last executing test programs: 2m8.83305243s ago: executing program 3 (id=111): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r2, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000}) close_range(r4, 0xffffffffffffffff, 0x0) 2m8.465113716s ago: executing program 3 (id=113): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140)) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet6_udp(0xa, 0x2, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 2m8.101231622s ago: executing program 3 (id=117): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="50000000090601020000000000005f00030000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0c00148008000140ac0814bb0c0002800800014064"], 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4) 2m8.028689224s ago: executing program 3 (id=128): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 2m7.686716229s ago: executing program 3 (id=123): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @rand_addr=0x64010102}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000280)={r2, 0x2}, 0x8) 2m6.910425243s ago: executing program 3 (id=130): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r0, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 2m6.711651636s ago: executing program 32 (id=130): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) readv(r0, 0x0, 0x0) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) 1m57.52916165s ago: executing program 2 (id=194): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r1, 0x0, 0x8000000000000}, 0x18) r2 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet6_buf(r2, 0x29, 0x39, 0x0, 0x0) 1m57.306391004s ago: executing program 2 (id=197): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0) ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, 0x0) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x800) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x0, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) 1m57.069000648s ago: executing program 2 (id=199): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000000)={0x0, &(0x7f0000000100)}) lremovexattr(0x0, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x0, 0x0, &(0x7f0000000080)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94) r0 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000240)=0x2) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) shutdown(r0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4000004}, 0x18) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0xb}]}) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0) 1m56.177009163s ago: executing program 2 (id=206): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD") mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) 1m55.859449388s ago: executing program 2 (id=212): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r1}, 0x18) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) write$tun(r2, &(0x7f00000002c0)=ANY=[], 0xfdef) 1m55.184671018s ago: executing program 2 (id=220): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x85}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) 1m53.999417087s ago: executing program 33 (id=220): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1, 0x85}, @exit], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94) 1m9.455124626s ago: executing program 0 (id=685): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 1m8.703728708s ago: executing program 0 (id=687): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10) process_madvise(0xffffffffffffffff, 0x0, 0x0, 0x14, 0x0) 1m8.54093447s ago: executing program 0 (id=689): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0xff58) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x12, 0x6, 0x4, 0xff, 0x0, 0x1}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 1m8.370781443s ago: executing program 0 (id=694): r0 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000780)={'vxcan1\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$PPPIOCSACTIVE(r2, 0x40107446, &(0x7f0000000180)={0x4, &(0x7f0000000100)=[{0x4, 0x2d, 0x5, 0x7}, {0x6, 0x6, 0x3, 0xf}, {0x9, 0x4, 0x6, 0x4}, {0x6, 0x6, 0x1, 0x6}]}) bind$can_j1939(r0, &(0x7f0000000300)={0x1d, r1, 0x3}, 0x18) sendmmsg$unix(r0, &(0x7f0000001080)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000240)="1a", 0x1}], 0x1, 0x0, 0x0, 0x4000010}}], 0x1, 0x80) 1m7.361249149s ago: executing program 0 (id=700): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x1, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/FH50/9GTqJCAqqp7ypiIPbdaAjNKKBUS4sITjmWY2dtrEzVpNwCwJvuuimf9cVRAhCdBEEYhddhRLeddGdd15kV0lEJ+Y0N5tapk7y/brYHvZ8P4fv+bPD9h1s+vjda9GwY4TNlFTXV0l1u+RktkqapVoW5OTI9ZH3+85duHg6EAx2nFXtDHT7/KradGC09+bwobHUjvMvm17XyXjzpekZ/9T47vE909+7r0YcjTgai6fU1L54PGX22Zb233eihuoZ2zIdSyMxx0qW9MN2PJHIqBnrb2xIJC3HUTOW0aiV0VRcU8mMmlfMSEwNw9DGBsHKhtOPAst3Q89nXVdmUu9cty4nruvmX6zfxOmhwubOv+sWnf87lZ4SNlHRTb1exB5Kh9KhwnOhHwhLRGyxpFW88k3y14j7eMSdu1Tyjzf8I8HJo2/fqGqzDNrZ+Xw2HfKU5n3idT2FTEGh7jwV7PBpQWn+P2kozvvFK7vK5/1l87VyuKUob4hXJi9LXGyZGD34Zapr6MFCftCneqIruCT/v/QvHqZnnyt0fgAAAAAAAAAAWAtDfyq7fm/kB9weUNXGJf1CvtzvA0vX51vLrs/XyN6ayu47AAAAAADbhZMZiJq2bSX/ssh/lV+P7fx7xZNbvz94f+fKY1raPBPtH3KJrbBff1B87dkS0ygtZH71abXBnnV+pywWn9ZlO1Xz81t+zMnejy9W3U7tL8dnOWMbf1cCAAAAsBEWP/S3STb8Kp3tOXav0nMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGC7WcNfjk08LNfSfLHzablWpfcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgJT8CAAD//wva0Pw=") r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000) renameat2(r2, &(0x7f0000000140)='./file1\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1) 1m6.486632093s ago: executing program 0 (id=703): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x6}, 0x18) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x3, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x560, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_virt_wifi\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x5}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x5c0) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'hsr0\x00', @multicast}) 51.430545453s ago: executing program 34 (id=703): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0x6}, 0x18) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) r1 = socket$inet6(0xa, 0x3, 0x1) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x560, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x490, 0xffffffff, 0xffffffff, 0x490, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xf0}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'vxcan1\x00', {0x8}}}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xfd}}, [], [0x0, 0xffffffff], 'pim6reg\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x3a0, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_virt_wifi\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x5}}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'bridge_slave_0\x00', {0x53}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x5c0) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'hsr0\x00', @multicast}) 19.984167963s ago: executing program 7 (id=1203): bpf$PROG_LOAD(0x5, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000004c0), &(0x7f00000006c0), 0x5, r0}, 0x38) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$kcm(0x10, 0x2, 0x10) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)="2e00000038000511d25a80698c63940d0124fc602f6e35400c000200001ec00037153e370a00018025581d00d1bd", 0x2e}], 0x1, 0x0, 0x0, 0x39c}, 0x0) 19.816407545s ago: executing program 7 (id=1207): r0 = socket$inet6(0xa, 0x3, 0x7) getsockopt(r0, 0xff, 0x7, 0x0, 0x0) 19.709753127s ago: executing program 7 (id=1208): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='mm_page_alloc\x00', r0}, 0x18) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x42073, 0xffffffffffffffff, 0x0) 19.4983311s ago: executing program 7 (id=1220): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001240)=@raw={'raw\x00', 0x3c1, 0x3, 0x3b8, 0x1b0, 0xc8, 0x8, 0x0, 0x5803, 0x310, 0x2e8, 0x2e8, 0x310, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x168, 0x188, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "cfcaf80c672f61cd17ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baebc989f1f34a214e67442c1fe4b124e0f7323a587d2a1fcfe36bbf12eca0a7b66c60c527bac2b5", 0x1, 0x2}}]}, @unspec=@TRACE={0x20}}, {{@ipv6={@remote, @mcast2, [], [], 'macvtap0\x00', 'syzkaller1\x00'}, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x418) 19.438021001s ago: executing program 7 (id=1211): r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000004c0)='sched_switch\x00', r0}, 0x18) r1 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddc, 0x10100, 0x1, 0x203}, &(0x7f0000000380)=0x0, &(0x7f00000003c0)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101}) io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCMIWAIT(r6, 0x545c, 0x0) syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5) 18.485183917s ago: executing program 7 (id=1223): syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842) ioctl$EVIOCGBITSND(r0, 0x40044591, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x800000, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 3.320243138s ago: executing program 35 (id=1223): syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g") r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842) ioctl$EVIOCGBITSND(r0, 0x40044591, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000340)='.\x00', &(0x7f0000000040), 0x800000, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}}) 2.054183308s ago: executing program 4 (id=1396): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000380)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93, 0xfc}, [{0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}, {0x0, 0xfffffffc}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0xfffffffd, 0x8000000}, {0x0, 0xffffffff, 0x0, 0x0, 0xfffffffd}, {0x2, 0x0, 0x400000, 0x0, 0x6}, {}, {}, {}, {0x0, 0x1000, 0x0, 0x8000000}, {}, {0xffff, 0x0, 0x0, 0x0, 0x20}, {0xfffffffd}, {0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffc}, {0x0, 0x2000}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x5, 0xff}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x6}, {0xffffffff}, {}, {}, {}, {0xffffffff, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x5}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x1, 0x3}, {0x80, 0xfffffffe}, {0x0, 0x0, 0x0, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x2}, {}, {0x0, 0x15, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5, 0x0, 0x40}, {}, {0x0, 0x0, 0x0, 0x3ff, 0x40000000}, {}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x400000}, {0x4, 0x0, 0x200}, {}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfb4}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x4, 0x9}, {0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2, 0xfffffffc}, {}, {}, {}, {0x800000, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffefffff}, {}, {0x0, 0x0, 0x6, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x2, 0x0, 0x20000000}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x0, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x2e9c}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffe, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000, 0x0, 0xfffffffc}, {0x0, 0x80000000, 0x0, 0x7dff804}], [{}, {}, {}, {}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x1}, {}, {}, {}, {}, {}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {0x2}, {0x5}, {}, {0x3}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {0x3}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}, {}, {}, {0x0, 0x1}, {0x2}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0) 1.92116763s ago: executing program 4 (id=1399): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x22000011, &(0x7f0000000000)={[{@commit}, {@noblock_validity}, {@user_xattr}]}, 0x86, 0x48e, &(0x7f0000000400)="$eJzs3EtvVFUcAPD/nXaKFUoLPnkoo0hsRFtaUFmYGI0mbExMdKHLWipBChioiRAiaAwujZ9AXZr4CVzpxqgrjVvdGxNi2IguzJj7KlM6rdPpTKcyv18y7Tn3dc7/nnt6H+dOA+hbtfRHErEtIn6JiNE8u3SBWv7rxvVLs39dvzSbRL3+yh9Jttyf1y/NlotuK35vLbY5XomofJjEniblnr9w8dTM/PzcuSI/uXD67cnzFy4+cfL0zIm5E3Nnpo8ePXJ46umnpp/sSJwjaV13v3d2765jr3/y0mw93vj+y7T+A8X8xjhyY+susxa1GI56vbJk6lD288C6t765jDSkk8EeVoQ1SY//tLmqWf8fjYG42Xij8eIHPa0c0FX1er2+Y9nU/KxYOZBk84HblT4O/ao846f3v+VnY69Aeuvac/kNUBr3jeKTzxmM9L49Gcvv2Ae6VP62iHjtyt+fpp9o+hwCAKCzvk6vfx5vdv1XiXsblttejA2NRcTBiNgZEXdFxN0RcU9Etux9EXH/Gsuv3ZLPy682TPlpuN3YWpFe/z1TjG0tvf5bHLUZGyhyI1n81eTNk/Nzh4p9Mh7VLWl+apUyvnnh54+zRJNIag3Xf+knLb+8Fizq8fvglqXrHJ9ZmFlv3KVr70fsHny2SfzJ4khAEhG7ImJ3G9tP99nJx77Ym6a3b10+/7/jX0UHxpnqn0c8mrf/lbgl/lKSl7TS+OTkHTE/d2iyPCqW++HHqy835huP7loWRpvxd0Da/nc2Pf6L+MtuUI7Xnl97GVd//WjFe5p2j/+h5NUsPVRMe3dmYeHcVMRQMWHJ9Omb65b5cvk0/vH9zfv/zoh/PivW2xMR6UH8QEQ8GBH7iro/FBEPR8T+VeL/7vlH3lp9D/W2/Y+v1v4RY0kRf+rc4sB964mBU99+tVL5rbX/kSw1Xkxp5e9fqxVsd78BAADA/0klG4NOKhOL6UplYiJ/h7987HKwFu+cOZ6PVY9FtVI+6RpteB46VTwbLvPTt+QPR8SO7E2j4Sw/MXt2fqTHsUO/27pC/0/91q2XXoDNY03jaEn36gFsPN/XhP7VvP939b0rYJNw/of+pf9D/2rW/y9H3OhBVYAN5vwP/av1/u+NALjdOP9D/9L/oS8t/0r8cPGvE9r5pv/NxM5j61p9rYnqBpbV4cRAl7Ycjf+0owuJqPR817WfqGyGauwrElsiotW1Lje0aXna7kYNq/M9/KMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQQf8GAAD//4F+194=") mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x40c42, 0x0) 1.548208416s ago: executing program 4 (id=1406): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20f42, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'rose0\x00', 0x6132}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfe3a) 1.165224472s ago: executing program 1 (id=1416): syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]}) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @rand_addr, 0x2}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000801}, 0x40810) r2 = add_key$user(&(0x7f0000000200), &(0x7f0000000580)={'syz', 0x3}, &(0x7f0000000400)="f4", 0x1, 0xfffffffffffffffe) r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f00000000c0)={r2, r3, r3}, &(0x7f0000000480)=""/234, 0xea, &(0x7f00000001c0)={&(0x7f0000000080)={'sha256-generic\x00'}}) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000000)=0x1, 0x4) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000) setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000100)=@ccm_128={{0x304}, "2697312e4e898ca7", "35e23ca3a988def7dfbd438c536346cd", "11398f4a", "50cc97386065eda9"}, 0x28) r4 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f0000000dc0)=0x0, &(0x7f00000001c0)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1}) io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0) 1.056869254s ago: executing program 4 (id=1408): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(0x0, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000) 967.019765ms ago: executing program 4 (id=1410): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=ANY=[@ANYBLOB="34000000180001000000000000000000020000fe"], 0x34}}, 0x0) 808.950478ms ago: executing program 4 (id=1411): setsockopt$IP_VS_SO_SET_DELDEST(0xffffffffffffffff, 0x0, 0x488, &(0x7f0000000100)={{0x16, @loopback, 0x4e21, 0x3, 'wlc\x00', 0x1, 0x6, 0x1e}, {@remote, 0x4e24, 0x4, 0xa06, 0x2, 0x40}}, 0x44) madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) keyctl$read(0xb, 0x0, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2) syz_clone(0x2001100, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15) ioctl$TCSETS(r4, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x2, "3eccd8000200000500"}) close_range(r3, 0xffffffffffffffff, 0x0) rseq(&(0x7f0000000040), 0x20, 0x1, 0x300) io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xb, 0x3d3}) r5 = io_uring_setup(0x4dc2, &(0x7f0000000400)={0x0, 0x0, 0x100}) io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000003c0)=[0xffffffffffffffff], 