfOvtc/fuHiU6fPDp0aPTV6bvD48WNHB559ZvDpVYkzi+v6vg/H9u995a0rrw2fuPL2D19nzdpzoFheH8dt3WgSUBO92Vb7azbXuOzRZbT9brCjLp10trAhLEtHRGS7qyvv/93REXM7rzte/riljQPWVPbdtHnhxVOzwAaWRKtbALRG9UWfnf9Wj3UaevwnXHshYlOZnpmeHJ65GX9npOXrXWtYf29EnJj654vsEcu9DgEAsAL52ObJZuO/NPbkz8Vcx85yDqUnIv4fEbsi4p6I2B0R90bkZe+LiPuLlWe7l1h/b0N+/vgnvdq0zaskG/89Vzf2m6mLv3zq6ShzO/L4u5KTp2ujR8ptcji6Nmf5gUXq+PalXz5baFn9+C97ZPVXY8GyAVc7Gy7QjQxNDK3WRrh2KWJfZ7P4k5szAdkRsDci9i3vrXdWidOPf7V/oUK3j38RqzDPNPtlxGPF/p+KhvgryeLzk/1bojZ6pL86Kub78efLry9U/x3FvwquHXygSMzt/4YS3X8nxXxtV9Rqo+fHl1/H5d8+XfCcZqXH/6bkzXzO+qd3itc+GJqYOD8QsSl5Nc9X53T564Nz61b5qnx2/B8+1Lz/7yrXyeLPtlJ2EB+IiAcj4qGy7Q9HxMGIOLRI/N+/+Mi7i8SfRBKt2/+XIkaafv7dPP57kvr5+hUkOs58981CM+ZL2//HYir/rC3kn3+3sdQG3uHmAwAAgLtCGhHbI0n7inTv9kjTvr7if/h3x//S2tj4xBMnx94/N1LcI9ATXWl1pau77nroQDJVvmORHyyvFVfLj5bXjT/v2Jrn+4bHaiMtjh3a3bZb+39U/T/zR0erWwesOfdrQftq7P9pi9oBrL+lfP87F4CN6db+vyX7s7VVbQHWl/N/aF/N+v9HDXnjf9iY5vf/35v8ZB2wERn/Q/vS/6F96f/Qlu7kvv6VJ6qbBVb+PluWfId/uySqX7xYy7q2xtwrkbY85DZKZD1mfSud+w0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9m/AQAA//+kuOWe") r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) rseq(&(0x7f0000000400), 0x20, 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x28011, r3, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9) sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x101, 0x0, 0x0, {0x5}}, @NFT_MSG_NEWCHAIN={0x4c, 0x3, 0xa, 0x301, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x20, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_HOOK_DEV={0x14, 0x3, 'sit0\x00'}]}]}], {0x14}}, 0x88}}, 0xc800) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x100004c, &(0x7f0000000100), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==") prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) creat(&(0x7f0000000880)='./file0\x00', 0x0) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x1200) 397.189033ms ago: executing program 3 (id=965): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x18, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x445bd}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r2}, 0x10) io_setup(0x400, &(0x7f0000000340)) 0s ago: executing program 4 (id=966): r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) readahead(r0, 0x0, 0x101) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) socket$nl_xfrm(0x10, 0x3, 0x6) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = getpid() sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000c9ded30ec7", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0xc044) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800"/11], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0xf0, 0x30, 0xffff, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x1}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x6c, 0x2, 0x0, 0x0, {{0x9}, {0x40, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1b1, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x26e6}}, @TCA_GACT_PROB={0xfffffffffffffe74, 0x3, {0x1, 0x18a8, 0x6}}]}, {0x4}, {0xc, 0x3}, {0xfffffffffffffe00}}}]}]}, 0xf0}}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) kernel console output (not intermixed with test programs): per that may corrupt user memory! [ 112.385370][ T5017] syz.0.210[5017] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 112.448049][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 112.565765][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 112.614405][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 112.656918][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 112.880581][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 112.902061][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 113.139130][ T5024] loop1: detected capacity change from 0 to 1024 [ 114.013783][ T5024] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 114.024886][ T5024] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 114.072930][ T5024] JBD2: no valid journal superblock found [ 114.078886][ T5024] EXT4-fs (loop1): error loading journal [ 114.239277][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.263774][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.338035][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.373395][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.397445][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.417501][ T26] kauditd_printk_skb: 151 callbacks suppressed [ 114.417517][ T26] audit: type=1326 audit(1757201336.050:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.417681][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.437630][ T26] audit: type=1326 audit(1757201336.050:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.456726][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.485428][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.493155][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.501351][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.508786][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.516826][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.523236][ T5028] loop3: detected capacity change from 0 to 2048 [ 114.524681][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.535919][ T26] audit: type=1326 audit(1757201336.060:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.538635][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.567767][ T26] audit: type=1326 audit(1757201336.060:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.577013][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.598257][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.605783][ T26] audit: type=1326 audit(1757201336.060:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.606384][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.636073][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.643973][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.652158][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.660178][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.667893][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.676092][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.677064][ T5028] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 114.688997][ T26] audit: type=1326 audit(1757201336.110:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.725326][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.734545][ T26] audit: type=1326 audit(1757201336.110:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.738964][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.758400][ T26] audit: type=1326 audit(1757201336.110:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.787722][ T26] audit: type=1326 audit(1757201336.110:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.797068][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.810183][ T26] audit: type=1326 audit(1757201336.110:337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5027 comm="syz.3.216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 114.842799][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.850386][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.857779][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.867991][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.875500][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.883084][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.891542][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.898945][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.906558][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.914060][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.921537][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.928945][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.936436][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.943868][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.951340][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.958760][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.966211][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.973799][ T4311] hid-generic 0000:0006:0007.0001: unknown main item tag 0x0 [ 114.990837][ T5016] netlink: 4 bytes leftover after parsing attributes in process `syz.2.212'. [ 114.991737][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 115.023256][ T4311] hid-generic 0000:0006:0007.0001: hidraw0: HID v0.0b Device [syz1] on syz1 [ 115.356473][ T5032] fido_id[5032]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 115.421507][ T5037] loop3: detected capacity change from 0 to 512 [ 115.485509][ T5037] EXT4-fs (loop3): orphan cleanup on readonly fs [ 115.532218][ T5037] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz.3.217: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 115.588034][ T5051] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 115.598488][ T5051] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 115.607052][ T5051] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 115.618568][ T5051] device bridge_slave_0 left promiscuous mode [ 115.626756][ T5051] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.641468][ T5037] EXT4-fs warning (device loop3): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 115.661303][ T5037] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 115.668091][ T5037] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 115.686848][ T5051] device bridge_slave_1 left promiscuous mode [ 115.695702][ T5051] bridge0: port 2(bridge_slave_1) entered disabled state [ 115.705096][ T5045] loop2: detected capacity change from 0 to 1024 [ 115.735517][ T5045] EXT4-fs: Ignoring removed mblk_io_submit option [ 115.766815][ T5051] bond0: (slave bond_slave_0): Releasing backup interface [ 115.817047][ T5045] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 115.921434][ T5051] bond0: (slave bond_slave_1): Releasing backup interface [ 115.933520][ T5045] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 115.952043][ T5045] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 115.966586][ T5045] EXT4-fs (loop2): This should not happen!! Data will be lost [ 115.966586][ T5045] [ 115.976454][ T5045] EXT4-fs (loop2): Total free blocks count 0 [ 115.982528][ T5045] EXT4-fs (loop2): Free/Dirty block details [ 116.000938][ T5045] EXT4-fs (loop2): free_blocks=68451041280 [ 116.008155][ T5045] EXT4-fs (loop2): dirty_blocks=80 [ 116.024737][ T5051] team0: Failed to send options change via netlink (err -105) [ 116.048855][ T5045] EXT4-fs (loop2): Block reservation details [ 116.055737][ T5045] EXT4-fs (loop2): i_reserved_data_blocks=5 [ 116.062257][ T5051] team0: Failed to send port change of device team_slave_0 via netlink (err -105) [ 116.064533][ T5065] loop4: detected capacity change from 0 to 128 [ 116.076755][ T5051] team0: Port device team_slave_0 removed [ 116.119998][ T5065] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 116.134062][ T5065] FAT-fs (loop4): Filesystem has been set read-only [ 116.152331][ T5065] syz.4.226: attempt to access beyond end of device [ 116.152331][ T5065] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 116.155712][ T5051] team0: Failed to send options change via netlink (err -105) [ 116.175964][ T5065] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 116.193928][ T5065] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100) [ 116.197264][ T5051] team0: Failed to send port change of device team_slave_1 via netlink (err -105) [ 116.208651][ T5065] syz.4.226: attempt to access beyond end of device [ 116.208651][ T5065] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 116.212751][ T5051] team0: Port device team_slave_1 removed [ 116.232529][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 116.240483][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 116.250043][ T5051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 116.257707][ T5051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 116.280868][ T5052] team0: Failed to send options change via netlink (err -105) [ 116.298240][ T5052] team0: Mode changed to "activebackup" [ 116.388221][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 116.516747][ T5062] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 116.570502][ T5062] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 116.594377][ T5072] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 116.594377][ T5072] program syz.1.229 not setting count and/or reply_len properly [ 116.616528][ T5062] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 116.664629][ T5062] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 116.680636][ T5062] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 116.707072][ T5062] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 116.736099][ T5062] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 116.959501][ T5062] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 116.971191][ T5062] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 116.999519][ T5062] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 117.041216][ T5083] syz.4.230[5083] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 117.041394][ T5083] syz.4.230[5083] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 119.223851][ T4273] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.241534][ T4273] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.247583][ T4273] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.328424][ T5085] loop3: detected capacity change from 0 to 1024 [ 119.339770][ T48] Bluetooth: hci4: command 0x0c1a tx timeout [ 119.463429][ T5085] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 119.474657][ T5085] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 119.497932][ T5085] JBD2: no valid journal superblock found [ 119.503770][ T5085] EXT4-fs (loop3): error loading journal [ 119.583249][ T5062] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 119.679677][ T5062] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 119.706228][ T5062] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 119.749324][ T5062] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 119.758395][ T5062] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 119.911826][ T5002] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28 [ 120.127921][ T5103] netlink: 272 bytes leftover after parsing attributes in process `syz.1.239'. [ 120.167574][ T5102] loop3: detected capacity change from 0 to 1024 [ 120.241186][ T5102] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 120.437379][ T26] kauditd_printk_skb: 50 callbacks suppressed [ 120.437394][ T26] audit: type=1326 audit(1757201342.070:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.465989][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.552470][ T5116] syz.1.244[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.552628][ T5116] syz.1.244[5116] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 120.666506][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 120.700913][ T26] audit: type=1326 audit(1757201342.140:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.747379][ T26] audit: type=1326 audit(1757201342.140:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.784801][ T26] audit: type=1326 audit(1757201342.140:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.815037][ T26] audit: type=1326 audit(1757201342.140:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.838409][ T26] audit: type=1326 audit(1757201342.140:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.869828][ T26] audit: type=1326 audit(1757201342.140:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 120.989444][ T26] audit: type=1326 audit(1757201342.140:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 121.011727][ C0] vkms_vblank_simulate: vblank timer overrun [ 121.018464][ T26] audit: type=1326 audit(1757201342.140:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 121.068039][ T26] audit: type=1326 audit(1757201342.140:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5110 comm="syz.2.242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 121.100050][ T5125] raw_sendmsg: syz.2.248 forgot to set AF_INET. Fix it! [ 121.369260][ T4271] Bluetooth: hci2: command 0x0406 tx timeout [ 121.375539][ T4271] Bluetooth: hci1: command 0x0406 tx timeout [ 121.383312][ T4271] Bluetooth: hci0: command 0x0406 tx timeout [ 121.898420][ T4273] Bluetooth: hci4: command 0x0406 tx timeout [ 121.905286][ T4273] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.781533][ T5141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.254'. [ 122.916954][ T5145] loop2: detected capacity change from 0 to 128 [ 123.243398][ T5148] syz.2.253: attempt to access beyond end of device [ 123.243398][ T5148] loop2: rw=2049, sector=138, nr_sectors = 8 limit=128 [ 123.324624][ T5158] loop4: detected capacity change from 0 to 764 [ 123.336830][ T5152] syz.2.253: attempt to access beyond end of device [ 123.336830][ T5152] loop2: rw=2049, sector=138, nr_sectors = 2 limit=128 [ 123.373343][ T5152] Buffer I/O error on dev loop2, logical block 69, lost async page write [ 123.572222][ T5160] syz.1.258[5160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.572358][ T5160] syz.1.258[5160] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 123.910244][ T5170] loop3: detected capacity change from 0 to 1024 [ 123.960273][ T5170] EXT4-fs: Ignoring removed orlov option [ 123.965993][ T5170] EXT4-fs: Ignoring removed nomblk_io_submit option [ 123.979838][ T4273] Bluetooth: hci3: command 0x0406 tx timeout [ 124.122336][ T5170] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 124.899811][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 125.023293][ T5188] netlink: 48 bytes leftover after parsing attributes in process `syz.2.269'. [ 125.916567][ T5200] loop2: detected capacity change from 0 to 128 [ 126.013072][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 126.013086][ T26] audit: type=1326 audit(1757201347.650:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.047664][ T5200] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 126.065856][ T26] audit: type=1326 audit(1757201347.700:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.098810][ T5200] FAT-fs (loop2): Filesystem has been set read-only [ 126.125885][ T5200] syz.2.273: attempt to access beyond end of device [ 126.125885][ T5200] loop2: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 126.160588][ T5200] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 126.165812][ T26] audit: type=1326 audit(1757201347.800:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.168599][ T5200] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100) [ 126.234794][ T5205] loop4: detected capacity change from 0 to 512 [ 126.259641][ T5200] syz.2.273: attempt to access beyond end of device [ 126.259641][ T5200] loop2: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 126.275202][ T26] audit: type=1326 audit(1757201347.800:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.311855][ T26] audit: type=1326 audit(1757201347.800:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.347740][ T5205] EXT4-fs (loop4): orphan cleanup on readonly fs [ 126.366498][ T5205] EXT4-fs error (device loop4): ext4_find_extent:936: inode #4: comm syz.4.274: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 126.426805][ T26] audit: type=1326 audit(1757201347.800:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.462306][ T5205] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=-117 [ 126.488166][ T5205] EXT4-fs warning (device loop4): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 126.519695][ T5205] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 126.526377][ T5205] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 126.533669][ T26] audit: type=1326 audit(1757201347.800:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.634194][ T26] audit: type=1326 audit(1757201347.800:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.734323][ T26] audit: type=1326 audit(1757201347.830:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5202 comm="syz.0.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 126.772684][ T5217] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.780230][ T5217] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.822754][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 126.850028][ T5222] device bridge_slave_1 left promiscuous mode [ 126.865933][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.273275][ T5222] device bridge_slave_0 left promiscuous mode [ 127.350048][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.913253][ T5224] netlink: 'syz.3.280': attribute type 3 has an invalid length. [ 127.922464][ T5224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.280'. [ 127.931614][ T5224] netlink: 'syz.3.280': attribute type 3 has an invalid length. [ 127.939337][ T5224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.280'. [ 127.948233][ T5224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.280'. [ 128.597333][ T5245] program syz.3.289 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 128.770527][ T5242] netlink: 'syz.0.286': attribute type 3 has an invalid length. [ 128.778357][ T5242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'. [ 128.788772][ T5242] netlink: 'syz.0.286': attribute type 3 has an invalid length. [ 128.796528][ T5242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'. [ 128.805650][ T5242] netlink: 12 bytes leftover after parsing attributes in process `syz.0.286'. [ 129.160436][ T5252] loop1: detected capacity change from 0 to 128 [ 129.244940][ T5252] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 129.310661][ T5252] FAT-fs (loop1): Filesystem has been set read-only [ 129.310712][ T5252] syz.1.290: attempt to access beyond end of device [ 129.310712][ T5252] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 129.310894][ T5252] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 129.310915][ T5252] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 129.311981][ T5252] syz.1.290: attempt to access beyond end of device [ 129.311981][ T5252] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 129.382638][ T5260] loop2: detected capacity change from 0 to 512 [ 129.526984][ T5260] EXT4-fs (loop2): orphan cleanup on readonly fs [ 129.601411][ T5260] EXT4-fs error (device loop2): ext4_find_extent:936: inode #4: comm syz.2.293: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 129.729787][ T5260] EXT4-fs warning (device loop2): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 129.801482][ T5260] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 129.808239][ T5260] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 130.872589][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 131.036050][ T26] kauditd_printk_skb: 57 callbacks suppressed [ 131.036065][ T26] audit: type=1326 audit(1757201352.670:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 131.146833][ T26] audit: type=1326 audit(1757201352.740:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 131.149955][ T5294] loop4: detected capacity change from 0 to 512 [ 131.257953][ T26] audit: type=1326 audit(1757201352.740:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 131.296221][ T5294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0102] [ 131.319304][ T5294] System zones: 1-12 [ 131.376039][ T26] audit: type=1326 audit(1757201352.740:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.0.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 131.398916][ T26] audit: type=1326 audit(1757201352.760:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 131.421260][ T26] audit: type=1326 audit(1757201352.760:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 131.468353][ T5294] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.306: error while reading EA inode 32 err=-116 [ 131.476038][ T26] audit: type=1326 audit(1757201352.760:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=275 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 131.616219][ T5294] EXT4-fs (loop4): Remounting filesystem read-only [ 131.659311][ T26] audit: type=1326 audit(1757201352.760:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 131.706021][ T5294] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.306: error while reading EA inode 32 err=-116 [ 131.768015][ T26] audit: type=1326 audit(1757201352.760:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 131.792996][ T5294] EXT4-fs (loop4): Remounting filesystem read-only [ 131.820625][ T5294] EXT4-fs (loop4): 1 orphan inode deleted [ 131.860943][ T5294] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 131.874580][ T26] audit: type=1326 audit(1757201352.760:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5291 comm="syz.1.307" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 132.042452][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 132.150533][ T5322] loop3: detected capacity change from 0 to 512 [ 132.231164][ T5322] EXT4-fs (loop3): orphan cleanup on readonly fs [ 132.280457][ T5322] EXT4-fs error (device loop3): ext4_find_extent:936: inode #4: comm syz.3.316: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 132.359997][ T5322] EXT4-fs warning (device loop3): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 132.402110][ T5322] EXT4-fs (loop3): Cannot turn on quotas: error -22 [ 132.433518][ T5332] loop2: detected capacity change from 0 to 512 [ 132.439845][ T5322] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 132.534310][ T5332] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 132.612121][ T5332] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002] [ 132.630192][ T5332] System zones: 1-12 [ 132.636725][ T5332] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.321: corrupted in-inode xattr [ 132.664260][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.670887][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.760370][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 132.766501][ T5332] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.321: couldn't read orphan inode 15 (err -117) [ 132.870384][ T5332] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 132.881408][ T5350] loop1: detected capacity change from 0 to 512 [ 133.027840][ T5350] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 133.061075][ T5350] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 133.194086][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 134.021492][ T4268] EXT4-fs (loop1): unmounting filesystem. [ 134.624802][ T5420] netlink: 8 bytes leftover after parsing attributes in process `syz.2.349'. [ 134.634108][ T5419] loop4: detected capacity change from 0 to 512 [ 134.672936][ T5419] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c02c, mo2=0102] [ 134.694248][ T5419] System zones: 1-12 [ 134.704382][ T5419] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.350: error while reading EA inode 32 err=-116 [ 134.726999][ T5419] EXT4-fs (loop4): Remounting filesystem read-only [ 134.737382][ T5419] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.350: error while reading EA inode 32 err=-116 [ 134.759231][ T5419] EXT4-fs (loop4): Remounting filesystem read-only [ 134.767466][ T5419] EXT4-fs (loop4): 1 orphan inode deleted [ 134.773343][ T5419] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 134.839395][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 135.464451][ T5438] hub 2-0:1.0: USB hub found [ 135.523938][ T5438] hub 2-0:1.0: 1 port detected [ 135.537668][ T5440] loop2: detected capacity change from 0 to 512 [ 135.584147][ T5440] EXT4-fs (loop2): orphan cleanup on readonly fs [ 135.650779][ T5440] EXT4-fs error (device loop2): ext4_find_extent:936: inode #4: comm syz.2.358: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 135.746507][ T5440] EXT4-fs warning (device loop2): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 135.761404][ T5440] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 135.768125][ T5440] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 135.981096][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 136.374907][ T5458] netlink: 'syz.0.362': attribute type 3 has an invalid length. [ 136.382760][ T5458] netlink: 12 bytes leftover after parsing attributes in process `syz.0.362'. [ 136.393103][ T5458] netlink: 'syz.0.362': attribute type 3 has an invalid length. [ 136.400852][ T5458] netlink: 12 bytes leftover after parsing attributes in process `syz.0.362'. [ 136.409913][ T5458] netlink: 12 bytes leftover after parsing attributes in process `syz.0.362'. [ 137.128306][ T5456] loop2: detected capacity change from 0 to 1024 [ 137.241000][ T5456] EXT4-fs (loop2): revision level too high, forcing read-only mode [ 137.261995][ T5456] EXT4-fs (loop2): orphan cleanup on readonly fs [ 137.274484][ T5456] __quota_error: 48 callbacks suppressed [ 137.274499][ T5456] Quota error (device loop2): v2_read_file_info: Can't read info structure [ 137.315098][ T5456] EXT4-fs warning (device loop2): ext4_enable_quotas:7068: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix. [ 137.329771][ T5456] EXT4-fs (loop2): Cannot turn on quotas: error -5 [ 137.344129][ T5456] EXT4-fs (loop2): 1 truncate cleaned up [ 137.374376][ T5456] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 137.400442][ T5469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.367'. [ 137.482601][ T5469] loop3: detected capacity change from 0 to 1024 [ 137.560218][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 137.582767][ T5469] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 137.593900][ T26] audit: type=1326 audit(1757201359.230:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5470 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 137.665871][ T5469] netlink: 4 bytes leftover after parsing attributes in process `syz.3.367'. [ 137.692066][ T26] audit: type=1326 audit(1757201359.230:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5470 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 137.816301][ T26] audit: type=1326 audit(1757201359.230:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5470 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 137.885163][ T26] audit: type=1326 audit(1757201359.230:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5470 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 137.920074][ T5484] loop1: detected capacity change from 0 to 256 [ 137.936604][ T26] audit: type=1326 audit(1757201359.230:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5470 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 138.020035][ T26] audit: type=1326 audit(1757201359.650:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5485 comm="syz.4.