last executing test programs: 4.936316351s ago: executing program 2 (id=2786): r0 = socket$kcm(0x10, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x25}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x7}, {0x0}, &(0x7f00000011c0)=[{&(0x7f0000001140)=""/101, 0x65}], 0x1, 0x60, 0xffffffff00000003}}], 0x48, 0x8004}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$xdp(0x2c, 0x3, 0x0) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d00)=[{0x0}, {&(0x7f0000000900)="8d47487e5461ba7b8d2c87fe38df2f1b003ea2ccddbefcfdcc", 0x19}], 0x2, 0x0, 0x0, 0x1f000801}, 0x4000) 4.834893591s ago: executing program 2 (id=2790): r0 = socket$inet6(0xa, 0x2, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000808500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c, &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002900"], 0x18}}], 0x1, 0x0) 4.68569795s ago: executing program 2 (id=2793): r0 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_emit_ethernet(0x1f, &(0x7f0000000580)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x21}, @remote, @void, {@mpls_mc={0x8848, {[{0x9}], @llc={@llc={0x0, 0x0, "03bc", "ee17d3dde3bdcd60ef"}}}}}}, &(0x7f0000000680)={0x1, 0x1, [0x251, 0x732, 0x6a4, 0xc0f]}) ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'}) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r3}, 0x10) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r5}, 0x10) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r4, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', 0x0}) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r7, 0x2, 0x6}, 0x10) r8 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r8, 0x89a1, &(0x7f0000000040)={'syzkaller0\x00'}) 4.421298849s ago: executing program 2 (id=2798): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18) r3 = syz_io_uring_setup(0x7c8a, &(0x7f0000000000), &(0x7f0000000080), 0x0) io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x42, 0x4, 0x318, 0xffffffff, 0x198, 0x3a010003, 0xb0, 0xffffffff, 0xffffffff, 0x280, 0x280, 0x280, 0xffffffff, 0x4, 0x0, {[{{@ip={@local, @loopback=0x7f000008, 0x0, 0x0, 'pim6reg\x00', 'veth1_to_bond\x00'}, 0x0, 0x70, 0xb0, 0x0, {0x100000000000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x9}}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@inet=@socket3={{0x28, 'socket\x00', 0x2}}, @common=@unspec=@addrtype1={{0x28}, {0x0, 0x0, 0xc}}]}, @REJECT={0x28}}, {{@ip={@remote, @dev, 0x0, 0x0, 'wlan1\x00', 'pim6reg1\x00'}, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@ttl={{0x28}}, @common=@ttl={{0x28}}]}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x378) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) syz_clone(0x638c1100, 0x0, 0x0, 0x0, 0x0, 0x0) 3.311977614s ago: executing program 4 (id=2803): r0 = socket$inet6(0xa, 0x2, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000808500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c, &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002900"], 0x18}}], 0x1, 0x0) 3.131710984s ago: executing program 4 (id=2805): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = socket(0x10, 0x3, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0000, 0x5, 0xa0000001, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x6, 0x114b6000, 0xfffffffe, 0x2a70, 0xffff73cc, 0x81, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0x60b, 0x80000000, 0x5, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x8, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x7, 0x0, 0x5, 0x101, 0x4, 0x1, 0x1, 0x800, 0xf9, 0x9, 0x9, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0xc5, 0x4, 0x5, 0x0, 0x6, 0x2, 0x5, 0x5, 0x2, 0x9b58, 0x4, 0xb, 0x4be, 0x6, 0x100, 0xa, 0xcaa, 0x9fa7, 0xfffeffff, 0x38, 0x4, 0x0, 0x7, 0x44d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x6, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x1902, 0xc3c, 0x3, 0x28000000, 0x8, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xd58, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x10000, 0x8c1, 0x0, 0x45ba, 0x9, 0x864b, 0x0, 0x7, 0x9, 0x1, 0x7, 0x81, 0x3, 0x800, 0xb, 0xffffff80, 0x43, 0xc22, 0x1, 0x6, 0x9, 0x9, 0x7fffffff, 0x4, 0xfff, 0x6, 0x0, 0x7c1, 0x136, 0x6, 0x5, 0x4, 0x3ff, 0x4, 0xb, 0x2, 0x10001, 0x0, 0x5, 0x4, 0x400, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0xffff0001, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd3d, 0x0, 0xfffffffe, 0x0, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0x2, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b9, 0xb, 0x4, 0x9, 0x7, 0x4, 0x8, 0x3, 0x6, 0x8, 0x3, 0x7, 0x4, 0x9, 0x8, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff01, 0x894, 0x7, 0xe, 0x6, 0x6, 0x2, 0x6, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000000, 0x7, 0x1, 0x8, 0x80000001, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0x7, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x0, 0x5, 0x5e1d, 0x8}, 0x3ff, 0x8, 0x99}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4000050}, 0x8840) 2.793479092s ago: executing program 4 (id=2807): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301}, 0x24}}, 0x0) 2.716460902s ago: executing program 4 (id=2808): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r1, &(0x7f0000000440), 0x10) listen(r1, 0x0) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x1}], 0x1) r3 = accept4$unix(r1, 0x0, 0x0, 0x0) recvmmsg(r3, &(0x7f0000001680)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f0000000c00)=""/124, 0x7c}], 0x1}}], 0x1, 0x60000160, 0x0) 2.622878252s ago: executing program 4 (id=2809): bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) 2.35969006s ago: executing program 4 (id=2811): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 1.437241656s ago: executing program 1 (id=2824): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008546000000000000ff0100000000", @ANYRES32=r1, @ANYBLOB="01000000002200001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000010000100000000000000000053000000", @ANYRES32=r3, @ANYBLOB="efdd0e4af11f02000a0001"], 0x2c}}, 0x0) 1.201352895s ago: executing program 3 (id=2830): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301}, 0x24}}, 0x0) 1.167857595s ago: executing program 1 (id=2831): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x0) getsockname$packet(r0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}}, 0x24000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.049763545s ago: executing program 3 (id=2833): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x200000000006, 0x0, 0xfd, 0x7ffc0002}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="19000000040000000400000002"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x4}]}, 0x10) bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) 997.238805ms ago: executing program 1 (id=2835): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0) 847.418914ms ago: executing program 3 (id=2836): bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) 761.499553ms ago: executing program 1 (id=2838): r0 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2000000e5ffff06020000f8ffffffb703000000000000b70400c209000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006d00011c8500"/20, @ANYRES32=r5, @ANYBLOB="000000000000000018003480140035"], 0x38}, 0x1, 0x0, 0x0, 0x40090}, 0x4804) 747.250033ms ago: executing program 0 (id=2839): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0x1}, 0x18) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x200000}, 0x10) write(r2, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000200000800040001000000", 0x24) 656.519463ms ago: executing program 0 (id=2840): r0 = socket(0x10, 0x803, 0x0) sendmsg$nl_route(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x1c}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c00000010008546000000000000ff0100000000", @ANYRES32=r1, @ANYBLOB="01000000002200001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000180)=ANY=[@ANYBLOB="2c00000010000100000000000000000053000000", @ANYRES32=r3, @ANYBLOB="efdd0e4af11f02000a0001"], 0x2c}}, 0x0) 603.340623ms ago: executing program 1 (id=2841): openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0) fchdir(0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, 0x0, 0x0) open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$binfmt_script(r1, 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0x7) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x29}, @in6=@loopback, 0x4e24, 0xfffc, 0x4e24, 0x0, 0xa, 0x0, 0x10}, {0x100000000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x1}, {0x8000000000000001, 0xfffffffffffffffe, 0x0, 0x9}, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in=@broadcast, 0x200000, 0x6c}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0xb}, 0x0, 0x0, 0x0, 0x7, 0xfffffffe, 0x0, 0xffffffff}}, 0xe8) sendmmsg(r2, 0x0, 0x0, 0xffe0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10) socket$igmp(0x2, 0x3, 0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x30, r2, 0x58a4c000) r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) write$UHID_CREATE2(r4, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119) r5 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042) writev(r5, &(0x7f0000000240)=[{&(0x7f0000000040)="97003c", 0x4000}, {&(0x7f0000000000)="987aa19a2e0c51e9ddefe01dba3369a8ecbbee78da6ebb008c", 0x19}], 0x2) 602.380793ms ago: executing program 3 (id=2842): syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r1}}, 0x24}}, 0x0) 379.597962ms ago: executing program 1 (id=2843): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES8], 0x50) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) readahead(r0, 0xa, 0x6) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x18) socket$unix(0x1, 0x1, 0x0) io_setup(0x1, &(0x7f00000004c0)) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x18) flistxattr(0xffffffffffffffff, 0x0, 0x0) pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x30) getpid() madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) add_key$keyring(&(0x7f0000000600), &(0x7f0000000640)={'syz', 0x0}, 0x0, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES64, @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800b00010067726574617000001800028004001200060018000f00000006000e"], 0x48}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18) write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)={'full'}, 0xfffffdef) 365.367892ms ago: executing program 0 (id=2844): r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e) ioctl$PPPIOCGCHAN(r0, 0x80047437, &(0x7f0000001f00)) sendmmsg(r0, &(0x7f0000001840)=[{{&(0x7f0000000180)=@pptp={0x18, 0x2, {0x0, @loopback}}, 0x80, &(0x7f00000006c0)=[{0x0}, {&(0x7f0000000340)="4717d0", 0x3}, {&(0x7f0000000500)}, {&(0x7f00000005c0)}], 0x4}}, {{&(0x7f00000008c0)=@ax25={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x2}, [@null, @bcast, @null, @null, @default, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000940)="f255830891a73204c3dcac6d02d881502e893fa2bb1680af961f80c70d6633fcd4f3521a4b24a99a3e8549561dc2c067", 0x30}], 0x1, &(0x7f00000018c0)=ANY=[@ANYBLOB="58000000000000001201000083880000f2d1352801cc576ebde37c00f3b77b69545252299f14e22e2fa519d1e47edf9c64eaaca8e3ff236872b088ff2aedd442ba00267d4d5debc463fd9a942b5e7becddc32b4fe3bc00000d2e373eaff0e9a5bc50a5428ed83a6b989ecdcdad46896632b0de76e4df7cec5f08378a766d98ab621a965c3bdd37104122f75b06f4c6ec09f738171dc28a32040fc68f3c671355e89d0e24598ad82a115eab4120a4f21a28f05c3140eff371bd91df310f4128632878d83bf707027d8e13919d239693b584ebee47b67c2a68c86ee8d52c83f7dbd841c87caf2e04d141742fe5e2bbf8923b249c49d0a919c2901ca9bb5f8e76ccd738bd11f86af8fb184e781db1994b0bb3589799e88d3bc1d0abe4ef3d7f63cb67f4c78573dff3b1fed57e1c22d2fe43368474bcbb75d932d623a0c3ae98492909073774a8b9ec7df9b70654fe06a4529fbb51f226f00f51226eeab910c9b88e25ed6b8158ee1ab1ea9421ef38ef618c9136704ef715c7e5da37659072ff2698085c36c53cf0cea611de6dd5dd2ae759ca1211de692d75dc925c894e4f2ba7bba04ce3cb45f7180b82feb9f676a9620e45b55688f64b53b9da035670dee5df915e4e38e8bb30f4829b6a02ed55cc72b7a17892ba9e699db11bbad9dc523abb61728fe173d4590044c7612733750dbe1657d2cac9f2716fb2ab683c14b731010c1b38f4c4a7552360516c2a633bd604c2f90a3ee372f86d7eb2b1821e6639a21764dcf704a27751989e0262218534fb45ba47"], 0x58}}], 0x2, 0x80) 347.820292ms ago: executing program 3 (id=2845): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, 0x0, &(0x7f0000000240)) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}}, 0x24000000) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 285.451381ms ago: executing program 0 (id=2846): r0 = socket$kcm(0x10, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10) sendmsg$rds(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x25}}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@rdma_args={0x48, 0x114, 0x1, {{0x3, 0x7}, {0x0}, &(0x7f00000011c0)=[{&(0x7f0000001140)=""/101, 0x65}], 0x1, 0x60, 0xffffffff00000003}}], 0x48, 0x8004}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) socket$xdp(0x2c, 0x3, 0x0) sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d00)=[{&(0x7f0000000380)}, {&(0x7f0000000900)="8d47487e5461ba7b8d2c87fe38df2f1b003ea2ccddbefcfdcc", 0x19}], 0x2, 0x0, 0x0, 0x1f000801}, 0x4000) 263.318071ms ago: executing program 0 (id=2847): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={0x0}}, 0x0) 168.310381ms ago: executing program 2 (id=2848): r0 = socket$inet6(0xa, 0x2, 0x3a) bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000808500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmmsg$inet6(r0, &(0x7f0000000800)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c, &(0x7f0000000040)=[{0x0}], 0x1, &(0x7f00000001c0)=ANY=[@ANYBLOB="14000000000000002900"], 0x18}}], 0x1, 0x0) 103.059281ms ago: executing program 0 (id=2849): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x5, &(0x7f0000000140)=0x0) io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}]) shutdown(r1, 0x0) 101.989651ms ago: executing program 3 (id=2850): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000680)=@newtfilter={0x24, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0xfffa, 0x4}, {}, {0x1c, 0xfff9}}}, 0x24}}, 0x24000000) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) 0s ago: executing program 2 (id=2851): r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) listen(r0, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) shutdown(0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_all\x00', 0x275a, 0x0) fcntl$lock(r2, 0x24, &(0x7f0000000000)={0x0, 0x1, 0x7fffffffffffffff, 0x80000000}) kernel console output (not intermixed with test programs): : Opcode 0x0406 failed: -4 [ 166.223615][ T7990] Bluetooth: hci3: Suspend notifier action (1) failed: -4 [ 166.375005][ T8021] loop2: detected capacity change from 0 to 8192 [ 166.766629][ T8039] loop0: detected capacity change from 0 to 8192 [ 166.804771][ T8039] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 167.196680][ T4306] Bluetooth: hci0: command 0x0c1a tx timeout [ 167.323043][ T8021] loop2: p1 p2 p3 p4 [ 167.324191][ T8021] loop2: p1 start 17760256 is beyond EOD, truncated [ 167.325613][ T8021] loop2: p2 size 64053 extends beyond EOD, truncated [ 167.362649][ T8021] loop2: p3 start 458496 is beyond EOD, truncated [ 167.364125][ T8021] loop2: p4 size 50331648 extends beyond EOD, truncated [ 167.387621][ T27] kauditd_printk_skb: 40 callbacks suppressed [ 167.387633][ T27] audit: type=1326 audit(4262.362:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.406790][ T27] audit: type=1326 audit(4262.382:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.415003][ T27] audit: type=1326 audit(4262.382:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.427219][ T27] audit: type=1326 audit(4262.382:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.437792][ T27] audit: type=1326 audit(4262.382:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.449652][ T27] audit: type=1326 audit(4262.382:1996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.464435][ T27] audit: type=1326 audit(4262.382:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.480628][ T27] audit: type=1326 audit(4262.382:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=35 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.493316][ T27] audit: type=1326 audit(4262.382:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8050 comm="syz.1.1485" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff96553aa8 code=0x7ffc0000 [ 167.577120][ T8062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1489'. [ 167.647721][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory [ 167.656249][ T5998] udevd[5998]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory [ 168.062246][ T8070] loop1: detected capacity change from 0 to 8192 [ 168.113477][ T8070] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 168.212234][ T47] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.303813][ T4306] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.305706][ T4306] Bluetooth: hci4: command 0x0c1a tx timeout [ 168.307266][ T4306] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.501434][ T8068] loop4: detected capacity change from 0 to 1024 [ 168.559606][ T8068] EXT4-fs (loop4): revision level too high, forcing read-only mode [ 168.562044][ T8068] EXT4-fs (loop4): orphan cleanup on readonly fs [ 168.568998][ T27] audit: type=1326 audit(4263.542:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8072 comm="syz.2.1493" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x0 [ 168.574962][ T8068] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 168.582445][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.584104][ T8068] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #3: comm syz.4.1492: mark_inode_dirty error [ 168.590473][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.591816][ T8068] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:477: comm syz.4.1492: Invalid block bitmap block 3 in block_group 0 [ 168.594778][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.602005][ T8068] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 168.604425][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.608692][ T8068] EXT4-fs error (device loop4): ext4_dirty_inode:6089: inode #3: comm syz.4.1492: mark_inode_dirty error [ 168.621435][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.623036][ T8068] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm syz.4.1492: lblock 6 mapped to illegal pblock 1 (length 1) [ 168.640962][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.642462][ T8068] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 48: comm syz.4.1492: lblock 0 mapped to illegal pblock 48 (length 1) [ 168.647504][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.648947][ T8068] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.1492: Failed to acquire dquot type 0 [ 168.666087][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.674729][ T8068] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 49: comm syz.4.1492: lblock 1 mapped to illegal pblock 49 (length 1) [ 168.692662][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.703025][ T8068] EXT4-fs error (device loop4): ext4_acquire_dquot:6794: comm syz.4.1492: Failed to acquire dquot type 0 [ 168.708018][ T8081] lo speed is unknown, defaulting to 1000 [ 168.713808][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.723723][ T8081] lo speed is unknown, defaulting to 1000 [ 168.733208][ T8068] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 168.739877][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.744906][ T8068] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #15: comm syz.4.1492: mark_inode_dirty error [ 168.752535][ T8068] EXT4-fs (loop4): Remounting filesystem read-only [ 168.758589][ T8068] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 168.766337][ T8068] EXT4-fs (loop4): 1 orphan inode deleted [ 168.774132][ T8068] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 168.973657][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 169.142652][ T8083] loop0: detected capacity change from 0 to 8192 [ 169.205864][ T47] Bluetooth: hci0: command 0x0406 tx timeout [ 169.213429][ T8083] loop0: p1 p2 p3 p4 [ 169.216464][ T8093] loop1: detected capacity change from 0 to 2048 [ 169.218852][ T8083] loop0: p1 start 17760256 is beyond EOD, truncated [ 169.223097][ T8093] EXT4-fs: Ignoring removed mblk_io_submit option [ 169.226217][ T8083] loop0: p2 size 64053 extends beyond EOD, truncated [ 169.229042][ T8093] journal_path: Lookup failure for './file0' [ 169.231791][ T8093] EXT4-fs: error: could not find journal device path [ 169.236369][ T8083] loop0: p3 start 458496 is beyond EOD, truncated [ 169.238147][ T8083] loop0: p4 size 50331648 extends beyond EOD, truncated [ 169.274824][ T5998] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 169.348904][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 169.352404][ T5998] udevd[5998]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 169.430062][ T8097] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1502'. [ 169.866295][ T8107] loop1: detected capacity change from 0 to 8192 [ 169.977978][ T8107] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 170.257745][ T4306] Bluetooth: hci1: command 0x0406 tx timeout [ 170.333150][ T47] Bluetooth: hci2: command 0x0406 tx timeout [ 170.335125][ T47] Bluetooth: hci4: command 0x0406 tx timeout [ 170.336586][ T47] Bluetooth: hci3: command 0x0406 tx timeout [ 170.703235][ T8122] lo speed is unknown, defaulting to 1000 [ 170.750792][ T8121] lo speed is unknown, defaulting to 1000 [ 170.761837][ T8122] lo speed is unknown, defaulting to 1000 [ 170.913734][ T8121] lo speed is unknown, defaulting to 1000 [ 170.986914][ T8125] loop3: detected capacity change from 0 to 8192 [ 171.073716][ T8125] loop3: p1 p2 p3 p4 [ 171.155884][ T8143] loop4: detected capacity change from 0 to 8192 [ 171.173370][ T8143] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 171.930172][ T8125] loop3: p1 start 17760256 is beyond EOD, truncated [ 171.931626][ T8125] loop3: p2 size 64053 extends beyond EOD, truncated [ 171.958074][ T8125] loop3: p3 start 458496 is beyond EOD, truncated [ 171.959495][ T8125] loop3: p4 size 50331648 extends beyond EOD, truncated [ 172.322269][ T8167] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 172.323686][ T8167] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 172.352163][ T8167] device hsr_slave_0 left promiscuous mode [ 172.382379][ T8167] device hsr_slave_1 left promiscuous mode [ 172.577968][ T8176] loop3: detected capacity change from 0 to 8192 [ 172.613207][ T8176] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 173.417915][ T8175] lo speed is unknown, defaulting to 1000 [ 173.419513][ T8175] lo speed is unknown, defaulting to 1000 [ 173.733976][ T8199] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1544'. [ 173.736790][ T8184] lo speed is unknown, defaulting to 1000 [ 173.745090][ T8184] lo speed is unknown, defaulting to 1000 [ 173.765038][ T8187] loop0: detected capacity change from 0 to 8192 [ 173.811756][ T8187] loop0: p1 p2 p3 p4 [ 173.812827][ T8187] loop0: p1 start 17760256 is beyond EOD, truncated [ 173.818977][ T8187] loop0: p2 size 64053 extends beyond EOD, truncated [ 173.825622][ T8187] loop0: p3 start 458496 is beyond EOD, truncated [ 173.827401][ T8187] loop0: p4 size 50331648 extends beyond EOD, truncated [ 173.934753][ T27] kauditd_printk_skb: 9 callbacks suppressed [ 173.934767][ T27] audit: type=1326 audit(4268.902:2004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8209 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 173.942859][ T27] audit: type=1326 audit(4268.912:2005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8209 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=183 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 173.957128][ T27] audit: type=1326 audit(4268.932:2006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8209 comm="syz.2.1549" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 173.984354][ T3913] loop0: p1 p2 p3 p4 [ 173.985425][ T3913] loop0: p1 start 17760256 is beyond EOD, truncated [ 173.991154][ T3913] loop0: p2 size 64053 extends beyond EOD, truncated [ 174.005412][ T3913] loop0: p3 start 458496 is beyond EOD, truncated [ 174.007098][ T3913] loop0: p4 size 50331648 extends beyond EOD, truncated [ 174.467089][ T8231] lo speed is unknown, defaulting to 1000 [ 174.472219][ T8231] lo speed is unknown, defaulting to 1000 [ 174.572119][ T27] audit: type=1326 audit(4269.542:2007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.580130][ T27] audit: type=1326 audit(4269.552:2008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.604428][ T27] audit: type=1326 audit(4269.552:2009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.639497][ T27] audit: type=1326 audit(4269.552:2010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.654757][ T27] audit: type=1326 audit(4269.552:2011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.670484][ T27] audit: type=1326 audit(4269.562:2012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.680121][ T27] audit: type=1326 audit(4269.562:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8242 comm="syz.2.1564" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 174.742065][ T8251] lo speed is unknown, defaulting to 1000 [ 174.762023][ T8251] lo speed is unknown, defaulting to 1000 [ 174.937286][ T8261] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1573'. [ 175.146139][ T8255] loop0: detected capacity change from 0 to 8192 [ 175.230515][ T8273] rdma_op 0000000053c60b22 conn xmit_rdma 0000000000000000 [ 175.232909][ T8255] loop0: p1 p2 p3 p4 [ 175.234079][ T8255] loop0: p1 start 17760256 is beyond EOD, truncated [ 175.236361][ T8255] loop0: p2 size 64053 extends beyond EOD, truncated [ 175.485295][ T8280] loop2: detected capacity change from 0 to 8192 [ 175.503532][ T8280] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 176.116604][ T8255] loop0: p3 start 458496 is beyond EOD, truncated [ 176.118103][ T8255] loop0: p4 size 50331648 extends beyond EOD, truncated [ 176.175579][ T8287] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1586'. [ 176.423076][ T8301] ieee802154 phy0 wpan0: encryption failed: -22 [ 176.488554][ T8305] siw: device registration error -23 [ 176.545536][ T5998] udevd[5998]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 176.558709][ T8311] netlink: 'syz.1.1595': attribute type 10 has an invalid length. [ 176.560412][ T8311] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1595'. [ 176.577133][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 176.966586][ T8315] loop0: detected capacity change from 0 to 8192 [ 177.040134][ T8315] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 177.478875][ T8319] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1598'. [ 177.720523][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory [ 177.746696][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 177.965954][ T8334] loop0: detected capacity change from 0 to 8192 [ 177.978813][ T5386] udevd[5386]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory [ 177.997244][ T8334] loop0: p1 p2 p3 p4 [ 177.998297][ T8334] loop0: p1 start 17760256 is beyond EOD, truncated [ 177.999722][ T8334] loop0: p2 size 64053 extends beyond EOD, truncated [ 178.027871][ T8334] loop0: p3 start 458496 is beyond EOD, truncated [ 178.056239][ T8334] loop0: p4 size 50331648 extends beyond EOD, truncated [ 178.353271][ T8343] netlink: 'syz.4.1608': attribute type 10 has an invalid length. [ 178.355147][ T8343] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1608'. [ 178.365164][ T8328] lo speed is unknown, defaulting to 1000 [ 178.367821][ T8340] lo speed is unknown, defaulting to 1000 [ 178.369585][ T8340] lo speed is unknown, defaulting to 1000 [ 178.496702][ T8328] lo speed is unknown, defaulting to 1000 [ 178.538223][ T8352] loop2: detected capacity change from 0 to 256 [ 178.701051][ T8355] loop3: detected capacity change from 0 to 8192 [ 178.795855][ T8355] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 179.725458][ T8368] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 179.726998][ T8368] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 179.778975][ T8368] device hsr_slave_0 left promiscuous mode [ 179.796548][ T8368] device hsr_slave_1 left promiscuous mode [ 179.826334][ T8377] rdma_op 00000000e72aa7ca conn xmit_rdma 0000000000000000 [ 179.871289][ T27] kauditd_printk_skb: 44 callbacks suppressed [ 179.871336][ T27] audit: type=1326 audit(4274.842:2058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.0.1622" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 179.893913][ T27] audit: type=1326 audit(4274.862:2059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.0.1622" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=140 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 179.906892][ T27] audit: type=1326 audit(4274.872:2060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.0.1622" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 179.923071][ T27] audit: type=1326 audit(4274.872:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8380 comm="syz.0.1622" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 180.051568][ T8374] netlink: 'syz.1.1621': attribute type 10 has an invalid length. [ 180.054392][ T8374] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1621'. [ 180.190102][ T8385] lo speed is unknown, defaulting to 1000 [ 180.191983][ T8385] lo speed is unknown, defaulting to 1000 [ 180.288748][ T27] audit: type=1326 audit(4275.262:2062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8388 comm="syz.3.1625" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 180.293616][ T27] audit: type=1326 audit(4275.262:2063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8388 comm="syz.3.1625" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=146 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 180.327630][ T27] audit: type=1326 audit(4275.262:2064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8388 comm="syz.3.1625" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 180.480358][ T8400] lo speed is unknown, defaulting to 1000 [ 180.484786][ T8400] lo speed is unknown, defaulting to 1000 [ 180.602921][ T8409] netlink: 'syz.1.1635': attribute type 10 has an invalid length. [ 180.604949][ T8409] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1635'. [ 180.752949][ T8403] loop3: detected capacity change from 0 to 8192 [ 180.861102][ T8403] loop3: p1 p2 p3 p4 [ 180.862231][ T8403] loop3: p1 start 17760256 is beyond EOD, truncated [ 180.863901][ T8403] loop3: p2 size 64053 extends beyond EOD, truncated [ 180.890455][ T8403] loop3: p3 start 458496 is beyond EOD, truncated [ 180.891959][ T8403] loop3: p4 size 50331648 extends beyond EOD, truncated [ 181.073947][ T5998] udevd[5998]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory [ 181.102045][ T5216] udevd[5216]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory [ 181.146576][ T8431] loop1: detected capacity change from 0 to 128 [ 181.181031][ T8431] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 181.184359][ T8436] netlink: 'syz.4.1646': attribute type 10 has an invalid length. [ 181.187433][ T8436] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1646'. [ 181.208427][ T8431] EXT4-fs warning (device loop1): verify_group_input:151: Cannot add at group 25 (only 1 groups) [ 