last executing test programs: 4m44.541983095s ago: executing program 2 (id=2435): r0 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c) r1 = socket$netlink(0x10, 0x3, 0x4) write(r1, &(0x7f0000005c00)="2700000014000707030e0000120f0a0011000100f5fe0012ff000000078a151f75080039000500", 0x27) 4m44.464791915s ago: executing program 2 (id=2438): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000040)=0x80000001, 0x4) sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f00000000c0)="4435c61bc9a1f1ed51c7b06188c682bd59fde0261c9bc2b1f66724ea02", 0x1d, 0x850, 0x0, 0x0) 4m44.434089015s ago: executing program 2 (id=2441): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001280)={0x28, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}}, 0x28}}, 0x0) 4m44.345160345s ago: executing program 2 (id=2443): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x2400, 0x0) 4m44.344764565s ago: executing program 2 (id=2444): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000400000000000000000000850000005000000085000000d000000095"], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r0}, 0xe) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0xc9028ba210c11f88) ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x8, 0x2, 0x80400, 0x20000200a, 0x800}) 4m44.091904305s ago: executing program 2 (id=2452): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x400, 0x0) 4m44.039783444s ago: executing program 32 (id=2452): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002080)={&(0x7f0000000300)='kfree\x00', r0}, 0x10) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x400, 0x0) 1m48.292890557s ago: executing program 1 (id=10541): syz_mount_image$vfat(&(0x7f0000001200), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="002918d910d46be7099c66b02010b1f0b7c3dc1dabe625969fb0adc922385af53d57a1d35dd71c90d9dd649b53142dd3d4108b4c7db82e8475d5bb6fa2fa626cd92c7326ce1ba2f33b0aef2b2164e01d910058b51684696959ea7f5a607a6572d2640cf9312a07000000260e3651a0cbfd2c080990fb4c76e9e613a759863734a70d0600ec77e8ba76aacbb21e4b903aa4873a9951f269a9c0f87805a1a0cbdf6b8644a1de05a8d9dd9687d67c8af7f68cb59e60d1fbefb49b93d6b72cce4162edc4468a13987d94d428df36915621aeff6dc1358a7331fa69e05c417c2e1e6b8dc29c496c76d02dfc2d7b48616fb3f01b221f4f8f484a00090964922de8909a1f9f7ef655a12a68a56cb341a8fba4cd81cedec9cb518d13d2a2564427b63b037494748a24daa21fe1256df68d000b2778bf0437cc642cd83c5a1b34eeffdf93ecbd85bb340eeef68dd60101769c74f94d217264c171feea0305bfc87c36247d90b129a9973f00000001d99b195d2f75653a0193672783c6dbca5d1445110621d8095064f0a034f492cf5aa4767a772d6f4967722546bfd83d3202f76c20a9d7f40f9e7818d77129df7fd072804e0227ecaa03dddd303a318d6f7763ce011543587e6a306780ca2f37db7e8a5b64a5059ac91ff2110e40ea13d70e1504653ba9eebcf61b427797fb3fd79d2bb9aaa13c9729fe323c4ac222991981381e004684fb200b17d2f6ede181067662ad8a31f45b613869ca8fc5b1dbe62407a1f6dcb86a4c430210e9bcfca9b83283b87316c4d17f388e0bab0500000092a82e12f8e5348f11e7739033e9081bfc598746cf032fa55d9581470000000019ac65f89ca7d96da3ca2db52f8ec80462fddf42dbbca24b7200"/643], 0x1, 0x120b, &(0x7f0000002300)="$eJzs3M9rXFUUB/CTNv1hajJRa7UF6UE3unk2WbhyEyQF6YDSNoVWEF7NRIeZzIS8ITBFbHdu/TvEpTtB/AeyceNacJeNyy7EJ84LtglxEcFOWz6fzRzm3i9zH28YeJd7Zu/9bzZ7G1WxUY7ixMxMzG5F5MOMjBNxMhoP4p1bv/z6xo3bd66ttNur1zOvrtxcei8zFy7/+MmX37350+jcre8XfjgTu4uf7v2+/Nvuhd2Le3/e/KJbZbfKwXCUZd4dDkfl3X4n17tVr8j8uN8pq052B1Vn+8D4Rn+4tTXOcrA+P7e13amqLAfj7HXGORrmaHuc5edld5BFUeT8XPDfnY61bx/WdR1R16fidNR1Xb8Qc3EuXoz5WIhWLMZL8XK8Eufj1bgQr8XrcXEya9orBwAAAAAAAAAAAAAAAAAAgOeL/n8AAAAAAAAAAAAAAAAAAACYPv3/AAAAAAAAAAAAAAAAAAAAMH36/wEAAAAAAAAAAAAAAAAAAGD6bty+c22l3V69nnk2YvPrnbWdtea1GV/ZiG70oxNXohV/xKT7v9HUVz9sr17JicV4d/P+fv7+ztrJg/mlyd8JHJlfavJ5MH8m5h7PL0crzh+dXz4yfzbefuuxfBGt+PmzGEY/1uPv7KP8V0uZH3zUPpS/NJkHAAAAz4Mi/3Hk83tR5MxMM/XQePPmv+8P1K1D+wOHnq9n49LsFC+ciWp8r1f2+53tZ6vY/0rGvV55+WlYj+IYxf69e/C0rOcZLU5FxP/4EVP8UeKJeXTTp70SAAAAAAAAAAAAjuMYBwNnm/O2xz9OOO1rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5iB44FAAAAAIT5W6fRsQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFcFAAD//78558w=") bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000001300)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') 1m48.085019697s ago: executing program 1 (id=10544): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}}, 0x20050800) 1m48.063680377s ago: executing program 1 (id=10545): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) mount_setattr(0xffffffffffffffff, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0xb}, 0x20) 1m47.977057206s ago: executing program 1 (id=10547): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000180)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@norecovery}]}, 0x9, 0x60c, &(0x7f00000001c0)="$eJzs3c9vFGUfAPDvTH/Svrwt5M2reJAmxkCitLSAIcZEiFdC8MfNU6WFIIUSWqNFEkuCF43x4sHEkwfxv1ASrx68evDiyZA0xnAQg7JmtrNl2+2W7XZ/tN3PJxn6zAw7z3fKfnmeffaZmQA61kj2RxpxICKuJRFDZfu6I985svz37v9x83y2JFEovPl7Ejc/ShbLj5XkPwfzF/8zFMlPacT+rsp65xZuXJ6cmZm+nq+PzV+5Nja3cOPIpSuTF6cvTl+deGni5InjJ06OH93S+e0tK5+5/e77Q5+cffubrx4m49/+cjaJU/Eojy07r7Wv7dtSzdnvbCQKyx6Ub89+rye3eOzt4s+h0vvksWTtBratC/n7sScinoqh6Cr71xyKj19va3BAUxWSKLVRQMdJ6sr//sYHArRYqR9Q+my/3ufgSmmTeyVAKyydXh4AWM79nogo5X/38thg9BfHBgbuJ6vGeZKI2NrI3LKsjh9/OHs7W6LKOBzQHIu3SqPca9v/pJibw9FfXBu4n67K/7Rsyba/UWf9I2vW5T+0zuKtiHg6b/97o+78f6fO+uU/AAAAAAAANM7d0xHx4nrz/9KV+T+968z/GYyIUw2o/8nf/6X38kLSgOqAMkunI16pmP/7d/ns4OGu/Hv+vcX5AD3phUsz00cj4r8RcTh6+rL18dWHXTVB+Mhn+7+sVn/5/L9syeovzQXMD3Wve82FuFOT85ONOXvobEu3Ip4pzv89mG9ZPf8na/+Tivb/09eyBL9WYx37n79zrtq+J+c/0CyFryMOrXv9z+PudrLx/TnGiv2BsVKvoNKzH37+XbX65T+0T9b+D2yc/31J+f165jZ3/N6IOLbQXai2v97+f2/yVlfp+JkPJufnr49H9CZnKrdPbC5m2K1K+VDKlyz/Dz+38fjfSv+/LA/3RMRijXX+/9Hgr9X2af+hfbL8n9q4/R9e3f5vttAfE3eGv89vMVbhXE3t//Fim34432L8D8pV3o+j1gRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMOlEfGfSNLRlXKajo5GDEbE/2IgnZmdm3/hwux7V6eyfauf/z+0vJ6Unv8/XLY+sWb9WETsi4gvuvYU10fPz85MtfvkAQAAAAAAAAAAAAAAAAAAYJsYLF7zX+hbe/1/5reudkcHNF13/lO+Q+fprvuVhb6GBgK0XP35D+x0ted/T1PjAFqvev4/eFgoamk4QAvp/0PnqjP/fV0Au4D2HzpVjWN6/c2OA2iHmtv/pebGAQAAAAAANMS+g3d/TiJi8eU9xSXTm+8z2R92t7TdAQBtYw4vdK7u2XZHALSLz/hAslL6a92L/avP/k+aExAAAAAAAAAAAAAAUOHQAdf/Q6dKIzZ4hLe5/bCbbXD9/3rJ73YBsItUf/RHLW1/oocAO5jP+MCT2nHX/wMAAAAAAAAAAADANtB/4/LkzMz09bmFnVd4dXuEsbnC4uS2CKOhhUfNOXJPRGyPE2x1oXQLjjaG0eb/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBX/BgAA///kYDBi") mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') syz_usb_connect(0x2, 0x0, 0x0, 0x0) creat(&(0x7f0000000100)='./bus\x00', 0x44) open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) 1m47.398009415s ago: executing program 1 (id=10557): r0 = socket$kcm(0x10, 0x2, 0x0) io_setup(0x1, 0x0) writev(0xffffffffffffffff, &(0x7f0000000040), 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x3e1, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081084e81f782db44b904021d080006007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) 1m47.212503605s ago: executing program 1 (id=10566): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8000000000000000}, 0x18) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r2, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0) 1m47.177578844s ago: executing program 33 (id=10566): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r1, 0x0, 0x8000000000000000}, 0x18) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r2, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00008, 0x0, 0x50032, 0xffffffffffffffff, 0x0) 1.317959804s ago: executing program 0 (id=14743): perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x3c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VT_ACTIVATE(r0, 0x4b4a, 0x10000000000004) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', 0x0}) bpf$MAP_CREATE(0x0, &(0x7f0000001d40)=@base={0x1, 0xb, 0x100005, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50) 1.138852053s ago: executing program 0 (id=14757): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000200), &(0x7f0000000400)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) r2 = socket$inet(0x2, 0x2, 0x0) sendmsg$inet(r2, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000) 1.080643923s ago: executing program 0 (id=14762): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x18) bpf$MAP_CREATE(0x0, 0x0, 0x48) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB="3c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b03000000000000140012800b00010067656e65766500000400028008000a00", @ANYRES32], 0x3c}}, 0x0) 898.081292ms ago: executing program 0 (id=14767): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r0, &(0x7f0000000300)={0xa, 0xfffc, 0x0, @private1}, 0x1c) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) sendto$inet6(r0, &(0x7f00000000c0)="8d", 0x1, 0x81, &(0x7f0000000180)={0xa, 0x4e23, 0x5, @private1}, 0x1c) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000100)={r2, 0x7}, 0x8) 619.615252ms ago: executing program 4 (id=14787): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r2}, 0x10) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 582.446471ms ago: executing program 4 (id=14789): write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000200)=ANY=[], 0xc8) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x0, 0x5ae, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") 495.165351ms ago: executing program 4 (id=14794): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001140)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x7ff}, 0x18) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) 445.060182ms ago: executing program 6 (id=14797): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000005ec0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000002c0)=0x1) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x2) 335.698281ms ago: executing program 6 (id=14803): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xa3500, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0xec, 0x7, 0x44, 0x7, 0x0, 0x0, 0x9d670, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x2, @perf_bp={0x0, 0x4}, 0x100987, 0x7ff, 0x7, 0x0, 0x81, 0x2, 0x5, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1012, 0x4, 0x12011, r2, 0x0) 330.630151ms ago: executing program 5 (id=14805): mkdir(&(0x7f0000000000)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10) statfs(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=""/103) 289.737101ms ago: executing program 6 (id=14806): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x5, 0x6, 0x8, 0xae, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x5, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48) 289.181261ms ago: executing program 5 (id=14807): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xe) ioctl$TIOCVHANGUP(r2, 0x5437, 0x0) 272.347981ms ago: executing program 3 (id=14808): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0x84}}, 0x0) close(r1) 220.623141ms ago: executing program 5 (id=14809): r0 = socket(0x28, 0x5, 0x0) r1 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r1, 0xcde) connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10) sendmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40480c4) 220.071821ms ago: executing program 3 (id=14810): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xe}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b0000000d000000cc0002000600000005"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4b2, r2}, 0x38) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000001740), 0x2, r2}, 0x38) 216.394301ms ago: executing program 6 (id=14811): r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000080)={0x42, 0x1}, 0x10) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000240)={0x80042, 0x1, 0x1}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) 197.83993ms ago: executing program 4 (id=14812): r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = getpid() r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810100850000006d000000850000005000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='kfree\x00', r3}, 0x10) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000040)='./file0\x00', &(0x7f0000000240)=[0x7fffffffffffffff], 0x0, 0x0, 0x1, 0x1, r2}}, 0x40) 149.1718ms ago: executing program 6 (id=14813): syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f0000000280)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x1, 0x4fa, &(0x7f0000000dc0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x8, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61) 149.02298ms ago: executing program 5 (id=14814): socket(0x2, 0x2, 0x1) r0 = getpid() r1 = syz_pidfd_open(r0, 0x0) setns(r1, 0x8020000) mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x9100, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, 0x0) 148.81189ms ago: executing program 3 (id=14815): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x2003, 0xc, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r2}, 0xc) 148.63491ms ago: executing program 5 (id=14816): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') execve(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) 147.454501ms ago: executing program 4 (id=14817): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xd5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) sync() 128.871361ms ago: executing program 3 (id=14818): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) futex_waitv(0x0, 0x0, 0x0, 0x0, 0x1) 77.316751ms ago: executing program 3 (id=14819): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000c00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f0000000400)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000002c0)='rpm_return_int\x00', r1}, 0x10) syz_open_dev$usbfs(&(0x7f0000000180), 0x11, 0x0) 76.80897ms ago: executing program 5 (id=14829): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='sched_switch\x00', r0, 0x0, 0xf}, 0xe) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a) ioctl$FS_IOC_RESVSP(r1, 0x4030582b, &(0x7f0000000300)={0x1100, 0x0, 0x900, 0x2a40}) 27.58562ms ago: executing program 6 (id=14820): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'caif0\x00', 0x0}) bind$packet(r1, &(0x7f0000000180)={0x11, 0xf6, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) getsockname$packet(r1, &(0x7f00000015c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32=r3, @ANYBLOB="20000100", @ANYRES32=r2, @ANYBLOB="00000000e000030000000000000000000000000008"], 0x38}, 0x1, 0x0, 0x0, 0x20008005}, 0x0) 27.39413ms ago: executing program 0 (id=14821): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0) 24.8835ms ago: executing program 4 (id=14822): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0xffffffffffffff20, &(0x7f00000002c0)={&(0x7f0000001740)={0x2c, r2, 0x701, 0x0, 0x0, {{}, {@void, @void, @void}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x2c}}, 0x0) 22.36287ms ago: executing program 3 (id=14823): pipe(&(0x7f0000019480)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000580)="77bb", 