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 138.065399][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 138.082497][ T26] audit: type=1326 audit(1757201359.650:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5485 comm="syz.4.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 138.210576][ T26] audit: type=1326 audit(1757201359.650:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5485 comm="syz.4.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 138.317880][ T26] audit: type=1326 audit(1757201359.650:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5485 comm="syz.4.373" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 138.535311][ T5481] loop2: detected capacity change from 0 to 512 [ 138.645918][ T5481] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 138.659537][ T5481] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 139.080472][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 139.141058][ T5517] syz.3.382[5517] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.141185][ T5517] syz.3.382[5517] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 139.559788][ T5532] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 139.613710][ T5534] loop2: detected capacity change from 0 to 512 [ 139.649950][ T5534] EXT4-fs (loop2): orphan cleanup on readonly fs [ 139.663330][ T5534] EXT4-fs error (device loop2): ext4_find_extent:936: inode #4: comm syz.2.392: pblk 2 bad header/extent: invalid magic - magic 3fff, entries 12, max 508(0), depth 0(0) [ 139.691866][ T5534] EXT4-fs warning (device loop2): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 139.710696][ T5534] EXT4-fs (loop2): Cannot turn on quotas: error -22 [ 139.717429][ T5534] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 139.967087][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 140.035482][ T5544] netlink: 'syz.0.396': attribute type 1 has an invalid length. [ 140.086900][ T5544] 8021q: adding VLAN 0 to HW filter on device bond1 [ 140.484379][ T5550] loop4: detected capacity change from 0 to 8192 [ 140.554948][ T5550] syz.4.398: attempt to access beyond end of device [ 140.554948][ T5550] loop4: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 140.583244][ T5559] loop2: detected capacity change from 0 to 512 [ 140.641852][ T5550] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 140.658884][ T5550] FAT-fs (loop4): Filesystem has been set read-only [ 140.674598][ T5559] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 140.729341][ T5559] ext4 filesystem being mounted at /73/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 140.766283][ T5550] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 140.775884][ T5550] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000e1b1) [ 140.807872][ T5559] EXT4-fs (loop2): re-mounted. Quota mode: writeback. [ 140.956336][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 141.208331][ T5554] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 141.235489][ T5554] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 141.256666][ T5554] Bluetooth: hci0: Suspend notifier action (1) failed: -4 [ 141.276587][ T5554] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 141.299442][ T5554] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 141.318499][ T5554] Bluetooth: hci1: Suspend notifier action (1) failed: -4 [ 141.337748][ T5554] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 141.358015][ T5554] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 141.373128][ T5554] Bluetooth: hci2: Suspend notifier action (1) failed: -4 [ 141.386626][ T5554] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 141.399299][ T5554] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 141.430521][ T5554] Bluetooth: hci4: Suspend notifier action (1) failed: -4 [ 141.443506][ T5554] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 141.471690][ T5554] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 141.486367][ T5554] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 141.512065][ T5583] netlink: 8 bytes leftover after parsing attributes in process `syz.4.407'. [ 141.696217][ T5590] netlink: 20 bytes leftover after parsing attributes in process `syz.1.409'. [ 141.862406][ T5595] loop1: detected capacity change from 0 to 128 [ 142.008908][ T5595] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 142.050000][ T5595] FAT-fs (loop1): Filesystem has been set read-only [ 142.056668][ T5595] syz.1.412: attempt to access beyond end of device [ 142.056668][ T5595] loop1: rw=524288, sector=2065, nr_sectors = 8 limit=128 [ 142.071202][ T5595] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 142.079429][ T5595] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 142.116948][ T5595] syz.1.412: attempt to access beyond end of device [ 142.116948][ T5595] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 142.490172][ T4271] Bluetooth: hci0: command 0x0c1a tx timeout [ 142.593808][ T5595] syz.1.412: attempt to access beyond end of device [ 142.593808][ T5595] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 142.972123][ T5595] syz.1.412: attempt to access beyond end of device [ 142.972123][ T5595] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.020825][ T5594] syz.1.412: attempt to access beyond end of device [ 143.020825][ T5594] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.079935][ T5594] syz.1.412: attempt to access beyond end of device [ 143.079935][ T5594] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.111504][ T5595] syz.1.412: attempt to access beyond end of device [ 143.111504][ T5595] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.168641][ T5605] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.191084][ T5594] syz.1.412: attempt to access beyond end of device [ 143.191084][ T5594] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.221134][ T5600] syz.1.412: attempt to access beyond end of device [ 143.221134][ T5600] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128 [ 143.271566][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.289338][ T4271] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.369313][ T4271] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.389529][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.432257][ T5605] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.449263][ T4271] Bluetooth: hci3: command 0x0c1a tx timeout [ 143.449273][ T4273] Bluetooth: hci4: command 0x0c1a tx timeout [ 143.454548][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.488290][ T5614] loop4: detected capacity change from 0 to 512 [ 143.537441][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.544762][ T5614] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.417: iget: bad i_size value: 38620345925642 [ 143.606984][ T5614] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.417: couldn't read orphan inode 15 (err -117) [ 143.626967][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.668034][ T5614] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 143.679033][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.703283][ T5605] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.731484][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.779880][ T5617] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.417: bg 0: block 5: invalid block bitmap [ 143.812748][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.813718][ T5617] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 292 with error 28 [ 143.897197][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.903994][ T5617] EXT4-fs (loop4): This should not happen!! Data will be lost [ 143.903994][ T5617] [ 143.915405][ T5617] EXT4-fs (loop4): Total free blocks count 0 [ 143.922155][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.926530][ T5617] EXT4-fs (loop4): Free/Dirty block details [ 143.936780][ T5617] EXT4-fs (loop4): free_blocks=0 [ 143.951679][ T5605] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 143.971824][ T5617] EXT4-fs (loop4): dirty_blocks=292 [ 143.977143][ T5617] EXT4-fs (loop4): Block reservation details [ 143.986912][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 143.993216][ T5617] EXT4-fs (loop4): i_reserved_data_blocks=292 [ 144.025534][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.075979][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.157114][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.194963][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.227113][ T5605] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.244730][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 144.253777][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.289926][ T5622] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 144.296752][ T5605] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.304942][ T5622] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 144.320459][ T5622] vhci_hcd vhci_hcd.0: Device attached [ 144.360331][ T5623] vhci_hcd: connection closed [ 144.362715][ T4938] vhci_hcd: stop threads [ 144.378274][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.385514][ T5605] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.399905][ T4938] vhci_hcd: release socket [ 144.410130][ T4938] vhci_hcd: disconnect device [ 144.422646][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.423424][ T5626] netlink: 68 bytes leftover after parsing attributes in process `syz.4.420'. [ 144.440777][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.450921][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.458787][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.464765][ T5605] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.493907][ T5626] tipc: Started in network mode [ 144.513585][ T5626] tipc: Node identity ac14140f, cluster identity 4711 [ 144.539765][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.554157][ T5626] tipc: New replicast peer: 255.255.255.255 [ 144.558968][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.570296][ T48] Bluetooth: hci0: command 0x0406 tx timeout [ 144.577521][ T5626] tipc: Enabled bearer , priority 10 [ 144.587180][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.609278][ T5594] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.645073][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.739314][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.747392][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.795161][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.808528][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.832004][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.858112][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 144.897712][ T5600] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000100) [ 145.059390][ T5636] netlink: 80 bytes leftover after parsing attributes in process `syz.2.425'. [ 145.068327][ T5636] netlink: 12 bytes leftover after parsing attributes in process `syz.2.425'. [ 145.109461][ T5636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.425'. [ 145.147892][ T5636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.425'. [ 145.186144][ T5642] netlink: 16 bytes leftover after parsing attributes in process `syz.1.428'. [ 145.418171][ T4271] Bluetooth: hci1: command 0x0406 tx timeout [ 145.450279][ T48] Bluetooth: hci2: command 0x0406 tx timeout [ 145.679648][ T4271] Bluetooth: hci4: command 0x0406 tx timeout [ 146.090868][ T4271] Bluetooth: hci3: command 0x0406 tx timeout [ 146.099593][ T4376] tipc: Node number set to 2886997007 [ 146.114187][ T5657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.432'. [ 146.140113][ T5655] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0 [ 146.141981][ T5651] IPVS: stopping master sync thread 5655 ... [ 146.248185][ T5656] lo speed is unknown, defaulting to 1000 [ 146.248346][ T5656] lo speed is unknown, defaulting to 1000 [ 146.444544][ T5664] loop4: detected capacity change from 0 to 512 [ 146.453499][ T5664] EXT4-fs: Ignoring removed bh option [ 146.458604][ T5664] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 146.497734][ T5665] loop3: detected capacity change from 0 to 2048 [ 146.763465][ T5665] loop3: p1 p3 p4 [ 146.768824][ T5664] EXT4-fs (loop4): 1 truncate cleaned up [ 146.931517][ T5664] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 146.973410][ T5656] lo speed is unknown, defaulting to 1000 [ 147.194142][ T5665] loop3: p4 size 589824 extends beyond EOD, truncated [ 147.333948][ T5656] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 147.413899][ T5656] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 147.515123][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 147.841772][ T5656] lo speed is unknown, defaulting to 1000 [ 147.862153][ T5656] lo speed is unknown, defaulting to 1000 [ 147.915480][ T5686] syz.1.438[5686] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 147.915613][ T5686] syz.1.438[5686] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 147.954322][ T5656] lo speed is unknown, defaulting to 1000 [ 148.018880][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 148.018895][ T26] audit: type=1326 audit(1757201369.650:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.069913][ T5656] lo speed is unknown, defaulting to 1000 [ 148.096761][ T26] audit: type=1326 audit(1757201369.650:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.134339][ T5656] lo speed is unknown, defaulting to 1000 [ 148.176835][ T26] audit: type=1326 audit(1757201369.700:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.270982][ T26] audit: type=1326 audit(1757201369.700:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.336382][ T26] audit: type=1326 audit(1757201369.700:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.498866][ T26] audit: type=1326 audit(1757201369.700:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.619537][ T26] audit: type=1326 audit(1757201369.700:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.713988][ T26] audit: type=1326 audit(1757201369.700:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.807865][ T26] audit: type=1326 audit(1757201369.700:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 148.893334][ T26] audit: type=1326 audit(1757201369.700:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5687 comm="syz.4.440" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 149.242600][ T5719] netlink: 24 bytes leftover after parsing attributes in process `syz.4.450'. [ 149.634503][ T5734] loop4: detected capacity change from 0 to 1024 [ 149.808804][ T5734] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 150.077954][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 150.143303][ T4311] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 150.192980][ T4311] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 150.812584][ T5771] hid-generic 0000:0000:0000.0002: pid 5771 passed too short report [ 150.825037][ T5772] loop3: detected capacity change from 