181.253317][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 181.630164][ T8453] lo speed is unknown, defaulting to 1000 [ 181.632152][ T8453] lo speed is unknown, defaulting to 1000 [ 182.092219][ T8466] loop3: detected capacity change from 0 to 128 [ 182.293756][ T8471] netlink: 'syz.4.1658': attribute type 10 has an invalid length. [ 182.311730][ T8471] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1658'. [ 182.336559][ T8473] sch_tbf: burst 0 is lower than device lo mtu (17891342) ! [ 182.523346][ T8481] loop0: detected capacity change from 0 to 256 [ 182.555016][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.564216][ T8481] FAT-fs (loop0): Filesystem has been set read-only [ 182.608674][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.635866][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.637776][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.642104][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.644057][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.646765][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.648681][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.650459][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 182.652527][ T8481] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 196) [ 183.076418][ T8503] lo speed is unknown, defaulting to 1000 [ 183.078310][ T8503] lo speed is unknown, defaulting to 1000 [ 183.209733][ T8502] netlink: 'syz.4.1673': attribute type 10 has an invalid length. [ 183.212706][ T8502] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1673'. [ 183.885092][ T8531] loop3: detected capacity change from 0 to 128 [ 183.922541][ T8534] loop0: detected capacity change from 0 to 128 [ 183.979352][ T8530] netlink: 'syz.2.1685': attribute type 10 has an invalid length. [ 183.980977][ T8530] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1685'. [ 184.032427][ T8539] loop1: detected capacity change from 0 to 512 [ 184.034286][ T8539] EXT4-fs: inline encryption not supported [ 184.086384][ T8539] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 184.102391][ T8539] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #2: comm syz.1.1690: corrupted inode contents [ 184.125784][ T8539] EXT4-fs error (device loop1): ext4_dirty_inode:6089: inode #2: comm syz.1.1690: mark_inode_dirty error [ 184.135246][ T8539] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #2: comm syz.1.1690: corrupted inode contents [ 184.284364][ T8549] loop2: detected capacity change from 0 to 8192 [ 184.370682][ T8549] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 185.161511][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 185.654772][ T8565] lo speed is unknown, defaulting to 1000 [ 185.656648][ T8565] lo speed is unknown, defaulting to 1000 [ 185.852507][ T27] audit: type=1326 audit(4280.822:2065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.860154][ T27] audit: type=1326 audit(4280.832:2066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.890966][ T27] audit: type=1326 audit(4280.862:2067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.901256][ T27] audit: type=1326 audit(4280.872:2068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.920450][ T27] audit: type=1326 audit(4280.872:2069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.925109][ T27] audit: type=1326 audit(4280.872:2070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.942440][ T27] audit: type=1326 audit(4280.872:2071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.949513][ T8573] netlink: 'syz.3.1701': attribute type 10 has an invalid length. [ 185.951270][ T8573] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1701'. [ 185.953220][ T27] audit: type=1326 audit(4280.872:2072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.963424][ T27] audit: type=1326 audit(4280.872:2073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=191 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 185.973683][ T27] audit: type=1326 audit(4280.872:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.4.1699" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 186.483561][ T8597] netlink: 'syz.3.1713': attribute type 10 has an invalid length. [ 186.488992][ T8597] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1713'. [ 186.686488][ T8605] loop3: detected capacity change from 0 to 128 [ 186.770029][ T8602] lo speed is unknown, defaulting to 1000 [ 186.772054][ T8602] lo speed is unknown, defaulting to 1000 [ 187.399260][ T8620] loop4: detected capacity change from 0 to 8192 [ 187.408515][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 187.409968][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 187.502261][ T8620] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 188.064847][ T8632] netlink: 'syz.0.1726': attribute type 10 has an invalid length. [ 188.072348][ T8632] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1726'. [ 188.433765][ T8646] netlink: 83992 bytes leftover after parsing attributes in process `syz.2.1733'. [ 188.440973][ T8644] lo speed is unknown, defaulting to 1000 [ 188.442983][ T8644] lo speed is unknown, defaulting to 1000 [ 188.457994][ T8646] netlink: zone id is out of range [ 188.478461][ T8646] netlink: zone id is out of range [ 188.479947][ T8646] netlink: zone id is out of range [ 188.680045][ T8654] loop1: detected capacity change from 0 to 8192 [ 188.686309][ T8646] netlink: zone id is out of range [ 188.696420][ T8646] netlink: zone id is out of range [ 188.704553][ T8646] netlink: zone id is out of range [ 188.718305][ T8646] netlink: zone id is out of range [ 188.725734][ T8646] netlink: zone id is out of range [ 188.734056][ T8646] netlink: zone id is out of range [ 188.744664][ T8646] netlink: zone id is out of range [ 188.821504][ T8654] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 189.576688][ T8660] netlink: 'syz.2.1740': attribute type 10 has an invalid length. [ 189.578347][ T8660] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1740'. [ 190.016438][ T8688] loop3: detected capacity change from 0 to 128 [ 190.098087][ T8678] lo speed is unknown, defaulting to 1000 [ 190.099902][ T8678] lo speed is unknown, defaulting to 1000 [ 190.156998][ T8690] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1752'. [ 190.175039][ T8692] netlink: 'syz.4.1751': attribute type 10 has an invalid length. [ 190.178047][ T8692] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1751'. [ 190.592283][ T8715] loop0: detected capacity change from 0 to 512 [ 190.653725][ T8715] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 190.875581][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 190.907933][ T8732] lo speed is unknown, defaulting to 1000 [ 190.909677][ T8732] lo speed is unknown, defaulting to 1000 [ 191.039398][ T8734] netlink: 'syz.4.1768': attribute type 10 has an invalid length. [ 191.049084][ T8734] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1768'. [ 191.571911][ T8751] loop4: detected capacity change from 0 to 8192 [ 191.592194][ T8751] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 191.922830][ T8765] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1783'. [ 191.924986][ T8765] x_tables: ip_tables: udp match: only valid for protocol 17 [ 192.081441][ T8775] loop0: detected capacity change from 0 to 128 [ 192.198621][ T8781] loop1: detected capacity change from 0 to 512 [ 192.233727][ T8781] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 192.334398][ T8790] loop3: detected capacity change from 0 to 128 [ 192.336569][ T8790] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 192.343990][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 192.356652][ T8790] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 192.472839][ T11] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 192.721559][ T8802] loop2: detected capacity change from 0 to 128 [ 192.980327][ T8814] loop2: detected capacity change from 0 to 512 [ 192.992764][ T8812] usb usb7: usbfs: process 8812 (syz.3.1805) did not claim interface 0 before use [ 193.042663][ T8814] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 193.077062][ T8816] xt_hashlimit: size too large, truncated to 1048576 [ 193.083310][ T8814] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 193.124530][ T8822] netlink: 83992 bytes leftover after parsing attributes in process `syz.3.1808'. [ 193.161694][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 193.284932][ T8830] loop2: detected capacity change from 0 to 512 [ 193.287408][ T8830] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 193.292977][ T8831] netlink: 'syz.0.1810': attribute type 10 has an invalid length. [ 193.307195][ T8831] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1810'. [ 193.372821][ T8830] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2 [ 193.381303][ T8830] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1809: invalid indirect mapped block 2683928664 (level 1) [ 193.400148][ T8830] EXT4-fs (loop2): 1 truncate cleaned up [ 193.401692][ T8830] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 193.444846][ T8830] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm syz.2.1809: Invalid block bitmap block 3 in block_group 0 [ 193.684030][ T8822] net_ratelimit: 24 callbacks suppressed [ 193.684047][ T8822] netlink: set zone limit has 8 unknown bytes [ 193.712303][ T8839] hub 6-0:1.0: USB hub found [ 193.714772][ T8839] hub 6-0:1.0: 8 ports detected [ 193.949580][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 194.093519][ T27] kauditd_printk_skb: 29 callbacks suppressed [ 194.093533][ T27] audit: type=1326 audit(4289.062:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.110187][ T27] audit: type=1326 audit(4289.082:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=20 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.164307][ T27] audit: type=1326 audit(4289.082:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.173246][ T8850] loop3: detected capacity change from 0 to 128 [ 194.181726][ T27] audit: type=1326 audit(4289.092:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.197734][ T27] audit: type=1326 audit(4289.092:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.223009][ T27] audit: type=1326 audit(4289.092:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=21 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.240543][ T27] audit: type=1326 audit(4289.152:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.260577][ T27] audit: type=1326 audit(4289.152:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8846 comm="syz.2.1815" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.416711][ T8857] netlink: 'syz.4.1823': attribute type 10 has an invalid length. [ 194.418620][ T8857] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1823'. [ 194.833764][ T27] audit: type=1326 audit(4289.802:2112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.2.1828" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 194.838775][ T27] audit: type=1326 audit(4289.802:2113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8870 comm="syz.2.1828" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=155 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 195.411897][ T8889] netlink: 'syz.3.1836': attribute type 10 has an invalid length. [ 195.413631][ T8889] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1836'. [ 195.492836][ T8895] netlink: 'syz.4.1840': attribute type 10 has an invalid length. [ 195.569224][ T8895] team0: Port device vlan0 added [ 195.706057][ T4342] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 195.768558][ T8906] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 195.885722][ T4342] usb 1-1: Using ep0 maxpacket: 16 [ 195.889082][ T4342] usb 1-1: no configurations [ 195.890366][ T4342] usb 1-1: can't read configurations, error -22 [ 196.113419][ T4342] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 196.281977][ T8921] netlink: 'syz.2.1851': attribute type 10 has an invalid length. [ 196.284035][ T8921] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1851'. [ 196.300043][ T4342] usb 1-1: Using ep0 maxpacket: 16 [ 196.302008][ T4342] usb 1-1: no configurations [ 196.303077][ T4342] usb 1-1: can't read configurations, error -22 [ 196.304546][ T4342] usb usb1-port1: attempt power cycle [ 196.679293][ T8933] lo speed is unknown, defaulting to 1000 [ 196.681182][ T8933] lo speed is unknown, defaulting to 1000 [ 196.715733][ T4342] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 196.750450][ T4342] usb 1-1: Using ep0 maxpacket: 16 [ 196.752153][ T4342] usb 1-1: no configurations [ 196.753282][ T4342] usb 1-1: can't read configurations, error -22 [ 196.891736][ T8936] loop2: detected capacity change from 0 to 512 [ 196.896084][ T4342] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 196.926434][ T4342] usb 1-1: Using ep0 maxpacket: 16 [ 196.928222][ T4342] usb 1-1: no configurations [ 196.929298][ T4342] usb 1-1: can't read configurations, error -22 [ 196.930649][ T4342] usb usb1-port1: unable to enumerate USB device [ 196.961538][ T8936] EXT4-fs (loop2): too many log groups per flexible block group [ 196.963295][ T8940] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 196.963404][ T8936] EXT4-fs (loop2): failed to initialize mballoc (-12) [ 196.975846][ T8936] EXT4-fs (loop2): mount failed [ 197.197639][ T8948] netlink: 'syz.4.1862': attribute type 10 has an invalid length. [ 197.199406][ T8948] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1862'. [ 197.922823][ T8977] device macvlan2 entered promiscuous mode [ 197.924286][ T8977] device bridge0 entered promiscuous mode [ 197.933425][ T8977] bridge0: port 4(macvlan2) entered blocking state [ 197.935187][ T8977] bridge0: port 4(macvlan2) entered disabled state [ 197.960723][ T8977] device bridge0 left promiscuous mode [ 198.039854][ T8979] netlink: 'syz.4.1877': attribute type 10 has an invalid length. [ 198.041654][ T8979] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1877'. [ 198.591503][ T9002] netlink: 'syz.2.1888': attribute type 10 has an invalid length. [ 198.593477][ T9002] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1888'. [ 198.784236][ T9006] loop0: detected capacity change from 0 to 512 [ 198.855943][ T9006] EXT4-fs warning (device loop0): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix. [ 198.886047][ T9006] EXT4-fs (loop0): mount failed [ 199.153637][ T9031] atomic_op 00000000381effee conn xmit_atomic 0000000000000000 [ 199.215316][ T9035] netlink: 'syz.4.1902': attribute type 10 has an invalid length. [ 199.224674][ T9035] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1902'. [ 199.378141][ T27] kauditd_printk_skb: 39 callbacks suppressed [ 199.378154][ T27] audit: type=1326 audit(4294.352:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.411047][ T27] audit: type=1326 audit(4294.352:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.415603][ T27] audit: type=1326 audit(4294.362:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.451574][ T27] audit: type=1326 audit(4294.362:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.457296][ T9045] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1908'. [ 199.476170][ T27] audit: type=1326 audit(4294.362:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.481002][ T27] audit: type=1326 audit(4294.362:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.514094][ T27] audit: type=1326 audit(4294.362:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.522913][ T27] audit: type=1326 audit(4294.362:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.550761][ T27] audit: type=1326 audit(4294.362:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.555312][ T27] audit: type=1326 