0x1) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r5, 0x18, &(0x7f0000000000), 0x1) 644.59885ms ago: executing program 5 (id=1414): syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1018000, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES16, @ANYRES64, @ANYRES32, @ANYRESDEC], 0x1, 0x2f2, &(0x7f0000000b00)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji3pNDU1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpO4CU0iJ8PwmZw9x7eu9tB3LuhGHrzuvH+aylZfWyBKNKAiIi2yKjEhRPwD0GnTgiu72Qi0PfPv5/6+69G6l0empWqenU3KWkUmpk7N2TZzG32/qgbI4+2Pqa/LL59+a/Wz/nHuUslbNUoVhWupovfi7r86ahFnNWXlNqxjR0y1C5gmWU6u3FenvWLC4tVZVeWByOL5UMy1J6oaryRlWVi6pcqqrQQz1XUJqmqeG44CCZldlZPdVh8kKXJ4NjUiql9JCIxNpaMit9mRAAAOir1vo/KKqb9f/quY3y0O21Ebf+X4/41f+XP9Vfq6n+j4qIb/3vje9b/+uHq//bK6Kz5Uj1P06GsUjbqUAjrDWWUnrc/fl1vLy/Ou4E1P8AAAAAAAAAAAAAAAAAAAAAAPwJtm07Ydt2wjt6X4MiEhUR73uf1JCIXO3DlNFFR/j8cQo0HtwLj4iYryqZSqZ+dDtsiIgphoxLQn4414OrFntPHqmaUXlvLrv5y5VMyGlJZSXn5E9IYkBa8217+np6akLVNecPSHx3flIS8pd/frItf3C5konIhfO78jVJyIcFKYopi848GvnPJ5S6djPdMn7M6QcAAAAAwGmgqR2++3dN26u9nr+zv269PxBq7K/Hfff3Yfkv3N+1AwAAAABwVljVp3ndNI3SPkFMDu7TeRA+plf2Vvi7Wd7fMhzfSvcJvMGbmqLuya6/LYFDvC17BEHpJGusthp11FV4t4326iMzk737BJum8c+bt9+7N8SVtegBK+08CO1/AQz07BcQAAAAgJ5pFP3emcn+TggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDOoF/8mrd9rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE6KXwEAAP//ziYEEA==") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10) open_tree(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x100) 545.121002ms ago: executing program 6 (id=1415): prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00') r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2}, 0x18) r1 = syz_open_dev$usbfs(&(0x7f0000002000), 0xd, 0x20041) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 544.947822ms ago: executing program 6 (id=1418): r0 = socket$pppl2tp(0x18, 0x1, 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32) writev(r0, 0x0, 0x0) 520.617172ms ago: executing program 1 (id=1420): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000600)=@newtaction={0x68, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfd, {}, [{0x54, 0x1, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x204, 0x7, 0x3, 0x200000, 0x6}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x20048840}, 0x4001000) 519.071792ms ago: executing program 6 (id=1421): mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10) sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) 493.541723ms ago: executing program 5 (id=1422): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$netlbl_unlabel(0x0, r0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0180000000000000000001000000000000000b00000000030014"], 0x28}}, 0x40000) 364.070815ms ago: executing program 6 (id=1423): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4) syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet_udp(0x2, 0x2, 0x0) connect$pppl2tp(r2, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$L2TP_CMD_TUNNEL_DELETE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010028bd7000fcdbdf25020000000800090002"], 0x1c}}, 0x20000050) 363.296465ms ago: executing program 5 (id=1424): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000004, 0x0, 0x29, 0x10, &(0x7f0000002e00), &(0x7f00000001c0), 0x8, 0x7c, 0x8, 0x0, 0x0}}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r2, 0xe8, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) 295.215396ms ago: executing program 1 (id=1425): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x4001, 0x0) 278.041606ms ago: executing program 5 (id=1426): r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x15, 0x7, 0x2, 0x4, 0x0, 0x70bd27, 0x25dfdbfc, [@sadb_sa={0x2, 0x1, 0x4d3, 0x6, 0x9, 0x19, 0x3, 0xa0000001}]}, 0x20}}, 0x4040040) 243.695797ms ago: executing program 1 (id=1427): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x8, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x9, 0x3ff}]}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_emit_ethernet(0xa2, &(0x7f0000000600)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd60010100006c1100fe8000"], 0x0) 181.181757ms ago: executing program 6 (id=1428): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r0}, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'syz_tun\x00'}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000004c0)={'ip6gre0\x00', 0x0, 0x2f, 0x5, 0x0, 0xf97, 0x0, @ipv4={'\x00', '\xff\xff', @local}, @private1, 0x700, 0x0, 0x0, 0xfffffffb}}) r1 = socket$packet(0x11, 0x3, 0x300) socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r3}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000080)='O', 0x28}], 0x1, 0x0, 0x0, 0x2f00}}], 0x1, 0x0) 148.820729ms ago: executing program 5 (id=1429): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x400, &(0x7f00000ce000/0x1000)=nil, 0x3) 139.192669ms ago: executing program 6 (id=1430): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[], 0x48) r0 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/warn_count', 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xf, 0x30, r0, 0x0) syz_io_uring_setup(0x1b13, &(0x7f0000000240)={0x0, 0xd421, 0x10100, 0xfffffffd, 0x200}, &(0x7f00000002c0)=0x0, &(0x7f0000000040)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) 64.78874ms ago: executing program 1 (id=1431): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x5, 0x4) setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, 0x0, 0x0) 48.87952ms ago: executing program 5 (id=1432): syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000300)={[{@noload}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@init_itable}, {@errors_remount}, {@noinit_itable}, {@lazytime}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugBj3VbCGGhhtZECJFqDF5MDImejUcT/wJvXox6MvGqd0NClAvoqWZmZ2C77PaFbncr+/kkA8+z83Sf57vPPDPPzLMbQN8ayf5JInZExG8RMVTPLi0wUv/vxrUL1b+vXagmsbj41p9JXu76tQvVsmj5d9uLzGgakX6SFJUsNXfu/KmpWm3mbJEfnz/93vjcufPPnjw9dWLmxMyZySNHDh+aeOH5yec6EmcW1/V9H87u3/vaO5dfrx67/O5P32bt3VHsb4yjU0aywP9azDXve6LTlfXYzoZ0MtDDhrAmlYjIumswH/9DUYlbnTcUr37c08YBGyq7Nm1tv3thEbiLJdHrFgC9UV7os/vfcuvS1GNTuPpS/QYoi/tGsdX3DERalBlsur/tpJGIOLbwz1fZFhv0HAIAoNFn1S+PxjOt5n9p3N9QblexhjIcEfdExO6IuDci9kTEfRF52Qci4sE11t+8NHT7/Ce9ckeBrVI2/3uxWNtaOv8rZ38xXClyO/P4B5PjJ2szB4vPZDQGt2b5iWXq+P6VXz9vt69x/pdtWf3lXLBox5WBpgd001PzU/mktAOufhSxb6BV/MnNlYAkIvZGxL61vfWuMnHyqW/2tyu0cvzL6MA60+LXEU/W+38hmuIvJcuvT47/L2ozB8fLo+J2P/9y6c129a8r/g7I+n/b0uO/uchw0rheO7f2Oi79/mnbe5o7Pf63JG/n56Oyoz6Ymp8/OxGxJTmav1geGvnrk7f+tsyX5bP4Rw+0Hv+741YFD0VEdhA/HBGPRMSjRdsfi4jHI+LAMvH/+HL7fZuh/6dbnv9uHv9N/b/2ROXUD9+1q391/X84T40Wr+TnvxWstoHr+ewAAADgvyLNvwOfpGM302k6Nlb/Dv+e2JbWZufmnz4++/6Z6fp35YdjMC2fdA01PA+dSBaKd6znJ4tnxeX+Q8Vz4y8q/8/zY9XZ2nSPY4d+t73N+M/8Uel164AN12odbXJLDxoCdF3z+E+XZi++0c3GAF3l99rQv1YY/2m32gF0n+s/9K9W4/9iU95aANydXP+hfxn/0L+Mf+hfxj/0pfX8rl+inxORbopmSGxQotdnJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM74NwAA//+8yu7V") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',version=9p2000']) 0s ago: executing program 1 (id=1433): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000240)={[{@errors_remount}, {@nogrpid}, {@nodiscard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x153}}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}], [], 0x3d}, 0x1, 0x51f, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oW8+FdOHh4utHda559X846/QjzTXucff8WI+/IPq/f5L/bOfyM9jv/HjxnjqXd/VukZ/1bEU8X88083ftIj/rN5Ff782weKvvbVnZ1e8dO3I6ZyP3+S+2JVmmsblcb2zvWVtfnl6nJ1fXZ25sW5l+ZemJuuLK3Uqtnf3Bjf/egv7hzW/8s94k8e0f/ncuobzSn7/7s3b3+wkyzlxb/6bE78X/842+Jg/EL22ffJLN16faqb3u2k7/X0T3/79GH9X+zR/6P+/1d7VbrPtS9/60/H3BQAGIDG9s7qfK1W3TwbiZej7zW3RvhD79ejl/hveiaacbqJb/a1wjRN09YxdYJ6khjcm5Ac3tRhn5kAAIB+u/ulf9gtAQAAAAAAAAAAAAAAAAAAgItrEHca2x9zdy+V9OMW2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffF+AAAA///0iOAC") kernel console output (not intermixed with test programs): 6][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 68.520244][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 68.563534][ T4741] loop1: detected capacity change from 0 to 512 [ 68.600983][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 68.604147][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 68.613030][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 68.624690][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 68.641279][ T4503] device veth0_vlan entered promiscuous mode [ 68.644674][ T4741] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.195: invalid block [ 68.706275][ T4741] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.195: invalid indirect mapped block 4294967295 (level 1) [ 68.751527][ T4503] device veth1_vlan entered promiscuous mode [ 68.768607][ T4741] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.195: invalid indirect mapped block 4294967295 (level 1) [ 68.819602][ T4741] EXT4-fs (loop1): 2 truncates cleaned up [ 68.821251][ T4741] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000004004,barrier=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 68.891840][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 68.895069][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 68.914373][ T4503] device veth0_macvtap entered promiscuous mode [ 68.930300][ T4761] loop0: detected capacity change from 0 to 1024 [ 68.942123][ T4503] device veth1_macvtap entered promiscuous mode [ 69.015019][ T4761] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 69.017531][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.020743][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.023327][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.117960][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.120653][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.123315][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.191161][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 69.194152][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.199610][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 69.201952][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 69.212803][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 69.215752][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 69.250238][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 69.265532][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.268256][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.270816][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.273507][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.314259][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.317145][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.319660][ T4503] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 69.322407][ T4503] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 69.348337][ T4503] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 69.351614][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 69.365273][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 69.380131][ T4503] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.382570][ T4503] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.395386][ T4503] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.397907][ T4503] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 69.597923][ T536] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.600973][ T536] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.608679][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 69.651059][ T332] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 69.657392][ T2054] ieee802154 phy0 wpan0: encryption failed: -22 [ 69.659391][ T2054] ieee802154 phy1 wpan1: encryption failed: -22 [ 69.666246][ T332] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 69.693939][ T536] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 69.714908][ T4783] netlink: 8 bytes leftover after parsing attributes in process `syz.0.204'. [ 69.717348][ T4783] netlink: 28 bytes leftover after parsing attributes in process `syz.0.204'. [ 69.722290][ T4783] device geneve2 entered promiscuous mode [ 69.921888][ T4788] loop2: detected capacity change from 0 to 1024 [ 69.945091][ T4790] netlink: 68 bytes leftover after parsing attributes in process `syz.5.140'. [ 70.053315][ T4795] loop4: detected capacity change from 0 to 512 [ 70.056908][ T4788] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,data_err=ignore,,errors=continue. Quota mode: none. [ 70.167110][ T4795] EXT4-fs (loop4): DAX enabled. Warning: EXPERIMENTAL, use at your own risk [ 70.169521][ T4795] EXT4-fs (loop4): Ignoring removed nobh option [ 70.171317][ T4795] EXT4-fs (loop4): error: journal path ./bus is not a block device [ 70.418245][ T4813] tipc: Enabled bearer , priority 0 [ 70.441854][ T4813] device syzkaller0 entered promiscuous mode [ 70.533422][ T4812] tipc: Resetting bearer [ 70.568841][ T4812] tipc: Disabling bearer [ 70.770524][ T4828] tmpfs: Unknown parameter '€' [ 72.300044][ T26] kauditd_printk_skb: 37 callbacks suppressed [ 72.300056][ T26] audit: type=1326 audit(72.240:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.0.225" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 72.314343][ T26] audit: type=1326 audit(72.240:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4847 comm="syz.5.226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.354244][ T26] audit: type=1326 audit(72.240:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4847 comm="syz.5.226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=284 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.376818][ T26] audit: type=1326 audit(72.250:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4847 comm="syz.5.226" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.382586][ T26] audit: type=1326 audit(72.270:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.0.225" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=54 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 72.427864][ T4852] netlink: 'syz.5.227': attribute type 1 has an invalid length. [ 72.434961][ T26] audit: type=1326 audit(72.270:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4846 comm="syz.0.225" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 72.439368][ T4852] netlink: 224 bytes leftover after parsing attributes in process `syz.5.227'. [ 72.585366][ T26] audit: type=1326 audit(72.530:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4860 comm="syz.5.229" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.593854][ T26] audit: type=1326 audit(72.530:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4860 comm="syz.5.229" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.630617][ T26] audit: type=1326 audit(72.560:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4860 comm="syz.5.229" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.660174][ T26] audit: type=1326 audit(72.560:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4860 comm="syz.5.229" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=14 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 72.742527][ T4869] tipc: Started in network mode [ 72.752836][ T4869] tipc: Node identity def73a4cb53b, cluster identity 4711 [ 72.763054][ T4869] tipc: Enabled bearer , priority 0 [ 73.223861][ T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.280643][ T4869] device syzkaller0 entered promiscuous mode [ 73.318922][ T4883] tipc: Resetting bearer [ 73.366124][ T4898] Zero length message leads to an empty skb [ 73.385490][ T4867] tipc: Resetting bearer [ 73.393507][ T4867] tipc: Disabling bearer [ 73.466715][ T9] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.635912][ T9] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.746881][ T9] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 73.863198][ T4924] netlink: 