0x2}], 0x1, 0x1) close(r1) r2 = socket$tipc(0x1e, 0x2, 0x0) connect$tipc(r2, &(0x7f0000003100)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10) splice(r0, 0x0, r1, 0x0, 0x10500, 0x0) 0s ago: executing program 0 (id=14824): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0xfffffffffffffffe, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0) kernel console output (not intermixed with test programs): out_of_memory+0x13e/0x190 [ 337.335762][ T547] try_charge_memcg+0x508/0x7f0 [ 337.340643][ T547] obj_cgroup_charge_pages+0xbd/0x1a0 [ 337.346047][ T547] __memcg_kmem_charge_page+0x9d/0x170 [ 337.351561][ T547] __alloc_pages_noprof+0x1bc/0x340 [ 337.356839][ T547] alloc_pages_mpol_noprof+0xb8/0x260 [ 337.362247][ T547] alloc_pages_noprof+0xe1/0x100 [ 337.367280][ T547] __vmalloc_node_range_noprof+0x6eb/0xe80 [ 337.373180][ T547] __kvmalloc_node_noprof+0x121/0x170 [ 337.378585][ T547] ? ip_set_alloc+0x1f/0x30 [ 337.383204][ T547] ip_set_alloc+0x1f/0x30 [ 337.387576][ T547] hash_netiface_create+0x273/0x730 [ 337.392860][ T547] ? __nla_parse+0x40/0x60 [ 337.397296][ T547] ? __pfx_hash_netiface_create+0x10/0x10 [ 337.403045][ T547] ip_set_create+0x359/0x8a0 [ 337.407648][ T547] ? strnstr+0xe1/0x100 [ 337.411830][ T547] ? __nla_parse+0x40/0x60 [ 337.416271][ T547] nfnetlink_rcv_msg+0x4a9/0x570 [ 337.421251][ T547] netlink_rcv_skb+0x12c/0x230 [ 337.426090][ T547] ? __pfx_nfnetlink_rcv_msg+0x10/0x10 [ 337.431589][ T547] nfnetlink_rcv+0x16c/0x15d0 [ 337.436327][ T547] ? should_fail_ex+0x31/0x230 [ 337.441109][ T547] ? perf_event_mmap+0x18f/0xd10 [ 337.446088][ T547] ? should_failslab+0x8f/0xb0 [ 337.450886][ T547] ? kmem_cache_alloc_noprof+0x18e/0x320 [ 337.456577][ T547] ? cgroup_rstat_updated+0x9f/0x570 [ 337.461876][ T547] ? __mod_memcg_lruvec_state+0x141/0x290 [ 337.467630][ T547] ? __rcu_read_unlock+0x34/0x70 [ 337.472578][ T547] ? xas_find+0x24b/0x3f0 [ 337.476992][ T547] ? cgroup_rstat_updated+0x9f/0x570 [ 337.482288][ T547] ? bpf_send_signal_common+0x2a5/0x2e0 [ 337.487908][ T547] ? should_fail_ex+0x31/0x230 [ 337.492675][ T547] ? selinux_nlmsg_lookup+0x119/0x8c0 [ 337.498108][ T547] ? __rcu_read_unlock+0x34/0x70 [ 337.503077][ T547] ? __netlink_lookup+0x253/0x290 [ 337.508116][ T547] netlink_unicast+0x599/0x670 [ 337.512892][ T547] netlink_sendmsg+0x5cc/0x6e0 [ 337.517706][ T547] ? __pfx_netlink_sendmsg+0x10/0x10 [ 337.523001][ T547] __sock_sendmsg+0x140/0x180 [ 337.527691][ T547] ____sys_sendmsg+0x312/0x410 [ 337.532518][ T547] __sys_sendmsg+0x19d/0x230 [ 337.537123][ T547] __x64_sys_sendmsg+0x46/0x50 [ 337.541900][ T547] x64_sys_call+0x2734/0x2dc0 [ 337.546602][ T547] do_syscall_64+0xc9/0x1c0 [ 337.551140][ T547] ? clear_bhb_loop+0x55/0xb0 [ 337.555825][ T547] ? clear_bhb_loop+0x55/0xb0 [ 337.560555][ T547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.566527][ T547] RIP: 0033:0x7fba27715d29 [ 337.570944][ T547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.590565][ T547] RSP: 002b:00007fba25d81038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 337.599041][ T547] RAX: ffffffffffffffda RBX: 00007fba27905fa0 RCX: 00007fba27715d29 [ 337.607012][ T547] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000004 [ 337.614990][ T547] RBP: 00007fba27791b08 R08: 0000000000000000 R09: 0000000000000000 [ 337.622967][ T547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.630941][ T547] R13: 0000000000000000 R14: 00007fba27905fa0 R15: 00007ffd30fe74c8 [ 337.638925][ T547] [ 337.642199][ T547] memory: usage 307200kB, limit 307200kB, failcnt 226 [ 337.649151][ T547] memory+swap: usage 309204kB, limit 9007199254740988kB, failcnt 0 [ 337.657049][ T547] kmem: usage 307096kB, limit 9007199254740988kB, failcnt 0 [ 337.664443][ T547] Memory cgroup stats for /syz0: [ 337.665518][ T547] cache 102400 [ 337.673925][ T547] rss 0 [ 337.676704][ T547] shmem 0 [ 337.679734][ T547] mapped_file 0 [ 337.683195][ T547] dirty 0 [ 337.686190][ T547] writeback 0 [ 337.689522][ T547] workingset_refault_anon 4323 [ 337.694285][ T547] workingset_refault_file 194 [ 337.698962][ T547] swap 2052096 [ 337.702357][ T547] swapcached 0 [ 337.705832][ T547] pgpgin 292745 [ 337.709310][ T547] pgpgout 292719 [ 337.712882][ T547] pgfault 414394 [ 337.716497][ T547] pgmajfault 431 [ 337.720079][ T547] inactive_anon 0 [ 337.723788][ T547] active_anon 0 [ 337.727254][ T547] inactive_file 0 [ 337.730939][ T547] active_file 106496 [ 337.734839][ T547] unevictable 0 [ 337.738303][ T547] hierarchical_memory_limit 314572800 [ 337.743729][ T547] hierarchical_memsw_limit 9223372036854771712 [ 337.749991][ T547] total_cache 102400 [ 337.753890][ T547] total_rss 0 [ 337.757204][ T547] total_shmem 0 [ 337.760704][ T547] total_mapped_file 0 [ 337.764696][ T547] total_dirty 0 [ 337.768159][ T547] total_writeback 0 [ 337.772026][ T547] total_workingset_refault_anon 4323 [ 337.777443][ T547] total_workingset_refault_file 194 [ 337.782667][ T547] total_swap 2052096 [ 337.786630][ T547] total_swapcached 0 [ 337.790570][ T547] total_pgpgin 292745 [ 337.794581][ T547] total_pgpgout 292719 [ 337.798659][ T547] total_pgfault 414394 [ 337.802757][ T547] total_pgmajfault 431 [ 337.806816][ T547] total_inactive_anon 0 [ 337.811064][ T547] total_active_anon 0 [ 337.815049][ T547] total_inactive_file 0 [ 337.819197][ T547] total_active_file 106496 [ 337.823621][ T547] total_unevictable 0 [ 337.827589][ T547] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz0,task_memcg=/syz0,task=syz.0.12859,pid=545,uid=0 [ 337.842337][ T547] Memory cgroup out of memory: Killed process 545 (syz.0.12859) total-vm:93484kB, anon-rss:788kB, file-rss:22228kB, shmem-rss:0kB, UID:0 pgtables:120kB oom_score_adj:1000 [ 337.904705][ T634] loop4: detected capacity change from 0 to 512 [ 337.942979][ T634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 337.958813][ T634] ext4 filesystem being mounted at /900/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 338.000227][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.222052][ T650] loop4: detected capacity change from 0 to 512 [ 338.229150][ T650] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 338.240968][ T650] EXT4-fs (loop4): 1 truncate cleaned up [ 338.247446][ T650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 338.278106][ T653] netlink: 'syz.0.12902': attribute type 21 has an invalid length. [ 338.286425][ T653] netlink: 'syz.0.12902': attribute type 1 has an invalid length. [ 338.294322][ T653] netlink: 144 bytes leftover after parsing attributes in process `syz.0.12902'. [ 338.345561][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 338.377204][ T667] loop0: detected capacity change from 0 to 164 [ 338.385435][ T667] syz.0.12911: attempt to access beyond end of device [ 338.385435][ T667] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 338.399620][ T667] syz.0.12911: attempt to access beyond end of device [ 338.399620][ T667] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 338.482356][ T676] loop4: detected capacity change from 0 to 2048 [ 338.492613][ T678] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12916'. [ 338.516704][ T676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 338.679901][ T29] kauditd_printk_skb: 49 callbacks suppressed [ 338.679928][ T29] audit: type=1326 audit(2000000593.205:11130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=690 comm="syz.5.12921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 338.726605][ T29] audit: type=1326 audit(2000000593.235:11131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=690 comm="syz.5.12921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 338.750298][ T29] audit: type=1326 audit(2000000593.235:11132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=690 comm="syz.5.12921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 338.772981][ T676] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 338.788981][ T676] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 338.801562][ T676] EXT4-fs (loop4): This should not happen!! Data will be lost [ 338.801562][ T676] [ 338.811237][ T676] EXT4-fs (loop4): Total free blocks count 0 [ 338.817273][ T676] EXT4-fs (loop4): Free/Dirty block details [ 338.823176][ T676] EXT4-fs (loop4): free_blocks=2415919104 [ 338.828994][ T676] EXT4-fs (loop4): dirty_blocks=8192 [ 338.834297][ T676] EXT4-fs (loop4): Block reservation details [ 338.840320][ T676] EXT4-fs (loop4): i_reserved_data_blocks=512 [ 338.855460][ T695] vlan3: entered allmulticast mode [ 338.860403][ T29] audit: type=1326 audit(2000000593.374:11133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 338.884340][ T29] audit: type=1326 audit(2000000593.374:11134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 338.922084][ T681] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 338.950087][ T29] audit: type=1326 audit(2000000593.393:11135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 338.973849][ T29] audit: type=1326 audit(2000000593.393:11136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 338.997430][ T29] audit: type=1326 audit(2000000593.393:11137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 339.021057][ T29] audit: type=1326 audit(2000000593.393:11138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 339.044607][ T29] audit: type=1326 audit(2000000593.393:11139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=699 comm="syz.0.12924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 339.203498][ T715] loop0: detected capacity change from 0 to 2048 [ 339.222900][ T715] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 339.244886][ T719] sit0: left promiscuous mode [ 339.253518][ T715] ext4 filesystem being mounted at /1991/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.259619][ T719] 8021q: adding VLAN 0 to HW filter on device bond0 [ 339.272790][ T719] 8021q: adding VLAN 0 to HW filter on device team0 [ 339.283867][ T719] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 339.361703][ T726] xt_hashlimit: max too large, truncated to 1048576 [ 339.379959][ T726] Cannot find set identified by id 0 to match [ 339.483643][ T740] openvswitch: netlink: Message has 12 unknown bytes. [ 339.801400][ T788] loop4: detected capacity change from 0 to 512 [ 339.838716][ T788] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.12963: bg 0: block 248: padding at end of block bitmap is not set [ 339.853553][ T788] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.12963: Failed to acquire dquot type 1 [ 339.866398][ T788] EXT4-fs (loop4): 1 truncate cleaned up [ 339.875595][ T788] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 339.894763][ T788] ext4 filesystem being mounted at /921/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 339.984963][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 339.994271][T22189] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:46: bg 0: block 345: padding at end of block bitmap is not set [ 340.009237][T22189] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 2048 with error 117 [ 340.021873][T22189] EXT4-fs (loop0): This should not happen!! Data will be lost [ 340.021873][T22189] [ 340.053285][ T800] netlink: 'syz.4.12968': attribute type 1 has an invalid length. [ 340.071043][T22189] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 2065 with max blocks 2040 with error 28 [ 340.083819][T22189] EXT4-fs (loop0): This should not happen!! Data will be lost [ 340.083819][T22189] [ 340.093529][T22189] EXT4-fs (loop0): Total free blocks count 0 [ 340.099548][T22189] EXT4-fs (loop0): Free/Dirty block details [ 340.105456][T22189] EXT4-fs (loop0): free_blocks=0 [ 340.110449][T22189] EXT4-fs (loop0): dirty_blocks=2048 [ 340.115801][T22189] EXT4-fs (loop0): Block reservation details [ 340.309127][ T813] loop0: detected capacity change from 0 to 1024 [ 340.320667][ T813] ext4 filesystem being mounted at /1995/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 340.349384][ T813] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 46 with max blocks 1 with error 28 [ 340.361711][ T813] EXT4-fs (loop0): This should not happen!! Data will be lost [ 340.361711][ T813] [ 340.371458][ T813] EXT4-fs (loop0): Total free blocks count 0 [ 340.377471][ T813] EXT4-fs (loop0): Free/Dirty block details [ 340.383413][ T813] EXT4-fs (loop0): free_blocks=0 [ 340.388418][ T813] EXT4-fs (loop0): dirty_blocks=0 [ 340.393455][ T813] EXT4-fs (loop0): Block reservation details [ 340.399629][ T813] EXT4-fs (loop0): i_reserved_data_blocks=0 [ 340.611089][ T829] SELinux: Context system_u:object_r:updpwd_exec_t:s0 is not valid (left unmapped). [ 342.351018][ T856] loop0: detected capacity change from 0 to 2048 [ 342.424812][ T871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12999'. [ 342.433957][ T871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12999'. [ 342.443067][ T871] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12999'. [ 342.716720][ T872] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 342.732522][ T872] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 342.745092][ T872] EXT4-fs (loop0): This should not happen!! Data will be lost [ 342.745092][ T872] [ 342.754787][ T872] EXT4-fs (loop0): Total free blocks count 0 [ 342.760779][ T872] EXT4-fs (loop0): Free/Dirty block details [ 342.766738][ T872] EXT4-fs (loop0): free_blocks=2415919104 [ 342.772530][ T872] EXT4-fs (loop0): dirty_blocks=8192 [ 342.773387][ T896] rdma_op ffff88811f80e980 conn xmit_rdma 0000000000000000 [ 342.777904][ T872] EXT4-fs (loop0): Block reservation details [ 342.777920][ T872] EXT4-fs (loop0): i_reserved_data_blocks=512 [ 342.843937][ T856] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 342.856712][ T856] EXT4-fs (loop0): This should not happen!! Data will be lost [ 342.856712][ T856] [ 342.897234][ T914] netlink: 'syz.3.13018': attribute type 3 has an invalid length. [ 342.900319][ T913] loop6: detected capacity change from 0 to 764 [ 342.922231][ T913] rock: directory entry would overflow storage [ 342.928447][ T913] rock: sig=0x4f50, size=4, remaining=3 [ 342.934085][ T913] iso9660: Corrupted directory entry in block 6 of inode 1792 [ 343.045126][ T919] lo speed is unknown, defaulting to 1000 [ 343.782073][ T963] lo speed is unknown, defaulting to 1000 [ 343.801018][ T966] loop0: detected capacity change from 0 to 2048 [ 343.811155][ T29] kauditd_printk_skb: 83 callbacks suppressed [ 343.811170][ T29] audit: type=1326 audit(2000000598.300:11221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=916 comm="syz.3.13019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c1725d29 code=0x7fc00000 [ 344.162424][ T29] audit: type=1326 audit(2000000598.648:11222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=990 comm="syz.3.13048" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f15c1725d29 code=0x0 [ 