audit(4294.362:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9042 comm="syz.2.1906" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 199.933586][ T9065] netlink: 'syz.2.1915': attribute type 10 has an invalid length. [ 199.935279][ T9065] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1915'. [ 200.165386][ T9075] ALSA: seq fatal error: cannot create timer (-22) [ 200.376714][ T9085] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1924'. [ 200.662617][ T9098] netlink: 'syz.3.1930': attribute type 10 has an invalid length. [ 200.664380][ T9098] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1930'. [ 201.344132][ T9132] netlink: 'syz.3.1943': attribute type 10 has an invalid length. [ 201.352827][ T9132] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1943'. [ 201.368390][ T9136] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1942'. [ 201.371063][ T9130] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1942'. [ 201.543134][ T9144] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1954'. [ 201.545424][ T9140] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1954'. [ 201.742427][ T9153] netlink: 'syz.3.1948': attribute type 10 has an invalid length. [ 201.793126][ T9153] team0: Device veth0_macvtap failed to register rx_handler [ 202.060748][ T9169] device bridge0 entered promiscuous mode [ 202.062522][ T9169] device macvlan2 entered promiscuous mode [ 202.065038][ T9169] bridge0: port 4(macvlan2) entered blocking state [ 202.067347][ T9169] bridge0: port 4(macvlan2) entered disabled state [ 202.083375][ T9169] device bridge0 left promiscuous mode [ 202.231024][ T9175] netlink: 'syz.3.1956': attribute type 10 has an invalid length. [ 202.232764][ T9175] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1956'. [ 202.306746][ T9182] netlink: 'syz.2.1968': attribute type 10 has an invalid length. [ 202.308717][ T9182] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1968'. [ 202.485542][ T9194] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1958'. [ 202.488221][ T9186] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1958'. [ 202.576234][ T9187] loop0: detected capacity change from 0 to 8192 [ 202.646148][ T9187] bio_check_eod: 152 callbacks suppressed [ 202.646163][ T9187] syz.0.1960: attempt to access beyond end of device [ 202.646163][ T9187] loop0: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 202.651976][ T9187] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 202.662396][ T9187] FAT-fs (loop0): Filesystem has been set read-only [ 202.668436][ T9187] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 202.674683][ T9187] FAT-fs (loop0): error, invalid access to FAT (entry 0x0000e1b1) [ 203.431216][ T9216] loop2: detected capacity change from 0 to 256 [ 203.503062][ T9220] netlink: 'syz.4.1972': attribute type 10 has an invalid length. [ 203.512482][ T9220] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1972'. [ 203.995626][ T9235] loop2: detected capacity change from 0 to 8192 [ 204.001414][ T9246] device bridge0 entered promiscuous mode [ 204.029822][ T9246] device macvlan2 entered promiscuous mode [ 204.032041][ T9246] bridge0: port 2(macvlan2) entered blocking state [ 204.037239][ T9246] bridge0: port 2(macvlan2) entered disabled state [ 204.049652][ T9246] device bridge0 left promiscuous mode [ 204.052407][ T9235] syz.2.1979: attempt to access beyond end of device [ 204.052407][ T9235] loop2: rw=0, sector=57847, nr_sectors = 1 limit=8192 [ 204.071295][ T9235] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 204.073272][ T9235] FAT-fs (loop2): Filesystem has been set read-only [ 204.096439][ T9235] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 204.098776][ T9235] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1) [ 204.151924][ T9250] netlink: 'syz.0.1985': attribute type 10 has an invalid length. [ 204.448041][ T9263] 9pnet_fd: Insufficient options for proto=fd [ 204.794219][ T9273] loop4: detected capacity change from 0 to 1024 [ 204.834744][ T9273] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 204.859855][ T9280] netlink: 'syz.0.1997': attribute type 10 has an invalid length. [ 204.960776][ T27] kauditd_printk_skb: 10 callbacks suppressed [ 204.960791][ T27] audit: type=1326 audit(4299.932:2172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 204.966857][ T27] audit: type=1326 audit(4299.932:2173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 204.972596][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 204.977072][ T27] audit: type=1326 audit(4299.942:2174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 204.991958][ T27] audit: type=1326 audit(4299.942:2175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 205.015277][ T27] audit: type=1326 audit(4299.942:2176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 205.034830][ T27] audit: type=1326 audit(4299.942:2177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=11 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 205.048342][ T27] audit: type=1326 audit(4299.942:2178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 205.072132][ T27] audit: type=1326 audit(4299.942:2179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1999" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 205.284639][ T9293] lo speed is unknown, defaulting to 1000 [ 205.288789][ T9293] lo speed is unknown, defaulting to 1000 [ 205.360212][ T9297] loop2: detected capacity change from 0 to 512 [ 205.378792][ T9297] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 205.550644][ T9297] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6 [ 205.612738][ T27] audit: type=1326 audit(4300.582:2180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.2.2004" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 205.623258][ T27] audit: type=1326 audit(4300.592:2181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9296 comm="syz.2.2004" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 205.745085][ T9297] loop2: detected capacity change from 0 to 8192 [ 206.145827][ T9316] loop4: detected capacity change from 0 to 8192 [ 206.157645][ T9316] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 206.202778][ T9315] lo speed is unknown, defaulting to 1000 [ 206.204548][ T9315] lo speed is unknown, defaulting to 1000 [ 206.455407][ T9321] loop0: detected capacity change from 0 to 128 [ 206.568213][ T9325] loop3: detected capacity change from 0 to 256 [ 206.570213][ T9325] FAT-fs (loop3): Unrecognized mount option "18446744073709551615" or missing value [ 206.728048][ T9328] loop3: detected capacity change from 0 to 128 [ 206.826814][ T9329] syz.3.2016: attempt to access beyond end of device [ 206.826814][ T9329] loop3: rw=2049, sector=145, nr_sectors = 376 limit=128 [ 206.894834][ T9327] syz.3.2016: attempt to access beyond end of device [ 206.894834][ T9327] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128 [ 207.263701][ T9345] loop2: detected capacity change from 0 to 512 [ 207.355780][ T9348] loop4: detected capacity change from 0 to 8192 [ 207.374332][ T9348] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 207.386332][ T9345] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 207.388235][ T9345] ext4 filesystem being mounted at /459/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 207.391979][ T9345] EXT4-fs (loop2): unmounting filesystem. [ 207.997541][ T9371] device veth0_to_team entered promiscuous mode [ 208.361031][ T9386] loop1: detected capacity change from 0 to 8192 [ 208.373773][ T9386] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 209.102104][ T9410] netlink: 'syz.0.2050': attribute type 10 has an invalid length. [ 209.103941][ T9410] __nla_validate_parse: 2 callbacks suppressed [ 209.103953][ T9410] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2050'. [ 209.308282][ T9418] loop0: detected capacity change from 0 to 128 [ 209.352306][ T9422] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2056'. [ 209.774517][ T9440] netlink: 'syz.1.2064': attribute type 10 has an invalid length. [ 209.786357][ T9440] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2064'. [ 209.969136][ T9432] loop4: detected capacity change from 0 to 8192 [ 210.000916][ T9432] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 210.136648][ T9451] lo speed is unknown, defaulting to 1000 [ 210.145220][ T9451] lo speed is unknown, defaulting to 1000 [ 210.716263][ T9465] loop2: detected capacity change from 0 to 512 [ 210.757827][ T9465] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2074: inode #1: comm syz.2.2074: iget: illegal inode # [ 210.761340][ T9465] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2074: error while reading EA inode 1 err=-117 [ 210.776190][ T9465] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2074: inode #1: comm syz.2.2074: iget: illegal inode # [ 210.788972][ T9465] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2074: error while reading EA inode 1 err=-117 [ 210.820245][ T9465] EXT4-fs (loop2): 1 orphan inode deleted [ 210.821587][ T9465] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 210.985194][ T9470] netlink: 'syz.3.2076': attribute type 10 has an invalid length. [ 210.991597][ T9470] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2076'. [ 211.110712][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 211.421552][ T9485] loop1: detected capacity change from 0 to 128 [ 211.630109][ T9491] netlink: 'syz.3.2087': attribute type 10 has an invalid length. [ 211.631961][ T9491] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2087'. [ 211.749039][ T27] kauditd_printk_skb: 124 callbacks suppressed [ 211.749054][ T27] audit: type=1326 audit(2000000005.920:2306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 211.757366][ T27] audit: type=1326 audit(2000000005.930:2307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 211.783228][ T27] audit: type=1326 audit(2000000005.930:2308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=104 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 211.966554][ T27] audit: type=1326 audit(2000000006.140:2309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 211.974537][ T27] audit: type=1326 audit(2000000006.140:2310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9497 comm="syz.0.2089" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 212.548944][ T9522] loop3: detected capacity change from 0 to 8192 [ 212.612983][ T9522] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 213.198686][ T9562] netlink: 'syz.0.2117': attribute type 10 has an invalid length. [ 213.207718][ T9562] loop0: detected capacity change from 0 to 512 [ 213.220284][ T9562] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.2117: attempt to clear invalid blocks 1 len 1 [ 213.223985][ T9562] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2117: bg 0: block 343: padding at end of block bitmap is not set [ 213.228369][ T9562] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem [ 213.231654][ T9562] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2117: invalid indirect mapped block 1819239214 (level 0) [ 213.235249][ T9562] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.2117: invalid indirect mapped block 1819239214 (level 1) [ 213.240263][ T9562] EXT4-fs (loop0): 1 truncate cleaned up [ 213.241447][ T9562] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 213.288569][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 213.317213][ T9567] loop2: detected capacity change from 0 to 512 [ 213.509489][ T9576] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2123'. [ 213.904112][ T9598] loop4: detected capacity change from 0 to 512 [ 213.919589][ T9598] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 213.953420][ T9598] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 213.955605][ T9598] ext4 filesystem being mounted at /450/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 214.008337][ T9598] Process accounting resumed [ 214.055425][ T9598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2133'. [ 214.146702][ T9608] loop0: detected capacity change from 0 to 512 [ 214.430003][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 214.554285][ T9617] netlink: 'syz.4.2139': attribute type 10 has an invalid length. [ 214.562064][ T9617] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2139'. [ 214.641375][ T9621] loop0: detected capacity change from 0 to 128 [ 214.670988][ T9621] syz.0.2141: attempt to access beyond end of device [ 214.670988][ T9621] loop0: rw=2049, sector=145, nr_sectors = 3 limit=128 [ 214.727502][ T27] audit: type=1326 audit(2000000008.900:2311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.4.2142" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 214.739141][ T27] audit: type=1326 audit(2000000008.910:2312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.4.2142" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 214.750790][ T27] audit: type=1326 audit(2000000008.920:2313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.4.2142" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 214.775843][ T27] audit: type=1326 audit(2000000008.920:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.4.2142" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 214.799916][ T27] audit: type=1326 audit(2000000008.920:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9622 comm="syz.4.2142" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 215.080874][ T9646] netlink: 'syz.2.2152': attribute type 10 has an invalid length. [ 215.082466][ T9646] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2152'. [ 215.548553][ T9659] loop1: detected capacity change from 0 to 8192 [ 215.573932][ T9659] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.678017][ T9681] netlink: 'syz.3.2167': attribute type 10 has an invalid length. [ 215.687055][ T9681] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2167'. [ 215.962469][ T9694] netlink: 'syz.3.2173': attribute type 10 has an invalid length. [ 215.964234][ T9694] netlink: 'syz.3.2173': attribute type 19 has an invalid length. [ 215.995964][ T9694] netlink: 14536 bytes leftover after parsing attributes in process `syz.3.2173'. [ 216.267696][ T9708] loop0: detected capacity change from 0 to 512 [ 216.271341][ T9708] EXT4-fs: Ignoring removed i_version option [ 216.286863][ T9712] netlink: 'syz.3.2181': attribute type 10 has an invalid length. [ 216.288531][ T9712] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2181'. [ 216.294826][ T9708] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 216.297402][ T9708] ext4 filesystem being mounted at /399/wÅü5ÔTÕÔ)­`)YFæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038-01-19 (0x7fffffff) [ 216.427483][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 216.437029][ T9719] loop3: detected capacity change from 0 to 512 [ 216.460515][ T9719] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 216.800634][ T4301] EXT4-fs (loop3): unmounting filesystem. [ 216.888115][ T9742] netlink: 'syz.3.2193': attribute type 10 has an invalid length. [ 216.889799][ T9742] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2193'. [ 217.150493][ T27] kauditd_printk_skb: 16 callbacks suppressed [ 217.150507][ T27] audit: type=1326 audit(2000000011.320:2332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.161463][ T27] audit: type=1326 audit(2000000011.330:2333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.182535][ T27] audit: type=1326 audit(2000000011.340:2334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=261 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.202386][ T27] audit: type=1326 audit(2000000011.340:2335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.226020][ T9756] Falling back ldisc for ttyS3. [ 217.227070][ T27] audit: type=1326 audit(2000000011.340:2336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.246862][ T27] audit: type=1326 audit(2000000011.340:2337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.264737][ T27] audit: type=1326 audit(2000000011.340:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.283021][ T27] audit: type=1326 audit(2000000011.340:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.304914][ T27] audit: type=1326 audit(2000000011.340:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9753 comm="syz.0.2199" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 217.630519][ T27] audit: type=1326 audit(2000000011.800:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.2209" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 217.653355][ T9779] netlink: 'syz.1.2206': attribute type 10 has an invalid length. [ 217.655189][ T9779] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2206'. [ 218.294547][ T9825] netlink: 'syz.0.2222': attribute type 10 has an invalid length. [ 218.303773][ T9825] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2222'. [ 218.471707][ T9814] loop1: detected capacity change from 0 to 8192 [ 218.479644][ T9836] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2226'. [ 218.491116][ T9836] loop0: detected capacity change from 0 to 512 [ 218.520363][ T9836] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.2226: invalid indirect mapped block 256 (level 2) [ 218.524254][ T9814] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 218.538046][ T9836] EXT4-fs (loop0): 2 truncates cleaned up [ 218.539417][ T9836] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 218.686489][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 218.730018][ T9851] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2230'. [ 218.902724][ T9860] No such timeout policy "syz0" [ 219.163971][ T9866] netlink: 'syz.2.2236': attribute type 10 has an invalid length. [ 219.368241][ T9874] lo speed is unknown, defaulting to 1000 [ 219.369959][ T9874] lo speed is unknown, defaulting to 1000 [ 219.448386][ T9877] loop0: detected capacity change from 0 to 1024 [ 219.499528][ T9877] EXT4-fs (loop0): revision level too high, forcing read-only mode [ 219.501949][ T9877] EXT4-fs (loop0): orphan cleanup on readonly fs [ 219.525041][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 219.538389][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.564622][ T9877] EXT4-fs error (device loop0): ext4_dirty_inode:6089: inode #3: comm syz.0.2237: mark_inode_dirty error [ 219.604850][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.642065][ T9877] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.2237: Invalid block bitmap block 3 in block_group 0 [ 219.652110][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.653511][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 219.676001][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.677660][ T9877] EXT4-fs error (device loop0): ext4_dirty_inode:6089: inode #3: comm syz.0.2237: mark_inode_dirty error [ 219.696317][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.697843][ T9877] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 1: comm syz.0.2237: lblock 6 mapped to illegal pblock 1 (length 1) [ 219.706631][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.708267][ T9877] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 48: comm syz.0.2237: lblock 0 mapped to illegal pblock 48 (length 1) [ 219.722137][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.723592][ T9877] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.2237: Failed to acquire dquot type 0 [ 219.735099][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.737097][ T9877] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #3: block 49: comm syz.0.2237: lblock 1 mapped to illegal pblock 49 (length 1) [ 219.746033][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.775788][ T9877] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.2237: Failed to acquire dquot type 0 [ 219.786831][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.788269][ T9877] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5885: Corrupt filesystem [ 219.806474][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.808077][ T9877] EXT4-fs error (device loop0): ext4_evict_inode:279: inode #15: comm syz.0.2237: mark_inode_dirty error [ 219.835731][ T9877] EXT4-fs (loop0): Remounting filesystem read-only [ 219.842744][ T9877] EXT4-fs warning (device loop0): ext4_evict_inode:282: couldn't mark inode dirty (err -117) [ 219.844929][ T9877] EXT4-fs (loop0): 1 orphan inode deleted [ 219.861103][ T9877] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 219.989879][ T9874] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma? [ 220.045475][ T9877] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #2: block 16: comm syz.0.2237: lblock 0 mapped to illegal pblock 16 (length 1) [ 220.057383][ T9877] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #2: block 16: comm syz.0.2237: lblock 0 mapped to illegal pblock 16 (length 1) [ 220.193941][ T9896] netlink: 'syz.3.2248': attribute type 10 has an invalid length. [ 220.195944][ T9896] __nla_validate_parse: 2 callbacks suppressed [ 220.195955][ T9896] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2248'. [ 220.230862][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 220.580253][ T9910] loop0: detected capacity change from 0 to 2048 [ 220.634224][ T9910] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 220.725073][ T9913] loop2: detected capacity change from 0 to 512 [ 220.727192][ T9913] EXT4-fs: Ignoring removed bh option [ 220.730337][ T9913] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem [ 220.745010][ T9913] EXT4-fs (loop2): 1 truncate cleaned up [ 220.746380][ T9913] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 220.844001][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 221.082340][ T9923] loop3: detected capacity change from 0 to 8192 [ 221.124989][ T9923] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 221.417341][ T39] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters [ 221.426834][ T5860] hid-generic 0810:0008:FFFFFFF6.0002: item fetching failed at offset 0/4 [ 221.429538][ T5860] hid-generic: probe of 0810:0008:FFFFFFF6.0002 failed with error -22 [ 221.431733][ T39] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28 [ 221.434526][ T39] EXT4-fs (loop0): This should not happen!! Data will be lost [ 221.434526][ T39] [ 221.439745][ T39] EXT4-fs (loop0): Total free blocks count 0 [ 221.441171][ T39] EXT4-fs (loop0): Free/Dirty block details [ 221.442360][ T39] EXT4-fs (loop0): free_blocks=2415919104 [ 221.443603][ T39] EXT4-fs (loop0): dirty_blocks=3488 [ 221.444751][ T39] EXT4-fs (loop0): Block reservation details [ 221.476041][ T39] EXT4-fs (loop0): i_reserved_data_blocks=218 [ 221.480321][ T39] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2048 with error 28 [ 221.552044][ T9943] loop2: detected capacity change from 0 to 512 [ 221.571902][ T9943] EXT4-fs: Ignoring removed i_version option [ 221.573308][ T9943] EXT4-fs: Ignoring removed nobh option [ 221.582220][ T9943] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 221.605214][ T9943] EXT4-fs (loop2): 1 truncate cleaned up [ 221.607042][ T9943] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 221.714929][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 221.764913][ T9950] netlink: 'syz.4.2269': attribute type 10 has an invalid length. [ 221.766960][ T9950] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2269'. [ 221.867574][ T9954] netlink: 'syz.0.2281': attribute type 10 has an invalid length. [ 221.869428][ T9954] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2281'. [ 222.113836][ T9966] lo speed is unknown, defaulting to 1000 [ 222.115853][ T9966] lo speed is unknown, defaulting to 1000 [ 222.569205][ T9974] No such timeout policy "syz0" [ 222.806768][ T9986] netlink: 'syz.1.2285': attribute type 10 has an invalid length. [ 222.808634][ T9986] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2285'. [ 223.094155][T10000] IPv6: NLM_F_CREATE should be specified when creating new route [ 223.096463][T10000] IPv6: Can't replace route, no match found [ 223.132043][T10002] No such timeout policy "syz0" [ 223.253399][T10010] netlink: 'syz.1.2297': attribute type 10 has an invalid length. [ 223.255089][T10010] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2297'. [ 223.271822][ T27] kauditd_printk_skb: 143 callbacks suppressed [ 223.271837][ T27] audit: type=1326 audit(2000000017.440:2479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.281309][ T27] audit: type=1326 audit(2000000017.440:2480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.305211][ T27] audit: type=1326 audit(2000000017.450:2481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.328987][ T27] audit: type=1326 audit(2000000017.450:2482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.353218][T10014] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 223.355251][ T27] audit: type=1326 audit(2000000017.450:2483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.360950][T10014] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 223.373298][ T27] audit: type=1326 audit(2000000017.450:2484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.388447][ T27] audit: type=1326 audit(2000000017.450:2485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.393025][ T27] audit: type=1326 audit(2000000017.450:2486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.402797][ T27] audit: type=1326 audit(2000000017.450:2487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=17 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.407907][ T27] audit: type=1326 audit(2000000017.450:2488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10012 comm="syz.2.2299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 223.735981][T10018] loop0: detected capacity change from 0 to 8192 [ 223.782516][T10018] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 223.850961][T10028] lo speed is unknown, defaulting to 1000 [ 223.852596][T10028] lo speed is unknown, defaulting to 1000 [ 224.236477][T10034] loop1: detected capacity change from 0 to 2048 [ 224.259985][T10038] loop3: detected capacity change from 0 to 1024 [ 224.290162][T10038] EXT4-fs: Ignoring removed orlov option [ 224.296264][T10034] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 224.301769][T10038] EXT4-fs: Ignoring removed nomblk_io_submit option [ 224.355147][T10038] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE [ 224.361856][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 224.424141][T10038] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002] [ 224.440378][T10038] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 224.510248][T10051] netlink: 'syz.1.2310': attribute type 10 has an invalid length. [ 224.511952][T10051] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2310'. [ 224.688749][ T4301] EXT4-fs (loop3): unmounting filesystem. [ 224.854210][T10070] loop3: detected capacity change from 0 to 1024 [ 224.893495][T10070] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.2320: Failed to acquire dquot type 0 [ 224.910735][T10070] EXT4-fs error (device loop3): mb_free_blocks:1815: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt. [ 224.916716][T10070] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #13: comm syz.3.2320: corrupted inode contents [ 224.927406][T10070] EXT4-fs error (device loop3): ext4_dirty_inode:6089: inode #13: comm syz.3.2320: mark_inode_dirty error [ 224.933413][T10070] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #13: comm syz.3.2320: corrupted inode contents [ 224.959464][T10070] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #13: comm syz.3.2320: mark_inode_dirty error [ 224.978748][T10070] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #13: comm syz.3.2320: corrupted inode contents [ 225.019658][T10070] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem [ 225.044718][T10070] EXT4-fs error (device loop3): ext4_do_update_inode:5224: inode #13: comm syz.3.2320: corrupted inode contents [ 225.082460][T10070] EXT4-fs error (device loop3): ext4_truncate:4311: inode #13: comm syz.3.2320: mark_inode_dirty error [ 225.098048][T10070] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem [ 225.107976][T10070] EXT4-fs (loop3): 1 truncate cleaned up [ 225.109164][T10070] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 225.204917][ T4301] EXT4-fs (loop3): unmounting filesystem. [ 225.633264][T10100] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2334'. [ 225.674378][T10100] device veth0_macvtap left promiscuous mode [ 225.940653][T10103] loop4: detected capacity change from 0 to 8192 [ 225.947117][T10103] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 225.972717][T10101] lo speed is unknown, defaulting to 1000 [ 225.974646][T10101] lo speed is unknown, defaulting to 1000 [ 226.092478][T10107] netlink: 'syz.3.2336': attribute type 10 has an invalid length. [ 226.094155][T10107] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2336'. [ 226.190826][T10110] loop0: detected capacity change from 0 to 512 [ 226.192538][T10110] EXT4-fs: Ignoring removed nobh option [ 226.194205][T10110] ext4: Unknown parameter 'seclabel' [ 226.262450][ T5216] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 226.293318][T10110] loop0: detected capacity change from 0 to 2048 [ 226.357714][T10110] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 226.629075][ T4351] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 226.633112][ T4351] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 226.637491][T10130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 226.655523][T10130] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 226.922811][T10140] netlink: 'syz.2.2349': attribute type 10 has an invalid length. [ 226.924567][T10140] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2349'. [ 227.061119][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 227.103101][T10144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2351'. [ 227.546404][T10158] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2359'. [ 227.552038][T10162] netlink: 'syz.1.2360': attribute type 10 has an invalid length. [ 227.553715][T10162] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2360'. [ 227.658155][T10167] loop0: detected capacity change from 0 to 128 [ 227.715429][ T4328] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 227.721216][ T4328] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 227.724760][T10171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 227.728468][T10171] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 227.933740][T10177] loop1: detected capacity change from 0 to 8192 [ 227.956723][T10177] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 228.697162][T10201] netlink: 'syz.2.2375': attribute type 10 has an invalid length. [ 228.698999][T10201] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2375'. [ 228.754703][T10203] loop4: detected capacity change from 0 to 128 [ 229.258353][T10223] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2386'. [ 229.353262][T10229] netlink: 'syz.1.2389': attribute type 10 has an invalid length. [ 229.379542][T10229] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2389'. [ 229.383845][T10233] loop4: detected capacity change from 0 to 512 [ 229.431853][T10235] loop3: detected capacity change from 0 to 128 [ 229.462546][T10233] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.2391: iget: bad extended attribute block 1 [ 