0 to 512 [ 151.026150][ T5772] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 151.049822][ T5772] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 151.847486][ T5781] lo speed is unknown, defaulting to 1000 [ 152.179536][ T5781] EXT4-fs error (device loop3): ext4_empty_dir:3136: inode #12: comm syz.3.467: invalid size [ 152.586213][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 153.898297][ T5802] loop3: detected capacity change from 0 to 128 [ 154.167253][ T5811] IPv6: Can't replace route, no match found [ 154.213496][ T5802] FAT-fs (loop3): Unrecognized mount option "" or missing value [ 154.265623][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 154.265636][ T26] audit: type=1326 audit(1757201375.900:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.357694][ T5816] loop2: detected capacity change from 0 to 512 [ 154.376417][ T26] audit: type=1326 audit(1757201375.910:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.508647][ T26] audit: type=1326 audit(1757201375.910:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.534328][ T5816] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 154.612626][ T5816] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 154.688431][ T5816] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #2: comm syz.2.478: corrupted inode contents [ 154.709269][ T26] audit: type=1326 audit(1757201375.910:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.790611][ T5816] EXT4-fs error (device loop2): ext4_dirty_inode:6119: inode #2: comm syz.2.478: mark_inode_dirty error [ 154.802143][ T26] audit: type=1326 audit(1757201375.910:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.856020][ T5816] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #2: comm syz.2.478: corrupted inode contents [ 154.891024][ T26] audit: type=1326 audit(1757201375.910:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 154.942167][ T5816] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #2: comm syz.2.478: mark_inode_dirty error [ 154.963788][ T26] audit: type=1326 audit(1757201375.920:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 155.078995][ T26] audit: type=1326 audit(1757201375.920:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 155.163816][ T26] audit: type=1326 audit(1757201375.920:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 155.231564][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 155.269477][ T26] audit: type=1326 audit(1757201375.920:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5812 comm="syz.0.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 155.803578][ T5849] loop2: detected capacity change from 0 to 1024 [ 155.974868][ T5849] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 155.985984][ T5849] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 156.007942][ T5849] JBD2: no valid journal superblock found [ 156.014258][ T5849] EXT4-fs (loop2): error loading journal [ 156.598080][ T5855] devtmpfs: Bad value for 'size' [ 157.757255][ T5896] loop4: detected capacity change from 0 to 1024 [ 157.785897][ T5896] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 157.797049][ T5896] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 157.816964][ T5896] JBD2: no valid journal superblock found [ 157.823130][ T5896] EXT4-fs (loop4): error loading journal [ 158.712839][ T5901] syz.3.504[5901] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.712968][ T5901] syz.3.504[5901] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 158.847376][ T5906] netlink: 'syz.0.507': attribute type 13 has an invalid length. [ 159.089688][ T5906] gretap0: refused to change device tx_queue_len [ 159.100428][ T5906] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 159.312253][ T26] kauditd_printk_skb: 22 callbacks suppressed [ 159.312267][ T26] audit: type=1326 audit(1757201636.947:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.352646][ T5920] hub 6-0:1.0: USB hub found [ 159.369322][ T5920] hub 6-0:1.0: 1 port detected [ 159.407165][ T26] audit: type=1326 audit(1757201636.977:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.523724][ T26] audit: type=1326 audit(1757201636.977:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.626506][ T26] audit: type=1326 audit(1757201636.977:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.728640][ T26] audit: type=1326 audit(1757201636.977:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5919 comm="syz.2.513" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.857518][ T26] audit: type=1326 audit(1757201637.217:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.882436][ T26] audit: type=1326 audit(1757201637.217:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 159.929312][ T26] audit: type=1326 audit(1757201637.217:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 161.141325][ T5943] loop2: detected capacity change from 0 to 1024 [ 161.251257][ T5943] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 161.262300][ T5943] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 161.284271][ T5943] JBD2: no valid journal superblock found [ 161.290330][ T5943] EXT4-fs (loop2): error loading journal [ 161.594107][ T26] audit: type=1326 audit(1757201637.217:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 161.860975][ T5941] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.877810][ T26] audit: type=1326 audit(1757201637.217:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.2.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 162.074096][ T5941] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.213034][ T5941] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.310173][ T5941] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.435394][ T5941] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.451442][ T5941] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.466414][ T5941] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.480731][ T5941] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 162.495927][ T5962] IPv6: Can't replace route, no match found [ 162.723196][ T5966] loop4: detected capacity change from 0 to 512 [ 162.744272][ T5966] EXT4-fs: Ignoring removed mblk_io_submit option [ 162.797705][ T5966] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 162.821176][ T5971] loop2: detected capacity change from 0 to 128 [ 162.854772][ T5971] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 162.902258][ T5971] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 162.933112][ T5966] EXT4-fs (loop4): 1 truncate cleaned up [ 162.938820][ T5966] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 163.361000][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 163.897430][ T5997] loop4: detected capacity change from 0 to 1024 [ 163.940204][ T5997] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 163.951370][ T5997] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 163.974102][ T5997] JBD2: no valid journal superblock found [ 163.980012][ T5997] EXT4-fs (loop4): error loading journal [ 165.433052][ T6029] netlink: 'syz.1.548': attribute type 3 has an invalid length. [ 165.440869][ T6029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.548'. [ 165.450466][ T6029] netlink: 'syz.1.548': attribute type 3 has an invalid length. [ 165.458266][ T6029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.548'. [ 165.467297][ T6029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.548'. [ 165.561977][ T6029] lo speed is unknown, defaulting to 1000 [ 166.689013][ T6037] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 166.903448][ T6037] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.097416][ T6037] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.328543][ T6037] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 167.522863][ T6037] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.600474][ T6037] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.745020][ T6037] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 167.808718][ T6037] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 168.323071][ T6068] netlink: 'syz.4.561': attribute type 3 has an invalid length. [ 168.330981][ T6068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.561'. [ 168.340610][ T6068] netlink: 'syz.4.561': attribute type 3 has an invalid length. [ 168.348293][ T6068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.561'. [ 168.357317][ T6068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.561'. [ 168.445697][ T6068] lo speed is unknown, defaulting to 1000 [ 171.087594][ T6109] netlink: 'syz.2.575': attribute type 3 has an invalid length. [ 171.095603][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.575'. [ 171.105302][ T6109] netlink: 'syz.2.575': attribute type 3 has an invalid length. [ 171.113154][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.575'. [ 171.122277][ T6109] netlink: 12 bytes leftover after parsing attributes in process `syz.2.575'. [ 171.207479][ T6109] lo speed is unknown, defaulting to 1000 [ 172.323155][ T6112] loop3: detected capacity change from 0 to 8192 [ 173.160803][ T6131] syz.4.580[6131] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 173.160938][ T6131] syz.4.580[6131] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 173.396992][ T6134] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 173.706133][ T6140] netlink: 'syz.1.584': attribute type 21 has an invalid length. [ 173.873599][ T6140] netlink: 132 bytes leftover after parsing attributes in process `syz.1.584'. [ 174.035719][ T6140] netlink: 'syz.1.584': attribute type 1 has an invalid length. [ 174.546359][ T6158] netlink: 32 bytes leftover after parsing attributes in process `syz.2.590'. [ 174.565306][ T6158] loop2: detected capacity change from 0 to 512 [ 174.640032][ T6161] netlink: 'syz.0.589': attribute type 3 has an invalid length. [ 174.647784][ T6161] netlink: 12 bytes leftover after parsing attributes in process `syz.0.589'. [ 174.657263][ T6161] netlink: 'syz.0.589': attribute type 3 has an invalid length. [ 174.665049][ T6161] netlink: 12 bytes leftover after parsing attributes in process `syz.0.589'. [ 174.674099][ T6161] netlink: 12 bytes leftover after parsing attributes in process `syz.0.589'. [ 174.757924][ T6161] lo speed is unknown, defaulting to 1000 [ 175.037788][ T6158] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 175.088328][ T6158] ext4 filesystem being mounted at /118/file2 supports timestamps until 2038-01-19 (0x7fffffff) [ 175.533272][ T6158] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #4: comm syz.2.590: corrupted inode contents [ 175.571428][ T6158] EXT4-fs error (device loop2): ext4_dirty_inode:6119: inode #4: comm syz.2.590: mark_inode_dirty error [ 175.626218][ T6158] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #4: comm syz.2.590: corrupted inode contents [ 175.663111][ T6158] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.590: mark_inode_dirty error [ 175.699020][ T6158] __quota_error: 55 callbacks suppressed [ 175.699036][ T6158] Quota error (device loop2): write_blk: dquota write failed [ 175.755485][ T6158] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota [ 175.779282][ T6158] EXT4-fs error (device loop2): ext4_acquire_dquot:6816: comm syz.2.590: Failed to acquire dquot type 1 [ 175.891918][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 175.977644][ T26] audit: type=1326 audit(1757201653.607:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.056922][ T26] audit: type=1326 audit(1757201653.677:680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.699978][ T26] audit: type=1326 audit(1757201653.717:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.793472][ T26] audit: type=1326 audit(1757201653.717:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.885509][ T26] audit: type=1326 audit(1757201653.717:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.908751][ T26] audit: type=1326 audit(1757201653.717:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.931594][ T26] audit: type=1326 audit(1757201653.717:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 176.954189][ T26] audit: type=1326 audit(1757201653.727:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6176 comm="syz.3.596" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 177.381709][ T6200] netlink: 'syz.1.602': attribute type 3 has an invalid length. [ 177.389505][ T6200] netlink: 12 bytes leftover after parsing attributes in process `syz.1.602'. [ 177.398985][ T6200] netlink: 'syz.1.602': attribute type 3 has an invalid length. [ 177.406768][ T6200] netlink: 12 bytes leftover after parsing attributes in process `syz.1.602'. [ 177.415817][ T6200] netlink: 12 bytes leftover after parsing attributes in process `syz.1.602'. [ 177.508367][ T6200] lo speed is unknown, defaulting to 1000 [ 179.176531][ T6226] loop2: detected capacity change from 0 to 1024 [ 179.331652][ T6226] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 179.342775][ T6226] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 179.450232][ T6226] JBD2: no valid journal superblock found [ 179.456092][ T6226] EXT4-fs (loop2): error loading journal [ 180.392405][ T6244] netlink: 'syz.0.616': attribute type 3 has an invalid length. [ 180.400322][ T6244] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'. [ 180.409886][ T6244] netlink: 'syz.0.616': attribute type 3 has an invalid length. [ 180.417721][ T6244] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'. [ 180.426850][ T6244] netlink: 12 bytes leftover after parsing attributes in process `syz.0.616'. [ 180.522118][ T6244] lo speed is unknown, defaulting to 1000 [ 181.434547][ T6256] 9p: Unknown Cache mode 0 [ 181.618564][ T6263] syz.0.625[6263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.618671][ T6263] syz.0.625[6263] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 181.794144][ T26] kauditd_printk_skb: 52 callbacks suppressed [ 181.794159][ T26] audit: type=1326 audit(1757201659.427:739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 181.972183][ T26] audit: type=1326 audit(1757201659.427:740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.030981][ T26] audit: type=1326 audit(1757201659.477:741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.053833][ T26] audit: type=1326 audit(1757201659.477:742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.076475][ T26] audit: type=1326 audit(1757201659.477:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.099737][ T26] audit: type=1326 audit(1757201659.477:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=278 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.149302][ T26] audit: type=1326 audit(1757201659.477:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.183047][ T26] audit: type=1326 audit(1757201659.477:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6266 comm="syz.0.627" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 182.375556][ T6276] loop3: detected capacity change from 0 to 1024 [ 182.441273][ T6276] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 182.509715][ T6276] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 182.576578][ T6283] netlink: 'syz.0.632': attribute type 3 has an invalid length. [ 182.584500][ T6283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.632'. [ 182.594108][ T6283] netlink: 'syz.0.632': attribute type 3 has an invalid length. [ 182.601850][ T6283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.632'. [ 182.611032][ T6283] netlink: 12 bytes leftover after parsing attributes in process `syz.0.632'. [ 182.697506][ T6283] lo speed is unknown, defaulting to 1000 [ 183.431464][ T6276] JBD2: no valid journal superblock found [ 183.480215][ T6276] EXT4-fs (loop3): error loading journal [ 183.618677][ T26] audit: type=1326 audit(1757201661.247:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6289 comm="syz.0.