344.210336][ T994] loop6: detected capacity change from 0 to 512 [ 344.265604][ T994] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.13049: bg 0: block 248: padding at end of block bitmap is not set [ 344.289512][ T1001] netlink: 16 bytes leftover after parsing attributes in process `syz.0.13051'. [ 344.305067][ T994] Quota error (device loop6): write_blk: dquota write failed [ 344.312490][ T994] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 344.322427][ T994] EXT4-fs error (device loop6): ext4_acquire_dquot:6938: comm syz.6.13049: Failed to acquire dquot type 1 [ 344.349488][ T994] EXT4-fs (loop6): 1 truncate cleaned up [ 344.356055][ T994] ext4 filesystem being mounted at /497/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 344.399528][T22224] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5 [ 344.408556][T22224] EXT4-fs error (device loop6): ext4_release_dquot:6961: comm kworker/u8:65: Failed to release dquot type 1 [ 344.574488][ T29] audit: type=1400 audit(2000000599.055:11223): avc: denied { unmount } for pid=27487 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1 [ 344.678067][ T1038] lo speed is unknown, defaulting to 1000 [ 344.711472][ T1043] loop4: detected capacity change from 0 to 2048 [ 344.738357][ T1051] loop6: detected capacity change from 0 to 128 [ 344.840014][T22224] kworker/u8:65: attempt to access beyond end of device [ 344.840014][T22224] loop6: rw=1, sector=145, nr_sectors = 896 limit=128 [ 344.892090][ T1066] syz.6.13079[1066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 344.892157][ T1066] syz.6.13079[1066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 344.913463][ T1066] syz.6.13079[1066] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 344.975837][ T1072] program syz.6.13082 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 345.098879][ T1080] lo speed is unknown, defaulting to 1000 [ 345.183521][ T1091] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13091'. [ 345.224052][ T1097] loop4: detected capacity change from 0 to 512 [ 345.278251][ T1097] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13093: bg 0: block 248: padding at end of block bitmap is not set [ 345.295249][ T1097] Quota error (device loop4): write_blk: dquota write failed [ 345.303047][ T1097] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota [ 345.311802][ T1101] smc: net device bond0 applied user defined pnetid SYZ2 [ 345.313169][ T1097] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.13093: Failed to acquire dquot type 1 [ 345.328227][ T1101] smc: net device bond0 erased user defined pnetid SYZ2 [ 345.362899][ T1097] EXT4-fs (loop4): 1 truncate cleaned up [ 345.369250][ T1097] ext4 filesystem being mounted at /958/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 345.418369][T22218] Quota error (device loop4): do_check_range: Getting block 0 out of range 1-5 [ 345.427567][T22218] EXT4-fs error (device loop4): ext4_release_dquot:6961: comm kworker/u8:60: Failed to release dquot type 1 [ 345.452740][ T1117] ALSA: seq fatal error: cannot create timer (-19) [ 345.458167][ T1122] loop0: detected capacity change from 0 to 512 [ 345.467628][ T29] audit: type=1326 audit(2000000599.940:11224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1119 comm="syz.4.13103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 345.513515][ T1122] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 345.522057][ T1122] EXT4-fs (loop0): orphan cleanup on readonly fs [ 345.528706][ T1122] EXT4-fs warning (device loop0): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 345.548919][ T1122] EXT4-fs (loop0): Cannot turn on quotas: error -117 [ 345.558025][ T1122] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.13104: bg 0: block 40: padding at end of block bitmap is not set [ 345.572931][ T1132] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13107'. [ 345.573380][ T1122] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 345.581976][ T1132] netlink: 84 bytes leftover after parsing attributes in process `syz.4.13107'. [ 345.591113][ T1122] EXT4-fs (loop0): 1 truncate cleaned up [ 345.866226][ T1165] lo speed is unknown, defaulting to 1000 [ 346.094947][ T1200] atomic_op ffff88811f80e928 conn xmit_atomic 0000000000000000 [ 346.314602][ T1225] team0: Device ipvlan2 failed to register rx_handler [ 346.351102][ T1226] loop6: detected capacity change from 0 to 2048 [ 346.379010][ T1217] lo speed is unknown, defaulting to 1000 [ 346.649465][ T1249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 346.661025][ T1249] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 347.258141][ T1285] netlink: 100 bytes leftover after parsing attributes in process `syz.6.13170'. [ 347.266645][ T1288] syz.0.13172[1288] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.267482][ T1288] syz.0.13172[1288] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.286326][ T1288] syz.0.13172[1288] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.312377][ T1294] loop6: detected capacity change from 0 to 128 [ 347.611112][ T1326] lo speed is unknown, defaulting to 1000 [ 347.693783][ T1326] chnl_net:caif_netlink_parms(): no params data found [ 347.765001][T22189] bridge_slave_1: left allmulticast mode [ 347.770750][T22189] bridge_slave_1: left promiscuous mode [ 347.776428][T22189] bridge0: port 2(bridge_slave_1) entered disabled state [ 347.805406][T22189] bridge_slave_0: left allmulticast mode [ 347.811117][T22189] bridge_slave_0: left promiscuous mode [ 347.816934][T22189] bridge0: port 1(bridge_slave_0) entered disabled state [ 347.860924][ T1357] syz.0.13199[1357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.861127][ T1357] syz.0.13199[1357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.872962][ T1357] syz.0.13199[1357] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 347.899252][T22189] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 347.921358][T22189] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 347.931019][T22189] bond0 (unregistering): Released all slaves [ 347.939304][T22189] bond1 (unregistering): Released all slaves [ 347.968021][ T1360] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿ0xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ¨ÐÊ3†…ƒPq{ÚP [ 347.968021][ T1360] n'º|$@OOݱµ’-®+·el' [ 348.037998][ T1326] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.045080][ T1326] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.060696][ T1326] bridge_slave_0: entered allmulticast mode [ 348.069557][ T1326] bridge_slave_0: entered promiscuous mode [ 348.076459][ T1326] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.082750][ T1375] loop4: detected capacity change from 0 to 2048 [ 348.083553][ T1326] bridge0: port 2(bridge_slave_1) entered disabled state [ 348.099124][ T1326] bridge_slave_1: entered allmulticast mode [ 348.106347][ T1326] bridge_slave_1: entered promiscuous mode [ 348.115119][T22189] hsr_slave_0: left promiscuous mode [ 348.121886][T22189] hsr_slave_1: left promiscuous mode [ 348.127699][T22189] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 348.135258][T22189] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 348.142720][T22189] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 348.174491][T22189] team0 (unregistering): Port device team_slave_1 removed [ 348.184182][T22189] team0 (unregistering): Port device team_slave_0 removed [ 348.214733][ T1370] lo speed is unknown, defaulting to 1000 [ 348.234222][ T1326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 348.251784][ T1384] netlink: 268 bytes leftover after parsing attributes in process `syz.3.13207'. [ 348.278292][ T1326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 348.279669][ T1388] loop0: detected capacity change from 0 to 164 [ 348.320767][ T1326] team0: Port device team_slave_0 added [ 348.328362][ T1326] team0: Port device team_slave_1 added [ 348.365700][ T1326] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 348.372786][ T1326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.398915][ T1326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 348.410531][ T1326] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 348.417506][ T1326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 348.443502][ T1326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 348.523788][ T1403] loop0: detected capacity change from 0 to 1024 [ 348.532646][ T1326] hsr_slave_0: entered promiscuous mode [ 348.544057][ T1326] hsr_slave_1: entered promiscuous mode [ 348.551275][ T1403] EXT4-fs: inline encryption not supported [ 348.557236][ T1326] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 348.565007][ T1326] Cannot create hsr debugfs directory [ 348.588716][ T1403] EXT4-fs (loop0): invalid first ino: 3825205259 [ 348.760642][ T1421] lo speed is unknown, defaulting to 1000 [ 348.856326][ T29] kauditd_printk_skb: 56 callbacks suppressed [ 348.856341][ T29] audit: type=1400 audit(2000000603.309:11280): avc: denied { relabelfrom } for pid=1440 comm="syz.4.13231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 348.882642][ T29] audit: type=1400 audit(2000000603.309:11281): avc: denied { relabelto } for pid=1440 comm="syz.4.13231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 348.903671][ T29] audit: type=1400 audit(2000000603.309:11282): avc: denied { attach_queue } for pid=1440 comm="syz.4.13231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 348.942442][ T29] audit: type=1400 audit(2000000603.398:11283): avc: denied { setopt } for pid=1446 comm="syz.5.13234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 349.015899][ T29] audit: type=1326 audit(2000000603.478:11284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.040119][ T29] audit: type=1326 audit(2000000603.478:11285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.063833][ T29] audit: type=1326 audit(2000000603.478:11286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.088296][ T29] audit: type=1326 audit(2000000603.527:11287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.112077][ T29] audit: type=1326 audit(2000000603.527:11288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.135709][ T29] audit: type=1326 audit(2000000603.527:11289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1455 comm="syz.5.13238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 349.279029][ T1326] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 349.289372][ T1326] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 349.322706][ T1326] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 349.339129][ T1326] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 349.392452][ T1326] 8021q: adding VLAN 0 to HW filter on device bond0 [ 349.412282][ T1326] 8021q: adding VLAN 0 to HW filter on device team0 [ 349.424319][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 349.431527][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 349.445522][T22224] bridge0: port 2(bridge_slave_1) entered blocking state [ 349.452672][T22224] bridge0: port 2(bridge_slave_1) entered forwarding state [ 349.492463][ T1326] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 349.502883][ T1326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 349.560742][ T1326] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 349.708130][ T1326] veth0_vlan: entered promiscuous mode [ 349.718143][ T1326] veth1_vlan: entered promiscuous mode [ 349.739515][ T1326] veth0_macvtap: entered promiscuous mode [ 349.754726][ T1326] veth1_macvtap: entered promiscuous mode [ 349.775508][ T1326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 349.786056][ T1326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.814523][ T1326] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 349.832907][ T1326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 349.843447][ T1326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 349.874495][ T1326] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 349.884343][ T1326] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.893066][ T1326] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.901904][ T1326] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 349.910703][ T1326] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 350.288703][ T1569] netlink: 44 bytes leftover after parsing attributes in process `syz.6.13277'. [ 350.602565][ T1613] syz.5.13308[1613] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 350.602635][ T1613] syz.5.13308[1613] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 350.619093][ T1613] syz.5.13308[1613] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 350.870693][ T1642] lo speed is unknown, defaulting to 1000 [ 351.039305][ T1650] syz.5.13315[1650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.039415][ T1650] syz.5.13315[1650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.051118][ T1650] syz.5.13315[1650] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 351.202835][T22040] kernel write not supported for file bpf-prog (pid: 22040 comm: kworker/1:18) [ 351.583595][ T1682] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13329'. [ 351.676399][ T1692] tmpfs: Unknown parameter 'nolazytimep' [ 352.209598][ T1744] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13356'. [ 352.409643][ T1761] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13364'. [ 352.463703][ T1768] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 352.489828][ T1774] netlink: 'syz.4.13370': attribute type 27 has an invalid length. [ 352.566309][ T1774] macsec0: left promiscuous mode [ 352.571392][ T1774] geneve0: left allmulticast mode [ 352.577730][ T1774] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.586775][ T1774] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.595870][ T1774] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.604879][ T1774] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.626488][ T1780] netem: change failed [ 352.959035][ T1806] netlink: 16 bytes leftover after parsing attributes in process `syz.4.13383'. [ 353.123923][ T1822] loop6: detected capacity change from 0 to 256 [ 353.181225][ T1834] SELinux: ebitmap: map size 0 does not match my size 64 (high bit was 0) [ 353.203854][ T1834] SELinux: failed to load policy [ 353.222540][ T1842] netem: incorrect gi model size [ 353.227600][ T1842] netem: change failed [ 353.267071][ T1845] netlink: 12 bytes leftover after parsing attributes in process `syz.4.13403'. [ 353.408381][ T1873] loop0: detected capacity change from 0 to 512 [ 353.430170][ T1873] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 353.450455][ T1873] EXT4-fs (loop0): 1 truncate cleaned up [ 353.458364][ T1873] EXT4-fs mount: 19 callbacks suppressed [ 353.458379][ T1873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 353.656957][ T1904] syz.4.13429[1904] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.657022][ T1904] syz.4.13429[1904] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.691812][ T1904] syz.4.13429[1904] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 353.784022][ T1909] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=21184 sclass=netlink_route_socket pid=1909 comm=syz.6.13432 [ 353.876250][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.883679][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.891220][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x2 [ 353.898813][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.906403][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.913841][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.921240][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.928695][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.936160][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.943562][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.951147][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.958598][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.966014][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.973483][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.980902][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.988324][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 353.995780][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.003217][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.010671][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.018130][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.025563][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.032966][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.040424][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.047893][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.055356][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.062783][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.070238][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.077679][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.085121][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.092584][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.100037][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.107457][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.114910][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.122373][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.129991][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.137609][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.145043][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.152479][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.159947][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.167491][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.174934][T14511] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 354.185766][ T1921] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=1921 comm=syz.3.13436 [ 354.198464][ T1921] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=1921 comm=syz.3.13436 [ 354.211915][T14511] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz0] on syz0 [ 354.249074][ T1925] loop6: detected capacity change from 0 to 128 [ 354.270056][ T1925] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 354.295361][ T1925] ext4 filesystem being mounted at /41/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 354.462027][ T1326] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 354.584601][ T1937] loop6: detected capacity change from 0 to 2048 [ 354.615964][ T1937] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 354.927755][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.935329][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.943024][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x2 [ 354.950613][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.958098][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.965586][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.972986][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.980453][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.987959][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 354.995522][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.002918][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.010410][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.017974][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.025414][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.032812][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.040247][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.047671][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.055122][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.062516][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.069934][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.077426][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.084844][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.092234][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.099663][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.107107][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.114545][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.121954][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.129396][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.136818][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.144430][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.151826][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.159250][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.166695][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.174121][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.181556][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.189034][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.196461][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.200224][ T1956] netlink: 16 bytes leftover after parsing attributes in process `syz.5.13451'. [ 355.203990][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.220420][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.227829][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.235253][ T8] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 355.240783][ T1956] erspan0: entered promiscuous mode [ 355.248618][ T8] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz0] on syz0 [ 355.256985][ T8314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 355.279920][ T1937] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 355.291667][ T1958] program syz.4.13452 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 355.304169][ T1937] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 355.316814][ T1937] EXT4-fs (loop6): This should not happen!! Data will be lost [ 355.316814][ T1937] [ 355.316971][ T1956] erspan0: left promiscuous mode [ 355.326475][ T1937] EXT4-fs (loop6): Total free blocks count 0 [ 355.326493][ T1937] EXT4-fs (loop6): Free/Dirty block details [ 355.326506][ T1937] EXT4-fs (loop6): free_blocks=2415919104 [ 355.326521][ T1937] EXT4-fs (loop6): dirty_blocks=8192 [ 355.326535][ T1937] EXT4-fs (loop6): Block reservation details [ 355.360568][ T1937] EXT4-fs (loop6): i_reserved_data_blocks=512 [ 355.420954][ T1943] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 355.485539][ T29] kauditd_printk_skb: 224 callbacks suppressed [ 355.485556][ T29] audit: type=1326 audit(2000000865.943:11514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.532466][ T29] audit: type=1326 audit(2000000865.973:11515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.556116][ T29] audit: type=1326 audit(2000000865.973:11516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.580107][ T29] audit: type=1326 audit(2000000865.973:11517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.603933][ T29] audit: type=1326 audit(2000000865.983:11518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.627543][ T29] audit: type=1326 audit(2000000865.983:11519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.651317][ T29] audit: type=1326 audit(2000000865.983:11520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.674941][ T29] audit: type=1326 audit(2000000865.983:11521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.698766][ T29] audit: type=1326 audit(2000000865.983:11522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.722435][ T29] audit: type=1326 audit(2000000865.983:11523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1966 comm="syz.5.13455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 355.790222][ T1979] xt_hashlimit: max too large, truncated to 1048576 [ 355.798632][ T1981] netlink: 'syz.0.13460': attribute type 1 has an invalid length. [ 355.818882][ T1979] No such timeout policy "syz1" [ 355.836611][ T1983] syz.4.13461[1983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.836685][ T1983] syz.4.13461[1983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.849958][ T1983] syz.4.13461[1983] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 355.874851][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.894134][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.901684][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x2 [ 355.909160][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.916614][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.924064][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.931469][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.939032][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.946469][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.954063][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.961520][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.969029][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.976655][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.984094][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.991631][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 355.999109][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.006533][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.013939][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.021333][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.028765][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.036219][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.043609][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.051084][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.058529][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.065912][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.073278][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.080675][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.088132][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.095519][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.102962][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.110351][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.117794][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.125179][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.132553][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.140084][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.147482][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.154906][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.162361][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.169821][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.177229][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.184608][ T8] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 356.192380][ T8] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz0] on syz0 [ 356.263564][ T2008] smc: net device bond0 applied user defined pnetid SYZ2 [ 356.272892][ T2008] smc: net device bond0 erased user defined pnetid SYZ2 [ 356.330938][ T2013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13476'. [ 356.339995][ T2013] netlink: 84 bytes leftover after parsing attributes in process `syz.3.13476'. [ 356.482744][ T2026] loop4: detected capacity change from 0 to 512 [ 356.522440][ T2026] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 356.531126][ T2026] EXT4-fs (loop4): orphan cleanup on readonly fs [ 356.537938][ T2026] EXT4-fs warning (device loop4): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 356.553774][ T2026] EXT4-fs (loop4): Cannot turn on quotas: error -117 [ 356.564201][ T2026] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13478: bg 0: block 40: padding at end of block bitmap is not set [ 356.583750][ T2026] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 356.594679][ T2026] EXT4-fs (loop4): 1 truncate cleaned up [ 356.600672][ T2026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 356.627284][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 356.695715][ T2047] loop4: detected capacity change from 0 to 128 [ 356.896275][ T2067] syz.4.13501[2067] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.896358][ T2067] syz.4.13501[2067] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 356.933912][ T2067] syz.4.13501[2067] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.002880][ T2077] loop4: detected capacity change from 0 to 8192 [ 357.024477][ T2077] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿ0xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ¨ÐÊ3†…ƒPq{ÚP [ 357.024477][ T2077] n'º|$@OOݱµ’-®+·el' [ 357.160775][ T2089] smc: net device bond0 applied user defined pnetid SYZ2 [ 357.184371][ T2089] smc: net device bond0 erased user defined pnetid SYZ2 [ 357.192430][ T2093] loop6: detected capacity change from 0 to 2048 [ 357.226257][ T2093] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 357.252163][ T2095] netlink: 268 bytes leftover after parsing attributes in process `syz.0.13513'. [ 357.425360][ T2114] loop4: detected capacity change from 0 to 256 [ 357.445824][ T2093] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 357.461292][ T2093] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28 [ 357.473789][ T2093] EXT4-fs (loop6): This should not happen!! Data will be lost [ 357.473789][ T2093] [ 357.483429][ T2093] EXT4-fs (loop6): Total free blocks count 0 [ 357.489640][ T2093] EXT4-fs (loop6): Free/Dirty block details [ 357.495652][ T2093] EXT4-fs (loop6): free_blocks=2415919104 [ 357.501426][ T2093] EXT4-fs (loop6): dirty_blocks=8192 [ 357.506803][ T2093] EXT4-fs (loop6): Block reservation details [ 357.512787][ T2093] EXT4-fs (loop6): i_reserved_data_blocks=512 [ 357.539463][ T2104] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28 [ 357.714102][ T2139] syz.5.13530[2139] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.714238][ T2139] syz.5.13530[2139] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.725639][ T2142] loop0: detected capacity change from 0 to 128 [ 357.740984][ T2142] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 357.743561][ T2139] syz.5.13530[2139] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 357.756490][ T2142] ext4 filesystem being mounted at /2097/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 357.862058][ T8314] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 357.901448][ T2153] loop0: detected capacity change from 0 to 164 [ 357.911851][ T2153] syz.0.13534: attempt to access beyond end of device [ 357.911851][ T2153] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164 [ 357.927948][ T2153] syz.0.13534: attempt to access beyond end of device [ 357.927948][ T2153] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164 [ 357.960612][ T2161] loop6: detected capacity change from 0 to 512 [ 357.992495][ T2161] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 358.006854][ T2161] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 358.017860][ T2167] netlink: 'syz.5.13543': attribute type 10 has an invalid length. [ 358.032579][ T2167] team0: Device hsr_slave_0 failed to register rx_handler [ 358.076562][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.129585][ T2175] loop4: detected capacity change from 0 to 128 [ 358.138263][ T2177] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13558'. [ 358.151188][ T2175] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 358.163419][ T2175] ext4 filesystem being mounted at /1056/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 358.251608][ T2186] batadv_slave_1: entered promiscuous mode [ 358.264741][ T2186] batadv_slave_1: left promiscuous mode [ 358.294557][ T2192] syz.6.13555[2192] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 358.300604][ T2192] loop6: detected capacity change from 0 to 1024 [ 358.317801][T21672] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 358.346491][ T2192] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 358.358849][ T2192] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 358.381325][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 358.466258][ T2208] loop0: detected capacity change from 0 to 8192 [ 358.476609][ T2208] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿ0xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ¨ÐÊ3†…ƒPq{ÚP [ 358.476609][ T2208] n'º|$@OOݱµ’-®+·el' [ 358.527419][ T2214] loop4: detected capacity change from 0 to 8192 [ 358.591861][ T2214] loop4: p1 p2 p3 p4 [ 358.598199][ T2214] loop4: p1 start 51379968 is beyond EOD, truncated [ 358.616328][ T2214] loop4: p3 size 100663552 extends beyond EOD, truncated [ 358.638312][ T2214] loop4: p4 size 81920 extends beyond EOD, truncated [ 358.668060][ T2230] ipvlan2: entered promiscuous mode [ 358.684440][ T2230] bridge0: port 1(ipvlan2) entered blocking state [ 358.690934][ T2230] bridge0: port 1(ipvlan2) entered disabled state [ 358.723632][ T2230] ipvlan2: entered allmulticast mode [ 358.729004][ T2230] bridge0: entered allmulticast mode [ 358.736025][ T2230] ipvlan2: left allmulticast mode [ 358.741081][ T2230] bridge0: left allmulticast mode [ 358.951150][ T2246] msdos: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿ01777777777777777777777ÿ0xffffffffffffffff18446744073709551615ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ¨ÐÊ3†…ƒPq{ÚP [ 358.951150][ T2246] n'º|$@OOݱµ’-®+·el' [ 359.095865][ T2283] netlink: 'syz.5.13590': attribute type 27 has an invalid length. [ 359.202795][ T2298] loop0: detected capacity change from 0 to 512 [ 359.210051][ T2298] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended [ 359.243712][ T2298] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 359.266806][ T2298] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.13593: corrupted inode contents [ 359.279323][ T2298] EXT4-fs error (device loop0): ext4_dirty_inode:6041: inode #2: comm syz.0.13593: mark_inode_dirty error [ 359.291020][ T2298] EXT4-fs error (device loop0): ext4_do_update_inode:5153: inode #2: comm syz.0.13593: corrupted inode contents [ 359.325556][ T8314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 359.370896][ T2321] netlink: 'syz.0.13607': attribute type 27 has an invalid length. [ 359.403557][ T2321] wireguard0: left promiscuous mode [ 359.408919][ T2321] wireguard0: left allmulticast mode [ 359.414535][ T2321] bond1: left promiscuous mode [ 359.439664][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.448776][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.459396][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.492632][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.501666][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.513772][ T2327] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13613'. [ 359.654564][ T2353] netlink: 'syz.3.13623': attribute type 10 has an invalid length. [ 359.684770][ T2353] team0: Device hsr_slave_0 failed to register rx_handler [ 359.867452][ T2380] hub 9-0:1.0: USB hub found [ 359.881901][ T2380] hub 9-0:1.0: 8 ports detected [ 359.943572][ T2388] netlink: 'syz.0.13640': attribute type 10 has an invalid length. [ 359.954188][ T2388] team0: Device hsr_slave_0 failed to register rx_handler [ 360.038606][ T2398] tmpfs: Unknown parameter 'nolazytimep' [ 360.087189][ T2405] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=2405 comm=syz.6.13647 [ 360.099857][ T2405] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=2405 comm=syz.6.13647 [ 360.263343][ T2428] batadv_slave_1: entered promiscuous mode [ 360.276795][ T2428] batadv_slave_1: left promiscuous mode [ 360.286657][ T2431] netlink: 'syz.4.13660': attribute type 39 has an invalid length. [ 360.334355][ T2436] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.342609][ T2436] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.350874][ T2436] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.359255][ T2436] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 360.367934][ T2436] geneve2: entered promiscuous mode [ 360.373167][ T2436] geneve2: entered allmulticast mode [ 360.386896][ T2436] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.395341][ T2436] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.403853][ T2436] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.412215][ T2436] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 360.650192][ T2459] netlink: 'syz.3.13674': attribute type 3 has an invalid length. [ 360.685517][ T2463] bridge_slave_1: left allmulticast mode [ 360.691271][ T2463] bridge_slave_1: left promiscuous mode [ 360.697086][ T2463] bridge0: port 2(bridge_slave_1) entered disabled state [ 360.706447][ T2463] bridge_slave_0: left allmulticast mode [ 360.712161][ T2463] bridge_slave_0: left promiscuous mode [ 360.717976][ T2463] bridge0: port 1(bridge_slave_0) entered disabled state [ 360.761748][ T29] kauditd_printk_skb: 166 callbacks suppressed [ 360.761764][ T29] audit: type=1326 audit(2000000871.213:11689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2469 comm="syz.3.13679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c1725d29 code=0x7ffc0000 [ 360.792235][ T29] audit: type=1326 audit(2000000871.223:11690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2469 comm="syz.3.13679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7f15c1725d29 code=0x7ffc0000 [ 360.815906][ T29] audit: type=1326 audit(2000000871.223:11691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2469 comm="syz.3.13679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c1725d29 code=0x7ffc0000 [ 360.839734][ T29] audit: type=1326 audit(2000000871.223:11692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2469 comm="syz.3.13679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f15c1725d29 code=0x7ffc0000 [ 360.865420][ T29] audit: type=1326 audit(2000000871.253:11693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 360.889176][ T29] audit: type=1326 audit(2000000871.273:11694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 360.912760][ T29] audit: type=1326 audit(2000000871.273:11695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 360.936426][ T29] audit: type=1326 audit(2000000871.273:11696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 360.960015][ T29] audit: type=1326 audit(2000000871.273:11697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 360.983680][ T29] audit: type=1326 audit(2000000871.273:11698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2473 comm="syz.5.13681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f26e5a95d29 code=0x7ffc0000 [ 361.149994][ T2493] loop4: detected capacity change from 0 to 2048 [ 361.158217][ T2493] EXT4-fs: Ignoring removed mblk_io_submit option [ 361.194721][ T2493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 361.280153][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 361.392808][ T2524] batadv_slave_1: entered promiscuous mode [ 361.417388][ T2524] batadv_slave_1: left promiscuous mode [ 361.592662][ T2561] loop6: detected capacity change from 0 to 512 [ 361.629905][ T2561] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 361.642814][ T2568] batadv_slave_1: entered promiscuous mode [ 361.651363][ T2561] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 361.664501][ T2568] batadv_slave_1: left promiscuous mode [ 361.696788][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 361.861619][ T2597] netlink: 'syz.3.13736': attribute type 39 has an invalid length. [ 362.184523][ T2633] syzkaller1: entered promiscuous mode [ 362.190040][ T2633] syzkaller1: entered allmulticast mode [ 362.198474][ T2639] rdma_rxe: rxe_newlink: failed to add team_slave_0 [ 362.248355][ T3378] kernel write not supported for file bpf-prog (pid: 3378 comm: kworker/0:3) [ 362.257328][ T2651] __nla_validate_parse: 5 callbacks suppressed [ 362.257342][ T2651] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 362.282886][ T2651] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 362.292945][ T2654] batadv_slave_1: entered promiscuous mode [ 362.304617][ T2654] batadv_slave_0: entered promiscuous mode [ 362.326841][ T2659] loop4: detected capacity change from 0 to 512 [ 362.328622][ T2653] batadv_slave_0: left promiscuous mode [ 362.336656][ T2659] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 362.338750][ T2653] batadv_slave_1: left promiscuous mode [ 362.350920][ T2659] EXT4-fs (loop4): 1 truncate cleaned up [ 362.360462][ T2659] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.416157][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.462485][ T2668] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13768'. [ 362.649475][ T2701] loop4: detected capacity change from 0 to 2048 [ 362.692837][ T2708] loop6: detected capacity change from 0 to 512 [ 362.710208][ T2708] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 362.725070][ T2701] Alternate GPT is invalid, using primary GPT. [ 362.731346][ T2701] loop4: p1 p2 p3 [ 362.755684][ T2708] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 362.830208][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 362.953808][T14520] kernel write not supported for file bpf-prog (pid: 14520 comm: kworker/1:13) [ 362.986142][ T2734] loop4: detected capacity change from 0 to 512 [ 363.001048][ T2734] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 363.013433][ T2740] netlink: 92 bytes leftover after parsing attributes in process `syz.0.13802'. [ 363.034603][ T2734] EXT4-fs (loop4): 1 truncate cleaned up [ 363.040613][ T2734] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 363.108143][ T2748] loop0: detected capacity change from 0 to 2048 [ 363.120742][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 363.141149][ T2748] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 363.249964][ T2748] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters [ 363.264684][ T2748] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 363.276995][ T2748] EXT4-fs (loop0): This should not happen!! Data will be lost [ 363.276995][ T2748] [ 363.286687][ T2748] EXT4-fs (loop0): Total free blocks count 0 [ 363.292753][ T2748] EXT4-fs (loop0): Free/Dirty block details [ 363.298700][ T2748] EXT4-fs (loop0): free_blocks=66060288 [ 363.304350][ T2748] EXT4-fs (loop0): dirty_blocks=16 [ 363.309564][ T2748] EXT4-fs (loop0): Block reservation details [ 363.315591][ T2748] EXT4-fs (loop0): i_reserved_data_blocks=1 [ 363.321943][ T2774] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28 [ 363.402717][ T2791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13824'. [ 363.832722][ T2839] syzkaller1: entered promiscuous mode [ 363.838309][ T2839] syzkaller1: entered allmulticast mode [ 364.173085][ T2864] bpf_get_probe_write_proto: 5 callbacks suppressed [ 364.173101][ T2864] syz.5.13856[2864] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.199811][ T2864] syz.5.13856[2864] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.216698][ T2864] syz.5.13856[2864] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 364.298266][ T2874] netlink: 'syz.4.13862': attribute type 2 has an invalid length. [ 364.317651][ T2874] netlink: 'syz.4.13862': attribute type 4 has an invalid length. [ 364.325697][ T2874] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13862'. [ 364.548875][ T2887] loop6: detected capacity change from 0 to 8192 [ 364.576458][ T2887] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 364.634142][ T2887] devtmpfs: Unknown parameter 'udp:syz2' [ 364.688981][ T2903] tipc: Started in network mode [ 364.693936][ T2903] tipc: Node identity ac14140f, cluster identity 4711 [ 364.702024][ T2903] tipc: New replicast peer: 255.255.255.255 [ 364.708400][ T2903] tipc: Enabled bearer , priority 10 [ 364.750664][ T2901] loop0: detected capacity change from 0 to 2048 [ 364.809082][ T2901] Alternate GPT is invalid, using primary GPT. [ 364.815431][ T2901] loop0: p1 p2 p3 [ 365.163510][ T2949] loop0: detected capacity change from 0 to 512 [ 365.192493][ T2951] syz.5.13895[2951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.192664][ T2951] syz.5.13895[2951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.204956][ T2951] syz.5.13895[2951] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 365.223599][ T2949] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 365.255183][ T2949] ext4 filesystem being mounted at /2169/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 365.266316][ T2949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 365.641229][ T2996] bridge0: port 1(ipvlan2) entered blocking state [ 365.647807][ T2996] bridge0: port 1(ipvlan2) entered disabled state [ 365.660520][ T2996] ipvlan2: entered allmulticast mode [ 365.665984][ T2996] bridge0: entered allmulticast mode [ 365.672067][ T2996] ipvlan2: left allmulticast mode [ 365.677179][ T2996] bridge0: left allmulticast mode [ 365.759254][ T3002] netlink: 'syz.6.13916': attribute type 2 has an invalid length. [ 365.767244][ T3002] netlink: 'syz.6.13916': attribute type 4 has an invalid length. [ 365.775103][ T3002] netlink: 8 bytes leftover after parsing attributes in process `syz.6.13916'. [ 365.823813][T14511] tipc: Node number set to 2886997007 [ 366.503509][ T3055] syz.3.13936[3055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 366.503573][ T3055] syz.3.13936[3055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 366.543897][ T3055] syz.3.13936[3055] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 366.633699][ T3065] IPv6: NLM_F_CREATE should be specified when creating new route [ 366.656574][ T29] kauditd_printk_skb: 237 callbacks suppressed [ 366.656591][ T29] audit: type=1326 audit(2000000877.113:11936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.717412][ T29] audit: type=1326 audit(2000000877.113:11937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.741149][ T29] audit: type=1326 audit(2000000877.163:11938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.764798][ T29] audit: type=1326 audit(2000000877.163:11939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.788529][ T29] audit: type=1326 audit(2000000877.163:11940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.812300][ T29] audit: type=1326 audit(2000000877.163:11941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.835962][ T29] audit: type=1326 audit(2000000877.163:11942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.859836][ T29] audit: type=1326 audit(2000000877.163:11943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.883440][ T29] audit: type=1326 audit(2000000877.173:11944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.907081][ T29] audit: type=1326 audit(2000000877.173:11945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3069 comm="syz.4.13941" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 366.944921][ T3080] netlink: 64 bytes leftover after parsing attributes in process `syz.5.13948'. [ 367.016893][ T3090] new mount options do not match the existing superblock, will be ignored [ 367.182711][ T3113] loop4: detected capacity change from 0 to 1024 [ 367.205634][ T3113] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.324940][ T3113] Invalid ELF header magic: != ELF [ 367.344717][ T3143] netlink: 296 bytes leftover after parsing attributes in process `syz.5.13975'. [ 367.353945][ T3143] unsupported nlmsg_type 40 [ 367.369949][ T3140] SELinux: Context system_u:object_r:fonts_t:s0 is not valid (left unmapped). [ 367.383211][ T3149] netlink: 'syz.0.13976': attribute type 153 has an invalid length. [ 367.385250][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.440302][ T3153] openvswitch: netlink: Message has 12 unknown bytes. [ 367.575639][ T3181] loop6: detected capacity change from 0 to 1024 [ 367.588689][ T3187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13994'. [ 367.608210][ T3181] EXT4-fs: Ignoring removed nobh option [ 367.626030][ T3181] EXT4-fs: Ignoring removed orlov option [ 367.634469][ T3181] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled [ 367.643696][ T3187] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13994'. [ 367.726850][ T3181] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 367.746226][ T3181] EXT4-fs error (device loop6): ext4_find_dest_de:2079: inode #12: block 7: comm syz.6.13991: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0 [ 367.783958][ T3181] EXT4-fs (loop6): Remounting filesystem read-only [ 367.867832][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 367.887418][ T3221] netlink: 96 bytes leftover after parsing attributes in process `syz.4.14009'. [ 368.025213][ T3233] loop4: detected capacity change from 0 to 256 [ 368.049536][ T3241] loop0: detected capacity change from 0 to 256 [ 368.056976][ T3241] FAT-fs (loop0): bogus number of FAT sectors [ 368.063088][ T3241] FAT-fs (loop0): Can't find a valid FAT filesystem [ 368.102694][ T3249] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14022'. [ 368.112821][ T3248] syz.6.14021[3248] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 368.117018][ T3233] FAT-fs (loop4): Directory bread(block 64) failed [ 368.123547][ T3249] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14022'. [ 368.133822][ T3233] FAT-fs (loop4): Directory bread(block 65) failed [ 368.189222][ T3233] FAT-fs (loop4): Directory bread(block 66) failed [ 368.204733][ T3233] FAT-fs (loop4): Directory bread(block 67) failed [ 368.217689][ T3233] FAT-fs (loop4): Directory bread(block 68) failed [ 368.228535][ T3233] FAT-fs (loop4): Directory bread(block 69) failed [ 368.235741][ T3233] FAT-fs (loop4): Directory bread(block 70) failed [ 368.242394][ T3233] FAT-fs (loop4): Directory bread(block 71) failed [ 368.249072][ T3233] FAT-fs (loop4): Directory bread(block 72) failed [ 368.264285][ T3233] FAT-fs (loop4): Directory bread(block 73) failed [ 368.315350][ T3233] syz.4.14014: attempt to access beyond end of device [ 368.315350][ T3233] loop4: rw=524288, sector=1736, nr_sectors = 32 limit=256 [ 368.329406][ T3233] syz.4.14014: attempt to access beyond end of device [ 368.329406][ T3233] loop4: rw=0, sector=1736, nr_sectors = 8 limit=256 [ 368.384228][ T3282] loop4: detected capacity change from 0 to 128 [ 368.391143][ T3282] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 368.404177][ T3282] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 368.432755][T22224] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 368.644668][ T3326] netlink: 'syz.0.14052': attribute type 21 has an invalid length. [ 368.661254][ T3326] netlink: 132 bytes leftover after parsing attributes in process `syz.0.14052'. [ 368.802363][ T3358] IPVS: stopping master sync thread 3360 ... [ 368.807287][ T3360] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 65540, id = 0 [ 368.825146][ T3365] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14067'. [ 369.028881][ T3405] loop6: detected capacity change from 0 to 1024 [ 369.036309][ T3405] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock [ 369.046205][ T3405] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869) [ 369.055980][ T3405] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled [ 369.066860][ T3405] EXT4-fs error (device loop6): ext4_get_journal_inode:5809: inode #5: comm syz.6.14082: unexpected bad inode w/o EXT4_IGET_BAD [ 369.080386][ T3405] EXT4-fs (loop6): no journal found [ 369.085813][ T3405] EXT4-fs (loop6): can't get journal size [ 369.092307][ T3405] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 369.115997][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 369.136247][ T3409] pim6reg: entered allmulticast mode [ 369.142210][ T3409] pim6reg: left allmulticast mode [ 369.276995][ T3418] loop6: detected capacity change from 0 to 8192 [ 369.315162][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.322692][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.330315][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.337961][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.345481][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.352851][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.360321][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.367752][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.375215][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.382610][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.390181][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.397691][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.405249][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.412682][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.420307][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.427746][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.435177][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.442688][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.450153][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.457588][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.465184][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.472614][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.480017][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.487458][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.494910][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.502462][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.509962][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.517397][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.524821][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.532194][ T8] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 369.539956][ T8] hid-generic 0000:0000:0000.000C: hidraw0: HID vffffff.fd Device [syz0] on syz1 [ 369.591510][ T3437] netlink: 52 bytes leftover after parsing attributes in process `syz.4.14096'. [ 369.832426][ T3471] loop4: detected capacity change from 0 to 1024 [ 369.856420][ T3471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 369.873269][ T3471] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2793: inode #12: comm syz.4.14111: corrupted in-inode xattr: bad magic number in in-inode xattr [ 369.902603][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.125763][ T3501] lo speed is unknown, defaulting to 1000 [ 370.315442][ T3522] loop6: detected capacity change from 0 to 512 [ 370.322448][ T3522] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 370.331239][ T3522] EXT4-fs (loop6): invalid journal inode [ 370.337822][ T3522] EXT4-fs (loop6): can't get journal size [ 370.354998][ T3522] EXT4-fs (loop6): 1 truncate cleaned up [ 370.361243][ T3522] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.388813][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 370.408773][ T3525] netlink: 20 bytes leftover after parsing attributes in process `syz.6.14134'. [ 370.664072][ T3551] SET target dimension over the limit! [ 370.735335][ T3553] loop6: detected capacity change from 0 to 256 [ 370.741987][ T3553] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 370.965935][ T3584] loop6: detected capacity change from 0 to 1024 [ 370.975611][ T3584] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 370.985304][ T3582] lo speed is unknown, defaulting to 1000 [ 370.991666][ T3584] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters [ 371.023092][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 371.530283][ T3647] openvswitch: netlink: Message has 12 unknown bytes. [ 371.557541][ T3652] loop6: detected capacity change from 0 to 256 [ 371.564524][ T3652] FAT-fs (loop6): bogus number of FAT sectors [ 371.570659][ T3652] FAT-fs (loop6): Can't find a valid FAT filesystem [ 371.577358][ T3654] loop4: detected capacity change from 0 to 1024 [ 371.577680][ T3654] EXT4-fs: Ignoring removed orlov option [ 371.589431][ T3654] EXT4-fs: Ignoring removed nomblk_io_submit option [ 371.615432][ T3654] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 371.646170][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 372.137678][ T3722] loop4: detected capacity change from 0 to 512 [ 372.158456][ T3722] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.14220: corrupted in-inode xattr: invalid ea_ino [ 372.184750][ T3722] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.14220: couldn't read orphan inode 15 (err -117) [ 372.219206][ T3722] EXT4-fs (loop4): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 372.306100][T21672] EXT4-fs (loop4): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 372.341451][ T3731] bpf_get_probe_write_proto: 11 callbacks suppressed [ 372.341468][ T3731] syz.4.14224[3731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 372.348258][ T29] kauditd_printk_skb: 211 callbacks suppressed [ 372.348272][ T29] audit: type=1326 audit(2000000882.793:12157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.389646][ T29] audit: type=1326 audit(2000000882.793:12158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.413320][ T29] audit: type=1326 audit(2000000882.793:12159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.413962][ T3731] syz.4.14224[3731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 372.439355][ T3731] syz.4.14224[3731] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 372.462215][ T29] audit: type=1326 audit(2000000882.913:12160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.497345][ T29] audit: type=1326 audit(2000000882.913:12161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.542166][ T29] audit: type=1326 audit(2000000882.993:12162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.583073][ T29] audit: type=1326 audit(2000000882.993:12163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.606627][ T29] audit: type=1326 audit(2000000882.993:12164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.630253][ T29] audit: type=1326 audit(2000000882.993:12165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 372.653870][ T29] audit: type=1326 audit(2000000882.993:12166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3730 comm="syz.4.14224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 373.105398][ T3776] bond2: entered promiscuous mode [ 373.110668][ T3776] bond2: entered allmulticast mode [ 373.116121][ T3776] 8021q: adding VLAN 0 to HW filter on device bond2 [ 373.146945][ T3776] bond2 (unregistering): Released all slaves [ 373.209447][ T3781] __nla_validate_parse: 2 callbacks suppressed [ 373.209463][ T3781] netlink: 256 bytes leftover after parsing attributes in process `syz.4.14247'. [ 373.361734][ T3792] loop4: detected capacity change from 0 to 512 [ 373.382650][ T3792] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 373.432045][ T3792] EXT4-fs (loop4): orphan cleanup on readonly fs [ 373.451212][ T3792] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.14251: bg 0: block 248: padding at end of block bitmap is not set [ 373.475386][ T3792] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.14251: Failed to acquire dquot type 1 [ 373.503673][ T3792] EXT4-fs (loop4): 1 truncate cleaned up [ 373.513340][ T3792] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback. [ 373.536374][ T3806] loop6: detected capacity change from 0 to 2048 [ 373.573158][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 373.595842][ T3806] loop6: p1 < > p4 [ 373.607245][ T3806] loop6: p4 size 8388608 extends beyond EOD, truncated [ 373.818541][ T3843] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=3843 comm=syz.3.14274 [ 374.472948][ T3910] batadv_slave_1: entered promiscuous mode [ 374.479934][ T3909] batadv_slave_1: left promiscuous mode [ 374.694881][ T3917] bond2: entered promiscuous mode [ 374.699934][ T3917] bond2: entered allmulticast