229.465625][T10233] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.2391: couldn't read orphan inode 15 (err -117) [ 229.477010][T10233] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 229.526671][T10233] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 229.587524][T10241] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2393'. [ 229.643184][ T4303] EXT4-fs (loop4): unmounting filesystem. [ 230.272325][T10276] loop1: detected capacity change from 0 to 128 [ 230.499220][T10274] IPVS: rr: UDP 224.0.0.2:0 - no destination available [ 230.547285][T10283] lo speed is unknown, defaulting to 1000 [ 230.566891][T10283] lo speed is unknown, defaulting to 1000 [ 230.635022][ T27] kauditd_printk_skb: 34 callbacks suppressed [ 230.635036][ T27] audit: type=1326 audit(2000000024.800:2521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10284 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 230.648984][ T27] audit: type=1326 audit(2000000024.810:2522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10284 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 230.675589][ T27] audit: type=1326 audit(2000000024.820:2523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10284 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 230.698894][ T27] audit: type=1326 audit(2000000024.820:2524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10284 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=267 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 230.703661][ T27] audit: type=1326 audit(2000000024.820:2525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10284 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4d53aa8 code=0x7ffc0000 [ 230.719792][ T27] audit: type=1326 audit(2000000024.820:2526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 230.739087][ T27] audit: type=1326 audit(2000000024.820:2527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 230.749205][ T27] audit: type=1326 audit(2000000024.830:2528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 230.753944][ T27] audit: type=1326 audit(2000000024.830:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 230.779484][ T27] audit: type=1326 audit(2000000024.830:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10285 comm="syz.0.2411" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 231.020125][T10301] smc: net device bond0 applied user defined pnetid SYZ0 [ 231.033881][T10304] __nla_validate_parse: 1 callbacks suppressed [ 231.033895][T10304] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2420'. [ 231.138990][T10310] loop2: detected capacity change from 0 to 512 [ 231.157307][T10306] infiniband syz2: set active [ 231.180929][T10306] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 231.182915][T10306] bridge0: port 3(bond0) entered disabled state [ 231.222683][T10306] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 231.224505][T10306] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 231.227361][T10310] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.2423: iget: bad extended attribute block 1 [ 231.230548][T10310] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2423: couldn't read orphan inode 15 (err -117) [ 231.236112][T10310] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 231.261207][T10306] device bridge_slave_0 left promiscuous mode [ 231.284871][T10306] bridge0: port 1(bridge_slave_0) entered disabled state [ 231.288199][T10310] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters [ 231.374824][ T4299] EXT4-fs (loop2): unmounting filesystem. [ 231.379887][T10306] device bridge_slave_1 left promiscuous mode [ 231.381438][T10306] bridge0: port 2(bridge_slave_1) entered disabled state [ 231.421526][T10306] bond0: (slave bond_slave_0): Releasing backup interface [ 231.456477][T10306] device bond_slave_0 left promiscuous mode [ 231.467835][T10306] bond0: (slave bond_slave_1): Releasing backup interface [ 231.527004][T10306] device bond_slave_1 left promiscuous mode [ 231.534269][T10306] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 231.542008][T10306] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 231.550470][T10306] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 231.552266][T10306] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 231.585749][ T5860] lo speed is unknown, defaulting to 1000 [ 231.911496][T10344] loop0: detected capacity change from 0 to 128 [ 231.921983][T10345] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2433'. [ 232.388295][ T4391] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 232.392739][ T4391] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 232.398163][T10361] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 232.401538][T10361] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 232.465225][T10367] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 232.488746][T10367] bridge0: port 3(bond0) entered disabled state [ 232.551983][T10367] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 232.553753][T10367] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 232.558763][T10367] device bridge_slave_0 left promiscuous mode [ 232.560349][T10367] bridge0: port 1(bridge_slave_0) entered disabled state [ 232.598452][T10367] device bridge_slave_1 left promiscuous mode [ 232.600049][T10367] bridge0: port 2(bridge_slave_1) entered disabled state [ 232.638232][T10367] bond0: (slave bond_slave_0): Releasing backup interface [ 232.686319][T10367] device bond_slave_0 left promiscuous mode [ 232.697600][T10367] bond0: (slave bond_slave_1): Releasing backup interface [ 232.739635][T10367] device bond_slave_1 left promiscuous mode [ 232.792752][T10367] team0: Port device team_slave_0 removed [ 232.847134][T10367] team0: Port device team_slave_1 removed [ 232.953990][ T11] tipc: Resetting bearer [ 233.050371][T10383] loop1: detected capacity change from 0 to 512 [ 233.072760][T10383] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 233.074896][T10383] ext4 filesystem being mounted at /449/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 233.103149][T10379] loop0: detected capacity change from 0 to 8192 [ 233.124413][T10379] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 233.220713][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 233.424158][T10400] loop4: detected capacity change from 0 to 128 [ 233.442541][T10403] netlink: 'syz.1.2461': attribute type 7 has an invalid length. [ 233.458495][T10403] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2461'. [ 233.568930][ T4391] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 233.572966][T10408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.574881][T10408] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.588370][ T4391] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 233.690779][T10413] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 233.693251][T10413] bridge0: port 1(bond0) entered disabled state [ 233.728636][T10413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 233.730351][T10413] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 233.765444][T10413] team0: Port device netdevsim0 removed [ 233.842737][T10421] loop3: detected capacity change from 0 to 512 [ 233.848261][ T11] tipc: Resetting bearer [ 233.855338][T10417] tun0: tun_chr_ioctl cmd 2147767520 [ 233.872887][T10421] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 233.875350][T10421] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 233.908991][T10421] EXT4-fs (loop3): shut down requested (0) [ 234.039096][T10431] tipc: Can't bind to reserved service type 0 [ 234.084866][ T4301] EXT4-fs (loop3): unmounting filesystem. [ 234.343528][T10444] loop1: detected capacity change from 0 to 4096 [ 234.392870][T10450] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2481'. [ 234.402253][T10444] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 234.470277][T10444] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #15: comm syz.1.2478: corrupted inode contents [ 234.492275][T10444] EXT4-fs error (device loop1): ext4_dirty_inode:6089: inode #15: comm syz.1.2478: mark_inode_dirty error [ 234.503139][T10444] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #15: comm syz.1.2478: corrupted inode contents [ 234.507025][T10444] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.2478: mark_inode_dirty error [ 234.513035][T10444] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #15: comm syz.1.2478: corrupted inode contents [ 234.523122][T10444] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #15: comm syz.1.2478: mark_inode_dirty error [ 234.529516][T10444] EXT4-fs error (device loop1): ext4_do_update_inode:5224: inode #15: comm syz.1.2478: corrupted inode contents [ 234.550688][T10444] EXT4-fs error (device loop1): ext4_truncate:4311: inode #15: comm syz.1.2478: mark_inode_dirty error [ 234.554040][T10444] EXT4-fs error (device loop1) in ext4_setattr:5628: Corrupt filesystem [ 234.607620][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 234.796113][ T6746] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 234.801836][ T6746] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 234.809648][T10466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 234.815329][T10466] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 234.872729][T10469] loop1: detected capacity change from 0 to 128 [ 235.283030][T10483] loop0: detected capacity change from 0 to 1024 [ 235.297482][T10483] EXT4-fs (loop0): INFO: recovery required on readonly filesystem [ 235.299377][T10483] EXT4-fs (loop0): write access will be enabled during recovery [ 235.303410][T10483] JBD2: no valid journal superblock found [ 235.309355][T10483] EXT4-fs (loop0): error loading journal [ 235.548779][T10496] infiniband syz2: set active [ 235.558841][T10496] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 235.561787][T10496] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 235.563569][T10496] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 235.595325][ T4328] lo speed is unknown, defaulting to 1000 [ 235.631202][T10498] rdma_rxe: rxe_register_device failed with error -23 [ 235.640847][T10498] rdma_rxe: failed to add veth0_to_bond [ 235.724793][ T27] kauditd_printk_skb: 11 callbacks suppressed [ 235.724816][ T27] audit: type=1326 audit(2000000029.890:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.733682][ T27] audit: type=1326 audit(2000000029.900:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.746208][ T27] audit: type=1326 audit(2000000029.910:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.805741][ T27] audit: type=1326 audit(2000000029.910:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.810498][ T27] audit: type=1326 audit(2000000029.910:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.844280][ T27] audit: type=1326 audit(2000000029.910:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.874576][ T27] audit: type=1326 audit(2000000029.910:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.899551][ T27] audit: type=1326 audit(2000000029.910:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.914220][ T27] audit: type=1326 audit(2000000029.910:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.934159][T10517] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 235.938646][ T27] audit: type=1326 audit(2000000029.910:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10502 comm="syz.0.2504" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 235.948191][T10517] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 236.096120][T10530] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2512'. [ 236.117635][T10528] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 236.119621][T10528] bridge0: port 1(bond0) entered disabled state [ 236.180137][T10528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 236.182159][T10528] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 236.192412][T10535] loop3: detected capacity change from 0 to 128 [ 236.311754][T10528] team0: Port device vlan0 removed [ 236.373613][ T462] tipc: Resetting bearer [ 237.038504][T10584] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2525'. [ 237.255628][T10596] tipc: Enabled bearer , priority 10 [ 237.339336][T10598] loop3: detected capacity change from 0 to 764 [ 237.360953][T10598] Symlink component flag not implemented [ 237.362562][T10598] Symlink component flag not implemented [ 237.364139][T10598] Symlink component flag not implemented (129) [ 237.365978][T10598] Symlink component flag not implemented (6) [ 237.499063][T10613] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2538'. [ 237.912938][T10624] loop2: detected capacity change from 0 to 2048 [ 238.201975][T10624] EXT4-fs (loop2): failed to initialize system zone (-117) [ 238.204361][T10624] EXT4-fs (loop2): mount failed [ 238.565772][T10618] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.714325][ T4328] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 238.718740][ T4328] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 238.726667][T10618] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.770017][T10644] loop3: detected capacity change from 0 to 512 [ 238.826972][T10644] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002] [ 238.828741][T10644] System zones: 0-2, 18-18, 34-34 [ 238.831772][T10644] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.2549: bg 0: block 248: padding at end of block bitmap is not set [ 238.841660][T10644] EXT4-fs error (device loop3): ext4_acquire_dquot:6794: comm syz.3.2549: Failed to acquire dquot type 1 [ 238.850084][T10644] EXT4-fs (loop3): 1 truncate cleaned up [ 238.851420][T10644] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 238.854042][T10644] ext4 filesystem being mounted at /477/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 238.888241][T10618] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 238.905565][ T4301] EXT4-fs (loop3): unmounting filesystem. [ 239.031548][T10618] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 239.063427][T10660] netlink: 'syz.1.2555': attribute type 10 has an invalid length. [ 239.208086][T10618] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.219781][T10618] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.231666][T10618] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.247777][T10670] tipc: Enabling of bearer rejected, failed to enable media [ 239.255744][T10618] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 239.384081][T10679] loop1: detected capacity change from 0 to 512 [ 239.391540][T10679] journal_path: Lookup failure for './bus' [ 239.393996][T10679] EXT4-fs: error: could not find journal device path [ 239.427239][ T5216] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 239.654674][T10696] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 239.659828][T10696] tipc: Resetting bearer [ 239.667089][T10696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 239.671554][T10696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 239.717039][T10697] tipc: Enabled bearer , priority 10 [ 239.964747][ T47] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 239.969551][ T47] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 239.992272][ T47] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 239.997275][ T47] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 240.000586][ T47] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 240.002438][ T47] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 240.068991][T10706] lo speed is unknown, defaulting to 1000 [ 240.081257][T10706] lo speed is unknown, defaulting to 1000 [ 240.198051][T10722] netem: change failed [ 240.347823][T10726] infiniband syz2: set active [ 240.351984][T10726] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 