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 183.652209][ T26] audit: type=1326 audit(1757201661.277:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6289 comm="syz.0.635" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 183.982953][ T6302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.639'. [ 184.266997][ T6311] loop2: detected capacity change from 0 to 1024 [ 184.347294][ T6311] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 184.429378][ T6311] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 184.596709][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 185.069469][ T6332] netlink: 'syz.0.646': attribute type 3 has an invalid length. [ 185.077258][ T6332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 185.086803][ T6332] netlink: 'syz.0.646': attribute type 3 has an invalid length. [ 185.094559][ T6332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 185.103680][ T6332] netlink: 12 bytes leftover after parsing attributes in process `syz.0.646'. [ 185.192385][ T6332] lo speed is unknown, defaulting to 1000 [ 186.367222][ T6354] syz.0.650[6354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 186.367412][ T6354] syz.0.650[6354] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 187.888046][ T6372] netlink: 'syz.1.661': attribute type 3 has an invalid length. [ 187.907068][ T6372] netlink: 12 bytes leftover after parsing attributes in process `syz.1.661'. [ 187.916524][ T6372] netlink: 'syz.1.661': attribute type 3 has an invalid length. [ 187.924372][ T6372] netlink: 12 bytes leftover after parsing attributes in process `syz.1.661'. [ 187.933318][ T6372] netlink: 12 bytes leftover after parsing attributes in process `syz.1.661'. [ 187.984009][ T6372] lo speed is unknown, defaulting to 1000 [ 188.868646][ T6383] loop4: detected capacity change from 0 to 1024 [ 188.957919][ T6383] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 188.983310][ T26] kauditd_printk_skb: 19 callbacks suppressed [ 188.983326][ T26] audit: type=1800 audit(1757201666.617:768): pid=6383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.665" name="bus" dev="loop4" ino=18 res=0 errno=0 [ 189.018914][ T6383] EXT4-fs error (device loop4): mb_free_blocks:1810: group 0, inode 18: block 113:freeing already freed block (bit 7); block bitmap corrupt. [ 189.050983][ T6385] loop3: detected capacity change from 0 to 1024 [ 189.161227][ T6385] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 189.187004][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 189.253733][ T6385] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 189.329154][ T6385] JBD2: no valid journal superblock found [ 189.354251][ T6385] EXT4-fs (loop3): error loading journal [ 189.723397][ T26] audit: type=1326 audit(1757201667.357:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 189.734825][ T6400] program syz.1.673 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 189.799197][ T26] audit: type=1326 audit(1757201667.357:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 189.862147][ T26] audit: type=1326 audit(1757201667.357:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 189.958229][ T26] audit: type=1326 audit(1757201667.357:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.058622][ T26] audit: type=1326 audit(1757201667.357:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.168021][ T26] audit: type=1326 audit(1757201667.357:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.212091][ T26] audit: type=1326 audit(1757201667.357:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.235423][ T26] audit: type=1326 audit(1757201667.357:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.267663][ T26] audit: type=1326 audit(1757201667.357:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6399 comm="syz.1.673" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 190.439242][ T6417] netlink: 'syz.4.677': attribute type 3 has an invalid length. [ 190.447082][ T6417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.677'. [ 190.456573][ T6417] netlink: 'syz.4.677': attribute type 3 has an invalid length. [ 190.464293][ T6417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.677'. [ 190.473331][ T6417] netlink: 12 bytes leftover after parsing attributes in process `syz.4.677'. [ 190.515525][ T6417] lo speed is unknown, defaulting to 1000 [ 192.604793][ T6453] netlink: 'syz.4.692': attribute type 3 has an invalid length. [ 192.612682][ T6453] netlink: 12 bytes leftover after parsing attributes in process `syz.4.692'. [ 192.622214][ T6453] netlink: 'syz.4.692': attribute type 3 has an invalid length. [ 192.629979][ T6453] netlink: 12 bytes leftover after parsing attributes in process `syz.4.692'. [ 192.639020][ T6453] netlink: 12 bytes leftover after parsing attributes in process `syz.4.692'. [ 192.731510][ T6453] lo speed is unknown, defaulting to 1000 [ 194.077837][ T26] kauditd_printk_skb: 55 callbacks suppressed [ 194.077850][ T26] audit: type=1326 audit(1757201671.707:833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 194.114983][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.121350][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.136704][ T6465] IPVS: set_ctl: invalid protocol: 47 172.30.1.5:20002 [ 194.140772][ T26] audit: type=1326 audit(1757201671.717:834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 194.168622][ T26] audit: type=1326 audit(1757201671.717:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 194.257734][ T26] audit: type=1326 audit(1757201671.717:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 194.308497][ T26] audit: type=1326 audit(1757201671.717:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 194.335323][ T26] audit: type=1326 audit(1757201671.717:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.3.698" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 194.423332][ T26] audit: type=1326 audit(1757201671.767:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 194.662355][ T26] audit: type=1326 audit(1757201671.767:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 194.739326][ T26] audit: type=1326 audit(1757201671.767:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 194.819186][ T26] audit: type=1326 audit(1757201671.767:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6463 comm="syz.4.697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 195.011877][ T6482] syz.2.705[6482] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.011976][ T6482] syz.2.705[6482] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 195.145606][ T6483] loop3: detected capacity change from 0 to 1024 [ 195.248487][ T6487] netlink: 'syz.2.706': attribute type 3 has an invalid length. [ 195.256296][ T6487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.706'. [ 195.265805][ T6487] netlink: 'syz.2.706': attribute type 3 has an invalid length. [ 195.273628][ T6487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.706'. [ 195.282733][ T6487] netlink: 12 bytes leftover after parsing attributes in process `syz.2.706'. [ 195.380042][ T6487] lo speed is unknown, defaulting to 1000 [ 196.070144][ T6483] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 196.249234][ T6483] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 196.323862][ T6483] JBD2: no valid journal superblock found [ 196.363227][ T6483] EXT4-fs (loop3): error loading journal [ 196.396941][ T6492] loop4: detected capacity change from 0 to 128 [ 196.485043][ T6492] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 196.523455][ T6492] ext4 filesystem being mounted at /160/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 196.703162][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 197.198818][ T6504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.710'. [ 198.439934][ T6516] loop4: detected capacity change from 0 to 512 [ 198.561791][ T6516] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 198.589352][ T6516] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 198.687905][ T6525] netlink: 'syz.2.718': attribute type 3 has an invalid length. [ 198.695721][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.718'. [ 198.705230][ T6525] netlink: 'syz.2.718': attribute type 3 has an invalid length. [ 198.712980][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.718'. [ 198.722172][ T6525] netlink: 12 bytes leftover after parsing attributes in process `syz.2.718'. [ 198.814414][ T6525] lo speed is unknown, defaulting to 1000 [ 199.169663][ T6516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #2: comm syz.4.716: corrupted inode contents [ 199.559345][ T6516] EXT4-fs error (device loop4): ext4_dirty_inode:6119: inode #2: comm syz.4.716: mark_inode_dirty error [ 199.640955][ T6530] can0: slcan on ttyS3. [ 199.648744][ T6516] EXT4-fs error (device loop4): ext4_do_update_inode:5254: inode #2: comm syz.4.716: corrupted inode contents [ 199.812113][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 199.842674][ T6530] can0 (unregistered): slcan off ttyS3. [ 200.371188][ T6546] syz.4.722[6546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 200.371325][ T6546] syz.4.722[6546] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 201.580586][ T6571] netlink: 'syz.2.731': attribute type 3 has an invalid length. [ 201.599706][ T6571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.731'. [ 201.609620][ T6571] netlink: 'syz.2.731': attribute type 3 has an invalid length. [ 201.617350][ T6571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.731'. [ 201.626430][ T6571] netlink: 12 bytes leftover after parsing attributes in process `syz.2.731'. [ 201.736604][ T6571] lo speed is unknown, defaulting to 1000 [ 202.435405][ T6574] loop3: detected capacity change from 0 to 1024 [ 202.688092][ T6574] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 202.699196][ T6574] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 202.719320][ T6574] JBD2: no valid journal superblock found [ 202.725145][ T6574] EXT4-fs (loop3): error loading journal [ 202.894018][ T4391] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 204.454569][ T6609] netlink: 'syz.0.742': attribute type 3 has an invalid length. [ 204.462580][ T6609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.742'. [ 204.471776][ T6609] netlink: 'syz.0.742': attribute type 3 has an invalid length. [ 204.479575][ T6609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.742'. [ 204.488485][ T6609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.742'. [ 204.531605][ T6609] lo speed is unknown, defaulting to 1000 [ 205.439004][ T26] kauditd_printk_skb: 16 callbacks suppressed [ 205.439019][ T26] audit: type=1326 audit(1757201683.077:859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.2.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 205.578956][ T26] audit: type=1326 audit(1757201683.077:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.2.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 205.689198][ T26] audit: type=1326 audit(1757201683.077:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.2.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 205.794415][ T26] audit: type=1326 audit(1757201683.077:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.2.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 205.908542][ T26] audit: type=1326 audit(1757201683.077:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6611 comm="syz.2.743" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6666d8ebe9 code=0x7ffc0000 [ 205.944539][ T6621] hub 9-0:1.0: USB hub found [ 205.977706][ T6621] hub 9-0:1.0: 1 port detected [ 206.153105][ T6628] loop2: detected capacity change from 0 to 1024 [ 206.256433][ T6628] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 206.267533][ T6628] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 206.312881][ T6628] JBD2: no valid journal superblock found [ 206.318769][ T6628] EXT4-fs (loop2): error loading journal [ 207.246632][ T6635] loop2: detected capacity change from 0 to 1024 [ 207.450401][ T6635] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 207.552196][ T6635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.749'. [ 207.600061][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 208.349839][ T6656] netlink: 'syz.2.755': attribute type 3 has an invalid length. [ 208.357628][ T6656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.755'. [ 208.367341][ T6656] netlink: 'syz.2.755': attribute type 3 has an invalid length. [ 208.375181][ T6656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.755'. [ 208.384267][ T6656] netlink: 12 bytes leftover after parsing attributes in process `syz.2.755'. [ 208.474942][ T6656] lo speed is unknown, defaulting to 1000 [ 209.624899][ T26] audit: type=1326 audit(1757201687.207:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6668 comm="syz.1.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 209.647809][ T26] audit: type=1326 audit(1757201687.207:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6668 comm="syz.1.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 209.671061][ T26] audit: type=1326 audit(1757201687.207:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6668 comm="syz.1.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 209.693761][ T26] audit: type=1326 audit(1757201687.207:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6668 comm="syz.1.