40 bytes leftover after parsing attributes in process `syz.1.247'. [ 73.881324][ T4924] netlink: 40 bytes leftover after parsing attributes in process `syz.1.247'. [ 73.968730][ T4855] chnl_net:caif_netlink_parms(): no params data found [ 74.083892][ T4930] loop4: detected capacity change from 0 to 128 [ 74.329224][ T4947] tipc: Enabling of bearer rejected, failed to enable media [ 74.440572][ T4855] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.442491][ T4855] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.465423][ T4855] device bridge_slave_0 entered promiscuous mode [ 74.495127][ T4947] device syzkaller0 entered promiscuous mode [ 74.498021][ T4947] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 74.501467][ T4855] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.503448][ T4855] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.506928][ T4855] device bridge_slave_1 entered promiscuous mode [ 74.546846][ T21] Bluetooth: hci2: command 0x0409 tx timeout [ 74.591684][ T4855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.612463][ T4855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 74.828625][ T4967] loop5: detected capacity change from 0 to 164 [ 75.026805][ T13] cfg80211: failed to load regulatory.db [ 75.105100][ T4967] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 75.236714][ T4855] team0: Port device team_slave_0 added [ 75.240279][ T4855] team0: Port device team_slave_1 added [ 75.380144][ T4978] xt_recent: hitcount (16385) is larger than allowed maximum (255) [ 75.418849][ T4855] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.431611][ T4855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.491951][ T4855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.571643][ T4855] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.579295][ T4855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.644885][ T4855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.737693][ T4986] loop4: detected capacity change from 0 to 128 [ 75.815734][ T4986] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 75.825447][ T4986] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 76.056571][ T4855] device hsr_slave_0 entered promiscuous mode [ 76.072400][ T4993] netlink: 4 bytes leftover after parsing attributes in process `syz.0.268'. [ 76.081387][ T4993] netlink: 4 bytes leftover after parsing attributes in process `syz.0.268'. [ 76.095606][ T4855] device hsr_slave_1 entered promiscuous mode [ 76.174666][ T4855] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 76.176824][ T4855] Cannot create hsr debugfs directory [ 76.469246][ T5014] vhci_hcd: invalid port number 236 [ 76.470748][ T5014] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 76.624888][ T4953] Bluetooth: hci2: command 0x041b tx timeout [ 76.675438][ T5024] xt_hashlimit: max too large, truncated to 1048576 [ 76.729625][ T5021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.275'. [ 77.273792][ T4855] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 77.593217][ T4855] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 77.640876][ T4855] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 77.716861][ T4855] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 77.750709][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 77.750723][ T26] audit: type=1326 audit(77.690:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 77.800740][ T26] audit: type=1326 audit(77.740:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=92 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 77.849915][ T26] audit: type=1326 audit(77.750:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 77.866992][ T26] audit: type=1326 audit(77.750:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.1.286" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 78.218587][ T4855] 8021q: adding VLAN 0 to HW filter on device bond0 [ 78.251966][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 78.254828][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 78.269062][ T4855] 8021q: adding VLAN 0 to HW filter on device team0 [ 78.303838][ T5076] loop5: detected capacity change from 0 to 8192 [ 78.314389][ T5082] tipc: Enabled bearer , priority 0 [ 78.319714][ T5082] device syzkaller0 entered promiscuous mode [ 78.322987][ T1870] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 78.326559][ T1870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 78.329096][ T1870] bridge0: port 1(bridge_slave_0) entered blocking state [ 78.330988][ T1870] bridge0: port 1(bridge_slave_0) entered forwarding state [ 78.346585][ T1870] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 78.363484][ T5082] tipc: Resetting bearer [ 78.368481][ T5089] loop4: detected capacity change from 0 to 512 [ 78.436189][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 78.439212][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 78.442260][ T1705] bridge0: port 2(bridge_slave_1) entered blocking state [ 78.444119][ T1705] bridge0: port 2(bridge_slave_1) entered forwarding state [ 78.484542][ T5081] tipc: Resetting bearer [ 78.540587][ T5081] tipc: Disabling bearer [ 78.550142][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 78.553390][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 78.565613][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 78.585999][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 78.590562][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 78.617347][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 78.634881][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 78.640410][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 78.669267][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 78.689074][ T4855] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 78.692749][ T4855] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 78.695808][ T4953] Bluetooth: hci2: command 0x040f tx timeout [ 78.720530][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 78.723337][ T1705] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 78.747659][ T26] audit: type=1326 audit(78.690:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5097 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 78.753585][ T26] audit: type=1326 audit(78.690:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5097 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 78.784586][ T26] audit: type=1326 audit(78.710:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5097 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=114 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 78.790855][ T26] audit: type=1326 audit(78.710:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5097 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 78.825449][ T26] audit: type=1326 audit(78.710:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5097 comm="syz.0.298" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 79.300259][ T1870] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 79.302841][ T1870] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 79.353498][ T4855] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 79.454951][ T9] device hsr_slave_0 left promiscuous mode [ 79.524748][ T9] device hsr_slave_1 left promiscuous mode [ 79.624951][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.627215][ T9] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.631640][ T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.633775][ T9] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.638560][ T5157] netlink: 8 bytes leftover after parsing attributes in process `syz.1.309'. [ 79.642599][ T9] bridge0: port 3(dummy0) entered disabled state [ 79.693936][ T5161] loop5: detected capacity change from 0 to 512 [ 79.713691][ T5166] loop4: detected capacity change from 0 to 164 [ 79.727972][ T9] device bridge_slave_1 left promiscuous mode [ 79.730143][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.793951][ T9] device bridge_slave_0 left promiscuous mode [ 79.797436][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.812897][ T5166] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 79.846226][ T5161] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.311: bg 0: block 248: padding at end of block bitmap is not set [ 79.863749][ T5161] Quota error (device loop5): write_blk: dquota write failed [ 79.884309][ T5161] EXT4-fs error (device loop5): ext4_acquire_dquot:6207: comm syz.5.311: Failed to acquire dquot type 1 [ 79.899529][ T5161] EXT4-fs (loop5): 1 truncate cleaned up [ 79.901119][ T5161] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 80.164503][ T9] device veth1_macvtap left promiscuous mode [ 80.166392][ T9] device veth0_macvtap left promiscuous mode [ 80.169863][ T9] device veth1_vlan left promiscuous mode [ 80.171686][ T9] device veth0_vlan left promiscuous mode [ 80.307128][ T5194] netlink: 4 bytes leftover after parsing attributes in process `syz.5.315'. [ 80.469246][ T9] team0 (unregistering): Port device bridge1 removed [ 80.656942][ T9] team0 (unregistering): Port device team_slave_1 removed [ 80.669207][ T9] team0 (unregistering): Port device team_slave_0 removed [ 80.678838][ T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 80.716319][ T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 80.776982][ T4086] Bluetooth: hci2: command 0x0419 tx timeout [ 80.893415][ T9] bond0 (unregistering): Released all slaves [ 80.990032][ T5163] tipc: Enabling of bearer rejected, failed to enable media [ 81.160343][ T5206] netlink: 28 bytes leftover after parsing attributes in process `syz.0.320'. [ 81.200042][ T5208] loop5: detected capacity change from 0 to 512 [ 81.332559][ T5208] EXT4-fs (loop5): revision level too high, forcing read-only mode [ 81.335628][ T5208] EXT4-fs (loop5): orphan cleanup on readonly fs [ 81.339712][ T5208] EXT4-fs error (device loop5): ext4_acquire_dquot:6207: comm syz.5.318: Failed to acquire dquot type 1 [ 81.346813][ T5208] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.318: bg 0: block 40: padding at end of block bitmap is not set [ 81.354540][ T5208] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Corrupt filesystem [ 81.358851][ T5208] EXT4-fs (loop5): 1 truncate cleaned up [ 81.362499][ T5208] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 81.365696][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 81.368662][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 81.389725][ T4855] device veth0_vlan entered promiscuous mode [ 81.398691][ T4855] device veth1_vlan entered promiscuous mode [ 81.414466][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 81.417361][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 81.423614][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 81.468318][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 81.477743][ T4855] device veth0_macvtap entered promiscuous mode [ 81.484958][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 81.487834][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 81.490586][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 81.493338][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 81.498840][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 81.531394][ T4855] device veth1_macvtap entered promiscuous mode [ 81.624063][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.696140][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.699307][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.702392][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.718584][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.723913][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.735722][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 81.745710][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.759693][ T4855] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 81.776076][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.795487][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.808746][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.812512][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.817846][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.820790][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.823511][ T4855] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 81.826589][ T4855] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 81.830546][ T4855] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 81.842619][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 81.845548][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 81.856124][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 81.859152][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 81.862277][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 81.889835][ T4855] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.892251][ T4855] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.897174][ T4855] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 81.899731][ T4855] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.218642][ T536] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.220922][ T536] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.232093][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 82.290691][ T536] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.293204][ T536] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.313530][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 82.529595][ T5257] loop4: detected capacity change from 0 to 2048 [ 82.596761][ T5257] loop4: p1 < > p4 [ 82.600251][ T5257] loop4: p4 size 8388608 extends beyond EOD, truncated [ 82.717965][ T3654] loop4: p1 < > p4 [ 82.720290][ T3654] loop4: p4 size 8388608 extends beyond EOD, truncated [ 82.731415][ T5267] loop6: detected capacity change from 0 to 2048 [ 82.821136][ T4167] udevd[4167]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 82.821277][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 82.883664][ T5267] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 82.987912][ T4027] udevd[4027]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory [ 83.028126][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 83.176887][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 83.176898][ T26] audit: type=1326 audit(83.120:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.209936][ T26] audit: type=1326 audit(83.140:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=278 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.251991][ T26] audit: type=1326 audit(83.140:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.271806][ T5299] loop6: detected capacity change from 0 to 164 [ 83.305048][ T26] audit: type=1326 audit(83.150:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.326742][ T5299] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 83.338879][ T26] audit: type=1326 audit(83.150:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.373969][ T26] audit: type=1326 audit(83.150:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.526081][ T26] audit: type=1326 audit(83.150:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.526129][ T26] audit: type=1326 audit(83.150:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.526167][ T26] audit: type=1326 audit(83.150:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 83.526205][ T26] audit: type=1326 audit(83.150:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5292 comm="syz.4.343" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 84.630340][ T5349] netlink: 60 bytes leftover after parsing attributes in process `syz.1.361'. [ 85.063591][ T5378] loop6: detected capacity change from 0 to 512 [ 85.159239][ T5378] EXT4-fs (loop6): mounted filesystem