240.354996][T10726] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 240.356691][T10726] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 240.391198][ T5860] lo speed is unknown, defaulting to 1000 [ 240.595200][T10746] tmpfs: Bad value for 'mpol' [ 240.633519][ T27] kauditd_printk_skb: 17 callbacks suppressed [ 240.633532][ T27] audit: type=1326 audit(2000000802.945:2567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.652130][ T27] audit: type=1326 audit(2000000802.966:2568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.708685][ T27] audit: type=1326 audit(2000000802.998:2569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.722162][ T27] audit: type=1326 audit(2000000802.998:2570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.727171][ T27] audit: type=1326 audit(2000000802.998:2571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.758714][ T27] audit: type=1326 audit(2000000802.998:2572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.763810][ T27] audit: type=1326 audit(2000000802.998:2573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.773465][T10706] chnl_net:caif_netlink_parms(): no params data found [ 240.787923][ T27] audit: type=1326 audit(2000000802.998:2574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.865540][ T27] audit: type=1326 audit(2000000802.998:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 240.870710][ T27] audit: type=1326 audit(2000000802.998:2576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10747 comm="syz.0.2597" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 241.308213][T10768] loop1: detected capacity change from 0 to 2048 [ 241.640291][T10768] EXT4-fs (loop1): failed to initialize system zone (-117) [ 241.642487][T10768] EXT4-fs (loop1): mount failed [ 241.773642][T10766] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 241.776364][T10766] tipc: Resetting bearer [ 241.778315][T10766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 241.780275][T10766] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 241.867866][T10706] bridge0: port 1(bridge_slave_0) entered blocking state [ 241.881487][T10706] bridge0: port 1(bridge_slave_0) entered disabled state [ 241.889750][T10706] device bridge_slave_0 entered promiscuous mode [ 241.907335][T10706] bridge0: port 2(bridge_slave_1) entered blocking state [ 241.908786][T10706] bridge0: port 2(bridge_slave_1) entered disabled state [ 241.930110][T10706] device bridge_slave_1 entered promiscuous mode [ 241.960170][ T47] Bluetooth: hci5: command 0x0409 tx timeout [ 242.008378][T10706] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 242.014384][T10706] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 242.132031][T10706] team0: Port device team_slave_0 added [ 242.142543][T10706] team0: Port device team_slave_1 added [ 242.233966][T10789] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2613'. [ 242.812973][ T4624] tipc: Left network mode [ 242.814598][T10796] smc: net device bond0 erased user defined pnetid SYZ0 [ 242.817587][T10706] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 242.819166][T10706] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.824848][T10706] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 242.843929][T10706] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 242.852341][T10706] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 242.890857][T10706] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 243.151298][T10706] device hsr_slave_0 entered promiscuous mode [ 243.153635][T10817] loop1: detected capacity change from 0 to 2048 [ 243.178572][T10706] device hsr_slave_1 entered promiscuous mode [ 243.483837][T10821] loop3: detected capacity change from 0 to 2048 [ 243.831858][T10821] EXT4-fs (loop3): failed to initialize system zone (-117) [ 243.833962][T10821] EXT4-fs (loop3): mount failed [ 243.939754][ T47] Bluetooth: hci5: command 0x041b tx timeout [ 243.978265][T10817] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 244.293121][ T4295] EXT4-fs (loop1): unmounting filesystem. [ 244.410517][T10840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2625'. [ 244.799541][T10864] loop4: detected capacity change from 0 to 164 [ 245.133466][T10881] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2641'. [ 245.430977][T10894] tipc: Enabling of bearer rejected, failed to enable media [ 245.452997][T10706] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 245.524486][T10706] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 245.570671][T10706] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 245.633773][T10910] netlink: 'syz.1.2652': attribute type 15 has an invalid length. [ 245.638404][T10706] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 245.699074][T10912] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2653'. [ 245.920801][ T47] Bluetooth: hci5: command 0x040f tx timeout [ 246.224595][T10706] 8021q: adding VLAN 0 to HW filter on device bond0 [ 246.240193][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 246.242511][ T4340] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 246.264106][T10706] 8021q: adding VLAN 0 to HW filter on device team0 [ 246.289745][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 246.295250][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 246.298480][ T4615] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.300179][ T4615] bridge0: port 1(bridge_slave_0) entered forwarding state [ 246.304907][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 246.343511][ T4624] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 246.345173][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2665'. [ 246.350478][ T4624] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 246.357189][T10942] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2665'. [ 246.361185][ T4624] bridge0: port 3(bond0) entered disabled state [ 246.382387][ T4624] device bridge_slave_1 left promiscuous mode [ 246.383765][ T4624] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.444514][ T4624] device bridge_slave_0 left promiscuous mode [ 246.446418][ T4624] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.521043][ T27] kauditd_printk_skb: 32 callbacks suppressed [ 246.521058][ T27] audit: type=1326 audit(2000002345.125:2609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.528527][ T27] audit: type=1326 audit(2000002345.135:2610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.546376][ T27] audit: type=1326 audit(2000002345.135:2611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.561155][ T27] audit: type=1326 audit(2000002345.135:2612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff84b53adc code=0x7ffc0000 [ 246.579983][ T27] audit: type=1326 audit(2000002345.135:2613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff84b53adc code=0x7ffc0000 [ 246.591379][ T27] audit: type=1326 audit(2000002345.146:2614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.601911][ T27] audit: type=1326 audit(2000002345.146:2615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.612852][ T27] audit: type=1326 audit(2000002345.146:2616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=427 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.623835][ T27] audit: type=1326 audit(2000002345.146:2617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 246.637751][ T27] audit: type=1326 audit(2000002345.146:2618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10949 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 247.902088][ T4306] Bluetooth: hci5: command 0x0419 tx timeout [ 248.283682][ T2060] ieee802154 phy0 wpan0: encryption failed: -22 [ 248.285200][ T2060] ieee802154 phy1 wpan1: encryption failed: -22 [ 248.789300][ T4624] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 248.825979][ T4624] device bond_slave_1 left promiscuous mode [ 248.979049][ T4624] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 249.017384][ T4624] device bond_slave_0 left promiscuous mode [ 250.753479][ T4624] bond0 (unregistering): Released all slaves [ 251.025572][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 251.027945][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 251.037052][ T4615] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.038781][ T4615] bridge0: port 2(bridge_slave_1) entered forwarding state [ 251.043426][T10941] tipc: Enabled bearer , priority 10 [ 251.048796][T10953] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2668'. [ 251.124173][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 251.219687][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 251.229561][T10973] loop1: detected capacity change from 0 to 8192 [ 251.245060][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 251.248046][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 251.263335][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 251.265803][T10973] loop1: p1 p2 < > p3 p4 < p5 > [ 251.267166][T10973] loop1: p1 size 108986237 extends beyond EOD, truncated [ 251.271711][T10973] loop1: p3 size 131072 extends beyond EOD, truncated [ 251.281335][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 251.282314][T10973] loop1: p5 size 108986237 extends beyond EOD, truncated [ 251.289165][ T4615] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 251.304233][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 251.306690][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 251.316178][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 251.365569][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 251.370799][T10706] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 251.474781][T10990] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2676'. [ 251.598385][ T27] audit: type=1326 audit(2000002350.448:2619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.598430][ T27] audit: type=1326 audit(2000002350.448:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.605853][ T27] audit: type=1326 audit(2000002350.458:2621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.606179][ T27] audit: type=1326 audit(2000002350.458:2622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.606272][ T27] audit: type=1326 audit(2000002350.458:2623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.617846][ T27] audit: type=1326 audit(2000002350.479:2624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.618361][ T27] audit: type=1326 audit(2000002350.479:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.618399][ T27] audit: type=1326 audit(2000002350.479:2626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.618920][ T27] audit: type=1326 audit(2000002350.479:2627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 251.619009][ T27] audit: type=1326 audit(2000002350.479:2628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10999 comm="syz.0.2681" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff84b53aa8 code=0x7ffc0000 [ 263.528969][ T462] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 263.530760][ T462] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 263.535595][T11028] tipc: Enabling of bearer rejected, already enabled [ 263.542136][T11055] lo speed is unknown, defaulting to 1000 [ 263.548007][T10706] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 263.574046][T10706] device veth0_vlan entered promiscuous mode [ 263.580187][T10706] device veth1_vlan entered promiscuous mode [ 263.636386][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 263.638785][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 263.641064][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 263.644405][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 263.658018][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 263.663752][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 263.675460][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 263.833602][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 263.838549][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 263.845622][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 263.860560][T10706] device veth0_macvtap entered promiscuous mode [ 263.886905][T10706] device veth1_macvtap entered promiscuous mode [ 263.962794][T10706] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 263.972610][T10706] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 263.974366][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 263.979877][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 263.982015][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 263.990345][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 264.009253][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 264.011819][ T4617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 264.016317][T10706] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.018794][T10706] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.020563][T10706] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.022387][T10706] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 264.069705][T11086] tipc: Enabled bearer , priority 10 [ 264.195833][T11093] loop0: detected capacity change from 0 to 2048 [ 264.207329][ T462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.210943][ T462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.226781][ T4611] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 264.271232][ T462] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 264.293169][ T462] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 264.303318][T11093] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 264.317124][ T462] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 264.368613][T11093] EXT4-fs error (device loop0): ext4_ext_precache:627: inode #2: comm syz.0.2703: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5) [ 264.468686][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 264.584724][T11109] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2709'. [ 264.836543][T11119] lo speed is unknown, defaulting to 1000 [ 265.184241][ T27] kauditd_printk_skb: 4 callbacks suppressed [ 265.184254][ T27] audit: type=1326 audit(2000003900.724:2633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.196401][ T27] audit: type=1326 audit(2000003900.734:2634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.245350][ T27] audit: type=1326 audit(2000003900.734:2635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.271491][ T27] audit: type=1326 audit(2000003900.755:2636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.278480][ T27] audit: type=1326 audit(2000003900.755:2637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.283790][ T27] audit: type=1326 audit(2000003900.755:2638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=431 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.290038][ T27] audit: type=1326 audit(2000003900.766:2639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.296095][ T27] audit: type=1326 audit(2000003900.766:2640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=432 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.300653][ T27] audit: type=1326 audit(2000003900.787:2641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11125 comm="syz.4.2715" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1f53aa8 code=0x7ffc0000 [ 265.330953][T11134] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2719'. [ 265.441987][T11134] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2719'. [ 265.639484][T11149] netlink: 'syz.0.2725': attribute type 1 has an invalid length. [ 265.641408][T11149] netlink: 'syz.0.2725': attribute type 2 has an invalid length. [ 265.643316][T11149] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2725'. [ 