mode [ 374.705288][ T3917] 8021q: adding VLAN 0 to HW filter on device bond2 [ 374.714810][ T3917] bond2 (unregistering): Released all slaves [ 374.889386][ T3940] wireguard1: entered promiscuous mode [ 374.894989][ T3940] wireguard1: entered allmulticast mode [ 375.049439][ T3966] netlink: 16 bytes leftover after parsing attributes in process `syz.0.14327'. [ 375.213554][ T3981] loop6: detected capacity change from 0 to 512 [ 375.224282][ T3970] netlink: 'syz.0.14329': attribute type 1 has an invalid length. [ 375.224489][ T3980] 9pnet_fd: Insufficient options for proto=fd [ 375.239391][ T3981] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2240: inode #15: comm syz.6.14333: corrupted in-inode xattr: invalid ea_ino [ 375.256119][ T3981] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.14333: couldn't read orphan inode 15 (err -117) [ 375.268774][ T3981] EXT4-fs (loop6): mounted filesystem 00000007-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.296731][ T1326] EXT4-fs (loop6): unmounting filesystem 00000007-0000-0000-0000-000000000000. [ 375.423617][ T3996] loop6: detected capacity change from 0 to 512 [ 375.431683][ T3996] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode [ 375.468149][ T3996] EXT4-fs (loop6): 1 truncate cleaned up [ 375.478066][ T3996] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 375.493887][ T3996] EXT4-fs (loop6): shut down requested (1) [ 375.500557][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=12 [ 375.509529][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=12 [ 375.518560][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 375.527597][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=13 [ 375.536651][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=12 [ 375.545575][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=15 [ 375.554519][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=12 [ 375.565194][ T3996] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop6 ino=13 [ 375.581786][ T4010] loop0: detected capacity change from 0 to 256 [ 375.588557][ T4010] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ' [ 375.595765][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 375.698148][ T4023] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.14348'. [ 375.709910][ T4017] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.14348'. [ 375.746921][ T4028] loop0: detected capacity change from 0 to 512 [ 375.759598][ T4028] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem [ 375.768698][ T4028] EXT4-fs (loop0): invalid journal inode [ 375.769756][ T4027] lo speed is unknown, defaulting to 1000 [ 375.774463][ T4028] EXT4-fs (loop0): can't get journal size [ 375.787484][ T4028] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c119, mo2=0002] [ 375.795803][ T4028] System zones: 1-12, 13-13 [ 375.800874][ T4028] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.14352: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 375.819151][ T4028] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.14352: couldn't read orphan inode 15 (err -117) [ 375.831768][ T4028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 375.857485][ T8314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.001944][ T4052] loop0: detected capacity change from 0 to 512 [ 376.009561][ T4052] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 376.032851][ T4052] EXT4-fs (loop0): 1 truncate cleaned up [ 376.040865][ T4052] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 376.041166][ T4057] syz.4.14366[4057] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.055624][ T4057] syz.4.14366[4057] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.067447][ T4057] syz.4.14366[4057] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.073923][ T4052] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.14363: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=17, rec_len=3657, size=1024 fake=0 [ 376.147030][ T8314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.208279][ T4069] lo speed is unknown, defaulting to 1000 [ 376.283578][ T4082] syz.6.14376[4082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.283687][ T4082] syz.6.14376[4082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.295776][ T4082] syz.6.14376[4082] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 376.305244][ T4084] loop4: detected capacity change from 0 to 256 [ 376.326095][ T4084] vfat: Unknown parameter 'ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ' [ 376.375776][ T4089] Cannot find set identified by id 0 to match [ 376.455405][ T4097] rdma_op ffff8881424f1180 conn xmit_rdma 0000000000000000 [ 376.516139][ T4107] loop4: detected capacity change from 0 to 164 [ 376.724268][ T4126] netlink: 24 bytes leftover after parsing attributes in process `syz.4.14394'. [ 376.768779][ T4129] loop4: detected capacity change from 0 to 512 [ 376.777367][ T4132] can0: slcan on ptm0. [ 376.782158][ T4129] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode [ 376.794320][ T4129] EXT4-fs (loop4): 1 truncate cleaned up [ 376.800410][ T4129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 376.818008][ T4129] EXT4-fs (loop4): shut down requested (1) [ 376.824624][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 376.833541][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 376.842475][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 376.852063][ T4130] can0 (unregistered): slcan off ptm0. [ 376.858964][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=13 [ 376.868047][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 376.876948][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=15 [ 376.885842][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=12 [ 376.902443][ T4129] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop4 ino=13 [ 376.941110][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 376.951044][ T4140] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14398'. [ 376.960142][ T4140] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14398'. [ 376.964451][ T4142] netlink: 8 bytes leftover after parsing attributes in process `syz.6.14401'. [ 376.984830][ T4142] netlink: 16 bytes leftover after parsing attributes in process `syz.6.14401'. [ 377.042528][ T4153] serio: Serial port ptm0 [ 377.075284][ T4161] xt_hashlimit: max too large, truncated to 1048576 [ 377.082759][ T4161] Cannot find set identified by id 0 to match [ 377.220701][ T4174] loop6: detected capacity change from 0 to 164 [ 377.236881][ T4174] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 377.386259][ T4194] SELinux: security_context_str_to_sid (u) failed with errno=-22 [ 377.405929][ T29] kauditd_printk_skb: 157 callbacks suppressed [ 377.405948][ T29] audit: type=1326 audit(2000000887.863:12322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.451587][ T29] audit: type=1326 audit(2000000887.863:12323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.475272][ T29] audit: type=1326 audit(2000000887.903:12324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.489893][ T4192] lo speed is unknown, defaulting to 1000 [ 377.498921][ T29] audit: type=1326 audit(2000000887.903:12325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.529064][ T29] audit: type=1326 audit(2000000887.903:12326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.553539][ T29] audit: type=1326 audit(2000000887.903:12327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4195 comm="syz.6.14428" exe="/root/syz-executor" sig=0 arch=c000003e syscall=162 compat=0 ip=0x7f2410105d29 code=0x7ffc0000 [ 377.589351][ T29] audit: type=1326 audit(2000000887.933:12328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4198 comm="syz.4.14429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 377.613102][ T29] audit: type=1326 audit(2000000887.933:12329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4198 comm="syz.4.14429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 377.636747][ T29] audit: type=1326 audit(2000000887.933:12330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4198 comm="syz.4.14429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 377.660486][ T29] audit: type=1326 audit(2000000887.933:12331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4198 comm="syz.4.14429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3327695d29 code=0x7ffc0000 [ 377.798099][ T4210] netem: change failed [ 377.806105][ T4202] lo speed is unknown, defaulting to 1000 [ 377.883584][ T4221] syz.3.14439[4221] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 377.883682][ T4221] syz.3.14439[4221] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 377.898723][ T4221] syz.3.14439[4221] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.025475][ T4238] loop0: detected capacity change from 0 to 512 [ 378.043466][ T4240] syz.4.14448[4240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.043550][ T4240] syz.4.14448[4240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.049603][ T4238] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode [ 378.055666][ T4240] syz.4.14448[4240] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 378.077351][ T4246] netlink: 100 bytes leftover after parsing attributes in process `syz.4.14448'. [ 378.090784][ T4238] EXT4-fs (loop0): 1 truncate cleaned up [ 378.105501][ T4238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 378.129673][ T4238] EXT4-fs (loop0): shut down requested (1) [ 378.136259][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 378.145132][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 378.154054][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 378.165905][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=13 [ 378.176530][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 378.186255][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=15 [ 378.203576][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=12 [ 378.212702][ T4238] SELinux: inode_doinit_use_xattr: getxattr returned 5 for dev=loop0 ino=13 [ 378.248974][ T8314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 378.301854][ T4263] netlink: 172 bytes leftover after parsing attributes in process `syz.4.14456'. [ 378.418777][ T4279] atomic_op ffff88817cd6a528 conn xmit_atomic 0000000000000000 [ 378.483369][ T4292] netlink: 'syz.3.14469': attribute type 13 has an invalid length. [ 378.639913][ T4315] bond4: entered promiscuous mode [ 378.645065][ T4315] bond4: entered allmulticast mode [ 378.646409][ T4283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.650389][ T4315] 8021q: adding VLAN 0 to HW filter on device bond4 [ 378.659279][ T4283] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.674383][ T4315] bond4 (unregistering): Released all slaves [ 378.749911][ T4321] atomic_op ffff888139e8f928 conn xmit_atomic 0000000000000000 [ 379.215805][ T4275] 9pnet_fd: p9_fd_create_tcp (4275): problem connecting socket to 127.0.0.1 [ 379.296432][ T4344] netlink: 452 bytes leftover after parsing attributes in process `syz.3.14493'. [ 379.311297][ T4346] macvlan3: entered promiscuous mode [ 379.316818][ T4346] bridge0: entered promiscuous mode [ 379.327752][ T4346] bridge0: port 3(macvlan3) entered blocking state [ 379.334462][ T4346] bridge0: port 3(macvlan3) entered disabled state [ 379.341482][ T4346] macvlan3: entered allmulticast mode [ 379.347046][ T4346] bridge0: entered allmulticast mode [ 379.353701][ T4346] macvlan3: left allmulticast mode [ 379.358565][ T4350] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14495'. [ 379.359035][ T4346] bridge0: left allmulticast mode [ 379.367872][ T4350] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14495'. [ 379.370058][ T4350] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14495'. [ 379.391289][ T4346] bridge0: left promiscuous mode [ 379.492176][ T4369] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.14498'. [ 379.503163][ T4356] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.14498'. [ 379.690943][ T4388] loop6: detected capacity change from 0 to 1024 [ 379.704900][ T4388] EXT4-fs: Ignoring removed nobh option [ 379.710764][ T4388] EXT4-fs: Ignoring removed bh option [ 379.717120][ T4393] netlink: 24 bytes leftover after parsing attributes in process `syz.3.14515'. [ 379.776256][ T4388] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4115: comm syz.6.14512: Allocating blocks 497-513 which overlap fs metadata [ 379.794757][ T4388] EXT4-fs (loop6): pa ffff88810570aee0: logic 256, phys. 385, len 8 [ 379.802844][ T4388] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5366: group 0, free 0, pa_free 1 [ 379.987754][ T4425] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14529'. [ 379.997954][ T4423] syz.6.14528[4423] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 379.998013][ T4423] syz.6.14528[4423] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 380.012326][ T4425] ip6gretap1: entered allmulticast mode [ 380.029493][ T4423] syz.6.14528[4423] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 380.087367][ T4429] loop6: detected capacity change from 0 to 512 [ 380.144008][ T4429] EXT4-fs error (device loop6): ext4_orphan_get:1389: inode #17: comm syz.6.14531: iget: bogus i_mode (0) [ 380.175881][ T4429] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.14531: couldn't read orphan inode 17 (err -117) [ 380.185843][ T4433] loop4: detected capacity change from 0 to 512 [ 380.212980][ T4433] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 380.221912][ T4433] EXT4-fs (loop4): invalid journal inode [ 380.228237][ T4433] EXT4-fs (loop4): can't get journal size [ 380.246936][ T4433] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a056c119, mo2=0002] [ 380.259630][ T4445] Unknown options in mask 5 [ 380.290470][ T4433] System zones: 1-12, 13-13 [ 380.312126][ T4433] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.14532: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled [ 380.331541][ T4449] binfmt_misc: register: failed to install interpreter file ./file0 [ 380.368134][ T4433] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.14532: couldn't read orphan inode 15 (err -117) [ 380.676909][ T4470] bridge0: port 3(vlan2) entered blocking state [ 380.683236][ T4470] bridge0: port 3(vlan2) entered disabled state [ 380.693919][ T4470] vlan2: entered allmulticast mode [ 380.734589][ T4470] vlan2: left allmulticast mode [ 380.896223][ T4481] netlink: 'syz.4.14554': attribute type 10 has an invalid length. [ 380.911472][ T4481] team0: Device hsr_slave_0 failed to register rx_handler [ 381.065312][ T4509] dvmrp0: entered allmulticast mode [ 381.080863][ T4509] dvmrp0: left allmulticast mode [ 381.205315][ T4528] Cannot find del_set index 0 as target [ 