without journal. Opts: errors=remount-ro,bsdgroups,. Quota mode: writeback. [ 85.835729][ T5399] xt_CT: You must specify a L4 protocol and not use inversions on it [ 86.387148][ T5412] loop6: detected capacity change from 0 to 256 [ 86.606681][ T5421] netlink: 'syz.0.383': attribute type 15 has an invalid length. [ 87.142942][ T5442] loop6: detected capacity change from 0 to 164 [ 87.238344][ T5442] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 87.248462][ T5444] tipc: Enabled bearer , priority 0 [ 87.260671][ T5444] device syzkaller0 entered promiscuous mode [ 87.477143][ T5444] tipc: Resetting bearer [ 87.496947][ T5443] tipc: Resetting bearer [ 87.523065][ T5443] tipc: Disabling bearer [ 88.023566][ T5466] netlink: 8 bytes leftover after parsing attributes in process `syz.0.394'. [ 88.188507][ T26] kauditd_printk_skb: 56 callbacks suppressed [ 88.188519][ T26] audit: type=1326 audit(88.130:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5459 comm="syz.0.394" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dfeaba8 code=0x7ffc0000 [ 88.203811][ T26] audit: type=1326 audit(88.130:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=34 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.240510][ T26] audit: type=1326 audit(88.130:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.273681][ T26] audit: type=1326 audit(88.130:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.301912][ T26] audit: type=1326 audit(88.130:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.332455][ T26] audit: type=1326 audit(88.130:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.352414][ T26] audit: type=1326 audit(88.130:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.377077][ T26] audit: type=1326 audit(88.160:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.395004][ T26] audit: type=1326 audit(88.160:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.418145][ T26] audit: type=1326 audit(88.160:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5472 comm="syz.1.398" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 88.520940][ T5491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.402'. [ 88.603565][ T5490] netlink: 12 bytes leftover after parsing attributes in process `syz.6.403'. [ 88.616130][ T5490] netlink: 'syz.6.403': attribute type 4 has an invalid length. [ 88.623761][ T5494] loop5: detected capacity change from 0 to 164 [ 88.711065][ T5494] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 88.870780][ T5508] loop4: detected capacity change from 0 to 128 [ 89.132456][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.1.412'. [ 89.298944][ T5520] loop6: detected capacity change from 0 to 128 [ 89.495676][ T5533] udc-core: couldn't find an available UDC or it's busy [ 89.498024][ T5533] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 90.840873][ T5558] loop6: detected capacity change from 0 to 2048 [ 90.957702][ T4167] Alternate GPT is invalid, using primary GPT. [ 90.959665][ T4167] loop6: p1 p2 p3 [ 91.038478][ T5558] Alternate GPT is invalid, using primary GPT. [ 91.040549][ T5558] loop6: p1 p2 p3 [ 91.052634][ T5571] 9pnet: Could not find request transport: rv¨‚èĺÕÊÇÁˆvÚ†]%‡4ÝsX=ò’‰$Hž÷™Ï0¾ÍÌàEyµVÈ%«‚˜'”^ gîa_ëbC7ŽÚ“®É*]âqz¤œ-(JÏ«âbüÏ˲·Z!ƒÄn¶\¨NM§û·z²ü:êØ|2«‡^çÂç·œ˜ [ 91.193614][ T5582] netlink: 4 bytes leftover after parsing attributes in process `syz.1.433'. [ 91.241900][ T5582] device bridge0 entered promiscuous mode [ 91.281347][ T5582] bridge0: port 3(macvlan2) entered blocking state [ 91.283387][ T5582] bridge0: port 3(macvlan2) entered disabled state [ 91.322099][ T5582] device bridge0 left promiscuous mode [ 91.573632][ T5597] loop6: detected capacity change from 0 to 512 [ 91.850587][ T5576] netlink: 8 bytes leftover after parsing attributes in process `syz.0.427'. [ 92.191120][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 92.196211][ T4027] udevd[4027]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 92.207864][ T4167] udevd[4167]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 92.299442][ T5597] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.438: bg 0: block 248: padding at end of block bitmap is not set [ 92.314626][ T5597] EXT4-fs error (device loop6): ext4_acquire_dquot:6207: comm syz.6.438: Failed to acquire dquot type 1 [ 92.342438][ T5597] EXT4-fs (loop6): 1 truncate cleaned up [ 92.344015][ T5597] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 92.590162][ T4167] udevd[4167]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory [ 92.615271][ T4027] udevd[4027]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory [ 92.619375][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory [ 92.712134][ T5632] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 93.051476][ T5633] loop5: detected capacity change from 0 to 8192 [ 93.125828][ T4027] loop5: p2 p4 [ 93.127123][ T4027] loop5: p2 size 130943 extends beyond EOD, truncated [ 93.431718][ T4027] loop5: p4 size 3599499392 extends beyond EOD, truncated [ 93.450062][ T5633] loop5: p2 p4 [ 93.451448][ T5633] loop5: p2 size 130943 extends beyond EOD, truncated [ 93.474803][ T5633] loop5: p4 size 3599499392 extends beyond EOD, truncated [ 94.301031][ T26] kauditd_printk_skb: 122 callbacks suppressed [ 94.301043][ T26] audit: type=1326 audit(94.240:338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 94.332426][ T26] audit: type=1326 audit(94.250:339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 94.340089][ T5651] loop4: detected capacity change from 0 to 8192 [ 94.453607][ T26] audit: type=1326 audit(94.390:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 94.470636][ T5663] Cannot find add_set index 0 as target [ 94.477193][ T26] audit: type=1326 audit(94.410:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 94.521910][ T4029] loop4: p1 p2 [ 94.524674][ T26] audit: type=1326 audit(94.410:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 94.537264][ T4029] loop4: p2 start 3506442254 is beyond EOD, truncated [ 95.569156][ T26] audit: type=1326 audit(94.430:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 95.584661][ T26] audit: type=1326 audit(94.430:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 95.590645][ T26] audit: type=1326 audit(94.430:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 95.597424][ T26] audit: type=1326 audit(94.450:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 95.603159][ T26] audit: type=1326 audit(94.450:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5650 comm="syz.4.451" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 95.728345][ T5651] loop4: p1 p2 [ 95.734692][ T5651] loop4: p2 start 3506442254 is beyond EOD, truncated [ 95.809871][ T5651] netlink: 8 bytes leftover after parsing attributes in process `syz.4.451'. [ 96.830641][ T5694] tipc: Enabled bearer , priority 0 [ 96.853100][ T5694] device syzkaller0 entered promiscuous mode [ 96.956815][ T5694] tipc: Resetting bearer [ 96.976655][ T5703] loop6: detected capacity change from 0 to 128 [ 97.032474][ T5687] tipc: Resetting bearer [ 97.048331][ T5703] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002] [ 97.050710][ T5703] System zones: 1-3, 19-19, 35-36 [ 97.058111][ T5707] loop5: detected capacity change from 0 to 128 [ 97.064458][ T5703] EXT4-fs (loop6): mounted filesystem without journal. Opts: quota,debug,,errors=continue. Quota mode: writeback. [ 97.069459][ T5687] tipc: Disabling bearer [ 97.078814][ T5692] netlink: 260 bytes leftover after parsing attributes in process `syz.1.464'. [ 97.088685][ T5707] EXT4-fs (loop5): Ignoring removed nobh option [ 97.126791][ T5714] loop4: detected capacity change from 0 to 164 [ 97.133744][ T5707] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobh,max_dir_size_kb=0x0000000000000004,,errors=continue. Quota mode: none. [ 97.137782][ T5703] EXT4-fs warning (device loop6): verify_group_input:165: Last group not full [ 97.151311][ T4027] udevd[4027]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 97.202640][ T5714] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 97.209258][ T4167] udevd[4167]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 97.296083][ T5720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.470'. [ 97.433363][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 97.474586][ T5729] xt_CT: You must specify a L4 protocol and not use inversions on it [ 97.619948][ T5738] vhci_hcd: invalid port number 236 [ 97.624816][ T5738] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 97.673126][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory [ 97.723836][ T4167] udevd[4167]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory [ 97.750705][ T4029] udevd[4029]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory [ 98.053240][ T5760] netlink: 'syz.6.487': attribute type 1 has an invalid length. [ 98.067214][ T5760] netlink: 224 bytes leftover after parsing attributes in process `syz.6.487'. [ 99.206184][ T5779] tipc: Enabled bearer , priority 0 [ 99.338650][ T26] kauditd_printk_skb: 11 callbacks suppressed [ 99.338662][ T26] audit: type=1326 audit(99.280:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 99.355729][ T26] audit: type=1326 audit(99.300:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 99.917544][ T5795] tipc: Resetting bearer [ 99.948384][ T5779] device syzkaller0 entered promiscuous mode [ 99.953426][ T26] audit: type=1326 audit(99.890:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 99.962791][ T5779] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready [ 99.982133][ T26] audit: type=1326 audit(99.890:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 99.990839][ T5778] tipc: Resetting bearer [ 100.008942][ T26] audit: type=1326 audit(99.900:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.015057][ T26] audit: type=1326 audit(99.900:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.020829][ T26] audit: type=1326 audit(99.910:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.039179][ T5778] tipc: Disabling bearer [ 100.041627][ T26] audit: type=1326 audit(99.910:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.050435][ T26] audit: type=1326 audit(99.910:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.086753][ T26] audit: type=1326 audit(99.910:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5784 comm="syz.1.483" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 100.132154][ T5800] loop5: detected capacity change from 0 to 164 [ 100.231389][ T5800] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 100.833529][ T5832] loop6: detected capacity change from 0 to 736 [ 101.219274][ T5833] device bond0 entered promiscuous mode [ 101.221096][ T5833] device bond_slave_0 entered promiscuous mode [ 101.223058][ T5833] device bond_slave_1 entered promiscuous mode [ 101.254898][ T5833] device batadv0 entered promiscuous mode [ 101.296668][ T5833] device bond0 left promiscuous mode [ 101.298367][ T5833] device bond_slave_0 left promiscuous mode [ 101.300222][ T5833] device bond_slave_1 left promiscuous mode [ 101.322262][ T5847] netlink: 16 bytes leftover after parsing attributes in process `syz.5.505'. [ 101.346202][ T5833] device batadv0 left promiscuous mode [ 101.464534][ T5847] netlink: 16 bytes leftover after parsing attributes in process `syz.5.505'. [ 101.503139][ T5840] tipc: Enabled bearer , priority 0 [ 101.580315][ T5840] tipc: Disabling bearer [ 101.663488][ T5847] netlink: 16 bytes leftover after parsing attributes in process `syz.5.505'. [ 101.735885][ T5867] loop6: detected capacity change from 0 to 164 [ 101.799555][ T5873] loop5: detected capacity change from 0 to 128 [ 101.802631][ T5867] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 101.975624][ T5873] device pim6reg1 entered promiscuous mode [ 102.500924][ T5902] tipc: Started in network mode [ 102.502315][ T5902] tipc: Node identity 962b4ca7b94d, cluster identity 4711 [ 102.521203][ T5902] tipc: Enabled bearer , priority 0 [ 102.531961][ T5902] device syzkaller0 entered promiscuous mode [ 102.574831][ T5902] tipc: Resetting bearer [ 102.596388][ T5901] tipc: Resetting bearer [ 102.686582][ T5901] tipc: Disabling bearer [ 102.979783][ T5926] tipc: Enabled bearer , priority 10 [ 103.693834][ T5940] loop0: detected capacity change from 0 to 128 [ 104.046087][ T5940] device pim6reg1 entered promiscuous mode [ 104.098129][ T4953] tipc: Node number set to 795233447 [ 104.252042][ T5962] tipc: Enabled bearer , priority 0 [ 104.275886][ T5962] device syzkaller0 entered promiscuous mode [ 104.300592][ T5962] tipc: Resetting bearer [ 104.539362][ T5961] tipc: Resetting bearer [ 104.552842][ T5961] tipc: Disabling bearer [ 104.949157][ T5990] netlink: 8 bytes leftover after parsing attributes in process `syz.0.545'. [ 105.075084][ T5995] tmpfs: Bad value for 'mpol' [ 105.248149][ T6005] tipc: Enabled bearer , priority 0 [ 105.250923][ T6005] device syzkaller0 entered promiscuous mode [ 105.291695][ T6005] tipc: Resetting bearer [ 105.307315][ T6004] tipc: Resetting bearer [ 105.355764][ T6004] tipc: Disabling bearer [ 105.366175][ T6014] loop0: detected capacity change from 0 to 164 [ 105.411429][ T6014] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 105.858908][ T6032] loop6: detected capacity change from 0 to 512 [ 105.921754][ T6032] EXT2-fs (loop6): warning: feature flags set on rev 0 fs, running e2fsck is recommended [ 105.927266][ T6032] EXT2-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 105.935638][ T6032] EXT2-fs (loop6): 0.5b, 95/08/09, bs=2048, gc=1, bpg=16384, ipg=32, mo=8021c] [ 105.966098][ T6032] attempt to access beyond end of device [ 105.966098][ T6032] loop6: rw=0, want=511020, limit=512 [ 106.476840][ T6047] netlink: 48 bytes leftover after parsing attributes in process `syz.0.567'. [ 106.605778][ T6051] rdma_op 0000000046c3d94a conn xmit_rdma 0000000000000000 [ 106.685901][ T6053] tipc: Enabled bearer , priority 0 [ 106.688890][ T6053] device syzkaller0 entered promiscuous mode [ 106.757193][ T6053] tipc: Resetting bearer [ 106.771997][ T6052] tipc: Resetting bearer [ 106.797637][ T6052] tipc: Disabling bearer [ 106.874143][ T6062] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.572'. [ 106.877548][ T6059] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.572'. [ 106.981539][ T26] kauditd_printk_skb: 92 callbacks suppressed [ 106.981552][ T26] audit: type=1326 audit(106.920:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 106.999016][ T26] audit: type=1326 audit(106.940:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.002656][ T6068] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'. [ 107.026458][ T26] audit: type=1326 audit(106.940:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.115704][ T26] audit: type=1326 audit(106.940:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.121786][ T26] audit: type=1326 audit(106.940:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.163618][ T26] audit: type=1326 audit(106.940:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa64480d4 code=0x7ffc0000 [ 107.174611][ T26] audit: type=1326 audit(106.940:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa64480d4 code=0x7ffc0000 [ 107.180795][ T26] audit: type=1326 audit(106.940:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.233832][ T26] audit: type=1326 audit(106.940:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.264367][ T26] audit: type=1326 audit(106.940:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6064 comm="syz.6.575" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 107.318194][ T6081] xt_bpf: check failed: parse error [ 107.462875][ T6089] tipc: Enabled bearer , priority 0 [ 107.467264][ T6089] device syzkaller0 entered promiscuous mode [ 