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 209.757748][ T26] audit: type=1326 audit(1757201687.207:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6668 comm="syz.1.759" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 211.118218][ T6692] netlink: 'syz.0.769': attribute type 3 has an invalid length. [ 211.126062][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'. [ 211.135617][ T6692] netlink: 'syz.0.769': attribute type 3 has an invalid length. [ 211.143396][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'. [ 211.152629][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'. [ 211.243565][ T6692] lo speed is unknown, defaulting to 1000 [ 211.919738][ T6695] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in; [ 211.919738][ T6695] program syz.2.771 not setting count and/or reply_len properly [ 212.356644][ T6707] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 212.758163][ T6716] loop3: detected capacity change from 0 to 1024 [ 212.802695][ T6716] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 212.813986][ T6716] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 212.841620][ T6716] JBD2: no valid journal superblock found [ 212.847607][ T6716] EXT4-fs (loop3): error loading journal [ 213.451104][ T6707] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 213.684465][ T6707] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 214.126218][ T6732] netlink: 'syz.3.784': attribute type 3 has an invalid length. [ 214.134207][ T6732] netlink: 12 bytes leftover after parsing attributes in process `syz.3.784'. [ 214.143308][ T6732] netlink: 'syz.3.784': attribute type 3 has an invalid length. [ 214.151102][ T6732] netlink: 12 bytes leftover after parsing attributes in process `syz.3.784'. [ 214.160034][ T6732] netlink: 12 bytes leftover after parsing attributes in process `syz.3.784'. [ 214.213521][ T6733] lo speed is unknown, defaulting to 1000 [ 214.861189][ T6707] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.096102][ T6707] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.166932][ T6707] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.211278][ T6707] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.238105][ T6747] netlink: 12 bytes leftover after parsing attributes in process `syz.3.791'. [ 215.273512][ T6707] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 215.304139][ T6754] netlink: 12 bytes leftover after parsing attributes in process `syz.3.791'. [ 215.478113][ T6752] loop4: detected capacity change from 0 to 512 [ 215.875928][ T6752] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 216.188285][ T6752] EXT4-fs (loop4): 1 truncate cleaned up [ 216.231523][ T6752] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 216.377439][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 216.592012][ T6770] syz.1.794[6770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 216.592153][ T6770] syz.1.794[6770] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 218.811839][ T6779] netlink: 'syz.2.799': attribute type 3 has an invalid length. [ 218.830970][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.799'. [ 218.840573][ T6779] netlink: 'syz.2.799': attribute type 3 has an invalid length. [ 218.848278][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.799'. [ 218.857384][ T6779] netlink: 12 bytes leftover after parsing attributes in process `syz.2.799'. [ 218.952295][ T6779] lo speed is unknown, defaulting to 1000 [ 219.247961][ T6782] loop4: detected capacity change from 0 to 164 [ 219.350982][ T4391] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 220.034509][ T6803] loop4: detected capacity change from 0 to 1024 [ 220.055418][ T6803] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 220.066492][ T6803] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 220.090336][ T6803] JBD2: no valid journal superblock found [ 220.096229][ T6803] EXT4-fs (loop4): error loading journal [ 221.118108][ T6817] netlink: 'syz.2.816': attribute type 3 has an invalid length. [ 221.125997][ T6817] netlink: 12 bytes leftover after parsing attributes in process `syz.2.816'. [ 221.135493][ T6817] netlink: 'syz.2.816': attribute type 3 has an invalid length. [ 221.143290][ T6817] netlink: 12 bytes leftover after parsing attributes in process `syz.2.816'. [ 221.152390][ T6817] netlink: 12 bytes leftover after parsing attributes in process `syz.2.816'. [ 221.243925][ T6817] lo speed is unknown, defaulting to 1000 [ 222.214045][ T6828] capability: warning: `syz.3.821' uses 32-bit capabilities (legacy support in use) [ 222.286149][ T6832] syz.1.813[6832] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.286283][ T6832] syz.1.813[6832] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 222.677786][ T6840] loop4: detected capacity change from 0 to 2048 [ 222.914038][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 222.914073][ T26] audit: type=1326 audit(1757201700.547:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.189715][ T6840] loop4: p3 p4 < > [ 223.414505][ T6840] loop4: p3 start 11362048 is beyond EOD, truncated [ 223.456379][ T26] audit: type=1326 audit(1757201701.027:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.493290][ T26] audit: type=1326 audit(1757201701.027:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.515814][ T26] audit: type=1326 audit(1757201701.027:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.612232][ T26] audit: type=1326 audit(1757201701.037:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.758243][ T6853] netlink: 'syz.2.830': attribute type 3 has an invalid length. [ 223.766150][ T6853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.830'. [ 223.775681][ T6853] netlink: 'syz.2.830': attribute type 3 has an invalid length. [ 223.783425][ T6853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.830'. [ 223.792548][ T6853] netlink: 12 bytes leftover after parsing attributes in process `syz.2.830'. [ 223.819198][ T26] audit: type=1326 audit(1757201701.037:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 223.846689][ T6853] lo speed is unknown, defaulting to 1000 [ 224.606775][ T26] audit: type=1326 audit(1757201701.037:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 224.672215][ T26] audit: type=1326 audit(1757201701.037:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 224.759283][ T26] audit: type=1326 audit(1757201701.037:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 224.829676][ T26] audit: type=1326 audit(1757201701.037:890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6837 comm="syz.4.824" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 225.143349][ T6873] netlink: 44 bytes leftover after parsing attributes in process `syz.4.837'. [ 225.163455][ T6872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.838'. [ 225.173025][ T6873] netlink: 8 bytes leftover after parsing attributes in process `syz.4.837'. [ 225.204578][ T6872] netlink: 8 bytes leftover after parsing attributes in process `syz.2.838'. [ 225.706985][ T6881] loop4: detected capacity change from 0 to 1024 [ 225.810522][ T6881] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 225.821750][ T6881] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 225.844295][ T6881] JBD2: no valid journal superblock found [ 225.850243][ T6881] EXT4-fs (loop4): error loading journal [ 226.905930][ T6892] netlink: 'syz.0.845': attribute type 3 has an invalid length. [ 226.913809][ T6892] __nla_validate_parse: 4 callbacks suppressed [ 226.913839][ T6892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.845'. [ 226.929579][ T6892] netlink: 'syz.0.845': attribute type 3 has an invalid length. [ 226.937292][ T6892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.845'. [ 226.946331][ T6892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.845'. [ 227.038825][ T6892] lo speed is unknown, defaulting to 1000 [ 227.866704][ T6896] loop2: detected capacity change from 0 to 1764 [ 227.956577][ T4391] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 228.053996][ T6902] loop4: detected capacity change from 0 to 2048 [ 228.465755][ T6902] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 229.155181][ T4269] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set [ 229.251808][ T4269] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6165: Corrupt filesystem [ 229.325538][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 229.650310][ T6919] loop2: detected capacity change from 0 to 1024 [ 229.788407][ T6919] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 229.799547][ T6919] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 229.820003][ T6919] JBD2: no valid journal superblock found [ 229.825849][ T6919] EXT4-fs (loop2): error loading journal [ 229.932656][ T6918] loop3: detected capacity change from 0 to 256 [ 230.365686][ T6923] loop4: detected capacity change from 0 to 512 [ 230.573293][ T6923] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 230.619333][ T6923] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 230.711768][ T6923] EXT4-fs error (device loop4): ext4_lookup:1858: inode #12: comm ’: iget: bad i_size value: 2533274857506816 [ 230.725366][ T6927] netlink: 24 bytes leftover after parsing attributes in process `syz.2.858'. [ 230.897289][ T6934] netlink: 'syz.3.859': attribute type 3 has an invalid length. [ 230.905142][ T6934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.859'. [ 230.914258][ T6934] netlink: 'syz.3.859': attribute type 3 has an invalid length. [ 230.921974][ T6934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.859'. [ 230.930997][ T6934] netlink: 12 bytes leftover after parsing attributes in process `syz.3.859'. [ 230.944626][ T6936] lo speed is unknown, defaulting to 1000 [ 231.711695][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 231.898279][ T6944] netlink: 96 bytes leftover after parsing attributes in process `syz.0.864'. [ 232.024496][ T6948] loop3: detected capacity change from 0 to 512 [ 232.098005][ T6948] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 232.181195][ T6948] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 232.207144][ T6948] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.865: corrupted inode contents [ 232.268725][ T6948] EXT4-fs error (device loop3): ext4_dirty_inode:6119: inode #2: comm syz.3.865: mark_inode_dirty error [ 232.363662][ T6948] EXT4-fs error (device loop3): ext4_do_update_inode:5254: inode #2: comm syz.3.865: corrupted inode contents [ 232.701731][ T4274] EXT4-fs (loop3): unmounting filesystem. [ 233.752019][ T6976] netlink: 'syz.0.872': attribute type 3 has an invalid length. [ 233.759970][ T6976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.872'. [ 233.769646][ T6976] netlink: 'syz.0.872': attribute type 3 has an invalid length. [ 233.777365][ T6976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.872'. [ 233.786468][ T6976] netlink: 12 bytes leftover after parsing attributes in process `syz.0.872'. [ 233.879970][ T6976] lo speed is unknown, defaulting to 1000 [ 235.007284][ T6990] loop4: detected capacity change from 0 to 2048 [ 235.048804][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 235.048827][ T26] audit: type=1326 audit(1757201712.677:926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.086053][ T26] audit: type=1326 audit(1757201712.687:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.113061][ T26] audit: type=1326 audit(1757201712.717:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.135848][ T26] audit: type=1326 audit(1757201712.717:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.149683][ T6990] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 235.159748][ T26] audit: type=1326 audit(1757201712.717:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.188909][ T26] audit: type=1326 audit(1757201712.747:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.211353][ T26] audit: type=1326 audit(1757201712.747:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.233718][ T26] audit: type=1326 audit(1757201712.747:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.256083][ T26] audit: type=1326 audit(1757201712.747:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.298881][ T26] audit: type=1326 audit(1757201712.747:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6993 comm="syz.3.880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 235.321891][ T6990] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 235.412290][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 235.881111][ T7010] loop4: detected capacity change from 0 to 1024 [ 235.899482][ T7010] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 235.910545][ T7010] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 235.935215][ T7010] JBD2: no valid journal superblock found [ 235.941178][ T7010] EXT4-fs (loop4): error loading journal [ 236.120388][ T7012] netlink: 'syz.3.886': attribute type 3 has an invalid length. [ 236.128257][ T7012] netlink: 12 bytes leftover after parsing attributes in process `syz.3.886'. [ 236.137652][ T7012] netlink: 'syz.3.886': attribute type 3 has an invalid length. [ 236.145444][ T7012] netlink: 12 bytes leftover after parsing attributes in process `syz.3.886'. [ 236.154469][ T7012] netlink: 12 bytes leftover after parsing attributes in process `syz.3.886'. [ 236.244754][ T7012] lo speed is unknown, defaulting to 1000 [ 237.875549][ T7019] loop2: detected capacity change from 0 to 512 [ 237.939607][ T7019] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 237.968400][ T7019] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a003c11c, mo2=0002] [ 237.989270][ T7019] System zones: 1-12 [ 238.025226][ T7029] syz.0.884[7029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 238.025376][ T7029] syz.0.884[7029] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 238.104957][ T7019] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2195: inode #15: comm syz.2.888: corrupted in-inode xattr [ 238.232985][ T7019] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.888: couldn't read orphan inode 15 (err -117) [ 238.280045][ T7019] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 238.635781][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 239.859449][ T7053] netlink: 'syz.2.897': attribute type 3 has an invalid length. [ 239.867289][ T7053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.897'. [ 239.876880][ T7053] netlink: 'syz.2.897': attribute type 3 has an invalid length. [ 239.884643][ T7053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.897'. [ 239.893857][ T7053] netlink: 12 bytes leftover after parsing attributes in process `syz.2.897'. [ 239.931029][ T7054] lo speed is unknown, defaulting to 1000 [ 240.221498][ T26] kauditd_printk_skb: 30 callbacks suppressed [ 240.221558][ T26] audit: type=1326 audit(1757201717.487:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.423583][ T26] audit: type=1326 audit(1757201717.897:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.541635][ T26] audit: type=1326 audit(1757201718.017:968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.609137][ T26] audit: type=1326 audit(1757201718.017:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.659241][ T26] audit: type=1326 audit(1757201718.017:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.719203][ T26] audit: type=1326 audit(1757201718.017:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 240.873584][ T26] audit: type=1326 audit(1757201718.017:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 241.039482][ T7069] loop3: detected capacity change from 0 to 1024 [ 241.116489][ T7069] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 241.127577][ T7069] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 241.160061][ T7069] JBD2: no valid journal superblock found [ 241.165908][ T7069] EXT4-fs (loop3): error loading journal [ 241.550100][ T26] audit: type=1326 audit(1757201718.047:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 241.720579][ T26] audit: type=1326 audit(1757201718.047:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 241.830338][ T26] audit: type=1326 audit(1757201718.047:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7050 comm="syz.1.899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2f2e98ebe9 code=0x7ffc0000 [ 242.924844][ T7088] netlink: 'syz.2.911': attribute type 3 has an invalid length. [ 242.932719][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.2.911'. [ 