381.253368][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.261002][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.268445][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.275932][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.283353][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.290794][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.298248][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.305655][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.313053][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.320482][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.328103][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.335567][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.343018][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.350528][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.357960][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.365372][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.372786][T14511] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 381.381023][T14511] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz0] on syz0 [ 381.453267][ T4541] Invalid ELF header magic: != ELF [ 381.499577][ T4549] 9p: Unknown access argument : -22 [ 381.609166][ T4565] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.14599'. [ 381.679541][ T4577] IPVS: Error connecting to the multicast addr [ 381.756574][ T4582] lo speed is unknown, defaulting to 1000 [ 381.846671][ T4599] loop6: detected capacity change from 0 to 2048 [ 381.853555][ T4599] EXT4-fs: Ignoring removed bh option [ 382.147461][ T4625] 9pnet_fd: Insufficient options for proto=fd [ 382.221374][ T4632] loop0: detected capacity change from 0 to 512 [ 382.228893][ T4632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 382.245536][ T4632] ext4 filesystem being mounted at /2307/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 382.262023][ T4632] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 382.276958][ T4632] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 17 with error 28 [ 382.289489][ T4632] EXT4-fs (loop0): This should not happen!! Data will be lost [ 382.289489][ T4632] [ 382.299171][ T4632] EXT4-fs (loop0): Total free blocks count 0 [ 382.305260][ T4632] EXT4-fs (loop0): Free/Dirty block details [ 382.311191][ T4632] EXT4-fs (loop0): free_blocks=39626 [ 382.316565][ T4632] EXT4-fs (loop0): dirty_blocks=17 [ 382.321685][ T4632] EXT4-fs (loop0): Block reservation details [ 382.327673][ T4632] EXT4-fs (loop0): i_reserved_data_blocks=31 [ 382.334316][ T4641] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 28 [ 382.336089][ T4640] binfmt_misc: register: failed to install interpreter file ./file0 [ 382.346589][ T4641] EXT4-fs (loop0): This should not happen!! Data will be lost [ 382.346589][ T4641] [ 382.352445][ T50] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 382.379781][ T50] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2048 with error 28 [ 382.392370][ T50] EXT4-fs (loop6): This should not happen!! Data will be lost [ 382.392370][ T50] [ 382.402113][ T50] EXT4-fs (loop6): Total free blocks count 0 [ 382.408128][ T50] EXT4-fs (loop6): Free/Dirty block details [ 382.414052][ T50] EXT4-fs (loop6): free_blocks=2415919104 [ 382.419808][ T50] EXT4-fs (loop6): dirty_blocks=8208 [ 382.425138][ T50] EXT4-fs (loop6): Block reservation details [ 382.431204][ T50] EXT4-fs (loop6): i_reserved_data_blocks=513 [ 382.451015][T14209] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 2048 with error 28 [ 382.461649][ T29] kauditd_printk_skb: 287 callbacks suppressed [ 382.461669][ T29] audit: type=1326 audit(2000000892.903:12619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.463819][T14209] EXT4-fs (loop6): This should not happen!! Data will be lost [ 382.463819][T14209] [ 382.469960][ T29] audit: type=1326 audit(2000000892.903:12620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.527206][ T29] audit: type=1326 audit(2000000892.903:12621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.550967][ T29] audit: type=1326 audit(2000000892.903:12622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.551141][ T4647] netlink: 'syz.4.14630': attribute type 13 has an invalid length. [ 382.574590][ T29] audit: type=1326 audit(2000000892.903:12623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.606121][ T29] audit: type=1326 audit(2000000892.903:12624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.629725][ T29] audit: type=1326 audit(2000000892.903:12625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.632761][ T4647] gretap0: refused to change device tx_queue_len [ 382.653415][ T29] audit: type=1326 audit(2000000892.903:12626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.653449][ T29] audit: type=1326 audit(2000000892.903:12627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.659798][ T4647] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check. [ 382.683452][ T29] audit: type=1326 audit(2000000892.903:12628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4645 comm="syz.0.14628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba27715d29 code=0x7ffc0000 [ 382.921629][ T4681] loop6: detected capacity change from 0 to 512 [ 382.937628][ T4681] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 382.970133][ T4681] ext4 filesystem being mounted at /316/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 383.284269][ T4748] IPVS: Error connecting to the multicast addr [ 383.331225][ T4754] ip6t_REJECT: TCP_RESET illegal for non-tcp [ 383.421821][ T4758] 9pnet: Could not find request transport: 0xffffffffffffffff [ 383.509938][ T4765] netlink: 'syz.5.14682': attribute type 1 has an invalid length. [ 383.616120][ T4778] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 383.799057][ T4797] loop4: detected capacity change from 0 to 512 [ 383.808539][ T4797] EXT4-fs: Ignoring removed oldalloc option [ 383.814323][ T4795] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 20000 - 0 [ 383.822822][ T4795] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 20000 - 0 [ 383.831234][ T4795] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 20000 - 0 [ 383.839524][ T4795] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 20000 - 0 [ 383.849246][ T4795] geneve2: entered promiscuous mode [ 383.854577][ T4795] geneve2: entered allmulticast mode [ 383.871686][ T4797] EXT4-fs error (device loop4): ext4_xattr_inode_iget:436: comm syz.4.14693: Parent and EA inode have the same ino 15 [ 383.891261][ T4797] EXT4-fs (loop4): Remounting filesystem read-only [ 383.899517][ T4797] EXT4-fs (loop4): 1 orphan inode deleted [ 383.915320][ T4797] EXT4-fs mount: 12 callbacks suppressed [ 383.915407][ T4797] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 383.942776][ T4797] SELinux: (dev loop4, type ext4) getxattr errno 5 [ 383.956503][ T4797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.050520][ T4810] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=4810 comm=syz.4.14699 [ 384.063306][ T4810] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=4810 comm=syz.4.14699 [ 384.162425][ T4820] loop6: detected capacity change from 0 to 512 [ 384.176410][ T4820] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 384.201382][ T4820] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 384.242791][ T4822] loop4: detected capacity change from 0 to 8192 [ 384.256832][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 384.295884][ T4827] __nla_validate_parse: 7 callbacks suppressed [ 384.295903][ T4827] netlink: 48 bytes leftover after parsing attributes in process `syz.6.14707'. [ 384.327679][ T4829] netlink: 'syz.4.14708': attribute type 4 has an invalid length. [ 384.704127][T22163] tipc: Subscription rejected, illegal request [ 384.893292][ T4864] lo speed is unknown, defaulting to 1000 [ 385.119418][ T4877] ref_ctr_offset mismatch. inode: 0x34f6 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x2000000 [ 385.156918][ T4881] syz.4.14732[4881] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.157055][ T4881] syz.4.14732[4881] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.169392][ T4881] syz.4.14732[4881] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 385.200600][ T4883] loop6: detected capacity change from 0 to 512 [ 385.228522][ T4883] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 385.268677][ T4893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14737'. [ 385.279864][ T4893] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14737'. [ 385.312860][ T4897] loop4: detected capacity change from 0 to 512 [ 385.320009][ T4883] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.333469][ T4883] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.352449][ T4883] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 385.368576][ T4883] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 17 with error 28 [ 385.381053][ T4883] EXT4-fs (loop6): This should not happen!! Data will be lost [ 385.381053][ T4883] [ 385.390786][ T4883] EXT4-fs (loop6): Total free blocks count 0 [ 385.396898][ T4883] EXT4-fs (loop6): Free/Dirty block details [ 385.402849][ T4883] EXT4-fs (loop6): free_blocks=39626 [ 385.408203][ T4883] EXT4-fs (loop6): dirty_blocks=17 [ 385.413424][ T4883] EXT4-fs (loop6): Block reservation details [ 385.419467][ T4883] EXT4-fs (loop6): i_reserved_data_blocks=17 [ 385.428028][ T4897] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.446316][ T4897] ext4 filesystem being mounted at /1306/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.470500][ T4883] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 28 [ 385.550250][T21672] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 385.703302][ T4946] loop4: detected capacity change from 0 to 512 [ 385.721033][ T4946] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 385.734884][ T4951] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.743132][ T4951] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.751381][ T4951] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.759721][ T4951] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 385.768334][ T4951] geneve2: entered promiscuous mode [ 385.773588][ T4951] geneve2: entered allmulticast mode [ 385.780200][ T4951] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.788742][ T4951] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.797134][ T4951] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.804433][ T4946] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 385.805522][ T4951] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 385.818615][ T4946] ext4 filesystem being mounted at /1310/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 385.854504][ T4946] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 385.869296][ T4946] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 15 with max blocks 17 with error 28 [ 385.871062][ T4963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14766'. [ 385.881705][ T4946] EXT4-fs (loop4): This should not happen!! Data will be lost [ 385.881705][ T4946] [ 385.881734][ T4946] EXT4-fs (loop4): Total free blocks count 0 [ 385.906469][ T4946] EXT4-fs (loop4): Free/Dirty block details [ 385.912376][ T4946] EXT4-fs (loop4): free_blocks=39626 [ 385.917736][ T4946] EXT4-fs (loop4): dirty_blocks=17 [ 385.922912][ T4946] EXT4-fs (loop4): Block reservation details [ 385.926006][ T4963] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14766'. [ 385.929012][ T4946] EXT4-fs (loop4): i_reserved_data_blocks=17 [ 385.932230][ T4966] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 15 with error 28 [ 386.036189][ T4981] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14774'. [ 386.047464][ T4977] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 386.242777][ T5015] loop4: detected capacity change from 0 to 1024 [ 386.250165][ T5015] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 386.261298][ T5015] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 386.274099][ T5015] JBD2: no valid journal superblock found [ 386.279845][ T5015] EXT4-fs (loop4): Could not load journal inode [ 386.645333][ T5066] loop6: detected capacity change from 0 to 512 [ 386.698750][ T5066] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 386.711524][ T5066] ext4 filesystem being mounted at /334/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 386.763357][ T1326] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 386.779473][ T5084] syz!: rxe_newlink: already configured on team_slave_0 [ 386.812087][ T5088] netlink: 8 bytes leftover after parsing attributes in process `syz.4.14822'. [ 386.840655][ T1326] ================================================================== [ 386.848779][ T1326] BUG: KCSAN: data-race in __lru_add_drain_all / folios_put_refs [ 386.856548][ T1326] [ 386.858878][ T1326] write to 0xffff888237c2ab68 of 1 bytes by task 5082 on cpu 0: [ 386.866549][ T1326] folios_put_refs+0x26d/0x2b0 [ 386.871364][ T1326] folio_batch_move_lru+0x202/0x230 [ 386.876597][ T1326] folio_add_lru+0x145/0x1f0 [ 386.881210][ T1326] shmem_get_folio_gfp+0x7d6/0xd90 [ 386.886344][ T1326] shmem_write_begin+0xa2/0x180 [ 386.891226][ T1326] generic_perform_write+0x1a8/0x4a0 [ 386.896542][ T1326] shmem_file_write_iter+0xc2/0xe0 [ 386.901682][ T1326] vfs_write+0x77f/0x920 [ 386.905955][ T1326] ksys_write+0xe8/0x1b0 [ 386.910229][ T1326] __x64_sys_write+0x42/0x50 [ 386.914846][ T1326] x64_sys_call+0x287e/0x2dc0 [ 386.919543][ T1326] do_syscall_64+0xc9/0x1c0 [ 386.924085][ T1326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.929999][ T1326] [ 386.932320][ T1326] read to 0xffff888237c2ab68 of 1 bytes by task 1326 on cpu 1: [ 386.939859][ T1326] __lru_add_drain_all+0x136/0x3f0 [ 386.945157][ T1326] lru_add_drain_all+0x10/0x20 [ 386.949929][ T1326] invalidate_bdev+0x47/0x70 [ 386.954548][ T1326] ext4_put_super+0x571/0x840 [ 386.959242][ T1326] generic_shutdown_super+0xe5/0x220 [ 386.964532][ T1326] kill_block_super+0x2a/0x70 [ 386.969219][ T1326] ext4_kill_sb+0x44/0x80 [ 386.973560][ T1326] deactivate_locked_super+0x7d/0x1c0 [ 386.978937][ T1326] deactivate_super+0x9f/0xb0 [ 386.983617][ T1326] cleanup_mnt+0x268/0x2e0 [ 386.988047][ T1326] __cleanup_mnt+0x19/0x20 [ 386.992471][ T1326] task_work_run+0x13a/0x1a0 [ 386.997071][ T1326] syscall_exit_to_user_mode+0xa8/0x120 [ 387.002641][ T1326] do_syscall_64+0xd6/0x1c0 [ 387.007151][ T1326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.013052][ T1326] [ 387.015369][ T1326] value changed: 0x1f -> 0x05 [ 387.020042][ T1326] [ 387.022364][ T1326] Reported by Kernel Concurrency Sanitizer on: [ 387.028511][ T1326] CPU: 1 UID: 0 PID: 1326 Comm: syz-executor Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 [ 387.039357][ T1326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 387.049412][ T1326] ==================================================================