107.513138][ T6089] tipc: Resetting bearer [ 107.520039][ T6092] rdma_op 00000000e5012266 conn xmit_rdma 0000000000000000 [ 107.530742][ T6087] tipc: Resetting bearer [ 107.554594][ T6087] tipc: Disabling bearer [ 107.629403][ T6098] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22 [ 107.631712][ T6098] netdevsim netdevsim4: Direct firmware load for . failed with error -22 [ 107.645006][ T6098] netdevsim netdevsim4: Falling back to sysfs fallback for: . [ 107.852838][ T6116] netlink: 8 bytes leftover after parsing attributes in process `syz.6.596'. [ 107.864364][ T6116] netlink: 8 bytes leftover after parsing attributes in process `syz.6.596'. [ 107.952451][ T6121] loop0: detected capacity change from 0 to 512 [ 108.014832][ T6121] EXT4-fs (loop0): error: could not find journal device path: error -2 [ 108.069754][ T6131] tipc: Enabled bearer , priority 0 [ 108.076147][ T6131] device syzkaller0 entered promiscuous mode [ 108.079562][ T6133] netlink: 'syz.5.605': attribute type 1 has an invalid length. [ 108.097216][ T6133] netlink: 199820 bytes leftover after parsing attributes in process `syz.5.605'. [ 108.116671][ T6131] tipc: Resetting bearer [ 108.130316][ T6130] tipc: Resetting bearer [ 108.146085][ T6130] tipc: Disabling bearer [ 108.276853][ T6145] loop6: detected capacity change from 0 to 128 [ 108.390736][ T6145] EXT4-fs (loop6): mounted filesystem without journal. Opts: sysvgroups,inode_readahead_blks=0x0000000000004000,usrjquota=,acl,grpjquota=,,errors=continue. Quota mode: none. [ 108.490911][ T6161] netlink: 60 bytes leftover after parsing attributes in process `syz.5.615'. [ 109.496294][ T6179] loop5: detected capacity change from 0 to 164 [ 109.583739][ T6179] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 109.648322][ T6186] tipc: Enabled bearer , priority 0 [ 109.659742][ T6186] device syzkaller0 entered promiscuous mode [ 109.726903][ T6186] tipc: Resetting bearer [ 109.824780][ T6200] loop6: detected capacity change from 0 to 512 [ 109.871252][ T6181] tipc: Resetting bearer [ 109.909675][ T6181] tipc: Disabling bearer [ 109.924946][ T6200] EXT4-fs (loop6): error: could not find journal device path: error -2 [ 110.129687][ T6213] process 'syz.1.630' launched './file0' with NULL argv: empty string added [ 111.061434][ T6224] loop5: detected capacity change from 0 to 1024 [ 111.205024][ T6224] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 111.548086][ T6250] loop5: detected capacity change from 0 to 164 [ 111.566340][ T6254] tipc: Enabled bearer , priority 0 [ 111.573374][ T6254] device syzkaller0 entered promiscuous mode [ 111.605619][ T6254] tipc: Resetting bearer [ 111.626557][ T6252] tipc: Resetting bearer [ 111.643274][ T6250] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 111.647453][ T6252] tipc: Disabling bearer [ 111.885321][ T6262] netlink: 64 bytes leftover after parsing attributes in process `syz.6.641'. [ 112.030833][ T6273] capability: warning: `syz.6.644' uses 32-bit capabilities (legacy support in use) [ 112.282727][ T6284] loop0: detected capacity change from 0 to 512 [ 112.336607][ T6288] netlink: 96 bytes leftover after parsing attributes in process `syz.6.649'. [ 112.349307][ T6284] EXT4-fs (loop0): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback. [ 112.398566][ T6294] tipc: Enabled bearer , priority 0 [ 112.408257][ T6294] device syzkaller0 entered promiscuous mode [ 112.481783][ T6294] tipc: Resetting bearer [ 112.492440][ T6293] tipc: Resetting bearer [ 112.517831][ T6293] tipc: Disabling bearer [ 112.597486][ T6311] loop4: detected capacity change from 0 to 164 [ 112.605149][ T6300] netlink: 60 bytes leftover after parsing attributes in process `syz.6.652'. [ 112.647420][ T6311] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 112.693468][ T6312] device bond1 entered promiscuous mode [ 112.724031][ T6312] 8021q: adding VLAN 0 to HW filter on device bond1 [ 112.787850][ T6312] bond1 (unregistering): Released all slaves [ 113.143081][ T26] kauditd_printk_skb: 29 callbacks suppressed [ 113.143094][ T26] audit: type=1326 audit(113.080:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x0 [ 113.161603][ T6325] netlink: 4 bytes leftover after parsing attributes in process `syz.1.658'. [ 113.919134][ T26] audit: type=1326 audit(113.860:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 113.934550][ T26] audit: type=1326 audit(113.870:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.026969][ T26] audit: type=1326 audit(113.870:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.048585][ T6343] loop6: detected capacity change from 0 to 128 [ 114.073975][ T26] audit: type=1326 audit(113.870:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.104425][ T26] audit: type=1326 audit(113.920:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.131140][ T26] audit: type=1326 audit(113.940:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.152283][ T26] audit: type=1326 audit(113.940:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.212626][ T6357] loop0: detected capacity change from 0 to 164 [ 114.286976][ T26] audit: type=1326 audit(113.940:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.339236][ T26] audit: type=1326 audit(113.940:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6324 comm="syz.1.658" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 114.490825][ T6357] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 115.198646][ T4078] Process accounting resumed [ 115.200771][ T4078] FAT-fs (loop6): error, corrupted file size (i_pos 548, 512) [ 115.203030][ T4078] FAT-fs (loop6): Filesystem has been set read-only [ 116.594041][ T6407] loop4: detected capacity change from 0 to 512 [ 116.742142][ T6407] EXT4-fs (loop4): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback. [ 118.750183][ T6463] loop0: detected capacity change from 0 to 128 [ 119.776600][ T6477] xt_hashlimit: size too large, truncated to 1048576 [ 119.809037][ T6480] loop5: detected capacity change from 0 to 512 [ 119.849207][ T6483] device hsr0 entered promiscuous mode [ 119.947522][ T6480] EXT4-fs (loop5): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback. [ 120.008075][ T6494] netlink: 256 bytes leftover after parsing attributes in process `syz.1.708'. [ 120.435721][ T6514] netlink: 72 bytes leftover after parsing attributes in process `syz.6.715'. [ 121.575984][ T6535] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.694756][ T6546] xt_hashlimit: max too large, truncated to 1048576 [ 121.717604][ T6535] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.826508][ T6535] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 121.869098][ T6552] loop5: detected capacity change from 0 to 512 [ 121.927059][ T6535] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.014826][ T6552] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! [ 122.019022][ T6552] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode [ 122.094020][ T6552] EXT4-fs (loop5): 1 truncate cleaned up [ 122.104922][ T6552] EXT4-fs (loop5): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000040,stripe=0x0000000000004000,errors=remount-ro,minixdf,. Quota mode: none. [ 122.326031][ T6535] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.360662][ T6535] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.428911][ T6535] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.459951][ T6535] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.522241][ T6580] loop5: detected capacity change from 0 to 1024 [ 122.616511][ T6580] EXT4-fs (loop5): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none. [ 122.682474][ T6580] EXT4-fs error (device loop5): ext4_map_blocks:739: inode #15: block 1: comm syz.5.728: lblock 1 mapped to illegal pblock 1 (length 15) [ 123.830522][ T6623] loop5: detected capacity change from 0 to 512 [ 124.021272][ T6623] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 124.049888][ T6623] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #2: comm syz.5.736: corrupted inode contents [ 124.095065][ T26] kauditd_printk_skb: 17 callbacks suppressed [ 124.095077][ T26] audit: type=1326 audit(124.040:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.102883][ T26] audit: type=1326 audit(124.040:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.125159][ T6623] EXT4-fs error (device loop5): ext4_dirty_inode:6040: inode #2: comm syz.5.736: mark_inode_dirty error [ 124.146497][ T6623] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #2: comm syz.5.736: corrupted inode contents [ 124.154278][ T26] audit: type=1326 audit(124.080:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.194255][ T26] audit: type=1326 audit(124.080:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.207889][ T6637] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #2: comm syz.5.736: corrupted inode contents [ 124.219341][ T26] audit: type=1326 audit(124.080:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.253621][ T26] audit: type=1326 audit(124.080:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.254562][ T6637] EXT4-fs error (device loop5): ext4_dirty_inode:6040: inode #2: comm syz.5.736: mark_inode_dirty error [ 124.284991][ T26] audit: type=1326 audit(124.080:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.303968][ T6637] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #2: comm syz.5.736: corrupted inode contents [ 124.308910][ T26] audit: type=1326 audit(124.080:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.341175][ T6637] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #2: comm syz.5.736: mark_inode_dirty error [ 124.349971][ T26] audit: type=1326 audit(124.080:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.365416][ T6637] EXT4-fs error (device loop5): ext4_do_update_inode:5204: inode #2: comm syz.5.736: corrupted inode contents [ 124.384756][ T6637] EXT4-fs error (device loop5): ext4_dirty_inode:6040: inode #2: comm syz.5.736: mark_inode_dirty error [ 124.392678][ T26] audit: type=1326 audit(124.080:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6633 comm="syz.1.746" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 124.403304][ T6650] netlink: 8 bytes leftover after parsing attributes in process `syz.4.751'. [ 124.509302][ T6657] netlink: 'syz.6.753': attribute type 13 has an invalid length. [ 124.596026][ T6657] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 124.599740][ T6658] loop4: detected capacity change from 0 to 512 [ 124.613864][ T6660] x_tables: ip6_tables: mh match: only valid for protocol 135 [ 124.628552][ T6657] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 125.370121][ T6658] EXT4-fs warning (device loop4): ext4_enable_quotas:6459: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix. [ 125.386268][ T6658] EXT4-fs (loop4): mount failed [ 125.459074][ T6657] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 125.614588][ T6657] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check. [ 125.757096][ T6678] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 125.815595][ T6678] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 125.817804][ T6678] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 125.821315][ T6678] device bridge_slave_0 left promiscuous mode [ 125.823913][ T6678] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.959235][ T6678] device bridge_slave_1 left promiscuous mode [ 125.961854][ T6678] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.068957][ T6678] bond0: (slave bond_slave_0): Releasing backup interface [ 126.137238][ T6678] bond0: (slave bond_slave_1): Releasing backup interface [ 126.263617][ T6678] team0: Port device team_slave_0 removed [ 126.303532][ T6678] team0: Port device team_slave_1 removed [ 126.310090][ T6678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 126.319688][ T6678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 126.331819][ T6678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 126.341223][ T6678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 126.375897][ T6689] netlink: 'syz.4.758': attribute type 4 has an invalid length. [ 126.382796][ T6689] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.758'. [ 126.421700][ T6706] netlink: 16 bytes leftover after parsing attributes in process `syz.6.766'. [ 126.668025][ T6721] loop4: detected capacity change from 0 to 164 [ 126.693792][ T6721] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 126.955961][ T6728] netlink: 12 bytes leftover after parsing attributes in process `syz.6.781'. [ 128.868088][ T6785] loop4: detected capacity change from 0 to 164 [ 128.904841][ T6785] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 131.091689][ T6811] veth0: mtu less than device minimum [ 131.115493][ T2054] ieee802154 phy0 wpan0: encryption failed: -22 [ 131.117458][ T2054] ieee802154 phy1 wpan1: encryption failed: -22 [ 131.192224][ T6811] xt_hashlimit: max too large, truncated to 1048576 [ 132.136560][ T6821] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 132.310166][ T6830] loop4: detected capacity change from 0 to 164 [ 132.324607][ T6830] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 132.698606][ T6841] device ipvlan2 entered promiscuous mode [ 132.881453][ T6847] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 133.368601][ T6854] veth0: mtu less than device minimum [ 134.098794][ T6853] xt_hashlimit: max too large, truncated to 1048576 [ 134.393745][ T26] kauditd_printk_skb: 8 callbacks suppressed [ 134.393759][ T26] audit: type=1326 audit(134.330:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.401693][ T26] audit: type=1326 audit(134.330:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.434125][ T26] audit: type=1326 audit(134.360:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.455348][ T26] audit: type=1326 audit(134.360:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.474291][ T26] audit: type=1326 audit(134.360:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.488419][ T26] audit: type=1326 audit(134.370:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.532723][ T26] audit: type=1326 audit(134.370:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.551948][ T6863] loop5: detected capacity change from 0 to 2048 [ 134.559872][ T26] audit: type=1326 audit(134.370:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.601798][ T26] audit: type=1326 audit(134.380:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.614812][ T26] audit: type=1326 audit(134.380:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6860 comm="syz.4.819" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 134.691822][ T6863] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none. [ 134.899987][ T6879] netlink: 24 bytes leftover after parsing attributes in process `+}[@'. [ 134.927288][ T6863] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 134.967422][ T6882] loop4: detected capacity change from 0 to 164 [ 134.969987][ T6863] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 300 with error 28 [ 134.993123][ T6863] EXT4-fs (loop5): This should not happen!! Data will be lost [ 134.993123][ T6863] [ 135.003253][ T6863] EXT4-fs (loop5): Total free blocks count 0 [ 135.005395][ T6863] EXT4-fs (loop5): Free/Dirty block details [ 135.007079][ T6863] EXT4-fs (loop5): free_blocks=2415919104 [ 135.008739][ T6863] EXT4-fs (loop5): dirty_blocks=304 [ 135.019647][ T6882] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 135.043069][ T6863] EXT4-fs (loop5): Block reservation details [ 135.045161][ T6863] EXT4-fs (loop5): i_reserved_data_blocks=19 [ 135.397768][ T6893] veth0: mtu less than device minimum [ 137.334441][ T4160] Bluetooth: hci5: command 0x0409 tx timeout [ 137.358654][ T6886] chnl_net:caif_netlink_parms(): no