242.942258][ T7088] netlink: 'syz.2.911': attribute type 3 has an invalid length. [ 242.950041][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.2.911'. [ 242.959043][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.2.911'. [ 243.048952][ T7088] lo speed is unknown, defaulting to 1000 [ 244.154395][ T7098] loop4: detected capacity change from 0 to 512 [ 244.246934][ T7098] EXT4-fs (loop4): 1 orphan inode deleted [ 244.259662][ T4938] EXT4-fs error (device loop4): ext4_release_dquot:6852: comm kworker/u4:16: Failed to release dquot type 1 [ 244.319808][ T7098] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 244.379505][ T7098] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 244.423454][ T7098] EXT4-fs (loop4): unmounting filesystem. [ 244.565827][ T7108] loop2: detected capacity change from 0 to 1024 [ 244.595907][ T7108] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 244.606924][ T7108] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 244.619057][ T7108] JBD2: no valid journal superblock found [ 244.624954][ T7108] EXT4-fs (loop2): error loading journal [ 244.932338][ T7110] loop4: detected capacity change from 0 to 764 [ 245.018345][ T7112] netlink: 212 bytes leftover after parsing attributes in process `wg1'. [ 246.331035][ T7129] loop2: detected capacity change from 0 to 256 [ 246.401425][ T7131] netlink: 'syz.4.925': attribute type 3 has an invalid length. [ 246.409244][ T7131] netlink: 12 bytes leftover after parsing attributes in process `syz.4.925'. [ 246.426900][ T7131] netlink: 'syz.4.925': attribute type 3 has an invalid length. [ 246.434731][ T7131] netlink: 12 bytes leftover after parsing attributes in process `syz.4.925'. [ 246.443812][ T7131] netlink: 12 bytes leftover after parsing attributes in process `syz.4.925'. [ 246.539839][ T7131] lo speed is unknown, defaulting to 1000 [ 246.884092][ T7129] FAT-fs (loop2): count of clusters too big (178174) [ 247.201370][ T7129] FAT-fs (loop2): Can't find a valid FAT filesystem [ 247.451346][ T7136] loop2: detected capacity change from 0 to 1024 [ 247.516591][ T7136] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 247.696268][ T26] kauditd_printk_skb: 2 callbacks suppressed [ 247.696283][ T26] audit: type=1326 audit(1757201725.327:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 247.710791][ T7136] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 247.793200][ T26] audit: type=1326 audit(1757201725.327:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 247.864264][ T7144] loop4: detected capacity change from 0 to 512 [ 247.875439][ T26] audit: type=1326 audit(1757201725.327:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 247.888229][ T7144] EXT4-fs: Ignoring removed bh option [ 247.952939][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 247.978274][ T26] audit: type=1326 audit(1757201725.327:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 248.031361][ T26] audit: type=1326 audit(1757201725.337:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7141 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4be578ebe9 code=0x7ffc0000 [ 248.063515][ T7144] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 248.083795][ T7144] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 248.343620][ T4269] EXT4-fs (loop4): unmounting filesystem. [ 248.694461][ T26] audit: type=1326 audit(1757201726.327:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 248.800090][ T26] audit: type=1326 audit(1757201726.377:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 248.880634][ T26] audit: type=1326 audit(1757201726.377:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 248.898436][ T7168] loop2: detected capacity change from 0 to 1024 [ 248.917951][ T26] audit: type=1326 audit(1757201726.377:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 248.946756][ T26] audit: type=1326 audit(1757201726.387:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.0.935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe756b8ebe9 code=0x7ffc0000 [ 248.997673][ T7154] bond2 (unregistering): Released all slaves [ 249.020350][ T7168] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 249.028930][ T7168] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 249.169546][ T4267] EXT4-fs (loop2): unmounting filesystem. [ 249.237779][ T7174] loop3: detected capacity change from 0 to 1024 [ 249.377831][ T7174] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 249.388921][ T7174] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 249.402981][ T7174] JBD2: no valid journal superblock found [ 249.408749][ T7174] EXT4-fs (loop3): error loading journal [ 249.936411][ T7183] netlink: 'syz.2.938': attribute type 3 has an invalid length. [ 249.944267][ T7183] netlink: 12 bytes leftover after parsing attributes in process `syz.2.938'. [ 249.953809][ T7183] netlink: 'syz.2.938': attribute type 3 has an invalid length. [ 249.961594][ T7183] netlink: 12 bytes leftover after parsing attributes in process `syz.2.938'. [ 249.970685][ T7183] netlink: 12 bytes leftover after parsing attributes in process `syz.2.938'. [ 250.062050][ T7183] lo speed is unknown, defaulting to 1000 [ 250.843859][ T7191] loop2: detected capacity change from 0 to 1764 [ 251.503756][ T7184] syz.0.940[7184] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 251.503901][ T7184] syz.0.940[7184] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 252.027240][ T7206] loop3: detected capacity change from 0 to 764 [ 252.141316][ T7206] rock: corrupted directory entry. extent=32, offset=2044, size=237 [ 252.195730][ T7206] Symlink component flag not implemented [ 252.224894][ T7206] Symlink component flag not implemented (7) [ 252.537809][ T7210] netlink: 20 bytes leftover after parsing attributes in process `syz.3.948'. [ 253.523077][ T26] kauditd_printk_skb: 12 callbacks suppressed [ 253.523093][ T26] audit: type=1326 audit(1757201731.157:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 253.666939][ T26] audit: type=1326 audit(1757201731.187:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 253.734611][ T26] audit: type=1326 audit(1757201731.197:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 253.809244][ T26] audit: type=1326 audit(1757201731.197:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 253.876066][ T26] audit: type=1326 audit(1757201731.197:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 253.919805][ T26] audit: type=1326 audit(1757201731.207:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=239 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 254.007984][ T7224] netlink: 'syz.3.953': attribute type 3 has an invalid length. [ 254.016009][ T7224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.953'. [ 254.025580][ T7224] netlink: 'syz.3.953': attribute type 3 has an invalid length. [ 254.033335][ T7224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.953'. [ 254.042399][ T7224] netlink: 12 bytes leftover after parsing attributes in process `syz.3.953'. [ 254.134812][ T7224] lo speed is unknown, defaulting to 1000 [ 254.787294][ T26] audit: type=1326 audit(1757201731.207:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 254.861960][ T26] audit: type=1326 audit(1757201731.207:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 254.904808][ T26] audit: type=1326 audit(1757201731.207:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 254.968125][ T26] audit: type=1326 audit(1757201731.207:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7213 comm="syz.3.949" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd3c9b8ebe9 code=0x7ffc0000 [ 255.159730][ T7231] loop3: detected capacity change from 0 to 256 [ 255.226969][ T7231] FAT-fs (loop3): Directory bread(block 64) failed [ 255.243743][ T7231] FAT-fs (loop3): Directory bread(block 65) failed [ 255.265273][ T7231] FAT-fs (loop3): Directory bread(block 66) failed [ 255.289222][ T7231] FAT-fs (loop3): Directory bread(block 67) failed [ 255.296275][ T7231] FAT-fs (loop3): Directory bread(block 68) failed [ 255.313913][ T7231] FAT-fs (loop3): Directory bread(block 69) failed [ 255.397850][ T7235] loop4: detected capacity change from 0 to 1024 [ 255.425000][ T7235] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 255.436054][ T7235] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 255.457047][ T7235] JBD2: no valid journal superblock found [ 255.462963][ T7235] EXT4-fs (loop4): error loading journal [ 255.500117][ T7231] FAT-fs (loop3): Directory bread(block 70) failed [ 255.520648][ T7231] FAT-fs (loop3): Directory bread(block 71) failed [ 255.559776][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.566230][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.609689][ T7231] FAT-fs (loop3): Directory bread(block 72) failed [ 255.685711][ T7231] FAT-fs (loop3): Directory bread(block 73) failed [ 256.246811][ T7243] loop3: detected capacity change from 0 to 2048 [ 256.292728][ T7238] loop2: detected capacity change from 0 to 8192 [ 256.324870][ T7243] loop3: p1 p3 p4 [ 256.337023][ T7243] loop3: p4 size 589824 extends beyond EOD, truncated [ 256.905618][ T4419] udevd[4419]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 256.928689][ T5272] udevd[5272]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 256.942911][ T4375] udevd[4375]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 256.999278][ T7249] [ 257.001682][ T7249] ====================================================== [ 257.008728][ T7249] WARNING: possible circular locking dependency detected [ 257.015790][ T7249] syzkaller #0 Not tainted [ 257.020340][ T7249] ------------------------------------------------------ [ 257.027382][ T7249] syz.2.964/7249 is trying to acquire lock: [ 257.033482][ T7249] ffff88802f24cc58 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable+0x1d/0x60 [ 257.043201][ T7249] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 257.043201][ T7249] but task is already holding lock: [ 257.050585][ T7249] ffff888053362220 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 257.061528][ T7249] [ 257.061528][ T7249] which lock already depends on the new lock. [ 257.061528][ T7249] [ 257.071980][ T7249] [ 257.071980][ T7249] the existing dependency chain (in reverse order) is: [ 257.081011][ T7249] [ 257.081011][ T7249] -> #1 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}: [ 257.089830][ T7249] down_write+0x36/0x60 [ 257.094621][ T7249] process_measurement+0x33c/0x1a10 [ 257.100375][ T7249] ima_file_mmap+0x104/0x150 [ 257.105514][ T7249] __se_sys_remap_file_pages+0x53e/0x770 [ 257.111689][ T7249] do_syscall_64+0x4c/0xa0 [ 257.116639][ T7249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 257.123164][ T7249] [ 257.123164][ T7249] -> #0 (&mm->mmap_lock){++++}-{3:3}: [ 257.130746][ T7249] __lock_acquire+0x2cf8/0x7c50 [ 257.136147][ T7249] lock_acquire+0x1b4/0x490 [ 257.141293][ T7249] down_read_killable+0x4c/0x340 [ 257.146804][ T7249] mmap_read_lock_killable+0x1d/0x60 [ 257.152637][ T7249] lock_mm_and_find_vma+0x2b1/0x2f0 [ 257.158371][ T7249] do_user_addr_fault+0x2db/0xb10 [ 257.163930][ T7249] exc_page_fault+0x60/0x100 [ 257.169055][ T7249] asm_exc_page_fault+0x22/0x30 [ 257.174439][ T7249] fault_in_readable+0x13e/0x1f0 [ 257.180003][ T7249] fault_in_iov_iter_readable+0xbb/0x2e0 [ 257.186177][ T7249] generic_perform_write+0x1d2/0x560 [ 257.191999][ T7249] __generic_file_write_iter+0x172/0x430 [ 257.198168][ T7249] generic_file_write_iter+0xab/0x2e0 [ 257.204077][ T7249] vfs_write+0x44c/0x960 [ 257.208854][ T7249] ksys_write+0x143/0x240 [ 257.213717][ T7249] do_syscall_64+0x4c/0xa0 [ 257.218675][ T7249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 257.225108][ T7249] [ 257.225108][ T7249] other info that might help us debug this: [ 257.225108][ T7249] [ 257.235338][ T7249] Possible unsafe locking scenario: [ 257.235338][ T7249] [ 257.242792][ T7249] CPU0 CPU1 [ 257.248177][ T7249] ---- ---- [ 257.253545][ T7249] lock(&sb->s_type->i_mutex_key#12); [ 257.259019][ T7249] lock(&mm->mmap_lock); [ 257.265878][ T7249] lock(&sb->s_type->i_mutex_key#12); [ 257.273869][ T7249] lock(&mm->mmap_lock); [ 257.278211][ T7249] [ 257.278211][ T7249] *** DEADLOCK *** [ 257.278211][ T7249] [ 257.286358][ T7249] 3 locks held by syz.2.964/7249: [ 257.291390][ T7249] #0: ffff88804a80e368 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ae/0x360 [ 257.300633][ T7249] #1: ffff88807b05a460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x256/0x960 [ 257.309571][ T7249] #2: ffff888053362220 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0 [ 257.320917][ T7249] [ 257.320917][ T7249] stack backtrace: [ 257.326832][ T7249] CPU: 1 PID: 7249 Comm: syz.2.964 Not tainted syzkaller #0 [ 257.334123][ T7249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 257.344197][ T7249] Call Trace: [ 257.347486][ T7249] [ 257.350445][ T7249] dump_stack_lvl+0x168/0x22e [ 257.355151][ T7249] ? load_image+0x3b0/0x3b0 [ 257.359673][ T7249] ? show_regs_print_info+0x12/0x12 [ 257.364899][ T7249] ? print_circular_bug+0x12b/0x1a0 [ 257.370127][ T7249] check_noncircular+0x274/0x310 [ 257.375085][ T7249] ? add_chain_block+0x940/0x940 [ 257.380040][ T7249] ? lockdep_lock+0xdc/0x1e0 [ 257.384649][ T7249] ? __lock_acquire+0x12e5/0x7c50 [ 257.389693][ T7249] ? _find_first_zero_bit+0xcf/0x100 [ 257.395012][ T7249] __lock_acquire+0x2cf8/0x7c50 [ 257.399892][ T7249] ? verify_lock_unused+0x140/0x140 [ 257.405107][ T7249] ? verify_lock_unused+0x140/0x140 [ 257.410331][ T7249] ? memset+0x1e/0x40 [ 257.414335][ T7249] lock_acquire+0x1b4/0x490 [ 257.418853][ T7249] ? mmap_read_lock_killable+0x1d/0x60 [ 257.424338][ T7249] ? read_lock_is_recursive+0x10/0x10 [ 257.429724][ T7249] ? cmp_ex_search+0x1a/0x70 [ 257.434326][ T7249] ? bsearch+0x8a/0xb0 [ 257.438409][ T7249] ? fault_in_readable+0x13e/0x1f0 [ 257.443533][ T7249] ? search_extable+0x8c/0xd0 [ 257.448257][ T7249] ? trim_init_extable+0x3b0/0x3b0 [ 257.453383][ T7249] ? mmap_read_lock_killable+0x1d/0x60 [ 257.458859][ T7249] down_read_killable+0x4c/0x340 [ 257.463823][ T7249] ? mmap_read_lock_killable+0x1d/0x60 [ 257.469305][ T7249] mmap_read_lock_killable+0x1d/0x60 [ 257.474611][ T7249] lock_mm_and_find_vma+0x2b1/0x2f0 [ 257.479831][ T7249] do_user_addr_fault+0x2db/0xb10 [ 257.484869][ T7249] ? _raw_spin_unlock_irq+0x1f/0x40 [ 257.490089][ T7249] exc_page_fault+0x60/0x100 [ 257.494695][ T7249] asm_exc_page_fault+0x22/0x30 [ 257.499555][ T7249] RIP: 0010:fault_in_readable+0x13e/0x1f0 [ 257.505296][ T7249] Code: 88 eb c4 ff 4d 89 f4 49 81 cc ff 0f 00 00 4d 89 f7 49 01 dc 49 81 e4 00 f0 ff ff 4d 39 e6 77 44 e8 67 eb c4 ff 4d 39 e7 74 47 <41> 8a 07 88 44 24 07 49 81 c7 00 10 00 00 4d 39 e7 74 07 e8 4a eb [ 257.525008][ T7249] RSP: 0018:ffffc9000397fa90 EFLAGS: 00050287 [ 257.531265][ T7249] RAX: ffffffff81bbe4b9 RBX: 0000000000001000 RCX: 0000000000080000 [ 257.539245][ T7249] RDX: ffffc90005c9a000 RSI: 000000000004d262 RDI: 000000000004d263 [ 257.547225][ T7249] RBP: 0000000000000000 R08: ffff88802c583b80 R09: 0000000000000002 [ 257.555216][ T7249] R10: 0000000000000006 R11: 0000000000000002 R12: 00002000002bb000 [ 257.563211][ T7249] R13: dffffc0000000000 R14: 00002000002ba000 R15: 00002000002ba000 [ 