265.664317][T11134] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2719'. [ 265.940123][T11167] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2732'. [ 266.280862][T11172] lo speed is unknown, defaulting to 1000 [ 266.927289][ T27] audit: type=1326 audit(2000004158.555:2642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11215 comm="syz.3.2756" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 277.604264][T11242] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2767'. [ 277.819591][ T5860] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 277.822409][ T5860] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 278.054416][T11266] netlink: 'syz.2.2778': attribute type 1 has an invalid length. [ 278.150988][T11272] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2781'. [ 278.306390][ T5860] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0 [ 278.308743][ T5860] hid-generic 0000:0000:0000.000A: hidraw0: HID v0.00 Device [syz1] on syz0 [ 278.717821][T11307] netlink: 'syz.4.2794': attribute type 1 has an invalid length. [ 278.753761][T11311] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2796'. [ 279.873302][ T4342] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0 [ 279.877906][ T4342] hid-generic 0000:0000:0000.000B: hidraw0: HID v0.00 Device [syz1] on syz0 [ 279.899008][T11338] loop0: detected capacity change from 0 to 512 [ 279.901770][T11338] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 279.927772][T11338] EXT4-fs (loop0): orphan cleanup on readonly fs [ 279.931562][T11338] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2802: bg 0: block 248: padding at end of block bitmap is not set [ 279.944899][T11338] __quota_error: 4 callbacks suppressed [ 279.944914][T11338] Quota error (device loop0): write_blk: dquota write failed [ 279.947921][T11338] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota [ 279.950049][T11338] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.2802: Failed to acquire dquot type 1 [ 279.957155][T11338] EXT4-fs (loop0): 1 truncate cleaned up [ 279.961692][T11338] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 279.994292][T11332] lo speed is unknown, defaulting to 1000 [ 280.284630][T11349] sch_tbf: peakrate 8 is lower than or equals to rate 12 ! [ 280.643350][ T4302] EXT4-fs (loop0): unmounting filesystem. [ 280.779153][T11369] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2809'. [ 280.787671][T11375] netlink: 'syz.0.2810': attribute type 1 has an invalid length. [ 281.337215][ T4306] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 281.345187][ T4306] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 281.348042][ T4306] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 281.351127][ T4306] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 281.353244][ T4306] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 281.355792][ T4306] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 281.652129][ T27] audit: type=1326 audit(2000004174.008:2647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11419 comm="syz.3.2820" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 281.670546][ T27] audit: type=1326 audit(2000004174.029:2648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11419 comm="syz.3.2820" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=60 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 281.679538][ T27] audit: type=1326 audit(2000004174.029:2649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11419 comm="syz.3.2820" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 281.825530][T11422] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2821'. [ 281.827623][T11431] netlink: 'syz.1.2824': attribute type 1 has an invalid length. [ 281.975632][ T4351] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0 [ 281.993365][ T4351] hid-generic 0000:0000:0000.000C: hidraw0: HID v0.00 Device [syz1] on syz0 [ 282.053927][ T4615] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.096642][T11391] lo speed is unknown, defaulting to 1000 [ 282.206616][ T27] audit: type=1326 audit(2000004174.596:2650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11459 comm="syz.3.2833" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 282.228737][ T27] audit: type=1326 audit(2000004174.607:2651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11459 comm="syz.3.2833" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 282.239051][ T27] audit: type=1326 audit(2000004174.628:2652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11459 comm="syz.3.2833" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 282.242113][ T4615] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.252301][ T27] audit: type=1326 audit(2000004174.628:2653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11459 comm="syz.3.2833" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 282.259056][ T27] audit: type=1326 audit(2000004174.628:2654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11459 comm="syz.3.2833" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1553aa8 code=0x7ffc0000 [ 282.451763][ T4615] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.478064][T11468] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2836'. [ 282.665576][ T5860] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0 [ 282.669535][ T5860] hid-generic 0000:0000:0000.000D: hidraw0: HID v0.00 Device [syz1] on syz0 [ 282.670695][ T4615] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 282.693782][T11483] netlink: 'syz.0.2840': attribute type 1 has an invalid length. [ 282.899306][T11391] chnl_net:caif_netlink_parms(): no params data found [ 283.186306][ T4615] tipc: Disabling bearer [ 283.228768][ T4615] tipc: Disabling bearer [ 283.248525][ T4615] tipc: Left network mode [ 283.345787][T11391] bridge0: port 1(bridge_slave_0) entered blocking state [ 283.347426][T11391] bridge0: port 1(bridge_slave_0) entered disabled state [ 283.349874][T11391] device bridge_slave_0 entered promiscuous mode [ 283.354613][ T6746] ================================================================== [ 283.356361][ T6746] BUG: KASAN: use-after-free in cleanup_bearer+0x1b0/0x294 [ 283.357949][ T6746] Read of size 8 at addr ffff0000cf3b8c18 by task kworker/0:9/6746 [ 283.359549][ T6746] [ 283.360003][ T6746] CPU: 0 PID: 6746 Comm: kworker/0:9 Tainted: G W 6.1.120-syzkaller #0 [ 283.362077][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 283.364256][ T6746] Workqueue: events cleanup_bearer [ 283.365296][ T6746] Call trace: [ 283.365980][ T6746] dump_backtrace+0x1c8/0x1f4 [ 283.367029][ T6746] show_stack+0x2c/0x3c [ 283.367908][ T6746] dump_stack_lvl+0x108/0x170 [ 283.368947][ T6746] print_report+0x174/0x4c0 [ 283.369904][ T6746] kasan_report+0xd4/0x130 [ 283.370869][ T6746] __asan_report_load8_noabort+0x2c/0x38 [ 283.372085][ T6746] cleanup_bearer+0x1b0/0x294 [ 283.373090][ T6746] process_one_work+0x7ac/0x1404 [ 283.374109][ T6746] worker_thread+0x8e4/0xfec [ 283.375098][ T6746] kthread+0x250/0x2d8 [ 283.375991][ T6746] ret_from_fork+0x10/0x20 [ 283.376908][ T6746] [ 283.377441][ T6746] Allocated by task 10941: [ 283.378402][ T6746] kasan_set_track+0x4c/0x80 [ 283.379398][ T6746] kasan_save_alloc_info+0x24/0x30 [ 283.380481][ T6746] __kasan_slab_alloc+0x74/0x8c [ 283.381435][ T6746] slab_post_alloc_hook+0x74/0x458 [ 283.382497][ T6746] kmem_cache_alloc_lru+0x1ac/0x2f8 [ 283.383633][ T6746] sock_alloc_inode+0x2c/0xcc [ 283.384672][ T6746] new_inode_pseudo+0x68/0x1d0 [ 283.385684][ T6746] __sock_create+0x134/0x8a0 [ 283.386668][ T6746] sock_create_kern+0x4c/0x64 [ 283.387676][ T6746] udp_sock_create6+0xdc/0x758 [ 283.388776][ T6746] udp_sock_create+0x7c/0xc0 [ 283.389796][ T6746] tipc_udp_enable+0xb74/0x12c4 [ 283.390289][ T4342] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0 [ 283.390864][ T6746] __tipc_nl_bearer_enable+0x97c/0xfe8 [ 283.393312][ T4342] hid-generic 0000:0000:0000.000E: hidraw0: HID v0.00 Device [syz1] on syz0 [ 283.393654][ T6746] tipc_nl_bearer_enable+0x2c/0x48 [ 283.396697][ T6746] genl_rcv_msg+0x948/0xc2c [ 283.397758][ T6746] netlink_rcv_skb+0x20c/0x3b8 [ 283.398848][ T6746] genl_rcv+0x38/0x50 [ 283.399666][ T6746] netlink_unicast+0x65c/0x898 [ 283.400770][ T6746] netlink_sendmsg+0x834/0xb18 [ 283.401804][ T6746] ____sys_sendmsg+0x55c/0x848 [ 283.402831][ T6746] __sys_sendmsg+0x26c/0x33c [ 283.403759][ T6746] __arm64_sys_sendmsg+0x80/0x94 [ 283.404863][ T6746] invoke_syscall+0x98/0x2bc [ 283.405867][ T6746] el0_svc_common+0x138/0x258 [ 283.406871][ T6746] do_el0_svc+0x58/0x13c [ 283.407815][ T6746] el0_svc+0x58/0x168 [ 283.408706][ T6746] el0t_64_sync_handler+0x84/0xf0 [ 283.409815][ T6746] el0t_64_sync+0x18c/0x190 [ 283.410791][ T6746] [ 283.411299][ T6746] Freed by task 4302: [ 283.412153][ T6746] kasan_set_track+0x4c/0x80 [ 283.413173][ T6746] kasan_save_free_info+0x38/0x5c [ 283.414307][ T6746] ____kasan_slab_free+0x144/0x1c0 [ 283.415432][ T6746] __kasan_slab_free+0x18/0x28 [ 283.416502][ T6746] kmem_cache_free+0x2f0/0x588 [ 283.417481][ T6746] sock_free_inode+0x28/0x38 [ 283.418446][ T6746] i_callback+0x50/0x78 [ 283.419390][ T6746] rcu_core+0x880/0x1c48 [ 283.420253][ T6746] rcu_core_si+0x10/0x1c [ 283.421263][ T6746] handle_softirqs+0x318/0xd58 [ 283.422350][ T6746] __do_softirq+0x14/0x20 [ 283.423314][ T6746] [ 283.423864][ T6746] Last potentially related work creation: [ 283.425072][ T6746] kasan_save_stack+0x40/0x70 [ 283.426175][ T6746] __kasan_record_aux_stack+0xcc/0xe8 [ 283.427380][ T6746] kasan_record_aux_stack_noalloc+0x14/0x20 [ 283.428714][ T6746] call_rcu+0xfc/0xa40 [ 283.429560][ T6746] evict+0x7ac/0x894 [ 283.430421][ T6746] iput+0x7c0/0x8a4 [ 283.431283][ T6746] sock_release+0x110/0x140 [ 283.432336][ T6746] udp_tunnel_sock_release+0x74/0x88 [ 283.433454][ T6746] cleanup_bearer+0x180/0x294 [ 283.434492][ T6746] process_one_work+0x7ac/0x1404 [ 283.435596][ T6746] worker_thread+0x8e4/0xfec [ 283.436653][ T6746] kthread+0x250/0x2d8 [ 283.437546][ T6746] ret_from_fork+0x10/0x20 [ 283.438486][ T6746] [ 283.439019][ T6746] Second to last potentially related work creation: [ 283.440469][ T6746] kasan_save_stack+0x40/0x70 [ 283.441509][ T6746] __kasan_record_aux_stack+0xcc/0xe8 [ 283.442652][ T6746] kasan_record_aux_stack_noalloc+0x14/0x20 [ 283.443885][ T6746] call_rcu+0xfc/0xa40 [ 283.444829][ T6746] evict+0x7ac/0x894 [ 283.445741][ T6746] iput+0x7c0/0x8a4 [ 283.446622][ T6746] dentry_unlink_inode+0x37c/0x4bc [ 283.447768][ T6746] __dentry_kill+0x324/0x5e4 [ 283.448703][ T6746] dentry_kill+0xc8/0x250 [ 283.449698][ T6746] dput+0x218/0x454 [ 283.450550][ T6746] __fput+0x488/0x7c8 [ 283.451439][ T6746] ____fput+0x20/0x30 [ 283.452293][ T6746] task_work_run+0x240/0x2f0 [ 283.453239][ T6746] do_notify_resume+0x2080/0x2cb8 [ 283.454363][ T6746] el0_svc+0x9c/0x168 [ 283.455287][ T6746] el0t_64_sync_handler+0x84/0xf0 [ 283.456392][ T6746] el0t_64_sync+0x18c/0x190 [ 283.457409][ T6746] [ 283.457880][ T6746] The buggy address belongs to the object at ffff0000cf3b8c00 [ 283.457880][ T6746] which belongs to the cache sock_inode_cache of size 1408 [ 283.461071][ T6746] The buggy address is located 24 bytes inside of [ 283.461071][ T6746] 1408-byte region [ffff0000cf3b8c00, ffff0000cf3b9180) [ 283.464141][ T6746] [ 283.464706][ T6746] The buggy address belongs to the physical page: [ 283.466026][ T6746] page:0000000053c93456 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10f3b8 [ 283.468248][ T6746] head:0000000053c93456 order:3 compound_mapcount:0 compound_pincount:0 [ 283.470141][ T6746] memcg:ffff0000d4140201 [ 283.471047][ T6746] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff) [ 283.472724][ T6746] raw: 05ffc00000010200 dead000000000100 dead000000000122 ffff0000c0b6e900 [ 283.474663][ T6746] raw: 0000000000000000 0000000080150015 00000001ffffffff ffff0000d4140201 [ 283.476522][ T6746] page dumped because: kasan: bad access detected [ 283.477820][ T6746] [ 283.478349][ T6746] Memory state around the buggy address: [ 283.479661][ T6746] ffff0000cf3b8b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 283.481540][ T6746] ffff0000cf3b8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 283.483187][ T6746] >ffff0000cf3b8c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 283.484841][ T6746] ^ [ 283.485923][ T6746] ffff0000cf3b8c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 283.487726][ T6746] ffff0000cf3b8d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 283.489538][ T6746] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 283.515491][ T6746] Disabling lock debugging due to kernel taint [ 283.517084][ T6746] Unable to handle kernel paging request at virtual address dfff800000000006 [ 283.519097][ T6746] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037] [ 283.521019][ T6746] Mem abort info: [ 283.521804][ T6746] ESR = 0x0000000096000006 [ 283.522828][ T6746] EC = 0x25: DABT (current EL), IL = 32 bits [ 283.524332][T11540] netlink: 'syz.2.2854': attribute type 1 has an invalid length. [ 283.526145][ T6746] SET = 0, FnV = 0 [ 283.527042][ T6746] EA = 0, S1PTW = 0 [ 283.527951][ T6746] FSC = 0x06: level 2 translation fault [ 283.529336][ T6746] Data abort info: [ 283.530190][ T6746] ISV = 0, ISS = 0x00000006 [ 283.531306][ T6746] CM = 0, WnR = 0 [ 283.532209][ T6746] [dfff800000000006] address between user and kernel address ranges [ 283.534066][ T6746] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP [ 283.535704][ T6746] Modules linked in: [ 283.536549][ T6746] CPU: 0 PID: 6746 Comm: kworker/0:9 Tainted: G B W 6.1.120-syzkaller #0 [ 283.538627][ T6746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 283.540750][ T6746] Workqueue: events cleanup_bearer [ 283.541851][ T6746] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 283.543626][ T6746] pc : cleanup_bearer+0x1bc/0x294 [ 283.544790][ T6746] lr : cleanup_bearer+0x1b0/0x294 [ 283.545884][ T6746] sp : ffff800021777b00 [ 283.546743][ T6746] x29: ffff800021777b00 x28: ffff0001b3cf9800 x27: ffff0000db040a18 [ 283.548556][ T6746] x26: ffff0000c9297218 x25: 1fffe00019252e43 x24: dfff800000000000 [ 283.550375][ T6746] x23: ffff0001b3cf4980 x22: ffff800015a7d360 x21: 1fffe0001b608141 [ 283.552261][ T6746] x20: 0000000000000030 x19: ffff0000db040a18 x18: 1fffe0003679c376 [ 283.553879][ T6746] x17: ffff800015a7d000 x16: ffff800012327634 x15: ffff0001b3ce1bbc [ 283.555741][ T6746] x14: ffff0001b3ce1bb8 x13: 1fffe0003679c376 x12: 0000000000000001 [ 283.557646][ T6746] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 0000000000000000 [ 283.559512][ T6746] x8 : 0000000000000006 x7 : 1fffe0003679c377 x6 : ffff800008278b0c [ 283.561273][ T6746] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000081a9738 [ 283.562933][ T6746] x2 : 0000000000000001 x1 : 0000000000000000 x0 : 0000000000000001 [ 283.564651][ T6746] Call trace: [ 283.565378][ T6746] cleanup_bearer+0x1bc/0x294 [ 283.566326][ T6746] process_one_work+0x7ac/0x1404 [ 283.567426][ T6746] worker_thread+0x8e4/0xfec [ 283.568399][ T6746] kthread+0x250/0x2d8 [ 283.568668][T11391] bridge0: port 2(bridge_slave_1) entered blocking state [ 283.569280][ T6746] ret_from_fork+0x10/0x20 [ 283.571607][ T6746] Code: 97839264 f9400288 9100c114 d343fe88 (38786908) [ 283.573198][ T6746] ---[ end trace 0000000000000000 ]--- [ 283.600268][T11391] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.611649][T11391] device bridge_slave_1 entered promiscuous mode [ 284.108014][ T6746] Kernel panic - not syncing: Oops: Fatal exception [ 284.109860][ T6746] SMP: stopping secondary CPUs [ 284.110994][ T6746] Kernel Offset: disabled [ 284.112030][ T6746] CPU features: 0x080000,02070084,26017203 [ 284.113407][ T6746] Memory Limit: none [ 284.667614][ T6746] Rebooting in 86400 seconds..