params data found [ 137.522849][ T6917] loop5: detected capacity change from 0 to 1024 [ 137.718166][ T6886] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.724453][ T6886] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.757675][ T6886] device bridge_slave_0 entered promiscuous mode [ 137.761552][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.4.838'. [ 137.779169][ T6886] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.781266][ T6886] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.801748][ T6886] device bridge_slave_1 entered promiscuous mode [ 137.804720][ T6917] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodelalloc,nobarrier,errors=remount-ro,. Quota mode: none. [ 137.912949][ T6886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 137.939512][ T6886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.056431][ T6886] team0: Port device team_slave_0 added [ 138.060223][ T6886] team0: Port device team_slave_1 added [ 138.089440][ T6932] loop4: detected capacity change from 0 to 164 [ 138.160652][ T6933] IPv6: Can't replace route, no match found [ 138.173446][ T6932] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 138.214955][ T6886] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.217380][ T6886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.235384][ T6886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 138.240101][ T6886] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 138.242003][ T6886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 138.295259][ T6886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 138.569570][ T6886] device hsr_slave_0 entered promiscuous mode [ 138.615029][ T6886] device hsr_slave_1 entered promiscuous mode [ 139.414854][ T4078] Bluetooth: hci5: command 0x041b tx timeout [ 139.627510][ T6949] device macvtap0 entered promiscuous mode [ 139.629950][ T6949] device macvtap0 left promiscuous mode [ 139.844724][ T26] kauditd_printk_skb: 10 callbacks suppressed [ 139.844737][ T26] audit: type=1326 audit(139.790:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 139.855758][ T26] audit: type=1326 audit(139.790:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=240 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 139.861703][ T26] audit: type=1326 audit(139.790:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 139.902659][ T26] audit: type=1326 audit(139.800:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 139.944259][ T26] audit: type=1326 audit(139.800:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 139.962965][ T6957] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.965630][ T6957] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.983801][ T26] audit: type=1326 audit(139.800:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 140.004867][ T6962] device bridge_slave_1 left promiscuous mode [ 140.007480][ T26] audit: type=1326 audit(139.800:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 140.007837][ T6962] bridge0: port 2(bridge_slave_1) entered disabled state [ 140.031053][ T26] audit: type=1326 audit(139.800:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 140.071323][ T26] audit: type=1326 audit(139.810:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 140.100041][ T26] audit: type=1326 audit(139.810:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6954 comm="syz.6.850" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 140.107543][ T6962] device bridge_slave_0 left promiscuous mode [ 140.109289][ T6962] bridge0: port 1(bridge_slave_0) entered disabled state [ 140.485025][ T6886] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 140.558813][ T6886] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 140.616613][ T6886] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 140.746981][ T6886] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 140.795822][ T6992] netlink: 14593 bytes leftover after parsing attributes in process `syz.6.866'. [ 140.856436][ T7001] netlink: 24 bytes leftover after parsing attributes in process `syz.4.867'. [ 140.908395][ T7006] loop5: detected capacity change from 0 to 512 [ 140.984818][ T7006] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 140.987218][ T7006] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem [ 141.131499][ T7006] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.868: iget: bad extended attribute block 1 [ 141.193049][ T7006] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.868: couldn't read orphan inode 15 (err -117) [ 141.651450][ T7020] block device autoloading is deprecated and will be removed. [ 141.982867][ T4078] Bluetooth: hci5: command 0x040f tx timeout [ 141.986449][ T7006] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,norecovery,mblk_io_submit,noload,resgid=0x0000000000000000,nodiscard,,errors=continue. Quota mode: none. [ 141.993712][ T6886] 8021q: adding VLAN 0 to HW filter on device bond0 [ 142.074527][ T7006] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 142.307207][ T6886] 8021q: adding VLAN 0 to HW filter on device team0 [ 142.333722][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 142.338709][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 142.348416][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 142.351513][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 142.359776][ T148] bridge0: port 1(bridge_slave_0) entered blocking state [ 142.361945][ T148] bridge0: port 1(bridge_slave_0) entered forwarding state [ 142.463212][ T7027] xt_hashlimit: max too large, truncated to 1048576 [ 142.505919][ T7027] loop4: detected capacity change from 0 to 512 [ 142.729311][ T7029] netlink: 28 bytes leftover after parsing attributes in process `syz.6.876'. [ 142.737541][ T7027] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback. [ 142.827143][ T6886] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 142.852770][ T6886] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 143.469243][ T6886] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 143.974188][ C0] sched: RT throttling activated [ 143.980133][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 143.985557][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 143.999663][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 144.045463][ T148] bridge0: port 2(bridge_slave_1) entered blocking state [ 144.047509][ T148] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.049972][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 144.112795][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 144.134047][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 144.174968][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 144.204960][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 144.230492][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 144.255381][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 144.275141][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 144.291206][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 144.310011][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 144.325467][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 144.341547][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 144.367969][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 144.387782][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 144.548382][ T13] Bluetooth: hci5: command 0x0419 tx timeout [ 144.605837][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 144.608884][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 144.656451][ T6886] device veth0_vlan entered promiscuous mode [ 144.660040][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 144.662812][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 144.685923][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 144.691356][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 144.706564][ T6886] device veth1_vlan entered promiscuous mode [ 144.812494][ T5557] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 144.816237][ T5557] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 144.826986][ T5557] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 144.835276][ T5557] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 144.853287][ T6886] device veth0_macvtap entered promiscuous mode [ 144.865530][ T6886] device veth1_macvtap entered promiscuous mode [ 144.888107][ T7052] netlink: 'syz.6.880': attribute type 10 has an invalid length. [ 145.001357][ T7052] team0: Port device dummy0 added [ 145.006765][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 145.009477][ T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 145.013526][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.074373][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.077007][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.079892][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.082581][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.145062][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.147976][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 145.152423][ T26] kauditd_printk_skb: 14 callbacks suppressed [ 145.152435][ T26] audit: type=1326 audit(145.090:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.189461][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.193247][ T26] audit: type=1326 audit(145.120:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.221652][ T26] audit: type=1326 audit(145.130:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.222447][ T6886] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 145.264607][ T26] audit: type=1326 audit(145.130:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.271889][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 145.274976][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 145.286835][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.289962][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.292596][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.304528][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.307281][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.310025][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.313706][ T26] audit: type=1326 audit(145.130:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.323062][ T6886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 145.333196][ T6886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 145.337552][ T6886] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 145.348062][ T6886] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.350423][ T6886] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.352752][ T6886] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.355419][ T26] audit: type=1326 audit(145.140:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.371952][ T26] audit: type=1326 audit(145.140:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.382063][ T6886] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.395499][ T26] audit: type=1326 audit(145.140:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.426115][ T26] audit: type=1326 audit(145.150:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=0 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.445427][ T26] audit: type=1326 audit(145.150:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7065 comm="syz.5.886" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 145.464251][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 145.468123][ T5699] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 146.670993][ T148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.673587][ T148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.712012][ T148] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 146.766662][ T5654] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 146.769621][ T5654] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 146.774664][ T5557] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 147.390890][ T7126] loop5: detected capacity change from 0 to 1024 [ 148.359298][ T7126] EXT4-fs (loop5): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none. [ 148.648085][ T7157] loop7: detected capacity change from 0 to 1024 [ 148.770920][ T7157] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 148.917005][ T7157] EXT4-fs (loop7): mounted filesystem without journal. Opts: delalloc,nojournal_checksum,barrier=0x0000000000010002,dioread_lock,data_err=ignore,mb_optimize_scan=0x0000000000000000,dioread_nolock,nobarrier,abort,nogrpid,norecovery,errors=remount-ro,. Quota mode: none. [ 149.858113][ T7157] netlink: 'syz.7.916': attribute type 10 has an invalid length. [ 150.031788][ T7182] loop5: detected capacity change from 0 to 128 [ 150.056589][ T7184] netlink: 'syz.4.924': attribute type 2 has an invalid length. [ 150.061725][ T7178] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.916: bg 0: block 494: padding at end of block bitmap is not set [ 150.067775][ T7182] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 150.121166][ T7157] team0: Port device dummy0 added [ 150.190395][ T7190] loop4: detected capacity change from 0 to 512 [ 150.262672][ T7178] EXT4-fs (loop7): Remounting filesystem read-only [ 150.367710][ T7190] EXT4-fs error (device loop4): ext4_orphan_get:1427: comm syz.4.927: bad orphan inode 11862016 [ 150.370911][ T7190] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 150.588031][ T7203] xt_CT: You must specify a L4 protocol and not use inversions on it [ 150.732191][ T7211] vhci_hcd: invalid port number 96 [ 150.733642][ T7211] vhci_hcd: default hub control req: 2000 vfffc i0060 l7 [ 151.279081][ T26] kauditd_printk_skb: 103 callbacks suppressed [ 151.279094][ T26] audit: type=1326 audit(151.220:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7235 comm="syz.4.947" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 151.301291][ T26] audit: type=1326 audit(151.240:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7235 comm="syz.4.947" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=132 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 151.344391][ T26] audit: type=1326 audit(151.260:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7235 comm="syz.4.947" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 152.145019][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.5.962'. [ 152.152962][ T7267] netlink: 312 bytes leftover after parsing attributes in process `syz.5.962'. [ 152.161253][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.5.962'. [ 153.064774][ T7310] netlink: 8 bytes leftover after parsing attributes in process `syz.5.983'. [ 153.107393][ T7311] netlink: 132 bytes leftover after parsing attributes in process `syz.1.984'. [ 153.221578][ T26] audit: type=1326 audit(153.150:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.6.985" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 153.229929][ T26] audit: type=1326 audit(153.170:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.6.985" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 153.249508][ T7318] xt_hashlimit: max too large, truncated to 1048576 [ 153.256141][ T26] audit: type=1326 audit(153.170:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.6.985" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 153.291670][ T26] audit: type=1326 audit(153.170:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.6.985" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=2 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 153.309357][ T26] audit: type=1326 audit(153.170:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.6.985" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 154.223330][ T7347] loop5: detected capacity change from 0 to 512 [ 154.316587][ T7347] EXT4-fs (loop5): Ignoring removed mblk_io_submit option [ 154.405204][ T7347] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b816c118, mo2=0002] [ 154.407493][ T7347] System zones: 1-12 [ 154.424058][ T7347] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2228: inode #15: comm syz.5.999: corrupted in-inode xattr [ 154.428153][ T7347] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.999: couldn't read orphan inode 15 (err -117) [ 154.447458][ T7347] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue. Quota mode: writeback. [ 154.723017][ T7361] loop7: detected capacity change from 0 to 512 [ 154.752338][ T7361] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 154.803639][ T7361] EXT4-fs warning (device loop7): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck. [ 154.859808][ T7361] EXT4-fs (loop7): 1 truncate cleaned up [ 155.628871][ T7361] EXT4-fs (loop7): mounted filesystem without journal. Opts: i_version,nombcache,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,sysvgroups,,errors=continue. Quota mode: none. [ 155.810140][ T7369] netlink: 164 bytes leftover after parsing attributes in process `syz.7.1005'. [ 155.885373][ T7368] xt_CT: You must specify a L4 protocol and not use inversions on it [ 155.919836][ T7378] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1009'. [ 156.135651][ T7391] loop4: detected capacity change from 0 to 512 [ 156.333634][ T7391] EXT4-fs (loop4): Ignoring removed mblk_io_submit option [ 156.378563][ T7391] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b816c118, mo2=0002] [ 156.381234][ T7391] System zones: 1-12 [ 156.422936][ T7406] xt_CT: You must specify a L4 protocol and not use inversions on it [ 156.424397][ T7391] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2228: inode #15: comm syz.4.1019: corrupted in-inode xattr [ 156.435541][ T7391] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1019: couldn't read orphan inode 15 (err -117) [ 156.442006][ T7391] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,data_err=abort,debug,noload,mblk_io_submit,commit=0x0000000000000005,init_itable=0x0000000000000601,grpquota,,errors=continue. Quota mode: writeback. [ 157.971417][ T7443] loop7: detected capacity change from 0 to 512 [ 158.109687][ T7443] EXT4-fs (loop7): 1 orphan inode deleted [ 158.111334][ T7443] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 158.124377][ T26] audit: type=1326 audit(158.070:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.155261][ T26] audit: type=1326 audit(158.090:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.162282][ T26] audit: type=1326 audit(158.090:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.256527][ T26] audit: type=1326 audit(158.090:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.284236][ T26] audit: type=1326 audit(158.090:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.290495][ T26] audit: type=1326 audit(158.090:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.363274][ T7464] loop4: detected capacity change from 0 to 164 [ 158.374510][ T26] audit: type=1326 audit(158.090:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.412262][ T26] audit: type=1326 audit(158.090:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=210 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.429189][ T26] audit: type=1326 audit(158.090:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.455232][ T7443] serio: Serial port ptm0 [ 158.496398][ T26] audit: type=1326 audit(158.090:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7449 comm="syz.6.1041" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=209 compat=0 ip=0xffffa6449ba8 code=0x7ffc0000 [ 158.508575][ T7464] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 158.553716][ T7443] EXT4-fs error (device loop7): ext4_lookup:1858: inode #15: comm syz.7.1037: iget: bad i_size value: 360287970189639690 [ 159.560719][ T7521] netlink: 'syz.4.1073': attribute type 1 has an invalid length. [ 159.732171][ T7521] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1073'. [ 159.752753][ T7524] xt_CT: You must specify a L4 protocol and not use inversions on it [ 159.789914][ T7521] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 159.824743][ T7521] bond1: (slave batadv1): Enslaving as a backup interface with an up link [ 159.850442][ T7532] xt_CT: You must specify a L4 protocol and not use inversions on it [ 159.940997][ T7526] bond1 (unregistering): (slave batadv1): Releasing backup interface [ 160.004782][ T7538] hub 9-0:1.0: USB hub found [ 160.035756][ T7526] bond1 (unregistering): Released all slaves [ 160.035793][ T7538] hub 9-0:1.0: 8 ports detected [ 160.226190][ T7549] loop7: detected capacity change from 0 to 512 [ 160.306333][ T7549] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode [ 160.322941][ T7549] EXT4-fs (loop7): 1 truncate cleaned up [ 160.325812][ T7549] EXT4-fs (loop7): mounted filesystem without journal. Opts: noblock_validity,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,noauto_da_alloc,usrjquota=,,errors=continue. Quota mode: none. [ 160.351641][ T7558] netlink: 'syz.6.1088': attribute type 298 has an invalid length. [ 160.652896][ T7570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1092'. [ 160.997992][ T7587] xt_hashlimit: max too large, truncated to 1048576 [ 161.162933][ T7594] loop4: detected capacity change from 0 to 1024 [ 161.224469][ T7594] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 161.227963][ T7594] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869) [ 161.238907][ T7594] JBD2: no valid journal superblock found [ 161.240671][ T7594] EXT4-fs (loop4): error loading journal [ 161.272083][ T6823] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.340223][ T6823] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.383214][ T7605] vhci_hcd: default hub control req: 600e v09fa i0008 l0 [ 161.440444][ T6823] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.552915][ T6823] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.936104][ T6823] tipc: Left network mode [ 162.422155][ T7667] device veth1_macvtap left promiscuous mode [ 162.424136][ T7667] device macsec0 entered promiscuous mode [ 163.212188][ T7729] vhci_hcd: invalid port number 96 [ 163.213656][ T7729] vhci_hcd: default hub control req: 0300 vfffa i0060 l0 [ 163.348176][ T7743] loop7: detected capacity change from 0 to 128 [ 163.405327][ T7743] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61417200 (sector = 1) [ 163.562307][ T7756] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.667860][ T7774] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1169'. [ 163.779437][ T7756] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.896576][ T7756] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.009140][ T7756] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 164.044900][ T7791] loop5: detected capacity change from 0 to 512 [ 164.057059][ T26] kauditd_printk_skb: 43 callbacks suppressed [ 164.057071][ T26] audit: type=1326 audit(164.000:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.7.1176" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dc3dba8 code=0x7ffc0000 [ 164.074157][ T26] audit: type=1326 audit(164.000:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.7.1176" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=28 compat=0 ip=0xffff8dc3dba8 code=0x7ffc0000 [ 164.111716][ T26] audit: type=1326 audit(164.000:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7789 comm="syz.7.1176" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8dc3dba8 code=0x7ffc0000 [ 164.222007][ T7796] xt_hashlimit: overflow, try lower: 18446744073709551615/7 [ 164.228298][ T6823] device hsr_slave_0 left promiscuous mode [ 164.255817][ T6823] device hsr_slave_1 left promiscuous mode [ 164.319208][ T7800] loop5: detected capacity change from 0 to 164 [ 164.325590][ T6823] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 164.327904][ T6823] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 164.334919][ T6823] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 164.337006][ T6823] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 164.340237][ T6823] device bridge_slave_1 left promiscuous mode [ 164.346037][ T6823] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.369769][ T7800] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 164.405099][ T6823] device bridge_slave_0 left promiscuous mode [ 164.407656][ T6823] bridge0: port 1(bridge_slave_0) entered disabled state [ 164.604795][ T6823] device veth1_macvtap left promiscuous mode [ 164.606746][ T6823] device veth0_macvtap left promiscuous mode [ 164.608442][ T6823] device veth1_vlan left promiscuous mode [ 164.610085][ T6823] device veth0_vlan left promiscuous mode [ 164.643585][ T7807] loop7: detected capacity change from 0 to 512 [ 164.694491][ T7807] EXT4-fs (loop7): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 164.720004][ T7807] EXT4-fs error (device loop7): ext4_orphan_get:1401: inode #15: comm syz.7.1183: iget: bad extended attribute block 1 [ 164.724438][ T7807] EXT4-fs error (device loop7): ext4_orphan_get:1406: comm syz.7.1183: couldn't read orphan inode 15 (err -117) [ 164.729161][ T7807] EXT4-fs (loop7): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000008,dioread_nolock,,errors=continue. Quota mode: none. [ 165.069982][ T7818] netlink: 100 bytes leftover after parsing attributes in process `syz.7.1187'. [ 165.209410][ T7822] loop7: detected capacity change from 0 to 736 [ 165.213321][ T6823] team0 (unregistering): Port device team_slave_1 removed [ 165.229488][ T6823] team0 (unregistering): Port device team_slave_0 removed [ 165.239272][ T6823] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 165.284568][ T6823] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 165.516825][ T6823] bond0 (unregistering): Released all slaves [ 165.762323][ T7756] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.769991][ T7756] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.785673][ T7756] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 165.794026][ T7756] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 166.157126][ T7855] loop5: detected capacity change from 0 to 128 [ 166.182678][ T7856] netlink: 'syz.7.1203': attribute type 2 has an invalid length. [ 166.234054][ T7855] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x61417200 (sector = 1) [ 167.270562][ T7900] udc-core: couldn't find an available UDC or it's busy [ 167.278690][ T7900] misc raw-gadget: fail, usb_gadget_probe_driver returned -19 [ 167.388560][ T26] audit: type=1326 audit(167.330:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.400405][ T26] audit: type=1326 audit(167.330:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.431668][ T26] audit: type=1326 audit(167.330:768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.456243][ T26] audit: type=1326 audit(167.340:769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=1 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.478079][ T26] audit: type=1326 audit(167.340:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.501119][ T26] audit: type=1326 audit(167.340:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.522150][ T26] audit: type=1326 audit(167.340:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7899 comm="syz.4.1214" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb3f95ba8 code=0x7ffc0000 [ 167.877254][ T7919] loop7: detected capacity change from 0 to 8192 [ 168.043166][ T7932] loop4: detected capacity change from 0 to 1024 [ 168.113674][ T7932] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 168.149993][ T7932] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000004,dioread_nolock,. Quota mode: none. [ 169.015111][ T3617] Bluetooth: hci4: command 0x0406 tx timeout [ 169.141081][ T4952] Bluetooth: hci3: command 0x0406 tx timeout [ 169.179152][ T26] kauditd_printk_skb: 27 callbacks suppressed [ 169.179164][ T26] audit: type=1326 audit(169.120:800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.198233][ T26] audit: type=1326 audit(169.130:801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=101 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.313473][ T26] audit: type=1326 audit(169.200:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.334391][ T26] audit: type=1326 audit(169.200:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.340231][ T26] audit: type=1326 audit(169.200:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.381754][ T26] audit: type=1326 audit(169.220:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.416020][ T26] audit: type=1326 audit(169.220:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.422335][ T26] audit: type=1326 audit(169.220:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=199 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.451340][ T26] audit: type=1326 audit(169.220:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.474507][ T26] audit: type=1326 audit(169.220:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7966 comm="syz.5.1238" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86de5ba8 code=0x7ffc0000 [ 169.707710][ T8003] Cannot find add_set index 0 as target [ 169.717490][ T8009] loop4: detected capacity change from 0 to 164 [ 169.774709][ T8009] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 170.136939][ T8022] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.1253'. [ 170.140151][ T8013] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.1253'. [ 170.758618][ T8039] Invalid ELF header magic: != ELF [ 170.798109][ T8039] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 170.800789][ T8039] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 171.039936][ T8062] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 171.379416][ T8072] netlink: 'syz.4.1270': attribute type 4 has an invalid length. [ 171.388960][ T8072] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.1270'. [ 174.362327][ T8122] loop4: detected capacity change from 0 to 164 [ 175.095637][ T8122] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 175.402390][ T8128] netlink: 'syz.5.1285': attribute type 4 has an invalid length. [ 175.404807][ T8128] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.1285'. [ 175.955176][ T8144] atomic_op 0000000044b1c5b9 conn xmit_atomic 0000000000000000 [ 176.072658][ T8147] device syzkaller1 entered promiscuous mode [ 176.104219][ T26] kauditd_printk_skb: 35 callbacks suppressed [ 176.104232][ T26] audit: type=1326 audit(176.030:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.111714][ T26] audit: type=1326 audit(176.040:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.141834][ T8153] loop5: detected capacity change from 0 to 512 [ 176.150263][ T26] audit: type=1326 audit(176.040:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.166451][ T26] audit: type=1326 audit(176.050:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.174948][ T26] audit: type=1326 audit(176.050:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.180952][ T8153] EXT4-fs (loop5): error: journal path ./bus is not a block device [ 176.202710][ T26] audit: type=1326 audit(176.050:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.224512][ T26] audit: type=1326 audit(176.050:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.230706][ T26] audit: type=1326 audit(176.050:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=431 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.264861][ T26] audit: type=1326 audit(176.050:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8149 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.494081][ T26] audit: type=1326 audit(176.430:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8168 