257.571232][ T7249] ? fault_in_readable+0x139/0x1f0 [ 257.576370][ T7249] fault_in_iov_iter_readable+0xbb/0x2e0 [ 257.582029][ T7249] generic_perform_write+0x1d2/0x560 [ 257.587327][ T7249] ? atime_needs_update+0x780/0x780 [ 257.592535][ T7249] ? generic_file_direct_write+0x660/0x660 [ 257.598350][ T7249] ? __file_remove_privs+0x5b0/0x5b0 [ 257.603648][ T7249] ? preempt_count_add+0x8d/0x190 [ 257.608753][ T7249] ? rwsem_write_trylock+0x12f/0x1b0 [ 257.614078][ T7249] ? clear_nonspinnable+0x60/0x60 [ 257.619145][ T7249] ? generic_write_checks_count+0x3d9/0x4c0 [ 257.625082][ T7249] __generic_file_write_iter+0x172/0x430 [ 257.630769][ T7249] generic_file_write_iter+0xab/0x2e0 [ 257.636166][ T7249] vfs_write+0x44c/0x960 [ 257.640450][ T7249] ? file_end_write+0x250/0x250 [ 257.645412][ T7249] ? __fget_files+0x44a/0x4d0 [ 257.650121][ T7249] ? __fdget_pos+0x2ae/0x360 [ 257.654742][ T7249] ? ksys_write+0x71/0x240 [ 257.659282][ T7249] ksys_write+0x143/0x240 [ 257.663699][ T7249] ? __ia32_sys_read+0x80/0x80 [ 257.668587][ T7249] ? lockdep_hardirqs_on+0x94/0x140 [ 257.673811][ T7249] do_syscall_64+0x4c/0xa0 [ 257.678249][ T7249] ? clear_bhb_loop+0x60/0xb0 [ 257.682960][ T7249] ? clear_bhb_loop+0x60/0xb0 [ 257.687653][ T7249] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 257.693577][ T7249] RIP: 0033:0x7f6666d8ebe9 [ 257.698053][ T7249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.717737][ T7249] RSP: 002b:00007f6667c9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 257.726172][ T7249] RAX: ffffffffffffffda RBX: 00007f6666fc5fa0 RCX: 00007f6666d8ebe9 [ 257.734246][ T7249] RDX: 000000000208e24b RSI: 0000200000000000 RDI: 0000000000000004 [ 257.742245][ T7249] RBP: 00007f6666e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 257.750359][ T7249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.758347][ T7249] R13: 00007f6666fc6038 R14: 00007f6666fc5fa0 R15: 00007fff9af69438 [ 257.766346][ T7249] [ 258.033224][ T4419] udevd[4419]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory [ 258.046296][ T4375] udevd[4375]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory [ 258.059834][ T5272] udevd[5272]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 258.079276][ T48] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 258.086690][ T48] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 258.130747][ T48] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 258.139360][ T48] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 258.146694][ T48] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 258.155863][ T48] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 258.167600][ T4271] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 258.176565][ T4271] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 258.183818][ T4271] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 258.192953][ T4271] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 258.200318][ T4271] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 258.207464][ T4271] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 258.236572][ T7253] lo speed is unknown, defaulting to 1000 [ 258.818982][ T4683] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 258.882504][ T7253] chnl_net:caif_netlink_parms(): no params data found [ 258.914961][ T4683] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.000560][ T7253] bridge0: port 1(bridge_slave_0) entered blocking state [ 259.007747][ T7253] bridge0: port 1(bridge_slave_0) entered disabled state [ 259.020109][ T7253] device bridge_slave_0 entered promiscuous mode [ 259.030835][ T4683] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.042777][ T7253] bridge0: port 2(bridge_slave_1) entered blocking state [ 259.053454][ T7253] bridge0: port 2(bridge_slave_1) entered disabled state [ 259.063303][ T7253] device bridge_slave_1 entered promiscuous mode [ 259.073494][ T4683] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 259.154352][ T7253] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 259.173545][ T7253] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 259.234434][ T7253] team0: Port device team_slave_0 added [ 259.277515][ T7253] team0: Port device team_slave_1 added [ 259.343396][ T4683] tipc: Disabling bearer [ 259.359226][ T4683] tipc: Left network mode [ 259.359725][ T7253] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 259.379748][ T7253] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.441283][ T7253] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 259.489570][ T7253] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 259.496571][ T7253] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 259.534532][ T7253] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 259.593375][ T7253] device hsr_slave_0 entered promiscuous mode [ 259.610349][ T7253] device hsr_slave_1 entered promiscuous mode [ 259.629180][ T7253] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 259.639152][ T7253] Cannot create hsr debugfs directory [ 259.887987][ T7253] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 259.903615][ T7253] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 259.934149][ T7253] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 259.951843][ T7253] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 260.138411][ T7253] 8021q: adding VLAN 0 to HW filter on device bond0 [ 260.154594][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 260.165818][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 260.181063][ T7253] 8021q: adding VLAN 0 to HW filter on device team0 [ 260.249247][ T4271] Bluetooth: hci5: command 0x0409 tx timeout [ 260.291272][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 260.300524][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 260.309002][ T5002] bridge0: port 1(bridge_slave_0) entered blocking state [ 260.316160][ T5002] bridge0: port 1(bridge_slave_0) entered forwarding state [ 260.324400][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 260.333759][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 260.344106][ T5002] bridge0: port 2(bridge_slave_1) entered blocking state [ 260.351253][ T5002] bridge0: port 2(bridge_slave_1) entered forwarding state [ 260.359485][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 260.396053][ T4683] device hsr_slave_0 left promiscuous mode [ 260.402706][ T4683] device hsr_slave_1 left promiscuous mode [ 260.413563][ T4683] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 260.422908][ T4683] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 260.430999][ T4683] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 260.438433][ T4683] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 260.446437][ T4683] device bridge_slave_1 left promiscuous mode [ 260.453235][ T4683] bridge0: port 2(bridge_slave_1) entered disabled state [ 260.463700][ T4683] device bridge_slave_0 left promiscuous mode [ 260.470245][ T4683] bridge0: port 1(bridge_slave_0) entered disabled state [ 260.483184][ T4683] device veth1_macvtap left promiscuous mode [ 260.489603][ T4683] device veth0_macvtap left promiscuous mode [ 260.495698][ T4683] device veth1_vlan left promiscuous mode [ 260.503643][ T4683] device veth0_vlan left promiscuous mode [ 260.858149][ T4683] team0 (unregistering): Port device team_slave_1 removed [ 260.891258][ T4683] team0 (unregistering): Port device team_slave_0 removed [ 260.921415][ T4683] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 260.952814][ T4683] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 261.041162][ T4683] bond0 (unregistering): Released all slaves [ 261.106338][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 261.116261][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 261.125533][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 261.152858][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 261.161627][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 261.172271][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 261.182408][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 261.191080][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 261.199851][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 261.208295][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 261.218763][ T7253] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 261.265474][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 261.597956][ T4684] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 261.605749][ T4684] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 261.635355][ T7253] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 261.654831][ T4683] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.731651][ T4683] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.791668][ T4683] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.843525][ T4683] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.990533][ T4683] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.063025][ T4683] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.151922][ T4683] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.186360][ T4684] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 262.199821][ T4684] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 262.230625][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 262.239506][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 262.257953][ T7253] device veth0_vlan entered promiscuous mode [ 262.272424][ T4683] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.291674][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 262.309697][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 262.321599][ T7253] device veth1_vlan entered promiscuous mode [ 262.329452][ T4271] Bluetooth: hci5: command 0x041b tx timeout [ 262.378954][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 262.389039][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 262.398881][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 262.415761][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 262.436566][ T7253] device veth0_macvtap entered promiscuous mode [ 262.475815][ T7253] device veth1_macvtap entered promiscuous mode [ 262.488184][ T4683] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.516213][ T7253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.531007][ T7253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.542640][ T7253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 262.553624][ T7253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.567051][ T7253] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 262.577954][ T4683] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.592260][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 262.600830][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 262.608864][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 262.635022][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 262.651539][ T7253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.670521][ T7253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.689373][ T7253] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 262.705806][ T7253] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 262.720350][ T7253] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 262.728574][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 262.741171][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 262.759533][ T4683] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.775544][ T7253] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.784845][ T7253] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.793929][ T7253] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.803603][ T7253] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 262.846042][ T4683] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.873537][ T7253] ieee80211 phy13: Selected rate control algorithm 'minstrel_ht' [ 262.909960][ T5002] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 262.917830][ T5002] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 262.931950][ T7253] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht' [ 262.949236][ T5086] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 263.039317][ T5086] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 263.047184][ T5086] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 263.071035][ T5002] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 264.607388][ T4683] device hsr_slave_0 left promiscuous mode [ 264.615248][ T4683] device hsr_slave_1 left promiscuous mode [ 264.625325][ T4683] device hsr_slave_0 left promiscuous mode [ 264.634379][ T4683] device hsr_slave_1 left promiscuous mode [ 264.643317][ T4683] device hsr_slave_0 left promiscuous mode [ 264.652069][ T4683] device hsr_slave_1 left promiscuous mode [ 264.658477][ T4683] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 264.666949][ T4683] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 264.676512][ T4683] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 264.684781][ T4683] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 264.694767][ T4683] device bridge_slave_1 left promiscuous mode [ 264.701463][ T4683] bridge0: port 2(bridge_slave_1) entered disabled state [ 264.715308][ T4683] device bridge_slave_0 left promiscuous mode [ 264.721613][ T4683] bridge0: port 1(bridge_slave_0) entered disabled state [ 264.739613][ T4683] device veth1_macvtap left promiscuous mode [ 264.745771][ T4683] device veth0_macvtap left promiscuous mode [ 264.752305][ T4683] device veth1_vlan left promiscuous mode [ 264.758121][ T4683] device veth0_vlan left promiscuous mode [ 264.765368][ T4683] device veth1_macvtap left promiscuous mode [ 264.771925][ T4683] device veth0_macvtap left promiscuous mode [ 264.778024][ T4683] device veth1_vlan left promiscuous mode [ 264.784134][ T4683] device veth0_vlan left promiscuous mode [ 264.791315][ T4683] device veth1_macvtap left promiscuous mode [ 264.797502][ T4683] device veth0_macvtap left promiscuous mode [ 264.803964][ T4683] device veth1_vlan left promiscuous mode [ 264.810224][ T4683] device veth0_vlan left promiscuous mode [ 265.102946][ T4683] bond1 (unregistering): Released all slaves [ 265.410633][ T4683] bond0 (unregistering): Released all slaves [ 265.587033][ T4683] team0 (unregistering): Port device team_slave_1 removed [ 265.610647][ T4683] team0 (unregistering): Port device team_slave_0 removed [ 265.633522][ T4683] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 265.657219][ T4683] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 265.702959][ T4683] bond0 (unregistering): Released all slaves [ 265.815596][ T4683] team0 (unregistering): Port device team_slave_1 removed [ 265.844712][ T4683] team0 (unregistering): Port device team_slave_0 removed [ 265.874011][ T4683] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 265.903900][ T4683] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 265.956734][ T4683] bond0 (unregistering): Released all slaves [ 265.987225][ T4311] lo speed is unknown, defaulting to 1000 [ 266.915904][ T4683] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 266.953494][ T4683] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0