comm="syz.1.1301" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 176.649260][ T8180] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1304'. [ 177.377602][ T8211] device macvlan1 entered promiscuous mode [ 177.399154][ T8211] device ipvlan0 entered promiscuous mode [ 177.401935][ T8211] device ipvlan0 left promiscuous mode [ 177.404074][ T8211] device macvlan1 left promiscuous mode [ 177.610137][ T8229] loop5: detected capacity change from 0 to 164 [ 177.653228][ T8229] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 178.573082][ T8266] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1334'. [ 178.921150][ T8280] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1340'. [ 178.925216][ T8280] IPVS: Error joining to the multicast group [ 178.929180][ T8281] netlink: 'syz.6.1341': attribute type 10 has an invalid length. [ 179.083544][ T8289] loop5: detected capacity change from 0 to 164 [ 179.181416][ T8289] rock: corrupted directory entry. extent=28, offset=16056320, size=0 [ 179.185238][ T8296] loop4: detected capacity change from 0 to 512 [ 179.396790][ T8296] EXT4-fs (loop4): mounted filesystem without journal. Opts: mb_optimize_scan=0x0000000000000000,mb_optimize_scan=0x0000000000000001,stripe=0x0000000000000004,,errors=continue. Quota mode: writeback. [ 179.542186][ T8304] netlink: 8 bytes leftover after parsing attributes in process `+}[@'. [ 179.575983][ T8304] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready [ 179.587002][ T8295] device veth1_to_bond entered promiscuous mode [ 179.603507][ T8304] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 179.656057][ T8305] device veth1_to_bond left promiscuous mode [ 180.587174][ T8327] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1359'. [ 180.599777][ T8329] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 181.010186][ T8340] loop4: detected capacity change from 0 to 512 [ 181.086445][ T8340] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002] [ 181.090067][ T8340] System zones: 0-2, 18-18, 34-35 [ 181.107864][ T8340] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nodioread_nolock,discard,debug,,errors=continue. Quota mode: writeback. [ 181.265889][ T8355] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1366'. [ 181.449516][ T8363] loop4: detected capacity change from 0 to 512 [ 181.612014][ T8363] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 181.614475][ T8363] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002] [ 181.616710][ T8363] System zones: 0-1, 15-15, 18-18, 34-34 [ 181.618969][ T8363] EXT4-fs (loop4): orphan cleanup on readonly fs [ 181.620799][ T8363] __quota_error: 81 callbacks suppressed [ 181.620808][ T8363] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0 [ 181.665457][ T8363] EXT4-fs warning (device loop4): ext4_enable_quotas:6459: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix. [ 181.669669][ T8363] EXT4-fs (loop4): Cannot turn on quotas: error -22 [ 181.805381][ T8363] EXT4-fs (loop4): 1 truncate cleaned up [ 181.807028][ T8363] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc=0x0000000000000005,,errors=continue. Quota mode: writeback. [ 182.822341][ T26] audit: type=1326 audit(182.760:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8381 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 182.841422][ T26] audit: type=1326 audit(182.780:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8381 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 182.898260][ T26] audit: type=1326 audit(182.790:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8381 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 182.921359][ T26] audit: type=1326 audit(182.790:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8381 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 182.961723][ T26] audit: type=1326 audit(182.790:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8381 comm="syz.1.1372" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f6e6ba8 code=0x7ffc0000 [ 183.063984][ T8393] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 183.706338][ T8398] chnl_net:caif_netlink_parms(): no params data found [ 183.801081][ T8398] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.809268][ T8398] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.812179][ T8398] device bridge_slave_0 entered promiscuous mode [ 183.837141][ T8398] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.839127][ T8398] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.841873][ T8398] device bridge_slave_1 entered promiscuous mode [ 184.021478][ T8398] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 184.057120][ T8398] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 184.138007][ T8398] team0: Port device team_slave_0 added [ 184.155957][ T8398] team0: Port device team_slave_1 added [ 184.182722][ T8456] loop4: detected capacity change from 0 to 512 [ 184.224760][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 184.226979][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.257379][ T8398] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 184.273848][ T8398] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 184.277417][ T8398] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 184.293957][ T8398] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 184.340005][ T8456] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 184.342202][ T8456] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01c, mo2=0002] [ 184.346639][ T8456] EXT4-fs (loop4): orphan cleanup on readonly fs [ 184.348972][ T8456] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #13: comm syz.4.1399: iget: bad i_size value: 12154761577498 [ 184.357552][ T8456] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.1399: couldn't read orphan inode 13 (err -117) [ 184.381805][ T8456] EXT4-fs (loop4): mounted filesystem without journal. Opts: commit=0x0000000000000000,noblock_validity,user_xattr,,errors=continue. Quota mode: none. [ 184.407241][ T8398] device hsr_slave_0 entered promiscuous mode [ 184.442108][ T8456] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.1399: dx entry: limit 65535 != root limit 120 [ 184.447988][ T8398] device hsr_slave_1 entered promiscuous mode [ 184.465710][ T8456] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.1399: Corrupt directory, running e2fsck is recommended [ 184.494271][ T8398] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 184.497581][ T8398] Cannot create hsr debugfs directory [ 184.726222][ T8398] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 184.773560][ T8398] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 184.774880][ T4152] Bluetooth: hci1: command 0x0406 tx timeout [ 184.836736][ T8398] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 184.862726][ T8398] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 185.174464][ T4152] Bluetooth: hci0: command 0x0409 tx timeout [ 185.210979][ T8496] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1410'. [ 185.231257][ T8398] 8021q: adding VLAN 0 to HW filter on device bond0 [ 185.248393][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 185.251073][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 185.280707][ T8398] 8021q: adding VLAN 0 to HW filter on device team0 [ 185.448642][ T8503] loop5: detected capacity change from 0 to 128 [ 185.461884][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 185.468817][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 185.471634][ T9] bridge0: port 1(bridge_slave_0) entered blocking state [ 185.473605][ T9] bridge0: port 1(bridge_slave_0) entered forwarding state [ 185.513545][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 185.545878][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 185.557092][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 185.566976][ T9] bridge0: port 2(bridge_slave_1) entered blocking state [ 185.568974][ T9] bridge0: port 2(bridge_slave_1) entered forwarding state [ 185.577635][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 185.591503][ T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 185.619073][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 185.623433][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 185.631884][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 185.658150][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 185.672693][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 185.699962][ T8398] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 185.708392][ T8398] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 185.741882][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 185.750188][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 185.753413][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 185.771324][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 185.782635][ T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 185.990933][ T5654] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 185.993149][ T5654] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 186.035960][ T8398] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 186.099045][ T8542] loop5: detected capacity change from 0 to 512 [ 186.221418][ T8542] ------------[ cut here ]------------ [ 186.223161][ T8542] WARNING: CPU: 1 PID: 8542 at mm/page_alloc.c:5449 __alloc_pages+0x2b4/0x470 [ 186.225715][ T8542] Modules linked in: [ 186.226828][ T8542] CPU: 1 PID: 8542 Comm: syz.5.1432 Not tainted 5.15.186-syzkaller #0 [ 186.229122][ T8542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.232088][ T8542] pstate: 20400005 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 186.234305][ T8542] pc : __alloc_pages+0x2b4/0x470 [ 186.235763][ T8542] lr : __alloc_pages+0xac/0x470 [ 186.237161][ T8542] sp : ffff800021896ee0 [ 186.238286][ T8542] x29: ffff800021896fa0 x28: dfff800000000000 x27: ffff800021896f00 [ 186.240558][ T8542] x26: 1fffe000242d4457 x25: dfff800000000000 x24: ffff700004312de0 [ 186.242886][ T8542] x23: ffff8000086fcf4c x22: 0000000000000000 x21: 0000000000040c40 [ 186.245050][ T8542] x20: 0000000000000000 x19: 000000000000000c x18: 0000000000000000 [ 186.247268][ T8542] x17: 0000000000000002 x16: ffff8000111cf35c x15: 00000000ffffffe4 [ 186.249472][ T8542] x14: 00000000ffff8000 x13: 0000000011e74e87 x12: 0000000000000005 [ 186.251623][ T8542] x11: 1ffff00004312de4 x10: 0000000000000000 x9 : 0000000000000000 [ 186.253847][ T8542] x8 : ffff800021896f48 x7 : 0000000000000000 x6 : 000000000000003f [ 186.256035][ T8542] x5 : 0000000000000040 x4 : 0000000000000000 x3 : 0000000000000020 [ 186.258241][ T8542] x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff800021896f20 [ 186.260543][ T8542] Call trace: [ 186.261456][ T8542] __alloc_pages+0x2b4/0x470 [ 186.262751][ T8542] kmalloc_large_node+0x78/0x154 [ 186.264115][ T8542] __kmalloc_node+0x324/0x520 [ 186.265479][ T8542] kvmalloc_node+0x14c/0x200 [ 186.266722][ T8542] ext4_expand_extra_isize_ea+0xad8/0x1504 [ 186.268300][ T8542] __ext4_expand_extra_isize+0x298/0x358 [ 186.269813][ T8542] __ext4_mark_inode_dirty+0x434/0x7b0 [ 186.271389][ T8542] ext4_evict_inode+0xb3c/0x11dc [ 186.272779][ T8542] evict+0x3c8/0x810 [ 186.273830][ T8542] iput+0x6c4/0x77c [ 186.274891][ T8542] ext4_process_orphan+0x240/0x2b4 [ 186.276359][ T8542] ext4_orphan_cleanup+0x888/0xf8c [ 186.277789][ T8542] ext4_fill_super+0x7a5c/0x812c [ 186.279161][ T8542] mount_bdev+0x264/0x358 [ 186.280517][ T8542] ext4_mount+0x44/0x58 [ 186.281685][ T8542] legacy_get_tree+0xd4/0x16c [ 186.282941][ T8542] vfs_get_tree+0x90/0x274 [ 186.284170][ T8542] do_new_mount+0x228/0x810 [ 186.285401][ T8542] path_mount+0x5b4/0x1000 [ 186.286623][ T8542] __arm64_sys_mount+0x514/0x5e4 [ 186.287996][ T8542] invoke_syscall+0x98/0x2b8 [ 186.289273][ T8542] el0_svc_common+0x138/0x258 [ 186.290592][ T8542] do_el0_svc+0x58/0x14c [ 186.291823][ T8542] el0_svc+0x78/0x1e0 [ 186.292932][ T8542] el0t_64_sync_handler+0xcc/0xe4 [ 186.294355][ T8542] el0t_64_sync+0x1a0/0x1a4 [ 186.295584][ T8542] irq event stamp: 2840 [ 186.296780][ T8542] hardirqs last enabled at (2839): [] ___slab_alloc+0xc34/0xda8 [ 186.299403][ T8542] hardirqs last disabled at (2840): [] el1_dbg+0x24/0x80 [ 186.301796][ T8542] softirqs last enabled at (2718): [] handle_softirqs+0xa4c/0xbf0 [ 186.304485][ T8542] softirqs last disabled at (2651): [] __irq_exit_rcu+0x240/0x440 [ 186.307146][ T8542] ---[ end trace 54c76d3de05641de ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 186.328053][ T8542] EXT4-fs error (device loop5): ext4_xattr_inode_iget:400: comm syz.5.1432: Parent and EA inode have the same ino 15 [ 186.341816][ T8542] EXT4-fs (loop5): Remounting filesystem read-only [ 186.343927][ T8542] EXT4-fs (loop5): 1 orphan inode deleted [ 186.345898][ T8542] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,bsdgroups,debug_want_extra_isize=0x000000000000005a,init_itable,errors=remount-ro,noinit_itable,lazytime,. Quota mode: none. [ 187.092144][ T5654] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.189526][ T5654] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.305508][ T5654] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.390244][ T5654] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 187.685839][ T5654] tipc: Left network mode [ 189.370466][ T5654] device hsr_slave_0 left promiscuous mode [ 189.415016][ T5654] device hsr_slave_1 left promiscuous mode [ 189.504842][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 189.506964][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 189.509779][ T5654] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 189.511883][ T5654] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 189.519013][ T5654] device bridge_slave_1 left promiscuous mode [ 189.520833][ T5654] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.556228][ T5654] device bridge_slave_0 left promiscuous mode [ 189.558130][ T5654] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.684697][ T5654] device veth1_macvtap left promiscuous mode [ 189.686701][ T5654] device veth0_macvtap left promiscuous mode [ 189.688539][ T5654] device veth1_vlan left promiscuous mode [ 189.690176][ T5654] device veth0_vlan left promiscuous mode [ 189.944121][ T5654] team0 (unregistering): Port device team_slave_1 removed [ 189.956339][ T5654] team0 (unregistering): Port device team_slave_0 removed [ 189.966332][ T5654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.022866][ T5654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.160955][ T5654] bond0 (unregistering): Released all slaves [ 192.538204][ T2054] ieee802154 phy0 wpan0: encryption failed: -22 [ 192.539974][ T2054] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.909948][ T5654] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.971396][ T5654] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.043694][ T5654] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.107511][ T5654] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.265403][ T5654] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.302003][ T5654] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.360151][ T5654] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.412322][ T5654] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.584784][ T5654] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.651475][ T5654] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.718673][ T5654] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 194.769653][ T5654] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.194852][ T5654] tipc: Left network mode [ 195.354381][ T5654] tipc: Left network mode [ 195.513422][ T5654] tipc: Disabling bearer [ 195.516079][ T5654] tipc: Left network mode